@protontech/openpgp 6.2.2 → 6.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/dist/lightweight/argon2id.min.mjs +1 -1
  2. package/dist/lightweight/argon2id.mjs +1 -1
  3. package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
  4. package/dist/lightweight/legacy_ciphers.min.mjs.map +1 -1
  5. package/dist/lightweight/legacy_ciphers.mjs +1418 -1586
  6. package/dist/lightweight/nacl-fast.min.mjs +1 -1
  7. package/dist/lightweight/nacl-fast.mjs +1 -1
  8. package/dist/lightweight/noble_curves.min.mjs +7 -7
  9. package/dist/lightweight/noble_curves.min.mjs.map +1 -1
  10. package/dist/lightweight/noble_curves.mjs +15 -16
  11. package/dist/lightweight/noble_hashes.min.mjs +1 -1
  12. package/dist/lightweight/noble_hashes.min.mjs.map +1 -1
  13. package/dist/lightweight/noble_hashes.mjs +12 -15
  14. package/dist/lightweight/noble_post_quantum.min.mjs +1 -1
  15. package/dist/lightweight/noble_post_quantum.mjs +1 -1
  16. package/dist/lightweight/openpgp.min.mjs +3 -3
  17. package/dist/lightweight/openpgp.min.mjs.map +1 -1
  18. package/dist/lightweight/openpgp.mjs +12799 -13575
  19. package/dist/lightweight/sha512.min.mjs +1 -1
  20. package/dist/lightweight/sha512.mjs +1 -1
  21. package/dist/lightweight/unbzip2-stream.min.mjs +3 -0
  22. package/dist/lightweight/unbzip2-stream.min.mjs.map +1 -0
  23. package/dist/lightweight/unbzip2-stream.mjs +570 -0
  24. package/dist/node/openpgp.cjs +14794 -16070
  25. package/dist/node/openpgp.min.cjs +13 -13
  26. package/dist/node/openpgp.min.cjs.map +1 -1
  27. package/dist/node/openpgp.min.mjs +14 -14
  28. package/dist/node/openpgp.min.mjs.map +1 -1
  29. package/dist/node/openpgp.mjs +14794 -16070
  30. package/dist/openpgp.js +14794 -16070
  31. package/dist/openpgp.min.js +14 -14
  32. package/dist/openpgp.min.js.map +1 -1
  33. package/dist/openpgp.min.mjs +14 -14
  34. package/dist/openpgp.min.mjs.map +1 -1
  35. package/dist/openpgp.mjs +14794 -16070
  36. package/dist/types/config/config.d.ts +2 -0
  37. package/dist/types/enums.d.ts +1 -0
  38. package/dist/types/index.d.ts +21 -20
  39. package/dist/types/packet/grammar.d.ts +2 -0
  40. package/package.json +34 -33
  41. package/dist/lightweight/seek-bzip.min.mjs +0 -3
  42. package/dist/lightweight/seek-bzip.min.mjs.map +0 -1
  43. package/dist/lightweight/seek-bzip.mjs +0 -900
package/dist/lightweight/nacl-fast.min.mjs CHANGED
@@ -1,3 +1,3 @@
1
- /*! OpenPGP.js v6.2.2 - 2025-09-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
1
+ /*! OpenPGP.js v6.3.0 - 2026-03-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
2
2
  const r="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},n="object"==typeof r&&"crypto"in r?r.crypto:void 0,o={};var t=function(r){var n,o=new Float64Array(16);if(r)for(n=0;n<r.length;n++)o[n]=r[n];return o},f=function(){throw Error("no PRNG")},e=new Uint8Array(32);e[0]=9;var a=t(),i=t([1]),u=t([56129,1]),l=t([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),y=t([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),c=t([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),h=t([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),w=t([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function v(r,n,o,t){r[n]=o>>24&255,r[n+1]=o>>16&255,r[n+2]=o>>8&255,r[n+3]=255&o,r[n+4]=t>>24&255,r[n+5]=t>>16&255,r[n+6]=t>>8&255,r[n+7]=255&t}function s(r,n,o,t){return function(r,n,o,t,f){var e,a=0;for(e=0;e<f;e++)a|=r[n+e]^o[t+e];return(1&a-1>>>8)-1}(r,n,o,t,32)}function A(r,n){var o;for(o=0;o<16;o++)r[o]=0|n[o]}function M(r){var n,o,t=1;for(n=0;n<16;n++)o=r[n]+t+65535,t=Math.floor(o/65536),r[n]=o-65536*t;r[0]+=t-1+37*(t-1)}function g(r,n,o){for(var t,f=~(o-1),e=0;e<16;e++)t=f&(r[e]^n[e]),r[e]^=t,n[e]^=t}function U(r,n){var o,f,e,a=t(),i=t();for(o=0;o<16;o++)i[o]=n[o];for(M(i),M(i),M(i),f=0;f<2;f++){for(a[0]=i[0]-65517,o=1;o<15;o++)a[o]=i[o]-65535-(a[o-1]>>16&1),a[o-1]&=65535;a[15]=i[15]-32767-(a[14]>>16&1),e=a[15]>>16&1,a[14]&=65535,g(i,a,1-e)}for(o=0;o<16;o++)r[2*o]=255&i[o],r[2*o+1]=i[o]>>8}function d(r,n){var o=new Uint8Array(32),t=new Uint8Array(32);return U(o,r),U(t,n),s(o,0,t,0)}function b(r){var n=new Uint8Array(32);return U(n,r),1&n[0]}function p(r,n){var o;for(o=0;o<16;o++)r[o]=n[2*o]+(n[2*o+1]<<8);r[15]&=32767}function K(r,n,o){for(var t=0;t<16;t++)r[t]=n[t]+o[t]}function E(r,n,o){for(var t=0;t<16;t++)r[t]=n[t]-o[t]}function k(r,n,o){var t,f,e=0,a=0,i=0,u=0,l=0,y=0,c=0,h=0,w=0,v=0,s=0,A=0,M=0,g=0,U=0,d=0,b=0,p=0,K=0,E=0,k=0,z=0,P=0,m=0,x=0,F=0,R=0,I=0,G=0,N=0,S=0,V=o[0],j=o[1],T=o[2],q=o[3],B=o[4],C=o[5],D=o[6],H=o[7],J=o[8],L=o[9],O=o[10],Q=o[11],W=o[12],X=o[13],Y=o[14],Z=o[15];e+=(t=n[0])*V,a+=t*j,i+=t*T,u+=t*q,l+=t*B,y+=t*C,c+=t*D,h+=t*H,w+=t*J,v+=t*L,s+=t*O,A+=t*Q,M+=t*W,g+=t*X,U+=t*Y,d+=t*Z,a+=(t=n[1])*V,i+=t*j,u+=t*T,l+=t*q,y+=t*B,c+=t*C,h+=t*D,w+=t*H,v+=t*J,s+=t*L,A+=t*O,M+=t*Q,g+=t*W,U+=t*X,d+=t*Y,b+=t*Z,i+=(t=n[2])*V,u+=t*j,l+=t*T,y+=t*q,c+=t*B,h+=t*C,w+=t*D,v+=t*H,s+=t*J,A+=t*L,M+=t*O,g+=t*Q,U+=t*W,d+=t*X,b+=t*Y,p+=t*Z,u+=(t=n[3])*V,l+=t*j,y+=t*T,c+=t*q,h+=t*B,w+=t*C,v+=t*D,s+=t*H,A+=t*J,M+=t*L,g+=t*O,U+=t*Q,d+=t*W,b+=t*X,p+=t*Y,K+=t*Z,l+=(t=n[4])*V,y+=t*j,c+=t*T,h+=t*q,w+=t*B,v+=t*C,s+=t*D,A+=t*H,M+=t*J,g+=t*L,U+=t*O,d+=t*Q,b+=t*W,p+=t*X,K+=t*Y,E+=t*Z,y+=(t=n[5])*V,c+=t*j,h+=t*T,w+=t*q,v+=t*B,s+=t*C,A+=t*D,M+=t*H,g+=t*J,U+=t*L,d+=t*O,b+=t*Q,p+=t*W,K+=t*X,E+=t*Y,k+=t*Z,c+=(t=n[6])*V,h+=t*j,w+=t*T,v+=t*q,s+=t*B,A+=t*C,M+=t*D,g+=t*H,U+=t*J,d+=t*L,b+=t*O,p+=t*Q,K+=t*W,E+=t*X,k+=t*Y,z+=t*Z,h+=(t=n[7])*V,w+=t*j,v+=t*T,s+=t*q,A+=t*B,M+=t*C,g+=t*D,U+=t*H,d+=t*J,b+=t*L,p+=t*O,K+=t*Q,E+=t*W,k+=t*X,z+=t*Y,P+=t*Z,w+=(t=n[8])*V,v+=t*j,s+=t*T,A+=t*q,M+=t*B,g+=t*C,U+=t*D,d+=t*H,b+=t*J,p+=t*L,K+=t*O,E+=t*Q,k+=t*W,z+=t*X,P+=t*Y,m+=t*Z,v+=(t=n[9])*V,s+=t*j,A+=t*T,M+=t*q,g+=t*B,U+=t*C,d+=t*D,b+=t*H,p+=t*J,K+=t*L,E+=t*O,k+=t*Q,z+=t*W,P+=t*X,m+=t*Y,x+=t*Z,s+=(t=n[10])*V,A+=t*j,M+=t*T,g+=t*q,U+=t*B,d+=t*C,b+=t*D,p+=t*H,K+=t*J,E+=t*L,k+=t*O,z+=t*Q,P+=t*W,m+=t*X,x+=t*Y,F+=t*Z,A+=(t=n[11])*V,M+=t*j,g+=t*T,U+=t*q,d+=t*B,b+=t*C,p+=t*D,K+=t*H,E+=t*J,k+=t*L,z+=t*O,P+=t*Q,m+=t*W,x+=t*X,F+=t*Y,R+=t*Z,M+=(t=n[12])*V,g+=t*j,U+=t*T,d+=t*q,b+=t*B,p+=t*C,K+=t*D,E+=t*H,k+=t*J,z+=t*L,P+=t*O,m+=t*Q,x+=t*W,F+=t*X,R+=t*Y,I+=t*Z,g+=(t=n[13])*V,U+=t*j,d+=t*T,b+=t*q,p+=t*B,K+=t*C,E+=t*D,k+=t*H,z+=t*J,P+=t*L,m+=t*O,x+=t*Q,F+=t*W,R+=t*X,I+=t*Y,G+=t*Z,U+=(t=n[14])*V,d+=t*j,b+=t*T,p+=t*q,K+=t*B,E+=t*C,k+=t*D,z+=t*H,P+=t*J,m+=t*L,x+=t*O,F+=t*Q,R+=t*W,I+=t*X,G+=t*Y,N+=t*Z,d+=(t=n[15])*V,a+=38*(p+=t*T),i+=38*(K+=t*q),u+=38*(E+=t*B),l+=38*(k+=t*C),y+=38*(z+=t*D),c+=38*(P+=t*H),h+=38*(m+=t*J),w+=38*(x+=t*L),v+=38*(F+=t*O),s+=38*(R+=t*Q),A+=38*(I+=t*W),M+=38*(G+=t*X),g+=38*(N+=t*Y),U+=38*(S+=t*Z),e=(t=(e+=38*(b+=t*j))+(f=1)+65535)-65536*(f=Math.floor(t/65536)),a=(t=a+f+65535)-65536*(f=Math.floor(t/65536)),i=(t=i+f+65535)-65536*(f=Math.floor(t/65536)),u=(t=u+f+65535)-65536*(f=Math.floor(t/65536)),l=(t=l+f+65535)-65536*(f=Math.floor(t/65536)),y=(t=y+f+65535)-65536*(f=Math.floor(t/65536)),c=(t=c+f+65535)-65536*(f=Math.floor(t/65536)),h=(t=h+f+65535)-65536*(f=Math.floor(t/65536)),w=(t=w+f+65535)-65536*(f=Math.floor(t/65536)),v=(t=v+f+65535)-65536*(f=Math.floor(t/65536)),s=(t=s+f+65535)-65536*(f=Math.floor(t/65536)),A=(t=A+f+65535)-65536*(f=Math.floor(t/65536)),M=(t=M+f+65535)-65536*(f=Math.floor(t/65536)),g=(t=g+f+65535)-65536*(f=Math.floor(t/65536)),U=(t=U+f+65535)-65536*(f=Math.floor(t/65536)),d=(t=d+f+65535)-65536*(f=Math.floor(t/65536)),e=(t=(e+=f-1+37*(f-1))+(f=1)+65535)-65536*(f=Math.floor(t/65536)),a=(t=a+f+65535)-65536*(f=Math.floor(t/65536)),i=(t=i+f+65535)-65536*(f=Math.floor(t/65536)),u=(t=u+f+65535)-65536*(f=Math.floor(t/65536)),l=(t=l+f+65535)-65536*(f=Math.floor(t/65536)),y=(t=y+f+65535)-65536*(f=Math.floor(t/65536)),c=(t=c+f+65535)-65536*(f=Math.floor(t/65536)),h=(t=h+f+65535)-65536*(f=Math.floor(t/65536)),w=(t=w+f+65535)-65536*(f=Math.floor(t/65536)),v=(t=v+f+65535)-65536*(f=Math.floor(t/65536)),s=(t=s+f+65535)-65536*(f=Math.floor(t/65536)),A=(t=A+f+65535)-65536*(f=Math.floor(t/65536)),M=(t=M+f+65535)-65536*(f=Math.floor(t/65536)),g=(t=g+f+65535)-65536*(f=Math.floor(t/65536)),U=(t=U+f+65535)-65536*(f=Math.floor(t/65536)),d=(t=d+f+65535)-65536*(f=Math.floor(t/65536)),e+=f-1+37*(f-1),r[0]=e,r[1]=a,r[2]=i,r[3]=u,r[4]=l,r[5]=y,r[6]=c,r[7]=h,r[8]=w,r[9]=v,r[10]=s,r[11]=A,r[12]=M,r[13]=g,r[14]=U,r[15]=d}function z(r,n){k(r,n,n)}function P(r,n){var o,f=t();for(o=0;o<16;o++)f[o]=n[o];for(o=253;o>=0;o--)z(f,f),2!==o&&4!==o&&k(f,f,n);for(o=0;o<16;o++)r[o]=f[o]}function m(r,n,o){var f,e,a=new Uint8Array(32),i=new Float64Array(80),l=t(),y=t(),c=t(),h=t(),w=t(),v=t();for(e=0;e<31;e++)a[e]=n[e];for(a[31]=127&n[31]|64,a[0]&=248,p(i,o),e=0;e<16;e++)y[e]=i[e],h[e]=l[e]=c[e]=0;for(l[0]=h[0]=1,e=254;e>=0;--e)g(l,y,f=a[e>>>3]>>>(7&e)&1),g(c,h,f),K(w,l,c),E(l,l,c),K(c,y,h),E(y,y,h),z(h,w),z(v,l),k(l,c,l),k(c,y,w),K(w,l,c),E(l,l,c),z(y,l),E(c,h,v),k(l,c,u),K(l,l,h),k(c,c,l),k(l,h,v),k(h,y,i),z(y,w),g(l,y,f),g(c,h,f);for(e=0;e<16;e++)i[e+16]=l[e],i[e+32]=c[e],i[e+48]=y[e],i[e+64]=h[e];var s=i.subarray(32),A=i.subarray(16);return P(s,s),k(A,A,s),U(r,A),0}function x(r,n){return m(r,n,e)}var F=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function R(r,n,o,t){for(var f,e,a,i,u,l,y,c,h,w,v,s,A,M,g,U,d,b,p,K,E,k,z,P,m,x,R=new Int32Array(16),I=new Int32Array(16),G=r[0],N=r[1],S=r[2],V=r[3],j=r[4],T=r[5],q=r[6],B=r[7],C=n[0],D=n[1],H=n[2],J=n[3],L=n[4],O=n[5],Q=n[6],W=n[7],X=0;t>=128;){for(p=0;p<16;p++)K=8*p+X,R[p]=o[K+0]<<24|o[K+1]<<16|o[K+2]<<8|o[K+3],I[p]=o[K+4]<<24|o[K+5]<<16|o[K+6]<<8|o[K+7];for(p=0;p<80;p++)if(f=G,e=N,a=S,i=V,u=j,l=T,y=q,B,h=C,w=D,v=H,s=J,A=L,M=O,g=Q,W,z=65535&(k=W),P=k>>>16,m=65535&(E=B),x=E>>>16,z+=65535&(k=(L>>>14|j<<18)^(L>>>18|j<<14)^(j>>>9|L<<23)),P+=k>>>16,m+=65535&(E=(j>>>14|L<<18)^(j>>>18|L<<14)^(L>>>9|j<<23)),x+=E>>>16,z+=65535&(k=L&O^~L&Q),P+=k>>>16,m+=65535&(E=j&T^~j&q),x+=E>>>16,z+=65535&(k=F[2*p+1]),P+=k>>>16,m+=65535&(E=F[2*p]),x+=E>>>16,E=R[p%16],P+=(k=I[p%16])>>>16,m+=65535&E,x+=E>>>16,m+=(P+=(z+=65535&k)>>>16)>>>16,z=65535&(k=b=65535&z|P<<16),P=k>>>16,m=65535&(E=d=65535&m|(x+=m>>>16)<<16),x=E>>>16,z+=65535&(k=(C>>>28|G<<4)^(G>>>2|C<<30)^(G>>>7|C<<25)),P+=k>>>16,m+=65535&(E=(G>>>28|C<<4)^(C>>>2|G<<30)^(C>>>7|G<<25)),x+=E>>>16,P+=(k=C&D^C&H^D&H)>>>16,m+=65535&(E=G&N^G&S^N&S),x+=E>>>16,c=65535&(m+=(P+=(z+=65535&k)>>>16)>>>16)|(x+=m>>>16)<<16,U=65535&z|P<<16,z=65535&(k=s),P=k>>>16,m=65535&(E=i),x=E>>>16,P+=(k=b)>>>16,m+=65535&(E=d),x+=E>>>16,N=f,S=e,V=a,j=i=65535&(m+=(P+=(z+=65535&k)>>>16)>>>16)|(x+=m>>>16)<<16,T=u,q=l,B=y,G=c,D=h,H=w,J=v,L=s=65535&z|P<<16,O=A,Q=M,W=g,C=U,p%16==15)for(K=0;K<16;K++)E=R[K],z=65535&(k=I[K]),P=k>>>16,m=65535&E,x=E>>>16,E=R[(K+9)%16],z+=65535&(k=I[(K+9)%16]),P+=k>>>16,m+=65535&E,x+=E>>>16,d=R[(K+1)%16],z+=65535&(k=((b=I[(K+1)%16])>>>1|d<<31)^(b>>>8|d<<24)^(b>>>7|d<<25)),P+=k>>>16,m+=65535&(E=(d>>>1|b<<31)^(d>>>8|b<<24)^d>>>7),x+=E>>>16,d=R[(K+14)%16],P+=(k=((b=I[(K+14)%16])>>>19|d<<13)^(d>>>29|b<<3)^(b>>>6|d<<26))>>>16,m+=65535&(E=(d>>>19|b<<13)^(b>>>29|d<<3)^d>>>6),x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,R[K]=65535&m|x<<16,I[K]=65535&z|P<<16;z=65535&(k=C),P=k>>>16,m=65535&(E=G),x=E>>>16,E=r[0],P+=(k=n[0])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[0]=G=65535&m|x<<16,n[0]=C=65535&z|P<<16,z=65535&(k=D),P=k>>>16,m=65535&(E=N),x=E>>>16,E=r[1],P+=(k=n[1])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[1]=N=65535&m|x<<16,n[1]=D=65535&z|P<<16,z=65535&(k=H),P=k>>>16,m=65535&(E=S),x=E>>>16,E=r[2],P+=(k=n[2])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[2]=S=65535&m|x<<16,n[2]=H=65535&z|P<<16,z=65535&(k=J),P=k>>>16,m=65535&(E=V),x=E>>>16,E=r[3],P+=(k=n[3])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[3]=V=65535&m|x<<16,n[3]=J=65535&z|P<<16,z=65535&(k=L),P=k>>>16,m=65535&(E=j),x=E>>>16,E=r[4],P+=(k=n[4])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[4]=j=65535&m|x<<16,n[4]=L=65535&z|P<<16,z=65535&(k=O),P=k>>>16,m=65535&(E=T),x=E>>>16,E=r[5],P+=(k=n[5])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[5]=T=65535&m|x<<16,n[5]=O=65535&z|P<<16,z=65535&(k=Q),P=k>>>16,m=65535&(E=q),x=E>>>16,E=r[6],P+=(k=n[6])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[6]=q=65535&m|x<<16,n[6]=Q=65535&z|P<<16,z=65535&(k=W),P=k>>>16,m=65535&(E=B),x=E>>>16,E=r[7],P+=(k=n[7])>>>16,m+=65535&E,x+=E>>>16,x+=(m+=(P+=(z+=65535&k)>>>16)>>>16)>>>16,r[7]=B=65535&m|x<<16,n[7]=W=65535&z|P<<16,X+=128,t-=128}return