@twin.org/crypto 0.0.2-next.9 → 0.0.3-next.2

package/dist/esm/index.mjs

@@ -1,1829 +0,0 @@
-import { bech32 } from '@scure/base';
-import { Guards, BaseError, GeneralError, Is, Uint8ArrayHelper, Converter, GuardError, Base32, RandomHelper, Validation } from '@twin.org/core';
-import { ed25519 } from '@noble/curves/ed25519.js';
-import { secp256k1 } from '@noble/curves/secp256k1.js';
-import { blake2b } from '@noble/hashes/blake2.js';
-import { HDKey as HDKey$1 } from '@scure/bip32';
-import { HDKey } from 'micro-key-producer/slip10.js';
-import { chacha20poly1305 } from '@noble/ciphers/chacha.js';
-import { blake3 } from '@noble/hashes/blake3.js';
-import { hmac } from '@noble/hashes/hmac.js';
-import { sha1 } from '@noble/hashes/legacy.js';
-import { sha256, sha224, sha512_224, sha512_256, sha384, sha512 } from '@noble/hashes/sha2.js';
-import { pbkdf2 } from '@noble/hashes/pbkdf2.js';
-import { sha3_224, sha3_256, sha3_384, sha3_512 } from '@noble/hashes/sha3.js';
-import * as bip39 from '@scure/bip39';
-import { wordlist } from '@scure/bip39/wordlists/english.js';
-import * as otp from 'micro-key-producer/otp.js';
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Bech32 encoding and decoding.
- */
-class Bech32 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Bech32";
-    /**
-     * Encode the buffer.
-     * @param humanReadablePart The header.
-     * @param data The data to encode.
-     * @returns The encoded data.
-     */
-    static encode(humanReadablePart, data) {
-        Guards.stringValue(Bech32._CLASS_NAME, "humanReadablePart", humanReadablePart);
-        Guards.uint8Array(Bech32._CLASS_NAME, "data", data);
-        return bech32.encode(humanReadablePart, bech32.toWords(data));
-    }
-    /**
-     * Decode a bech32 string.
-     * @param bech The text to decode.
-     * @returns The decoded data or undefined if it could not be decoded.
-     * @throws An error if the decoding fails.
-     */
-    static decode(bech) {
-        Guards.stringValue(Bech32._CLASS_NAME, "bech", bech);
-        try {
-            const result = bech32.decodeToBytes(bech);
-            return {
-                humanReadablePart: result.prefix,
-                data: result.bytes
-            };
-        }
-        catch (err) {
-            if (BaseError.isErrorMessage(err, /checksum/)) {
-                throw new GeneralError(Bech32._CLASS_NAME, "invalidChecksum", { bech: bech32 });
-            }
-            else if (BaseError.isErrorMessage(err, /between prefix and data only/i)) {
-                throw new GeneralError(Bech32._CLASS_NAME, "separatorMisused", { bech: bech32 });
-            }
-            else if (BaseError.isErrorMessage(err, /lowercase or uppercase/i)) {
-                throw new GeneralError(Bech32._CLASS_NAME, "lowerUpper", { bech: bech32 });
-            }
-            else if (BaseError.isErrorMessage(err, /must be at least/i) ||
-                BaseError.isErrorMessage(err, /wrong string length/i)) {
-                throw new GeneralError(Bech32._CLASS_NAME, "dataTooShort", { bech: bech32 });
-            }
-            throw new GeneralError(Bech32._CLASS_NAME, "decodeFailed", { bech: bech32 }, err);
-        }
-    }
-    /**
-     * Is the input a bech 32 address.
-     * @param bech The value to test.
-     * @returns True if this is potentially a match.
-     */
-    static isBech32(bech) {
-        try {
-            if (Is.stringValue(bech)) {
-                const result = bech32.decodeToBytes(bech);
-                return (Is.stringValue(result.prefix) && Is.uint8Array(result.bytes) && result.bytes.length > 0);
-            }
-        }
-        catch { }
-        return false;
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of Ed25519.
- */
-class Ed25519 {
-    /**
-     * Private Key Size is the size, in bytes, of private keys as used in this package.
-     */
-    static PRIVATE_KEY_SIZE = 32;
-    /**
-     * Public Key Size is the size, in bytes, of public keys as used in this package.
-     */
-    static PUBLIC_KEY_SIZE = 32;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Ed25519";
-    /**
-     * Public returns the PublicKey corresponding to private.
-     * @param privateKey The private key to get the corresponding public key.
-     * @returns The public key.
-     * @throws Error if the private key is not the correct length.
-     */
-    static publicKeyFromPrivateKey(privateKey) {
-        Guards.uint8Array(Ed25519._CLASS_NAME, "privateKey", privateKey);
-        if (privateKey.length !== Ed25519.PRIVATE_KEY_SIZE) {
-            throw new GeneralError(Ed25519._CLASS_NAME, "privateKeyLength", {
-                requiredSize: Ed25519.PRIVATE_KEY_SIZE,
-                actualSize: privateKey.length
-            });
-        }
-        return ed25519.getPublicKey(privateKey);
-    }
-    /**
-     * Sign the block with privateKey and returns a signature.
-     * @param privateKey The private key.
-     * @param block The block to sign.
-     * @returns The signature.
-     * @throws Error if the private key is not the correct length.
-     */
-    static sign(privateKey, block) {
-        Guards.uint8Array(Ed25519._CLASS_NAME, "privateKey", privateKey);
-        Guards.uint8Array(Ed25519._CLASS_NAME, "block", block);
-        if (privateKey.length !== Ed25519.PRIVATE_KEY_SIZE) {
-            throw new GeneralError(Ed25519._CLASS_NAME, "privateKeyLength", {
-                requiredSize: Ed25519.PRIVATE_KEY_SIZE,
-                actualSize: privateKey ? privateKey.length : 0
-            });
-        }
-        return ed25519.sign(block, privateKey);
-    }
-    /**
-     * Verify reports whether sig is a valid signature of block by publicKey.
-     * @param publicKey The public key to verify the signature.
-     * @param block The block for the signature.
-     * @param signature The signature.
-     * @returns True if the signature matches.
