npm - @time-file/browser-file-crypto - Versions diffs - 1.1.0 → 1.1.1 - Mend

@time-file/browser-file-crypto 1.1.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-const J = 16, P = 12, X = 256, ee = 1e5, te = 32, ne = 1, re = 2, ae = 17, ce = 18, ie = 65536, se = 1, oe = 16, Ee = 45, le = 29, _ = "AES-GCM", k = "SHA-256", C = {
+const ne = 16, ae = 12, re = 256, ce = 1e5, se = 32, ie = 1, oe = 2, Ee = 17, le = 18, pe = 65536, ye = 1, ue = 16, de = 45, fe = 29, w = "AES-GCM", F = "SHA-256", Y = {
   INVALID_INPUT: "Input must be a File, Blob, or ArrayBuffer.",
   PASSWORD_REQUIRED: "Password or keyfile is required for encryption.",
   KEYFILE_REQUIRED: "Keyfile is required to decrypt this file.",
@@ -10,44 +10,44 @@ const J = 16, P = 12, X = 256, ee = 1e5, te = 32, ne = 1, re = 2, ae = 17, ce =
   DOWNLOAD_FAILED: "File download failed.",
   UNSUPPORTED_FORMAT: "Unsupported encryption format."
 };
-class o extends Error {
+class E extends Error {
   /**
    * Creates a new CryptoError.
    *
    * @param code - Error code identifying the type of error
    * @param message - Optional custom message (defaults to predefined message)
    */
-  constructor(a, e) {
-    super(e ?? C[a]), this.name = "CryptoError", this.code = a, Error.captureStackTrace && Error.captureStackTrace(this, o);
+  constructor(r, e) {
+    super(e ?? Y[r]), this.name = "CryptoError", this.code = r, Error.captureStackTrace && Error.captureStackTrace(this, E);
   }
 }
-function ue(n) {
-  return n instanceof o;
+function he(n) {
+  return n instanceof E;
 }
-async function w(n) {
+async function S(n) {
   if (n instanceof ArrayBuffer)
     return n;
   if (n instanceof Blob)
     return n.arrayBuffer();
-  throw new o("INVALID_INPUT");
+  throw new E("INVALID_INPUT");
 }
-function h(n) {
+function R(n) {
   return n.buffer.slice(n.byteOffset, n.byteOffset + n.byteLength);
 }
-function Y(n) {
-  const a = new Uint8Array(n);
+function U(n) {
+  const r = new Uint8Array(n);
   let e = "";
-  for (let t = 0; t < a.byteLength; t++)
-    e += String.fromCharCode(a[t]);
+  for (let t = 0; t < r.byteLength; t++)
+    e += String.fromCharCode(r[t]);
   return btoa(e);
 }
 function O(n) {
-  const a = atob(n), e = new Uint8Array(a.length);
-  for (let t = 0; t < a.length; t++)
-    e[t] = a.charCodeAt(t);
+  const r = atob(n), e = new Uint8Array(r.length);
+  for (let t = 0; t < r.length; t++)
+    e[t] = r.charCodeAt(t);
   return e.buffer;
 }
-async function T(n, a) {
+async function I(n, r) {
   const e = new TextEncoder(), t = await crypto.subtle.importKey(
     "raw",
     e.encode(n),
@@ -58,319 +58,221 @@ async function T(n, a) {
   return crypto.subtle.deriveKey(
     {
       name: "PBKDF2",
-      salt: h(a),
+      salt: R(r),
       iterations: 1e5,
-      hash: k
+      hash: F
     },
     t,
-    { name: _, length: 256 },
+    { name: w, length: 256 },
     !1,
     // non-extractable for security
     ["encrypt", "decrypt"]
   );
 }
-async function I(n) {
+async function T(n) {
   try {
-    const a = O(n);
+    const r = O(n);
     return await crypto.subtle.importKey(
       "raw",
-      a,
-      { name: _, length: 256 },
+      r,
+      { name: w, length: 256 },
       !1,
       // non-extractable for security
       ["encrypt", "decrypt"]
     );
   } catch {
-    throw new o("INVALID_KEYFILE");
+    throw new E("INVALID_KEYFILE");
   }
 }
-function S(n) {
+function N(n) {
   return crypto.getRandomValues(new Uint8Array(n));
 }
-function M() {
-  return S(16);
+function b() {
+  return N(16);
 }
-function N() {
-  return S(12);
+function D() {
+  return N(12);
 }
-const L = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*", U = 16;
-function ye(n = U) {
-  const a = Math.max(8, Math.min(128, n)), e = S(a);
+const L = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*", H = 16;
