@stryke/crypto 0.5.44 → 0.6.1

package/dist/cloudflare.cjs

@@ -0,0 +1,960 @@
+
+//#region ../json/src/canonical.ts
+/**
+* Converts a JavaScript value to a canonical JSON string representation. This function is used for signing JSON objects in a consistent way, ensuring that the same input will always produce the same output string. The canonicalization process includes:
+* - Sorting object keys in lexicographical order.
+* - Removing whitespace and line breaks.
+* - Representing primitive values (null, boolean, number, string) in their standard JSON format.
+* - Recursively applying these rules to nested objects and arrays.
+*
+* This function is designed to produce a deterministic string representation of a JSON value, which is essential for cryptographic signing and verification processes where the exact byte representation of the data must be consistent across different environments and implementations.
+*
+* @param obj - The JavaScript value to convert to a canonical JSON string.
+* @returns A canonical JSON string representation of the input value.
+*/
+function canonicalJson(obj) {
+	if (obj === null || obj === void 0) return "null";
+	if (typeof obj === "boolean" || typeof obj === "number") return JSON.stringify(obj);
+	if (typeof obj === "string") return JSON.stringify(obj);
+	if (Array.isArray(obj)) return `[${obj.map((item) => canonicalJson(item)).join(",")}]`;
+	if (typeof obj === "object") return `{${Object.keys(obj).sort().map((key) => {
+		const value = canonicalJson(obj[key]);
+		return `${JSON.stringify(key)}:${value}`;
+	}).join(",")}}`;
+	return "null";
+}
+
+//#endregion
+//#region ../convert/src/array-buffer-to-string.ts
+/**
+* Convert an ArrayBuffer or Uint8Array to a string
+*
+* @param buffer - The ArrayBuffer or Uint8Array to convert
+* @returns The converted string
+*/
+function arrayBufferToString(buffer) {
+	const bytes = buffer instanceof Uint8Array ? buffer : new Uint8Array(buffer);
+	const len = bytes.byteLength;
+	if (len < 65535) return String.fromCharCode.apply(null, bytes);
+	let binary = "";
+	for (let i = 0; i < len; i++) binary += String.fromCharCode(bytes[i]);
+	return binary;
+}
+
+//#endregion
+//#region ../type-checks/src/is-undefined.ts
+const isUndefined = (value) => {
+	return value === void 0;
+};
+
+//#endregion
+//#region ../type-checks/src/is-buffer.ts
+const isBufferExists = typeof Buffer !== "undefined";
+/**
+* Check if the provided value's type is `Buffer`
+*/
+const isBuffer = isBufferExists ? Buffer.isBuffer.bind(Buffer) : function isBuffer$1(value) {
+	return false;
+};
+
+//#endregion
+//#region ../type-checks/src/type-detect.ts
+const globalObject = ((Obj) => {
+	if (typeof globalThis === "object") return globalThis;
+	Object.defineProperty(Obj, "typeDetectGlobalObject", {
+		get() {
+			return this;
+		},
+		configurable: true
+	});
+	return globalThis;
+})(Object.prototype);
+
+//#endregion
+//#region ../type-checks/src/is-string.ts
+const isString = (value) => {
+	try {
+		return typeof value === "string";
+	} catch {
+		return false;
+	}
+};
+
+//#endregion
+//#region ../convert/src/string-to-uint8-array.ts
+/**
+* Convert a string to Uint8Array
+*
+* @param text - The text to convert