-     * @throws Error if the public key is not the correct length.
-     */
-    static verify(publicKey, block, signature) {
-        Guards.uint8Array(Ed25519._CLASS_NAME, "publicKey", publicKey);
-        Guards.uint8Array(Ed25519._CLASS_NAME, "block", block);
-        Guards.uint8Array(Ed25519._CLASS_NAME, "signature", signature);
-        if (publicKey.length !== Ed25519.PUBLIC_KEY_SIZE) {
-            throw new GeneralError(Ed25519._CLASS_NAME, "publicKeyLength", {
-                requiredSize: Ed25519.PUBLIC_KEY_SIZE,
-                actualSize: publicKey ? publicKey.length : 0
-            });
-        }
-        try {
-            return ed25519.verify(signature, block, publicKey);
-        }
-        catch {
-            return false;
-        }
-    }
-    /**
-     * Convert a private key in PKCS8 format.
-     * @param privateKey The private key to convert.
-     * @returns The private key in PKCS8 format.
-     */
-    static async privateKeyToPkcs8(privateKey) {
-        Guards.uint8Array(Ed25519._CLASS_NAME, "privateKey", privateKey);
-        if (privateKey.length !== Ed25519.PRIVATE_KEY_SIZE) {
-            throw new GeneralError(Ed25519._CLASS_NAME, "privateKeyLength", {
-                requiredSize: Ed25519.PRIVATE_KEY_SIZE,
-                actualSize: privateKey.length
-            });
-        }
-        // crypto.subtle.importKey does not support Ed25519 keys in raw format.
-        // We need to convert the key to PKCS8 format before importing.
-        // The PKCS8 format is the raw key prefixed with the ASN.1 sequence for an Ed25519 private key.
-        // The ASN.1 sequence is 48 46 02 01 00 30 05 06 03 2b 65 70 04 20 04 20 (0x302e020100300506032b657004220420)
-        const pkcs8Prefix = new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32]);
-        const fullKey = Uint8ArrayHelper.concat([pkcs8Prefix, privateKey]);
-        return crypto.subtle.importKey("pkcs8", new Uint8Array(fullKey), "Ed25519", true, ["sign"]);
-    }
-    /**
-     * Convert a crypto key to raw private key.
-     * @param cryptoKey The crypto key to convert.
-     * @returns The raw private key.
-     */
-    static async pkcs8ToPrivateKey(cryptoKey) {
-        Guards.defined(Ed25519._CLASS_NAME, "cryptoKey", cryptoKey);
-        // crypto.subtle.exportKey does not support Ed25519 keys in raw format.
-        // so we export as PKCS8 and remove the ASN.1 sequence prefix.
-        const pkcs8Bytes = await crypto.subtle.exportKey("pkcs8", cryptoKey);
-        return new Uint8Array(pkcs8Bytes.slice(16));
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of secp256k1.
- */
-class Secp256k1 {
-    /**
-     * Private Key Size is the size, in bytes, of private keys as used in this package.
-     */
-    static PRIVATE_KEY_SIZE = 32;
-    /**
-     * Public Key Size is the size, in bytes, of public keys as used in this package.
-     */
-    static PUBLIC_KEY_SIZE = 33;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Secp256k1";
-    /**
-     * Public returns the PublicKey corresponding to private.
-     * @param privateKey The private key to get the corresponding public key.
-     * @returns The public key.
-     * @throws Error if the private key is not the correct length.
-     */
-    static publicKeyFromPrivateKey(privateKey) {
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "privateKey", privateKey);
-        if (privateKey.length !== Secp256k1.PRIVATE_KEY_SIZE) {
-            throw new GeneralError(Secp256k1._CLASS_NAME, "privateKeyLength", {
-                requiredSize: Secp256k1.PRIVATE_KEY_SIZE,
-                actualSize: privateKey.length
-            });
-        }
-        return secp256k1.getPublicKey(privateKey);
-    }
-    /**
-     * Sign the block with privateKey and returns a signature.
-     * @param privateKey The private key.
-     * @param block The block to sign.
-     * @returns The signature.
-     * @throws Error if the private key is not the correct length.
-     */
-    static sign(privateKey, block) {
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "privateKey", privateKey);
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "block", block);
-        if (privateKey.length !== Secp256k1.PRIVATE_KEY_SIZE) {
-            throw new GeneralError(Secp256k1._CLASS_NAME, "privateKeyLength", {
-                requiredSize: Secp256k1.PRIVATE_KEY_SIZE,
-                actualSize: privateKey.length
-            });
-        }
-        const res = secp256k1.sign(block, privateKey, { prehash: false });
-        return res;
-    }
-    /**
-     * Verify reports whether sig is a valid signature of block by publicKey.
-     * @param publicKey The public key to verify the signature.
-     * @param block The block for the signature.
-     * @param signature The signature.
-     * @returns True if the signature matches.
-     * @throws Error if the public key is not the correct length.
-     */
-    static verify(publicKey, block, signature) {
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "publicKey", publicKey);
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "block", block);
-        Guards.uint8Array(Secp256k1._CLASS_NAME, "signature", signature);
-        if (publicKey.length !== Secp256k1.PUBLIC_KEY_SIZE) {
-            throw new GeneralError(Secp256k1._CLASS_NAME, "publicKeyLength", {
-                requiredSize: Secp256k1.PUBLIC_KEY_SIZE,
-                actualSize: publicKey ? publicKey.length : 0
-            });
-        }
-        try {
-            return secp256k1.verify(signature, block, publicKey, { prehash: false });
-        }
-        catch {
-            return false;
-        }
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with Blake2B Signature scheme.
- */
-class Blake2b {
-    /**
-     * Blake2b 160.
-     */
-    static SIZE_160 = 20;
-    /**
-     * Blake2b 256.
-     */
-    static SIZE_256 = 32;
-    /**
-     * Blake2b 512.
-     */
-    static SIZE_512 = 64;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Blake2b";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Blake2b.
-     * @param outputLength The output length.
-     * @param key Optional key for the hash.
-     */
-    constructor(outputLength, key) {
-        this._instance = blake2b.create({
-            dkLen: outputLength,
-            key
-        });
-    }
-    /**
-     * Perform Sum 160 on the block.
