@workos-inc/node 8.0.0-rc.5 → 8.0.0-rc.7

package/lib/common/crypto/seal.cjs

@@ -1,21 +1,21 @@
-let iron_webcrypto = require("iron-webcrypto");
+const require_index = require('../../node_modules/iron-webcrypto/index.cjs');
 
 //#region src/common/crypto/seal.ts
 const VERSION_DELIMITER = "~";
 const CURRENT_MAJOR_VERSION = 2;
-function parseSeal(seal) {
-	const [sealWithoutVersion = "", tokenVersionAsString] = seal.split(VERSION_DELIMITER);
+function parseSeal(seal$1) {
+	const [sealWithoutVersion = "", tokenVersionAsString] = seal$1.split(VERSION_DELIMITER);
 	return {
 		sealWithoutVersion,
 		tokenVersion: tokenVersionAsString == null ? null : parseInt(tokenVersionAsString, 10)
 	};
 }
 async function sealData(data, { password }) {
-	return `${await (0, iron_webcrypto.seal)(data, {
+	return `${await require_index.seal(data, {
 		id: "1",
 		secret: password
 	}, {
-		...iron_webcrypto.defaults,
+		...require_index.defaults,
 		ttl: 0,
 		encode: JSON.stringify
 	})}${VERSION_DELIMITER}${CURRENT_MAJOR_VERSION}`;
@@ -25,8 +25,8 @@ async function unsealData(encryptedData, { password }) {
 	const passwordMap = { 1: password };
 	let data;
 	try {
-		data = await (0, iron_webcrypto.unseal)(sealWithoutVersion, passwordMap, {
-			...iron_webcrypto.defaults,
+		data = await require_index.unseal(sealWithoutVersion, passwordMap, {
+			...require_index.defaults,
 			ttl: 0
 		}) ?? {};
 	} catch (error) {

package/lib/common/crypto/seal.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"seal.cjs","names":["defaults","data: unknown"],"sources":["../../../src/common/crypto/seal.ts"],"sourcesContent":["import {\n  seal as ironSeal,\n  unseal as ironUnseal,\n  defaults,\n} from 'iron-webcrypto';\n\nconst VERSION_DELIMITER = '~';\nconst CURRENT_MAJOR_VERSION = 2;\n\ninterface SealOptions {\n  password: string;\n}\n\ninterface UnsealOptions {\n  password: string;\n}\n\nfunction parseSeal(seal: string): {\n  sealWithoutVersion: string;\n  tokenVersion: number | null;\n} {\n  const [sealWithoutVersion = '', tokenVersionAsString] =\n    seal.split(VERSION_DELIMITER);\n  const tokenVersion =\n    tokenVersionAsString == null ? null : parseInt(tokenVersionAsString, 10);\n  return { sealWithoutVersion, tokenVersion };\n}\n\nexport async function sealData(\n  data: unknown,\n  { password }: SealOptions,\n): Promise<string> {\n  const passwordObj = {\n    id: '1',\n    secret: password,\n  };\n\n  const seal = await ironSeal(data, passwordObj, {\n    ...defaults,\n    ttl: 0,\n    encode: JSON.stringify,\n  });\n\n  return `${seal}${VERSION_DELIMITER}${CURRENT_MAJOR_VERSION}`;\n}\n\nexport async function unsealData<T = unknown>(\n  encryptedData: string,\n  { password }: UnsealOptions,\n): Promise<T> {\n  const { sealWithoutVersion, tokenVersion } = parseSeal(encryptedData);\n\n  const passwordMap = { 1: password };\n\n  let data: unknown;\n  try {\n    data =\n      (await ironUnseal(sealWithoutVersion, passwordMap, {\n        ...defaults,\n        ttl: 0,\n      })) ?? {};\n  } catch (error) {\n    if (\n      error instanceof Error &&\n      /^(Expired seal|Bad hmac value|Cannot find password|Incorrect number of sealed components|Wrong mac prefix)/.test(\n        error.message,\n      )\n    ) {\n      return {} as T;\n    }\n    throw error;\n  }\n\n  if (tokenVersion === 2) {\n    return data as T;\n  } else if (tokenVersion !== null) {\n    const record = data as Record<string, unknown>;\n    return (record.persistent ?? data) as T;\n  }\n\n  return data as T;\n}\n"],"mappings":";;;AAMA,MAAM,oBAAoB;AAC1B,MAAM,wBAAwB;AAU9B,SAAS,UAAU,MAGjB;CACA,MAAM,CAAC,qBAAqB,IAAI,wBAC9B,KAAK,MAAM,kBAAkB;AAG/B,QAAO;EAAE;EAAoB,cAD3B,wBAAwB,OAAO,OAAO,SAAS,sBAAsB,GAAG;EAC/B;;AAG7C,eAAsB,SACpB,MACA,EAAE,YACe;AAYjB,QAAO,GANM,+BAAe,MALR;EAClB,IAAI;EACJ,QAAQ;EACT,EAE8C;EAC7C,GAAGA;EACH,KAAK;EACL,QAAQ,KAAK;EACd,CAAC,GAEe,oBAAoB;;AAGvC,eAAsB,WACpB,eACA,EAAE,YACU;CACZ,MAAM,EAAE,oBAAoB,iBAAiB,UAAU,cAAc;CAErE,MAAM,cAAc,EAAE,GAAG,UAAU;CAEnC,IAAIC;AACJ,KAAI;AACF,SACG,iCAAiB,oBAAoB,aAAa;GACjD,GAAGD;GACH,KAAK;GACN,CAAC,IAAK,EAAE;UACJ,OAAO;AACd,MACE,iBAAiB,SACjB,6GAA6G,KAC3G,MAAM,QACP,CAED,QAAO,EAAE;AAEX,QAAM;;AAGR,KAAI,iBAAiB,EACnB,QAAO;UACE,iBAAiB,KAE1B,QADe,KACA,cAAc;AAG/B,QAAO"}
+{"version":3,"file":"seal.cjs","names":["seal","ironSeal","defaults","data: unknown","ironUnseal"],"sources":["../../../src/common/crypto/seal.ts"],"sourcesContent":["import {\n  seal as ironSeal,\n  unseal as ironUnseal,\n  defaults,\n} from 'iron-webcrypto';\n\nconst VERSION_DELIMITER = '~';\nconst CURRENT_MAJOR_VERSION = 2;\n\ninterface SealOptions {\n  password: string;\n}\n\ninterface UnsealOptions {\n  password: string;\n}\n\nfunction parseSeal(seal: string): {\n  sealWithoutVersion: string;\n  tokenVersion: number | null;\n} {\n  const [sealWithoutVersion = '', tokenVersionAsString] =\n    seal.split(VERSION_DELIMITER);\n  const tokenVersion =\n    tokenVersionAsString == null ? null : parseInt(tokenVersionAsString, 10);\n  return { sealWithoutVersion, tokenVersion };\n}\n\nexport async function sealData(\n  data: unknown,\n  { password }: SealOptions,\n): Promise<string> {\n  const passwordObj = {\n    id: '1',\n    secret: password,\n  };\n\n  const seal = await ironSeal(data, passwordObj, {\n    ...defaults,\n    ttl: 0,\n    encode: JSON.stringify,\n  });\n\n  return `${seal}${VERSION_DELIMITER}${CURRENT_MAJOR_VERSION}`;\n}\n\nexport async function unsealData<T = unknown>(\n  encryptedData: string,\n  { password }: UnsealOptions,\n): Promise<T> {\n  const { sealWithoutVersion, tokenVersion } = parseSeal(encryptedData);\n\n  const passwordMap = { 1: password };\n\n  let data: unknown;\n  try {\n    data =\n      (await ironUnseal(sealWithoutVersion, passwordMap, {\n        ...defaults,\n        ttl: 0,\n      })) ?? {};\n  } catch (error) {\n    if (\n      error instanceof Error &&\n      /^(Expired seal|Bad hmac value|Cannot find password|Incorrect number of sealed components|Wrong mac prefix)/.test(\n        error.message,\n      )\n    ) {\n      return {} as T;\n    }\n    throw error;\n  }\n\n  if (tokenVersion === 2) {\n    return data as T;\n  } else if (tokenVersion !== null) {\n    const record = data as Record<string, unknown>;\n    return (record.persistent ?? data) as T;\n  }\n\n  return data as T;\n}\n"],"mappings":";;;AAMA,MAAM,oBAAoB;AAC1B,MAAM,wBAAwB;AAU9B,SAAS,UAAU,QAGjB;CACA,MAAM,CAAC,qBAAqB,IAAI,wBAC9BA,OAAK,MAAM,kBAAkB;AAG/B,QAAO;EAAE;EAAoB,cAD3B,wBAAwB,OAAO,OAAO,SAAS,sBAAsB,GAAG;EAC/B;;AAG7C,eAAsB,SACpB,MACA,EAAE,YACe;AAYjB,QAAO,GANM,MAAMC,mBAAS,MALR;EAClB,IAAI;EACJ,QAAQ;EACT,EAE8C;EAC7C,GAAGC;EACH,KAAK;EACL,QAAQ,KAAK;EACd,CAAC,GAEe,oBAAoB;;AAGvC,eAAsB,WACpB,eACA,EAAE,YACU;CACZ,MAAM,EAAE,oBAAoB,iBAAiB,UAAU,cAAc;CAErE,MAAM,cAAc,EAAE,GAAG,UAAU;CAEnC,IAAIC;AACJ,KAAI;AACF,SACG,MAAMC,qBAAW,oBAAoB,aAAa;GACjD,GAAGF;GACH,KAAK;GACN,CAAC,IAAK,EAAE;UACJ,OAAO;AACd,MACE,iBAAiB,SACjB,6GAA6G,KAC3G,MAAM,QACP,CAED,QAAO,EAAE;AAEX,QAAM;;AAGR,KAAI,iBAAiB,EACnB,QAAO;UACE,iBAAiB,KAE1B,QADe,KACA,cAAc;AAG/B,QAAO"}

package/lib/common/crypto/seal.js

@@ -1,4 +1,4 @@
-import { defaults, seal, unseal } from "iron-webcrypto";
+import { defaults, seal, unseal } from "../../node_modules/iron-webcrypto/index.js";
 
 //#region src/common/crypto/seal.ts
 const VERSION_DELIMITER = "~";