+* @returns The converted Uint8Array
+*/
+function stringToUint8Array(text) {
+	return Uint8Array.from([...encodeURIComponent(text)].map((letter) => letter.codePointAt(0)));
+}
+/**
+* Convert a base64 string to a Uint8Array
+*
+* @param data - The base64 string to convert
+* @returns The converted Uint8Array
+*/
+function base64StringToUint8Array(data) {
+	return stringToUint8Array(atob(data));
+}
+
+//#endregion
+//#region ../convert/src/string-to-utf8-array.ts
+const encoder = new TextEncoder();
+/**
+* Convert a string to a utf-8 array
+*
+* @param input - The string to convert
+* @returns The converted utf-8 array
+*/
+function stringToUtf8Array(input) {
+	return encoder.encode(input);
+}
+
+//#endregion
+//#region ../convert/src/uint8-array-to-stream.ts
+/**
+* Concatenate an array of Uint8Array chunks into a single Uint8Array
+*
+* @param chunks - Array of Uint8Array chunks to concatenate
+* @returns The concatenated Uint8Array
+*/
+function concatUint8Array(chunks) {
+	let total = 0;
+	for (const chunk of chunks) total += chunk.length;
+	const result = new Uint8Array(total);
+	let offset = 0;
+	for (const chunk of chunks) {
+		result.set(chunk, offset);
+		offset += chunk.length;
+	}
+	return result;
+}
+
+//#endregion
+//#region ../convert/src/uint8-array-to-string.ts
+/**
+* Convert a Uint8Array to a base64 string
+*
+* @param buffer - The Uint8Array to convert
+* @returns The converted base64 string
+*/
+function uint8ArrayToString(buffer) {
+	return btoa(arrayBufferToString(buffer));
+}
+
+//#endregion
+//#region ../convert/src/utf8-array-to-string.ts
+const decoder = new TextDecoder();
+/**
+* Convert a utf-8 array to string
+*
+* @param input - Utf-8 Array
+* @returns The converted string
+*/
+function utf8ArrayToString(input) {
+	return decoder.decode(input);
+}
+
+//#endregion
+//#region src/base-64.ts
+const ENCODE_MAP = new Uint8Array([
+	65,
+	66,
+	67,
+	68,
+	69,
+	70,
+	71,
+	72,
+	73,
+	74,
+	75,
+	76,
+	77,
+	78,
+	79,
+	80,
+	81,
+	82,
+	83,
+	84,
+	85,
+	86,
+	87,
+	88,
+	89,
+	90,
+	97,
+	98,
+	99,
+	100,
+	101,
+	102,
+	103,
+	104,
+	105,
+	106,
+	107,
+	108,
+	109,
+	110,
+	111,
+	112,
+	113,
+	114,
+	115,
+	116,
+	117,
+	118,
+	119,
+	120,
+	121,
+	122,
+	48,
+	49,
+	50,
+	51,
+	52,
+	53,
+	54,
+	55,
+	56,
+	57,
+	43,
+	47
+]);
+const ENCODE_PAD = 61;
+const DECODE_MAP$1 = new Uint8Array([
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	62,
+	100,
+	100,
+	100,
+	63,
+	52,
+	53,
+	54,
+	55,
+	56,
+	57,
+	58,
+	59,
+	60,
+	61,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	0,
+	1,
+	2,
+	3,
+	4,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	11,
+	12,
+	13,
+	14,
+	15,
+	16,
+	17,
+	18,
+	19,
+	20,
+	21,
+	22,
+	23,
+	24,
+	25,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	26,
+	27,
+	28,
+	29,
+	30,
+	31,
+	32,
+	33,
+	34,
+	35,
+	36,
+	37,
+	38,
+	39,
+	40,
+	41,
+	42,
+	43,
+	44,
+	45,
+	46,
+	47,
+	48,
+	49,
+	50,
+	51,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100
+]);
+/**
+* Encodes a Uint8Array into a Base64 encoded Uint8Array.
+*
+* @credit https://github.com/hi-ogawa/js-utils
+*
+* @param input - The input Uint8Array or string to encode.
+* @returns The Base64 encoded Uint8Array.