-     * @param block The block to operate on.
-     * @param key Optional key for the hash.
-     * @returns The sum 160 of the block.
-     */
-    static sum160(block, key) {
-        Guards.uint8Array(Blake2b._CLASS_NAME, "block", block);
-        return new Blake2b(Blake2b.SIZE_160, key).update(block).digest();
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param block The block to operate on.
-     * @param key Optional key for the hash.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(block, key) {
-        Guards.uint8Array(Blake2b._CLASS_NAME, "block", block);
-        return new Blake2b(Blake2b.SIZE_256, key).update(block).digest();
-    }
-    /**
-     * Perform Sum 512 on the block.
-     * @param block The block to operate on.
-     * @param key Optional key for the hash.
-     * @returns The sum 512 of the block.
-     */
-    static sum512(block, key) {
-        Guards.uint8Array(Blake2b._CLASS_NAME, "block", block);
-        return new Blake2b(Blake2b.SIZE_512, key).update(block).digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Blake2b._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with bip32 paths.
- */
-class Bip32Path {
-    /**
-     * The path.
-     * @internal
-     */
-    _path;
-    /**
-     * Create a new instance of Bip32Path.
-     * @param initialPath Initial path to create.
-     */
-    constructor(initialPath) {
-        if (initialPath) {
-            this._path = initialPath.split("/");
-            if (this._path[0] === "m") {
-                this._path.shift();
-            }
-        }
-        else {
-            this._path = [];
-        }
-    }
-    /**
-     * Construct a new path by cloning an existing one.
-     * @param bip32Path The path to clone.
-     * @returns A new instance of Bip32Path.
-     */
-    static fromPath(bip32Path) {
-        const p = new Bip32Path();
-        p._path = bip32Path._path.slice();
-        return p;
-    }
-    /**
-     * Converts the path to a string.
-     * @returns The path as a string.
-     */
-    toString() {
-        return this._path.length > 0 ? `m/${this._path.join("/")}` : "m";
-    }
-    /**
-     * Push a new index on to the path.
-     * @param index The index to add to the path.
-     */
-    push(index) {
-        this._path.push(`${index}`);
-    }
-    /**
-     * Push a new hardened index on to the path.
-     * @param index The index to add to the path.
-     */
-    pushHardened(index) {
-        this._path.push(`${index}'`);
-    }
-    /**
-     * Pop an index from the path.
-     */
-    pop() {
-        this._path.pop();
-    }
-    /**
-     * Get the segments.
-     * @returns The segments as numbers.
-     */
-    numberSegments() {
-        return this._path.map(p => Number.parseInt(p, 10));
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * The names of the key types.
- */
-// eslint-disable-next-line @typescript-eslint/naming-convention
-const KeyType = {
-    /**
-     * Ed25519.
-     */
-    Ed25519: 0,
-    /**
-     * Secp256k1.
-     */
-    Secp256k1: 1
-};
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with slip0010 key derivation
- * https://github.com/satoshilabs/slips/blob/master/slip-0010.md.
- */
-class Slip0010 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Slip0010";
-    /**
-     * Get the master key from the seed.
-     * @param seed The seed to generate the master key from.
-     * @param keyType The key type.
-     * @returns The key and chain code.
-     * @throws If the seed is invalid.
-     */
-    static getMasterKeyFromSeed(seed, keyType = KeyType.Ed25519) {
-        try {
-            const masterKey = keyType === KeyType.Ed25519
-                ? HDKey.fromMasterSeed(seed)
-                : HDKey$1.fromMasterSeed(seed);
-            return {
-                privateKey: masterKey.privateKey ?? new Uint8Array(),
-                chainCode: masterKey.chainCode ?? new Uint8Array()
-            };
-        }
-        catch (error) {
-            throw new GeneralError(Slip0010._CLASS_NAME, "invalidSeed", { seed: Converter.bytesToUtf8(seed) }, error);
-        }
-    }
-    /**
-     * Derive a key from the path.
-     * @param seed The seed.
-     * @param path The path.
-     * @param keyType The key type.
-     * @returns The key and chain code.
-     */
-    static derivePath(seed, path, keyType = KeyType.Ed25519) {
-        const keyOpts = Slip0010.getMasterKeyFromSeed(seed, keyType);
-        if (keyType === KeyType.Ed25519) {
-            const hdKey = new HDKey(keyOpts);
-            const derivedKey = hdKey.derive(path.toString());
-            return {
-                privateKey: derivedKey.privateKey,
-                chainCode: derivedKey.chainCode
-            };
-        }
-        const hdKey = new HDKey$1(keyOpts);
-        const derivedKey = hdKey.derive(path.toString());
-        return {
-            privateKey: derivedKey.privateKey ?? new Uint8Array(),
-            chainCode: derivedKey.chainCode ?? new Uint8Array()
-        };
-    }
-    /**
-     * Get the public key from the private key.
-     * @param privateKey The private key.
-     * @param keyType The key type.
-     * @param withZeroByte Include a zero bute prefix.
-     * @returns The public key.
-     */
-    static getPublicKey(privateKey, keyType = KeyType.Ed25519, withZeroByte = true) {
-        const signPk = keyType === KeyType.Ed25519
-            ? Ed25519.publicKeyFromPrivateKey(privateKey)
-            : Secp256k1.publicKeyFromPrivateKey(privateKey);
-        if (withZeroByte) {
-            const arr = new Uint8Array(1 + signPk.length);
-            arr[0] = 0;
-            arr.set(signPk, 1);
-            return arr;
-        }
-        return signPk;
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of Bip44 for address generation.
- */
-class Bip44 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Bip44";
-    /**
-     * Generate a bip44 key pair from the seed and parts.
-     * @param seed The account seed.
-     * @param keyType The key type.
-     * @param coinType The coin type.
-     * @param accountIndex The account index.
-     * @param isInternal Is this an internal address.
-     * @param addressIndex The address index.
-     * @returns The key pair.
-     * @throws Error if the address type is not supported.