package/lib/node_modules/iron-webcrypto/index.cjs

@@ -0,0 +1,218 @@
+const require_index = require('../uint8array-extras/index.cjs');
+
+//#region node_modules/iron-webcrypto/index.js
+function losslessJsonStringify(data) {
+	try {
+		if (isJson(data)) {
+			let stringified = JSON.stringify(data);
+			if (stringified) return stringified;
+		}
+	} catch {}
+	throw Error("Data is not JSON serializable");
+}
+function jsonParse(string) {
+	try {
+		return JSON.parse(string);
+	} catch (err) {
+		throw Error("Failed parsing sealed object JSON: " + err.message);
+	}
+}
+function isJson(val) {
+	let stack = [], seen = /* @__PURE__ */ new WeakSet(), check = (val$1) => val$1 === null || typeof val$1 == "string" || typeof val$1 == "boolean" ? !0 : typeof val$1 == "number" ? Number.isFinite(val$1) : typeof val$1 == "object" ? seen.has(val$1) ? !0 : (seen.add(val$1), stack.push(val$1), !0) : !1;
+	if (!check(val)) return !1;
+	for (; stack.length;) {
+		let obj = stack.pop();
+		if (Array.isArray(obj)) {
+			let i$1 = obj.length;
+			for (; i$1--;) if (!check(obj[i$1])) return !1;
+			continue;
+		}
+		let proto = Reflect.getPrototypeOf(obj);
+		if (proto !== null && proto !== Object.prototype) return !1;
+		let keys = Reflect.ownKeys(obj), i = keys.length;
+		for (; i--;) {
+			let key = keys[i];
+			if (typeof key != "string" || Reflect.getOwnPropertyDescriptor(obj, key)?.enumerable === !1) return !1;
+			let val$1 = obj[key];
+			if (val$1 !== void 0 && !check(val$1)) return !1;
+		}
+	}
+	return !0;
+}
+const enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = /* @__PURE__ */ (() => typeof Uint8Array.fromBase64 == "function" && typeof Uint8Array.prototype.toBase64 == "function" && typeof Uint8Array.prototype.toHex == "function")();
+function b64ToU8(str) {
+	return jsBase64Enabled ? Uint8Array.fromBase64(str, { alphabet: "base64url" }) : require_index.base64ToUint8Array(str);
+}
+function u8ToB64(arr) {
+	return arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toBase64({
+		alphabet: "base64url",
+		omitPadding: !0
+	}) : require_index.uint8ArrayToBase64(arr, { urlSafe: !0 });
+}
+function u8ToHex(arr) {
+	return arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toHex() : require_index.uint8ArrayToHex(arr);
+}
+const defaults = /* @__PURE__ */ Object.freeze({
+	encryption: /* @__PURE__ */ Object.freeze({
+		algorithm: "aes-256-cbc",
+		saltBits: 256,
+		iterations: 1,
+		minPasswordlength: 32
+	}),
+	integrity: /* @__PURE__ */ Object.freeze({
+		algorithm: "sha256",
+		saltBits: 256,
+		iterations: 1,
+		minPasswordlength: 32
+	}),
+	ttl: 0,
+	timestampSkewSec: 60,
+	localtimeOffsetMsec: 0
+});
+const algorithms = /* @__PURE__ */ Object.freeze({
+	"aes-128-ctr": /* @__PURE__ */ Object.freeze({
+		keyBits: 128,
+		ivBits: 128,
+		name: "AES-CTR"
+	}),
+	"aes-256-cbc": /* @__PURE__ */ Object.freeze({
+		keyBits: 256,
+		ivBits: 128,
+		name: "AES-CBC"
+	}),
+	sha256: /* @__PURE__ */ Object.freeze({
+		keyBits: 256,
+		ivBits: void 0,
+		name: "SHA-256"
+	})
+}), macFormatVersion = "2", macPrefix = "Fe26.2";
+function randomBits(bits) {
+	return crypto.getRandomValues(new Uint8Array(bits / 8));
+}
+async function generateKey(password, options) {
+	if (!password || !password.length) throw Error("Empty password");
+	if (!options || typeof options != "object") throw Error("Bad options");
+	let algorithm = algorithms[options.algorithm];
+	if (!algorithm) throw Error("Unknown algorithm: " + options.algorithm);
+	let isHmac = algorithm.name === "SHA-256", id = isHmac ? {
+		name: "HMAC",
+		hash: algorithm.name,
+		length: algorithm.keyBits
+	} : {
+		name: algorithm.name,
+		length: algorithm.keyBits
+	}, usages = isHmac ? ["sign", "verify"] : ["encrypt", "decrypt"], iv = options.iv || (algorithm.ivBits ? randomBits(algorithm.ivBits) : void 0);
+	if (typeof password == "string") {
+		if (password.length < options.minPasswordlength) throw Error("Password string too short (min " + options.minPasswordlength + " characters required)");
+		let salt = options.salt;
+		if (!salt) {
+			if (!options.saltBits) throw Error("Missing salt and saltBits options");
+			salt = u8ToHex(randomBits(options.saltBits));
+		}
+		let baseKey = await crypto.subtle.importKey("raw", enc.encode(password), "PBKDF2", !1, ["deriveKey"]), algorithm$1 = {
+			name: "PBKDF2",
+			salt: enc.encode(salt),
+			iterations: options.iterations,
+			hash: "SHA-1"
+		};
+		return {
+			key: await crypto.subtle.deriveKey(algorithm$1, baseKey, id, !1, usages),
+			iv,
+			salt
+		};
+	}
+	if (password.length < algorithm.keyBits / 8) throw Error("Key buffer (password) too small");
+	return {
+		key: await crypto.subtle.importKey("raw", password.slice(), id, !1, usages),
+		iv,
+		salt: ""
+	};
+}
+function getEncryptParams(algorithm, key, data) {
+	return [
+		algorithm === "aes-128-ctr" ? {
+			name: "AES-CTR",
+			counter: key.iv,
+			length: 128
+		} : {
+			name: "AES-CBC",
+			iv: key.iv
+		},
+		key.key,
+		typeof data == "string" ? enc.encode(data) : data.slice()
+	];
+}
+async function encrypt(password, options, data) {
+	let key = await generateKey(password, options), encrypted = await crypto.subtle.encrypt(...getEncryptParams(options.algorithm, key, data));
+	return {
+		encrypted: new Uint8Array(encrypted),
+		key
+	};
+}
+async function decrypt(password, options, data) {
+	let key = await generateKey(password, options), decrypted = await crypto.subtle.decrypt(...getEncryptParams(options.algorithm, key, data));
+	return dec.decode(decrypted);
+}
+async function hmacWithPassword(password, options, data) {
+	let key = await generateKey(password, options);
+	return {
+		digest: u8ToB64(await crypto.subtle.sign("HMAC", key.key, enc.encode(data))),
+		salt: key.salt
+	};
+}
+function normalizePassword(password) {
+	let normalized = typeof password == "string" || password instanceof Uint8Array ? {
+		encryption: password,
+		integrity: password
+	} : password && typeof password == "object" ? "secret" in password ? {
+		id: password.id,
+		encryption: password.secret,
+		integrity: password.secret
+	} : {
+		id: password.id,
+		encryption: password.encryption,
+		integrity: password.integrity
+	} : void 0;
+	if (!normalized || !normalized.encryption || normalized.encryption.length === 0 || !normalized.integrity || normalized.integrity.length === 0) throw Error("Empty password");
+	return normalized;
+}
+async function seal(object, password, options) {
+	let now = Date.now() + (options.localtimeOffsetMsec || 0), { id = "", encryption, integrity } = normalizePassword(password);
+	if (id && !/^\w+$/.test(id)) throw Error("Invalid password id");
+	let { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : "", macBaseString = macPrefix + "*" + id + "*" + key.salt + "*" + u8ToB64(key.iv) + "*" + u8ToB64(encrypted) + "*" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);
+	return macBaseString + "*" + mac.salt + "*" + mac.digest;
+}
+async function unseal(sealed, password, options) {
+	let now = Date.now() + (options.localtimeOffsetMsec || 0), parts = sealed.split("*");
+	if (parts.length !== 8) throw Error("Incorrect number of sealed components");
+	let [prefix, passwordId, encryptionSalt, ivB64, encryptedB64, expiration, hmacSalt, hmacDigestB64] = parts;
+	if (prefix !== macPrefix) throw Error("Wrong mac prefix");
+	if (expiration) {
+		if (!/^[1-9]\d*$/.test(expiration)) throw Error("Invalid expiration");
+		if (Number.parseInt(expiration, 10) <= now - options.timestampSkewSec * 1e3) throw Error("Expired seal");
+	}
+	let pass;
+	if (typeof password == "string" || password instanceof Uint8Array) pass = password;
+	else if (typeof password == "object" && password) {
+		let passwordIdKey = passwordId || "default";
+		if (pass = password[passwordIdKey], !pass) throw Error("Cannot find password: " + passwordIdKey);
+	}
+	pass = normalizePassword(pass);
+	let key = await generateKey(pass.integrity, {
+		...options.integrity,
+		salt: hmacSalt
+	}), macBaseString = prefix + "*" + passwordId + "*" + encryptionSalt + "*" + ivB64 + "*" + encryptedB64 + "*" + expiration;
+	if (!await crypto.subtle.verify("HMAC", key.key, b64ToU8(hmacDigestB64), enc.encode(macBaseString))) throw Error("Bad hmac value");
+	let decryptedString = await decrypt(pass.encryption, {
+		...options.encryption,
+		salt: encryptionSalt,
+		iv: b64ToU8(ivB64)
+	}, b64ToU8(encryptedB64));
+	return (options.decode || jsonParse)(decryptedString);
+}
+
+//#endregion
+exports.defaults = defaults;
+exports.seal = seal;
+exports.unseal = unseal;
+//# sourceMappingURL=index.cjs.map