+*/
+function encodeBase64(input) {
+	if (isString(input)) input = stringToUint8Array(input);
+	const xLen = input.length;
+	const result = new Uint8Array(Math.ceil(xLen / 3) * 4);
+	const chunkLen = Math.floor(xLen / 3);
+	for (let i$1 = 0; i$1 < chunkLen; i$1++) {
+		const chunk = input[3 * i$1 + 0] << 16 | input[3 * i$1 + 1] << 8 | input[3 * i$1 + 2];
+		result[4 * i$1 + 0] = ENCODE_MAP[chunk >> 18 & 63];
+		result[4 * i$1 + 1] = ENCODE_MAP[chunk >> 12 & 63];
+		result[4 * i$1 + 2] = ENCODE_MAP[chunk >> 6 & 63];
+		result[4 * i$1 + 3] = ENCODE_MAP[chunk >> 0 & 63];
+	}
+	const i = chunkLen;
+	switch (xLen % 3) {
+		case 1: {
+			const chunk = input[3 * i + 0] << 16;
+			result[4 * i + 0] = ENCODE_MAP[chunk >> 18 & 63];
+			result[4 * i + 1] = ENCODE_MAP[chunk >> 12 & 63];
+			result[4 * i + 2] = ENCODE_PAD;
+			result[4 * i + 3] = ENCODE_PAD;
+			break;
+		}
+		case 2: {
+			const chunk = input[3 * i + 0] << 16 | input[3 * i + 1] << 8;
+			result[4 * i + 0] = ENCODE_MAP[chunk >> 18 & 63];
+			result[4 * i + 1] = ENCODE_MAP[chunk >> 12 & 63];
+			result[4 * i + 2] = ENCODE_MAP[chunk >> 6 & 63];
+			result[4 * i + 3] = ENCODE_PAD;
+			break;
+		}
+	}
+	return utf8ArrayToString(result);
+}
+/**
+* Decodes a Base64 encoded Uint8Array into a Uint8Array.
+*
+* @credit https://github.com/hi-ogawa/js-utils
+*
+* @param input - The Base64 encoded Uint8Array or string to decode.
+* @returns The decoded Uint8Array.
+*/
+function decodeBase64(input) {
+	if (isString(input)) input = stringToUint8Array(input);
+	const yLen = input.length;
+	if (yLen % 4 !== 0) throw new Error("invalid length");
+	let padLen = 0;
+	while (padLen < 2 && padLen < input.length && input[input.length - 1 - padLen] === ENCODE_PAD) padLen++;
+	for (let i$1 = 0; i$1 < input.length - padLen; i$1++) if (isUndefined(input[i$1]) || isUndefined(DECODE_MAP$1[input[i$1]]) || DECODE_MAP$1[input[i$1]] >= 64) throw new Error("invalid data");
+	const chunkLen = Math.floor((yLen - padLen) / 4);
+	const xLen = 3 * chunkLen + (3 - padLen) % 3;
+	const result = new Uint8Array(xLen);
+	for (let i$1 = 0; i$1 < chunkLen; i$1++) {
+		const chunk = DECODE_MAP$1[input[4 * i$1 + 0]] << 18 | DECODE_MAP$1[input[4 * i$1 + 1]] << 12 | DECODE_MAP$1[input[4 * i$1 + 2]] << 6 | DECODE_MAP$1[input[4 * i$1 + 3]] << 0;
+		result[3 * i$1] = chunk >> 16 & 255;
+		result[3 * i$1 + 1] = chunk >> 8 & 255;
+		result[3 * i$1 + 2] = chunk >> 0 & 255;
+	}
+	const i = chunkLen;
+	switch (xLen % 3) {
+		case 1: {
+			const chunk = DECODE_MAP$1[input[4 * i + 0]] << 18 | DECODE_MAP$1[input[4 * i + 1]] << 12;
+			result[3 * i] = chunk >> 16 & 255;
+			break;
+		}
+		case 2: {
+			const chunk = DECODE_MAP$1[input[4 * i + 0]] << 18 | DECODE_MAP$1[input[4 * i + 1]] << 12 | DECODE_MAP$1[input[4 * i + 2]] << 6;
+			result[3 * i] = chunk >> 16 & 255;
+			result[3 * i + 1] = chunk >> 8 & 255;
+			break;
+		}
+	}
+	return result;
+}
+/**
+* Converts a Base64 encoded string to a [Base64url](https://datatracker.ietf.org/doc/html/rfc7515#appendix-C) encoded string.
+*
+* @see https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
+*
+* @param base64 - The Base64 encoded string to convert.
+* @returns The Base64url encoded string.
+*/
+function base64UrlEncode(base64) {
+	return btoa(String.fromCharCode(...base64)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
+/**
+* Converts a [Base64url](https://datatracker.ietf.org/doc/html/rfc7515#appendix-C) encoded string to a Base64 encoded string.
+*
+* @see https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
+*
+* @param base64url - The Base64url encoded string to convert.
+* @returns The Base64 encoded string.