-     */
-    static keyPair(seed, keyType, coinType, accountIndex, isInternal, addressIndex) {
-        const bip44Path = Bip44.path(coinType, accountIndex, isInternal, addressIndex);
-        const keys = Slip0010.derivePath(seed, bip44Path);
-        if (keyType === KeyType.Ed25519) {
-            const publicKey = Ed25519.publicKeyFromPrivateKey(keys.privateKey);
-            return {
-                privateKey: keys.privateKey,
-                publicKey
-            };
-        }
-        else if (keyType === KeyType.Secp256k1) {
-            const publicKey = Secp256k1.publicKeyFromPrivateKey(keys.privateKey);
-            return {
-                privateKey: keys.privateKey,
-                publicKey
-            };
-        }
-        throw new GeneralError(Bip44._CLASS_NAME, "unsupportedKeyType", { keyType });
-    }
-    /**
-     * Generate a bip44 path based on all its parts.
-     * @param coinType The coin type.
-     * @param accountIndex The account index.
-     * @param isInternal Is this an internal address.
-     * @param addressIndex The address index.
-     * @returns The generated path.
-     */
-    static path(coinType, accountIndex, isInternal, addressIndex) {
-        const bip32Path = new Bip32Path(Bip44.basePath(coinType));
-        bip32Path.pushHardened(accountIndex);
-        bip32Path.pushHardened(isInternal ? 1 : 0);
-        bip32Path.pushHardened(addressIndex);
-        return bip32Path;
-    }
-    /**
-     * Create a bip44 base path for the provided coin type.
-     * @param coinType The coin type.
-     * @returns The bip44 address base path.
-     */
-    static basePath(coinType) {
-        return `m/44'/${coinType}'`;
-    }
-    /**
-     * Generate an address from the seed and parts.
-     * @param seed The account seed.
-     * @param keyType The key type.
-     * @param coinType The coin type.
-     * @param accountIndex The account index.
-     * @param isInternal Is this an internal address.
-     * @param addressIndex The address index.
-     * @returns The generated path and the associated keypair.
-     */
-    static address(seed, keyType, coinType, accountIndex, isInternal, addressIndex) {
-        const keyPair = Bip44.keyPair(seed, keyType, coinType, accountIndex, isInternal, addressIndex);
-        const addressData = Blake2b.sum256(keyPair.publicKey);
-        return {
-            address: Converter.bytesToHex(addressData, true),
-            ...keyPair
-        };
-    }
-    /**
-     * Generate a bech32 address from the seed and parts.
-     * @param seed The account seed.
-     * @param keyType The key type.
-     * @param hrp The human readable part of the address.
-     * @param coinType The coin type.
-     * @param accountIndex The account index.
-     * @param isInternal Is this an internal address.
-     * @param addressIndex The address index.
-     * @returns The generated path and the associated keypair.
-     */
-    static addressBech32(seed, keyType, hrp, coinType, accountIndex, isInternal, addressIndex) {
-        const keyPair = Bip44.keyPair(seed, keyType, coinType, accountIndex, isInternal, addressIndex);
-        const addressData = Blake2b.sum256(keyPair.publicKey);
-        const bech32Data = new Uint8Array(1 + addressData.length);
-        bech32Data[0] = keyType;
-        bech32Data.set(addressData, 1);
-        return {
-            address: Bech32.encode(hrp, bech32Data),
-            ...keyPair
-        };
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of the ChaCha20Poly1305 cipher.
- */
-class ChaCha20Poly1305 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "ChaCha20Poly1305";
-    /**
-     * The cipher instance.
-     * @internal
-     */
-    _instance;
-    /**
-     * Create a new instance of ChaCha20Poly1305.
-     * @param key The key.
-     * @param nonce The nonce.
-     * @param aad The additional authenticated data.
-     */
-    constructor(key, nonce, aad) {
-        Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "key", key);
-        Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "nonce", nonce);
-        this._instance = chacha20poly1305(key, nonce, aad);
-    }
-    /**
-     * Encrypt the block.
-     * @param block The block to encrypt.
-     * @returns The block encrypted.
-     */
-    encrypt(block) {
-        Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "block", block);
-        return this._instance.encrypt(block);
-    }
-    /**
-     * Decrypt the block.
-     * @param block The block to decrypt.
-     * @returns The block decrypted.
-     */
-    decrypt(block) {
-        Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "block", block);
-        return this._instance.decrypt(block);
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of X25519.
- */
-class X25519 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "X25519";
-    /**
-     * Convert Ed25519 private key to X25519 private key.
-     * @param ed25519PrivateKey The ed25519 private key to convert.
-     * @returns The x25519 private key.
-     */
-    static convertPrivateKeyToX25519(ed25519PrivateKey) {
-        Guards.uint8Array(X25519._CLASS_NAME, "ed25519PrivateKey", ed25519PrivateKey);
-        return ed25519.utils.toMontgomerySecret(ed25519PrivateKey.slice(0, Ed25519.PRIVATE_KEY_SIZE));
-    }
-    /**
-     * Convert Ed25519 public key to X25519 public key.
-     * @param ed25519PublicKey The ed25519 public key to convert.
-     * @returns The x25519 public key.
-     * @throws GeneralError On invalid public key.
-     */
-    static convertPublicKeyToX25519(ed25519PublicKey) {
-        Guards.uint8Array(X25519._CLASS_NAME, "ed25519PublicKey", ed25519PublicKey);
-        return ed25519.utils.toMontgomery(ed25519PublicKey);
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of Zip215.
- */
-class Zip215 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Zip215";
-    /**
-     * Verify reports whether sig is a valid signature of block by
-     * publicKey, using precisely-specified validation criteria (ZIP 215) suitable
-     * for use in consensus-critical contexts.
-     * @param publicKey The public key for the block.
-     * @param block The block content to validate.
-     * @param sig The signature to verify.
-     * @returns True if the signature is valid.
-     */
-    static verify(publicKey, block, sig) {
-        Guards.uint8Array(Zip215._CLASS_NAME, "publicKey", publicKey);
-        Guards.uint8Array(Zip215._CLASS_NAME, "block", block);
-        Guards.uint8Array(Zip215._CLASS_NAME, "sig", sig);
-        if (publicKey.length !== Ed25519.PUBLIC_KEY_SIZE) {
-            return false;
-        }
-        return ed25519.verify(sig, block, publicKey, { zip215: true });
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with Blake3 Signature scheme.