package/lib/node_modules/iron-webcrypto/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","names":["base64ToUint8Array","uint8ArrayToBase64","uint8ArrayToHex"],"sources":["../../../node_modules/iron-webcrypto/index.js"],"sourcesContent":["/* @ts-self-types=\"./index.d.ts\" */\nimport { base64ToUint8Array, uint8ArrayToBase64, uint8ArrayToHex } from \"uint8array-extras\";\nfunction losslessJsonStringify(data) {\n\ttry {\n\t\tif (isJson(data)) {\n\t\t\tlet stringified = JSON.stringify(data);\n\t\t\tif (stringified) return stringified;\n\t\t}\n\t} catch {}\n\tthrow Error(\"Data is not JSON serializable\");\n}\nfunction jsonParse(string) {\n\ttry {\n\t\treturn JSON.parse(string);\n\t} catch (err) {\n\t\tthrow Error(\"Failed parsing sealed object JSON: \" + err.message);\n\t}\n}\nfunction isJson(val) {\n\tlet stack = [], seen = /* @__PURE__ */ new WeakSet(), check = (val$1) => val$1 === null || typeof val$1 == \"string\" || typeof val$1 == \"boolean\" ? !0 : typeof val$1 == \"number\" ? Number.isFinite(val$1) : typeof val$1 == \"object\" ? seen.has(val$1) ? !0 : (seen.add(val$1), stack.push(val$1), !0) : !1;\n\tif (!check(val)) return !1;\n\tfor (; stack.length;) {\n\t\tlet obj = stack.pop();\n\t\tif (Array.isArray(obj)) {\n\t\t\tlet i$1 = obj.length;\n\t\t\tfor (; i$1--;) if (!check(obj[i$1])) return !1;\n\t\t\tcontinue;\n\t\t}\n\t\tlet proto = Reflect.getPrototypeOf(obj);\n\t\tif (proto !== null && proto !== Object.prototype) return !1;\n\t\tlet keys = Reflect.ownKeys(obj), i = keys.length;\n\t\tfor (; i--;) {\n\t\t\tlet key = keys[i];\n\t\t\tif (typeof key != \"string\" || Reflect.getOwnPropertyDescriptor(obj, key)?.enumerable === !1) return !1;\n\t\t\tlet val$1 = obj[key];\n\t\t\tif (val$1 !== void 0 && !check(val$1)) return !1;\n\t\t}\n\t}\n\treturn !0;\n}\nconst enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = /* @__PURE__ */ (() => typeof Uint8Array.fromBase64 == \"function\" && typeof Uint8Array.prototype.toBase64 == \"function\" && typeof Uint8Array.prototype.toHex == \"function\")();\nfunction b64ToU8(str) {\n\treturn jsBase64Enabled ? Uint8Array.fromBase64(str, { alphabet: \"base64url\" }) : base64ToUint8Array(str);\n}\nfunction u8ToB64(arr) {\n\treturn arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toBase64({\n\t\talphabet: \"base64url\",\n\t\tomitPadding: !0\n\t}) : uint8ArrayToBase64(arr, { urlSafe: !0 });\n}\nfunction u8ToHex(arr) {\n\treturn arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toHex() : uint8ArrayToHex(arr);\n}\nconst defaults = /* @__PURE__ */ Object.freeze({\n\tencryption: /* @__PURE__ */ Object.freeze({\n\t\talgorithm: \"aes-256-cbc\",\n\t\tsaltBits: 256,\n\t\titerations: 1,\n\t\tminPasswordlength: 32\n\t}),\n\tintegrity: /* @__PURE__ */ Object.freeze({\n\t\talgorithm: \"sha256\",\n\t\tsaltBits: 256,\n\t\titerations: 1,\n\t\tminPasswordlength: 32\n\t}),\n\tttl: 0,\n\ttimestampSkewSec: 60,\n\tlocaltimeOffsetMsec: 0\n});\nfunction clone(options) {\n\treturn {\n\t\t...options,\n\t\tencryption: { ...options.encryption },\n\t\tintegrity: { ...options.integrity }\n\t};\n}\nconst algorithms = /* @__PURE__ */ Object.freeze({\n\t\"aes-128-ctr\": /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 128,\n\t\tivBits: 128,\n\t\tname: \"AES-CTR\"\n\t}),\n\t\"aes-256-cbc\": /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 256,\n\t\tivBits: 128,\n\t\tname: \"AES-CBC\"\n\t}),\n\tsha256: /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 256,\n\t\tivBits: void 0,\n\t\tname: \"SHA-256\"\n\t})\n}), macFormatVersion = \"2\", macPrefix = \"Fe26.2\";\nfunction randomBits(bits) {\n\treturn crypto.getRandomValues(new Uint8Array(bits / 8));\n}\nasync function generateKey(password, options) {\n\tif (!password || !password.length) throw Error(\"Empty password\");\n\tif (!options || typeof options != \"object\") throw Error(\"Bad options\");\n\tlet algorithm = algorithms[options.algorithm];\n\tif (!algorithm) throw Error(\"Unknown algorithm: \" + options.algorithm);\n\tlet isHmac = algorithm.name === \"SHA-256\", id = isHmac ? {\n\t\tname: \"HMAC\",\n\t\thash: algorithm.name,\n\t\tlength: algorithm.keyBits\n\t} : {\n\t\tname: algorithm.name,\n\t\tlength: algorithm.keyBits\n\t}, usages = isHmac ? [\"sign\", \"verify\"] : [\"encrypt\", \"decrypt\"], iv = options.iv || (algorithm.ivBits ? randomBits(algorithm.ivBits) : void 0);\n\tif (typeof password == \"string\") {\n\t\tif (password.length < options.minPasswordlength) throw Error(\"Password string too short (min \" + options.minPasswordlength + \" characters required)\");\n\t\tlet salt = options.salt;\n\t\tif (!salt) {\n\t\t\tif (!options.saltBits) throw Error(\"Missing salt and saltBits options\");\n\t\t\tsalt = u8ToHex(randomBits(options.saltBits));\n\t\t}\n\t\tlet baseKey = await crypto.subtle.importKey(\"raw\", enc.encode(password), \"PBKDF2\", !1, [\"deriveKey\"]), algorithm$1 = {\n\t\t\tname: \"PBKDF2\",\n\t\t\tsalt: enc.encode(salt),\n\t\t\titerations: options.iterations,\n\t\t\thash: \"SHA-1\"\n\t\t};\n\t\treturn {\n\t\t\tkey: await crypto.subtle.deriveKey(algorithm$1, baseKey, id, !1, usages),\n\t\t\tiv,\n\t\t\tsalt\n\t\t};\n\t}\n\tif (password.length < algorithm.keyBits / 8) throw Error(\"Key buffer (password) too small\");\n\treturn {\n\t\tkey: await crypto.subtle.importKey(\"raw\", password.slice(), id, !1, usages),\n\t\tiv,\n\t\tsalt: \"\"\n\t};\n}\nfunction getEncryptParams(algorithm, key, data) {\n\treturn [\n\t\talgorithm === \"aes-128-ctr\" ? {\n\t\t\tname: \"AES-CTR\",\n\t\t\tcounter: key.iv,\n\t\t\tlength: 128\n\t\t} : {\n\t\t\tname: \"AES-CBC\",\n\t\t\tiv: key.iv\n\t\t},\n\t\tkey.key,\n\t\ttypeof data == \"string\" ? enc.encode(data) : data.slice()\n\t];\n}\nasync function encrypt(password, options, data) {\n\tlet key = await generateKey(password, options), encrypted = await crypto.subtle.encrypt(...getEncryptParams(options.algorithm, key, data));\n\treturn {\n\t\tencrypted: new Uint8Array(encrypted),\n\t\tkey\n\t};\n}\nasync function decrypt(password, options, data) {\n\tlet key = await generateKey(password, options), decrypted = await crypto.subtle.decrypt(...getEncryptParams(options.algorithm, key, data));\n\treturn dec.decode(decrypted);\n}\nasync function hmacWithPassword(password, options, data) {\n\tlet key = await generateKey(password, options);\n\treturn {\n\t\tdigest: u8ToB64(await crypto.subtle.sign(\"HMAC\", key.key, enc.encode(data))),\n\t\tsalt: key.salt\n\t};\n}\nfunction normalizePassword(password) {\n\tlet normalized = typeof password == \"string\" || password instanceof Uint8Array ? {\n\t\tencryption: password,\n\t\tintegrity: password\n\t} : password && typeof password == \"object\" ? \"secret\" in password ? {\n\t\tid: password.id,\n\t\tencryption: password.secret,\n\t\tintegrity: password.secret\n\t} : {\n\t\tid: password.id,\n\t\tencryption: password.encryption,\n\t\tintegrity: password.integrity\n\t} : void 0;\n\tif (!normalized || !normalized.encryption || normalized.encryption.length === 0 || !normalized.integrity || normalized.integrity.length === 0) throw Error(\"Empty password\");\n\treturn normalized;\n}\nasync function seal(object, password, options) {\n\tlet now = Date.now() + (options.localtimeOffsetMsec || 0), { id = \"\", encryption, integrity } = normalizePassword(password);\n\tif (id && !/^\\w+$/.test(id)) throw Error(\"Invalid password id\");\n\tlet { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : \"\", macBaseString = macPrefix + \"*\" + id + \"*\" + key.salt + \"*\" + u8ToB64(key.iv) + \"*\" + u8ToB64(encrypted) + \"*\" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);\n\treturn macBaseString + \"*\" + mac.salt + \"*\" + mac.digest;\n}\nasync function unseal(sealed, password, options) {\n\tlet now = Date.now() + (options.localtimeOffsetMsec || 0), parts = sealed.split(\"*\");\n\tif (parts.length !== 8) throw Error(\"Incorrect number of sealed components\");\n\tlet [prefix, passwordId, encryptionSalt, ivB64, encryptedB64, expiration, hmacSalt, hmacDigestB64] = parts;\n\tif (prefix !== macPrefix) throw Error(\"Wrong mac prefix\");\n\tif (expiration) {\n\t\tif (!/^[1-9]\\d*$/.test(expiration)) throw Error(\"Invalid expiration\");\n\t\tif (Number.parseInt(expiration, 10) <= now - options.timestampSkewSec * 1e3) throw Error(\"Expired seal\");\n\t}\n\tlet pass;\n\tif (typeof password == \"string\" || password instanceof Uint8Array) pass = password;\n\telse if (typeof password == \"object\" && password) {\n\t\tlet passwordIdKey = passwordId || \"default\";\n\t\tif (pass = password[passwordIdKey], !pass) throw Error(\"Cannot find password: \" + passwordIdKey);\n\t}\n\tpass = normalizePassword(pass);\n\tlet key = await generateKey(pass.integrity, {\n\t\t...options.integrity,\n\t\tsalt: hmacSalt\n\t}), macBaseString = prefix + \"*\" + passwordId + \"*\" + encryptionSalt + \"*\" + ivB64 + \"*\" + encryptedB64 + \"*\" + expiration;\n\tif (!await crypto.subtle.verify(\"HMAC\", key.key, b64ToU8(hmacDigestB64), enc.encode(macBaseString))) throw Error(\"Bad hmac value\");\n\tlet decryptedString = await decrypt(pass.encryption, {\n\t\t...options.encryption,\n\t\tsalt: encryptionSalt,\n\t\tiv: b64ToU8(ivB64)\n\t}, b64ToU8(encryptedB64));\n\treturn (options.decode || jsonParse)(decryptedString);\n}\nexport { algorithms, clone, decrypt, defaults, encrypt, generateKey, hmacWithPassword, macFormatVersion, macPrefix, randomBits, seal, unseal };\n"],"x_google_ignoreList":[0],"mappings":";;;AAEA,SAAS,sBAAsB,MAAM;AACpC,KAAI;AACH,MAAI,OAAO,KAAK,EAAE;GACjB,IAAI,cAAc,KAAK,UAAU,KAAK;AACtC,OAAI,YAAa,QAAO;;SAElB;AACR,OAAM,MAAM,gCAAgC;;AAE7C,SAAS,UAAU,QAAQ;AAC1B,KAAI;AACH,SAAO,KAAK,MAAM,OAAO;UACjB,KAAK;AACb,QAAM,MAAM,wCAAwC,IAAI,QAAQ;;;AAGlE,SAAS,OAAO,KAAK;CACpB,IAAI,QAAQ,EAAE,EAAE,uBAAuB,IAAI,SAAS,EAAE,SAAS,UAAU,UAAU,QAAQ,OAAO,SAAS,YAAY,OAAO,SAAS,YAAY,CAAC,IAAI,OAAO,SAAS,WAAW,OAAO,SAAS,MAAM,GAAG,OAAO,SAAS,WAAW,KAAK,IAAI,MAAM,GAAG,CAAC,KAAK,KAAK,IAAI,MAAM,EAAE,MAAM,KAAK,MAAM,EAAE,CAAC,KAAK,CAAC;AAC1S,KAAI,CAAC,MAAM,IAAI,CAAE,QAAO,CAAC;AACzB,QAAO,MAAM,SAAS;EACrB,IAAI,MAAM,MAAM,KAAK;AACrB,MAAI,MAAM,QAAQ,IAAI,EAAE;GACvB,IAAI,MAAM,IAAI;AACd,UAAO,OAAQ,KAAI,CAAC,MAAM,IAAI,KAAK,CAAE,QAAO,CAAC;AAC7C;;EAED,IAAI,QAAQ,QAAQ,eAAe,IAAI;AACvC,MAAI,UAAU,QAAQ,UAAU,OAAO,UAAW,QAAO,CAAC;EAC1D,IAAI,OAAO,QAAQ,QAAQ,IAAI,EAAE,IAAI,KAAK;AAC1C,SAAO,MAAM;GACZ,IAAI,MAAM,KAAK;AACf,OAAI,OAAO,OAAO,YAAY,QAAQ,yBAAyB,KAAK,IAAI,EAAE,eAAe,CAAC,EAAG,QAAO,CAAC;GACrG,IAAI,QAAQ,IAAI;AAChB,OAAI,UAAU,KAAK,KAAK,CAAC,MAAM,MAAM,CAAE,QAAO,CAAC;;;AAGjD,QAAO,CAAC;;AAET,MAAM,sBAAsB,IAAI,aAAa,EAAE,sBAAsB,IAAI,aAAa,EAAE,kBAAkC,uBAAO,OAAO,WAAW,cAAc,cAAc,OAAO,WAAW,UAAU,YAAY,cAAc,OAAO,WAAW,UAAU,SAAS,aAAa;AACvR,SAAS,QAAQ,KAAK;AACrB,QAAO,kBAAkB,WAAW,WAAW,KAAK,EAAE,UAAU,aAAa,CAAC,GAAGA,iCAAmB,IAAI;;AAEzG,SAAS,QAAQ,KAAK;AACrB,QAAO,MAAM,eAAe,cAAc,IAAI,WAAW,IAAI,GAAG,KAAK,kBAAkB,IAAI,SAAS;EACnG,UAAU;EACV,aAAa,CAAC;EACd,CAAC,GAAGC,iCAAmB,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC;;AAE9C,SAAS,QAAQ,KAAK;AACrB,QAAO,MAAM,eAAe,cAAc,IAAI,WAAW,IAAI,GAAG,KAAK,kBAAkB,IAAI,OAAO,GAAGC,8BAAgB,IAAI;;AAE1H,MAAM,WAA2B,uBAAO,OAAO;CAC9C,YAA4B,uBAAO,OAAO;EACzC,WAAW;EACX,UAAU;EACV,YAAY;EACZ,mBAAmB;EACnB,CAAC;CACF,WAA2B,uBAAO,OAAO;EACxC,WAAW;EACX,UAAU;EACV,YAAY;EACZ,mBAAmB;EACnB,CAAC;CACF,KAAK;CACL,kBAAkB;CAClB,qBAAqB;CACrB,CAAC;AAQF,MAAM,aAA6B,uBAAO,OAAO;CAChD,eAA+B,uBAAO,OAAO;EAC5C,SAAS;EACT,QAAQ;EACR,MAAM;EACN,CAAC;CACF,eAA+B,uBAAO,OAAO;EAC5C,SAAS;EACT,QAAQ;EACR,MAAM;EACN,CAAC;CACF,QAAwB,uBAAO,OAAO;EACrC,SAAS;EACT,QAAQ,KAAK;EACb,MAAM;EACN,CAAC;CACF,CAAC,EAAE,mBAAmB,KAAK,YAAY;AACxC,SAAS,WAAW,MAAM;AACzB,QAAO,OAAO,gBAAgB,IAAI,WAAW,OAAO,EAAE,CAAC;;AAExD,eAAe,YAAY,UAAU,SAAS;AAC7C,KAAI,CAAC,YAAY,CAAC,SAAS,OAAQ,OAAM,MAAM,iBAAiB;AAChE,KAAI,CAAC,WAAW,OAAO,WAAW,SAAU,OAAM,MAAM,cAAc;CACtE,IAAI,YAAY,WAAW,QAAQ;AACnC,KAAI,CAAC,UAAW,OAAM,MAAM,wBAAwB,QAAQ,UAAU;CACtE,IAAI,SAAS,UAAU,SAAS,WAAW,KAAK,SAAS;EACxD,MAAM;EACN,MAAM,UAAU;EAChB,QAAQ,UAAU;EAClB,GAAG;EACH,MAAM,UAAU;EAChB,QAAQ,UAAU;EAClB,EAAE,SAAS,SAAS,CAAC,QAAQ,SAAS,GAAG,CAAC,WAAW,UAAU,EAAE,KAAK,QAAQ,OAAO,UAAU,SAAS,WAAW,UAAU,OAAO,GAAG,KAAK;AAC7I,KAAI,OAAO,YAAY,UAAU;AAChC,MAAI,SAAS,SAAS,QAAQ,kBAAmB,OAAM,MAAM,oCAAoC,QAAQ,oBAAoB,wBAAwB;EACrJ,IAAI,OAAO,QAAQ;AACnB,MAAI,CAAC,MAAM;AACV,OAAI,CAAC,QAAQ,SAAU,OAAM,MAAM,oCAAoC;AACvE,UAAO,QAAQ,WAAW,QAAQ,SAAS,CAAC;;EAE7C,IAAI,UAAU,MAAM,OAAO,OAAO,UAAU,OAAO,IAAI,OAAO,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,cAAc;GACpH,MAAM;GACN,MAAM,IAAI,OAAO,KAAK;GACtB,YAAY,QAAQ;GACpB,MAAM;GACN;AACD,SAAO;GACN,KAAK,MAAM,OAAO,OAAO,UAAU,aAAa,SAAS,IAAI,CAAC,GAAG,OAAO;GACxE;GACA;GACA;;AAEF,KAAI,SAAS,SAAS,UAAU,UAAU,EAAG,OAAM,MAAM,kCAAkC;AAC3F,QAAO;EACN,KAAK,MAAM,OAAO,OAAO,UAAU,OAAO,SAAS,OAAO,EAAE,IAAI,CAAC,GAAG,OAAO;EAC3E;EACA,MAAM;EACN;;AAEF,SAAS,iBAAiB,WAAW,KAAK,MAAM;AAC/C,QAAO;EACN,cAAc,gBAAgB;GAC7B,MAAM;GACN,SAAS,IAAI;GACb,QAAQ;GACR,GAAG;GACH,MAAM;GACN,IAAI,IAAI;GACR;EACD,IAAI;EACJ,OAAO,QAAQ,WAAW,IAAI,OAAO,KAAK,GAAG,KAAK,OAAO;EACzD;;AAEF,eAAe,QAAQ,UAAU,SAAS,MAAM;CAC/C,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ,EAAE,YAAY,MAAM,OAAO,OAAO,QAAQ,GAAG,iBAAiB,QAAQ,WAAW,KAAK,KAAK,CAAC;AAC1I,QAAO;EACN,WAAW,IAAI,WAAW,UAAU;EACpC;EACA;;AAEF,eAAe,QAAQ,UAAU,SAAS,MAAM;CAC/C,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ,EAAE,YAAY,MAAM,OAAO,OAAO,QAAQ,GAAG,iBAAiB,QAAQ,WAAW,KAAK,KAAK,CAAC;AAC1I,QAAO,IAAI,OAAO,UAAU;;AAE7B,eAAe,iBAAiB,UAAU,SAAS,MAAM;CACxD,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ;AAC9C,QAAO;EACN,QAAQ,QAAQ,MAAM,OAAO,OAAO,KAAK,QAAQ,IAAI,KAAK,IAAI,OAAO,KAAK,CAAC,CAAC;EAC5E,MAAM,IAAI;EACV;;AAEF,SAAS,kBAAkB,UAAU;CACpC,IAAI,aAAa,OAAO,YAAY,YAAY,oBAAoB,aAAa;EAChF,YAAY;EACZ,WAAW;EACX,GAAG,YAAY,OAAO,YAAY,WAAW,YAAY,WAAW;EACpE,IAAI,SAAS;EACb,YAAY,SAAS;EACrB,WAAW,SAAS;EACpB,GAAG;EACH,IAAI,SAAS;EACb,YAAY,SAAS;EACrB,WAAW,SAAS;EACpB,GAAG,KAAK;AACT,KAAI,CAAC,cAAc,CAAC,WAAW,cAAc,WAAW,WAAW,WAAW,KAAK,CAAC,WAAW,aAAa,WAAW,UAAU,WAAW,EAAG,OAAM,MAAM,iBAAiB;AAC5K,QAAO;;AAER,eAAe,KAAK,QAAQ,UAAU,SAAS;CAC9C,IAAI,MAAM,KAAK,KAAK,IAAI,QAAQ,uBAAuB,IAAI,EAAE,KAAK,IAAI,YAAY,cAAc,kBAAkB,SAAS;AAC3H,KAAI,MAAM,CAAC,QAAQ,KAAK,GAAG,CAAE,OAAM,MAAM,sBAAsB;CAC/D,IAAI,EAAE,WAAW,QAAQ,MAAM,QAAQ,YAAY,QAAQ,aAAa,QAAQ,UAAU,uBAAuB,OAAO,CAAC,EAAE,aAAa,QAAQ,MAAM,MAAM,QAAQ,MAAM,IAAI,gBAAgB,YAAY,MAAM,KAAK,MAAM,IAAI,OAAO,MAAM,QAAQ,IAAI,GAAG,GAAG,MAAM,QAAQ,UAAU,GAAG,MAAM,YAAY,MAAM,MAAM,iBAAiB,WAAW,QAAQ,WAAW,cAAc;AACpX,QAAO,gBAAgB,MAAM,IAAI,OAAO,MAAM,IAAI;;AAEnD,eAAe,OAAO,QAAQ,UAAU,SAAS;CAChD,IAAI,MAAM,KAAK,KAAK,IAAI,QAAQ,uBAAuB,IAAI,QAAQ,OAAO,MAAM,IAAI;AACpF,KAAI,MAAM,WAAW,EAAG,OAAM,MAAM,wCAAwC;CAC5E,IAAI,CAAC,QAAQ,YAAY,gBAAgB,OAAO,cAAc,YAAY,UAAU,iBAAiB;AACrG,KAAI,WAAW,UAAW,OAAM,MAAM,mBAAmB;AACzD,KAAI,YAAY;AACf,MAAI,CAAC,aAAa,KAAK,WAAW,CAAE,OAAM,MAAM,qBAAqB;AACrE,MAAI,OAAO,SAAS,YAAY,GAAG,IAAI,MAAM,QAAQ,mBAAmB,IAAK,OAAM,MAAM,eAAe;;CAEzG,IAAI;AACJ,KAAI,OAAO,YAAY,YAAY,oBAAoB,WAAY,QAAO;UACjE,OAAO,YAAY,YAAY,UAAU;EACjD,IAAI,gBAAgB,cAAc;AAClC,MAAI,OAAO,SAAS,gBAAgB,CAAC,KAAM,OAAM,MAAM,2BAA2B,cAAc;;AAEjG,QAAO,kBAAkB,KAAK;CAC9B,IAAI,MAAM,MAAM,YAAY,KAAK,WAAW;EAC3C,GAAG,QAAQ;EACX,MAAM;EACN,CAAC,EAAE,gBAAgB,SAAS,MAAM,aAAa,MAAM,iBAAiB,MAAM,QAAQ,MAAM,eAAe,MAAM;AAChH,KAAI,CAAC,MAAM,OAAO,OAAO,OAAO,QAAQ,IAAI,KAAK,QAAQ,cAAc,EAAE,IAAI,OAAO,cAAc,CAAC,CAAE,OAAM,MAAM,iBAAiB;CAClI,IAAI,kBAAkB,MAAM,QAAQ,KAAK,YAAY;EACpD,GAAG,QAAQ;EACX,MAAM;EACN,IAAI,QAAQ,MAAM;EAClB,EAAE,QAAQ,aAAa,CAAC;AACzB,SAAQ,QAAQ,UAAU,WAAW,gBAAgB"}

