npm - @time-file/browser-file-crypto - Versions diffs - 1.0.3 → 1.1.1 - Mend

@time-file/browser-file-crypto 1.0.3 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-const k = 16, G = 12, C = 256, U = 1e5, M = 32, v = 1, V = 2, B = 16, W = 45, x = 29, l = "AES-GCM", N = "SHA-256", T = {
+const ne = 16, ae = 12, re = 256, ce = 1e5, se = 32, ie = 1, oe = 2, Ee = 17, le = 18, pe = 65536, ye = 1, ue = 16, de = 45, fe = 29, w = "AES-GCM", F = "SHA-256", Y = {
   INVALID_INPUT: "Input must be a File, Blob, or ArrayBuffer.",
   PASSWORD_REQUIRED: "Password or keyfile is required for encryption.",
   KEYFILE_REQUIRED: "Keyfile is required to decrypt this file.",
@@ -10,47 +10,47 @@ const k = 16, G = 12, C = 256, U = 1e5, M = 32, v = 1, V = 2, B = 16, W = 45, x
   DOWNLOAD_FAILED: "File download failed.",
   UNSUPPORTED_FORMAT: "Unsupported encryption format."
 };
-class p extends Error {
+class E extends Error {
   /**
    * Creates a new CryptoError.
    *
    * @param code - Error code identifying the type of error
    * @param message - Optional custom message (defaults to predefined message)
    */
-  constructor(a, t) {
-    super(t ?? T[a]), this.name = "CryptoError", this.code = a, Error.captureStackTrace && Error.captureStackTrace(this, p);
+  constructor(r, e) {
+    super(e ?? Y[r]), this.name = "CryptoError", this.code = r, Error.captureStackTrace && Error.captureStackTrace(this, E);
   }
 }
-function j(n) {
-  return n instanceof p;
+function he(n) {
+  return n instanceof E;
 }
-async function s(n) {
+async function S(n) {
   if (n instanceof ArrayBuffer)
     return n;
   if (n instanceof Blob)
     return n.arrayBuffer();
-  throw new p("INVALID_INPUT");
+  throw new E("INVALID_INPUT");
 }
-function o(n) {
+function R(n) {
   return n.buffer.slice(n.byteOffset, n.byteOffset + n.byteLength);
 }
-function L(n) {
-  const a = new Uint8Array(n);
-  let t = "";
-  for (let e = 0; e < a.byteLength; e++)
-    t += String.fromCharCode(a[e]);
-  return btoa(t);
-}
-function _(n) {
-  const a = atob(n), t = new Uint8Array(a.length);
-  for (let e = 0; e < a.length; e++)
-    t[e] = a.charCodeAt(e);
-  return t.buffer;
-}
-async function A(n, a) {
-  const t = new TextEncoder(), e = await crypto.subtle.importKey(
+function U(n) {
+  const r = new Uint8Array(n);
+  let e = "";
+  for (let t = 0; t < r.byteLength; t++)
+    e += String.fromCharCode(r[t]);
+  return btoa(e);
+}
+function O(n) {
+  const r = atob(n), e = new Uint8Array(r.length);
+  for (let t = 0; t < r.length; t++)
+    e[t] = r.charCodeAt(t);
+  return e.buffer;
+}
+async function I(n, r) {
+  const e = new TextEncoder(), t = await crypto.subtle.importKey(
     "raw",
-    t.encode(n),
+    e.encode(n),
     "PBKDF2",
     !1,
     ["deriveKey"]
@@ -58,278 +58,564 @@ async function A(n, a) {
   return crypto.subtle.deriveKey(
     {
       name: "PBKDF2",
-      salt: o(a),
+      salt: R(r),
       iterations: 1e5,
-      hash: N
+      hash: F
     },
-    e,
-    { name: l, length: 256 },
+    t,
+    { name: w, length: 256 },
     !1,
     // non-extractable for security
     ["encrypt", "decrypt"]
   );
 }
-async function w(n) {
+async function T(n) {
   try {
-    const a = _(n);
+    const r = O(n);
     return await crypto.subtle.importKey(
       "raw",
-      a,