- */
-class Blake3 {
-    /**
-     * Blake3 256.
-     */
-    static SIZE_256 = 32;
-    /**
-     * Blake3 512.
-     */
-    static SIZE_512 = 64;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Blake3";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Blake3.
-     * @param outputLength The output length.
-     * @param key Optional key for the hash.
-     */
-    constructor(outputLength, key) {
-        this._instance = blake3.create({
-            dkLen: outputLength,
-            key
-        });
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param block The block to operate on.
-     * @param key Optional key for the hash.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(block, key) {
-        Guards.uint8Array(Blake3._CLASS_NAME, "block", block);
-        return new Blake3(Blake3.SIZE_256, key).update(block).digest();
-    }
-    /**
-     * Perform Sum 512 on the block.
-     * @param block The block to operate on.
-     * @param key Optional key for the hash.
-     * @returns The sum 512 of the block.
-     */
-    static sum512(block, key) {
-        Guards.uint8Array(Blake3._CLASS_NAME, "block", block);
-        return new Blake3(Blake3.SIZE_512, key).update(block).digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Blake3._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with HmacSha1 scheme.
- */
-class HmacSha1 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "HmacSha1";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of HmacSha1.
-     * @param key The key for the hmac.
-     */
-    constructor(key) {
-        this._instance = hmac.create(sha1, key);
-    }
-    /**
-     * Perform Sum on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum of the block.
-     */
-    static sum(key, block) {
-        Guards.uint8Array(HmacSha1._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha1._CLASS_NAME, "block", block);
-        return new HmacSha1(key).update(block).digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(HmacSha1._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Class to help with HmacSha256 scheme.
- */
-class HmacSha256 {
-    /**
-     * Sha256 256.
-     */
-    static SIZE_256 = 256;
-    /**
-     * Sha256 224.
-     */
-    static SIZE_224 = 224;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "HmacSha256";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of HmacSha256.
-     * @param key The key for the hmac.
-     * @param bits The number of bits.
-     */
-    constructor(key, bits = HmacSha256.SIZE_256) {
-        if (bits !== HmacSha256.SIZE_224 && bits !== HmacSha256.SIZE_256) {
-            throw new GeneralError(HmacSha256._CLASS_NAME, "bitSize", { bitSize: bits });
-        }
-        this._instance = hmac.create(bits === HmacSha256.SIZE_256 ? sha256 : sha224, key);
-    }
-    /**
-     * Perform Sum 224 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 224 of the block.
-     */
-    static sum224(key, block) {
-        Guards.uint8Array(HmacSha256._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha256._CLASS_NAME, "block", block);
-        const instance = new HmacSha256(key, HmacSha256.SIZE_224);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(key, block) {
-        Guards.uint8Array(HmacSha256._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha256._CLASS_NAME, "block", block);
-        const instance = new HmacSha256(key, HmacSha256.SIZE_256);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(HmacSha256._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/* eslint-disable camelcase */
-/**
- * Class to help with HmacSha512 scheme.
- */
-class HmacSha512 {
-    /**
-     * Sha512 224.
-     */
-    static SIZE_224 = 224;
-    /**
-     * Sha512 256.
-     */
-    static SIZE_256 = 256;
-    /**
-     * Sha512 384.
-     */
-    static SIZE_384 = 384;
-    /**
-     * Sha512 512.
-     */
-    static SIZE_512 = 512;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "HmacSha512";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of HmacSha512.
-     * @param key The key for the hmac.
-     * @param bits The number of bits.
-     */
-    constructor(key, bits = HmacSha512.SIZE_512) {
-        if (bits !== HmacSha512.SIZE_224 &&
-            bits !== HmacSha512.SIZE_256 &&
-            bits !== HmacSha512.SIZE_384 &&
-            bits !== HmacSha512.SIZE_512) {
-            throw new GeneralError(HmacSha512._CLASS_NAME, "bitSize", { bitSize: bits });
-        }
-        if (bits === HmacSha512.SIZE_224) {
-            this._instance = hmac.create(sha512_224, key);
-        }
-        else if (bits === HmacSha512.SIZE_256) {
-            this._instance = hmac.create(sha512_256, key);
-        }
-        else if (bits === HmacSha512.SIZE_384) {
-            this._instance = hmac.create(sha384, key);
-        }
-        else {
-            this._instance = hmac.create(sha512, key);
-        }
-    }
-    /**
-     * Perform Sum 512 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 512 of the block.
-     */
-    static sum512(key, block) {
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "block", block);
-        const instance = new HmacSha512(key, HmacSha512.SIZE_512);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Perform Sum 384 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 384 of the block.
-     */
-    static sum384(key, block) {
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "block", block);
-        const instance = new HmacSha512(key, HmacSha512.SIZE_384);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(key, block) {
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "block", block);
-        const instance = new HmacSha512(key, HmacSha512.SIZE_256);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Perform Sum 224 on the block.
-     * @param key The key for the hmac.
-     * @param block The block to operate on.
-     * @returns The sum 224 of the block.
-     */
-    static sum224(key, block) {
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "key", key);
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "block", block);
-        const instance = new HmacSha512(key, HmacSha512.SIZE_224);
-        instance.update(block);
-        return instance.digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(HmacSha512._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of the password based key derivation function 2.
- */
-class Pbkdf2 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Pbkdf2";
-    /**
-     * Derive a key from the parameters using Sha256.
-     * @param password The password to derive the key from.
-     * @param salt The salt for the derivation.
-     * @param iterations Number of iterations to perform.
-     * @param keyLength The length of the key to derive.
-     * @returns The derived key.
-     */
-    static sha256(password, salt, iterations, keyLength) {
-        Guards.uint8Array(Pbkdf2._CLASS_NAME, "password", password);
-        Guards.uint8Array(Pbkdf2._CLASS_NAME, "salt", salt);
-        Guards.number(Pbkdf2._CLASS_NAME, "iterations", iterations);
-        Guards.number(Pbkdf2._CLASS_NAME, "keyLength", keyLength);
-        return pbkdf2(sha256, password, salt, { c: iterations, dkLen: keyLength });
-    }
-    /**
-     * Derive a key from the parameters using Sha512.
