@textrp/briij-js-sdk 41.0.1 → 43.0.0

package/lib/utils/decryptAESSecretStorageItem.js.map

@@ -1 +1 @@
-{"version":3,"file":"decryptAESSecretStorageItem.js","names":["decodeBase64","deriveKeys","decryptAESSecretStorageItem","_x","_x2","_x3","_decryptAESSecretStorageItem","apply","arguments","_asyncToGenerator","data","key","name","aesKey","hmacKey","ciphertext","globalThis","crypto","subtle","verify","mac","Error","concat","plaintext","decrypt","counter","iv","length","TextDecoder","decode","Uint8Array"],"sources":["../../src/utils/decryptAESSecretStorageItem.ts"],"sourcesContent":["/*\r\n * Copyright 2024 The Matrix.org Foundation C.I.C.\r\n *\r\n * Licensed under the Apache License, Version 2.0 (the \"License\");\r\n * you may not use this file except in compliance with the License.\r\n * You may obtain a copy of the License at\r\n *\r\n *     http://www.apache.org/licenses/LICENSE-2.0\r\n *\r\n * Unless required by applicable law or agreed to in writing, software\r\n * distributed under the License is distributed on an \"AS IS\" BASIS,\r\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r\n * See the License for the specific language governing permissions and\r\n * limitations under the License.\r\n */\r\n\r\nimport { decodeBase64 } from \"../base64.ts\";\r\nimport { deriveKeys } from \"./internal/deriveKeys.ts\";\r\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\r\n\r\n/**\r\n * Decrypt an AES-encrypted Secret Storage item.\r\n *\r\n * @param data - the encrypted data, returned by {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\r\n * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key. Must\r\n *    be the same as provided to {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\r\n * @param name - the name of the secret. Also used as an input to the HKDF operation which is used to derive the AES\r\n *    key, so again must be the same as provided to {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\r\n */\r\nexport default async function decryptAESSecretStorageItem(\r\n    data: AESEncryptedSecretStoragePayload,\r\n    key: Uint8Array<ArrayBuffer>,\r\n    name: string,\r\n): Promise<string> {\r\n    const [aesKey, hmacKey] = await deriveKeys(key, name);\r\n\r\n    const ciphertext = decodeBase64(data.ciphertext);\r\n\r\n    if (!(await globalThis.crypto.subtle.verify({ name: \"HMAC\" }, hmacKey, decodeBase64(data.mac), ciphertext))) {\r\n        throw new Error(`Error decrypting secret ${name}: bad MAC`);\r\n    }\r\n\r\n    const plaintext = await globalThis.crypto.subtle.decrypt(\r\n        {\r\n            name: \"AES-CTR\",\r\n            counter: decodeBase64(data.iv),\r\n            length: 64,\r\n        },\r\n        aesKey,\r\n        ciphertext,\r\n    );\r\n\r\n    return new TextDecoder().decode(new Uint8Array(plaintext));\r\n}\r\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,YAAY,QAAQ,cAAc;AAC3C,SAASC,UAAU,QAAQ,0BAA0B;AAGrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,wBAA8BC,2BAA2BA,CAAAC,EAAA,EAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAwBxD,SAAAF,6BAAA;EAAAA,4BAAA,GAAAG,iBAAA,CAxBc,WACXC,IAAsC,EACtCC,GAA4B,EAC5BC,IAAY,EACG;IACf,IAAM,CAACC,MAAM,EAAEC,OAAO,CAAC,SAASb,UAAU,CAACU,GAAG,EAAEC,IAAI,CAAC;IAErD,IAAMG,UAAU,GAAGf,YAAY,CAACU,IAAI,CAACK,UAAU,CAAC;IAEhD,IAAI,QAAQC,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,MAAM,CAAC;MAAEP,IAAI,EAAE;IAAO,CAAC,EAAEE,OAAO,EAAEd,YAAY,CAACU,IAAI,CAACU,GAAG,CAAC,EAAEL,UAAU,CAAC,CAAC,EAAE;MACzG,MAAM,IAAIM,KAAK,4BAAAC,MAAA,CAA4BV,IAAI,cAAW,CAAC;IAC/D;IAEA,IAAMW,SAAS,SAASP,UAAU,CAACC,MAAM,CAACC,MAAM,CAACM,OAAO,CACpD;MACIZ,IAAI,EAAE,SAAS;MACfa,OAAO,EAAEzB,YAAY,CAACU,IAAI,CAACgB,EAAE,CAAC;MAC9BC,MAAM,EAAE;IACZ,CAAC,EACDd,MAAM,EACNE,UACJ,CAAC;IAED,OAAO,IAAIa,WAAW,CAAC,CAAC,CAACC,MAAM,CAAC,IAAIC,UAAU,CAACP,SAAS,CAAC,CAAC;EAC9D,CAAC;EAAA,OAAAjB,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}
+{"version":3,"file":"decryptAESSecretStorageItem.js","names":["decodeBase64","deriveKeys","decryptAESSecretStorageItem","_x","_x2","_x3","_decryptAESSecretStorageItem","apply","arguments","_asyncToGenerator","data","key","name","aesKey","hmacKey","ciphertext","globalThis","crypto","subtle","verify","mac","Error","concat","plaintext","decrypt","counter","iv","length","TextDecoder","decode","Uint8Array"],"sources":["../../src/utils/decryptAESSecretStorageItem.ts"],"sourcesContent":["/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { decodeBase64 } from \"../base64.ts\";\nimport { deriveKeys } from \"./internal/deriveKeys.ts\";\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\n\n/**\n * Decrypt an AES-encrypted Secret Storage item.\n *\n * @param data - the encrypted data, returned by {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\n * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key. Must\n *    be the same as provided to {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\n * @param name - the name of the secret. Also used as an input to the HKDF operation which is used to derive the AES\n *    key, so again must be the same as provided to {@link utils/encryptAESSecretStorageItem.default | encryptAESSecretStorageItem}.\n */\nexport default async function decryptAESSecretStorageItem(\n    data: AESEncryptedSecretStoragePayload,\n    key: Uint8Array<ArrayBuffer>,\n    name: string,\n): Promise<string> {\n    const [aesKey, hmacKey] = await deriveKeys(key, name);\n\n    const ciphertext = decodeBase64(data.ciphertext);\n\n    if (!(await globalThis.crypto.subtle.verify({ name: \"HMAC\" }, hmacKey, decodeBase64(data.mac), ciphertext))) {\n        throw new Error(`Error decrypting secret ${name}: bad MAC`);\n    }\n\n    const plaintext = await globalThis.crypto.subtle.decrypt(\n        {\n            name: \"AES-CTR\",\n            counter: decodeBase64(data.iv),\n            length: 64,\n        },\n        aesKey,\n        ciphertext,\n    );\n\n    return new TextDecoder().decode(new Uint8Array(plaintext));\n}\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,YAAY,QAAQ,cAAc;AAC3C,SAASC,UAAU,QAAQ,0BAA0B;AAGrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,wBAA8BC,2BAA2BA,CAAAC,EAAA,EAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAwBxD,SAAAF,6BAAA;EAAAA,4BAAA,GAAAG,iBAAA,CAxBc,WACXC,IAAsC,EACtCC,GAA4B,EAC5BC,IAAY,EACG;IACf,IAAM,CAACC,MAAM,EAAEC,OAAO,CAAC,SAASb,UAAU,CAACU,GAAG,EAAEC,IAAI,CAAC;IAErD,IAAMG,UAAU,GAAGf,YAAY,CAACU,IAAI,CAACK,UAAU,CAAC;IAEhD,IAAI,QAAQC,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,MAAM,CAAC;MAAEP,IAAI,EAAE;IAAO,CAAC,EAAEE,OAAO,EAAEd,YAAY,CAACU,IAAI,CAACU,GAAG,CAAC,EAAEL,UAAU,CAAC,CAAC,EAAE;MACzG,MAAM,IAAIM,KAAK,4BAAAC,MAAA,CAA4BV,IAAI,cAAW,CAAC;IAC/D;IAEA,IAAMW,SAAS,SAASP,UAAU,CAACC,MAAM,CAACC,MAAM,CAACM,OAAO,CACpD;MACIZ,IAAI,EAAE,SAAS;MACfa,OAAO,EAAEzB,YAAY,CAACU,IAAI,CAACgB,EAAE,CAAC;MAC9BC,MAAM,EAAE;IACZ,CAAC,EACDd,MAAM,EACNE,UACJ,CAAC;IAED,OAAO,IAAIa,WAAW,CAAC,CAAC,CAACC,MAAM,CAAC,IAAIC,UAAU,CAACP,SAAS,CAAC,CAAC;EAC9D,CAAC;EAAA,OAAAjB,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}