-      { name: l, length: 256 },
+      r,
+      { name: w, length: 256 },
       !1,
       // non-extractable for security
       ["encrypt", "decrypt"]
     );
   } catch {
-    throw new p("INVALID_KEYFILE");
+    throw new E("INVALID_KEYFILE");
   }
 }
-function u(n) {
+function N(n) {
   return crypto.getRandomValues(new Uint8Array(n));
 }
-function R() {
-  return u(16);
+function b() {
+  return N(16);
 }
-function I() {
-  return u(12);
+function D() {
+  return N(12);
 }
-const h = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*", D = 16;
-function Z(n = D) {
-  const a = Math.max(8, Math.min(128, n)), t = u(a);
-  let e = "";
-  for (let i = 0; i < a; i++) {
-    const c = t[i] % h.length;
-    e += h[c];
+const L = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*", H = 16;
+function Re(n = H) {
+  const r = Math.max(8, Math.min(128, n)), e = N(r);
+  let t = "";
+  for (let a = 0; a < r; a++) {
+    const c = e[a] % L.length;
+    t += L[c];
   }
-  return e;
+  return t;
+}
+function M(n, r) {
+  const e = new Uint8Array(12);
+  e.set(n);
+  const t = new DataView(e.buffer), a = t.getUint32(8, !0);
+  return t.setUint32(8, a ^ r, !0), e;
 }
-async function Q(n, a) {
-  const { password: t, keyData: e, onProgress: i } = a;
-  if (!t && !e)
-    throw new p("PASSWORD_REQUIRED");
+function k(n, r) {
+  const e = new Uint8Array(n.length + r.length);
+  return e.set(n, 0), e.set(r, n.length), e;
+}
+async function m(n, r, e, t) {
+  const a = M(e, t), c = await crypto.subtle.encrypt(
+    { name: w, iv: R(a) },
+    r,
+    R(n)
+  ), s = new Uint8Array(4 + c.byteLength);
+  return new DataView(s.buffer).setUint32(0, c.byteLength, !0), s.set(new Uint8Array(c), 4), s;
+}
+async function V(n, r, e, t, a) {
+  const c = M(e, t);
   try {
-    i == null || i({ phase: "deriving_key", progress: 0 });
-    const c = await s(n);
-    return i == null || i({ phase: "deriving_key", progress: 10 }), e ? await m(c, e, i) : await S(c, t, i);
+    const s = await crypto.subtle.decrypt(
+      { name: w, iv: R(c) },
+      r,
+      R(n)
+    );
+    return new Uint8Array(s);
+  } catch {
+    throw t === 0 ? new E(a ? "INVALID_PASSWORD" : "INVALID_KEYFILE") : new E("DECRYPTION_FAILED");
+  }
+}
+function v(n, r, e, t) {
+  if (n && e) {
+    const a = new Uint8Array(34);
+    return a[0] = 17, a[1] = 1, new DataView(a.buffer).setUint32(2, r, !0), a.set(e, 6), a.set(t, 22), a;
+  } else {
+    const a = new Uint8Array(18);
+    return a[0] = 18, a[1] = 1, new DataView(a.buffer).setUint32(2, r, !0), a.set(t, 6), a;
+  }
+}
+function B(n) {
+  const r = n[0], e = r === 17;
+  if (r !== 17 && r !== 18)
+    throw new E("UNSUPPORTED_FORMAT");
+  const t = n[1];
+  if (t !== 1)
+    throw new E("UNSUPPORTED_FORMAT");
+  const a = new DataView(n.buffer, n.byteOffset).getUint32(
+    2,
+    !0
+  );
+  if (e) {
+    const c = n.slice(6, 22), s = n.slice(22, 34);
+    return { isPassword: e, version: t, chunkSize: a, salt: c, baseIV: s, headerSize: 34 };
+  } else {
+    const c = n.slice(6, 18);
+    return { isPassword: e, version: t, chunkSize: a, salt: null, baseIV: c, headerSize: 18 };
+  }
+}
+async function G(n) {
+  const { password: r, keyData: e, chunkSize: t = 65536, onProgress: a } = n;
+  if (!r && !e)
+    throw new E("PASSWORD_REQUIRED");