-     * @param password The password to derive the key from.
-     * @param salt The salt for the derivation.
-     * @param iterations Number of iterations to perform.
-     * @param keyLength The length of the key to derive.
-     * @returns The derived key.
-     */
-    static sha512(password, salt, iterations, keyLength) {
-        Guards.uint8Array(Pbkdf2._CLASS_NAME, "password", password);
-        Guards.uint8Array(Pbkdf2._CLASS_NAME, "salt", salt);
-        Guards.number(Pbkdf2._CLASS_NAME, "iterations", iterations);
-        Guards.number(Pbkdf2._CLASS_NAME, "keyLength", keyLength);
-        return pbkdf2(sha512, password, salt, { c: iterations, dkLen: keyLength });
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Perform a SHA-1 hash on the block.
- */
-class Sha1 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Sha1";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Sha1.
-     */
-    constructor() {
-        this._instance = sha1.create();
-    }
-    /**
-     * Perform Sum on the block.
-     * @param block The block to operate on.
-     * @returns The sum of the block.
-     */
-    static sum(block) {
-        Guards.uint8Array(Sha1._CLASS_NAME, "block", block);
-        return new Sha1().update(block).digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Sha1._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Perform a SHA-256 hash on the block.
- */
-class Sha256 {
-    /**
-     * Sha256 256.
-     */
-    static SIZE_256 = 256;
-    /**
-     * Sha256 224.
-     */
-    static SIZE_224 = 224;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Sha256";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Sha256.
-     * @param bits The number of bits.
-     */
-    constructor(bits = Sha256.SIZE_256) {
-        if (bits !== Sha256.SIZE_224 && bits !== Sha256.SIZE_256) {
-            throw new GeneralError(Sha256._CLASS_NAME, "bitSize", { bitSize: bits });
-        }
-        this._instance = bits === Sha256.SIZE_256 ? sha256.create() : sha224.create();
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(block) {
-        const b2b = new Sha256(Sha256.SIZE_256);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 224 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 224 of the block.
-     */
-    static sum224(block) {
-        const b2b = new Sha256(Sha256.SIZE_224);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Sha256._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-// eslint-disable-next-line camelcase
-/**
- * Perform a SHA-3 hash on the block.
- */
-class Sha3 {
-    /**
-     * Sha3 224.
-     */
-    static SIZE_224 = 224;
-    /**
-     * Sha3 256.
-     */
-    static SIZE_256 = 256;
-    /**
-     * Sha3 384.
-     */
-    static SIZE_384 = 384;
-    /**
-     * Sha3 512.
-     */
-    static SIZE_512 = 512;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Sha3";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Sha3.
-     * @param bits The number of bits.
-     */
-    constructor(bits = Sha3.SIZE_256) {
-        if (bits !== Sha3.SIZE_224 &&
-            bits !== Sha3.SIZE_256 &&
-            bits !== Sha3.SIZE_384 &&
-            bits !== Sha3.SIZE_512) {
-            throw new GeneralError(Sha3._CLASS_NAME, "bitSize", { bitSize: bits });
-        }
-        if (bits === Sha3.SIZE_224) {
-            // eslint-disable-next-line camelcase
-            this._instance = sha3_224.create();
-        }
-        else if (bits === Sha3.SIZE_256) {
-            // eslint-disable-next-line camelcase
-            this._instance = sha3_256.create();
-        }
-        else if (bits === Sha3.SIZE_384) {
-            // eslint-disable-next-line camelcase
-            this._instance = sha3_384.create();
-        }
-        else {
-            // eslint-disable-next-line camelcase
-            this._instance = sha3_512.create();
-        }
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(block) {
-        const b2b = new Sha3(Sha3.SIZE_256);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 224 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 224 of the block.
-     */
-    static sum224(block) {
-        const b2b = new Sha3(Sha3.SIZE_224);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 384 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 384 of the block.
-     */
-    static sum384(block) {
-        const b2b = new Sha3(Sha3.SIZE_384);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 512 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 512 of the block.
-     */
-    static sum512(block) {
-        const b2b = new Sha3(Sha3.SIZE_512);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Sha3._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/* eslint-disable camelcase */
-/**
- * Perform a SHA-512 hash on the block.
- */
-class Sha512 {
-    /**
-     * Sha512 224.
-     */
-    static SIZE_224 = 224;
-    /**
-     * Sha512 256.
-     */
-    static SIZE_256 = 256;
-    /**
-     * Sha512 384.
-     */
-    static SIZE_384 = 384;
-    /**
-     * Sha512 512.
-     */
-    static SIZE_512 = 512;
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Sha512";
-    /**
-     * The instance of the hash.
-     * @internal
-     */
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    _instance;
-    /**
-     * Create a new instance of Sha512.
-     * @param bits The number of bits.
-     */
-    constructor(bits = Sha512.SIZE_512) {
-        if (bits !== Sha512.SIZE_224 &&
-            bits !== Sha512.SIZE_256 &&
-            bits !== Sha512.SIZE_384 &&
-            bits !== Sha512.SIZE_512) {
-            throw new GeneralError(Sha512._CLASS_NAME, "bitSize", { bitSize: bits });
-        }
-        if (bits === Sha512.SIZE_224) {
-            this._instance = sha512_224.create();
-        }
-        else if (bits === Sha512.SIZE_256) {
-            this._instance = sha512_256.create();
-        }
-        else if (bits === Sha512.SIZE_384) {
-            this._instance = sha384.create();
-        }
-        else {
-            this._instance = sha512.create();
-        }
-    }
-    /**
-     * Perform Sum 512 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 512 of the block.
-     */
-    static sum512(block) {
-        const b2b = new Sha512(Sha512.SIZE_512);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 384 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 384 of the block.
-     */
-    static sum384(block) {
-        const b2b = new Sha512(Sha512.SIZE_384);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 256 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 256 of the block.
-     */
-    static sum256(block) {
-        const b2b = new Sha512(Sha512.SIZE_256);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Perform Sum 224 on the block.
-     * @param block The block to operate on.
-     * @returns The sum 224 of the block.
