rwn64 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/dist/cli.bundle.js +1181 -0
  2. package/dist/cli.d.ts +2 -0
  3. package/dist/cli.js +2 -0
  4. package/dist/cmd/denc.d.ts +2 -0
  5. package/dist/cmd/denc.js +74 -0
  6. package/dist/cmd/enc.d.ts +2 -0
  7. package/dist/cmd/enc.js +140 -0
  8. package/dist/cmd/fp.d.ts +2 -0
  9. package/dist/cmd/fp.js +30 -0
  10. package/dist/cmd/gen.d.ts +2 -0
  11. package/dist/cmd/gen.js +35 -0
  12. package/dist/cmd/history.d.ts +2 -0
  13. package/dist/cmd/history.js +21 -0
  14. package/dist/cmd/info.d.ts +2 -0
  15. package/dist/cmd/info.js +28 -0
  16. package/dist/cmd/upgrade.d.ts +1 -0
  17. package/dist/cmd/upgrade.js +42 -0
  18. package/dist/cmd/verify.d.ts +2 -0
  19. package/dist/cmd/verify.js +31 -0
  20. package/dist/index.d.ts +28 -0
  21. package/dist/index.js +27 -0
  22. package/dist/lib/args.d.ts +8 -0
  23. package/dist/lib/args.js +43 -0
  24. package/dist/lib/clip.d.ts +2 -0
  25. package/dist/lib/clip.js +39 -0
  26. package/dist/lib/crypto.d.ts +24 -0
  27. package/dist/lib/crypto.js +134 -0
  28. package/dist/lib/env.d.ts +13 -0
  29. package/dist/lib/env.js +42 -0
  30. package/dist/lib/errors.d.ts +1 -0
  31. package/dist/lib/errors.js +61 -0
  32. package/dist/lib/history.d.ts +9 -0
  33. package/dist/lib/history.js +35 -0
  34. package/dist/lib/password.d.ts +2 -0
  35. package/dist/lib/password.js +31 -0
  36. package/dist/lib/rc.d.ts +7 -0
  37. package/dist/lib/rc.js +45 -0
  38. package/dist/lib/ui.d.ts +17 -0
  39. package/dist/lib/ui.js +128 -0
  40. package/package.json +31 -0
package/dist/cli.bundle.js ADDED
@@ -0,0 +1,1181 @@
1
+ #!/usr/bin/env node
2
+ "use strict";
3
+ var __getOwnPropNames = Object.getOwnPropertyNames;
4
+ var __commonJS = (cb, mod) => function __require() {
5
+ return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
6
+ };
7
+
8
+ // dist/lib/errors.js
9
+ var require_errors = __commonJS({
10
+ "dist/lib/errors.js"(exports2) {
11
+ "use strict";
12
+ Object.defineProperty(exports2, "__esModule", { value: true });
13
+ exports2.installErrorHandler = installErrorHandler;
14
+ var _nc = !process.stderr.isTTY || process.env.NO_COLOR !== void 0;
15
+ var _e = _nc ? "" : "\x1B[31m";
16
+ var _c = _nc ? "" : "\x1B[36m";
17
+ var _d = _nc ? "" : "\x1B[2m";
18
+ var _r = _nc ? "" : "\x1B[0m";
19
+ var _DEFS = [
20
+ {
21
+ match: (m) => m.includes("rwn64:") && (m.includes("$") || m.includes("expanded")),
22
+ message: "token contains unescaped shell characters",
23
+ fix: "use single quotes: rwn64 denc 'rwn64:v2:...' -sw password",
24
+ exit: 2
25
+ },
26
+ {
27
+ match: (m, c) => c === "EACCES" || m.includes("permission denied"),
28
+ message: "permission denied",
29
+ fix: "check file permissions",
30
+ exit: 2
31
+ },
32
+ {
33
+ match: (m, c) => c === "ENOMEM" || m.includes("out of memory") || m.includes("heap"),
34
+ message: "out of memory",
35
+ fix: "input may be too large. try: NODE_OPTIONS=--max-old-space-size=512 rwn64 ...",
36
+ exit: 2
37
+ },
38
+ {
39
+ match: (m) => m.includes("scrypt") || m.includes("memory limit exceeded"),
40
+ message: "scrypt memory limit exceeded",
41
+ fix: "device may have limited memory. try a shorter input or restart Termux",
42
+ exit: 2
43
+ },
44
+ {
45
+ match: (m, c) => c === "MODULE_NOT_FOUND" || m.includes("cannot find module"),
46