+  const c = !!r, s = c ? b() : null, i = D();
+  a == null || a({
+    phase: "deriving_key",
+    processedBytes: 0,
+    processedChunks: 0
+  });
+  const p = c ? await I(r, s) : await T(e), l = v(c, t, s, i);
+  let o = new Uint8Array(0), y = 0, u = 0;
+  return { stream: new TransformStream({
+    async transform(d, f) {
+      for (o = k(o, d); o.length >= t; ) {
+        const _ = o.slice(0, t);
+        o = o.slice(t);
+        const h = await m(_, p, i, y);
+        f.enqueue(h), y++, u += _.length, a == null || a({
+          phase: "encrypting",
+          processedBytes: u,
+          processedChunks: y
+        });
+      }
+    },
+    async flush(d) {
+      if (o.length > 0) {
+        const f = await m(o, p, i, y);
+        d.enqueue(f), u += o.length, y++;
+      }
+      a == null || a({
+        phase: "complete",
+        processedBytes: u,
+        processedChunks: y,
+        progress: 100
+      });
+    }
+  }), header: l };
+}
+function g(n) {
+  const { password: r, keyData: e, onProgress: t } = n;
+  let a = new Uint8Array(0), c = !1, s = null, i = null, p = 0, l = 0, o = !1, y = 0;
+  return new TransformStream({
+    async transform(u, A) {
+      if (a = k(a, u), !c) {
+        if (a.length < 2) return;
+        const f = a[0] === 17 ? 34 : 18;
+        if (a.length < f) return;
+        const _ = a.slice(0, f), h = B(_);
+        if (o = h.isPassword, i = h.baseIV, y = h.headerSize, o && !r)
+          throw new E("PASSWORD_REQUIRED");
+        if (!o && !e)
+          throw new E("KEYFILE_REQUIRED");
+        t == null || t({
+          phase: "deriving_key",
+          processedBytes: 0,
+          processedChunks: 0
+        }), s = o ? await I(r, h.salt) : await T(e), a = a.slice(y), c = !0;
+      }
+      for (; a.length >= 4; ) {
+        const f = 4 + new DataView(
+          a.buffer,
+          a.byteOffset
+        ).getUint32(0, !0);
+        if (a.length < f) break;
+        const _ = a.slice(4, f);
+        a = a.slice(f);
+        const h = await V(_, s, i, p, o);
+        A.enqueue(h), l += h.length, p++, t == null || t({
+          phase: "decrypting",
+          processedBytes: l,
+          processedChunks: p
+        });
+      }
+    },
+    async flush() {
+      if (a.length > 0)
+        throw new E("INVALID_ENCRYPTED_DATA");
+      t == null || t({
+        phase: "complete",
+        processedBytes: l,
+        processedChunks: p,
+        progress: 100
+      });
+    }
+  });
+}
+async function W(n, r) {
+  const e = n.size, t = r.onProgress ? (o) => {
+    r.onProgress({
+      ...o,
+      totalBytes: e,
+      progress: o.phase === "complete" ? 100 : Math.round(o.processedBytes / e * 100)
+    });
+  } : void 0, { stream: a, header: c } = await G({
+    ...r,
+    onProgress: t
+  }), i = n.stream().pipeThrough(a);
+  let p = !1;
+  const l = i.getReader();
+  return new ReadableStream({
+    async pull(o) {
+      if (!p) {
+        o.enqueue(c), p = !0;
+        return;
+      }
+      try {
+        const { done: y, value: u } = await l.read();
+        y ? o.close() : o.enqueue(u);
+      } catch (y) {
+        o.error(y);
+      }
+    },
+    cancel() {
+      l.releaseLock();
+    }
+  });
+}
+function K(n, r) {
+  const e = g(r);
+  return n instanceof ReadableStream ? n.pipeThrough(e) : n.stream().pipeThrough(e);