package/lib/utils/encryptAESSecretStorageItem.js

@@ -1,34 +1,34 @@
 import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-/*
- * Copyright 2024 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/*
+ * Copyright 2024 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
 
 import { decodeBase64, encodeBase64 } from "../base64.js";
 import { deriveKeys } from "./internal/deriveKeys.js";
-/**
- * Encrypt a string as a secret storage item, using AES-CTR.
- *
- * @param data - the plaintext to encrypt
- * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key for
- *    encryption. Obviously, the same key must be provided when decrypting.
- * @param name - the name of the secret. Used as an input to the HKDF operation which is used to derive the AES key,
- *    so again the same value must be provided when decrypting.
- * @param ivStr - the base64-encoded initialization vector to use. If not supplied, a random one will be generated.
- *
- * @returns The encrypted result, including the ciphertext itself, the initialization vector (as supplied in `ivStr`,
- *   or generated), and an HMAC on the ciphertext — all base64-encoded.
+/**
+ * Encrypt a string as a secret storage item, using AES-CTR.
+ *
+ * @param data - the plaintext to encrypt
+ * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key for
+ *    encryption. Obviously, the same key must be provided when decrypting.
+ * @param name - the name of the secret. Used as an input to the HKDF operation which is used to derive the AES key,
+ *    so again the same value must be provided when decrypting.
+ * @param ivStr - the base64-encoded initialization vector to use. If not supplied, a random one will be generated.
+ *
+ * @returns The encrypted result, including the ciphertext itself, the initialization vector (as supplied in `ivStr`,
+ *   or generated), and an HMAC on the ciphertext — all base64-encoded.
  */
 export default function encryptAESSecretStorageItem(_x, _x2, _x3, _x4) {
   return _encryptAESSecretStorageItem.apply(this, arguments);