t}function I(r,n,o){var t,f=new Int32Array(8),e=new Int32Array(8),a=new Uint8Array(256),i=o;for(f[0]=1779033703,f[1]=3144134277,f[2]=1013904242,f[3]=2773480762,f[4]=1359893119,f[5]=2600822924,f[6]=528734635,f[7]=1541459225,e[0]=4089235720,e[1]=2227873595,e[2]=4271175723,e[3]=1595750129,e[4]=2917565137,e[5]=725511199,e[6]=4215389547,e[7]=327033209,R(f,e,n,o),o%=128,t=0;t<o;t++)a[t]=n[i-o+t];for(a[o]=128,a[(o=256-128*(o<112?1:0))-9]=0,v(a,o-8,i/536870912|0,i<<3),R(f,e,a,o),t=0;t<8;t++)v(r,8*t,f[t],e[t]);return 0}function G(r,n){var o=t(),f=t(),e=t(),a=t(),i=t(),u=t(),l=t(),c=t(),h=t();E(o,r[1],r[0]),E(h,n[1],n[0]),k(o,o,h),K(f,r[0],r[1]),K(h,n[0],n[1]),k(f,f,h),k(e,r[3],n[3]),k(e,e,y),k(a,r[2],n[2]),K(a,a,a),E(i,f,o),E(u,a,e),K(l,a,e),K(c,f,o),k(r[0],i,u),k(r[1],c,l),k(r[2],l,u),k(r[3],i,c)}function N(r,n,o){var t;for(t=0;t<4;t++)g(r[t],n[t],o)}function S(r,n){var o=t(),f=t(),e=t();P(e,n[2]),k(o,n[0],e),k(f,n[1],e),U(r,f),r[31]^=b(o)<<7}function V(r,n,o){var t,f;for(A(r[0],a),A(r[1],i),A(r[2],i),A(r[3],a),f=255;f>=0;--f)N(r,n,t=o[f/8|0]>>(7&f)&1),G(n,r),G(r,r),N(r,n,t)}function j(r,n){var o=[t(),t(),t(),t()];A(o[0],c),A(o[1],h),A(o[2],i),k(o[3],c,h),V(r,o,n)}function T(r,n,o){var e,a=new Uint8Array(64),i=[t(),t(),t(),t()];for(o||f(n,32),I(a,n,32),a[0]&=248,a[31]&=127,a[31]|=64,j(i,a),S(r,i),e=0;e<32;e++)n[e+32]=r[e];return 0}var q=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function B(r,n){var o,t,f,e;for(t=63;t>=32;--t){for(o=0,f=t-32,e=t-12;f<e;++f)n[f]+=o-16*n[t]*q[f-(t-32)],o=Math.floor((n[f]+128)/256),n[f]-=256*o;n[f]+=o,n[t]=0}for(o=0,f=0;f<32;f++)n[f]+=o-(n[31]>>4)*q[f],o=n[f]>>8,n[f]&=255;for(f=0;f<32;f++)n[f]-=o*q[f];for(t=0;t<32;t++)n[t+1]+=n[t]>>8,r[t]=255&n[t]}function C(r){var n,o=new Float64Array(64);for(n=0;n<64;n++)o[n]=r[n];for(n=0;n<64;n++)r[n]=0;B(r,o)}function D(r,n){var o=t(),f=t(),e=t(),u=t(),y=t(),c=t(),h=t();return A(r[2],i),p(r[1],n),z(e,r[1]),k(u,e,l),E(e,e,r[2]),K(u,r[2],u),z(y,u),z(c,y),k(h,c,y),k(o,h,e),k(o,o,u),function(r,n){var o,f=t();for(o=0;o<16;o++)f[o]=n[o];for(o=250;o>=0;o--)z(f,f),1!==o&&k(f,f,n);for(o=0;o<16;o++)r[o]=f[o]}(o,o),k(o,o,e),k(o,o,u),k(o,o,u),k(r[0],o,u),z(f,r[0]),k(f,f,u),d(f,e)&&k(r[0],r[0],w),z(f,r[0]),k(f,f,u),d(f,e)?-1:(b(r[0])===n[31]>>7&&E(r[0],a,r[0]),k(r[3],r[0],r[1]),0)}var H=64;function J(){for(var r=0;r<arguments.length;r++)if(!(arguments[r]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}o.scalarMult=function(r,n){if(J(r,n),32!==r.length)throw Error("bad n size");if(32!==n.length)throw Error("bad p size");var o=new Uint8Array(32);return m(o,r,n),o},o.box={},o.box.keyPair=function(){var r,n,o=new Uint8Array(32),t=new Uint8Array(32);return r=o,f(n=t,32),x(r,n),{publicKey:o,secretKey:t}},o.box.keyPair.fromSecretKey=function(r){if(J(r),32!==r.length)throw Error("bad secret key size");var n=new Uint8Array(32);return x(n,r),{publicKey:n,secretKey:new Uint8Array(r)}},o.sign=function(r,n){if(J(r,n),64!==n.length)throw Error("bad secret key size");var o=new Uint8Array(H+r.length);return function(r,n,o,f){var e,a,i=new Uint8Array(64),u=new Uint8Array(64),l=new Uint8Array(64),y=new Float64Array(64),c=[t(),t(),t(),t()];I(i,f,32),i[0]&=248,i[31]&=127,i[31]|=64;var h=o+64;for(e=0;e<o;e++)r[64+e]=n[e];for(e=0;e<32;e++)r[32+e]=i[32+e];for(I(l,r.subarray(32),o+32),C(l),j(c,l),S(r,c),e=32;e<64;e++)r[e]=f[e];for(I(u,r,o+64),C(u),e=0;e<64;e++)y[e]=0;for(e=0;e<32;e++)y[e]=l[e];for(e=0;e<32;e++)for(a=0;a<32;a++)y[e+a]+=u[e]*i[a];B(r.subarray(32),y)}(o,r,r.length,n),o},o.sign.detached=function(r,n){for(var t=o.sign(r,n),f=new Uint8Array(H),e=0;e<f.length;e++)f[e]=t[e];return f},o.sign.detached.verify=function(r,n,o){if(J(r,n,o),n.length!==H)throw Error("bad signature size");if(32!==o.length)throw Error("bad public key size");var f,e=new Uint8Array(H+r.length),a=new Uint8Array(H+r.length);for(f=0;f<H;f++)e[f]=n[f];for(f=0;f<r.length;f++)e[f+H]=r[f];return function(r,n,o,f){var e,a=new Uint8Array(32),i=new Uint8Array(64),u=[t(),t(),t(),t()],l=[t(),t(),t(),t()];if(o<64)return-1;if(D(l,f))return-1;for(e=0;e<o;e++)r[e]=n[e];for(e=0;e<32;e++)r[e+32]=f[e];if(I(i,r,o),C(i),V(u,l,i),j(l,n.subarray(32)),G(u,l),S(a,u),o-=64,s(n,0,a,0)){for(e=0;e<o;e++)r[e]=0;return-1}for(e=0;e<o;e++)r[e]=n[e+64];return o}(a,e,e.length,o)>=0},o.sign.keyPair=function(){var r=new Uint8Array(32),n=new Uint8Array(64);return T(r,n),{publicKey:r,secretKey:n}},o.sign.keyPair.fromSecretKey=function(r){if(J(r),64!==r.length)throw Error("bad secret key size");for(var n=new Uint8Array(32),o=0;o<n.length;o++)n[o]=r[32+o];return{publicKey:n,secretKey:new Uint8Array(r)}},o.sign.keyPair.fromSeed=function(r){if(J(r),32!==r.length)throw Error("bad seed size");for(var n=new Uint8Array(32),o=new Uint8Array(64),t=0;t<32;t++)o[t]=r[t];return T(n,o,!0),{publicKey:n,secretKey:o}},o.setPRNG=function(r){f=r},function(){if(n&&n.getRandomValues){o.setPRNG((function(r,o){var t,f=new Uint8Array(o);for(t=0;t<o;t+=65536)n.getRandomValues(f.subarray(t,t+Math.min(o-t,65536)));for(t=0;t<o;t++)r[t]=f[t];!function(r){for(var n=0;n<r.length;n++)r[n]=0}(f)}))}}();export{o as default};
3
3
  //# sourceMappingURL=nacl-fast.min.mjs.map
package/dist/lightweight/nacl-fast.mjs CHANGED
@@ -1,4 +1,4 @@
1
- /*! OpenPGP.js v6.2.2 - 2025-09-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
1
+ /*! OpenPGP.js v6.3.0 - 2026-03-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
2
2
  const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
3
3
 
4
4
  // declare const globalThis: Record<string, any> | undefined;
package/dist/lightweight/noble_curves.min.mjs CHANGED
@@ -1,13 +1,13 @@
1
- /*! OpenPGP.js v6.2.2 - 2025-09-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
1
+ /*! OpenPGP.js v6.3.0 - 2026-03-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
2
2
  "undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{h as t,a as e,b as f,i as r,c as n,d as o,H as i,e as s,t as c,f as a,g as d,r as u,s as l,j as h,k as b,l as g,m as p,n as y,o as m,p as B}from"./sha512.min.mjs";
3
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const w=/* @__PURE__ */BigInt(0),E=/* @__PURE__ */BigInt(1);function x(t,e=""){if("boolean"!=typeof t){throw Error((e&&`"${e}"`)+"expected boolean, got type="+typeof t)}return t}function v(t,e,f=""){const n=r(t),o=t?.length,i=void 0!==e;if(!n||i&&o!==e){throw Error((f&&`"${f}" `)+"expected Uint8Array"+(i?" of length "+e:"")+", got "+(n?"length="+o:"type="+typeof t))}return t}function I(t){const e=t.toString(16);return 1&e.length?"0"+e:e}function S(t){if("string"!=typeof t)throw Error("hex string expected, got "+typeof t);return""===t?w:BigInt("0x"+t)}function O(t){return S(f(t))}function R(t){return e(t),S(f(Uint8Array.from(t).reverse()))}function F(e,f){return t(e.toString(16).padStart(2*f,"0"))}function A(t,e){return F(t,e).reverse()}function q(e,f,n){let o;if("string"==typeof f)try{o=t(f)}catch(t){throw Error(e+" must be hex string or Uint8Array, cause: "+t)}else{if(!r(f))throw Error(e+" must be hex string or Uint8Array");o=Uint8Array.from(f)}const i=o.length;if("number"==typeof n&&i!==n)throw Error(e+" of length "+n+" expected, got "+i);return o}function Z(t){return Uint8Array.from(t)}const P=t=>"bigint"==typeof t&&w<=t;function K(t,e,f,r){if(!function(t,e,f){return P(t)&&P(e)&&P(f)&&e<=t&&t<f}(e,f,r))throw Error("expected valid "+t+": "+f+" <= n < "+r+", got "+e)}function N(t){let e;for(e=0;t>w;t>>=E,e+=1);return e}const U=t=>(E<<BigInt(t))-E;function V(t,e,f={}){if(!t||"object"!=typeof t)throw Error("expected valid options object");function r(e,f,r){const n=t[e];if(r&&void 0===n)return;const o=typeof n;if(o!==f||null===n)throw Error(`param "${e}" is invalid: expected ${f}, got ${o}`)}Object.entries(e).forEach((([t,e])=>r(t,e,!1))),Object.entries(f).forEach((([t,e])=>r(t,e,!0)))}function T(t){const e=new WeakMap;return(f,...r)=>{const n=e.get(f);if(void 0!==n)return n;const o=t(f,...r);return e.set(f,o),o}}
3
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const w=/* @__PURE__ */BigInt(0),E=/* @__PURE__ */BigInt(1);function x(t,e=""){if("boolean"!=typeof t){throw Error((e&&`"${e}"`)+"expected boolean, got type="+typeof t)}return t}function v(t,e,f=""){const n=r(t),o=t?.length,i=void 0!==e;if(!n||i&&o!==e){throw Error((f&&`"${f}" `)+"expected Uint8Array"+(i?" of length "+e:"")+", got "+(n?"length="+o:"type="+typeof t))}return t}function I(t){const e=t.toString(16);return 1&e.length?"0"+e:e}function S(t){if("string"!=typeof t)throw Error("hex string expected, got "+typeof t);return""===t?w:BigInt("0x"+t)}function O(t){return S(f(t))}function R(t){return e(t),S(f(Uint8Array.from(t).reverse()))}function F(e,f){return t(e.toString(16).padStart(2*f,"0"))}function A(t,e){return F(t,e).reverse()}function q(e,f,n){let o;if("string"==typeof f)try{o=t(f)}catch(t){throw Error(e+" must be hex string or Uint8Array, cause: "+t)}else{if(!r(f))throw Error(e+" must be hex string or Uint8Array");o=Uint8Array.from(f)}const i=o.length;if("number"==typeof n&&i!==n)throw Error(e+" of length "+n+" expected, got "+i);return o}function Z(t){return Uint8Array.from(t)}const K=t=>"bigint"==typeof t&&w<=t;function N(t,e,f,r){if(!function(t,e,f){return K(t)&&K(e)&&K(f)&&e<=t&&t<f}(e,f,r))throw Error("expected valid "+t+": "+f+" <= n < "+r+", got "+e)}function P(t){let e;for(e=0;t>w;t>>=E,e+=1);return e}const U=t=>(E<<BigInt(t))-E;function V(t,e,f={}){if(!t||"object"!=typeof t)throw Error("expected valid options object");function r(e,f,r){const n=t[e];if(r&&void 0===n)return;const o=typeof n;if(o!==f||null===n)throw Error(`param "${e}" is invalid: expected ${f}, got ${o}`)}Object.entries(e).forEach((([t,e])=>r(t,e,!1))),Object.entries(f).forEach((([t,e])=>r(t,e,!0)))}function T(t){const e=new WeakMap;return(f,...r)=>{const n=e.get(f);if(void 0!==n)return n;const o=t(f,...r);return e.set(f,o),o}}
4
4
  /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const C=BigInt(0),k=BigInt(1),j=/* @__PURE__ */BigInt(2),L=/* @__PURE__ */BigInt(3),G=/* @__PURE__ */BigInt(4),H=/* @__PURE__ */BigInt(5),Y=/* @__PURE__ */BigInt(7),z=/* @__PURE__ */BigInt(8),_=/* @__PURE__ */BigInt(9),D=/* @__PURE__ */BigInt(16);function X(t,e){const f=t%e;return f>=C?f:e+f}function M(t,e,f){let r=t;for(;e-- >C;)r*=r,r%=f;return r}function $(t,e){if(t===C)throw Error("invert: expected non-zero number");if(e<=C)throw Error("invert: expected positive modulus, got "+e);let f=X(t,e),r=e,n=C,o=k;for(;f!==C;){const t=r%f,e=n-o*(r/f);r=f,f=t,n=o,o=e}if(r!==k)throw Error("invert: does not exist");return X(n,e)}function W(t,e,f){if(!t.eql(t.sqr(e),f))throw Error("Cannot find square root")}function J(t,e){const f=(t.ORDER+k)/G,r=t.pow(e,f);return W(t,r,e),r}function Q(t,e){const f=(t.ORDER-H)/z,r=t.mul(e,j),n=t.pow(r,f),o=t.mul(e,n),i=t.mul(t.mul(o,j),n),s=t.mul(o,t.sub(i,t.ONE));return W(t,s,e),s}function tt(t){if(t<L)throw Error("sqrt is not defined for small field");let e=t-k,f=0;for(;e%j===C;)e/=j,f++;let r=j;const n=it(t);for(;1===nt(n,r);)if(r++>1e3)throw Error("Cannot find square root: probably non-prime P");if(1===f)return J;let o=n.pow(r,e);const i=(e+k)/j;return function(t,r){if(t.is0(r))return r;if(1!==nt(t,r))throw Error("Cannot find square root");let n=f,s=t.mul(t.ONE,o),c=t.pow(r,e),a=t.pow(r,i);for(;!t.eql(c,t.ONE);){if(t.is0(c))return t.ZERO;let e=1,f=t.sqr(c);for(;!t.eql(f,t.ONE);)if(e++,f=t.sqr(f),e===n)throw Error("Cannot find square root");const r=k<<BigInt(n-e-1),o=t.pow(s,r);n=e,s=t.sqr(o),c=t.mul(c,s),a=t.mul(a,o)}return a}}function et(t){return t%G===L?J:t%z===H?Q:t%D===_?function(t){const e=it(t),f=tt(t),r=f(e,e.neg(e.ONE)),n=f(e,r),o=f(e,e.neg(r)),i=(t+Y)/D;return(t,e)=>{let f=t.pow(e,i),s=t.mul(f,r);const c=t.mul(f,n),a=t.mul(f,o),d=t.eql(t.sqr(s),e),u=t.eql(t.sqr(c),e);f=t.cmov(f,s,d),s=t.cmov(a,c,u);const l=t.eql(t.sqr(s),e),h=t.cmov(f,s,l);return W(t,h,e),h}}(t):tt(t)}const ft=["create","isValid","is0","neg","inv","sqrt","sqr","eql","add","sub","mul","pow","div","addN","subN","mulN","sqrN"];function rt(t,e,f=!1){const r=Array(e.length).fill(f?t.ZERO:void 0),n=e.reduce(((e,f,n)=>t.is0(f)?e:(r[n]=e,t.mul(e,f))),t.ONE),o=t.inv(n);return e.reduceRight(((e,f,n)=>t.is0(f)?e:(r[n]=t.mul(e,r[n]),t.mul(e,f))),o),r}function nt(t,e){const f=(t.ORDER-k)/j,r=t.pow(e,f),n=t.eql(r,t.ONE),o=t.eql(r,t.ZERO),i=t.eql(r,t.neg(t.ONE));if(!n&&!o&&!i)throw Error("invalid Legendre symbol result");return n?1:o?0:-1}function ot(t,e){void 0!