+}
+const x = 100 * 1024 * 1024;
+async function z(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r;
+  if (!e && !t)
+    throw new E("PASSWORD_REQUIRED");
+  try {
+    a == null || a({ phase: "deriving_key", progress: 0 });
+    const c = await S(n);
+    return a == null || a({ phase: "deriving_key", progress: 10 }), t ? await Q(c, t, a) : await P(c, e, a);
   } catch (c) {
-    throw c instanceof p ? c : new p("ENCRYPTION_FAILED");
+    throw c instanceof E ? c : new E("ENCRYPTION_FAILED");
   }
 }
-async function S(n, a, t) {
-  const e = R(), i = I();
-  t == null || t({ phase: "deriving_key", progress: 20 });
-  const c = await A(a, e);
-  t == null || t({ phase: "encrypting", progress: 30 });
-  const r = await crypto.subtle.encrypt(
-    { name: l, iv: o(i) },
+async function P(n, r, e) {
+  const t = b(), a = D();
+  e == null || e({ phase: "deriving_key", progress: 20 });
+  const c = await I(r, t);
+  e == null || e({ phase: "encrypting", progress: 30 });
+  const s = await crypto.subtle.encrypt(
+    { name: w, iv: R(a) },
     c,
     n
   );
-  t == null || t({ phase: "encrypting", progress: 90 });
-  const y = new Uint8Array(
-    29 + r.byteLength
+  e == null || e({ phase: "encrypting", progress: 90 });
+  const i = new Uint8Array(
+    29 + s.byteLength
   );
-  return y[0] = 1, y.set(e, 1), y.set(i, 17), y.set(new Uint8Array(r), 29), t == null || t({ phase: "complete", progress: 100 }), new Blob([y], { type: "application/octet-stream" });
+  return i[0] = 1, i.set(t, 1), i.set(a, 17), i.set(new Uint8Array(s), 29), e == null || e({ phase: "complete", progress: 100 }), new Blob([i], { type: "application/octet-stream" });
 }
-async function m(n, a, t) {
-  const e = I();
-  t == null || t({ phase: "deriving_key", progress: 20 });
-  const i = await w(a);
-  t == null || t({ phase: "encrypting", progress: 30 });
+async function Q(n, r, e) {
+  const t = D();
+  e == null || e({ phase: "deriving_key", progress: 20 });
+  const a = await T(r);
+  e == null || e({ phase: "encrypting", progress: 30 });
   const c = await crypto.subtle.encrypt(
-    { name: l, iv: o(e) },
-    i,
+    { name: w, iv: R(t) },
+    a,
     n
   );
-  t == null || t({ phase: "encrypting", progress: 90 });
-  const r = new Uint8Array(13 + c.byteLength);
-  return r[0] = 2, r.set(e, 1), r.set(new Uint8Array(c), 13), t == null || t({ phase: "complete", progress: 100 }), new Blob([r], { type: "application/octet-stream" });
+  e == null || e({ phase: "encrypting", progress: 90 });
+  const s = new Uint8Array(13 + c.byteLength);
+  return s[0] = 2, s.set(t, 1), s.set(new Uint8Array(c), 13), e == null || e({ phase: "complete", progress: 100 }), new Blob([s], { type: "application/octet-stream" });
 }
-async function O(n, a) {
-  const { password: t, keyData: e, onProgress: i } = a;
+async function we(n, r) {
+  const {
+    password: e,
+    keyData: t,
+    onProgress: a,
+    autoStreaming: c = !1,
+    streamingThreshold: s = x,
+    chunkSize: i = 65536
+  } = r;
+  if (!e && !t)
+    throw new E("PASSWORD_REQUIRED");
+  if (c && n.size > s) {
+    const o = await W(n, {
+      password: e,
+      keyData: t,
+      chunkSize: i,
+      onProgress: a ? (u) => {
+        a({
+          phase: u.phase,