package/lib/utils/encryptAESSecretStorageItem.js.map

@@ -1 +1 @@
-{"version":3,"file":"encryptAESSecretStorageItem.js","names":["decodeBase64","encodeBase64","deriveKeys","encryptAESSecretStorageItem","_x","_x2","_x3","_x4","_encryptAESSecretStorageItem","apply","arguments","_asyncToGenerator","data","key","name","ivStr","iv","Uint8Array","globalThis","crypto","getRandomValues","aesKey","hmacKey","encodedData","TextEncoder","encode","ciphertext","subtle","encrypt","counter","length","hmac","sign","mac"],"sources":["../../src/utils/encryptAESSecretStorageItem.ts"],"sourcesContent":["/*\r\n * Copyright 2024 The Matrix.org Foundation C.I.C.\r\n *\r\n * Licensed under the Apache License, Version 2.0 (the \"License\");\r\n * you may not use this file except in compliance with the License.\r\n * You may obtain a copy of the License at\r\n *\r\n *     http://www.apache.org/licenses/LICENSE-2.0\r\n *\r\n * Unless required by applicable law or agreed to in writing, software\r\n * distributed under the License is distributed on an \"AS IS\" BASIS,\r\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r\n * See the License for the specific language governing permissions and\r\n * limitations under the License.\r\n */\r\n\r\nimport { decodeBase64, encodeBase64 } from \"../base64.ts\";\r\nimport { deriveKeys } from \"./internal/deriveKeys.ts\";\r\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\r\n\r\n/**\r\n * Encrypt a string as a secret storage item, using AES-CTR.\r\n *\r\n * @param data - the plaintext to encrypt\r\n * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key for\r\n *    encryption. Obviously, the same key must be provided when decrypting.\r\n * @param name - the name of the secret. Used as an input to the HKDF operation which is used to derive the AES key,\r\n *    so again the same value must be provided when decrypting.\r\n * @param ivStr - the base64-encoded initialization vector to use. If not supplied, a random one will be generated.\r\n *\r\n * @returns The encrypted result, including the ciphertext itself, the initialization vector (as supplied in `ivStr`,\r\n *   or generated), and an HMAC on the ciphertext — all base64-encoded.\r\n */\r\nexport default async function encryptAESSecretStorageItem(\r\n    data: string,\r\n    key: Uint8Array<ArrayBuffer>,\r\n    name: string,\r\n    ivStr?: string,\r\n): Promise<AESEncryptedSecretStoragePayload> {\r\n    let iv: Uint8Array<ArrayBuffer>;\r\n    if (ivStr) {\r\n        iv = decodeBase64(ivStr);\r\n    } else {\r\n        iv = new Uint8Array(16);\r\n        globalThis.crypto.getRandomValues(iv);\r\n\r\n        // clear bit 63 of the IV to stop us hitting the 64-bit counter boundary\r\n        // (which would mean we wouldn't be able to decrypt on Android). The loss\r\n        // of a single bit of iv is a price we have to pay.\r\n        iv[8] &= 0x7f;\r\n    }\r\n\r\n    const [aesKey, hmacKey] = await deriveKeys(key, name);\r\n    const encodedData = new TextEncoder().encode(data);\r\n\r\n    const ciphertext = await globalThis.crypto.subtle.encrypt(\r\n        {\r\n            name: \"AES-CTR\",\r\n            counter: iv,\r\n            length: 64,\r\n        },\r\n        aesKey,\r\n        encodedData,\r\n    );\r\n\r\n    const hmac = await globalThis.crypto.subtle.sign({ name: \"HMAC\" }, hmacKey, ciphertext);\r\n\r\n    return {\r\n        iv: encodeBase64(iv),\r\n        ciphertext: encodeBase64(new Uint8Array(ciphertext)),\r\n        mac: encodeBase64(new Uint8Array(hmac)),\r\n    };\r\n}\r\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,YAAY,EAAEC,YAAY,QAAQ,cAAc;AACzD,SAASC,UAAU,QAAQ,0BAA0B;AAGrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,wBAA8BC,2BAA2BA,CAAAC,EAAA,EAAAC,GAAA,EAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAuCxD,SAAAF,6BAAA;EAAAA,4BAAA,GAAAG,iBAAA,CAvCc,WACXC,IAAY,EACZC,GAA4B,EAC5BC,IAAY,EACZC,KAAc,EAC2B;IACzC,IAAIC,EAA2B;IAC/B,IAAID,KAAK,EAAE;MACPC,EAAE,GAAGhB,YAAY,CAACe,KAAK,CAAC;IAC5B,CAAC,MAAM;MACHC,EAAE,GAAG,IAAIC,UAAU,CAAC,EAAE,CAAC;MACvBC,UAAU,CAACC,MAAM,CAACC,eAAe,CAACJ,EAAE,CAAC;;MAErC;MACA;MACA;MACAA,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI;IACjB;IAEA,IAAM,CAACK,MAAM,EAAEC,OAAO,CAAC,SAASpB,UAAU,CAACW,GAAG,EAAEC,IAAI,CAAC;IACrD,IAAMS,WAAW,GAAG,IAAIC,WAAW,CAAC,CAAC,CAACC,MAAM,CAACb,IAAI,CAAC;IAElD,IAAMc,UAAU,SAASR,UAAU,CAACC,MAAM,CAACQ,MAAM,CAACC,OAAO,CACrD;MACId,IAAI,EAAE,SAAS;MACfe,OAAO,EAAEb,EAAE;MACXc,MAAM,EAAE;IACZ,CAAC,EACDT,MAAM,EACNE,WACJ,CAAC;IAED,IAAMQ,IAAI,SAASb,UAAU,CAACC,MAAM,CAACQ,MAAM,CAACK,IAAI,CAAC;MAAElB,IAAI,EAAE;IAAO,CAAC,EAAEQ,OAAO,EAAEI,UAAU,CAAC;IAEvF,OAAO;MACHV,EAAE,EAAEf,YAAY,CAACe,EAAE,CAAC;MACpBU,UAAU,EAAEzB,YAAY,CAAC,IAAIgB,UAAU,CAACS,UAAU,CAAC,CAAC;MACpDO,GAAG,EAAEhC,YAAY,CAAC,IAAIgB,UAAU,CAACc,IAAI,CAAC;IAC1C,CAAC;EACL,CAAC;EAAA,OAAAvB,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}
+{"version":3,"file":"encryptAESSecretStorageItem.js","names":["decodeBase64","encodeBase64","deriveKeys","encryptAESSecretStorageItem","_x","_x2","_x3","_x4","_encryptAESSecretStorageItem","apply","arguments","_asyncToGenerator","data","key","name","ivStr","iv","Uint8Array","globalThis","crypto","getRandomValues","aesKey","hmacKey","encodedData","TextEncoder","encode","ciphertext","subtle","encrypt","counter","length","hmac","sign","mac"],"sources":["../../src/utils/encryptAESSecretStorageItem.ts"],"sourcesContent":["/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { decodeBase64, encodeBase64 } from \"../base64.ts\";\nimport { deriveKeys } from \"./internal/deriveKeys.ts\";\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\n\n/**\n * Encrypt a string as a secret storage item, using AES-CTR.\n *\n * @param data - the plaintext to encrypt\n * @param key - the encryption key to use as an input to the HKDF function which is used to derive the AES key for\n *    encryption. Obviously, the same key must be provided when decrypting.\n * @param name - the name of the secret. Used as an input to the HKDF operation which is used to derive the AES key,\n *    so again the same value must be provided when decrypting.\n * @param ivStr - the base64-encoded initialization vector to use. If not supplied, a random one will be generated.\n *\n * @returns The encrypted result, including the ciphertext itself, the initialization vector (as supplied in `ivStr`,\n *   or generated), and an HMAC on the ciphertext — all base64-encoded.\n */\nexport default async function encryptAESSecretStorageItem(\n    data: string,\n    key: Uint8Array<ArrayBuffer>,\n    name: string,\n    ivStr?: string,\n): Promise<AESEncryptedSecretStoragePayload> {\n    let iv: Uint8Array<ArrayBuffer>;\n    if (ivStr) {\n        iv = decodeBase64(ivStr);\n    } else {\n        iv = new Uint8Array(16);\n        globalThis.crypto.getRandomValues(iv);\n\n        // clear bit 63 of the IV to stop us hitting the 64-bit counter boundary\n        // (which would mean we wouldn't be able to decrypt on Android). The loss\n        // of a single bit of iv is a price we have to pay.\n        iv[8] &= 0x7f;\n    }\n\n    const [aesKey, hmacKey] = await deriveKeys(key, name);\n    const encodedData = new TextEncoder().encode(data);\n\n    const ciphertext = await globalThis.crypto.subtle.encrypt(\n        {\n            name: \"AES-CTR\",\n            counter: iv,\n            length: 64,\n        },\n        aesKey,\n        encodedData,\n    );\n\n    const hmac = await globalThis.crypto.subtle.sign({ name: \"HMAC\" }, hmacKey, ciphertext);\n\n    return {\n        iv: encodeBase64(iv),\n        ciphertext: encodeBase64(new Uint8Array(ciphertext)),\n        mac: encodeBase64(new Uint8Array(hmac)),\n    };\n}\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA,SAASA,YAAY,EAAEC,YAAY,QAAQ,cAAc;AACzD,SAASC,UAAU,QAAQ,0BAA0B;AAGrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,wBAA8BC,2BAA2BA,CAAAC,EAAA,EAAAC,GAAA,EAAAC,GAAA,EAAAC,GAAA;EAAA,OAAAC,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAuCxD,SAAAF,6BAAA;EAAAA,4BAAA,GAAAG,iBAAA,CAvCc,WACXC,IAAY,EACZC,GAA4B,EAC5BC,IAAY,EACZC,KAAc,EAC2B;IACzC,IAAIC,EAA2B;IAC/B,IAAID,KAAK,EAAE;MACPC,EAAE,GAAGhB,YAAY,CAACe,KAAK,CAAC;IAC5B,CAAC,MAAM;MACHC,EAAE,GAAG,IAAIC,UAAU,CAAC,EAAE,CAAC;MACvBC,UAAU,CAACC,MAAM,CAACC,eAAe,CAACJ,EAAE,CAAC;;MAErC;MACA;MACA;MACAA,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI;IACjB;IAEA,IAAM,CAACK,MAAM,EAAEC,OAAO,CAAC,SAASpB,UAAU,CAACW,GAAG,EAAEC,IAAI,CAAC;IACrD,IAAMS,WAAW,GAAG,IAAIC,WAAW,CAAC,CAAC,CAACC,MAAM,CAACb,IAAI,CAAC;IAElD,IAAMc,UAAU,SAASR,UAAU,CAACC,MAAM,CAACQ,MAAM,CAACC,OAAO,CACrD;MACId,IAAI,EAAE,SAAS;MACfe,OAAO,EAAEb,EAAE;MACXc,MAAM,EAAE;IACZ,CAAC,EACDT,MAAM,EACNE,WACJ,CAAC;IAED,IAAMQ,IAAI,SAASb,UAAU,CAACC,MAAM,CAACQ,MAAM,CAACK,IAAI,CAAC;MAAElB,IAAI,EAAE;IAAO,CAAC,EAAEQ,OAAO,EAAEI,UAAU,CAAC;IAEvF,OAAO;MACHV,EAAE,EAAEf,YAAY,CAACe,EAAE,CAAC;MACpBU,UAAU,EAAEzB,YAAY,CAAC,IAAIgB,UAAU,CAACS,UAAU,CAAC,CAAC;MACpDO,GAAG,EAAEhC,YAAY,CAAC,IAAIgB,UAAU,CAACc,IAAI,CAAC;IAC1C,CAAC;EACL,CAAC;EAAA,OAAAvB,4BAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}

package/lib/utils/internal/deriveKeys.js

@@ -1,30 +1,30 @@
 import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-/*
- * Copyright 2024 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+/*
+ * Copyright 2024 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
  */
 