+*/
+function base64UrlDecode(base64url) {
+	const base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
+	return new Uint8Array([...atob(base64 + "=".repeat((4 - base64.length % 4) % 4))].map((c) => c.charCodeAt(0)));
+}
+
+//#endregion
+//#region src/ed25519.ts
+/**
+* Generates an Ed25519 key pair using Cloudflare Workers' `NODE-ED25519` algorithm and returns the public key as a base64 string, the private key as a JWK object, and a key ID derived from the public key. The private key is returned as a JWK for compatibility with Web Crypto API operations.
+*
+* @remarks
+* This function uses Cloudflare Workers' `NODE-ED25519` algorithm parameters, which are specific to Cloudflare Workers' implementation of Ed25519. The returned key pair is structured as follows:
+* - The `publicKey` is returned as a base64url-encoded string of the raw public key bytes (the 'x' parameter from the JWK).
+* - The `privateKeyJwk` is returned as a JWK object containing the private key parameters, which can be used for signing operations with the Web Crypto API.
+* - The `keyId` is generated by hashing the raw public key bytes and taking the first 4 bytes of the hash, encoded as a hex string prefixed with "ed25519:". This provides a unique identifier for the key pair based on its public key.
+*
+* This function is not compatible with standard Web Crypto API Ed25519 implementations in other environments. The legacy function `generateSigningKeyPairLegacy` is also available for backwards compatibility, which returns the private key as a JSON stringified JWK. However, it is recommended to use this structured version for new code.
+*
+* @returns An object containing the `publicKey` as a base64 string, the `privateKeyJwk` as a JWK object, and a `keyId` derived from the public key.
+* @throws {@link DOMException} If key generation or export fails in the Web Crypto API.
+*/
+async function generateSigningKeyPair() {
+	const keyPair = await crypto.subtle.generateKey({
+		name: "NODE-ED25519",
+		namedCurve: "NODE-ED25519"
+	}, true, ["sign", "verify"]);
+	const publicKeyJwk = await crypto.subtle.exportKey("jwk", keyPair.publicKey);
+	const privateKeyJwk = await crypto.subtle.exportKey("jwk", keyPair.privateKey);
+	const publicKeyBytes = base64UrlDecode(publicKeyJwk.x);
+	const keyIdHash = new Uint8Array(await crypto.subtle.digest("SHA-256", publicKeyBytes)).slice(0, 4);
+	const keyId = `ed25519:${Array.from(keyIdHash).map((b) => b.toString(16).padStart(2, "0")).join("")}`;
+	return {
+		publicKey: base64UrlEncode(publicKeyBytes),
+		privateKeyJwk,
+		keyId
+	};
+}
+/**
+* Generates an Ed25519 key pair and returns the public key as a base64 string, the private key as a JSON stringified JWK, and a key ID derived from the public key. The private key is returned in a legacy format for compatibility with existing code that expects a JSON string.
+*
+* @remarks
+* Legacy function for backwards compatibility during migration. Returns the old format but with a proper key.
+*
+* @deprecated Use `generateSigningKeyPair` instead, which returns a structured key object and separate key ID. This legacy function is retained for backwards compatibility but may be removed in future releases.
+*
+* @returns An object containing the `publicKey` as a base64 string, the `privateKey` as a JSON stringified JWK, and a `keyId` derived from the public key.
+* @throws {@link SyntaxError} If the generated private key cannot be stringified to JSON (should not occur under normal circumstances).
+*/
+async function generateSigningKeyPairLegacy() {
+	const { publicKey, privateKeyJwk, keyId } = await generateSigningKeyPair();
+	return {
+		publicKey,
+		privateKey: JSON.stringify(privateKeyJwk),
+		keyId
+	};
+}
+/**
+* Creates and attaches an [Ed25519 signature](https://matrix.org/docs/spec/client_server/latest#signing-json-objects) for a JSON object using [Matrix-style](https://matrix.org/docs/spec/client_server/latest#signing-json-objects) signing rules.
+*
+* @see https://matrix.org/docs/spec/client_server/latest#signing-json-objects
+*
+* @remarks
+* - Signature output is encoded as un-padded base64url.
+* - The original `obj` is not mutated.
+* - Uses `NODE-ED25519` algorithm parameters for key import/sign operations.
+*
+* The function canonicalizes a copy of the input object after removing the `signatures`
+* and `unsigned` properties, signs that canonical JSON payload with the provided private key,
+* and returns a new object with the generated signature merged into `obj.signatures`.