==e&&o(e);const f=void 0!==e?e:t.toString(2).length;return{nBitLength:f,nByteLength:Math.ceil(f/8)}}function it(t,e,f=!1,r={}){if(t<=C)throw Error("invalid field: expected ORDER > 0, got "+t);let n,o,i,s=!1;if("object"==typeof e&&null!=e){if(r.sqrt||f)throw Error("cannot specify opts in two arguments");const t=e;t.BITS&&(n=t.BITS),t.sqrt&&(o=t.sqrt),"boolean"==typeof t.isLE&&(f=t.isLE),"boolean"==typeof t.modFromBytes&&(s=t.modFromBytes),i=t.allowedLengths}else"number"==typeof e&&(n=e),r.sqrt&&(o=r.sqrt);const{nBitLength:c,nByteLength:a}=ot(t,n);if(a>2048)throw Error("invalid field: expected ORDER of <= 2048 bytes");let d;const u=Object.freeze({ORDER:t,isLE:f,BITS:c,BYTES:a,MASK:U(c),ZERO:C,ONE:k,allowedLengths:i,create:e=>X(e,t),isValid:e=>{if("bigint"!=typeof e)throw Error("invalid field element: expected bigint, got "+typeof e);return C<=e&&e<t},is0:t=>t===C,isValidNot0:t=>!u.is0(t)&&u.isValid(t),isOdd:t=>(t&k)===k,neg:e=>X(-e,t),eql:(t,e)=>t===e,sqr:e=>X(e*e,t),add:(e,f)=>X(e+f,t),sub:(e,f)=>X(e-f,t),mul:(e,f)=>X(e*f,t),pow:(t,e)=>function(t,e,f){if(f<C)throw Error("invalid exponent, negatives unsupported");if(f===C)return t.ONE;if(f===k)return e;let r=t.ONE,n=e;for(;f>C;)f&k&&(r=t.mul(r,n)),n=t.sqr(n),f>>=k;return r}(u,t,e),div:(e,f)=>X(e*$(f,t),t),sqrN:t=>t*t,addN:(t,e)=>t+e,subN:(t,e)=>t-e,mulN:(t,e)=>t*e,inv:e=>$(e,t),sqrt:o||(e=>(d||(d=et(t)),d(u,e))),toBytes:t=>f?A(t,a):F(t,a),fromBytes:(e,r=!0)=>{if(i){if(!i.includes(e.length)||e.length>a)throw Error("Field.fromBytes: expected "+i+" bytes, got "+e.length);const t=new Uint8Array(a);t.set(e,f?0:t.length-e.length),e=t}if(e.length!==a)throw Error("Field.fromBytes: expected "+a+" bytes, got "+e.length);let n=f?R(e):O(e);if(s&&(n=X(n,t)),!r&&!u.isValid(n))throw Error("invalid field element: outside of range 0..ORDER");return n},invertBatch:t=>rt(u,t),cmov:(t,e,f)=>f?e:t});return Object.freeze(u)}function st(t){if("bigint"!=typeof t)throw Error("field order must be bigint");const e=t.toString(2).length;return Math.ceil(e/8)}function ct(t){const e=st(t);return e+Math.ceil(e/2)}class at extends i{constructor(t,e){super(),this.finished=!1,this.destroyed=!1,s(t);const f=c(e);if(this.iHash=t.create(),"function"!=typeof this.iHash.update)throw Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const r=this.blockLen,n=new Uint8Array(r);n.set(f.length>r?t.create().update(f).digest():f);for(let t=0;t<n.length;t++)n[t]^=54;this.iHash.update(n),this.oHash=t.create();for(let t=0;t<n.length;t++)n[t]^=106;this.oHash.update(n),a(n)}update(t){return d(this),this.iHash.update(t),this}digestInto(t){d(this),e(t,this.outputLen),this.finished=!0,this.iHash.digestInto(t),this.oHash.update(t),this.oHash.digestInto(t),this.destroy()}digest(){const t=new Uint8Array(this.oHash.outputLen);return this.digestInto(t),t}_cloneInto(t){t||(t=Object.create(Object.getPrototypeOf(this),{}));const{oHash:e,iHash:f,finished:r,destroyed:n,blockLen:o,outputLen:i}=this;return t.finished=r,t.destroyed=n,t.blockLen=o,t.outputLen=i,t.oHash=e._cloneInto(t.oHash),t.iHash=f._cloneInto(t.iHash),t}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const dt=(t,e,f)=>new at(t,e).update(f).digest();dt.create=(t,e)=>new at(t,e)
5
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */;const ut=BigInt(0),lt=BigInt(1);function ht(t,e){const f=e.negate();return t?f:e}function bt(t,e){const f=rt(t.Fp,e.map((t=>t.Z)));return e.map(((e,r)=>t.fromAffine(e.toAffine(f[r]))))}function gt(t,e){if(!Number.isSafeInteger(t)||t<=0||t>e)throw Error("invalid window size, expected [1.."+e+"], got W="+t)}function pt(t,e){gt(t,e);const f=2**t;return{windows:Math.ceil(e/t)+1,windowSize:2**(t-1),mask:U(t),maxNumber:f,shiftBy:BigInt(t)}}function yt(t,e,f){const{windowSize:r,mask:n,maxNumber:o,shiftBy:i}=f;let s=Number(t&n),c=t>>i;s>r&&(s-=o,c+=lt);const a=e*r;return{nextN:c,offset:a+Math.abs(s)-1,isZero:0===s,isNeg:s<0,isNegF:e%2!=0,offsetF:a}}const mt=new WeakMap,Bt=new WeakMap;function wt(t){return Bt.get(t)||1}function Et(t){if(t!==ut)throw Error("invalid wNAF")}class xt{constructor(t,e){this.BASE=t.BASE,this.ZERO=t.ZERO,this.Fn=t.Fn,this.bits=e}_unsafeLadder(t,e,f=this.ZERO){let r=t;for(;e>ut;)e&lt&&(f=f.add(r)),r=r.double(),e>>=lt;return f}precomputeWindow(t,e){const{windows:f,windowSize:r}=pt(e,this.bits),n=[];let o=t,i=o;for(let t=0;t<f;t++){i=o,n.push(i);for(let t=1;t<r;t++)i=i.add(o),n.push(i);o=i.double()}return n}wNAF(t,e,f){if(!this.Fn.isValid(f))throw Error("invalid scalar");let r=this.ZERO,n=this.BASE;const o=pt(t,this.bits);for(let t=0;t<o.windows;t++){const{nextN:i,offset:s,isZero:c,isNeg:a,isNegF:d,offsetF:u}=yt(f,t,o);f=i,c?n=n.add(ht(d,e[u])):r=r.add(ht(a,e[s]))}return Et(f),{p:r,f:n}}wNAFUnsafe(t,e,f,r=this.ZERO){const n=pt(t,this.bits);for(let t=0;t<n.windows&&f!==ut;t++){const{nextN:o,offset:i,isZero:s,isNeg:c}=yt(f,t,n);if(f=o,!s){const t=e[i];r=r.add(c?t.negate():t)}}return Et(f),r}getPrecomputes(t,e,f){let r=mt.get(e);return r||(r=this.precomputeWindow(e,t),1!==t&&("function"==typeof f&&(r=f(r)),mt.set(e,r))),r}cached(t,e,f){const r=wt(t);return this.wNAF(r,this.getPrecomputes(r,t,f),e)}unsafe(t,e,f,r){const n=wt(t);return 1===n?this._unsafeLadder(t,e,r):this.wNAFUnsafe(n,this.getPrecomputes(n,t,f),e,r)}createCache(t,e){gt(e,this.bits),Bt.set(t,e),mt.delete(t)}hasCache(t){return 1!==wt(t)}}function vt(t,e,f,r){!function(t,e){if(!Array.isArray(t))throw Error("array expected");t.forEach(((t,f)=>{if(!(t instanceof e))throw Error("invalid point at index "+f)}))}(f,t),function(t,e){if(!Array.isArray(t))throw Error("array of scalars expected");t.forEach(((t,f)=>{if(!e.isValid(t))throw Error("invalid scalar at index "+f)}))}(r,e);const n=f.length,o=r.length;if(n!==o)throw Error("arrays of points and scalars must have equal length");const i=t.ZERO,s=N(BigInt(n));let c=1;s>12?c=s-3:s>4?c=s-2:s>0&&(c=2);const a=U(c),d=Array(Number(a)+1).fill(i);let u=i;for(let t=Math.floor((e.BITS-1)/c)*c;t>=0;t-=c){d.fill(i);for(let e=0;e<o;e++){const n=r[e],o=Number(n>>BigInt(t)&a);d[o]=d[o].add(f[e])}let e=i;for(let t=d.length-1,f=i;t>0;t--)f=f.add(d[t]),e=e.add(f);if(u=u.add(e),0!==t)for(let t=0;t<c;t++)u=u.double()}return u}function It(t,e,f){if(e){if(e.ORDER!==t)throw Error("Field.ORDER must match order: Fp == p, Fn == n");return function(t){V(t,ft.reduce(((t,e)=>(t[e]="function",t)),{ORDER:"bigint",MASK:"bigint",BYTES:"number",BITS:"number"}))}(e),e}return it(t,{isLE:f})}function St(t,e,f={},r){if(void 0===r&&(r="edwards"===t),!e||"object"!=typeof e)throw Error(`expected valid ${t} CURVE object`);for(const t of["p","n","h"]){const f=e[t];if(!("bigint"==typeof f&&f>ut))throw Error(`CURVE.${t} must be positive bigint`)}const n=It(e.p,f.Fp,r),o=It(e.n,f.Fn,r),i=["Gx","Gy","a","weierstrass"===t?"b":"d"];for(const t of i)if(!n.isValid(e[t]))throw Error(`CURVE.${t} must be valid field element of CURVE.Fp`);return{CURVE:e=Object.freeze(Object.assign({},e)),Fp:n,Fn:o}}
6
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ot=(t,e)=>(t+(t>=0?e:-e)/Pt)/e;function Rt(t){if(!["compact","recovered","der"].includes(t))throw Error('Signature format must be "compact", "recovered", or "der"');return t}function Ft(t,e){const f={};for(let r of Object.keys(e))f[r]=void 0===t[r]?e[r]:t[r];return x(f.lowS,"lowS"),x(f.prehash,"prehash"),void 0!==f.format&&Rt(f.format),f}const At={Err:class extends Error{constructor(t=""){super(t)}},_tlv:{encode:(t,e)=>{const{Err:f}=At;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(1&e.length)throw new f("tlv.encode: unpadded data");const r=e.length/2,n=I(r);if(n.length/2&128)throw new f("tlv.encode: long form length too big");const o=r>127?I(n.length/2|128):"";return I(t)+o+n+e},decode(t,e){const{Err:f}=At;let r=0;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(e.length<2||e[r++]!==t)throw new f("tlv.decode: wrong tlv");const n=e[r++];let o=0;if(!!(128&n)){const t=127&n;if(!t)throw new f("tlv.decode(long): indefinite length not supported");if(t>4)throw new f("tlv.decode(long): byte length is too big");const i=e.subarray(r,r+t);if(i.length!==t)throw new f("tlv.decode: length bytes not complete");if(0===i[0])throw new f("tlv.decode(long): zero leftmost byte");for(const t of i)o=o<<8|t;if(r+=t,o<128)throw new f("tlv.decode(long): not minimal encoding")}else o=n;const i=e.subarray(r,r+o);if(i.length!==o)throw new f("tlv.decode: wrong value length");return{v:i,l:e.subarray(r+o)}}},_int:{encode(t){const{Err:e}=At;if(t<qt)throw new e("integer: negative integers are not allowed");let f=I(t);if(8&Number.parseInt(f[0],16)&&(f="00"+f),1&f.length)throw new e("unexpected DER parsing assertion: unpadded hex");return f},decode(t){const{Err:e}=At;if(128&t[0])throw new e("invalid signature integer: negative");if(0===t[0]&&!(128&t[1]))throw new e("invalid signature integer: unnecessary leading zero");return O(t)}},toSig(t){const{Err:e,_int:f,_tlv:r}=At,n=q("signature",t),{v:o,l:i}=r.decode(48,n);if(i.length)throw new e("invalid signature: left bytes after parsing");const{v:s,l:c}=r.decode(2,o),{v:a,l:d}=r.decode(2,c);if(d.length)throw new e("invalid signature: left bytes after parsing");return{r:f.decode(s),s:f.decode(a)}},hexFromSig(t){const{_tlv:e,_int:f}=At,r=e.encode(2,f.encode(t.r))+e.encode(2,f.encode(t.s));return e.encode(48,r)}},qt=BigInt(0),Zt=BigInt(1),Pt=BigInt(2),Kt=BigInt(3),Nt=BigInt(4);function Ut(t,e){const{BYTES:f}=t;let r;if("bigint"==typeof e)r=e;else{let n=q("private key",e);try{r=t.fromBytes(n)}catch(t){throw Error(`invalid private key: expected ui8a of size ${f}, got ${typeof e}`)}}if(!t.isValidNot0(r))throw Error("invalid private key: out of range [1..N-1]");return r}function Vt(t,e={}){const r=St("weierstrass",t,e),{Fp:o,Fn:i}=r;let s=r.CURVE;const{h:c,n:a}=s;V(e,{},{allowInfinityPoint:"boolean",clearCofactor:"function",isTorsionFree:"function",fromBytes:"function",toBytes:"function",endo:"object",wrapPrivateKey:"boolean"});const{endo:d}=e;if(d&&(!o.is0(s.a)||"bigint"!=typeof d.beta||!Array.isArray(d.basises)))throw Error('invalid endo: expected "beta": bigint and "basises": array');const u=Ct(o,i);function l(){if(!o.isOdd)throw Error("compression is not supported: Field does not have .isOdd()")}const h=e.toBytes||function(t,e,f){const{x:r,y:i}=e.toAffine(),s=o.toBytes(r);if(x(f,"isCompressed"),f){l();const t=!o.isOdd(i);return n(Tt(t),s)}return n(Uint8Array.of(4),s,o.toBytes(i))},b=e.fromBytes||function(t){v(t,void 0,"Point");const{publicKey:e,publicKeyUncompressed:f}=u,r=t.length,n=t[0],i=t.subarray(1);if(r!==e||2!==n&&3!==n){if(r===f&&4===n){const t=o.BYTES,e=o.fromBytes(i.subarray(0,t)),f=o.fromBytes(i.subarray(t,2*t));if(!p(e,f))throw Error("bad point: is not on curve");return{x:e,y:f}}throw Error(`bad point: got length ${r}, expected compressed=${e} or uncompressed=${f}`)}{const t=o.fromBytes(i);if(!o.isValid(t))throw Error("bad point: is not on curve, wrong x");const e=g(t);let f;try{f=o.sqrt(e)}catch(t){const e=t instanceof Error?": "+t.message:"";throw Error("bad point: is not on curve, sqrt error"+e)}l();return!(1&~n)!==o.isOdd(f)&&(f=o.neg(f)),{x:t,y:f}}};function g(t){const e=o.sqr(t),f=o.mul(e,t);return o.add(o.add(f,o.mul(t,s.a)),s.b)}function p(t,e){const f=o.sqr(e),r=g(t);return o.eql(f,r)}if(!p(s.Gx,s.Gy))throw Error("bad curve params: generator point");const y=o.mul(o.pow(s.a,Kt),Nt),m=o.mul(o.sqr(s.b),BigInt(27));if(o.is0(o.add(y,m)))throw Error("bad curve params: a or b");function B(t,e,f=!1){if(!o.isValid(e)||f&&o.is0(e))throw Error("bad point coordinate "+t);return e}function w(t){if(!