+function Re(n = H) {
+  const r = Math.max(8, Math.min(128, n)), e = N(r);
   let t = "";
-  for (let r = 0; r < a; r++) {
-    const c = e[r] % L.length;
+  for (let a = 0; a < r; a++) {
+    const c = e[a] % L.length;
     t += L[c];
   }
   return t;
 }
-async function pe(n, a) {
-  const { password: e, keyData: t, onProgress: r } = a;
-  if (!e && !t)
-    throw new o("PASSWORD_REQUIRED");
-  try {
-    r == null || r({ phase: "deriving_key", progress: 0 });
-    const c = await w(n);
-    return r == null || r({ phase: "deriving_key", progress: 10 }), t ? await H(c, t, r) : await F(c, e, r);
-  } catch (c) {
-    throw c instanceof o ? c : new o("ENCRYPTION_FAILED");
-  }
-}
-async function F(n, a, e) {
-  const t = M(), r = N();
-  e == null || e({ phase: "deriving_key", progress: 20 });
-  const c = await T(a, t);
-  e == null || e({ phase: "encrypting", progress: 30 });
-  const i = await crypto.subtle.encrypt(
-    { name: _, iv: h(r) },
-    c,
-    n
-  );
-  e == null || e({ phase: "encrypting", progress: 90 });
-  const s = new Uint8Array(
-    29 + i.byteLength
-  );
-  return s[0] = 1, s.set(t, 1), s.set(r, 17), s.set(new Uint8Array(i), 29), e == null || e({ phase: "complete", progress: 100 }), new Blob([s], { type: "application/octet-stream" });
-}
-async function H(n, a, e) {
-  const t = N();
-  e == null || e({ phase: "deriving_key", progress: 20 });
-  const r = await I(a);
-  e == null || e({ phase: "encrypting", progress: 30 });
-  const c = await crypto.subtle.encrypt(
-    { name: _, iv: h(t) },
-    r,
-    n
-  );
-  e == null || e({ phase: "encrypting", progress: 90 });
-  const i = new Uint8Array(13 + c.byteLength);
-  return i[0] = 2, i.set(t, 1), i.set(new Uint8Array(c), 13), e == null || e({ phase: "complete", progress: 100 }), new Blob([i], { type: "application/octet-stream" });
-}
-async function V(n, a) {
-  const { password: e, keyData: t, onProgress: r } = a;
-  try {
-    r == null || r({ phase: "decrypting", progress: 0 });
-    const c = new Uint8Array(await w(n));
-    if (r == null || r({ phase: "decrypting", progress: 5 }), c.length < 1)
-      throw new o("INVALID_ENCRYPTED_DATA");
-    const i = c[0];
-    if (i === 1) {
-      if (!e)
-        throw new o("PASSWORD_REQUIRED");
-      return await v(c, e, r);
-    } else if (i === 2) {
-      if (!t)
-        throw new o("KEYFILE_REQUIRED");
-      return await G(c, t, r);
-    } else
-      throw new o("UNSUPPORTED_FORMAT");
-  } catch (c) {
-    throw c instanceof o ? c : new o("DECRYPTION_FAILED");
-  }
-}
-async function v(n, a, e) {
-  if (n.length < 45)
-    throw new o("INVALID_ENCRYPTED_DATA");
-  e == null || e({ phase: "deriving_key", progress: 10 });
-  const t = n.slice(1, 17), r = n.slice(17, 29), c = n.slice(29), i = await T(a, t);
-  e == null || e({ phase: "decrypting", progress: 30 });
-  try {
-    const s = await crypto.subtle.decrypt(
-      { name: _, iv: h(r) },
-      i,
-      c
-    );
-    return e == null || e({ phase: "complete", progress: 100 }), new Blob([s]);
-  } catch {
-    throw new o("INVALID_PASSWORD");
-  }
-}
-async function G(n, a, e) {
-  if (n.length < 29)
-    throw new o("INVALID_ENCRYPTED_DATA");
-  e == null || e({ phase: "decrypting", progress: 10 });
-  const t = n.slice(1, 13), r = n.slice(13), c = await I(a);
-  e == null || e({ phase: "decrypting", progress: 30 });
-  try {
-    const i = await crypto.subtle.decrypt(
-      { name: _, iv: h(t) },
-      c,
-      r
-    );
-    return e == null || e({ phase: "complete", progress: 100 }), new Blob([i]);
-  } catch {
-    throw new o("INVALID_KEYFILE");
-  }
-}
-function K(n, a) {
+function M(n, r) {
   const e = new Uint8Array(12);
   e.set(n);
-  const t = new DataView(e.buffer), r = t.getUint32(8, !0);