+*
+* Existing signatures are preserved, including other keys under the same `serverName`.
+*
+* @param obj - The JSON object to sign.
+* @param serverName - The signing entity name used as the top-level key in `signatures`.
+* @param keyId - The key identifier used under `signatures[serverName]`.
+* @param privateKeyJwk - The Ed25519 private key as a JWK object, or a JSON stringified JWK (legacy compatibility).
+* @returns A new object containing all original fields plus an updated `signatures` map with the new signature.
+* @throws {@link SyntaxError} If `privateKeyJwk` is a string that is not valid JSON.
+* @throws {@link DOMException} If key import or signing fails in the Web Crypto API.
+*/
+async function signJson(obj, serverName, keyId, privateKeyJwk) {
+	const jwk = typeof privateKeyJwk === "string" ? JSON.parse(privateKeyJwk) : privateKeyJwk;
+	const toSign = { ...obj };
+	delete toSign.signatures;
+	delete toSign.unsigned;
+	const privateKey = await crypto.subtle.importKey("jwk", jwk, {
+		name: "NODE-ED25519",
+		namedCurve: "NODE-ED25519"
+	}, false, ["sign"]);
+	const canonical = canonicalJson(toSign);
+	const signatureBytes = await crypto.subtle.sign({ name: "NODE-ED25519" }, privateKey, new TextEncoder().encode(canonical));
+	const signatureB64 = base64UrlEncode(new Uint8Array(signatureBytes));
+	const existingSignatures = obj.signatures ?? {};
+	return {
+		...obj,
+		signatures: {
+			...existingSignatures,
+			[serverName]: {
+				...existingSignatures[serverName] ?? {},
+				[keyId]: signatureB64
+			}
+		}
+	};
+}
+/**
+* Verifies an Ed25519 signature on a JSON object using [Matrix-style signing rules](https://matrix.org/docs/spec/client_server/latest#signing-json-objects). The function extracts the relevant signature from the `signatures` property of the input object, removes the `signatures` and `unsigned` properties to create a canonical JSON payload, and then verifies the signature against the provided public key. The public key is expected to be a base64url-encoded string of the raw public key bytes (the 'x' parameter from the JWK). The function returns `true` if the signature is valid and `false` otherwise. Any errors during the verification process are caught and logged, with a return value of `false` in case of failure.
+*
+* @see https://matrix.org/docs/spec/client_server/latest#signing-json-objects
+*
+* @remarks
+* - Signature input is expected to be un-padded base64url.
+* - The original `obj` is not mutated.
+* - Uses `NODE-ED25519` algorithm parameters for key import/verify operations.
+* - The function does not throw on verification failure; it returns `false` instead. Errors during key import or verification are logged to the console for debugging purposes.
+*
+* @param obj - The JSON object containing the signature to verify.
+* @param serverName - The signing entity name used as the top-level key in `signatures`.
+* @param keyId - The key identifier used under `signatures[serverName]` to locate the specific signature to verify.
+* @param publicKeyB64 - The Ed25519 public key as a base64url-encoded string of the raw public key bytes (the 'x' parameter from the JWK).
+* @returns A boolean indicating whether the signature is valid (`true`) or not (`false`). Returns `false` if the signature is missing, invalid, or if any errors occur during the verification process.
+*/
+async function verifySignature(obj, serverName, keyId, publicKeyB64) {
+	try {
+		const signature = obj.signatures?.[serverName]?.[keyId];
+		if (!signature) return false;
+		const toVerify = { ...obj };
+		delete toVerify.signatures;
+		delete toVerify.unsigned;
+		const publicKeyBytes = base64UrlDecode(publicKeyB64);
+		const publicKey = await crypto.subtle.importKey("raw", publicKeyBytes, {
+			name: "NODE-ED25519",
+			namedCurve: "NODE-ED25519"
+		}, false, ["verify"]);
+		const signatureBytes = base64UrlDecode(signature);
+		const canonical = canonicalJson(toVerify);
+		return await crypto.subtle.verify({ name: "NODE-ED25519" }, publicKey, signatureBytes, new TextEncoder().encode(canonical));
+	} catch (error) {
+		console.error("Signature verification failed:", error);
+		return false;
+	}
+}
+
+//#endregion
+//#region src/hex.ts
+const ALPHABET = "0123456789ABCDEF";
+const DECODE_MAP = {
+	"0": 0,
+	"1": 1,
+	"2": 2,
+	"3": 3,
+	"4": 4,
+	"5": 5,
+	"6": 6,
+	"7": 7,
+	"8": 8,
+	"9": 9,
+	a: 10,
+	A: 10,
+	b: 11,
+	B: 11,
+	c: 12,
+	C: 12,
+	d: 13,
+	D: 13,
+	e: 14,
+	E: 14,
+	f: 15,
+	F: 15
+};
+/**
+* Encodes a Uint8Array into a hexadecimal string.