(t instanceof R))throw Error("ProjectivePoint expected")}function E(t){if(!d||!d.basises)throw Error("no endo");return function(t,e,f){const[[r,n],[o,i]]=e,s=Ot(i*t,f),c=Ot(-n*t,f);let a=t-s*r-c*o,d=-s*n-c*i;const u=a<qt,l=d<qt;u&&(a=-a),l&&(d=-d);const h=U(Math.ceil(N(f)/2))+Zt;if(a<qt||a>=h||d<qt||d>=h)throw Error("splitScalar (endomorphism): failed, k="+t);return{k1neg:u,k1:a,k2neg:l,k2:d}}(t,d.basises,i.ORDER)}const I=T(((t,e)=>{const{X:f,Y:r,Z:n}=t;if(o.eql(n,o.ONE))return{x:f,y:r};const i=t.is0();null==e&&(e=i?o.ONE:o.inv(n));const s=o.mul(f,e),c=o.mul(r,e),a=o.mul(n,e);if(i)return{x:o.ZERO,y:o.ZERO};if(!o.eql(a,o.ONE))throw Error("invZ was invalid");return{x:s,y:c}})),S=T((t=>{if(t.is0()){if(e.allowInfinityPoint&&!o.is0(t.Y))return;throw Error("bad point: ZERO")}const{x:f,y:r}=t.toAffine();if(!o.isValid(f)||!o.isValid(r))throw Error("bad point: x or y not field elements");if(!p(f,r))throw Error("bad point: equation left != right");if(!t.isTorsionFree())throw Error("bad point: not in prime-order subgroup");return!0}));function O(t,e,f,r,n){return f=new R(o.mul(f.X,t),f.Y,f.Z),e=ht(r,e),f=ht(n,f),e.add(f)}class R{constructor(t,e,f){this.X=B("x",t),this.Y=B("y",e,!0),this.Z=B("z",f),Object.freeze(this)}static CURVE(){return s}static fromAffine(t){const{x:e,y:f}=t||{};if(!t||!o.isValid(e)||!o.isValid(f))throw Error("invalid affine point");if(t instanceof R)throw Error("projective point not allowed");return o.is0(e)&&o.is0(f)?R.ZERO:new R(e,f,o.ONE)}static fromBytes(t){const e=R.fromAffine(b(v(t,void 0,"point")));return e.assertValidity(),e}static fromHex(t){return R.fromBytes(q("pointHex",t))}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return A.createCache(this,t),e||this.multiply(Kt),this}assertValidity(){S(this)}hasEvenY(){const{y:t}=this.toAffine();if(!o.isOdd)throw Error("Field doesn't support isOdd");return!o.isOdd(t)}equals(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:s}=t,c=o.eql(o.mul(e,s),o.mul(n,r)),a=o.eql(o.mul(f,s),o.mul(i,r));return c&&a}negate(){return new R(this.X,o.neg(this.Y),this.Z)}double(){const{a:t,b:e}=s,f=o.mul(e,Kt),{X:r,Y:n,Z:i}=this;let c=o.ZERO,a=o.ZERO,d=o.ZERO,u=o.mul(r,r),l=o.mul(n,n),h=o.mul(i,i),b=o.mul(r,n);return b=o.add(b,b),d=o.mul(r,i),d=o.add(d,d),c=o.mul(t,d),a=o.mul(f,h),a=o.add(c,a),c=o.sub(l,a),a=o.add(l,a),a=o.mul(c,a),c=o.mul(b,c),d=o.mul(f,d),h=o.mul(t,h),b=o.sub(u,h),b=o.mul(t,b),b=o.add(b,d),d=o.add(u,u),u=o.add(d,u),u=o.add(u,h),u=o.mul(u,b),a=o.add(a,u),h=o.mul(n,i),h=o.add(h,h),u=o.mul(h,b),c=o.sub(c,u),d=o.mul(h,l),d=o.add(d,d),d=o.add(d,d),new R(c,a,d)}add(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:c}=t;let a=o.ZERO,d=o.ZERO,u=o.ZERO;const l=s.a,h=o.mul(s.b,Kt);let b=o.mul(e,n),g=o.mul(f,i),p=o.mul(r,c),y=o.add(e,f),m=o.add(n,i);y=o.mul(y,m),m=o.add(b,g),y=o.sub(y,m),m=o.add(e,r);let B=o.add(n,c);return m=o.mul(m,B),B=o.add(b,p),m=o.sub(m,B),B=o.add(f,r),a=o.add(i,c),B=o.mul(B,a),a=o.add(g,p),B=o.sub(B,a),u=o.mul(l,m),a=o.mul(h,p),u=o.add(a,u),a=o.sub(g,u),u=o.add(g,u),d=o.mul(a,u),g=o.add(b,b),g=o.add(g,b),p=o.mul(l,p),m=o.mul(h,m),g=o.add(g,p),p=o.sub(b,p),p=o.mul(l,p),m=o.add(m,p),b=o.mul(g,m),d=o.add(d,b),b=o.mul(B,m),a=o.mul(y,a),a=o.sub(a,b),b=o.mul(y,g),u=o.mul(B,u),u=o.add(u,b),new R(a,d,u)}subtract(t){return this.add(t.negate())}is0(){return this.equals(R.ZERO)}multiply(t){const{endo:f}=e;if(!i.isValidNot0(t))throw Error("invalid scalar: out of range");let r,n;const o=t=>A.cached(this,t,(t=>bt(R,t)));if(f){const{k1neg:e,k1:i,k2neg:s,k2:c}=E(t),{p:a,f:d}=o(i),{p:u,f:l}=o(c);n=d.add(l),r=O(f.beta,a,u,e,s)}else{const{p:e,f}=o(t);r=e,n=f}return bt(R,[r,n])[0]}multiplyUnsafe(t){const{endo:f}=e,r=this;if(!i.isValid(t))throw Error("invalid scalar: out of range");if(t===qt||r.is0())return R.ZERO;if(t===Zt)return r;if(A.hasCache(this))return this.multiply(t);if(f){const{k1neg:e,k1:n,k2neg:o,k2:i}=E(t),{p1:s,p2:c}=function(t,e,f,r){let n=e,o=t.ZERO,i=t.ZERO;for(;f>ut||r>ut;)f&lt&&(o=o.add(n)),r&lt&&(i=i.add(n)),n=n.double(),f>>=lt,r>>=lt;return{p1:o,p2:i}}(R,r,n,i);return O(f.beta,s,c,e,o)}return A.unsafe(r,t)}multiplyAndAddUnsafe(t,e,f){const r=this.multiplyUnsafe(e).add(t.multiplyUnsafe(f));return r.is0()?void 0:r}toAffine(t){return I(this,t)}isTorsionFree(){const{isTorsionFree:t}=e;return c===Zt||(t?t(R,this):A.unsafe(this,a).is0())}clearCofactor(){const{clearCofactor:t}=e;return c===Zt?this:t?t(R,this):this.multiplyUnsafe(c)}isSmallOrder(){return this.multiplyUnsafe(c).is0()}toBytes(t=!0){return x(t,"isCompressed"),this.assertValidity(),h(R,this,t)}toHex(t=!0){return f(this.toBytes(t))}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get px(){return this.X}get py(){return this.X}get pz(){return this.Z}toRawBytes(t=!0){return this.toBytes(t)}_setWindowSize(t){this.precompute(t)}static normalizeZ(t){return bt(R,t)}static msm(t,e){return vt(R,i,t,e)}static fromPrivateKey(t){return R.BASE.multiply(Ut(i,t))}}R.BASE=new R(s.Gx,s.Gy,o.ONE),R.ZERO=new R(o.ZERO,o.ONE,o.ZERO),R.Fp=o,R.Fn=i;const F=i.BITS,A=new xt(R,e.endo?Math.ceil(F/2):F);return R.BASE.precompute(8),R}function Tt(t){return Uint8Array.of(t?2:3)}function Ct(t,e){return{secretKey:e.BYTES,publicKey:1+t.BYTES,publicKeyUncompressed:1+2*t.BYTES,publicKeyHasPrefix:!0,signature:2*e.BYTES}}function kt(t,e={}){const{Fn:f}=t,r=e.randomBytes||u,n=Object.assign(Ct(t.Fp,f),{seed:ct(f.ORDER)});function o(t){try{return!!Ut(f,t)}catch(t){return!1}}function i(t=r(n.seed)){return function(t,e,f=!1){const r=t.length,n=st(e),o=ct(e);if(r<16||r<o||r>1024)throw Error("expected "+o+"-1024 bytes of input, got "+r);const i=X(f?R(t):O(t),e-k)+k;return f?A(i,n):F(i,n)}(v(t,n.seed,"seed"),f.ORDER)}function s(e,r=!0){return t.BASE.multiply(Ut(f,e)).toBytes(r)}function c(e){if("bigint"==typeof e)return!1;if(e instanceof t)return!0;const{secretKey:r,publicKey:o,publicKeyUncompressed:i}=n;if(f.allowedLengths||r===o)return;const s=q("key",e).length;return s===o||s===i}const a={isValidSecretKey:o,isValidPublicKey:function(e,f){const{publicKey:r,publicKeyUncompressed:o}=n;try{const n=e.length;return(!0!==f||n===r)&&((!1!==f||n===o)&&!!t.fromBytes(e))}catch(t){return!1}},randomSecretKey:i,isValidPrivateKey:o,randomPrivateKey:i,normPrivateKeyToScalar:t=>Ut(f,t),precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({getPublicKey:s,getSharedSecret:function(e,r,n=!0){if(!0===c(e))throw Error("first arg must be private key");if(!1===c(r))throw Error("second arg must be public key");const o=Ut(f,e);return t.fromHex(r).multiply(o).toBytes(n)},keygen:function(t){const e=i(t);return{secretKey:e,publicKey:s(e)}},Point:t,utils:a,lengths:n})}function jt(e,o,i={}){s(o),V(i,{},{hmac:"function",lowS:"boolean",randomBytes:"function",bits2int:"function",bits2int_modN:"function"});const c=i.randomBytes||u,a=i.hmac||((t,...e)=>dt(o,t,n(...e))),{Fp:d,Fn:l}=e,{ORDER:h,BITS:b}=l,{keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B}=kt(e,i),w={prehash:!1,lowS:"boolean"==typeof i.lowS&&i.lowS,format:void 0,extraEntropy:!1},E="compact";function x(t){return t>h>>Zt}function I(t,e){if(!l.isValidNot0(e))throw Error(`invalid signature ${t}: out of range 1..Point.Fn.ORDER`);return e}class S{constructor(t,e,f){this.r=I("r",t),this.s=I("s",e),null!=f&&(this.recovery=f),Object.freeze(this)}static fromBytes(t,e=E){let f;if(function(t,e){Rt(e);const f=B.signature;v(t,"compact"===e?f:"recovered"===e?f+1:void 0,e+" signature")}(t,e),"der"===e){const{r:e,s:f}=At.toSig(v(t));return new S(e,f)}"recovered"===e&&(f=t[0],e="compact",t=t.subarray(1));const r=l.BYTES,n=t.subarray(0,r),o=t.subarray(r,2*r);return new S(l.fromBytes(n),l.fromBytes(o),f)}static fromHex(e,f){return this.fromBytes(t(e),f)}addRecoveryBit(t){return new S(this.r,this.s,t)}recoverPublicKey(t){const f=d.ORDER,{r,s:o,recovery:i}=this;if(null==i||![0,1,2,3].includes(i))throw Error("recovery id invalid");if(h*Pt<f&&i>1)throw Error("recovery id is ambiguous for h>1 curve");const s=2===i||3===i?r+h:r;if(!d.isValid(s))throw Error("recovery id 2 or 3 invalid");const c=d.toBytes(s),a=e.fromBytes(n(Tt(!(1&i)),c)),u=l.inv(s),b=F(q("msgHash",t)),g=l.create(-b*u),p=l.create(o*u),y=e.BASE.multiplyUnsafe(g).add(a.multiplyUnsafe(p));if(y.is0())throw Error("point at infinify");return y.assertValidity(),y}hasHighS(){return x(this.s)}toBytes(e=E){if(Rt(e),"der"===e)return t(At.hexFromSig(this));const f=l.toBytes(this.r),r=l.toBytes(this.s);if("recovered"===e){if(null==this.recovery)throw Error("recovery bit must be present");return n(Uint8Array.of(this.recovery),f,r)}return n(f,r)}toHex(t){return f(this.toBytes(t))}assertValidity(){}static fromCompact(t){return S.fromBytes(q("sig",t),"compact")}static fromDER(t){return S.fromBytes(q("sig",t),"der")}normalizeS(){return this.hasHighS()?new S(this.r,l.neg(this.s),this.recovery):this}toDERRawBytes(){return this.toBytes("der")}toDERHex(){return f(this.toBytes("der"))}toCompactRawBytes(){return this.toBytes("compact")}toCompactHex(){return f(this.toBytes("compact"))}}const R=i.bits2int||function(t){if(t.length>8192)throw Error("input is too large");const e=O(t),f=8*t.length-b;return f>0?e>>BigInt(f):e},F=i.bits2int_modN||function(t){return l.create(R(t))},A=U(b);function Z(t){return K("num < 2^"+b,t,qt,A),l.toBytes(t)}function P(t,e){return v(t,void 0,"message"),e?v(o(t),void 0,"prehashed message"):t}return Object.freeze({keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B,Point:e,sign:function(t,f,r={}){t=q("message",t);const{seed:i,k2sig:s}=function(t,f,r){if(["recovered","canonical"].some((t=>t in r)))throw Error("sign() legacy options not supported");const{lowS:o,prehash:i,extraEntropy:s}=Ft(r,w);t=P(t,i);const a=F(t),d=Ut(l,f),u=[Z(d),Z(a)];if(null!=s&&!1!==s){const t=!0===s?c(B.secretKey):s;u.push(q("extraEntropy",t))}const h=n(...u),b=a;return{seed:h,k2sig:function(t){const f=R(t);if(!l.isValidNot0(f))return;const r=l.inv(f),n=e.BASE.multiply(f).toAffine(),i=l.create(n.x);if(i===qt)return;const s=l.create(r*l.create(b+i*d));if(s===qt)return;let c=(n.x===i?0:2)|Number(n.y&Zt),a=s;return o&&x(s)&&(a=l.neg(s),c^=1),new S(i,a,c)}}}(t,f,r);return function(t,e,f){if("number"!=typeof t||t<2)throw Error("hashLen must be a number");if("number"!=typeof e||e<2)throw Error("qByteLen must be a number");if("function"!=typeof f)throw Error("hmacFn must be a function");const r=t=>new Uint8Array(t),o=t=>Uint8Array.of(t);let i=r(t),s=r(t),c=0;const a=()=>{i.fill(1),s.fill(0),c=0},d=(...t)=>f(s,i,...t),u=(t=r(0))=>{s=d(o(0),t),i=d(),0!==t.length&&(s=d(o(1),t),i=d())},l=()=>{if(c++>=1e3)throw Error("drbg: tried 1000 values");let t=0;const f=[];for(;t<e;){i=d();const e=i.slice();f.push(e),t+=i.length}return n(...f)};return(t,e)=>{let f;for(a(),u(t);!(f=e(l()));)u();return a(),f}}(o.outputLen,l.BYTES,a)(i,s)},verify:function(t,f,n,o={}){const{lowS:i,prehash:s,format:c}=Ft(o,w);if(n=q("publicKey",n),f=P(q("message",f),s),"strict"in o)throw Error("options.strict was renamed to lowS");const a=void 0===c?function(t){let e;const f="string"==typeof t||r(t),n=!f&&null!==t&&"object"==typeof t&&"bigint"==typeof t.r&&"bigint"==typeof t.s;if(!f&&!n)throw Error("invalid signature, expected Uint8Array, hex string or Signature instance");if(n)e=new S(t.r,t.s);else if(f){try{e=S.fromBytes(q("sig",t),"der")}catch(t){if(!(t instanceof At.Err))throw t}if(!e)try{e=S.fromBytes(q("sig",t),"compact")}catch(t){return!1}}return e||!1}(t):S.fromBytes(q("sig",t),c);if(!1===a)return!1;try{const t=e.fromBytes(n);if(i&&a.hasHighS())return!1;const{r,s:o}=a,s=F(f),c=l.inv(o),d=l.create(s*c),u=l.create(r*c),h=e.BASE.multiplyUnsafe(d).add(t.multiplyUnsafe(u));if(h.is0())return!1;return l.create(h.x)===r}catch(t){return!1}},recoverPublicKey:function(t,e,f={}){const{prehash:r}=Ft(f,w);return e=P(e,r),S.fromBytes(t,"recovered").recoverPublicKey(e).toBytes()},Signature:S,hash:o})}function Lt(t){const{CURVE:e,curveOpts:f}=function(t){const e={a:t.a,b:t.b,p:t.Fp.ORDER,n:t.n,h:t.h,Gx:t.Gx,Gy:t.Gy},f=t.Fp;let r=t.allowedPrivateKeyLengths?Array.from(new Set(t.allowedPrivateKeyLengths.map((t=>Math.ceil(t/2))))):void 0;return{CURVE:e,curveOpts:{Fp:f,Fn:it(e.n,{BITS:t.nBitLength,allowedLengths:r,modFromBytes:t.wrapPrivateKey}),allowInfinityPoint:t.allowInfinityPoint,endo:t.endo,isTorsionFree:t.isTorsionFree,clearCofactor:t.clearCofactor,fromBytes:t.fromBytes,toBytes:t.toBytes}}}(t),r={hmac:t.hmac,randomBytes:t.randomBytes,lowS:t.lowS,bits2int:t.bits2int,bits2int_modN:t.bits2int_modN};return{CURVE:e,curveOpts:f,hash:t.hash,ecdsaOpts:r}}function Gt(t){const{CURVE:e,curveOpts:f,hash:r,ecdsaOpts:n}=Lt(t);return function(t,e){const f=e.Point;return Object.assign({},e,{ProjectivePoint:f,CURVE:Object.assign({},t,ot(f.Fn.ORDER,f.Fn.BITS))})}(t,jt(Vt(e,f),r,n))}