 // salt for HKDF, with 8 bytes of zeros
 var zeroSalt = new Uint8Array(8);
 
-/**
- * Derive AES and HMAC keys from a master key.
- *
- * This is used for deriving secret storage keys: see https://spec.matrix.org/v1.11/client-server-api/#msecret_storagev1aes-hmac-sha2 (step 1).
- *
- * @param key
- * @param name
+/**
+ * Derive AES and HMAC keys from a master key.
+ *
+ * This is used for deriving secret storage keys: see https://spec.matrix.org/v1.11/client-server-api/#msecret_storagev1aes-hmac-sha2 (step 1).
+ *
+ * @param key
+ * @param name
  */
 export function deriveKeys(_x, _x2) {
   return _deriveKeys.apply(this, arguments);

package/lib/utils/internal/deriveKeys.js.map

@@ -1 +1 @@
-{"version":3,"file":"deriveKeys.js","names":["zeroSalt","Uint8Array","deriveKeys","_x","_x2","_deriveKeys","apply","arguments","_asyncToGenerator","key","name","hkdfkey","globalThis","crypto","subtle","importKey","keybits","deriveBits","salt","info","TextEncoder","encode","hash","aesKey","slice","hmacKey","aesProm","hmacProm","Promise","all"],"sources":["../../../src/utils/internal/deriveKeys.ts"],"sourcesContent":["/*\r\n * Copyright 2024 The Matrix.org Foundation C.I.C.\r\n *\r\n * Licensed under the Apache License, Version 2.0 (the \"License\");\r\n * you may not use this file except in compliance with the License.\r\n * You may obtain a copy of the License at\r\n *\r\n *     http://www.apache.org/licenses/LICENSE-2.0\r\n *\r\n * Unless required by applicable law or agreed to in writing, software\r\n * distributed under the License is distributed on an \"AS IS\" BASIS,\r\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r\n * See the License for the specific language governing permissions and\r\n * limitations under the License.\r\n */\r\n\r\n// salt for HKDF, with 8 bytes of zeros\r\nconst zeroSalt = new Uint8Array(8);\r\n\r\n/**\r\n * Derive AES and HMAC keys from a master key.\r\n *\r\n * This is used for deriving secret storage keys: see https://spec.matrix.org/v1.11/client-server-api/#msecret_storagev1aes-hmac-sha2 (step 1).\r\n *\r\n * @param key\r\n * @param name\r\n */\r\nexport async function deriveKeys(key: Uint8Array<ArrayBuffer>, name: string): Promise<[CryptoKey, CryptoKey]> {\r\n    const hkdfkey = await globalThis.crypto.subtle.importKey(\"raw\", key, { name: \"HKDF\" }, false, [\"deriveBits\"]);\r\n    const keybits = await globalThis.crypto.subtle.deriveBits(\r\n        {\r\n            name: \"HKDF\",\r\n            salt: zeroSalt,\r\n            // eslint-disable-next-line @typescript-eslint/ban-ts-comment\r\n            // @ts-ignore: https://github.com/microsoft/TypeScript-DOM-lib-generator/pull/879\r\n            info: new TextEncoder().encode(name),\r\n            hash: \"SHA-256\",\r\n        },\r\n        hkdfkey,\r\n        512,\r\n    );\r\n\r\n    const aesKey = keybits.slice(0, 32);\r\n    const hmacKey = keybits.slice(32);\r\n\r\n    const aesProm = globalThis.crypto.subtle.importKey(\"raw\", aesKey, { name: \"AES-CTR\" }, false, [\r\n        \"encrypt\",\r\n        \"decrypt\",\r\n    ]);\r\n\r\n    const hmacProm = globalThis.crypto.subtle.importKey(\r\n        \"raw\",\r\n        hmacKey,\r\n        {\r\n            name: \"HMAC\",\r\n            hash: { name: \"SHA-256\" },\r\n        },\r\n        false,\r\n        [\"sign\", \"verify\"],\r\n    );\r\n\r\n    return Promise.all([aesProm, hmacProm]);\r\n}\r\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,IAAMA,QAAQ,GAAG,IAAIC,UAAU,CAAC,CAAC,CAAC;;AAElC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,gBAAsBC,UAAUA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,WAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAmC/B,SAAAF,YAAA;EAAAA,WAAA,GAAAG,iBAAA,CAnCM,WAA0BC,GAA4B,EAAEC,IAAY,EAAmC;IAC1G,IAAMC,OAAO,SAASC,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAAC,KAAK,EAAEN,GAAG,EAAE;MAAEC,IAAI,EAAE;IAAO,CAAC,EAAE,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IAC7G,IAAMM,OAAO,SAASJ,UAAU,CAACC,MAAM,CAACC,MAAM,CAACG,UAAU,CACrD;MACIP,IAAI,EAAE,MAAM;MACZQ,IAAI,EAAElB,QAAQ;MACd;MACA;MACAmB,IAAI,EAAE,IAAIC,WAAW,CAAC,CAAC,CAACC,MAAM,CAACX,IAAI,CAAC;MACpCY,IAAI,EAAE;IACV,CAAC,EACDX,OAAO,EACP,GACJ,CAAC;IAED,IAAMY,MAAM,GAAGP,OAAO,CAACQ,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IACnC,IAAMC,OAAO,GAAGT,OAAO,CAACQ,KAAK,CAAC,EAAE,CAAC;IAEjC,IAAME,OAAO,GAAGd,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAAC,KAAK,EAAEQ,MAAM,EAAE;MAAEb,IAAI,EAAE;IAAU,CAAC,EAAE,KAAK,EAAE,CAC1F,SAAS,EACT,SAAS,CACZ,CAAC;IAEF,IAAMiB,QAAQ,GAAGf,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAC/C,KAAK,EACLU,OAAO,EACP;MACIf,IAAI,EAAE,MAAM;MACZY,IAAI,EAAE;QAAEZ,IAAI,EAAE;MAAU;IAC5B,CAAC,EACD,KAAK,EACL,CAAC,MAAM,EAAE,QAAQ,CACrB,CAAC;IAED,OAAOkB,OAAO,CAACC,GAAG,CAAC,CAACH,OAAO,EAAEC,QAAQ,CAAC,CAAC;EAC3C,CAAC;EAAA,OAAAtB,WAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}
+{"version":3,"file":"deriveKeys.js","names":["zeroSalt","Uint8Array","deriveKeys","_x","_x2","_deriveKeys","apply","arguments","_asyncToGenerator","key","name","hkdfkey","globalThis","crypto","subtle","importKey","keybits","deriveBits","salt","info","TextEncoder","encode","hash","aesKey","slice","hmacKey","aesProm","hmacProm","Promise","all"],"sources":["../../../src/utils/internal/deriveKeys.ts"],"sourcesContent":["/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n *     http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n// salt for HKDF, with 8 bytes of zeros\nconst zeroSalt = new Uint8Array(8);\n\n/**\n * Derive AES and HMAC keys from a master key.\n *\n * This is used for deriving secret storage keys: see https://spec.matrix.org/v1.11/client-server-api/#msecret_storagev1aes-hmac-sha2 (step 1).\n *\n * @param key\n * @param name\n */\nexport async function deriveKeys(key: Uint8Array<ArrayBuffer>, name: string): Promise<[CryptoKey, CryptoKey]> {\n    const hkdfkey = await globalThis.crypto.subtle.importKey(\"raw\", key, { name: \"HKDF\" }, false, [\"deriveBits\"]);\n    const keybits = await globalThis.crypto.subtle.deriveBits(\n        {\n            name: \"HKDF\",\n            salt: zeroSalt,\n            // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n            // @ts-ignore: https://github.com/microsoft/TypeScript-DOM-lib-generator/pull/879\n            info: new TextEncoder().encode(name),\n            hash: \"SHA-256\",\n        },\n        hkdfkey,\n        512,\n    );\n\n    const aesKey = keybits.slice(0, 32);\n    const hmacKey = keybits.slice(32);\n\n    const aesProm = globalThis.crypto.subtle.importKey(\"raw\", aesKey, { name: \"AES-CTR\" }, false, [\n        \"encrypt\",\n        \"decrypt\",\n    ]);\n\n    const hmacProm = globalThis.crypto.subtle.importKey(\n        \"raw\",\n        hmacKey,\n        {\n            name: \"HMAC\",\n            hash: { name: \"SHA-256\" },\n        },\n        false,\n        [\"sign\", \"verify\"],\n    );\n\n    return Promise.all([aesProm, hmacProm]);\n}\n"],"mappings":";AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,IAAMA,QAAQ,GAAG,IAAIC,UAAU,CAAC,CAAC,CAAC;;AAElC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,gBAAsBC,UAAUA,CAAAC,EAAA,EAAAC,GAAA;EAAA,OAAAC,WAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA;AAmC/B,SAAAF,YAAA;EAAAA,WAAA,GAAAG,iBAAA,CAnCM,WAA0BC,GAA4B,EAAEC,IAAY,EAAmC;IAC1G,IAAMC,OAAO,SAASC,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAAC,KAAK,EAAEN,GAAG,EAAE;MAAEC,IAAI,EAAE;IAAO,CAAC,EAAE,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IAC7G,IAAMM,OAAO,SAASJ,UAAU,CAACC,MAAM,CAACC,MAAM,CAACG,UAAU,CACrD;MACIP,IAAI,EAAE,MAAM;MACZQ,IAAI,EAAElB,QAAQ;MACd;MACA;MACAmB,IAAI,EAAE,IAAIC,WAAW,CAAC,CAAC,CAACC,MAAM,CAACX,IAAI,CAAC;MACpCY,IAAI,EAAE;IACV,CAAC,EACDX,OAAO,EACP,GACJ,CAAC;IAED,IAAMY,MAAM,GAAGP,OAAO,CAACQ,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;IACnC,IAAMC,OAAO,GAAGT,OAAO,CAACQ,KAAK,CAAC,EAAE,CAAC;IAEjC,IAAME,OAAO,GAAGd,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAAC,KAAK,EAAEQ,MAAM,EAAE;MAAEb,IAAI,EAAE;IAAU,CAAC,EAAE,KAAK,EAAE,CAC1F,SAAS,EACT,SAAS,CACZ,CAAC;IAEF,IAAMiB,QAAQ,GAAGf,UAAU,CAACC,MAAM,CAACC,MAAM,CAACC,SAAS,CAC/C,KAAK,EACLU,OAAO,EACP;MACIf,IAAI,EAAE,MAAM;MACZY,IAAI,EAAE;QAAEZ,IAAI,EAAE;MAAU;IAC5B,CAAC,EACD,KAAK,EACL,CAAC,MAAM,EAAE,QAAQ,CACrB,CAAC;IAED,OAAOkB,OAAO,CAACC,GAAG,CAAC,CAACH,OAAO,EAAEC,QAAQ,CAAC,CAAC;EAC3C,CAAC;EAAA,OAAAtB,WAAA,CAAAC,KAAA,OAAAC,SAAA;AAAA","ignoreList":[]}