+          progress: u.progress ?? Math.round(u.processedBytes / n.size * 100)
+        });
+      } : void 0
+    });
+    return await new Response(o).blob();
+  } else
+    return await z(n, { password: e, keyData: t, onProgress: a });
+}
+async function Z(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r;
   try {
-    i == null || i({ phase: "decrypting", progress: 0 });
-    const c = new Uint8Array(await s(n));
-    if (i == null || i({ phase: "decrypting", progress: 5 }), c.length < 1)
-      throw new p("INVALID_ENCRYPTED_DATA");
-    const r = c[0];
-    if (r === 1) {
-      if (!t)
-        throw new p("PASSWORD_REQUIRED");
-      return await b(c, t, i);
-    } else if (r === 2) {
+    a == null || a({ phase: "decrypting", progress: 0 });
+    const c = new Uint8Array(await S(n));
+    if (a == null || a({ phase: "decrypting", progress: 5 }), c.length < 1)
+      throw new E("INVALID_ENCRYPTED_DATA");
+    const s = c[0];
+    if (s === 1) {
       if (!e)
-        throw new p("KEYFILE_REQUIRED");
-      return await K(c, e, i);
-    } else
-      throw new p("UNSUPPORTED_FORMAT");
+        throw new E("PASSWORD_REQUIRED");
+      return await q(c, e, a);
+    } else if (s === 2) {
+      if (!t)
+        throw new E("KEYFILE_REQUIRED");
+      return await j(c, t, a);
+    } else {
+      if (s === 17 || s === 18)
+        return await $(n, r);
+      throw new E("UNSUPPORTED_FORMAT");
+    }
   } catch (c) {
-    throw c instanceof p ? c : new p("DECRYPTION_FAILED");
+    throw c instanceof E ? c : new E("DECRYPTION_FAILED");
   }
 }
-async function b(n, a, t) {
+async function q(n, r, e) {
   if (n.length < 45)
-    throw new p("INVALID_ENCRYPTED_DATA");
-  t == null || t({ phase: "deriving_key", progress: 10 });
-  const e = n.slice(1, 17), i = n.slice(17, 29), c = n.slice(29), r = await A(a, e);
-  t == null || t({ phase: "decrypting", progress: 30 });
+    throw new E("INVALID_ENCRYPTED_DATA");
+  e == null || e({ phase: "deriving_key", progress: 10 });
+  const t = n.slice(1, 17), a = n.slice(17, 29), c = n.slice(29), s = await I(r, t);
+  e == null || e({ phase: "decrypting", progress: 30 });
   try {
-    const y = await crypto.subtle.decrypt(
-      { name: l, iv: o(i) },
-      r,
+    const i = await crypto.subtle.decrypt(
+      { name: w, iv: R(a) },
+      s,
       c
     );
-    return t == null || t({ phase: "complete", progress: 100 }), new Blob([y]);
+    return e == null || e({ phase: "complete", progress: 100 }), new Blob([i]);
   } catch {
-    throw new p("INVALID_PASSWORD");
+    throw new E("INVALID_PASSWORD");
   }
 }
-async function K(n, a, t) {
+async function j(n, r, e) {
   if (n.length < 29)
-    throw new p("INVALID_ENCRYPTED_DATA");
-  t == null || t({ phase: "decrypting", progress: 10 });
-  const e = n.slice(1, 13), i = n.slice(13), c = await w(a);
-  t == null || t({ phase: "decrypting", progress: 30 });
+    throw new E("INVALID_ENCRYPTED_DATA");
+  e == null || e({ phase: "decrypting", progress: 10 });
+  const t = n.slice(1, 13), a = n.slice(13), c = await T(r);
+  e == null || e({ phase: "decrypting", progress: 30 });
   try {
-    const r = await crypto.subtle.decrypt(
-      { name: l, iv: o(e) },
+    const s = await crypto.subtle.decrypt(
+      { name: w, iv: R(t) },
       c,
-      i
+      a
     );