package/lib/node_modules/iron-webcrypto/index.js

@@ -0,0 +1,216 @@
+import { base64ToUint8Array, uint8ArrayToBase64, uint8ArrayToHex } from "../uint8array-extras/index.js";
+
+//#region node_modules/iron-webcrypto/index.js
+function losslessJsonStringify(data) {
+	try {
+		if (isJson(data)) {
+			let stringified = JSON.stringify(data);
+			if (stringified) return stringified;
+		}
+	} catch {}
+	throw Error("Data is not JSON serializable");
+}
+function jsonParse(string) {
+	try {
+		return JSON.parse(string);
+	} catch (err) {
+		throw Error("Failed parsing sealed object JSON: " + err.message);
+	}
+}
+function isJson(val) {
+	let stack = [], seen = /* @__PURE__ */ new WeakSet(), check = (val$1) => val$1 === null || typeof val$1 == "string" || typeof val$1 == "boolean" ? !0 : typeof val$1 == "number" ? Number.isFinite(val$1) : typeof val$1 == "object" ? seen.has(val$1) ? !0 : (seen.add(val$1), stack.push(val$1), !0) : !1;
+	if (!check(val)) return !1;
+	for (; stack.length;) {
+		let obj = stack.pop();
+		if (Array.isArray(obj)) {
+			let i$1 = obj.length;
+			for (; i$1--;) if (!check(obj[i$1])) return !1;
+			continue;
+		}
+		let proto = Reflect.getPrototypeOf(obj);
+		if (proto !== null && proto !== Object.prototype) return !1;
+		let keys = Reflect.ownKeys(obj), i = keys.length;
+		for (; i--;) {
+			let key = keys[i];
+			if (typeof key != "string" || Reflect.getOwnPropertyDescriptor(obj, key)?.enumerable === !1) return !1;
+			let val$1 = obj[key];
+			if (val$1 !== void 0 && !check(val$1)) return !1;
+		}
+	}
+	return !0;
+}
+const enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = /* @__PURE__ */ (() => typeof Uint8Array.fromBase64 == "function" && typeof Uint8Array.prototype.toBase64 == "function" && typeof Uint8Array.prototype.toHex == "function")();
+function b64ToU8(str) {
+	return jsBase64Enabled ? Uint8Array.fromBase64(str, { alphabet: "base64url" }) : base64ToUint8Array(str);
+}
+function u8ToB64(arr) {
+	return arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toBase64({
+		alphabet: "base64url",
+		omitPadding: !0
+	}) : uint8ArrayToBase64(arr, { urlSafe: !0 });
+}
+function u8ToHex(arr) {
+	return arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toHex() : uint8ArrayToHex(arr);
+}
+const defaults = /* @__PURE__ */ Object.freeze({
+	encryption: /* @__PURE__ */ Object.freeze({
+		algorithm: "aes-256-cbc",
+		saltBits: 256,
+		iterations: 1,
+		minPasswordlength: 32
+	}),
+	integrity: /* @__PURE__ */ Object.freeze({
+		algorithm: "sha256",
+		saltBits: 256,
+		iterations: 1,
+		minPasswordlength: 32
+	}),
+	ttl: 0,
+	timestampSkewSec: 60,
+	localtimeOffsetMsec: 0
+});
+const algorithms = /* @__PURE__ */ Object.freeze({
+	"aes-128-ctr": /* @__PURE__ */ Object.freeze({
+		keyBits: 128,
+		ivBits: 128,
+		name: "AES-CTR"
+	}),
+	"aes-256-cbc": /* @__PURE__ */ Object.freeze({
+		keyBits: 256,
+		ivBits: 128,
+		name: "AES-CBC"
+	}),
+	sha256: /* @__PURE__ */ Object.freeze({
+		keyBits: 256,
+		ivBits: void 0,
+		name: "SHA-256"
+	})
+}), macFormatVersion = "2", macPrefix = "Fe26.2";
+function randomBits(bits) {
+	return crypto.getRandomValues(new Uint8Array(bits / 8));
+}
+async function generateKey(password, options) {
+	if (!password || !password.length) throw Error("Empty password");
+	if (!options || typeof options != "object") throw Error("Bad options");
+	let algorithm = algorithms[options.algorithm];
+	if (!algorithm) throw Error("Unknown algorithm: " + options.algorithm);
+	let isHmac = algorithm.name === "SHA-256", id = isHmac ? {
+		name: "HMAC",
+		hash: algorithm.name,
+		length: algorithm.keyBits
+	} : {
+		name: algorithm.name,
+		length: algorithm.keyBits
+	}, usages = isHmac ? ["sign", "verify"] : ["encrypt", "decrypt"], iv = options.iv || (algorithm.ivBits ? randomBits(algorithm.ivBits) : void 0);
+	if (typeof password == "string") {
+		if (password.length < options.minPasswordlength) throw Error("Password string too short (min " + options.minPasswordlength + " characters required)");
+		let salt = options.salt;
+		if (!salt) {
+			if (!options.saltBits) throw Error("Missing salt and saltBits options");
+			salt = u8ToHex(randomBits(options.saltBits));
+		}
+		let baseKey = await crypto.subtle.importKey("raw", enc.encode(password), "PBKDF2", !1, ["deriveKey"]), algorithm$1 = {
+			name: "PBKDF2",
+			salt: enc.encode(salt),
+			iterations: options.iterations,
+			hash: "SHA-1"
+		};
+		return {
+			key: await crypto.subtle.deriveKey(algorithm$1, baseKey, id, !1, usages),
+			iv,
+			salt
+		};
+	}
+	if (password.length < algorithm.keyBits / 8) throw Error("Key buffer (password) too small");
+	return {
+		key: await crypto.subtle.importKey("raw", password.slice(), id, !1, usages),
+		iv,
+		salt: ""
+	};
+}
+function getEncryptParams(algorithm, key, data) {
+	return [
+		algorithm === "aes-128-ctr" ? {
+			name: "AES-CTR",
+			counter: key.iv,
+			length: 128
+		} : {
+			name: "AES-CBC",
+			iv: key.iv
+		},
+		key.key,
+		typeof data == "string" ? enc.encode(data) : data.slice()
+	];
+}
+async function encrypt(password, options, data) {
+	let key = await generateKey(password, options), encrypted = await crypto.subtle.encrypt(...getEncryptParams(options.algorithm, key, data));
+	return {
+		encrypted: new Uint8Array(encrypted),
+		key
+	};
+}
+async function decrypt(password, options, data) {
+	let key = await generateKey(password, options), decrypted = await crypto.subtle.decrypt(...getEncryptParams(options.algorithm, key, data));
+	return dec.decode(decrypted);
+}
+async function hmacWithPassword(password, options, data) {
+	let key = await generateKey(password, options);
+	return {
+		digest: u8ToB64(await crypto.subtle.sign("HMAC", key.key, enc.encode(data))),
+		salt: key.salt
+	};
+}
+function normalizePassword(password) {
+	let normalized = typeof password == "string" || password instanceof Uint8Array ? {
+		encryption: password,
+		integrity: password
+	} : password && typeof password == "object" ? "secret" in password ? {
+		id: password.id,
+		encryption: password.secret,
+		integrity: password.secret
+	} : {
+		id: password.id,
+		encryption: password.encryption,
+		integrity: password.integrity
+	} : void 0;
+	if (!normalized || !normalized.encryption || normalized.encryption.length === 0 || !normalized.integrity || normalized.integrity.length === 0) throw Error("Empty password");
+	return normalized;
+}
+async function seal(object, password, options) {
+	let now = Date.now() + (options.localtimeOffsetMsec || 0), { id = "", encryption, integrity } = normalizePassword(password);
+	if (id && !/^\w+$/.test(id)) throw Error("Invalid password id");
+	let { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : "", macBaseString = macPrefix + "*" + id + "*" + key.salt + "*" + u8ToB64(key.iv) + "*" + u8ToB64(encrypted) + "*" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);
+	return macBaseString + "*" + mac.salt + "*" + mac.digest;
+}
+async function unseal(sealed, password, options) {
+	let now = Date.now() + (options.localtimeOffsetMsec || 0), parts = sealed.split("*");
+	if (parts.length !== 8) throw Error("Incorrect number of sealed components");
+	let [prefix, passwordId, encryptionSalt, ivB64, encryptedB64, expiration, hmacSalt, hmacDigestB64] = parts;
+	if (prefix !== macPrefix) throw Error("Wrong mac prefix");
+	if (expiration) {
+		if (!/^[1-9]\d*$/.test(expiration)) throw Error("Invalid expiration");
+		if (Number.parseInt(expiration, 10) <= now - options.timestampSkewSec * 1e3) throw Error("Expired seal");
+	}
+	let pass;
+	if (typeof password == "string" || password instanceof Uint8Array) pass = password;
+	else if (typeof password == "object" && password) {
+		let passwordIdKey = passwordId || "default";
+		if (pass = password[passwordIdKey], !pass) throw Error("Cannot find password: " + passwordIdKey);
+	}
+	pass = normalizePassword(pass);
+	let key = await generateKey(pass.integrity, {
+		...options.integrity,
+		salt: hmacSalt
+	}), macBaseString = prefix + "*" + passwordId + "*" + encryptionSalt + "*" + ivB64 + "*" + encryptedB64 + "*" + expiration;
+	if (!await crypto.subtle.verify("HMAC", key.key, b64ToU8(hmacDigestB64), enc.encode(macBaseString))) throw Error("Bad hmac value");
+	let decryptedString = await decrypt(pass.encryption, {
+		...options.encryption,
+		salt: encryptionSalt,
+		iv: b64ToU8(ivB64)
+	}, b64ToU8(encryptedB64));
+	return (options.decode || jsonParse)(decryptedString);
+}
+
+//#endregion
+export { defaults, seal, unseal };
+//# sourceMappingURL=index.js.map