package/lib/utils/roomVersion.js

@@ -1,34 +1,34 @@
-/*
-Copyright 2025 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+/*
+Copyright 2025 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
 */
 
-/**
- * Room versions strings that we know about and do not use hydra semantics.
+/**
+ * Room versions strings that we know about and do not use hydra semantics.
  */
 var PRE_HYDRA_ROOM_VERSIONS = ["1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11"];
 
-/**
- * Checks if the given room version is one where new "hydra" power level
- * semantics (ie. room version 12 or later) should be used
- * (see https://github.com/matrix-org/matrix-spec-proposals/pull/4289).
- * This will return `false` for versions that are known to the js-sdk and
- * do not use hydra: any room versions unknown to the js-sdk (experimental or
- * otherwise) will cause the function to return true.
- *
- * @param roomVersion - The version of the room to check.
- * @returns `true` if hydra semantics should be used for the room version, `false` otherwise.
+/**
+ * Checks if the given room version is one where new "hydra" power level
+ * semantics (ie. room version 12 or later) should be used
+ * (see https://github.com/matrix-org/matrix-spec-proposals/pull/4289).
+ * This will return `false` for versions that are known to the js-sdk and
+ * do not use hydra: any room versions unknown to the js-sdk (experimental or
+ * otherwise) will cause the function to return true.
+ *
+ * @param roomVersion - The version of the room to check.
+ * @returns `true` if hydra semantics should be used for the room version, `false` otherwise.
  */
 export function shouldUseHydraForRoomVersion(roomVersion) {
   return !PRE_HYDRA_ROOM_VERSIONS.includes(roomVersion);

package/lib/utils/roomVersion.js.map

@@ -1 +1 @@
-{"version":3,"file":"roomVersion.js","names":["PRE_HYDRA_ROOM_VERSIONS","shouldUseHydraForRoomVersion","roomVersion","includes"],"sources":["../../src/utils/roomVersion.ts"],"sourcesContent":["/*\r\nCopyright 2025 The Matrix.org Foundation C.I.C.\r\n\r\nLicensed under the Apache License, Version 2.0 (the \"License\");\r\nyou may not use this file except in compliance with the License.\r\nYou may obtain a copy of the License at\r\n\r\n    http://www.apache.org/licenses/LICENSE-2.0\r\n\r\nUnless required by applicable law or agreed to in writing, software\r\ndistributed under the License is distributed on an \"AS IS\" BASIS,\r\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r\nSee the License for the specific language governing permissions and\r\nlimitations under the License.\r\n*/\r\n\r\n/**\r\n * Room versions strings that we know about and do not use hydra semantics.\r\n */\r\nconst PRE_HYDRA_ROOM_VERSIONS = [\"1\", \"2\", \"3\", \"4\", \"5\", \"6\", \"7\", \"8\", \"9\", \"10\", \"11\"];\r\n\r\n/**\r\n * Checks if the given room version is one where new \"hydra\" power level\r\n * semantics (ie. room version 12 or later) should be used\r\n * (see https://github.com/matrix-org/matrix-spec-proposals/pull/4289).\r\n * This will return `false` for versions that are known to the js-sdk and\r\n * do not use hydra: any room versions unknown to the js-sdk (experimental or\r\n * otherwise) will cause the function to return true.\r\n *\r\n * @param roomVersion - The version of the room to check.\r\n * @returns `true` if hydra semantics should be used for the room version, `false` otherwise.\r\n */\r\nexport function shouldUseHydraForRoomVersion(roomVersion: string): boolean {\r\n    return !PRE_HYDRA_ROOM_VERSIONS.includes(roomVersion);\r\n}\r\n"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,IAAMA,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC;;AAEzF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,4BAA4BA,CAACC,WAAmB,EAAW;EACvE,OAAO,CAACF,uBAAuB,CAACG,QAAQ,CAACD,WAAW,CAAC;AACzD","ignoreList":[]}
+{"version":3,"file":"roomVersion.js","names":["PRE_HYDRA_ROOM_VERSIONS","shouldUseHydraForRoomVersion","roomVersion","includes"],"sources":["../../src/utils/roomVersion.ts"],"sourcesContent":["/*\nCopyright 2025 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\n/**\n * Room versions strings that we know about and do not use hydra semantics.\n */\nconst PRE_HYDRA_ROOM_VERSIONS = [\"1\", \"2\", \"3\", \"4\", \"5\", \"6\", \"7\", \"8\", \"9\", \"10\", \"11\"];\n\n/**\n * Checks if the given room version is one where new \"hydra\" power level\n * semantics (ie. room version 12 or later) should be used\n * (see https://github.com/matrix-org/matrix-spec-proposals/pull/4289).\n * This will return `false` for versions that are known to the js-sdk and\n * do not use hydra: any room versions unknown to the js-sdk (experimental or\n * otherwise) will cause the function to return true.\n *\n * @param roomVersion - The version of the room to check.\n * @returns `true` if hydra semantics should be used for the room version, `false` otherwise.\n */\nexport function shouldUseHydraForRoomVersion(roomVersion: string): boolean {\n    return !PRE_HYDRA_ROOM_VERSIONS.includes(roomVersion);\n}\n"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,IAAMA,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC;;AAEzF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASC,4BAA4BA,CAACC,WAAmB,EAAW;EACvE,OAAO,CAACF,uBAAuB,CAACG,QAAQ,CAACD,WAAW,CAAC;AACzD","ignoreList":[]}