-  return t.setUint32(8, r ^ a, !0), e;
+  const t = new DataView(e.buffer), a = t.getUint32(8, !0);
+  return t.setUint32(8, a ^ r, !0), e;
 }
-function b(n, a) {
-  const e = new Uint8Array(n.length + a.length);
-  return e.set(n, 0), e.set(a, n.length), e;
+function k(n, r) {
+  const e = new Uint8Array(n.length + r.length);
+  return e.set(n, 0), e.set(r, n.length), e;
 }
-async function m(n, a, e, t) {
-  const r = K(e, t), c = await crypto.subtle.encrypt(
-    { name: _, iv: h(r) },
-    a,
-    h(n)
-  ), i = new Uint8Array(4 + c.byteLength);
-  return new DataView(i.buffer).setUint32(0, c.byteLength, !0), i.set(new Uint8Array(c), 4), i;
+async function m(n, r, e, t) {
+  const a = M(e, t), c = await crypto.subtle.encrypt(
+    { name: w, iv: R(a) },
+    r,
+    R(n)
+  ), s = new Uint8Array(4 + c.byteLength);
+  return new DataView(s.buffer).setUint32(0, c.byteLength, !0), s.set(new Uint8Array(c), 4), s;
 }
-async function W(n, a, e, t) {
-  const r = K(e, t);
+async function V(n, r, e, t, a) {
+  const c = M(e, t);
   try {
-    const c = await crypto.subtle.decrypt(
-      { name: _, iv: h(r) },
-      a,
-      h(n)
+    const s = await crypto.subtle.decrypt(
+      { name: w, iv: R(c) },
+      r,
+      R(n)
     );
-    return new Uint8Array(c);
+    return new Uint8Array(s);
   } catch {
-    throw new o("DECRYPTION_FAILED");
+    throw t === 0 ? new E(a ? "INVALID_PASSWORD" : "INVALID_KEYFILE") : new E("DECRYPTION_FAILED");
   }
 }
-function B(n, a, e, t) {
+function v(n, r, e, t) {
   if (n && e) {
-    const r = new Uint8Array(34);
-    return r[0] = 17, r[1] = 1, new DataView(r.buffer).setUint32(2, a, !0), r.set(e, 6), r.set(t, 22), r;
+    const a = new Uint8Array(34);
+    return a[0] = 17, a[1] = 1, new DataView(a.buffer).setUint32(2, r, !0), a.set(e, 6), a.set(t, 22), a;
   } else {
-    const r = new Uint8Array(18);
-    return r[0] = 18, r[1] = 1, new DataView(r.buffer).setUint32(2, a, !0), r.set(t, 6), r;
+    const a = new Uint8Array(18);
+    return a[0] = 18, a[1] = 1, new DataView(a.buffer).setUint32(2, r, !0), a.set(t, 6), a;
   }
 }
-function g(n) {
-  const a = n[0], e = a === 17;
-  if (a !== 17 && a !== 18)
-    throw new o("UNSUPPORTED_FORMAT");
+function B(n) {
+  const r = n[0], e = r === 17;
+  if (r !== 17 && r !== 18)
+    throw new E("UNSUPPORTED_FORMAT");
   const t = n[1];
   if (t !== 1)
-    throw new o("UNSUPPORTED_FORMAT");
-  const r = new DataView(n.buffer, n.byteOffset).getUint32(
+    throw new E("UNSUPPORTED_FORMAT");
+  const a = new DataView(n.buffer, n.byteOffset).getUint32(
     2,
     !0
   );
   if (e) {
-    const c = n.slice(6, 22), i = n.slice(22, 34);
-    return { isPassword: e, version: t, chunkSize: r, salt: c, baseIV: i, headerSize: 34 };
+    const c = n.slice(6, 22), s = n.slice(22, 34);
+    return { isPassword: e, version: t, chunkSize: a, salt: c, baseIV: s, headerSize: 34 };
   } else {
     const c = n.slice(6, 18);
-    return { isPassword: e, version: t, chunkSize: r, salt: null, baseIV: c, headerSize: 18 };
+    return { isPassword: e, version: t, chunkSize: a, salt: null, baseIV: c, headerSize: 18 };
   }
 }
-async function x(n) {
-  const { password: a, keyData: e, chunkSize: t = 65536, onProgress: r } = n;
-  if (!a && !e)
-    throw new o("PASSWORD_REQUIRED");
-  const c = !!a, i = c ? M() : null, s = N();
-  r == null || r({
+async function G(n) {
+  const { password: r, keyData: e, chunkSize: t = 65536, onProgress: a } = n;
+  if (!r && !e)
+    throw new E("PASSWORD_REQUIRED");
+  const c = !!r, s = c ? b() : null, i = D();
+  a == null || a({
     phase: "deriving_key",
     processedBytes: 0,
     processedChunks: 0
   });
-  const u = c ? await T(a, i) : await I(e), l = B(c, t, i, s);
-  let E = new Uint8Array(0), y = 0, R = 0;