package/lib/node_modules/iron-webcrypto/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../../node_modules/iron-webcrypto/index.js"],"sourcesContent":["/* @ts-self-types=\"./index.d.ts\" */\nimport { base64ToUint8Array, uint8ArrayToBase64, uint8ArrayToHex } from \"uint8array-extras\";\nfunction losslessJsonStringify(data) {\n\ttry {\n\t\tif (isJson(data)) {\n\t\t\tlet stringified = JSON.stringify(data);\n\t\t\tif (stringified) return stringified;\n\t\t}\n\t} catch {}\n\tthrow Error(\"Data is not JSON serializable\");\n}\nfunction jsonParse(string) {\n\ttry {\n\t\treturn JSON.parse(string);\n\t} catch (err) {\n\t\tthrow Error(\"Failed parsing sealed object JSON: \" + err.message);\n\t}\n}\nfunction isJson(val) {\n\tlet stack = [], seen = /* @__PURE__ */ new WeakSet(), check = (val$1) => val$1 === null || typeof val$1 == \"string\" || typeof val$1 == \"boolean\" ? !0 : typeof val$1 == \"number\" ? Number.isFinite(val$1) : typeof val$1 == \"object\" ? seen.has(val$1) ? !0 : (seen.add(val$1), stack.push(val$1), !0) : !1;\n\tif (!check(val)) return !1;\n\tfor (; stack.length;) {\n\t\tlet obj = stack.pop();\n\t\tif (Array.isArray(obj)) {\n\t\t\tlet i$1 = obj.length;\n\t\t\tfor (; i$1--;) if (!check(obj[i$1])) return !1;\n\t\t\tcontinue;\n\t\t}\n\t\tlet proto = Reflect.getPrototypeOf(obj);\n\t\tif (proto !== null && proto !== Object.prototype) return !1;\n\t\tlet keys = Reflect.ownKeys(obj), i = keys.length;\n\t\tfor (; i--;) {\n\t\t\tlet key = keys[i];\n\t\t\tif (typeof key != \"string\" || Reflect.getOwnPropertyDescriptor(obj, key)?.enumerable === !1) return !1;\n\t\t\tlet val$1 = obj[key];\n\t\t\tif (val$1 !== void 0 && !check(val$1)) return !1;\n\t\t}\n\t}\n\treturn !0;\n}\nconst enc = /* @__PURE__ */ new TextEncoder(), dec = /* @__PURE__ */ new TextDecoder(), jsBase64Enabled = /* @__PURE__ */ (() => typeof Uint8Array.fromBase64 == \"function\" && typeof Uint8Array.prototype.toBase64 == \"function\" && typeof Uint8Array.prototype.toHex == \"function\")();\nfunction b64ToU8(str) {\n\treturn jsBase64Enabled ? Uint8Array.fromBase64(str, { alphabet: \"base64url\" }) : base64ToUint8Array(str);\n}\nfunction u8ToB64(arr) {\n\treturn arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toBase64({\n\t\talphabet: \"base64url\",\n\t\tomitPadding: !0\n\t}) : uint8ArrayToBase64(arr, { urlSafe: !0 });\n}\nfunction u8ToHex(arr) {\n\treturn arr = arr instanceof ArrayBuffer ? new Uint8Array(arr) : arr, jsBase64Enabled ? arr.toHex() : uint8ArrayToHex(arr);\n}\nconst defaults = /* @__PURE__ */ Object.freeze({\n\tencryption: /* @__PURE__ */ Object.freeze({\n\t\talgorithm: \"aes-256-cbc\",\n\t\tsaltBits: 256,\n\t\titerations: 1,\n\t\tminPasswordlength: 32\n\t}),\n\tintegrity: /* @__PURE__ */ Object.freeze({\n\t\talgorithm: \"sha256\",\n\t\tsaltBits: 256,\n\t\titerations: 1,\n\t\tminPasswordlength: 32\n\t}),\n\tttl: 0,\n\ttimestampSkewSec: 60,\n\tlocaltimeOffsetMsec: 0\n});\nfunction clone(options) {\n\treturn {\n\t\t...options,\n\t\tencryption: { ...options.encryption },\n\t\tintegrity: { ...options.integrity }\n\t};\n}\nconst algorithms = /* @__PURE__ */ Object.freeze({\n\t\"aes-128-ctr\": /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 128,\n\t\tivBits: 128,\n\t\tname: \"AES-CTR\"\n\t}),\n\t\"aes-256-cbc\": /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 256,\n\t\tivBits: 128,\n\t\tname: \"AES-CBC\"\n\t}),\n\tsha256: /* @__PURE__ */ Object.freeze({\n\t\tkeyBits: 256,\n\t\tivBits: void 0,\n\t\tname: \"SHA-256\"\n\t})\n}), macFormatVersion = \"2\", macPrefix = \"Fe26.2\";\nfunction randomBits(bits) {\n\treturn crypto.getRandomValues(new Uint8Array(bits / 8));\n}\nasync function generateKey(password, options) {\n\tif (!password || !password.length) throw Error(\"Empty password\");\n\tif (!options || typeof options != \"object\") throw Error(\"Bad options\");\n\tlet algorithm = algorithms[options.algorithm];\n\tif (!algorithm) throw Error(\"Unknown algorithm: \" + options.algorithm);\n\tlet isHmac = algorithm.name === \"SHA-256\", id = isHmac ? {\n\t\tname: \"HMAC\",\n\t\thash: algorithm.name,\n\t\tlength: algorithm.keyBits\n\t} : {\n\t\tname: algorithm.name,\n\t\tlength: algorithm.keyBits\n\t}, usages = isHmac ? [\"sign\", \"verify\"] : [\"encrypt\", \"decrypt\"], iv = options.iv || (algorithm.ivBits ? randomBits(algorithm.ivBits) : void 0);\n\tif (typeof password == \"string\") {\n\t\tif (password.length < options.minPasswordlength) throw Error(\"Password string too short (min \" + options.minPasswordlength + \" characters required)\");\n\t\tlet salt = options.salt;\n\t\tif (!salt) {\n\t\t\tif (!options.saltBits) throw Error(\"Missing salt and saltBits options\");\n\t\t\tsalt = u8ToHex(randomBits(options.saltBits));\n\t\t}\n\t\tlet baseKey = await crypto.subtle.importKey(\"raw\", enc.encode(password), \"PBKDF2\", !1, [\"deriveKey\"]), algorithm$1 = {\n\t\t\tname: \"PBKDF2\",\n\t\t\tsalt: enc.encode(salt),\n\t\t\titerations: options.iterations,\n\t\t\thash: \"SHA-1\"\n\t\t};\n\t\treturn {\n\t\t\tkey: await crypto.subtle.deriveKey(algorithm$1, baseKey, id, !1, usages),\n\t\t\tiv,\n\t\t\tsalt\n\t\t};\n\t}\n\tif (password.length < algorithm.keyBits / 8) throw Error(\"Key buffer (password) too small\");\n\treturn {\n\t\tkey: await crypto.subtle.importKey(\"raw\", password.slice(), id, !1, usages),\n\t\tiv,\n\t\tsalt: \"\"\n\t};\n}\nfunction getEncryptParams(algorithm, key, data) {\n\treturn [\n\t\talgorithm === \"aes-128-ctr\" ? {\n\t\t\tname: \"AES-CTR\",\n\t\t\tcounter: key.iv,\n\t\t\tlength: 128\n\t\t} : {\n\t\t\tname: \"AES-CBC\",\n\t\t\tiv: key.iv\n\t\t},\n\t\tkey.key,\n\t\ttypeof data == \"string\" ? enc.encode(data) : data.slice()\n\t];\n}\nasync function encrypt(password, options, data) {\n\tlet key = await generateKey(password, options), encrypted = await crypto.subtle.encrypt(...getEncryptParams(options.algorithm, key, data));\n\treturn {\n\t\tencrypted: new Uint8Array(encrypted),\n\t\tkey\n\t};\n}\nasync function decrypt(password, options, data) {\n\tlet key = await generateKey(password, options), decrypted = await crypto.subtle.decrypt(...getEncryptParams(options.algorithm, key, data));\n\treturn dec.decode(decrypted);\n}\nasync function hmacWithPassword(password, options, data) {\n\tlet key = await generateKey(password, options);\n\treturn {\n\t\tdigest: u8ToB64(await crypto.subtle.sign(\"HMAC\", key.key, enc.encode(data))),\n\t\tsalt: key.salt\n\t};\n}\nfunction normalizePassword(password) {\n\tlet normalized = typeof password == \"string\" || password instanceof Uint8Array ? {\n\t\tencryption: password,\n\t\tintegrity: password\n\t} : password && typeof password == \"object\" ? \"secret\" in password ? {\n\t\tid: password.id,\n\t\tencryption: password.secret,\n\t\tintegrity: password.secret\n\t} : {\n\t\tid: password.id,\n\t\tencryption: password.encryption,\n\t\tintegrity: password.integrity\n\t} : void 0;\n\tif (!normalized || !normalized.encryption || normalized.encryption.length === 0 || !normalized.integrity || normalized.integrity.length === 0) throw Error(\"Empty password\");\n\treturn normalized;\n}\nasync function seal(object, password, options) {\n\tlet now = Date.now() + (options.localtimeOffsetMsec || 0), { id = \"\", encryption, integrity } = normalizePassword(password);\n\tif (id && !/^\\w+$/.test(id)) throw Error(\"Invalid password id\");\n\tlet { encrypted, key } = await encrypt(encryption, options.encryption, (options.encode || losslessJsonStringify)(object)), expiration = options.ttl ? now + options.ttl : \"\", macBaseString = macPrefix + \"*\" + id + \"*\" + key.salt + \"*\" + u8ToB64(key.iv) + \"*\" + u8ToB64(encrypted) + \"*\" + expiration, mac = await hmacWithPassword(integrity, options.integrity, macBaseString);\n\treturn macBaseString + \"*\" + mac.salt + \"*\" + mac.digest;\n}\nasync function unseal(sealed, password, options) {\n\tlet now = Date.now() + (options.localtimeOffsetMsec || 0), parts = sealed.split(\"*\");\n\tif (parts.length !