package/lib/version-support.js

@@ -1,37 +1,37 @@
-/*
-Copyright 2022 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+/*
+Copyright 2022 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
 */
 
-/**
- * A list of the spec versions which the js-sdk is compatible with.
- *
- * In practice, this means: when we connect to a server, it must declare support for one of the versions in this list.
- *
- * Note that it does not *necessarily* mean that the js-sdk has good support for all the features in the listed spec
- * versions; only that we should be able to provide a base level of functionality with a server that offers support for
- * any of the listed versions.
+/**
+ * A list of the spec versions which the js-sdk is compatible with.
+ *
+ * In practice, this means: when we connect to a server, it must declare support for one of the versions in this list.
+ *
+ * Note that it does not *necessarily* mean that the js-sdk has good support for all the features in the listed spec
+ * versions; only that we should be able to provide a base level of functionality with a server that offers support for
+ * any of the listed versions.
  */
 export var SUPPORTED_MATRIX_VERSIONS = ["v1.1", "v1.2", "v1.3", "v1.4", "v1.5", "v1.6", "v1.7", "v1.8", "v1.9", "v1.10", "v1.11", "v1.12", "v1.13"];
 
-/**
- * The oldest Matrix specification version the js-sdk supports.
+/**
+ * The oldest Matrix specification version the js-sdk supports.
  */
 export var MINIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[0];
 
-/**
- * The most recent Matrix specification version the js-sdk supports.
+/**
+ * The most recent Matrix specification version the js-sdk supports.
  */
 export var MAXIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[SUPPORTED_MATRIX_VERSIONS.length - 1];
 //# sourceMappingURL=version-support.js.map

package/lib/version-support.js.map

@@ -1 +1 @@
-{"version":3,"file":"version-support.js","names":["SUPPORTED_MATRIX_VERSIONS","MINIMUM_MATRIX_VERSION","MAXIMUM_MATRIX_VERSION","length"],"sources":["../src/version-support.ts"],"sourcesContent":["/*\r\nCopyright 2022 The Matrix.org Foundation C.I.C.\r\n\r\nLicensed under the Apache License, Version 2.0 (the \"License\");\r\nyou may not use this file except in compliance with the License.\r\nYou may obtain a copy of the License at\r\n\r\n    http://www.apache.org/licenses/LICENSE-2.0\r\n\r\nUnless required by applicable law or agreed to in writing, software\r\ndistributed under the License is distributed on an \"AS IS\" BASIS,\r\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r\nSee the License for the specific language governing permissions and\r\nlimitations under the License.\r\n*/\r\n\r\n/**\r\n * A list of the spec versions which the js-sdk is compatible with.\r\n *\r\n * In practice, this means: when we connect to a server, it must declare support for one of the versions in this list.\r\n *\r\n * Note that it does not *necessarily* mean that the js-sdk has good support for all the features in the listed spec\r\n * versions; only that we should be able to provide a base level of functionality with a server that offers support for\r\n * any of the listed versions.\r\n */\r\nexport const SUPPORTED_MATRIX_VERSIONS = [\r\n    \"v1.1\",\r\n    \"v1.2\",\r\n    \"v1.3\",\r\n    \"v1.4\",\r\n    \"v1.5\",\r\n    \"v1.6\",\r\n    \"v1.7\",\r\n    \"v1.8\",\r\n    \"v1.9\",\r\n    \"v1.10\",\r\n    \"v1.11\",\r\n    \"v1.12\",\r\n    \"v1.13\",\r\n];\r\n\r\n/**\r\n * The oldest Matrix specification version the js-sdk supports.\r\n */\r\nexport const MINIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[0];\r\n\r\n/**\r\n * The most recent Matrix specification version the js-sdk supports.\r\n */\r\nexport const MAXIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[SUPPORTED_MATRIX_VERSIONS.length - 1];\r\n"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,IAAMA,yBAAyB,GAAG,CACrC,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACV;;AAED;AACA;AACA;AACA,OAAO,IAAMC,sBAAsB,GAAGD,yBAAyB,CAAC,CAAC,CAAC;;AAElE;AACA;AACA;AACA,OAAO,IAAME,sBAAsB,GAAGF,yBAAyB,CAACA,yBAAyB,CAACG,MAAM,GAAG,CAAC,CAAC","ignoreList":[]}
+{"version":3,"file":"version-support.js","names":["SUPPORTED_MATRIX_VERSIONS","MINIMUM_MATRIX_VERSION","MAXIMUM_MATRIX_VERSION","length"],"sources":["../src/version-support.ts"],"sourcesContent":["/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\n/**\n * A list of the spec versions which the js-sdk is compatible with.\n *\n * In practice, this means: when we connect to a server, it must declare support for one of the versions in this list.\n *\n * Note that it does not *necessarily* mean that the js-sdk has good support for all the features in the listed spec\n * versions; only that we should be able to provide a base level of functionality with a server that offers support for\n * any of the listed versions.\n */\nexport const SUPPORTED_MATRIX_VERSIONS = [\n    \"v1.1\",\n    \"v1.2\",\n    \"v1.3\",\n    \"v1.4\",\n    \"v1.5\",\n    \"v1.6\",\n    \"v1.7\",\n    \"v1.8\",\n    \"v1.9\",\n    \"v1.10\",\n    \"v1.11\",\n    \"v1.12\",\n    \"v1.13\",\n];\n\n/**\n * The oldest Matrix specification version the js-sdk supports.\n */\nexport const MINIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[0];\n\n/**\n * The most recent Matrix specification version the js-sdk supports.\n */\nexport const MAXIMUM_MATRIX_VERSION = SUPPORTED_MATRIX_VERSIONS[SUPPORTED_MATRIX_VERSIONS.length - 1];\n"],"mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,IAAMA,yBAAyB,GAAG,CACrC,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,MAAM,EACN,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACV;;AAED;AACA;AACA;AACA,OAAO,IAAMC,sBAAsB,GAAGD,yBAAyB,CAAC,CAAC,CAAC;;AAElE;AACA;AACA;AACA,OAAO,IAAME,sBAAsB,GAAGF,yBAAyB,CAACA,yBAAyB,CAACG,MAAM,GAAG,CAAC,CAAC","ignoreList":[]}