+  const p = c ? await I(r, s) : await T(e), l = v(c, t, s, i);
+  let o = new Uint8Array(0), y = 0, u = 0;
   return { stream: new TransformStream({
-    async transform(d, p) {
-      for (E = b(E, d); E.length >= t; ) {
-        const A = E.slice(0, t);
-        E = E.slice(t);
-        const f = await m(A, u, s, y);
-        p.enqueue(f), y++, R += A.length, r == null || r({
-          phase: "processing",
-          processedBytes: R,
+    async transform(d, f) {
+      for (o = k(o, d); o.length >= t; ) {
+        const _ = o.slice(0, t);
+        o = o.slice(t);
+        const h = await m(_, p, i, y);
+        f.enqueue(h), y++, u += _.length, a == null || a({
+          phase: "encrypting",
+          processedBytes: u,
           processedChunks: y
         });
       }
     },
     async flush(d) {
-      if (E.length > 0) {
-        const p = await m(E, u, s, y);
-        d.enqueue(p), R += E.length, y++;
+      if (o.length > 0) {
+        const f = await m(o, p, i, y);
+        d.enqueue(f), u += o.length, y++;
       }
-      r == null || r({
+      a == null || a({
         phase: "complete",
-        processedBytes: R,
+        processedBytes: u,
         processedChunks: y,
         progress: 100
       });
     }
   }), header: l };
 }
-function z(n) {
-  const { password: a, keyData: e, onProgress: t } = n;
-  let r = new Uint8Array(0), c = !1, i = null, s = null, u = 0, l = 0, E = !1, y = 0;
+function g(n) {
+  const { password: r, keyData: e, onProgress: t } = n;
+  let a = new Uint8Array(0), c = !1, s = null, i = null, p = 0, l = 0, o = !1, y = 0;
   return new TransformStream({
-    async transform(R, D) {
-      if (r = b(r, R), !c) {
-        if (r.length < 2) return;
-        const p = r[0] === 17 ? 34 : 18;
-        if (r.length < p) return;
-        const A = r.slice(0, p), f = g(A);
-        if (E = f.isPassword, s = f.baseIV, y = f.headerSize, E && !a)
-          throw new o("PASSWORD_REQUIRED");
-        if (!E && !e)
-          throw new o("KEYFILE_REQUIRED");
+    async transform(u, A) {
+      if (a = k(a, u), !c) {
+        if (a.length < 2) return;
+        const f = a[0] === 17 ? 34 : 18;
+        if (a.length < f) return;
+        const _ = a.slice(0, f), h = B(_);
+        if (o = h.isPassword, i = h.baseIV, y = h.headerSize, o && !r)
+          throw new E("PASSWORD_REQUIRED");
+        if (!o && !e)
+          throw new E("KEYFILE_REQUIRED");
         t == null || t({
           phase: "deriving_key",
           processedBytes: 0,
           processedChunks: 0
-        }), i = E ? await T(a, f.salt) : await I(e), r = r.slice(y), c = !0;
+        }), s = o ? await I(r, h.salt) : await T(e), a = a.slice(y), c = !0;
       }
-      for (; r.length >= 4; ) {
-        const p = 4 + new DataView(
-          r.buffer,
-          r.byteOffset
+      for (; a.length >= 4; ) {
+        const f = 4 + new DataView(
+          a.buffer,
+          a.byteOffset
         ).getUint32(0, !0);
-        if (r.length < p) break;
-        const A = r.slice(4, p);
-        r = r.slice(p);
-        const f = await W(A, i, s, u);
-        D.enqueue(f), l += f.length, u++, t == null || t({
-          phase: "processing",
+        if (a.length < f) break;
+        const _ = a.slice(4, f);
+        a = a.slice(f);
+        const h = await V(_, s, i, p, o);
+        A.enqueue(h), l += h.length, p++, t == null || t({
+          phase: "decrypting",
           processedBytes: l,
-          processedChunks: u
+          processedChunks: p
         });
       }
     },
     async flush() {
-      if (r.length > 0)
-        throw new o("INVALID_ENCRYPTED_DATA");
+      if (a.length > 0)
+        throw new E("INVALID_ENCRYPTED_DATA");
       t == null || t({
         phase: "complete",
         processedBytes: l,
-        processedChunks: u,
+        processedChunks: p,