== 8) throw Error(\"Incorrect number of sealed components\");\n\tlet [prefix, passwordId, encryptionSalt, ivB64, encryptedB64, expiration, hmacSalt, hmacDigestB64] = parts;\n\tif (prefix !== macPrefix) throw Error(\"Wrong mac prefix\");\n\tif (expiration) {\n\t\tif (!/^[1-9]\\d*$/.test(expiration)) throw Error(\"Invalid expiration\");\n\t\tif (Number.parseInt(expiration, 10) <= now - options.timestampSkewSec * 1e3) throw Error(\"Expired seal\");\n\t}\n\tlet pass;\n\tif (typeof password == \"string\" || password instanceof Uint8Array) pass = password;\n\telse if (typeof password == \"object\" && password) {\n\t\tlet passwordIdKey = passwordId || \"default\";\n\t\tif (pass = password[passwordIdKey], !pass) throw Error(\"Cannot find password: \" + passwordIdKey);\n\t}\n\tpass = normalizePassword(pass);\n\tlet key = await generateKey(pass.integrity, {\n\t\t...options.integrity,\n\t\tsalt: hmacSalt\n\t}), macBaseString = prefix + \"*\" + passwordId + \"*\" + encryptionSalt + \"*\" + ivB64 + \"*\" + encryptedB64 + \"*\" + expiration;\n\tif (!await crypto.subtle.verify(\"HMAC\", key.key, b64ToU8(hmacDigestB64), enc.encode(macBaseString))) throw Error(\"Bad hmac value\");\n\tlet decryptedString = await decrypt(pass.encryption, {\n\t\t...options.encryption,\n\t\tsalt: encryptionSalt,\n\t\tiv: b64ToU8(ivB64)\n\t}, b64ToU8(encryptedB64));\n\treturn (options.decode || jsonParse)(decryptedString);\n}\nexport { algorithms, clone, decrypt, defaults, encrypt, generateKey, hmacWithPassword, macFormatVersion, macPrefix, randomBits, seal, unseal };\n"],"x_google_ignoreList":[0],"mappings":";;;AAEA,SAAS,sBAAsB,MAAM;AACpC,KAAI;AACH,MAAI,OAAO,KAAK,EAAE;GACjB,IAAI,cAAc,KAAK,UAAU,KAAK;AACtC,OAAI,YAAa,QAAO;;SAElB;AACR,OAAM,MAAM,gCAAgC;;AAE7C,SAAS,UAAU,QAAQ;AAC1B,KAAI;AACH,SAAO,KAAK,MAAM,OAAO;UACjB,KAAK;AACb,QAAM,MAAM,wCAAwC,IAAI,QAAQ;;;AAGlE,SAAS,OAAO,KAAK;CACpB,IAAI,QAAQ,EAAE,EAAE,uBAAuB,IAAI,SAAS,EAAE,SAAS,UAAU,UAAU,QAAQ,OAAO,SAAS,YAAY,OAAO,SAAS,YAAY,CAAC,IAAI,OAAO,SAAS,WAAW,OAAO,SAAS,MAAM,GAAG,OAAO,SAAS,WAAW,KAAK,IAAI,MAAM,GAAG,CAAC,KAAK,KAAK,IAAI,MAAM,EAAE,MAAM,KAAK,MAAM,EAAE,CAAC,KAAK,CAAC;AAC1S,KAAI,CAAC,MAAM,IAAI,CAAE,QAAO,CAAC;AACzB,QAAO,MAAM,SAAS;EACrB,IAAI,MAAM,MAAM,KAAK;AACrB,MAAI,MAAM,QAAQ,IAAI,EAAE;GACvB,IAAI,MAAM,IAAI;AACd,UAAO,OAAQ,KAAI,CAAC,MAAM,IAAI,KAAK,CAAE,QAAO,CAAC;AAC7C;;EAED,IAAI,QAAQ,QAAQ,eAAe,IAAI;AACvC,MAAI,UAAU,QAAQ,UAAU,OAAO,UAAW,QAAO,CAAC;EAC1D,IAAI,OAAO,QAAQ,QAAQ,IAAI,EAAE,IAAI,KAAK;AAC1C,SAAO,MAAM;GACZ,IAAI,MAAM,KAAK;AACf,OAAI,OAAO,OAAO,YAAY,QAAQ,yBAAyB,KAAK,IAAI,EAAE,eAAe,CAAC,EAAG,QAAO,CAAC;GACrG,IAAI,QAAQ,IAAI;AAChB,OAAI,UAAU,KAAK,KAAK,CAAC,MAAM,MAAM,CAAE,QAAO,CAAC;;;AAGjD,QAAO,CAAC;;AAET,MAAM,sBAAsB,IAAI,aAAa,EAAE,sBAAsB,IAAI,aAAa,EAAE,kBAAkC,uBAAO,OAAO,WAAW,cAAc,cAAc,OAAO,WAAW,UAAU,YAAY,cAAc,OAAO,WAAW,UAAU,SAAS,aAAa;AACvR,SAAS,QAAQ,KAAK;AACrB,QAAO,kBAAkB,WAAW,WAAW,KAAK,EAAE,UAAU,aAAa,CAAC,GAAG,mBAAmB,IAAI;;AAEzG,SAAS,QAAQ,KAAK;AACrB,QAAO,MAAM,eAAe,cAAc,IAAI,WAAW,IAAI,GAAG,KAAK,kBAAkB,IAAI,SAAS;EACnG,UAAU;EACV,aAAa,CAAC;EACd,CAAC,GAAG,mBAAmB,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC;;AAE9C,SAAS,QAAQ,KAAK;AACrB,QAAO,MAAM,eAAe,cAAc,IAAI,WAAW,IAAI,GAAG,KAAK,kBAAkB,IAAI,OAAO,GAAG,gBAAgB,IAAI;;AAE1H,MAAM,WAA2B,uBAAO,OAAO;CAC9C,YAA4B,uBAAO,OAAO;EACzC,WAAW;EACX,UAAU;EACV,YAAY;EACZ,mBAAmB;EACnB,CAAC;CACF,WAA2B,uBAAO,OAAO;EACxC,WAAW;EACX,UAAU;EACV,YAAY;EACZ,mBAAmB;EACnB,CAAC;CACF,KAAK;CACL,kBAAkB;CAClB,qBAAqB;CACrB,CAAC;AAQF,MAAM,aAA6B,uBAAO,OAAO;CAChD,eAA+B,uBAAO,OAAO;EAC5C,SAAS;EACT,QAAQ;EACR,MAAM;EACN,CAAC;CACF,eAA+B,uBAAO,OAAO;EAC5C,SAAS;EACT,QAAQ;EACR,MAAM;EACN,CAAC;CACF,QAAwB,uBAAO,OAAO;EACrC,SAAS;EACT,QAAQ,KAAK;EACb,MAAM;EACN,CAAC;CACF,CAAC,EAAE,mBAAmB,KAAK,YAAY;AACxC,SAAS,WAAW,MAAM;AACzB,QAAO,OAAO,gBAAgB,IAAI,WAAW,OAAO,EAAE,CAAC;;AAExD,eAAe,YAAY,UAAU,SAAS;AAC7C,KAAI,CAAC,YAAY,CAAC,SAAS,OAAQ,OAAM,MAAM,iBAAiB;AAChE,KAAI,CAAC,WAAW,OAAO,WAAW,SAAU,OAAM,MAAM,cAAc;CACtE,IAAI,YAAY,WAAW,QAAQ;AACnC,KAAI,CAAC,UAAW,OAAM,MAAM,wBAAwB,QAAQ,UAAU;CACtE,IAAI,SAAS,UAAU,SAAS,WAAW,KAAK,SAAS;EACxD,MAAM;EACN,MAAM,UAAU;EAChB,QAAQ,UAAU;EAClB,GAAG;EACH,MAAM,UAAU;EAChB,QAAQ,UAAU;EAClB,EAAE,SAAS,SAAS,CAAC,QAAQ,SAAS,GAAG,CAAC,WAAW,UAAU,EAAE,KAAK,QAAQ,OAAO,UAAU,SAAS,WAAW,UAAU,OAAO,GAAG,KAAK;AAC7I,KAAI,OAAO,YAAY,UAAU;AAChC,MAAI,SAAS,SAAS,QAAQ,kBAAmB,OAAM,MAAM,oCAAoC,QAAQ,oBAAoB,wBAAwB;EACrJ,IAAI,OAAO,QAAQ;AACnB,MAAI,CAAC,MAAM;AACV,OAAI,CAAC,QAAQ,SAAU,OAAM,MAAM,oCAAoC;AACvE,UAAO,QAAQ,WAAW,QAAQ,SAAS,CAAC;;EAE7C,IAAI,UAAU,MAAM,OAAO,OAAO,UAAU,OAAO,IAAI,OAAO,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,cAAc;GACpH,MAAM;GACN,MAAM,IAAI,OAAO,KAAK;GACtB,YAAY,QAAQ;GACpB,MAAM;GACN;AACD,SAAO;GACN,KAAK,MAAM,OAAO,OAAO,UAAU,aAAa,SAAS,IAAI,CAAC,GAAG,OAAO;GACxE;GACA;GACA;;AAEF,KAAI,SAAS,SAAS,UAAU,UAAU,EAAG,OAAM,MAAM,kCAAkC;AAC3F,QAAO;EACN,KAAK,MAAM,OAAO,OAAO,UAAU,OAAO,SAAS,OAAO,EAAE,IAAI,CAAC,GAAG,OAAO;EAC3E;EACA,MAAM;EACN;;AAEF,SAAS,iBAAiB,WAAW,KAAK,MAAM;AAC/C,QAAO;EACN,cAAc,gBAAgB;GAC7B,MAAM;GACN,SAAS,IAAI;GACb,QAAQ;GACR,GAAG;GACH,MAAM;GACN,IAAI,IAAI;GACR;EACD,IAAI;EACJ,OAAO,QAAQ,WAAW,IAAI,OAAO,KAAK,GAAG,KAAK,OAAO;EACzD;;AAEF,eAAe,QAAQ,UAAU,SAAS,MAAM;CAC/C,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ,EAAE,YAAY,MAAM,OAAO,OAAO,QAAQ,GAAG,iBAAiB,QAAQ,WAAW,KAAK,KAAK,CAAC;AAC1I,QAAO;EACN,WAAW,IAAI,WAAW,UAAU;EACpC;EACA;;AAEF,eAAe,QAAQ,UAAU,SAAS,MAAM;CAC/C,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ,EAAE,YAAY,MAAM,OAAO,OAAO,QAAQ,GAAG,iBAAiB,QAAQ,WAAW,KAAK,KAAK,CAAC;AAC1I,QAAO,IAAI,OAAO,UAAU;;AAE7B,eAAe,iBAAiB,UAAU,SAAS,MAAM;CACxD,IAAI,MAAM,MAAM,YAAY,UAAU,QAAQ;AAC9C,QAAO;EACN,QAAQ,QAAQ,MAAM,OAAO,OAAO,KAAK,QAAQ,IAAI,KAAK,IAAI,OAAO,KAAK,CAAC,CAAC;EAC5E,MAAM,IAAI;EACV;;AAEF,SAAS,kBAAkB,UAAU;CACpC,IAAI,aAAa,OAAO,YAAY,YAAY,oBAAoB,aAAa;EAChF,YAAY;EACZ,WAAW;EACX,GAAG,YAAY,OAAO,YAAY,WAAW,YAAY,WAAW;EACpE,IAAI,SAAS;EACb,YAAY,SAAS;EACrB,WAAW,SAAS;EACpB,GAAG;EACH,IAAI,SAAS;EACb,YAAY,SAAS;EACrB,WAAW,SAAS;EACpB,GAAG,KAAK;AACT,KAAI,CAAC,cAAc,CAAC,WAAW,cAAc,WAAW,WAAW,WAAW,KAAK,CAAC,WAAW,aAAa,WAAW,UAAU,WAAW,EAAG,OAAM,MAAM,iBAAiB;AAC5K,QAAO;;AAER,eAAe,KAAK,QAAQ,UAAU,SAAS;CAC9C,IAAI,MAAM,KAAK,KAAK,IAAI,QAAQ,uBAAuB,IAAI,EAAE,KAAK,IAAI,YAAY,cAAc,kBAAkB,SAAS;AAC3H,KAAI,MAAM,CAAC,QAAQ,KAAK,GAAG,CAAE,OAAM,MAAM,sBAAsB;CAC/D,IAAI,EAAE,WAAW,QAAQ,MAAM,QAAQ,YAAY,QAAQ,aAAa,QAAQ,UAAU,uBAAuB,OAAO,CAAC,EAAE,aAAa,QAAQ,MAAM,MAAM,QAAQ,MAAM,IAAI,gBAAgB,YAAY,MAAM,KAAK,MAAM,IAAI,OAAO,MAAM,QAAQ,IAAI,GAAG,GAAG,MAAM,QAAQ,UAAU,GAAG,MAAM,YAAY,MAAM,MAAM,iBAAiB,WAAW,QAAQ,WAAW,cAAc;AACpX,QAAO,gBAAgB,MAAM,IAAI,OAAO,MAAM,IAAI;;AAEnD,eAAe,OAAO,QAAQ,UAAU,SAAS;CAChD,IAAI,MAAM,KAAK,KAAK,IAAI,QAAQ,uBAAuB,IAAI,QAAQ,OAAO,MAAM,IAAI;AACpF,KAAI,MAAM,WAAW,EAAG,OAAM,MAAM,wCAAwC;CAC5E,IAAI,CAAC,QAAQ,YAAY,gBAAgB,OAAO,cAAc,YAAY,UAAU,iBAAiB;AACrG,KAAI,WAAW,UAAW,OAAM,MAAM,mBAAmB;AACzD,KAAI,YAAY;AACf,MAAI,CAAC,aAAa,KAAK,WAAW,CAAE,OAAM,MAAM,qBAAqB;AACrE,MAAI,OAAO,SAAS,YAAY,GAAG,IAAI,MAAM,QAAQ,mBAAmB,IAAK,OAAM,MAAM,eAAe;;CAEzG,IAAI;AACJ,KAAI,OAAO,YAAY,YAAY,oBAAoB,WAAY,QAAO;UACjE,OAAO,YAAY,YAAY,UAAU;EACjD,IAAI,gBAAgB,cAAc;AAClC,MAAI,OAAO,SAAS,gBAAgB,CAAC,KAAM,OAAM,MAAM,2BAA2B,cAAc;;AAEjG,QAAO,kBAAkB,KAAK;CAC9B,IAAI,MAAM,MAAM,YAAY,KAAK,WAAW;EAC3C,GAAG,QAAQ;EACX,MAAM;EACN,CAAC,EAAE,gBAAgB,SAAS,MAAM,aAAa,MAAM,iBAAiB,MAAM,QAAQ,MAAM,eAAe,MAAM;AAChH,KAAI,CAAC,MAAM,OAAO,OAAO,OAAO,QAAQ,IAAI,KAAK,QAAQ,cAAc,EAAE,IAAI,OAAO,cAAc,CAAC,CAAE,OAAM,MAAM,iBAAiB;CAClI,IAAI,kBAAkB,MAAM,QAAQ,KAAK,YAAY;EACpD,GAAG,QAAQ;EACX,MAAM;EACN,IAAI,QAAQ,MAAM;EAClB,EAAE,QAAQ,aAAa,CAAC;AACzB,SAAQ,QAAQ,UAAU,WAAW,gBAAgB"}