-     */
-    static sum224(block) {
-        const b2b = new Sha512(Sha512.SIZE_224);
-        b2b.update(block);
-        return b2b.digest();
-    }
-    /**
-     * Update the hash with the block.
-     * @param block The block to update the hash with.
-     * @returns The instance for chaining.
-     */
-    update(block) {
-        Guards.uint8Array(Sha512._CLASS_NAME, "block", block);
-        this._instance.update(block);
-        return this;
-    }
-    /**
-     * Get the digest for the hash.
-     * @returns The instance for chaining.
-     */
-    digest() {
-        return this._instance.digest();
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Helper class for working with PEM (Privacy-Enhanced Mail) formatted data.
- */
-class PemHelper {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "PemHelper";
-    /**
-     * Strip the PEM content of its headers, footers, and newlines.
-     * @param pemContent The PEM content to strip.
-     * @returns The stripped PEM content in bas64 format.
-     */
-    static stripPemMarkers(pemContent) {
-        Guards.string(PemHelper._CLASS_NAME, "pemContent", pemContent);
-        return pemContent
-            .replace(/-----BEGIN.*-----/, "")
-            .replace(/-----END.*-----/, "")
-            .replace(/\n/g, "")
-            .trim();
-    }
-    /**
-     * Format the PEM content to have a specific line length.
-     * @param marker The marker for the PEM content, e.g. RSA PRIVATE KEY
-     * @param base64Content The base64 content to format.
-     * @param lineLength The length of each line in the PEM content, default is 64 characters.
-     * @returns The formatted PEM content.
-     */
-    static formatPem(marker, base64Content, lineLength = 64) {
-        Guards.stringValue(PemHelper._CLASS_NAME, "marker", marker);
-        Guards.stringBase64(PemHelper._CLASS_NAME, "base64Content", base64Content);
-        const lines = [];
-        for (let i = 0; i < base64Content.length; i += lineLength) {
-            lines.push(base64Content.slice(i, i + lineLength));
-        }
-        return [`-----BEGIN ${marker}-----`, ...lines, `-----END ${marker}-----`].join("\n");
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Implementation of Bip39 for mnemonic generation.
- */
-class Bip39 {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Bip39";
-    /**
-     * Generate a random mnemonic.
-     * @param strength The strength of the mnemonic to generate, defaults to 256.
-     * @param words The wordlist to use, defaults to the English wordlist.
-     * @returns The random mnemonic.
-     * @throws Error if the length is not a multiple of 32.
-     */
-    static randomMnemonic(strength = 256, words = wordlist) {
-        Guards.number(Bip39._CLASS_NAME, "strength", strength);
-        Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
-        if (strength % 32 !== 0) {
-            throw new GuardError(Bip39._CLASS_NAME, "guard.length32Multiple", "strength", strength);
-        }
-        return bip39.generateMnemonic(words, strength);
-    }
-    /**
-     * Generate a mnemonic from the entropy.
-     * @param entropy The entropy to generate.
-     * @param words The wordlist to use, defaults to the English wordlist.
-     * @returns The mnemonic.
-     * @throws Error if the length of the entropy is not a multiple of 4, or is less than 16 or greater than 32.
-     */
-    static entropyToMnemonic(entropy, words = wordlist) {
-        Guards.uint8Array(Bip39._CLASS_NAME, "entropy", entropy);
-        Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
-        if (entropy.length % 4 !== 0 || entropy.length < 16 || entropy.length > 32) {
-            throw new GuardError(Bip39._CLASS_NAME, "guard.lengthEntropy", "entropy", entropy.length);
-        }
-        return bip39.entropyToMnemonic(entropy, words);
-    }
-    /**
-     * Convert a mnemonic to a seed.
-     * @param mnemonic The mnemonic to convert.
-     * @param password The password to apply to the seed generation.
-     * @returns The seed.
-     */
-    static mnemonicToSeed(mnemonic, password) {
-        Guards.stringValue(Bip39._CLASS_NAME, "mnemonic", mnemonic);
-        return bip39.mnemonicToSeedSync(mnemonic, password);
-    }
-    /**
-     * Convert the mnemonic back to entropy.
-     * @param mnemonic The mnemonic to convert.
-     * @param words The wordlist to use, defaults to the English wordlist.
-     * @returns The entropy.
-     * @throws Error if the number of words is not a multiple of 3.
-     */
-    static mnemonicToEntropy(mnemonic, words = wordlist) {
-        Guards.stringValue(Bip39._CLASS_NAME, "mnemonic", mnemonic);
-        Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
-        return bip39.mnemonicToEntropy(mnemonic, words);
-    }
-    /**
-     * Validate the mnemonic.
-     * @param mnemonic The mnemonic to validate.
-     * @param wordCount The expected number of words in the mnemonic, defaults to 24.
-     * @param words The wordlist to use, defaults to the English wordlist.
-     * @returns True if the mnemonic is valid.
-     */
-    static validateMnemonic(mnemonic, wordCount = 24, words = wordlist) {
-        Guards.string(Bip39._CLASS_NAME, "mnemonic", mnemonic);
-        Guards.integer(Bip39._CLASS_NAME, "wordCount", wordCount);
-        const mnemonicSplit = mnemonic.split(/\s+/);
-        if (mnemonicSplit.length !== wordCount) {
-            return false;
-        }
-        return bip39.validateMnemonic(mnemonic, words);
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Perform HOTP.
- * Implementation of https://datatracker.ietf.org/doc/html/rfc4226 .
- */
-class Hotp {
-    /**
-     * Runtime name for the class.
-     * @internal
-     */
-    static _CLASS_NAME = "Hotp";
-    /**
-     * Generate a counter based One Time Password.
-     * @param key Key for the one time password.
-     * @param counter This should be stored by the application,
-     * must be user specific, and be incremented for each request.
-     * @returns The one time password.
-     */
-    static generate(key, counter) {
-        Guards.uint8Array(Hotp._CLASS_NAME, "key", key);
-        Guards.number(Hotp._CLASS_NAME, "counter", counter);
-        return otp.hotp({ secret: key, digits: 6, algorithm: "sha1", interval: 30 }, counter);
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Perform TOTP.