         progress: 100
       });
     }
   });
 }
-async function fe(n, a) {
-  const e = n.size, t = a.onProgress ? (E) => {
-    a.onProgress({
-      ...E,
+async function W(n, r) {
+  const e = n.size, t = r.onProgress ? (o) => {
+    r.onProgress({
+      ...o,
       totalBytes: e,
-      progress: E.phase === "complete" ? 100 : Math.round(E.processedBytes / e * 100)
+      progress: o.phase === "complete" ? 100 : Math.round(o.processedBytes / e * 100)
     });
-  } : void 0, { stream: r, header: c } = await x({
-    ...a,
+  } : void 0, { stream: a, header: c } = await G({
+    ...r,
     onProgress: t
-  }), s = n.stream().pipeThrough(r);
-  let u = !1;
-  const l = s.getReader();
+  }), i = n.stream().pipeThrough(a);
+  let p = !1;
+  const l = i.getReader();
   return new ReadableStream({
-    async pull(E) {
-      if (!u) {
-        E.enqueue(c), u = !0;
+    async pull(o) {
+      if (!p) {
+        o.enqueue(c), p = !0;
         return;
       }
       try {
-        const { done: y, value: R } = await l.read();
-        y ? E.close() : E.enqueue(R);
+        const { done: y, value: u } = await l.read();
+        y ? o.close() : o.enqueue(u);
       } catch (y) {
-        E.error(y);
+        o.error(y);
       }
     },
     cancel() {
@@ -378,152 +280,342 @@ async function fe(n, a) {
     }
   });
 }
-function he(n, a) {
-  const e = z(a);
+function K(n, r) {
+  const e = g(r);
   return n instanceof ReadableStream ? n.pipeThrough(e) : n.stream().pipeThrough(e);
 }
-async function Re(n) {
-  const a = await w(n), e = new Uint8Array(a);
+const x = 100 * 1024 * 1024;
+async function z(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r;
+  if (!e && !t)
+    throw new E("PASSWORD_REQUIRED");
+  try {
+    a == null || a({ phase: "deriving_key", progress: 0 });
+    const c = await S(n);
+    return a == null || a({ phase: "deriving_key", progress: 10 }), t ? await Q(c, t, a) : await P(c, e, a);
+  } catch (c) {
+    throw c instanceof E ? c : new E("ENCRYPTION_FAILED");
+  }
+}
+async function P(n, r, e) {
+  const t = b(), a = D();
+  e == null || e({ phase: "deriving_key", progress: 20 });
+  const c = await I(r, t);
+  e == null || e({ phase: "encrypting", progress: 30 });
+  const s = await crypto.subtle.encrypt(
+    { name: w, iv: R(a) },
+    c,
+    n
+  );
+  e == null || e({ phase: "encrypting", progress: 90 });
+  const i = new Uint8Array(
+    29 + s.byteLength
+  );
+  return i[0] = 1, i.set(t, 1), i.set(a, 17), i.set(new Uint8Array(s), 29), e == null || e({ phase: "complete", progress: 100 }), new Blob([i], { type: "application/octet-stream" });
+}
+async function Q(n, r, e) {
+  const t = D();
+  e == null || e({ phase: "deriving_key", progress: 20 });
+  const a = await T(r);
+  e == null || e({ phase: "encrypting", progress: 30 });
+  const c = await crypto.subtle.encrypt(
+    { name: w, iv: R(t) },
+    a,
+    n
+  );
+  e == null || e({ phase: "encrypting", progress: 90 });
+  const s = new Uint8Array(13 + c.byteLength);
+  return s[0] = 2, s.set(t, 1), s.set(new Uint8Array(c), 13), e == null || e({ phase: "complete", progress: 100 }), new Blob([s], { type: "application/octet-stream" });
+}
+async function we(n, r) {
+  const {
+    password: e,
+    keyData: t,
+    onProgress: a,
+    autoStreaming: c = !1,
+    streamingThreshold: s = x,
+    chunkSize: i = 65536
+  } = r;
+  if (!e && !t)
+    throw new E("PASSWORD_REQUIRED");
+  if (c && n.size > s) {
+    const o = await W(n, {
+      password: e,
+      keyData: t,
+      chunkSize: i,
+      onProgress: a ? (u) => {
+        a({
+          phase: u.phase,
+          progress: u.progress ?? Math.round(u.processedBytes / n.size * 100)
+        });
+      } : void 0
+    });
+    return await new Response(o).blob();
+  } else