package/lib/wallet-recovery.d.ts

@@ -0,0 +1,24 @@
+import { type WalletE2eeRecoveryEnvelope } from "./@types/auth.ts";
+export interface CreateDualWrapEnvelopeParams {
+    chainId: string;
+    accountId: string;
+    backupPassword: string;
+    walletWrapKey: Uint8Array;
+    createdAtMs?: number;
+    keyId?: string;
+    recoveryKey?: Uint8Array;
+}
+export interface UnwrapWithWalletParams {
+    envelope: WalletE2eeRecoveryEnvelope;
+    walletWrapKey: Uint8Array;
+}
+export interface UnwrapWithPasswordParams {
+    envelope: WalletE2eeRecoveryEnvelope;
+    backupPassword: string;
+}
+export declare function deriveWalletWrapKeyFromSecret(walletSecret: string, chainId: string, accountId: string, homeserver: string): Promise<Uint8Array>;
+export declare function validateRecoveryEnvelopeShape(value: unknown): asserts value is WalletE2eeRecoveryEnvelope;
+export declare function createDualWrapEnvelope(params: CreateDualWrapEnvelopeParams): Promise<WalletE2eeRecoveryEnvelope>;
+export declare function unwrapWithWallet({ envelope, walletWrapKey }: UnwrapWithWalletParams): Promise<Uint8Array>;
+export declare function unwrapWithPassword({ envelope, backupPassword, }: UnwrapWithPasswordParams): Promise<Uint8Array>;
+//# sourceMappingURL=wallet-recovery.d.ts.map

package/lib/wallet-recovery.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wallet-recovery.d.ts","sourceRoot":"","sources":["../src/wallet-recovery.ts"],"names":[],"mappings":"AAgBA,OAAO,EAAE,KAAK,0BAA0B,EAA2B,MAAM,kBAAkB,CAAC;AAQ5F,MAAM,WAAW,4BAA4B;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,UAAU,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,UAAU,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACnC,QAAQ,EAAE,0BAA0B,CAAC;IACrC,aAAa,EAAE,UAAU,CAAC;CAC7B;AAED,MAAM,WAAW,wBAAwB;IACrC,QAAQ,EAAE,0BAA0B,CAAC;IACrC,cAAc,EAAE,MAAM,CAAC;CAC1B;AAuHD,wBAAsB,6BAA6B,CAC/C,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,GACnB,OAAO,CAAC,UAAU,CAAC,CAOrB;AAED,wBAAgB,6BAA6B,CACzC,KAAK,EAAE,OAAO,GACf,OAAO,CAAC,KAAK,IAAI,0BAA0B,CAiB7C;AAED,wBAAsB,sBAAsB,CAAC,MAAM,EAAE,4BAA4B,GAAG,OAAO,CAAC,0BAA0B,CAAC,CAwCtH;AAED,wBAAsB,gBAAgB,CAAC,EAAE,QAAQ,EAAE,aAAa,EAAE,EAAE,sBAAsB,GAAG,OAAO,CAAC,UAAU,CAAC,CAG/G;AAED,wBAAsB,kBAAkB,CAAC,EACrC,QAAQ,EACR,cAAc,GACjB,EAAE,wBAAwB,GAAG,OAAO,CAAC,UAAU,CAAC,CAKhD"}