-    return t == null || t({ phase: "complete", progress: 100 }), new Blob([r]);
+    return e == null || e({ phase: "complete", progress: 100 }), new Blob([s]);
   } catch {
-    throw new p("INVALID_KEYFILE");
+    throw new E("INVALID_KEYFILE");
   }
 }
-async function g(n) {
-  const a = await s(n), t = new Uint8Array(a);
-  if (t.length < 1)
+async function $(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r, c = n instanceof Blob ? n : new Blob([n]), i = K(c, {
+    password: e,
+    keyData: t,
+    onProgress: a ? (l) => {
+      a({
+        phase: l.phase,
+        progress: l.progress ?? Math.round(l.processedBytes / (l.totalBytes || 1) * 100)
+      });
+    } : void 0
+  });
+  return await new Response(i).blob();
+}
+async function _e(n) {
+  const r = await S(n), e = new Uint8Array(r);
+  if (e.length < 1)
     return "unknown";
-  const e = t[0];
-  return e === 1 ? "password" : e === 2 ? "keyfile" : "unknown";
+  const t = e[0];
+  return t === 1 ? "password" : t === 2 ? "keyfile" : t === 17 ? "password-stream" : t === 18 ? "keyfile-stream" : "unknown";
 }
-async function $(n) {
-  const a = await s(n), t = new Uint8Array(a);
-  if (t.length < 1)
+const J = 34, X = 18;
+async function Ae(n) {
+  const r = await S(n), e = new Uint8Array(r);
+  if (e.length < 1)
     return !1;
-  const e = t[0];
-  return e === 1 && t.length >= 45 || e === 2 && t.length >= 29;
+  const t = e[0];
+  return t === 1 && e.length >= 45 || t === 2 && e.length >= 29 || t === 17 && e.length >= J || t === 18 && e.length >= X;
+}
+function Se(n) {
+  return n === "password-stream" || n === "keyfile-stream";
 }
-function q() {
-  const n = u(32);
+function Ie() {
+  const n = N(32);
   return {
     version: 1,
     algorithm: "AES-256-GCM",
-    key: L(n.buffer),
+    key: U(n.buffer),
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
   };
 }
-function J(n) {
+function Te(n) {
   try {
-    const a = JSON.parse(n);
-    return Y(a) ? a : null;
+    const r = JSON.parse(n);
+    return ee(r) ? r : null;
   } catch {
     return null;
   }
 }
-function Y(n) {
+function ee(n) {
   if (typeof n != "object" || n === null)
     return !1;
-  const a = n;
-  return a.version === 1 && a.algorithm === "AES-256-GCM" && typeof a.key == "string" && a.key.length > 0 && typeof a.createdAt == "string";
+  const r = n;
+  return r.version === 1 && r.algorithm === "AES-256-GCM" && typeof r.key == "string" && r.key.length > 0 && typeof r.createdAt == "string";
 }
-function z(n, a, t = "key") {
-  const e = {
+function Ne(n, r, e = "key") {
+  const t = {
     version: 1,
     algorithm: "AES-256-GCM",
     key: n,
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
-  }, i = JSON.stringify(e, null, 2), c = new Blob([i], { type: "application/json" }), r = URL.createObjectURL(c), y = document.createElement("a");
-  y.href = r, y.download = `${a}.${t}`, y.style.display = "none", document.body.appendChild(y), y.click(), document.body.removeChild(y), URL.revokeObjectURL(r);
+  }, a = JSON.stringify(t, null, 2), c = new Blob([a], { type: "application/json" }), s = URL.createObjectURL(c), i = document.createElement("a");
+  i.href = s, i.download = `${r}.${e}`, i.style.display = "none", document.body.appendChild(i), i.click(), document.body.removeChild(i), URL.revokeObjectURL(s);
 }
-async function X(n) {