5
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */;const ut=BigInt(0),lt=BigInt(1);function ht(t,e){const f=e.negate();return t?f:e}function bt(t,e){const f=rt(t.Fp,e.map((t=>t.Z)));return e.map(((e,r)=>t.fromAffine(e.toAffine(f[r]))))}function gt(t,e){if(!Number.isSafeInteger(t)||t<=0||t>e)throw Error("invalid window size, expected [1.."+e+"], got W="+t)}function pt(t,e){gt(t,e);const f=2**t;return{windows:Math.ceil(e/t)+1,windowSize:2**(t-1),mask:U(t),maxNumber:f,shiftBy:BigInt(t)}}function yt(t,e,f){const{windowSize:r,mask:n,maxNumber:o,shiftBy:i}=f;let s=Number(t&n),c=t>>i;s>r&&(s-=o,c+=lt);const a=e*r;return{nextN:c,offset:a+Math.abs(s)-1,isZero:0===s,isNeg:s<0,isNegF:e%2!=0,offsetF:a}}const mt=new WeakMap,Bt=new WeakMap;function wt(t){return Bt.get(t)||1}function Et(t){if(t!==ut)throw Error("invalid wNAF")}class xt{constructor(t,e){this.BASE=t.BASE,this.ZERO=t.ZERO,this.Fn=t.Fn,this.bits=e}_unsafeLadder(t,e,f=this.ZERO){let r=t;for(;e>ut;)e&lt&&(f=f.add(r)),r=r.double(),e>>=lt;return f}precomputeWindow(t,e){const{windows:f,windowSize:r}=pt(e,this.bits),n=[];let o=t,i=o;for(let t=0;t<f;t++){i=o,n.push(i);for(let t=1;t<r;t++)i=i.add(o),n.push(i);o=i.double()}return n}wNAF(t,e,f){if(!this.Fn.isValid(f))throw Error("invalid scalar");let r=this.ZERO,n=this.BASE;const o=pt(t,this.bits);for(let t=0;t<o.windows;t++){const{nextN:i,offset:s,isZero:c,isNeg:a,isNegF:d,offsetF:u}=yt(f,t,o);f=i,c?n=n.add(ht(d,e[u])):r=r.add(ht(a,e[s]))}return Et(f),{p:r,f:n}}wNAFUnsafe(t,e,f,r=this.ZERO){const n=pt(t,this.bits);for(let t=0;t<n.windows&&f!==ut;t++){const{nextN:o,offset:i,isZero:s,isNeg:c}=yt(f,t,n);if(f=o,!s){const t=e[i];r=r.add(c?t.negate():t)}}return Et(f),r}getPrecomputes(t,e,f){let r=mt.get(e);return r||(r=this.precomputeWindow(e,t),1!==t&&("function"==typeof f&&(r=f(r)),mt.set(e,r))),r}cached(t,e,f){const r=wt(t);return this.wNAF(r,this.getPrecomputes(r,t,f),e)}unsafe(t,e,f,r){const n=wt(t);return 1===n?this._unsafeLadder(t,e,r):this.wNAFUnsafe(n,this.getPrecomputes(n,t,f),e,r)}createCache(t,e){gt(e,this.bits),Bt.set(t,e),mt.delete(t)}hasCache(t){return 1!==wt(t)}}function vt(t,e,f,r){!function(t,e){if(!Array.isArray(t))throw Error("array expected");t.forEach(((t,f)=>{if(!(t instanceof e))throw Error("invalid point at index "+f)}))}(f,t),function(t,e){if(!Array.isArray(t))throw Error("array of scalars expected");t.forEach(((t,f)=>{if(!e.isValid(t))throw Error("invalid scalar at index "+f)}))}(r,e);const n=f.length,o=r.length;if(n!==o)throw Error("arrays of points and scalars must have equal length");const i=t.ZERO,s=P(BigInt(n));let c=1;s>12?c=s-3:s>4?c=s-2:s>0&&(c=2);const a=U(c),d=Array(Number(a)+1).fill(i);let u=i;for(let t=Math.floor((e.BITS-1)/c)*c;t>=0;t-=c){d.fill(i);for(let e=0;e<o;e++){const n=r[e],o=Number(n>>BigInt(t)&a);d[o]=d[o].add(f[e])}let e=i;for(let t=d.length-1,f=i;t>0;t--)f=f.add(d[t]),e=e.add(f);if(u=u.add(e),0!==t)for(let t=0;t<c;t++)u=u.double()}return u}function It(t,e,f){if(e){if(e.ORDER!==t)throw Error("Field.ORDER must match order: Fp == p, Fn == n");return function(t){V(t,ft.reduce(((t,e)=>(t[e]="function",t)),{ORDER:"bigint",MASK:"bigint",BYTES:"number",BITS:"number"}))}(e),e}return it(t,{isLE:f})}function St(t,e,f={},r){if(void 0===r&&(r="edwards"===t),!e||"object"!=typeof e)throw Error(`expected valid ${t} CURVE object`);for(const t of["p","n","h"]){const f=e[t];if(!("bigint"==typeof f&&f>ut))throw Error(`CURVE.${t} must be positive bigint`)}const n=It(e.p,f.Fp,r),o=It(e.n,f.Fn,r),i=["Gx","Gy","a","weierstrass"===t?"b":"d"];for(const t of i)if(!n.isValid(e[t]))throw Error(`CURVE.${t} must be valid field element of CURVE.Fp`);return{CURVE:e=Object.freeze(Object.assign({},e)),Fp:n,Fn:o}}
6
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ot=(t,e)=>(t+(t>=0?e:-e)/Kt)/e;function Rt(t){if(!["compact","recovered","der"].includes(t))throw Error('Signature format must be "compact", "recovered", or "der"');return t}function Ft(t,e){const f={};for(let r of Object.keys(e))f[r]=void 0===t[r]?e[r]:t[r];return x(f.lowS,"lowS"),x(f.prehash,"prehash"),void 0!==f.format&&Rt(f.format),f}const At={Err:class extends Error{constructor(t=""){super(t)}},_tlv:{encode:(t,e)=>{const{Err:f}=At;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(1&e.length)throw new f("tlv.encode: unpadded data");const r=e.length/2,n=I(r);if(n.length/2&128)throw new f("tlv.encode: long form length too big");const o=r>127?I(n.length/2|128):"";return I(t)+o+n+e},decode(t,e){const{Err:f}=At;let r=0;if(t<0||t>256)throw new f("tlv.encode: wrong tag");if(e.length<2||e[r++]!==t)throw new f("tlv.decode: wrong tlv");const n=e[r++];let o=0;if(!!(128&n)){const t=127&n;if(!t)throw new f("tlv.decode(long): indefinite length not supported");if(t>4)throw new f("tlv.decode(long): byte length is too big");const i=e.subarray(r,r+t);if(i.length!==t)throw new f("tlv.decode: length bytes not complete");if(0===i[0])throw new f("tlv.decode(long): zero leftmost byte");for(const t of i)o=o<<8|t;if(r+=t,o<128)throw new f("tlv.decode(long): not minimal encoding")}else o=n;const i=e.subarray(r,r+o);if(i.length!==o)throw new f("tlv.decode: wrong value length");return{v:i,l:e.subarray(r+o)}}},_int:{encode(t){const{Err:e}=At;if(t<qt)throw new e("integer: negative integers are not allowed");let f=I(t);if(8&Number.parseInt(f[0],16)&&(f="00"+f),1&f.length)throw new e("unexpected DER parsing assertion: unpadded hex");return f},decode(t){const{Err:e}=At;if(128&t[0])throw new e("invalid signature integer: negative");if(0===t[0]&&!(128&t[1]))throw new e("invalid signature integer: unnecessary leading zero");return O(t)}},toSig(t){const{Err:e,_int:f,_tlv:r}=At,n=q("signature",t),{v:o,l:i}=r.decode(48,n);if(i.length)throw new e("invalid signature: left bytes after parsing");const{v:s,l:c}=r.decode(2,o),{v:a,l:d}=r.decode(2,c);if(d.length)throw new e("invalid signature: left bytes after parsing");return{r:f.decode(s),s:f.decode(a)}},hexFromSig(t){const{_tlv:e,_int:f}=At,r=e.encode(2,f.encode(t.r))+e.encode(2,f.encode(t.s));return e.encode(48,r)}},qt=BigInt(0),Zt=BigInt(1),Kt=BigInt(2),Nt=BigInt(3),Pt=BigInt(4);function Ut(t,e){const{BYTES:f}=t;let r;if("bigint"==typeof e)r=e;else{let n=q("private key",e);try{r=t.fromBytes(n)}catch(t){throw Error(`invalid private key: expected ui8a of size ${f}, got ${typeof e}`)}}if(!t.isValidNot0(r))throw Error("invalid private key: out of range [1..N-1]");return r}function Vt(t,e={}){const r=St("weierstrass",t,e),{Fp:o,Fn:i}=r;let s=r.CURVE;const{h:c,n:a}=s;V(e,{},{allowInfinityPoint:"boolean",clearCofactor:"function",isTorsionFree:"function",fromBytes:"function",toBytes:"function",endo:"object",wrapPrivateKey:"boolean"});const{endo:d}=e;if(d&&(!o.is0(s.a)||"bigint"!=typeof d.beta||!Array.isArray(d.basises)))throw Error('invalid endo: expected "beta": bigint and "basises": array');const u=Ct(o,i);function l(){if(!o.isOdd)throw Error("compression is not supported: Field does not have .isOdd()")}const h=e.toBytes||function(t,e,f){const{x:r,y:i}=e.toAffine(),s=o.toBytes(r);if(x(f,"isCompressed"),f){l();const t=!o.isOdd(i);return n(Tt(t),s)}return n(Uint8Array.of(4),s,o.toBytes(i))},b=e.fromBytes||function(t){v(t,void 0,"Point");const{publicKey:e,publicKeyUncompressed:f}=u,r=t.length,n=t[0],i=t.subarray(1);if(r!==e||2!==n&&3!==n){if(r===f&&4===n){const t=o.BYTES,e=o.fromBytes(i.subarray(0,t)),f=o.fromBytes(i.subarray(t,2*t));if(!p(e,f))throw Error("bad point: is not on curve");return{x:e,y:f}}throw Error(`bad point: got length ${r}, expected compressed=${e} or uncompressed=${f}`)}{const t=o.fromBytes(i);if(!o.isValid(t))throw Error("bad point: is not on curve, wrong x");const e=g(t);let f;try{f=o.sqrt(e)}catch(t){const e=t instanceof Error?": "+t.message:"";throw Error("bad point: is not on curve, sqrt error"+e)}l();return!(1&~n)!==o.isOdd(f)&&(f=o.neg(f)),{x:t,y:f}}};function g(t){const e=o.sqr(t),f=o.mul(e,t);return o.add(o.add(f,o.mul(t,s.a)),s.b)}function p(t,e){const f=o.sqr(e),r=g(t);return o.eql(f,r)}if(!p(s.Gx,s.Gy))throw Error("bad curve params: generator point");const y=o.mul(o.pow(s.a,Nt),Pt),m=o.mul(o.sqr(s.b),BigInt(27));if(o.is0(o.add(y,m)))throw Error("bad curve params: a or b");function B(t,e,f=!1){if(!o.isValid(e)||f&&o.is0(e))throw Error("bad point coordinate "+t);return e}function w(t){if(!(t instanceof R))throw Error("ProjectivePoint expected")}function E(t){if(!d||!d.basises)throw Error("no endo");return function(t,e,f){const[[r,n],[o,i]]=e,s=Ot(i*t,f),c=Ot(-n*t,f);let a=t-s*r-c*o,d=-s*n-c*i;const u=a<qt,l=d<qt;u&&(a=-a),l&&(d=-d);const h=U(Math.ceil(P(f)/2))+Zt;if(a<qt||a>=h||d<qt||d>=h)throw Error("splitScalar (endomorphism): failed, k="+t);return{k1neg:u,k1:a,k2neg:l,k2:d}}(t,d.basises,i.ORDER)}const I=T(((t,e)=>{const{X:f,Y:r,Z:n}=t;if(o.eql(n,o.ONE))return{x:f,y:r};const i=t.is0();null==e&&(e=i?o.ONE:o.inv(n));const s=o.mul(f,e),c=o.mul(r,e),a=o.mul(n,e);if(i)return{x:o.ZERO,y:o.ZERO};if(!o.eql(a,o.ONE))throw Error("invZ was invalid");return{x:s,y:c}})),S=T((t=>{if(t.is0()){if(e.allowInfinityPoint&&!o.is0(t.Y))return;throw Error("bad point: ZERO")}const{x:f,y:r}=t.toAffine();if(!o.isValid(f)||!o.isValid(r))throw Error("bad point: x or y not field elements");if(!p(f,r))throw Error("bad point: equation left != right");if(!t.isTorsionFree())throw Error("bad point: not in prime-order subgroup");return!0}));function O(t,e,f,r,n){return f=new R(o.mul(f.X,t),f.Y,f.Z),e=ht(r,e),f=ht(n,f),e.add(f)}class R{constructor(t,e,f){this.X=B("x",t),this.Y=B("y",e,!0),this.Z=B("z",f),Object.freeze(this)}static CURVE(){return s}static fromAffine(t){const{x:e,y:f}=t||{};if(!t||!o.isValid(e)||!o.isValid(f))throw Error("invalid affine point");if(t instanceof R)throw Error("projective point not allowed");return o.is0(e)&&o.is0(f)?R.ZERO:new R(e,f,o.ONE)}static fromBytes(t){const e=R.fromAffine(b(v(t,void 0,"point")));return e.assertValidity(),e}static fromHex(t){return R.fromBytes(q("pointHex",t))}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return A.createCache(this,t),e||this.multiply(Nt),this}assertValidity(){S(this)}hasEvenY(){const{y:t}=this.toAffine();if(!o.isOdd)throw Error("Field doesn't support isOdd");return!o.isOdd(t)}equals(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:s}=t,c=o.eql(o.mul(e,s),o.mul(n,r)),a=o.eql(o.mul(f,s),o.mul(i,r));return c&&a}negate(){return new R(this.X,o.neg(this.Y),this.Z)}double(){const{a:t,b:e}=s,f=o.mul(e,Nt),{X:r,Y:n,Z:i}=this;let c=o.ZERO,a=o.ZERO,d=o.ZERO,u=o.mul(r,r),l=o.mul(n,n),h=o.mul(i,i),b=o.mul(r,n);return b=o.add(b,b),d=o.mul(r,i),d=o.add(d,d),c=o.mul(t,d),a=o.mul(f,h),a=o.add(c,a),c=o.sub(l,a),a=o.add(l,a),a=o.mul(c,a),c=o.mul(b,c),d=o.mul(f,d),h=o.mul(t,h),b=o.sub(u,h),b=o.mul(t,b),b=o.add(b,d),d=o.add(u,u),u=o.add(d,u),u=o.add(u,h),u=o.mul(u,b),a=o.add(a,u),h=o.mul(n,i),h=o.add(h,h),u=o.mul(h,b),c=o.sub(c,u),d=o.mul(h,l),d=o.add(d,d),d=o.add(d,d),new R(c,a,d)}add(t){w(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:i,Z:c}=t;let a=o.ZERO,d=o.ZERO,u=o.ZERO;const l=s.a,h=o.mul(s.b,Nt);let b=o.mul(e,n),g=o.mul(f,i),p=o.mul(r,c),y=o.add(e,f),m=o.add(n,i);y=o.mul(y,m),m=o.add(b,g),y=o.sub(y,m),m=o.add(e,r);let B=o.add(n,c);return m=o.mul(m,B),B=o.add(b,p),m=o.sub(m,B),B=o.add(f,r),a=o.add(i,c),B=o.mul(B,a),a=o.add(g,p),B=o.sub(B,a),u=o.mul(l,m),a=o.mul(h,p),u=o.add(a,u),a=o.sub(g,u),u=o.add(g,u),d=o.mul(a,u),g=o.add(b,b),g=o.add(g,b),p=o.mul(l,p),m=o.mul(h,m),g=o.add(g,p),p=o.sub(b,p),p=o.mul(l,p),m=o.add(m,p),b=o.mul(g,m),d=o.add(d,b),b=o.mul(B,m),a=o.mul(y,a),a=o.sub(a,b),b=o.mul(y,g),u=o.mul(B,u),u=o.add(u,b),new R(a,d,u)}subtract(t){return