package/lib/wallet-recovery.js

@@ -0,0 +1,232 @@
+import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
+/*
+Copyright 2026 TextRP
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+var ENVELOPE_VERSION = 1;
+var KEY_BYTES = 32;
+var NONCE_BYTES = 12;
+var SALT_BYTES = 16;
+var PASSWORD_KDF_ITERATIONS = 210000;
+function assert(condition, message) {
+  if (!condition) throw new Error(message);
+}
+function toBase64(bytes) {
+  if (typeof Buffer !== "undefined") return Buffer.from(bytes).toString("base64");
+  var binary = "";
+  bytes.forEach(b => binary += String.fromCodePoint(b));
+  return btoa(binary);
+}
+function fromBase64(value) {
+  if (typeof Buffer !== "undefined") return new Uint8Array(Buffer.from(value, "base64"));
+  var binary = atob(value);
+  var out = new Uint8Array(binary.length);
+  for (var i = 0; i < binary.length; i++) out[i] = binary.codePointAt(i);
+  return out;
+}
+function toUtf8(value) {
+  return new TextEncoder().encode(value);
+}
+function toArrayBuffer(value) {
+  return value.buffer.slice(value.byteOffset, value.byteOffset + value.byteLength);
+}
+function randomBytes(len) {
+  var out = new Uint8Array(len);
+  globalThis.crypto.getRandomValues(out);
+  return out;
+}
+function importAesGcmKey(_x) {
+  return _importAesGcmKey.apply(this, arguments);
+}
+function _importAesGcmKey() {
+  _importAesGcmKey = _asyncToGenerator(function* (key) {
+    return yield globalThis.crypto.subtle.importKey("raw", toArrayBuffer(key), {
+      name: "AES-GCM"
+    }, false, ["encrypt", "decrypt"]);
+  });
+  return _importAesGcmKey.apply(this, arguments);
+}
+function encryptWrap(_x2, _x3) {
+  return _encryptWrap.apply(this, arguments);
+}
+function _encryptWrap() {
+  _encryptWrap = _asyncToGenerator(function* (plaintext, _ref) {
+    var {
+      key,
+      aad,
+      kdf,
+      params
+    } = _ref;
+    assert(key.length >= KEY_BYTES, "wallet recovery key must be at least 32 bytes");
+    var salt = randomBytes(SALT_BYTES);
+    var nonce = randomBytes(NONCE_BYTES);
+    var cryptoKey = yield importAesGcmKey(key.slice(0, KEY_BYTES));
+    var ciphertext = yield globalThis.crypto.subtle.encrypt({
+      name: "AES-GCM",
+      iv: toArrayBuffer(nonce),
+      additionalData: toArrayBuffer(aad),
+      tagLength: 128
+    }, cryptoKey, toArrayBuffer(plaintext));
+    return {
+      alg: "aes-256-gcm",
+      kdf,
+      salt: toBase64(salt),
+      nonce: toBase64(nonce),
+      ciphertext: toBase64(new Uint8Array(ciphertext)),
+      aad: toBase64(aad),
+      params
+    };
+  });
+  return _encryptWrap.apply(this, arguments);
+}
+function decryptWrap(_x4, _x5) {
+  return _decryptWrap.apply(this, arguments);
+}
+function _decryptWrap() {
+  _decryptWrap = _asyncToGenerator(function* (wrap, key) {
+    var nonce = fromBase64(wrap.nonce);
+    var aad = wrap.aad ? fromBase64(wrap.aad) : new Uint8Array();
+    var ciphertext = fromBase64(wrap.ciphertext);
+    var cryptoKey = yield importAesGcmKey(key.slice(0, KEY_BYTES));
+    var plaintext = yield globalThis.crypto.subtle.decrypt({
+      name: "AES-GCM",
+      iv: toArrayBuffer(nonce),
+      additionalData: toArrayBuffer(aad),
+      tagLength: 128
+    }, cryptoKey, toArrayBuffer(ciphertext));
+    return new Uint8Array(plaintext);
+  });
+  return _decryptWrap.apply(this, arguments);
+}
+function derivePasswordWrapKey(_x6, _x7) {
+  return _derivePasswordWrapKey.apply(this, arguments);
+}
+function _derivePasswordWrapKey() {
+  _derivePasswordWrapKey = _asyncToGenerator(function* (password, salt) {
+    var keyMaterial = yield globalThis.crypto.subtle.importKey("raw", toArrayBuffer(toUtf8(password)), "PBKDF2", false, ["deriveBits"]);
+    var bits = yield globalThis.crypto.subtle.deriveBits({
+      name: "PBKDF2",
+      hash: "SHA-256",
+      salt: toArrayBuffer(salt),
+      iterations: PASSWORD_KDF_ITERATIONS
+    }, keyMaterial, KEY_BYTES * 8);
+    return new Uint8Array(bits);
+  });
+  return _derivePasswordWrapKey.apply(this, arguments);
+}
+export function deriveWalletWrapKeyFromSecret(_x8, _x9, _x0, _x1) {
+  return _deriveWalletWrapKeyFromSecret.apply(this, arguments);
+}
+function _deriveWalletWrapKeyFromSecret() {
+  _deriveWalletWrapKeyFromSecret = _asyncToGenerator(function* (walletSecret, chainId, accountId, homeserver) {
+    var context = "briij-wallet-auth-wrap-v1:".concat(homeserver, ":").concat(chainId, ":").concat(accountId);
+    var digest = yield globalThis.crypto.subtle.digest("SHA-256", toArrayBuffer(toUtf8("".concat(context, ":").concat(walletSecret))));
+    return new Uint8Array(digest);
+  });
+  return _deriveWalletWrapKeyFromSecret.apply(this, arguments);
+}
+export function validateRecoveryEnvelopeShape(value) {
+  assert(!!value && typeof value === "object", "recovery envelope must be an object");
+  var envelope = value;
+  assert(typeof envelope.envelope_version === "number", "envelope_version must be a number");
+  assert(typeof envelope.chain_id === "string" && envelope.chain_id.length > 0, "chain_id is required");
+  assert(typeof envelope.account_id === "string" && envelope.account_id.length > 0, "account_id is required");
+  assert(typeof envelope.created_at_ms === "number", "created_at_ms must be a number");
+  assert(typeof envelope.key_id === "string" && envelope.key_id.length > 0, "key_id is required");
+  assert(!!envelope.wallet_wrap && typeof envelope.wallet_wrap === "object", "wallet_wrap is required");
+  assert(!!envelope.password_wrap && typeof envelope.password_wrap === "object", "password_wrap is required");
+  for (var wrap of [envelope.wallet_wrap, envelope.password_wrap]) {
+    assert(typeof wrap.alg === "string" && wrap.alg.length > 0, "wrap.alg is required");
+    assert(typeof wrap.kdf === "string" && wrap.kdf.length > 0, "wrap.kdf is required");
+    assert(typeof wrap.salt === "string" && wrap.salt.length > 0, "wrap.salt is required");
+    assert(typeof wrap.nonce === "string" && wrap.nonce.length > 0, "wrap.nonce is required");
+    assert(typeof wrap.ciphertext === "string" && wrap.ciphertext.length > 0, "wrap.ciphertext is required");
+  }
+}
+export function createDualWrapEnvelope(_x10) {
+  return _createDualWrapEnvelope.apply(this, arguments);
+}
+function _createDualWrapEnvelope() {
+  _createDualWrapEnvelope = _asyncToGenerator(function* (params) {
+    var _params$createdAtMs, _params$keyId, _params$recoveryKey;
+    assert(params.chainId.length > 0, "chainId is required");
+    assert(params.accountId.length > 0, "accountId is required");
+    assert(params.backupPassword.length > 0, "backupPassword is required");
+    assert(params.walletWrapKey.length >= KEY_BYTES, "walletWrapKey must be at least 32 bytes");
+    var createdAtMs = (_params$createdAtMs = params.createdAtMs) !== null && _params$createdAtMs !== void 0 ? _params$createdAtMs : Date.now();
+    var keyId = (_params$keyId = params.keyId) !== null && _params$keyId !== void 0 ? _params$keyId : "k-".concat(toBase64(randomBytes(8)).replace(/=+$/g, ""));
+    var recoveryKey = (_params$recoveryKey = params.recoveryKey) !== null && _params$recoveryKey !== void 0 ? _params$recoveryKey : randomBytes(KEY_BYTES);
+    assert(recoveryKey.length === KEY_BYTES, "recoveryKey must be 32 bytes");
+    var aad = toUtf8("briij-recovery-envelope-v1:".concat(params.chainId, ":").concat(params.accountId, ":").concat(keyId, ":").concat(createdAtMs));
+    var walletWrap = yield encryptWrap(recoveryKey, {
+      key: params.walletWrapKey,
+      aad,
+      kdf: "sha256-context-v1"
+    });
+    var passwordSalt = randomBytes(SALT_BYTES);
+    var passwordWrapKey = yield derivePasswordWrapKey(params.backupPassword, passwordSalt);
+    var passwordWrap = yield encryptWrap(recoveryKey, {
+      key: passwordWrapKey,
+      aad,
+      kdf: "pbkdf2-sha256-v1",
+      params: {
+        iterations: PASSWORD_KDF_ITERATIONS,
+        hash: "SHA-256"
+      }
+    });
+    passwordWrap.salt = toBase64(passwordSalt);
+    return {
+      envelope_version: ENVELOPE_VERSION,
+      chain_id: params.chainId,
+      account_id: params.accountId,
+      created_at_ms: createdAtMs,
+      key_id: keyId,
+      wallet_wrap: walletWrap,
+      password_wrap: passwordWrap
+    };
+  });
+  return _createDualWrapEnvelope.apply(this, arguments);
+}
+export function unwrapWithWallet(_x11) {
+  return _unwrapWithWallet.apply(this, arguments);
+}
+function _unwrapWithWallet() {
+  _unwrapWithWallet = _asyncToGenerator(function* (_ref2) {
+    var {
+      envelope,
+      walletWrapKey
+    } = _ref2;
+    validateRecoveryEnvelopeShape(envelope);
+    return yield decryptWrap(envelope.wallet_wrap, walletWrapKey);
+  });
+  return _unwrapWithWallet.apply(this, arguments);
+}
+export function unwrapWithPassword(_x12) {
+  return _unwrapWithPassword.apply(this, arguments);
+}
+function _unwrapWithPassword() {
+  _unwrapWithPassword = _asyncToGenerator(function* (_ref3) {
+    var {
+      envelope,
+      backupPassword
+    } = _ref3;
+    validateRecoveryEnvelopeShape(envelope);
+    var passwordSalt = fromBase64(envelope.password_wrap.salt);
+    var passwordWrapKey = yield derivePasswordWrapKey(backupPassword, passwordSalt);
+    return yield decryptWrap(envelope.password_wrap, passwordWrapKey);
+  });
+  return _unwrapWithPassword.apply(this, arguments);
+}
+//# sourceMappingURL=wallet-recovery.js.map