-  const a = _(n), t = await crypto.subtle.digest("SHA-256", a), e = new Uint8Array(t);
-  return Array.from(e).map((i) => i.toString(16).padStart(2, "0")).join("");
+async function De(n) {
+  const r = O(n), e = await crypto.subtle.digest("SHA-256", r), t = new Uint8Array(e);
+  return Array.from(t).map((a) => a.toString(16).padStart(2, "0")).join("");
 }
-async function P(n, a) {
-  const { fileName: t, onProgress: e, ...i } = a;
+async function Le(n, r) {
+  const { fileName: e, onProgress: t, ...a } = r;
   try {
-    e == null || e({ phase: "downloading", progress: 0 });
+    t == null || t({ phase: "downloading", progress: 0 });
     const c = await fetch(n);
     if (!c.ok)
-      throw new p(
+      throw new E(
         "DOWNLOAD_FAILED",
         `Download failed: ${c.status} ${c.statusText}`
       );
-    const r = c.headers.get("content-length");
-    let y;
-    r && c.body ? y = await F(
+    const s = c.headers.get("content-length");
+    let i;
+    s && c.body ? i = await te(
       c.body,
-      parseInt(r, 10),
-      (E) => {
-        e == null || e({ phase: "downloading", progress: Math.round(E * 50) });
+      parseInt(s, 10),
+      (l) => {
+        t == null || t({ phase: "downloading", progress: Math.round(l * 50) });
       }
-    ) : (e == null || e({ phase: "downloading", progress: 25 }), y = await c.arrayBuffer()), e == null || e({ phase: "downloading", progress: 50 });
-    const f = await O(y, {
-      ...i,
-      onProgress: (E) => {
-        const d = 50 + Math.round(E.progress * 0.45);
-        e == null || e({
-          phase: E.phase === "complete" ? "complete" : E.phase,
-          progress: E.phase === "complete" ? 100 : d
+    ) : (t == null || t({ phase: "downloading", progress: 25 }), i = await c.arrayBuffer()), t == null || t({ phase: "downloading", progress: 50 });
+    const p = await Z(i, {
+      ...a,
+      onProgress: (l) => {
+        const o = 50 + Math.round(l.progress * 0.45);
+        t == null || t({
+          phase: l.phase === "complete" ? "complete" : l.phase,
+          progress: l.phase === "complete" ? 100 : o
         });
       }
     });
-    H(f, t), e == null || e({ phase: "complete", progress: 100 });
+    C(p, e), t == null || t({ phase: "complete", progress: 100 });
   } catch (c) {
-    throw c instanceof p ? c : new p("DOWNLOAD_FAILED");
+    throw c instanceof E ? c : new E("DOWNLOAD_FAILED");
   }
 }
-async function F(n, a, t) {
-  const e = n.getReader(), i = [];
-  let c = 0, r = !1;
-  for (; !r; ) {
-    const E = await e.read();
-    if (r = E.done, E.value) {
-      i.push(E.value), c += E.value.length;
-      const d = c / a;
-      t(Math.min(d, 1));
+async function te(n, r, e) {
+  const t = n.getReader(), a = [];
+  let c = 0, s = !1;
+  for (; !s; ) {
+    const l = await t.read();
+    if (s = l.done, l.value) {
+      a.push(l.value), c += l.value.length;
+      const o = c / r;
+      e(Math.min(o, 1));
     }
   }
-  const y = new Uint8Array(c);
-  let f = 0;
-  for (const E of i)
-    y.set(E, f), f += E.length;
-  return y.buffer;
+  const i = new Uint8Array(c);
+  let p = 0;
+  for (const l of a)
+    i.set(l, p), p += l.length;
+  return i.buffer;
 }
-function H(n, a) {
-  const t = URL.createObjectURL(n), e = document.createElement("a");