this.add(t.negate())}is0(){return this.equals(R.ZERO)}multiply(t){const{endo:f}=e;if(!i.isValidNot0(t))throw Error("invalid scalar: out of range");let r,n;const o=t=>A.cached(this,t,(t=>bt(R,t)));if(f){const{k1neg:e,k1:i,k2neg:s,k2:c}=E(t),{p:a,f:d}=o(i),{p:u,f:l}=o(c);n=d.add(l),r=O(f.beta,a,u,e,s)}else{const{p:e,f}=o(t);r=e,n=f}return bt(R,[r,n])[0]}multiplyUnsafe(t){const{endo:f}=e,r=this;if(!i.isValid(t))throw Error("invalid scalar: out of range");if(t===qt||r.is0())return R.ZERO;if(t===Zt)return r;if(A.hasCache(this))return this.multiply(t);if(f){const{k1neg:e,k1:n,k2neg:o,k2:i}=E(t),{p1:s,p2:c}=function(t,e,f,r){let n=e,o=t.ZERO,i=t.ZERO;for(;f>ut||r>ut;)f&lt&&(o=o.add(n)),r&lt&&(i=i.add(n)),n=n.double(),f>>=lt,r>>=lt;return{p1:o,p2:i}}(R,r,n,i);return O(f.beta,s,c,e,o)}return A.unsafe(r,t)}multiplyAndAddUnsafe(t,e,f){const r=this.multiplyUnsafe(e).add(t.multiplyUnsafe(f));return r.is0()?void 0:r}toAffine(t){return I(this,t)}isTorsionFree(){const{isTorsionFree:t}=e;return c===Zt||(t?t(R,this):A.unsafe(this,a).is0())}clearCofactor(){const{clearCofactor:t}=e;return c===Zt?this:t?t(R,this):this.multiplyUnsafe(c)}isSmallOrder(){return this.multiplyUnsafe(c).is0()}toBytes(t=!0){return x(t,"isCompressed"),this.assertValidity(),h(R,this,t)}toHex(t=!0){return f(this.toBytes(t))}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get px(){return this.X}get py(){return this.X}get pz(){return this.Z}toRawBytes(t=!0){return this.toBytes(t)}_setWindowSize(t){this.precompute(t)}static normalizeZ(t){return bt(R,t)}static msm(t,e){return vt(R,i,t,e)}static fromPrivateKey(t){return R.BASE.multiply(Ut(i,t))}}R.BASE=new R(s.Gx,s.Gy,o.ONE),R.ZERO=new R(o.ZERO,o.ONE,o.ZERO),R.Fp=o,R.Fn=i;const F=i.BITS,A=new xt(R,e.endo?Math.ceil(F/2):F);return R.BASE.precompute(8),R}function Tt(t){return Uint8Array.of(t?2:3)}function Ct(t,e){return{secretKey:e.BYTES,publicKey:1+t.BYTES,publicKeyUncompressed:1+2*t.BYTES,publicKeyHasPrefix:!0,signature:2*e.BYTES}}function kt(t,e={}){const{Fn:f}=t,r=e.randomBytes||u,n=Object.assign(Ct(t.Fp,f),{seed:ct(f.ORDER)});function o(t){try{return!!Ut(f,t)}catch(t){return!1}}function i(t=r(n.seed)){return function(t,e,f=!1){const r=t.length,n=st(e),o=ct(e);if(r<16||r<o||r>1024)throw Error("expected "+o+"-1024 bytes of input, got "+r);const i=X(f?R(t):O(t),e-k)+k;return f?A(i,n):F(i,n)}(v(t,n.seed,"seed"),f.ORDER)}function s(e,r=!0){return t.BASE.multiply(Ut(f,e)).toBytes(r)}function c(e){if("bigint"==typeof e)return!1;if(e instanceof t)return!0;const{secretKey:r,publicKey:o,publicKeyUncompressed:i}=n;if(f.allowedLengths||r===o)return;const s=q("key",e).length;return s===o||s===i}const a={isValidSecretKey:o,isValidPublicKey:function(e,f){const{publicKey:r,publicKeyUncompressed:o}=n;try{const n=e.length;return(!0!==f||n===r)&&((!1!==f||n===o)&&!!t.fromBytes(e))}catch(t){return!1}},randomSecretKey:i,isValidPrivateKey:o,randomPrivateKey:i,normPrivateKeyToScalar:t=>Ut(f,t),precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({getPublicKey:s,getSharedSecret:function(e,r,n=!0){if(!0===c(e))throw Error("first arg must be private key");if(!1===c(r))throw Error("second arg must be public key");const o=Ut(f,e);return t.fromHex(r).multiply(o).toBytes(n)},keygen:function(t){const e=i(t);return{secretKey:e,publicKey:s(e)}},Point:t,utils:a,lengths:n})}function jt(e,o,i={}){s(o),V(i,{},{hmac:"function",lowS:"boolean",randomBytes:"function",bits2int:"function",bits2int_modN:"function"});const c=i.randomBytes||u,a=i.hmac||((t,...e)=>dt(o,t,n(...e))),{Fp:d,Fn:l}=e,{ORDER:h,BITS:b}=l,{keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B}=kt(e,i),w={prehash:!1,lowS:"boolean"==typeof i.lowS&&i.lowS,format:void 0,extraEntropy:!1},E="compact";function x(t){return t>h>>Zt}function I(t,e){if(!l.isValidNot0(e))throw Error(`invalid signature ${t}: out of range 1..Point.Fn.ORDER`);return e}class S{constructor(t,e,f){this.r=I("r",t),this.s=I("s",e),null!=f&&(this.recovery=f),Object.freeze(this)}static fromBytes(t,e=E){let f;if(function(t,e){Rt(e);const f=B.signature;v(t,"compact"===e?f:"recovered"===e?f+1:void 0,e+" signature")}(t,e),"der"===e){const{r:e,s:f}=At.toSig(v(t));return new S(e,f)}"recovered"===e&&(f=t[0],e="compact",t=t.subarray(1));const r=l.BYTES,n=t.subarray(0,r),o=t.subarray(r,2*r);return new S(l.fromBytes(n),l.fromBytes(o),f)}static fromHex(e,f){return this.fromBytes(t(e),f)}addRecoveryBit(t){return new S(this.r,this.s,t)}recoverPublicKey(t){const f=d.ORDER,{r,s:o,recovery:i}=this;if(null==i||![0,1,2,3].includes(i))throw Error("recovery id invalid");if(h*Kt<f&&i>1)throw Error("recovery id is ambiguous for h>1 curve");const s=2===i||3===i?r+h:r;if(!d.isValid(s))throw Error("recovery id 2 or 3 invalid");const c=d.toBytes(s),a=e.fromBytes(n(Tt(!(1&i)),c)),u=l.inv(s),b=F(q("msgHash",t)),g=l.create(-b*u),p=l.create(o*u),y=e.BASE.multiplyUnsafe(g).add(a.multiplyUnsafe(p));if(y.is0())throw Error("point at infinify");return y.assertValidity(),y}hasHighS(){return x(this.s)}toBytes(e=E){if(Rt(e),"der"===e)return t(At.hexFromSig(this));const f=l.toBytes(this.r),r=l.toBytes(this.s);if("recovered"===e){if(null==this.recovery)throw Error("recovery bit must be present");return n(Uint8Array.of(this.recovery),f,r)}return n(f,r)}toHex(t){return f(this.toBytes(t))}assertValidity(){}static fromCompact(t){return S.fromBytes(q("sig",t),"compact")}static fromDER(t){return S.fromBytes(q("sig",t),"der")}normalizeS(){return this.hasHighS()?new S(this.r,l.neg(this.s),this.recovery):this}toDERRawBytes(){return this.toBytes("der")}toDERHex(){return f(this.toBytes("der"))}toCompactRawBytes(){return this.toBytes("compact")}toCompactHex(){return f(this.toBytes("compact"))}}const R=i.bits2int||function(t){if(t.length>8192)throw Error("input is too large");const e=O(t),f=8*t.length-b;return f>0?e>>BigInt(f):e},F=i.bits2int_modN||function(t){return l.create(R(t))},A=U(b);function Z(t){return N("num < 2^"+b,t,qt,A),l.toBytes(t)}function K(t,e){return v(t,void 0,"message"),e?v(o(t),void 0,"prehashed message"):t}return Object.freeze({keygen:g,getPublicKey:p,getSharedSecret:y,utils:m,lengths:B,Point:e,sign:function(t,f,r={}){t=q("message",t);const{seed:i,k2sig:s}=function(t,f,r){if(["recovered","canonical"].some((t=>t in r)))throw Error("sign() legacy options not supported");const{lowS:o,prehash:i,extraEntropy:s}=Ft(r,w);t=K(t,i);const a=F(t),d=Ut(l,f),u=[Z(d),Z(a)];if(null!=s&&!1!==s){const t=!0===s?c(B.secretKey):s;u.push(q("extraEntropy",t))}const h=n(...u),b=a;return{seed:h,k2sig:function(t){const f=R(t);if(!l.isValidNot0(f))return;const r=l.inv(f),n=e.BASE.multiply(f).toAffine(),i=l.create(n.x);if(i===qt)return;const s=l.create(r*l.create(b+i*d));if(s===qt)return;let c=(n.x===i?0:2)|Number(n.y&Zt),a=s;return o&&x(s)&&(a=l.neg(s),c^=1),new S(i,a,c)}}}(t,f,r);return function(t,e,f){if("number"!=typeof t||t<2)throw Error("hashLen must be a number");if("number"!=typeof e||e<2)throw Error("qByteLen must be a number");if("function"!=typeof f)throw Error("hmacFn must be a function");const r=t=>new Uint8Array(t),o=t=>Uint8Array.of(t);let i=r(t),s=r(t),c=0;const a=()=>{i.fill(1),s.fill(0),c=0},d=(...t)=>f(s,i,...t),u=(t=r(0))=>{s=d(o(0),t),i=d(),0!==t.length&&(s=d(o(1),t),i=d())},l=()=>{if(c++>=1e3)throw Error("drbg: tried 1000 values");let t=0;const f=[];for(;t<e;){i=d();const e=i.slice();f.push(e),t+=i.length}return n(...f)};return(t,e)=>{let f;for(a(),u(t);!(f=e(l()));)u();return a(),f}}(o.outputLen,l.BYTES,a)(i,s)},verify:function(t,f,n,o={}){const{lowS:i,prehash:s,format:c}=Ft(o,w);if(n=q("publicKey",n),f=K(q("message",f),s),"strict"in o)throw Error("options.strict was renamed to lowS");const a=void 0===c?function(t){let e;const f="string"==typeof t||r(t),n=!f&&null!==t&&"object"==typeof t&&"bigint"==typeof t.r&&"bigint"==typeof t.s;if(!f&&!n)throw Error("invalid signature, expected Uint8Array, hex string or Signature instance");if(n)e=new S(t.r,t.s);else if(f){try{e=S.fromBytes(q("sig",t),"der")}catch(t){if(!(t instanceof At.Err))throw t}if(!e)try{e=S.fromBytes(q("sig",t),"compact")}catch(t){return!1}}return e||!1}(t):S.fromBytes(q("sig",t),c);if(!1===a)return!1;try{const t=e.fromBytes(n);if(i&&a.hasHighS())return!1;const{r,s:o}=a,s=F(f),c=l.inv(o),d=l.create(s*c),u=l.create(r*c),h=e.BASE.multiplyUnsafe(d).add(t.multiplyUnsafe(u));if(h.is0())return!1;return l.create(h.x)===r}catch(t){return!1}},recoverPublicKey:function(t,e,f={}){const{prehash:r}=Ft(f,w);return e=K(e,r),S.fromBytes(t,"recovered").recoverPublicKey(e).toBytes()},Signature:S,hash:o})}function Lt(t){const{CURVE:e,curveOpts:f}=function(t){const e={a:t.a,b:t.b,p:t.Fp.ORDER,n:t.n,h:t.h,Gx:t.Gx,Gy:t.Gy},f=t.Fp;let r=t.allowedPrivateKeyLengths?Array.from(new Set(t.allowedPrivateKeyLengths.map((t=>Math.ceil(t/2))))):void 0;return{CURVE:e,curveOpts:{Fp:f,Fn:it(e.n,{BITS:t.nBitLength,allowedLengths:r,modFromBytes:t.wrapPrivateKey}),allowInfinityPoint:t.allowInfinityPoint,endo:t.endo,isTorsionFree:t.isTorsionFree,clearCofactor:t.clearCofactor,fromBytes:t.fromBytes,toBytes:t.toBytes}}}(t),r={hmac:t.hmac,randomBytes:t.randomBytes,lowS:t.lowS,bits2int:t.bits2int,bits2int_modN:t.bits2int_modN};return{CURVE:e,curveOpts:f,hash:t.hash,ecdsaOpts:r}}function Gt(t){const{CURVE:e,curveOpts:f,hash:r,ecdsaOpts:n}=Lt(t);return function(t,e){const f=e.Point;return Object.assign({},e,{ProjectivePoint:f,CURVE:Object.assign({},t,ot(f.Fn.ORDER,f.Fn.BITS))})}(t,jt(Vt(e,f),r,n))}
7
7
  /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function Ht(t,e){const f=e=>Gt({...t,hash:e});return{...f(e),create:f}}
8
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Yt={p:BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"),n:BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),h:BigInt(1),a:BigInt("0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc"),b:BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b"),Gx:BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),Gy:BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5")},zt={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"),n:BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),h:BigInt(1),a:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc"),b:BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef"),Gx:BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),Gy:BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f")},_t={p:BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"),n:BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),h:BigInt(1),a:BigInt("0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"),b:BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00"),Gx:BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),Gy:BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650")},Dt=it(Yt.p),Xt=it(zt.p),Mt=it(_t.p),$t=Ht({...Yt,Fp:Dt,lowS:!1},l),Wt=Ht({...zt,Fp:Xt,lowS:!1},h),Jt=Ht({..._t,Fp:Mt,lowS:!1,allowedPrivateKeyLengths:[130,131,132]},b),Qt=BigInt(0),te=BigInt(1),ee=BigInt(2),fe=BigInt(8);function re(t,e={}){const r=St("edwards",t,e,e.FpFnLE),{Fp:n,Fn:o}=r;let i=r.CURVE;const{h:s}=i;V(e,{},{uvRatio:"function"});const c=ee<<BigInt(8*o.BYTES)-te,a=t=>n.create(t),d=e.uvRatio||((t,e)=>{try{return{isValid:!0,value:n.sqrt(n.div(t,e))}}catch(t){return{isValid:!1,value:Qt}}});if(!function(t,e,f,r){const n=t.sqr(f),o=t.sqr(r),i=t.add(t.mul(e.a,n),o),s=t.add(t.ONE,t.mul(e.d,t.mul(n,o)));return t.eql(i,s)}(n,i,i.Gx,i.Gy))throw Error("bad curve params: generator point");function u(t,e,f=!1){return K("coordinate "+t,e,f?te:Qt,c),e}function l(t){if(!(t instanceof g))throw Error("ExtendedPoint expected")}const h=T(((t,e)=>{const{X:f,Y:r,Z:o}=t,i=t.is0();null==e&&(e=i?fe:n.inv(o));const s=a(f*e),c=a(r*e),d=n.mul(o,e);if(i)return{x:Qt,y:te};if(d!==te)throw Error("invZ was invalid");return{x:s,y:c}})),b=T((t=>{const{a:e,d:f}=i;if(t.is0())throw Error("bad point: ZERO");const{X:r,Y:n,Z:o,T:s}=t,c=a(r*r),d=a(n*n),u=a(o*o),l=a(u*u),h=a(c*e);if(a(u*a(h+d))!==a(l+a(f*a(c*d))))throw Error("bad point: equation left != right (1)");if(a(r*n)!