+*
+* @param input - The input Uint8Array.
+* @returns The hexadecimal string.
+*/
+function encodeHex(input) {
+	let result = "";
+	for (let i = 0; i < input.length; i++) {
+		result += ALPHABET[input[i] >> 4];
+		result += ALPHABET[input[i] & 15];
+	}
+	return result;
+}
+/**
+* Encodes a Uint8Array into an uppercase hexadecimal string.
+*
+* @param input - The input Uint8Array.
+* @returns The uppercase hexadecimal string.
+*/
+function decodeHex(input) {
+	if (input.length % 2 !== 0) throw new Error("Invalid hex string");
+	const result = new Uint8Array(input.length / 2);
+	for (let i = 0; i < input.length; i += 2) {
+		if (!(input[i] in DECODE_MAP)) throw new Error("Invalid character");
+		if (!(input[i + 1] in DECODE_MAP)) throw new Error("Invalid character");
+		result[i / 2] |= DECODE_MAP[input[i]] << 4;
+		result[i / 2] |= DECODE_MAP[input[i + 1]];
+	}
+	return result;
+}
+
+//#endregion
+//#region src/encryption.ts
+/**
+* Creates a CryptoKey object that can be used to encrypt any string.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey
+*
+* @returns A promise that resolves to a CryptoKey object that can be used to encrypt and decrypt strings.
+*/
+async function createKey() {
+	return crypto.subtle.generateKey({
+		name: "AES-GCM",
+		length: 256
+	}, true, ["encrypt", "decrypt"]);
+}
+/**
+* Encodes a CryptoKey to base64 string, so that it can be embedded in JSON / JavaScript
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/exportKey
+*
+* @param key - The CryptoKey to encode
+* @returns A promise that resolves to a base64 string representing the key
+*/
+async function encodeKey(key) {
+	const exported = await crypto.subtle.exportKey("raw", key);
+	return encodeBase64(new Uint8Array(exported)).toString();
+}
+/**
+* Decodes a base64 string into bytes and then imports the key.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey
+*
+* @param encoded - The base64 encoded key
+* @returns A promise that resolves to a CryptoKey object that can be used to encrypt and decrypt strings
+*/
+async function decodeKey(encoded) {
+	const bytes = decodeBase64(encoded);
+	return crypto.subtle.importKey("raw", bytes.buffer, "AES-GCM", true, ["encrypt", "decrypt"]);
+}
+const IV_LENGTH = 24;
+/**
+* Using a CryptoKey, use AES-GCM to encrypt a string into a base64 string.
+*
+* @remarks
+* The initialization vector is randomly generated and prepended to the encrypted string. The IV is required for decryption, so it must be stored alongside the encrypted data.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt
+*
+* @param key - The CryptoKey to use for encryption
+* @param plaintext - The plaintext string to encrypt
+* @returns A promise that resolves to a base64 string representing the encrypted data
+*/
+async function encrypt(key, plaintext) {
+	const iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH / 2));
+	const encrypted = await crypto.subtle.encrypt({
+		name: "AES-GCM",
+		iv
+	}, key, stringToUtf8Array(plaintext));
+	return encodeHex(iv) + encodeBase64(new Uint8Array(encrypted));
+}
+/**
+* Takes a base64 encoded string, decodes it and returns the AES-GCM decrypted text.