+    return await z(n, { password: e, keyData: t, onProgress: a });
+}
+async function Z(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r;
+  try {
+    a == null || a({ phase: "decrypting", progress: 0 });
+    const c = new Uint8Array(await S(n));
+    if (a == null || a({ phase: "decrypting", progress: 5 }), c.length < 1)
+      throw new E("INVALID_ENCRYPTED_DATA");
+    const s = c[0];
+    if (s === 1) {
+      if (!e)
+        throw new E("PASSWORD_REQUIRED");
+      return await q(c, e, a);
+    } else if (s === 2) {
+      if (!t)
+        throw new E("KEYFILE_REQUIRED");
+      return await j(c, t, a);
+    } else {
+      if (s === 17 || s === 18)
+        return await $(n, r);
+      throw new E("UNSUPPORTED_FORMAT");
+    }
+  } catch (c) {
+    throw c instanceof E ? c : new E("DECRYPTION_FAILED");
+  }
+}
+async function q(n, r, e) {
+  if (n.length < 45)
+    throw new E("INVALID_ENCRYPTED_DATA");
+  e == null || e({ phase: "deriving_key", progress: 10 });
+  const t = n.slice(1, 17), a = n.slice(17, 29), c = n.slice(29), s = await I(r, t);
+  e == null || e({ phase: "decrypting", progress: 30 });
+  try {
+    const i = await crypto.subtle.decrypt(
+      { name: w, iv: R(a) },
+      s,
+      c
+    );
+    return e == null || e({ phase: "complete", progress: 100 }), new Blob([i]);
+  } catch {
+    throw new E("INVALID_PASSWORD");
+  }
+}
+async function j(n, r, e) {
+  if (n.length < 29)
+    throw new E("INVALID_ENCRYPTED_DATA");
+  e == null || e({ phase: "decrypting", progress: 10 });
+  const t = n.slice(1, 13), a = n.slice(13), c = await T(r);
+  e == null || e({ phase: "decrypting", progress: 30 });
+  try {
+    const s = await crypto.subtle.decrypt(
+      { name: w, iv: R(t) },
+      c,
+      a
+    );
+    return e == null || e({ phase: "complete", progress: 100 }), new Blob([s]);
+  } catch {
+    throw new E("INVALID_KEYFILE");
+  }
+}
+async function $(n, r) {
+  const { password: e, keyData: t, onProgress: a } = r, c = n instanceof Blob ? n : new Blob([n]), i = K(c, {
+    password: e,
+    keyData: t,
+    onProgress: a ? (l) => {
+      a({
+        phase: l.phase,
+        progress: l.progress ?? Math.round(l.processedBytes / (l.totalBytes || 1) * 100)
+      });
+    } : void 0
+  });
+  return await new Response(i).blob();
+}
+async function _e(n) {
+  const r = await S(n), e = new Uint8Array(r);
   if (e.length < 1)
     return "unknown";
   const t = e[0];
   return t === 1 ? "password" : t === 2 ? "keyfile" : t === 17 ? "password-stream" : t === 18 ? "keyfile-stream" : "unknown";
 }
-const Q = 34, Z = 18;
-async function _e(n) {
-  const a = await w(n), e = new Uint8Array(a);
+const J = 34, X = 18;
+async function Ae(n) {
+  const r = await S(n), e = new Uint8Array(r);
   if (e.length < 1)
     return !1;
   const t = e[0];
-  return t === 1 && e.length >= 45 || t === 2 && e.length >= 29 || t === 17 && e.length >= Q || t === 18 && e.length >= Z;
+  return t === 1 && e.length >= 45 || t === 2 && e.length >= 29 || t === 17 && e.length >= J || t === 18 && e.length >= X;
 }
-function Ae(n) {
+function Se(n) {
   return n === "password-stream" || n === "keyfile-stream";
 }
-function de() {
-  const n = S(32);
+function Ie() {
+  const n = N(32);
   return {
     version: 1,
     algorithm: "AES-256-GCM",
-    key: Y(n.buffer),
+    key: U(n.buffer),
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
   };
 }
-function we(n) {
+function Te(n) {
   try {
-    const a = JSON.parse(n);
-    return q(a) ? a : null;
+    const r = JSON.parse(n);
+    return ee(r) ? r : null;
   } catch {
     return null;
   }
 }
-function q(n) {
+function ee(n) {
   if (typeof n != "object" || n === null)
     return !1;
-  const a = n;
-  return a.version === 1 && a.algorithm === "AES-256-GCM" && typeof a.key == "string" && a.key.length > 0 && typeof a.createdAt == "string";