+ message: "internal module not found",
47
+ fix: "reinstall rwn64: npm install -g rwn64",
48
+ exit: 1
49
+ },
50
+ {
51
+ match: (m, c) => c === "ERR_INVALID_ARG_TYPE" || c === "ERR_INVALID_ARG_VALUE" || m.includes("invalid argument"),
52
+ message: "invalid argument",
53
+ fix: "run rwn64 -h to see correct usage",
54
+ exit: 1
55
+ },
56
+ {
57
+ match: (m, c) => c === "ENOENT" || m.includes("no such file"),
58
+ message: "file not found",
59
+ fix: "check that the file path is correct",
60
+ exit: 2
61
+ }
62
+ ];
63
+ function _fmt(msg, fix) {
64
+ return `
65
+ ${_e}error${_r} ${msg}
66
+ ${_d}fix${_r} ${_c}${fix}${_r}
67
+ `;
68
+ }
69
+ function _handle(err) {
70
+ const msg = (err.message ?? "").toLowerCase();
71
+ const code = err.code ?? "";
72
+ for (const d of _DEFS) {
73
+ if (d.match(msg, code)) {
74
+ process.stderr.write(_fmt(d.message, d.fix));
75
+ process.exit(d.exit);
76
+ }
77
+ }
78
+ return false;
79
+ }
80
+ function _unknown(msg) {
81
+ process.stderr.write(`
82
+ ${_e}error${_r} unexpected error
83
+ ${_d}fix${_r} ${_c}run rwn64 -h for usage${_r}
84
+ ${_d} ${msg}${_r}
85
+ `);
86
+ process.exit(1);
87
+ }
88
+ function installErrorHandler() {
89
+ process.on("uncaughtException", (err) => {
90
+ if (!_handle(err))
91
+ _unknown(err.message ?? String(err));
92
+ });
93
+ process.on("unhandledRejection", (reason) => {
94
+ const err = reason instanceof Error ? reason : new Error(String(reason));
95
+ if (!_handle(err))
96
+ _unknown(err.message);
97
+ });
98
+ process.on("warning", () => {
99
+ });
100
+ const _orig = process.emit.bind(process);
101
+ process.emit = (ev, ...a) => ev === "warning" ? false : _orig(ev, ...a);
102
+ }
103
+ }
104
+ });
105
+
106
+ // dist/lib/args.js
107
+ var require_args = __commonJS({
108
+ "dist/lib/args.js"(exports2) {
109
+ "use strict";
110
+ Object.defineProperty(exports2, "__esModule", { value: true });
111
+ exports2.parseArgs = parseArgs;
112
+ exports2.getFlag = getFlag;
113
+ exports2.hasFlag = hasFlag;
114
+ function parseArgs(argv) {
115
+ const flags = {};
116
+ const positional = [];
117
+ let i = 0;
118
+ const cmd = argv[0] ?? "";
119
+ i = 1;
120
+ while (i < argv.length) {
121
+ const a = argv[i];
122
+ if (a.startsWith("-")) {
123
+ const key = a.replace(/^-+/, "");
124
+ const next = argv[i + 1];
125
+ if (next && !next.startsWith("-")) {
126
+ flags[key] = next;
127
+ i += 2;
128
+ } else {
129
+ flags[key] = true;
130
+ i++;
131
+ }
132
+ } else {
133
+ positional.push(a);
134
+ i++;
135
+ }
136
+ }
137
+ return { cmd, positional, flags };
138
+ }
139
+ function getFlag(flags, ...keys) {
140
+ for (const k of keys) {
141
+ const v = flags[k];
142
+ if (typeof v === "string")
143
+ return v;
144
+ }
145
+ return void 0;
146
+ }
147
+ function hasFlag(flags, ...keys) {
148
+ return keys.some((k) => k in flags);
149
+ }
150
+ }
151
+ });
152
+
153
+ // dist/lib/env.js
154
+ var require_env = __commonJS({
155
+ "dist/lib/env.js"(exports2) {
156
+ "use strict";
157
+ Object.defineProperty(exports2, "__esModule", { value: true });
158
+ exports2.env = void 0;
159
+ function _detect() {
160
+ if (process.env.TERMUX_VERSION !== void 0 || (process.env.PREFIX ?? "").includes("com.termux") || (process.env.HOME ?? "").includes("com.termux"))
161
+ return "termux";
162
+ if (process.platform === "darwin")
163
+ return "macos";
164