-  e.href = t, e.download = a, e.style.display = "none", document.body.appendChild(e), e.click(), document.body.removeChild(e), URL.revokeObjectURL(t);
+function C(n, r) {
+  const e = URL.createObjectURL(n), t = document.createElement("a");
+  t.href = e, t.download = r, t.style.display = "none", document.body.appendChild(t), t.click(), document.body.removeChild(t), URL.revokeObjectURL(e);
+}
+async function me(n, r) {
+  const { fileName: e, password: t, keyData: a, onProgress: c } = r;
+  try {
+    c == null || c({
+      phase: "downloading",
+      processedBytes: 0,
+      processedChunks: 0,
+      progress: 0
+    });
+    const s = await fetch(n);
+    if (!s.ok)
+      throw new E(
+        "DOWNLOAD_FAILED",
+        `Download failed: ${s.status} ${s.statusText}`
+      );
+    const i = s.headers.get("content-length"), p = i ? parseInt(i, 10) : void 0;
+    c == null || c({
+      phase: "downloading",
+      processedBytes: 0,
+      processedChunks: 0,
+      totalBytes: p,
+      progress: 25
+    });
+    const l = await s.blob();
+    let o = 0;
+    const y = K(l, {
+      password: t,
+      keyData: a,
+      onProgress: (d) => {
+        o = d.processedBytes, c == null || c({
+          ...d,
+          // Map to 50-95% range
+          progress: d.phase === "complete" ? 100 : 50 + Math.round((d.progress ?? 0) * 0.45)
+        });
+      }
+    }), A = await new Response(y).blob();
+    C(A, e), c == null || c({
+      phase: "complete",
+      processedBytes: o,
+      processedChunks: 0,
+      progress: 100
+    });
+  } catch (s) {
+    throw s instanceof E ? s : new E("DOWNLOAD_FAILED");
+  }
 }
 export {
-  l as ALGORITHM,
-  B as AUTH_TAG_LENGTH,
-  p as CryptoError,
-  V as ENCRYPTION_MARKER_KEYFILE,
-  v as ENCRYPTION_MARKER_PASSWORD,
-  N as HASH_ALGORITHM,
-  G as IV_LENGTH,
-  M as KEYFILE_KEY_LENGTH,
-  C as KEY_LENGTH,
-  x as MIN_ENCRYPTED_SIZE_KEYFILE,
-  W as MIN_ENCRYPTED_SIZE_PASSWORD,
-  U as PBKDF2_ITERATIONS,
-  k as SALT_LENGTH,
-  X as computeKeyFileHash,
-  O as decryptFile,
-  P as downloadAndDecrypt,
-  z as downloadKeyFile,
-  Q as encryptFile,
-  q as generateKeyFile,
-  Z as generateRandomPassword,
-  g as getEncryptionType,
-  j as isCryptoError,
-  $ as isEncryptedFile,
-  J as parseKeyFile
+  w as ALGORITHM,
+  ue as AUTH_TAG_LENGTH,
+  E as CryptoError,
+  pe as DEFAULT_CHUNK_SIZE,
+  oe as ENCRYPTION_MARKER_KEYFILE,
+  le as ENCRYPTION_MARKER_KEYFILE_STREAM,
+  ie as ENCRYPTION_MARKER_PASSWORD,
+  Ee as ENCRYPTION_MARKER_PASSWORD_STREAM,
+  F as HASH_ALGORITHM,
+  ae as IV_LENGTH,
+  se as KEYFILE_KEY_LENGTH,
+  re as KEY_LENGTH,
+  fe as MIN_ENCRYPTED_SIZE_KEYFILE,
+  de as MIN_ENCRYPTED_SIZE_PASSWORD,
+  ce as PBKDF2_ITERATIONS,
+  ne as SALT_LENGTH,
+  ye as STREAM_FORMAT_VERSION,
+  De as computeKeyFileHash,
+  g as createDecryptStream,
+  G as createEncryptStream,
+  Z as decryptFile,
+  K as decryptFileStream,
+  Le as downloadAndDecrypt,
+  me as downloadAndDecryptStream,
+  Ne as downloadKeyFile,
+  z as encryptFile,
+  we as encryptFileAuto,
+  W as encryptFileStream,
+  Ie as generateKeyFile,
+  Re as generateRandomPassword,
+  _e as getEncryptionType,
+  he as isCryptoError,
+  Ae as isEncryptedFile,
+  Se as isStreamingEncryption,
+  Te as parseKeyFile
 };
 //# sourceMappingURL=index.mjs.map