package/lib/node_modules/uint8array-extras/index.cjs

@@ -0,0 +1,55 @@
+
+//#region node_modules/uint8array-extras/index.js
+const objectToString = Object.prototype.toString;
+const uint8ArrayStringified = "[object Uint8Array]";
+function isType(value, typeConstructor, typeStringified) {
+	if (!value) return false;
+	if (value.constructor === typeConstructor) return true;
+	return objectToString.call(value) === typeStringified;
+}
+function isUint8Array(value) {
+	return isType(value, Uint8Array, uint8ArrayStringified);
+}
+function assertUint8Array(value) {
+	if (!isUint8Array(value)) throw new TypeError(`Expected \`Uint8Array\`, got \`${typeof value}\``);
+}
+const cachedDecoders = { utf8: new globalThis.TextDecoder("utf8") };
+function assertString(value) {
+	if (typeof value !== "string") throw new TypeError(`Expected \`string\`, got \`${typeof value}\``);
+}
+const cachedEncoder = new globalThis.TextEncoder();
+function base64ToBase64Url(base64) {
+	return base64.replaceAll("+", "-").replaceAll("/", "_").replace(/=+$/, "");
+}
+function base64UrlToBase64(base64url) {
+	const base64 = base64url.replaceAll("-", "+").replaceAll("_", "/");
+	const padding = (4 - base64.length % 4) % 4;
+	return base64 + "=".repeat(padding);
+}
+const MAX_BLOCK_SIZE = 65535;
+function uint8ArrayToBase64(array, { urlSafe = false } = {}) {
+	assertUint8Array(array);
+	let base64 = "";
+	for (let index = 0; index < array.length; index += MAX_BLOCK_SIZE) {
+		const chunk = array.subarray(index, index + MAX_BLOCK_SIZE);
+		base64 += globalThis.btoa(String.fromCodePoint.apply(void 0, chunk));
+	}
+	return urlSafe ? base64ToBase64Url(base64) : base64;
+}
+function base64ToUint8Array(base64String) {
+	assertString(base64String);
+	return Uint8Array.from(globalThis.atob(base64UrlToBase64(base64String)), (x) => x.codePointAt(0));
+}
+const byteToHexLookupTable = Array.from({ length: 256 }, (_, index) => index.toString(16).padStart(2, "0"));
+function uint8ArrayToHex(array) {
+	assertUint8Array(array);
+	let hexString = "";
+	for (let index = 0; index < array.length; index++) hexString += byteToHexLookupTable[array[index]];
+	return hexString;
+}
+
+//#endregion
+exports.base64ToUint8Array = base64ToUint8Array;
+exports.uint8ArrayToBase64 = uint8ArrayToBase64;
+exports.uint8ArrayToHex = uint8ArrayToHex;
+//# sourceMappingURL=index.cjs.map