==a(o*s))throw Error("bad point: equation left != right (2)");return!0}));class g{constructor(t,e,f,r){this.X=u("x",t),this.Y=u("y",e),this.Z=u("z",f,!0),this.T=u("t",r),Object.freeze(this)}static CURVE(){return i}static fromAffine(t){if(t instanceof g)throw Error("extended point not allowed");const{x:e,y:f}=t||{};return u("x",e),u("y",f),new g(e,f,te,a(e*f))}static fromBytes(t,e=!1){const f=n.BYTES,{a:r,d:o}=i;t=Z(v(t,f,"point")),x(e,"zip215");const s=Z(t),u=t[f-1];s[f-1]=-129&u;const l=R(s),h=e?c:n.ORDER;K("point.y",l,Qt,h);const b=a(l*l),p=a(b-te),y=a(o*b-r);let{isValid:m,value:B}=d(p,y);if(!m)throw Error("bad point: invalid y coordinate");const w=(B&te)===te,E=!!(128&u);if(!e&&B===Qt&&E)throw Error("bad point: x=0 and x_0=1");return E!==w&&(B=a(-B)),g.fromAffine({x:B,y:l})}static fromHex(t,e=!1){return g.fromBytes(q("point",t),e)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return p.createCache(this,t),e||this.multiply(ee),this}assertValidity(){b(this)}equals(t){l(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:o,Z:i}=t,s=a(e*i),c=a(n*r),d=a(f*i),u=a(o*r);return s===c&&d===u}is0(){return this.equals(g.ZERO)}negate(){return new g(a(-this.X),this.Y,this.Z,a(-this.T))}double(){const{a:t}=i,{X:e,Y:f,Z:r}=this,n=a(e*e),o=a(f*f),s=a(ee*a(r*r)),c=a(t*n),d=e+f,u=a(a(d*d)-n-o),l=c+o,h=l-s,b=c-o,p=a(u*h),y=a(l*b),m=a(u*b),B=a(h*l);return new g(p,y,B,m)}add(t){l(t);const{a:e,d:f}=i,{X:r,Y:n,Z:o,T:s}=this,{X:c,Y:d,Z:u,T:h}=t,b=a(r*c),p=a(n*d),y=a(s*f*h),m=a(o*u),B=a((r+n)*(c+d)-b-p),w=m-y,E=m+y,x=a(p-e*b),v=a(B*w),I=a(E*x),S=a(B*x),O=a(w*E);return new g(v,I,O,S)}subtract(t){return this.add(t.negate())}multiply(t){if(!o.isValidNot0(t))throw Error("invalid scalar: expected 1 <= sc < curve.n");const{p:e,f}=p.cached(this,t,(t=>bt(g,t)));return bt(g,[e,f])[0]}multiplyUnsafe(t,e=g.ZERO){if(!o.isValid(t))throw Error("invalid scalar: expected 0 <= sc < curve.n");return t===Qt?g.ZERO:this.is0()||t===te?this:p.unsafe(this,t,(t=>bt(g,t)),e)}isSmallOrder(){return this.multiplyUnsafe(s).is0()}isTorsionFree(){return p.unsafe(this,i.n).is0()}toAffine(t){return h(this,t)}clearCofactor(){return s===te?this:this.multiplyUnsafe(s)}toBytes(){const{x:t,y:e}=this.toAffine(),f=n.toBytes(e);return f[f.length-1]|=t&te?128:0,f}toHex(){return f(this.toBytes())}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get ex(){return this.X}get ey(){return this.Y}get ez(){return this.Z}get et(){return this.T}static normalizeZ(t){return bt(g,t)}static msm(t,e){return vt(g,o,t,e)}_setWindowSize(t){this.precompute(t)}toRawBytes(){return this.toBytes()}}g.BASE=new g(i.Gx,i.Gy,te,a(i.Gx*i.Gy)),g.ZERO=new g(Qt,te,te,Qt),g.Fp=n,g.Fn=o;const p=new xt(g,o.BITS);return g.BASE.precompute(8),g}function ne(t,e,f={}){if("function"!=typeof e)throw Error('"hash" function param is required');V(f,{},{adjustScalarBytes:"function",randomBytes:"function",domain:"function",prehash:"function",mapToCurve:"function"});const{prehash:o}=f,{BASE:i,Fp:s,Fn:c}=t,a=f.randomBytes||u,d=f.adjustScalarBytes||(t=>t),l=f.domain||((t,e,f)=>{if(x(f,"phflag"),e.length||f)throw Error("Contexts/pre-hash are not supported");return t});function h(t){return c.create(R(t))}function b(t){const{head:f,prefix:r,scalar:n}=function(t){const f=B.secretKey;t=q("private key",t,f);const r=q("hashed private key",e(t),2*f),n=d(r.slice(0,f));return{head:n,prefix:r.slice(f,2*f),scalar:h(n)}}(t),o=i.multiply(n),s=o.toBytes();return{head:f,prefix:r,scalar:n,point:o,pointBytes:s}}function g(t){return b(t).pointBytes}function p(t=Uint8Array.of(),...f){const r=n(...f);return h(e(l(r,q("context",t),!!o)))}const y={zip215:!0};const m=s.BYTES,B={secretKey:m,publicKey:m,signature:2*m,seed:m};function w(t=a(B.seed)){return v(t,B.seed,"seed")}const E={getExtendedPublicKey:b,randomSecretKey:w,isValidSecretKey:function(t){return r(t)&&t.length===c.BYTES},isValidPublicKey:function(e,f){try{return!!t.fromBytes(e,f)}catch(t){return!1}},toMontgomery(e){const{y:f}=t.fromBytes(e),r=B.publicKey,n=32===r;if(!n&&57!==r)throw Error("only defined for 25519 and 448");const o=n?s.div(te+f,te-f):s.div(f-te,f+te);return s.toBytes(o)},toMontgomeryPriv(t){const f=B.secretKey;v(t,f);const r=e(t.subarray(0,f));return d(r).subarray(0,f)},randomPrivateKey:w,precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({keygen:function(t){const e=E.randomSecretKey(t);return{secretKey:e,publicKey:g(e)}},getPublicKey:g,sign:function(t,e,f={}){t=q("message",t),o&&(t=o(t));const{prefix:r,scalar:s,pointBytes:a}=b(e),d=p(f.context,r,t),u=i.multiply(d).toBytes(),l=p(f.context,u,a,t),h=c.create(d+l*s);if(!c.isValid(h))throw Error("sign failed: invalid s");return v(n(u,c.toBytes(h)),B.signature,"result")},verify:function(e,f,r,n=y){const{context:s,zip215:c}=n,a=B.signature;e=q("signature",e,a),f=q("message",f),r=q("publicKey",r,B.publicKey),void 0!==c&&x(c,"zip215"),o&&(f=o(f));const d=a/2,u=e.subarray(0,d),l=R(e.subarray(d,a));let h,b,g;try{h=t.fromBytes(r,c),b=t.fromBytes(u,c),g=i.multiplyUnsafe(l)}catch(t){return!1}if(!c&&h.isSmallOrder())return!1;const m=p(s,b.toBytes(),h.toBytes(),f);return b.add(h.multiplyUnsafe(m)).subtract(g).clearCofactor().is0()},utils:E,Point:t,lengths:B})}
8
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Yt={p:BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff"),n:BigInt("0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"),h:BigInt(1),a:BigInt("0xffffffff00000001000000000000000000000000fffffffffffffffffffffffc"),b:BigInt("0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b"),Gx:BigInt("0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"),Gy:BigInt("0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5")},zt={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff"),n:BigInt("0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973"),h:BigInt(1),a:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc"),b:BigInt("0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef"),Gx:BigInt("0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7"),Gy:BigInt("0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f")},_t={p:BigInt("0x1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"),n:BigInt("0x01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409"),h:BigInt(1),a:BigInt("0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc"),b:BigInt("0x0051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00"),Gx:BigInt("0x00c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66"),Gy:BigInt("0x011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650")},Dt=it(Yt.p),Xt=it(zt.p),Mt=it(_t.p),$t=Ht({...Yt,Fp:Dt,lowS:!1},l),Wt=Ht({...zt,Fp:Xt,lowS:!1},h),Jt=Ht({..._t,Fp:Mt,lowS:!1,allowedPrivateKeyLengths:[130,131,132]},b),Qt=BigInt(0),te=BigInt(1),ee=BigInt(2),fe=BigInt(8);function re(t,e={}){const r=St("edwards",t,e,e.FpFnLE),{Fp:n,Fn:o}=r;let i=r.CURVE;const{h:s}=i;V(e,{},{uvRatio:"function"});const c=ee<<BigInt(8*o.BYTES)-te,a=t=>n.create(t),d=e.uvRatio||((t,e)=>{try{return{isValid:!0,value:n.sqrt(n.div(t,e))}}catch(t){return{isValid:!1,value:Qt}}});if(!function(t,e,f,r){const n=t.sqr(f),o=t.sqr(r),i=t.add(t.mul(e.a,n),o),s=t.add(t.ONE,t.mul(e.d,t.mul(n,o)));return t.eql(i,s)}(n,i,i.Gx,i.Gy))throw Error("bad curve params: generator point");function u(t,e,f=!1){return N("coordinate "+t,e,f?te:Qt,c),e}function l(t){if(!(t instanceof g))throw Error("ExtendedPoint expected")}const h=T(((t,e)=>{const{X:f,Y:r,Z:o}=t,i=t.is0();null==e&&(e=i?fe:n.inv(o));const s=a(f*e),c=a(r*e),d=n.mul(o,e);if(i)return{x:Qt,y:te};if(d!==te)throw Error("invZ was invalid");return{x:s,y:c}})),b=T((t=>{const{a:e,d:f}=i;if(t.is0())throw Error("bad point: ZERO");const{X:r,Y:n,Z:o,T:s}=t,c=a(r*r),d=a(n*n),u=a(o*o),l=a(u*u),h=a(c*e);if(a(u*a(h+d))!==a(l+a(f*a(c*d))))throw Error("bad point: equation left != right (1)");if(a(r*n)!==a(o*s))throw Error("bad point: equation left != right (2)");return!0}));class g{constructor(t,e,f,r){this.X=u("x",t),this.Y=u("y",e),this.Z=u("z",f,!0),this.T=u("t",r),Object.freeze(this)}static CURVE(){return i}static fromAffine(t){if(t instanceof g)throw Error("extended point not allowed");const{x:e,y:f}=t||{};return u("x",e),u("y",f),new g(e,f,te,a(e*f))}static fromBytes(t,e=!1){const f=n.BYTES,{a:r,d:o}=i;t=Z(v(t,f,"point")),x(e,"zip215");const s=Z(t),u=t[f-1];s[f-1]=-129&u;const l=R(s),h=e?c:n.ORDER;N("point.y",l,Qt,h);const b=a(l*l),p=a(b-te),y=a(o*b-r);let{isValid:m,value:B}=d(p,y);if(!m)throw Error("bad point: invalid y coordinate");const w=(B&te)===te,E=!!(128&u);if(!e&&B===Qt&&E)throw Error("bad point: x=0 and x_0=1");return E!==w&&(B=a(-B)),g.fromAffine({x:B,y:l})}static fromHex(t,e=!1){return g.fromBytes(q("point",t),e)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}precompute(t=8,e=!0){return p.createCache(this,t),e||this.multiply(ee),this}assertValidity(){b(this)}equals(t){l(t);const{X:e,Y:f,Z:r}=this,{X:n,Y:o,Z:i}=t,s=a(e*i),c=a(n*r),d=a(f*i),u=a(o*r);return s===c&&d===u}is0(){return this.equals(g.ZERO)}negate(){return new g(a(-this.X),this.Y,this.Z,a(-this.T))}double(){const{a:t}=i,{X:e,Y:f,Z:r}=this,n=a(e*e),o=a(f*f),s=a(ee*a(r*r)),c=a(t*n),d=e+f,u=a(a(d*d)-n-o),l=c+o,h=l-s,b=c-o,p=a(u*h),y=a(l*b),m=a(u*b),B=a(h*l);return new g(p,y,B,m)}add(t){l(t);const{a:e,d:f}=i,{X:r,Y:n,Z:o,T:s}=this,{X:c,Y:d,Z:u,T:h}=t,b=a(r*c),p=a(n*d),y=a(s*f*h),m=a(o*u),B=a((r+n)*(c+d)-b-p),w=m-y,E=m+y,x=a(p-e*b),v=a(B*w),I=a(E*x),S=a(B*x),O=a(w*E);return new g(v,I,O,S)}subtract(t){return this.add(t.negate())}multiply(t){if(!o.isValidNot0(t))throw Error("invalid scalar: expected 1 <= sc < curve.n");const{p:e,f}=p.cached(this,t,(t=>bt(g,t)));return bt(g,[e,f])[0]}multiplyUnsafe(t,e=g.ZERO){if(!o.isValid(t))throw Error("invalid scalar: expected 0 <= sc < curve.n");return t===Qt?g.ZERO:this.is0()||t===te?this:p.unsafe(this,t,(t=>bt(g,t)),e)}isSmallOrder(){return this.multiplyUnsafe(s).is0()}isTorsionFree(){return p.unsafe(this,i.n).is0()}toAffine(t){return h(this,t)}clearCofactor(){return s===te?this:this.multiplyUnsafe(s)}toBytes(){const{x:t,y:e}=this.toAffine(),f=n.toBytes(e);return f[f.length-1]|=t&te?128:0,f}toHex(){return f(this.toBytes())}toString(){return`<Point ${this.is0()?"ZERO":this.toHex()}>`}get ex(){return this.X}get ey(){return this.Y}get ez(){return this.Z}get et(){return this.T}static normalizeZ(t){return bt(g,t)}static msm(t,e){return vt(g,o,t,e)}_setWindowSize(t){this.precompute(t)}toRawBytes(){return this.toBytes()}}g.BASE=new g(i.Gx,i.Gy,te,a(i.Gx*i.Gy)),g.ZERO=new g(Qt,te,te,Qt),g.Fp=n,g.Fn=o;const p=new xt(g,o.BITS);return g.BASE.precompute(8),g}function ne(t,e,f={}){if("function"!=typeof e)throw Error('"hash" function param is required');V(f,{},{adjustScalarBytes:"function",randomBytes:"function",domain:"function",prehash:"function",mapToCurve:"function"});const{prehash:o}=f,{BASE:i,Fp:s,Fn:c}=t,a=f.randomBytes||u,d=f.adjustScalarBytes||(t=>t),l=f.domain||((t,e,f)=>{if(x(f,"phflag"),e.length||f)throw Error("Contexts/pre-hash are not supported");return t});function h(t){return c.create(R(t))}function b(t){const{head:f,prefix:r,scalar:n}=function(t){const f=B.secretKey;t=q("private key",t,f);const r=q("hashed private key",e(t),2*f),n=d(r.slice(0,f));return{head:n,prefix:r.slice(f,2*f),scalar:h(n)}}(t),o=i.multiply(n),s=o.toBytes();return{head:f,prefix:r,scalar:n,point:o,pointBytes:s}}function g(t){return b(t).pointBytes}function p(t=Uint8Array.of(),...f){const r=n(...f);return h(e(l(r,q("context",t),!!o)))}const y={zip215:!0};const m=s.BYTES,B={secretKey:m,publicKey:m,signature:2*m,seed:m};function w(t=a(B.seed)){return v(t,B.seed,"seed")}const E={getExtendedPublicKey:b,randomSecretKey:w,isValidSecretKey:function(t){return r(t)&&t.length===c.BYTES},isValidPublicKey:function(e,f){try{return!!t.fromBytes(e,f)}catch(t){return!1}},toMontgomery(e){const{y:f}=t.fromBytes(e),r=B.publicKey,n=32===r;if(!n&&57!==r)throw Error("only defined for 25519 and 448");const o=n?s.div(te+f,te-f):s.div(f-te,f+te);return s.toBytes(o)},toMontgomerySecret(t){const f=B.secretKey;v(t,f);const r=e(t.subarray(0,f));return d(r).subarray(0,f)},randomPrivateKey:w,precompute:(e=8,f=t.BASE)=>f.precompute(e,!1)};return Object.freeze({keygen:function(t){const e=E.randomSecretKey(t);return{secretKey:e,publicKey:g(e)}},getPublicKey:g,sign:function(t,e,f={}){t=q("message",t),o&&(t=o(t));const{prefix:r,scalar:s,pointBytes:a}=b(e),d=p(f.context,r,t),u=i.multiply(d).toBytes(),l=p(f.context,u,a,t),h=c.create(d+l*s);if(!c.isValid(h))throw Error("sign failed: invalid s");return v(n(u,c.toBytes(h)),B.signature,"result")},verify:function(e,f,r,n=y){const{context:s,zip215:c}=n,a=B.signature;e=q("signature",e,a),f=q("message",f),r=q("publicKey",r,B.publicKey),void 0!==c&&x(c,"zip215"),o&&(f=o(f));const d=a/2,u=e.subarray(0,d),l=R(e.subarray(d,a));let h,b,g;try{h=t.fromBytes(r,c),b=t.fromBytes(u,c),g=i.multiplyUnsafe(l)}catch(t){return!1}if(!c&&h.isSmallOrder())return!1;const m=p(s,b.toBytes(),h.toBytes(),f);return b.add(h.multiplyUnsafe(m)).subtract(g).clearCofactor().is0()},utils:E,Point:t,lengths:B})}