+*
+* @remarks
+* The initialization vector is expected to be prepended to the encrypted string. The IV is required for decryption, so it must be extracted from the start of the string.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt
+*
+* @param key - The CryptoKey to use for decryption
+* @param encrypted - The encrypted base64 encoded string to decrypt
+* @returns A promise that resolves to the decrypted string
+*/
+async function decrypt(key, encrypted) {
+	return utf8ArrayToString(await crypto.subtle.decrypt({
+		name: "AES-GCM",
+		iv: decodeHex(encrypted.slice(0, IV_LENGTH))
+	}, key, decodeBase64(encrypted.slice(IV_LENGTH))));
+}
+/**
+* Encrypts a buffer using AES-GCM with a given CryptoKey.
+*
+* @remarks
+* The initialization vector (IV) is randomly generated and prepended to the encrypted data. The resulting data is then encoded as a base64 string for easy storage/transmission.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt
+*
+* @param key - The CryptoKey to use for encryption
+* @param buffer - The buffer to encrypt
+* @returns A promise that resolves to a base64 string representing the encrypted data
+*/
+async function encryptBuffer(key, buffer) {
+	const iv = crypto.getRandomValues(new Uint8Array(16));
+	const encrypted = await crypto.subtle.encrypt({
+		name: "AES-GCM",
+		iv
+	}, key, buffer);
+	return uint8ArrayToString(concatUint8Array([iv, new Uint8Array(encrypted)]));
+}
+/**
+* Decrypts a buffer using AES-GCM with a given CryptoKey.
+*
+* @remarks
+* The initialization vector (IV) is expected to be prepended to the encrypted data. The IV is required for decryption, so it must be extracted from the start of the buffer.
+*
+* @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt
+*
+* @param key - The CryptoKey to use for decryption
+* @param encrypted - The encrypted base64 encoded string to decrypt
+* @returns A promise that resolves to the decrypted string
+*/
+async function decryptBuffer(key, encrypted) {
+	const concatenated = base64StringToUint8Array(encrypted);
+	return crypto.subtle.decrypt({
+		name: "AES-GCM",
+		iv: concatenated.slice(0, 16)
+	}, key, concatenated.slice(16));
+}
+
+//#endregion
+//#region src/random.ts
+/**
+* Generate a random byte array of the specified length using the Web Crypto API.
+*
+* @param length - The length of the random byte array to generate (default is 32 bytes)
+* @returns A Uint8Array containing random bytes of the specified length
+*/
+function generateRandomBytes(length = 32) {
+	return crypto.getRandomValues(new Uint8Array(length));
+}
+/**
+* Generate a random string of the specified length using characters A-Z, a-z, and 0-9 for CSRF tokens, etc.
+*
+* @remarks
+* This function uses the Web Crypto API's `crypto.getRandomValues` to generate secure random bytes,
+* and then maps those bytes to characters in the specified character set. It uses rejection sampling
+* to ensure a uniform distribution of characters without modulo bias.
+*
+* @param length - The length of the random string to generate (default is 32 characters)
+* @returns A random string of the specified length
+*/
+function generateRandomString(length = 32) {
+	const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+	const charsLen = 62;
+	const maxValid = 256 - 256 % charsLen;
+	const result = [];
+	while (result.length < length) {
+		const bytes = generateRandomBytes(length - result.length);
+		for (const b of bytes) if (b < maxValid && result.length < length && chars[b % charsLen]) result.push(chars[b % charsLen]);
+	}
+	return result.join("");
+}
+
+//#endregion
+exports.base64UrlDecode = base64UrlDecode;
+exports.base64UrlEncode = base64UrlEncode;
+exports.createKey = createKey;
+exports.decodeBase64 = decodeBase64;
+exports.decodeHex = decodeHex;
+exports.decodeKey = decodeKey;
+exports.decrypt = decrypt;
+exports.decryptBuffer = decryptBuffer;
+exports.encodeBase64 = encodeBase64;
+exports.encodeHex = encodeHex;
+exports.encodeKey = encodeKey;
+exports.encrypt = encrypt;
+exports.encryptBuffer = encryptBuffer;
+exports.generateRandomBytes = generateRandomBytes;
+exports.generateRandomString = generateRandomString;
+exports.generateSigningKeyPair = generateSigningKeyPair;
+exports.generateSigningKeyPairLegacy = generateSigningKeyPairLegacy;
+exports.signJson = signJson;
+exports.verifySignature = verifySignature;