package/lib/node_modules/uint8array-extras/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","names":[],"sources":["../../../node_modules/uint8array-extras/index.js"],"sourcesContent":["const objectToString = Object.prototype.toString;\nconst uint8ArrayStringified = '[object Uint8Array]';\nconst arrayBufferStringified = '[object ArrayBuffer]';\n\nfunction isType(value, typeConstructor, typeStringified) {\n\tif (!value) {\n\t\treturn false;\n\t}\n\n\tif (value.constructor === typeConstructor) {\n\t\treturn true;\n\t}\n\n\treturn objectToString.call(value) === typeStringified;\n}\n\nexport function isUint8Array(value) {\n\treturn isType(value, Uint8Array, uint8ArrayStringified);\n}\n\nfunction isArrayBuffer(value) {\n\treturn isType(value, ArrayBuffer, arrayBufferStringified);\n}\n\nfunction isUint8ArrayOrArrayBuffer(value) {\n\treturn isUint8Array(value) || isArrayBuffer(value);\n}\n\nexport function assertUint8Array(value) {\n\tif (!isUint8Array(value)) {\n\t\tthrow new TypeError(`Expected \\`Uint8Array\\`, got \\`${typeof value}\\``);\n\t}\n}\n\nexport function assertUint8ArrayOrArrayBuffer(value) {\n\tif (!isUint8ArrayOrArrayBuffer(value)) {\n\t\tthrow new TypeError(`Expected \\`Uint8Array\\` or \\`ArrayBuffer\\`, got \\`${typeof value}\\``);\n\t}\n}\n\nexport function toUint8Array(value) {\n\tif (value instanceof ArrayBuffer) {\n\t\treturn new Uint8Array(value);\n\t}\n\n\tif (ArrayBuffer.isView(value)) {\n\t\treturn new Uint8Array(value.buffer, value.byteOffset, value.byteLength);\n\t}\n\n\tthrow new TypeError(`Unsupported value, got \\`${typeof value}\\`.`);\n}\n\nexport function concatUint8Arrays(arrays, totalLength) {\n\tif (arrays.length === 0) {\n\t\treturn new Uint8Array(0);\n\t}\n\n\ttotalLength ??= arrays.reduce((accumulator, currentValue) => accumulator + currentValue.length, 0);\n\n\tconst returnValue = new Uint8Array(totalLength);\n\n\tlet offset = 0;\n\tfor (const array of arrays) {\n\t\tassertUint8Array(array);\n\t\treturnValue.set(array, offset);\n\t\toffset += array.length;\n\t}\n\n\treturn returnValue;\n}\n\nexport function areUint8ArraysEqual(a, b) {\n\tassertUint8Array(a);\n\tassertUint8Array(b);\n\n\tif (a === b) {\n\t\treturn true;\n\t}\n\n\tif (a.length !== b.length) {\n\t\treturn false;\n\t}\n\n\t// eslint-disable-next-line unicorn/no-for-loop\n\tfor (let index = 0; index < a.length; index++) {\n\t\tif (a[index] !== b[index]) {\n\t\t\treturn false;\n\t\t}\n\t}\n\n\treturn true;\n}\n\nexport function compareUint8Arrays(a, b) {\n\tassertUint8Array(a);\n\tassertUint8Array(b);\n\n\tconst length = Math.min(a.length, b.length);\n\n\tfor (let index = 0; index < length; index++) {\n\t\tconst diff = a[index] - b[index];\n\t\tif (diff !== 0) {\n\t\t\treturn Math.sign(diff);\n\t\t}\n\t}\n\n\t// At this point, all the compared elements are equal.\n\t// The shorter array should come first if the arrays are of different lengths.\n\treturn Math.sign(a.length - b.length);\n}\n\nconst cachedDecoders = {\n\tutf8: new globalThis.TextDecoder('utf8'),\n};\n\nexport function uint8ArrayToString(array, encoding = 'utf8') {\n\tassertUint8ArrayOrArrayBuffer(array);\n\tcachedDecoders[encoding] ??= new globalThis.TextDecoder(encoding);\n\treturn cachedDecoders[encoding].decode(array);\n}\n\nfunction assertString(value) {\n\tif (typeof value !== 'string') {\n\t\tthrow new TypeError(`Expected \\`string\\`, got \\`${typeof value}\\``);\n\t}\n}\n\nconst cachedEncoder = new globalThis.TextEncoder();\n\nexport function stringToUint8Array(string) {\n\tassertString(string);\n\treturn cachedEncoder.encode(string);\n}\n\nfunction base64ToBase64Url(base64) {\n\treturn base64.replaceAll('+', '-').replaceAll('/', '_').replace(/=+$/, '');\n}\n\nfunction base64UrlToBase64(base64url) {\n\tconst base64 = base64url.replaceAll('-', '+').replaceAll('_', '/');\n\tconst padding = (4 - (base64.length % 4)) % 4;\n\treturn base64 + '='.repeat(padding);\n}\n\n// Reference: https://phuoc.ng/collection/this-vs-that/concat-vs-push/\n// Important: Keep this value divisible by 3 so intermediate chunks produce no Base64 padding.\nconst MAX_BLOCK_SIZE = 65_535;\n\nexport function uint8ArrayToBase64(array, {urlSafe = false} = {}) {\n\tassertUint8Array(array);\n\n\tlet base64 = '';\n\n\tfor (let index = 0; index < array.length; index += MAX_BLOCK_SIZE) {\n\t\tconst chunk = array.subarray(index, index + MAX_BLOCK_SIZE);\n\t\t// Required as `btoa` and `atob` don't properly support Unicode: https://developer.mozilla.org/en-US/docs/Glossary/Base64#the_unicode_problem\n\t\tbase64 += globalThis.btoa(String.fromCodePoint.apply(undefined, chunk));\n\t}\n\n\treturn urlSafe ? base64ToBase64Url(base64) : base64;\n}\n\nexport function base64ToUint8Array(base64String) {\n\tassertString(base64String);\n\treturn Uint8Array.from(globalThis.atob(base64UrlToBase64(base64String)), x => x.codePointAt(0));\n}\n\nexport function stringToBase64(string, {urlSafe = false} = {}) {\n\tassertString(string);\n\treturn uint8ArrayToBase64(stringToUint8Array(string), {urlSafe});\n}\n\nexport function base64ToString(base64String) {\n\tassertString(base64String);\n\treturn uint8ArrayToString(base64ToUint8Array(base64String));\n}\n\nconst byteToHexLookupTable = Array.from({length: 256}, (_, index) => index.toString(16).padStart(2, '0'));\n\nexport function uint8ArrayToHex(array) {\n\tassertUint8Array(array);\n\n\t// Concatenating a string is faster than using an array.\n\tlet hexString = '';\n\n\t// eslint-disable-next-line unicorn/no-for-loop -- Max performance is critical.\n\tfor (let index = 0; index < array.length; index++) {\n\t\thexString += byteToHexLookupTable[array[index]];\n\t}\n\n\treturn hexString;\n}\n\nconst hexToDecimalLookupTable = {\n\t0: 0,\n\t1: 1,\n\t2: 2,\n\t3: 3,\n\t4: 4,\n\t5: 5,\n\t6: 6,\n\t7: 7,\n\t8: 8,\n\t9: 9,\n\ta: 10,\n\tb: 11,\n\tc: 12,\n\td: 13,\n\te: 14,\n\tf: 15,\n\tA: 10,\n\tB: 11,\n\tC: 12,\n\tD: 13,\n\tE: 14,\n\tF: 15,\n};\n\nexport function hexToUint8Array(hexString) {\n\tassertString(hexString);\n\n\tif (hexString.length % 2 !== 0) {\n\t\tthrow new Error('Invalid Hex string length.');\n\t}\n\n\tconst resultLength = hexString.length / 2;\n\tconst bytes = new Uint8Array(resultLength);\n\n\tfor (let index = 0; index < resultLength; index++) {\n\t\tconst highNibble = hexToDecimalLookupTable[hexString[index * 2]];\n\t\tconst lowNibble = hexToDecimalLookupTable[hexString[(index * 2) + 1]];\n\n\t\tif (highNibble === undefined || lowNibble === undefined) {\n\t\t\tthrow new Error(`Invalid Hex character encountered at position ${index * 2}`);\n\t\t}\n\n\t\tbytes[index] = (highNibble << 4) | lowNibble; // eslint-disable-line no-bitwise\n\t}\n\n\treturn bytes;\n}\n\n/**\n@param {DataView} view\n@returns {number}\n*/\nexport function getUintBE(view) {\n\tconst {byteLength} = view;\n\n\tif (byteLength === 6) {\n\t\treturn (view.getUint16(0) * (2 ** 32)) + view.getUint32(2);\n\t}\n\n\tif (byteLength === 5) {\n\t\treturn (view.getUint8(0) * (2 ** 32)) + view.getUint32(1);\n\t}\n\n\tif (byteLength === 4) {\n\t\treturn view.getUint32(0);\n\t}\n\n\tif (byteLength === 3) {\n\t\treturn (view.getUint8(0) * (2 ** 16)) + view.getUint16(1);\n\t}\n\n\tif (byteLength === 2) {\n\t\treturn view.getUint16(0);\n\t}\n\n\tif (byteLength === 1) {\n\t\treturn view.getUint8(0);\n\t}\n}\n\n/**\n@param {Uint8Array} array\n@param {Uint8Array} value\n@returns {number}\n*/\nexport function indexOf(array, value) {\n\tconst arrayLength = array.length;\n\tconst valueLength = value.length;\n\n\tif (valueLength === 0) {\n\t\treturn -1;\n\t}\n\n\tif (valueLength > arrayLength) {\n\t\treturn -1;\n\t}\n\n\tconst validOffsetLength = arrayLength - valueLength;\n\n\tfor (let index = 0; index <= validOffsetLength; index++) {\n\t\tlet isMatch = true;\n\t\tfor (let index2 = 0; index2 < valueLength; index2++) {\n\t\t\tif (array[index + index2] !== value[index2]) {\n\t\t\t\tisMatch = false;\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\n\t\tif (isMatch) {\n\t\t\treturn index;\n\t\t}\n\t}\n\n\treturn -1;\n}\n\n/**\n@param {Uint8Array} array\n@param {Uint8Array} value\n@returns {boolean}\n*/\nexport function includes(array, value) {\n\treturn indexOf(array, value) !== -1;\n}\n"],"x_google_ignoreList":[0],"mappings":";;AAAA,MAAM,iBAAiB,OAAO,UAAU;AACxC,MAAM,wBAAwB;AAG9B,SAAS,OAAO,OAAO,iBAAiB,iBAAiB;AACxD,KAAI,CAAC,MACJ,QAAO;AAGR,KAAI,MAAM,gBAAgB,gBACzB,QAAO;AAGR,QAAO,eAAe,KAAK,MAAM,KAAK;;AAGvC,SAAgB,aAAa,OAAO;AACnC,QAAO,OAAO,OAAO,YAAY,sBAAsB;;AAWxD,SAAgB,iBAAiB,OAAO;AACvC,KAAI,CAAC,aAAa,MAAM,CACvB,OAAM,IAAI,UAAU,kCAAkC,OAAO,MAAM,IAAI;;AAiFzE,MAAM,iBAAiB,EACtB,MAAM,IAAI,WAAW,YAAY,OAAO,EACxC;AAQD,SAAS,aAAa,OAAO;AAC5B,KAAI,OAAO,UAAU,SACpB,OAAM,IAAI,UAAU,8BAA8B,OAAO,MAAM,IAAI;;AAIrE,MAAM,gBAAgB,IAAI,WAAW,aAAa;AAOlD,SAAS,kBAAkB,QAAQ;AAClC,QAAO,OAAO,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI,CAAC,QAAQ,OAAO,GAAG;;AAG3E,SAAS,kBAAkB,WAAW;CACrC,MAAM,SAAS,UAAU,WAAW,KAAK,IAAI,CAAC,WAAW,KAAK,IAAI;CAClE,MAAM,WAAW,IAAK,OAAO,SAAS,KAAM;AAC5C,QAAO,SAAS,IAAI,OAAO,QAAQ;;AAKpC,MAAM,iBAAiB;AAEvB,SAAgB,mBAAmB,OAAO,EAAC,UAAU,UAAS,EAAE,EAAE;AACjE,kBAAiB,MAAM;CAEvB,IAAI,SAAS;AAEb,MAAK,IAAI,QAAQ,GAAG,QAAQ,MAAM,QAAQ,SAAS,gBAAgB;EAClE,MAAM,QAAQ,MAAM,SAAS,OAAO,QAAQ,eAAe;AAE3D,YAAU,WAAW,KAAK,OAAO,cAAc,MAAM,QAAW,MAAM,CAAC;;AAGxE,QAAO,UAAU,kBAAkB,OAAO,GAAG;;AAG9C,SAAgB,mBAAmB,cAAc;AAChD,cAAa,aAAa;AAC1B,QAAO,WAAW,KAAK,WAAW,KAAK,kBAAkB,aAAa,CAAC,GAAE,MAAK,EAAE,YAAY,EAAE,CAAC;;AAahG,MAAM,uBAAuB,MAAM,KAAK,EAAC,QAAQ,KAAI,GAAG,GAAG,UAAU,MAAM,SAAS,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC;AAEzG,SAAgB,gBAAgB,OAAO;AACtC,kBAAiB,MAAM;CAGvB,IAAI,YAAY;AAGhB,MAAK,IAAI,QAAQ,GAAG,QAAQ,MAAM,QAAQ,QACzC,cAAa,qBAAqB,MAAM;AAGzC,QAAO"}