- * Implementation of https://datatracker.ietf.org/doc/html/rfc4226 .
- */
-class Totp {
-    /**
-     * Generate a time based One Time Password.
-     * @param key Key for the one time password.
-     * @param interval The time step of the counter.
-     * @param timestamp The timestamp.
-     * @returns The one time password.
-     */
-    static generate(key, interval = 30, timestamp = Date.now()) {
-        return otp.totp({ secret: key, digits: 6, algorithm: "sha1", interval }, timestamp);
-    }
-    /**
-     * Check a One Time Password based on a timer.
-     * @param token Passcode to validate.
-     * @param key Key for the one time password. This should be unique and secret for
-     * every user as it is the seed used to calculate the HMAC.
-     * @param window The allowable margin for the counter.
-     * @param interval The time step of the counter.
-     * @param timestamp The timestamp now.
-     * @returns Undefined if failure, delta on success
-     */
-    static verify(token, key, window = 2, interval = 30, timestamp = Date.now()) {
-        for (let i = -window; i < window; i++) {
-            const intervalWindow = i * interval * 1000;
-            if (timestamp + intervalWindow > 0) {
-                const gen = this.generate(key, interval, timestamp + intervalWindow);
-                if (gen === token) {
-                    // We have found a matching code
-                    return i;
-                }
-            }
-        }
-        // If we get to here then no codes have matched, return undefined
-        return undefined;
-    }
-    /**
-     * Generate a secret.
-     * @param length The length of the secret to generate.
-     * @returns The secret encoded as base32.
-     */
-    static generateSecret(length) {
-        const encodedBase32 = Base32.encode(RandomHelper.generate(length));
-        // Strip the trailing = the authenticator apps don't need them
-        return encodedBase32.replace(/=/g, "");
-    }
-    /**
-     * Convert the secret back to bytes.
-     * @param secretBase32 The secret encoded as base32.
-     * @returns The bytes of the secret.
-     */
-    static secretToBytes(secretBase32) {
-        return Base32.decode(secretBase32);
-    }
-    /**
-     * Generate a url for use with authenticator apps.
-     * See https://github.com/google/google-authenticator/wiki/Key-Uri-Format .
-     * @param issuer The issuer of the totp.
-     * @param label The label that will show in auth apps.
-     * @param secretBase32 The secret as base 32.
-     * @returns The url.
-     */
-    static generateAuthUrl(issuer, label, secretBase32) {
-        const encodedIssuer = encodeURIComponent(issuer);
-        return `otpauth://totp/${encodedIssuer}%3A${encodeURIComponent(label)}?secret=${secretBase32}&issuer=${encodedIssuer}&digits=6&algorithm=SHA1&interval=30`;
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Generate random passwords.
- */
-class PasswordGenerator {
-    /**
-     * Generate a password of given length.
-     * @param length The length of the password to generate.
-     * @returns The random password.
-     */
-    static generate(length) {
-        const alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-        const alphabet2 = `${alphabet}0123456789!#$£%^&*+=@~?}`;
-        const chars = [];
-        while (chars.length < length) {
-            const charSet = chars.length === 0 ? alphabet : alphabet2;
-            let b = 0;
-            do {
-                b = RandomHelper.generate(1)[0];
-            } while (b >= charSet.length);
-            chars.push(charSet[b]);
-        }
-        return chars.join("");
-    }
-}
-
-// Copyright 2024 IOTA Stiftung.
-// SPDX-License-Identifier: Apache-2.0.
-/**
- * Test password strength.
- * Ref https://www.owasp.org/index.php/Authentication_Cheat_Sheet#Implement_Proper_Password_Strength_Controls .
- */
-class PasswordValidator {
-    /**
-     * Test the strength of the password.
-     * @param property The name of the property.
-     * @param password The password to test.
-     * @param failures The list of failures to add to.
-     * @param options Options to configure the testing.
-     * @param options.minLength The minimum length of the password, defaults to 8.
-     * @param options.maxLength The minimum length of the password, defaults to 128.
-     * @param options.minPhraseLength The minimum length of the password for it to be considered a pass phrase.
-     */
-    static validate(property, password, failures, options) {
-        const isString = Validation.stringValue(property, password, failures);
-        if (isString) {
-            const minLength = options?.minLength ?? 8;
-            if (password.length < minLength) {
-                failures.push({
-                    property,
-                    reason: "validation.minLengthRequired",
-                    properties: {
-                        minLength
-                    }
-                });
-            }
-            const maxLength = options?.maxLength ?? 128;
-            if (password.length > maxLength) {
-                failures.push({
-                    property,
-                    reason: "validation.maxLengthRequired",
-                    properties: {
-                        maxLength
-                    }
-                });
-            }
-            if (/(.)\1{2,}/.test(password)) {
-                failures.push({
-                    property,
-                    reason: "validation.repeatedCharacters"
-                });
-            }
-            // If this looks like a phrase then apply additional rules
-            const minPhraseLength = options?.minPhraseLength ?? 20;
-            if (password.length < minPhraseLength || !password.includes(" ")) {
-                if (!/[a-z]/.test(password)) {
-                    failures.push({
-                        property,
-                        reason: "validation.atLeastOneLowerCase"
-                    });
-                }
-                if (!/[A-Z]/.test(password)) {
-                    failures.push({
-                        property,
-                        reason: "validation.atLeastOneUpperCase"
-                    });
-                }
-                if (!/\d/.test(password)) {
-                    failures.push({
-                        property,
-                        reason: "validation.atLeastOneNumber"
-                    });
-                }
-                if (!/[^\dA-Za-z]/.test(password)) {
-                    failures.push({
-                        property,
-                        reason: "validation.atLeastOneSpecialChar"
-                    });
-                }
-            }
-        }
-    }
-}
-
-export { Bech32, Bip32Path, Bip39, Bip44, Blake2b, Blake3, ChaCha20Poly1305, Ed25519, HmacSha1, HmacSha256, HmacSha512, Hotp, KeyType, PasswordGenerator, PasswordValidator, Pbkdf2, PemHelper, Secp256k1, Sha1, Sha256, Sha3, Sha512, Slip0010, Totp, X25519, Zip215 };