+  const r = n;
+  return r.version === 1 && r.algorithm === "AES-256-GCM" && typeof r.key == "string" && r.key.length > 0 && typeof r.createdAt == "string";
 }
-function Te(n, a, e = "key") {
+function Ne(n, r, e = "key") {
   const t = {
     version: 1,
     algorithm: "AES-256-GCM",
     key: n,
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
-  }, r = JSON.stringify(t, null, 2), c = new Blob([r], { type: "application/json" }), i = URL.createObjectURL(c), s = document.createElement("a");
-  s.href = i, s.download = `${a}.${e}`, s.style.display = "none", document.body.appendChild(s), s.click(), document.body.removeChild(s), URL.revokeObjectURL(i);
+  }, a = JSON.stringify(t, null, 2), c = new Blob([a], { type: "application/json" }), s = URL.createObjectURL(c), i = document.createElement("a");
+  i.href = s, i.download = `${r}.${e}`, i.style.display = "none", document.body.appendChild(i), i.click(), document.body.removeChild(i), URL.revokeObjectURL(s);
 }
-async function Ie(n) {
-  const a = O(n), e = await crypto.subtle.digest("SHA-256", a), t = new Uint8Array(e);
-  return Array.from(t).map((r) => r.toString(16).padStart(2, "0")).join("");
+async function De(n) {
+  const r = O(n), e = await crypto.subtle.digest("SHA-256", r), t = new Uint8Array(e);
+  return Array.from(t).map((a) => a.toString(16).padStart(2, "0")).join("");
 }
-async function Se(n, a) {
-  const { fileName: e, onProgress: t, ...r } = a;
+async function Le(n, r) {
+  const { fileName: e, onProgress: t, ...a } = r;
   try {
     t == null || t({ phase: "downloading", progress: 0 });
     const c = await fetch(n);
     if (!c.ok)
-      throw new o(
+      throw new E(
         "DOWNLOAD_FAILED",
         `Download failed: ${c.status} ${c.statusText}`
       );
-    const i = c.headers.get("content-length");
-    let s;
-    i && c.body ? s = await j(
+    const s = c.headers.get("content-length");
+    let i;
+    s && c.body ? i = await te(
       c.body,
-      parseInt(i, 10),
+      parseInt(s, 10),
       (l) => {
         t == null || t({ phase: "downloading", progress: Math.round(l * 50) });
       }
-    ) : (t == null || t({ phase: "downloading", progress: 25 }), s = await c.arrayBuffer()), t == null || t({ phase: "downloading", progress: 50 });
-    const u = await V(s, {
-      ...r,
+    ) : (t == null || t({ phase: "downloading", progress: 25 }), i = await c.arrayBuffer()), t == null || t({ phase: "downloading", progress: 50 });
+    const p = await Z(i, {
+      ...a,
       onProgress: (l) => {
-        const E = 50 + Math.round(l.progress * 0.45);
+        const o = 50 + Math.round(l.progress * 0.45);
         t == null || t({
           phase: l.phase === "complete" ? "complete" : l.phase,
-          progress: l.phase === "complete" ? 100 : E
+          progress: l.phase === "complete" ? 100 : o
         });
       }
     });
-    $(u, e), t == null || t({ phase: "complete", progress: 100 });
+    C(p, e), t == null || t({ phase: "complete", progress: 100 });
   } catch (c) {
-    throw c instanceof o ? c : new o("DOWNLOAD_FAILED");
+    throw c instanceof E ? c : new E("DOWNLOAD_FAILED");
   }
 }
-async function j(n, a, e) {
-  const t = n.getReader(), r = [];
-  let c = 0, i = !1;
-  for (; !i; ) {
+async function te(n, r, e) {
+  const t = n.getReader(), a = [];
+  let c = 0, s = !1;
+  for (; !s; ) {
     const l = await t.read();
-    if (i = l.done, l.value) {
-      r.push(l.value), c += l.value.length;
-      const E = c / a;
-      e(Math.min(E, 1));
+    if (s = l.done, l.value) {
+      a.push(l.value), c += l.value.length;
+      const o = c / r;
+      e(Math.min(o, 1));
     }
   }
-  const s = new Uint8Array(c);
-  let u = 0;
-  for (const l of r)
-    s.set(l, u), u += l.length;