9
9
  /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
10
- const oe=BigInt(0),ie=BigInt(1),se=BigInt(2);function ce(t){const f=(V(r=t,{adjustScalarBytes:"function",powPminus2:"function"}),Object.freeze({...r}));var r;const{P:n,type:o,adjustScalarBytes:i,powPminus2:s,randomBytes:c}=f,a="x25519"===o;if(!a&&"x448"!==o)throw Error("invalid type");const d=c||u,l=a?255:448,h=a?32:56,b=a?BigInt(9):BigInt(5),g=a?BigInt(121665):BigInt(39081),p=a?se**BigInt(254):se**BigInt(447),y=a?BigInt(8)*se**BigInt(251)-ie:BigInt(4)*se**BigInt(445)-ie,m=p+y+ie,B=t=>X(t,n),w=E(b);function E(t){return A(B(t),h)}function x(t,e){const f=function(t,e){K("u",t,oe,n),K("scalar",e,p,m);const f=e,r=t;let o=ie,i=oe,c=t,a=ie,d=oe;for(let t=BigInt(l-1);t>=oe;t--){const e=f>>t&ie;d^=e,({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a)),d=e;const n=o+i,s=B(n*n),u=o-i,l=B(u*u),h=s-l,b=c+a,p=B((c-a)*n),y=B(b*u),m=p+y,w=p-y;c=B(m*m),a=B(r*B(w*w)),o=B(s*l),i=B(h*(s+B(g*h)))}({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a));const u=s(i);return B(o*u)}(function(t){const e=q("u coordinate",t,h);return a&&(e[31]&=127),B(R(e))}(e),function(t){return R(i(q("scalar",t,h)))}(t));if(f===oe)throw Error("invalid private or public key received");return E(f)}function v(t){return x(t,w)}function I(t,e,f){const r=B(t*(e-f));return{x_2:e=B(e-r),x_3:f=B(f+r)}}const S={secretKey:h,publicKey:h,seed:h},O=(t=d(h))=>(e(t,S.seed),t);return{keygen:function(t){const e=O(t);return{secretKey:e,publicKey:v(e)}},getSharedSecret:(t,e)=>x(t,e),getPublicKey:t=>v(t),scalarMult:x,scalarMultBase:v,utils:{randomSecretKey:O,randomPrivateKey:O},GuBytes:w.slice(),lengths:S}}
10
+ const oe=BigInt(0),ie=BigInt(1),se=BigInt(2);function ce(t){const f=(V(r=t,{adjustScalarBytes:"function",powPminus2:"function"}),Object.freeze({...r}));var r;const{P:n,type:o,adjustScalarBytes:i,powPminus2:s,randomBytes:c}=f,a="x25519"===o;if(!a&&"x448"!==o)throw Error("invalid type");const d=c||u,l=a?255:448,h=a?32:56,b=a?BigInt(9):BigInt(5),g=a?BigInt(121665):BigInt(39081),p=a?se**BigInt(254):se**BigInt(447),y=a?BigInt(8)*se**BigInt(251)-ie:BigInt(4)*se**BigInt(445)-ie,m=p+y+ie,B=t=>X(t,n),w=E(b);function E(t){return A(B(t),h)}function x(t,e){const f=function(t,e){N("u",t,oe,n),N("scalar",e,p,m);const f=e,r=t;let o=ie,i=oe,c=t,a=ie,d=oe;for(let t=BigInt(l-1);t>=oe;t--){const e=f>>t&ie;d^=e,({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a)),d=e;const n=o+i,s=B(n*n),u=o-i,l=B(u*u),h=s-l,b=c+a,p=B((c-a)*n),y=B(b*u),m=p+y,w=p-y;c=B(m*m),a=B(r*B(w*w)),o=B(s*l),i=B(h*(s+B(g*h)))}({x_2:o,x_3:c}=I(d,o,c)),({x_2:i,x_3:a}=I(d,i,a));const u=s(i);return B(o*u)}(function(t){const e=q("u coordinate",t,h);return a&&(e[31]&=127),B(R(e))}(e),function(t){return R(i(q("scalar",t,h)))}(t));if(f===oe)throw Error("invalid private or public key received");return E(f)}function v(t){return x(t,w)}function I(t,e,f){const r=B(t*(e-f));return{x_2:e=B(e-r),x_3:f=B(f+r)}}const S={secretKey:h,publicKey:h,seed:h},O=(t=d(h))=>(e(t,S.seed),t);return{keygen:function(t){const e=O(t);return{secretKey:e,publicKey:v(e)}},getSharedSecret:(t,e)=>x(t,e),getPublicKey:t=>v(t),scalarMult:x,scalarMultBase:v,utils:{randomSecretKey:O,randomPrivateKey:O},GuBytes:w.slice(),lengths:S}}
11
11
  /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const ae={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffff"),n:BigInt("0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3"),h:BigInt(4),a:BigInt(1),d:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff6756"),Gx:BigInt("0x4f1970c66bed0ded221d15a622bf36da9e146570470f1767ea6de324a3d3a46412ae1af72ab66511433b80e18b00938e2626a82bc70cc05e"),Gy:BigInt("0x693f46716eb6bc248876203756c9c7624bea73736ca3984087789c1e05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14")},de=Object.assign({},ae,{d:BigInt("0xd78b4bdc7f0daf19f24f38c29373a2ccad46157242a50f37809b1da3412a12e79ccc9c81264cfe9ad080997058fb61c4243cc32dbaa156b9"),Gx:BigInt("0x79a70b2b70400553ae7c9df416c792c61128751ac92969240c25a07d728bdc93e21f7787ed6972249de732f38496cd11698713093e9c04fc"),Gy:BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000000000000000000000000000000000000000000000000001")}),ue=/* @__PURE__ */g((()=>p.create({dkLen:114}))),le=BigInt(1),he=BigInt(2),be=BigInt(3);BigInt(4);const ge=BigInt(11),pe=BigInt(22),ye=BigInt(44),me=BigInt(88),Be=BigInt(223);function we(t){const e=ae.p,f=t*t*t%e,r=f*f*t%e,n=M(r,be,e)*r%e,o=M(n,be,e)*r%e,i=M(o,he,e)*f%e,s=M(i,ge,e)*i%e,c=M(s,pe,e)*s%e,a=M(c,ye,e)*c%e,d=M(a,me,e)*a%e,u=M(d,ye,e)*c%e,l=M(u,he,e)*f%e,h=M(l,le,e)*t%e;return M(h,Be,e)*l%e}function Ee(t){return t[0]&=252,t[55]|=128,t[56]=0,t}function xe(t,e){const f=ae.p,r=X(t*t*e,f),n=X(r*t,f),o=X(n*r*e,f),i=X(n*we(o),f),s=X(i*i,f);return{isValid:X(s*e,f)===t,value:i}}const ve=/* @__PURE__ */(()=>it(ae.p,{BITS:456,isLE:!0}))(),Ie=/* @__PURE__ */(()=>it(ae.n,{BITS:456,isLE:!0}))();function Se(t,e,f){if(e.length>255)throw Error("context must be smaller than 255, got: "+e.length);return n((r="SigEd448",Uint8Array.from(r,((t,e)=>{const f=t.charCodeAt(0);if(1!==t.length||f>127)throw Error(`string contains non-ASCII character "${r[e]}" with code ${f} at position ${e}`);return f}))),new Uint8Array([f?1:0,e.length]),e,t);var r}const Oe=function(t){const{CURVE:e,curveOpts:f,hash:r,eddsaOpts:n}=function(t){const e={a:t.a,d:t.d,p:t.Fp.ORDER,n:t.n,h:t.h,Gx:t.Gx,Gy:t.Gy},f={Fp:t.Fp,Fn:it(e.n,t.nBitLength,!0),uvRatio:t.uvRatio},r={randomBytes:t.randomBytes,adjustScalarBytes:t.adjustScalarBytes,domain:t.domain,prehash:t.prehash,mapToCurve:t.mapToCurve};return{CURVE:e,curveOpts:f,hash:t.hash,eddsaOpts:r}}(t);return function(t,e){const f=e.Point;return Object.assign({},e,{ExtendedPoint:f,CURVE:t,nBitLength:f.Fn.BITS,nByteLength:f.Fn.BYTES})}(t,ne(re(e,f),r,n))}(/* @__PURE__ */(()=>({...ae,Fp:ve,Fn:Ie,nBitLength:Ie.BITS,hash:ue,adjustScalarBytes:Ee,domain:Se,uvRatio:xe}))());re(de);const Re=/* @__PURE__ */(()=>{const t=ae.p;return ce({P:t,type:"x448",powPminus2:e=>X(M(we(e),he,t)*e,t),adjustScalarBytes:Ee})})(),Fe={p:BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),n:BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),h:BigInt(1),a:BigInt(0),b:BigInt(7),Gx:BigInt("0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"),Gy:BigInt("0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8")},Ae={beta:BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),basises:[[BigInt("0x3086d221a7d46bcde86c90e49284eb15"),-BigInt("0xe4437ed6010e88286f547fa90abfe4c3")],[BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"),BigInt("0x3086d221a7d46bcde86c90e49284eb15")]]},qe=/* @__PURE__ */BigInt(2);
12
- /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ze=it(Fe.p,{sqrt:function(t){const e=Fe.p,f=BigInt(3),r=BigInt(6),n=BigInt(11),o=BigInt(22),i=BigInt(23),s=BigInt(44),c=BigInt(88),a=t*t*t%e,d=a*a*t%e,u=M(d,f,e)*d%e,l=M(u,f,e)*d%e,h=M(l,qe,e)*a%e,b=M(h,n,e)*h%e,g=M(b,o,e)*b%e,p=M(g,s,e)*g%e,y=M(p,c,e)*p%e,m=M(y,s,e)*g%e,B=M(m,f,e)*d%e,w=M(B,i,e)*b%e,E=M(w,r,e)*a%e,x=M(E,qe,e);if(!Ze.eql(Ze.sqr(x),t))throw Error("Cannot find square root");return x}}),Pe=Ht({...Fe,Fp:Ze,lowS:!0,endo:Ae},l),Ke=it(BigInt("0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377")),Ne=Ht({a:Ke.create(BigInt("0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9")),b:BigInt("0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6"),Fp:Ke,n:BigInt("0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7"),Gx:BigInt("0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262"),Gy:BigInt("0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997"),h:BigInt(1),lowS:!1},y),Ue=it(BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53")),Ve=Ht({a:Ue.create(BigInt("0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826")),b:BigInt("0x04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11"),Fp:Ue,n:BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565"),Gx:BigInt("0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e"),Gy:BigInt("0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315"),h:BigInt(1),lowS:!1},m),Te=it(BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3")),Ce=Ht({a:Te.create(BigInt("0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca")),b:BigInt("0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723"),Fp:Te,n:BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069"),Gx:BigInt("0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822"),Gy:BigInt("0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892"),h:BigInt(1),lowS:!1},B),ke=new Map(Object.entries({nistP256:$t,nistP384:Wt,nistP521:Jt,brainpoolP256r1:Ne,brainpoolP384r1:Ve,brainpoolP512r1:Ce,secp256k1:Pe,x448:Re,ed448:Oe}));export{ke as nobleCurves};
12
+ /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ze=it(Fe.p,{sqrt:function(t){const e=Fe.p,f=BigInt(3),r=BigInt(6),n=BigInt(11),o=BigInt(22),i=BigInt(23),s=BigInt(44),c=BigInt(88),a=t*t*t%e,d=a*a*t%e,u=M(d,f,e)*d%e,l=M(u,f,e)*d%e,h=M(l,qe,e)*a%e,b=M(h,n,e)*h%e,g=M(b,o,e)*b%e,p=M(g,s,e)*g%e,y=M(p,c,e)*p%e,m=M(y,s,e)*g%e,B=M(m,f,e)*d%e,w=M(B,i,e)*b%e,E=M(w,r,e)*a%e,x=M(E,qe,e);if(!Ze.eql(Ze.sqr(x),t))throw Error("Cannot find square root");return x}}),Ke=Ht({...Fe,Fp:Ze,lowS:!0,endo:Ae},l),Ne=it(BigInt("0xa9fb57dba1eea9bc3e660a909d838d726e3bf623d52620282013481d1f6e5377")),Pe=Ht({a:Ne.create(BigInt("0x7d5a0975fc2c3057eef67530417affe7fb8055c126dc5c6ce94a4b44f330b5d9")),b:BigInt("0x26dc5c6ce94a4b44f330b5d9bbd77cbf958416295cf7e1ce6bccdc18ff8c07b6"),Fp:Ne,n:BigInt("0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7"),Gx:BigInt("0x8bd2aeb9cb7e57cb2c4b482ffc81b7afb9de27e1e3bd23c23a4453bd9ace3262"),Gy:BigInt("0x547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997"),h:BigInt(1),lowS:!1},y),Ue=it(BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b412b1da197fb71123acd3a729901d1a71874700133107ec53")),Ve=Ht({a:Ue.create(BigInt("0x7bc382c63d8c150c3c72080ace05afa0c2bea28e4fb22787139165efba91f90f8aa5814a503ad4eb04a8c7dd22ce2826")),b:BigInt("0x04a8c7dd22ce28268b39b55416f0447c2fb77de107dcd2a62e880ea53eeb62d57cb4390295dbc9943ab78696fa504c11"),Fp:Ue,n:BigInt("0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565"),Gx:BigInt("0x1d1c64f068cf45ffa2a63a81b7c13f6b8847a3e77ef14fe3db7fcafe0cbd10e8e826e03436d646aaef87b2e247d4af1e"),Gy:BigInt("0x8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315"),h:BigInt(1),lowS:!1},m),Te=it(BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca703308717d4d9b009bc66842aecda12ae6a380e62881ff2f2d82c68528aa6056583a48f3")),Ce=Ht({a:Te.create(BigInt("0x7830a3318b603b89e2327145ac234cc594cbdd8d3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94ca")),b:BigInt("0x3df91610a83441caea9863bc2ded5d5aa8253aa10a2ef1c98b9ac8b57f1117a72bf2c7b9e7c1ac4d77fc94cadc083e67984050b75ebae5dd2809bd638016f723"),Fp:Te,n:BigInt("0xaadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069"),Gx:BigInt("0x81aee4bdd82ed9645a21322e9c4c6a9385ed9f70b5d916c1b43b62eef4d0098eff3b1f78e2d0d48d50d1687b93b97d5f7c6d5047406a5e688b352209bcb9f822"),Gy:BigInt("0x7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892"),h:BigInt(1),lowS:!1},B),ke=new Map(Object.entries({nistP256:$t,nistP384:Wt,nistP521:Jt,brainpoolP256r1:Pe,brainpoolP384r1:Ve,brainpoolP512r1:Ce,secp256k1:Ke,x448:Re,ed448:Oe}));export{ke as nobleCurves};
13
13
  //# sourceMappingURL=noble_curves.min.mjs.map