-  return s.buffer;
+  const i = new Uint8Array(c);
+  let p = 0;
+  for (const l of a)
+    i.set(l, p), p += l.length;
+  return i.buffer;
 }
-function $(n, a) {
+function C(n, r) {
   const e = URL.createObjectURL(n), t = document.createElement("a");
-  t.href = e, t.download = a, t.style.display = "none", document.body.appendChild(t), t.click(), document.body.removeChild(t), URL.revokeObjectURL(e);
+  t.href = e, t.download = r, t.style.display = "none", document.body.appendChild(t), t.click(), document.body.removeChild(t), URL.revokeObjectURL(e);
+}
+async function me(n, r) {
+  const { fileName: e, password: t, keyData: a, onProgress: c } = r;
+  try {
+    c == null || c({
+      phase: "downloading",
+      processedBytes: 0,
+      processedChunks: 0,
+      progress: 0
+    });
+    const s = await fetch(n);
+    if (!s.ok)
+      throw new E(
+        "DOWNLOAD_FAILED",
+        `Download failed: ${s.status} ${s.statusText}`
+      );
+    const i = s.headers.get("content-length"), p = i ? parseInt(i, 10) : void 0;
+    c == null || c({
+      phase: "downloading",
+      processedBytes: 0,
+      processedChunks: 0,
+      totalBytes: p,
+      progress: 25
+    });
+    const l = await s.blob();
+    let o = 0;
+    const y = K(l, {
+      password: t,
+      keyData: a,
+      onProgress: (d) => {
+        o = d.processedBytes, c == null || c({
+          ...d,
+          // Map to 50-95% range
+          progress: d.phase === "complete" ? 100 : 50 + Math.round((d.progress ?? 0) * 0.45)
+        });
+      }
+    }), A = await new Response(y).blob();
+    C(A, e), c == null || c({
+      phase: "complete",
+      processedBytes: o,
+      processedChunks: 0,
+      progress: 100
+    });
+  } catch (s) {
+    throw s instanceof E ? s : new E("DOWNLOAD_FAILED");
+  }
 }
 export {
-  _ as ALGORITHM,
-  oe as AUTH_TAG_LENGTH,
-  o as CryptoError,
-  ie as DEFAULT_CHUNK_SIZE,
-  re as ENCRYPTION_MARKER_KEYFILE,
-  ce as ENCRYPTION_MARKER_KEYFILE_STREAM,
-  ne as ENCRYPTION_MARKER_PASSWORD,
-  ae as ENCRYPTION_MARKER_PASSWORD_STREAM,
-  k as HASH_ALGORITHM,
-  P as IV_LENGTH,
-  te as KEYFILE_KEY_LENGTH,
-  X as KEY_LENGTH,
-  le as MIN_ENCRYPTED_SIZE_KEYFILE,
-  Ee as MIN_ENCRYPTED_SIZE_PASSWORD,
-  ee as PBKDF2_ITERATIONS,
-  J as SALT_LENGTH,
-  se as STREAM_FORMAT_VERSION,
-  Ie as computeKeyFileHash,
-  z as createDecryptStream,
-  x as createEncryptStream,
-  V as decryptFile,
-  he as decryptFileStream,
-  Se as downloadAndDecrypt,
-  Te as downloadKeyFile,
-  pe as encryptFile,
-  fe as encryptFileStream,
-  de as generateKeyFile,
-  ye as generateRandomPassword,
-  Re as getEncryptionType,
-  ue as isCryptoError,
-  _e as isEncryptedFile,
-  Ae as isStreamingEncryption,
-  we as parseKeyFile
+  w as ALGORITHM,
+  ue as AUTH_TAG_LENGTH,
+  E as CryptoError,
+  pe as DEFAULT_CHUNK_SIZE,
+  oe as ENCRYPTION_MARKER_KEYFILE,
+  le as ENCRYPTION_MARKER_KEYFILE_STREAM,
+  ie as ENCRYPTION_MARKER_PASSWORD,
+  Ee as ENCRYPTION_MARKER_PASSWORD_STREAM,
+  F as HASH_ALGORITHM,
+  ae as IV_LENGTH,
+  se as KEYFILE_KEY_LENGTH,
+  re as KEY_LENGTH,
+  fe as MIN_ENCRYPTED_SIZE_KEYFILE,
+  de as MIN_ENCRYPTED_SIZE_PASSWORD,
+  ce as PBKDF2_ITERATIONS,
+  ne as SALT_LENGTH,
+  ye as STREAM_FORMAT_VERSION,
+  De as computeKeyFileHash,
+  g as createDecryptStream,
+  G as createEncryptStream,
+  Z as decryptFile,
+  K as decryptFileStream,
+  Le as downloadAndDecrypt,
+  me as downloadAndDecryptStream,
+  Ne as downloadKeyFile,
+  z as encryptFile,
+  we as encryptFileAuto,
+  W as encryptFileStream,
+  Ie as generateKeyFile,
+  Re as generateRandomPassword,
+  _e as getEncryptionType,
+  he as isCryptoError,
+  Ae as isEncryptedFile,
+  Se as isStreamingEncryption,
+  Te as parseKeyFile
 };
 //# sourceMappingURL=index.mjs.map