+ if (process.platform === "linux")
165
+ return "linux";
166
+ return "unknown";
167
+ }
168
+ function _cols() {
169
+ try {
170
+ return process.stdout.columns || 80;
171
+ } catch {
172
+ return 80;
173
+ }
174
+ }
175
+ function _rows() {
176
+ try {
177
+ return process.stdout.rows || 24;
178
+ } catch {
179
+ return 24;
180
+ }
181
+ }
182
+ var _type = _detect();
183
+ exports2.env = {
184
+ type: _type,
185
+ isTermux: _type === "termux",
186
+ isLinux: _type === "linux",
187
+ isMacOS: _type === "macos",
188
+ hasTTY: !!process.stdin.isTTY,
189
+ hasRawMode: typeof process.stdin.setRawMode === "function",
190
+ hasColor: process.env.NO_COLOR === void 0 && !!process.stderr.isTTY,
191
+ cols: _cols(),
192
+ rows: _rows()
193
+ };
194
+ }
195
+ });
196
+
197
+ // dist/lib/ui.js
198
+ var require_ui = __commonJS({
199
+ "dist/lib/ui.js"(exports2) {
200
+ "use strict";
201
+ Object.defineProperty(exports2, "__esModule", { value: true });
202
+ exports2.BIN = exports2.PKG = exports2.VERSION = void 0;
203
+ exports2.data = data;
204
+ exports2.err = err;
205
+ exports2.warn = warn;
206
+ exports2.box = box;
207
+ exports2.token = token;
208
+ exports2.ms = ms;
209
+ exports2.section = section;
210
+ exports2.usage = usage;
211
+ exports2.row = row;
212
+ var env_1 = require_env();
213
+ var _NC = !env_1.env.hasColor;
214
+ var _c = _NC ? {
215
+ r: "",
216
+ d: "",
217
+ b: "",
218
+ g: "",
219
+ y: "",
220
+ c: "",
221
+ e: "",
222
+ w: "",
223
+ dim: "",
224
+ hi: ""
225
+ } : {
226
+ r: "\x1B[0m",
227
+ d: "\x1B[2m",
228
+ b: "\x1B[1m",
229
+ g: "\x1B[32m",
230
+ y: "\x1B[33m",
231
+ c: "\x1B[36m",
232
+ e: "\x1B[31m",
233
+ w: "\x1B[37m",
234
+ dim: "\x1B[38;5;245m",
235
+ hi: "\x1B[38;5;252m"
236
+ };
237
+ exports2.VERSION = "1.0.0";
238
+ exports2.PKG = "rwn64";
239
+ exports2.BIN = "rwn64";
240
+ var _BOX = { tl: "\u250C", tr: "\u2510", bl: "\u2514", br: "\u2518", h: "\u2500", v: "\u2502" };
241
+ function _ui(s) {
242
+ process.stderr.write(s);
243
+ }
244
+ function data(s) {
245
+ process.stdout.write(s + "\n");
246
+ }
247
+ function err(msg, code = 1) {
248
+ _ui(`
249
+ ${_c.e}error${_c.r} ${msg}
250
+ `);
251
+ process.exit(code);
252
+ }
253
+ function warn(msg) {
254
+ _ui(`${_c.y}warn${_c.r} ${msg}
255
+ `);
256
+ }
257
+ function _visLen(s) {
258
+ return s.replace(/\x1b\[[0-9;]*m/g, "").length;
259
+ }
260
+ function _boxLine(inner, width) {
261
+ const pad = Math.max(0, width - _visLen(inner) - 2);
262
+ return `${_c.dim}${_BOX.v}${_c.r} ${inner}${" ".repeat(pad)} ${_c.dim}${_BOX.v}${_c.r}
263
+ `;
264
+ }
265
+ function _hline(width, l, r) {
266
+ return `${_c.dim}${l}${_BOX.h.repeat(width - 2)}${r}${_c.r}
267
+ `;
268
+ }
269
+ function box(rows) {
270
+ const lw = Math.max(...rows.map((r) => r.label.length));
271
+ const lines = rows.map((r) => {
272
+ const pad = " ".repeat(lw - r.label.length + 1);
273
+ const vc = r.valueColor ?? _c.hi;
274
+ return `${_c.dim}${r.label}${_c.r}${pad}${vc}${r.value}${_c.r}`;
275
+ });
276
+ const width = Math.max(...lines.map(_visLen)) + 4;
277
+ _ui(_hline(width, _BOX.tl, _BOX.tr));
278
+ for (const l of lines)
279
+ _ui(_boxLine(l, width));
280
+ _ui(_hline(width, _BOX.bl, _BOX.br));
281
+ }
282
+ function token(t) {
283
+ _ui(`
284
+ ${_c.hi}${t}${_c.r}
285
+
286
+ `);
287
+ }
288
+ function ms(elapsed) {
289
+ _ui(`${_c.dim}done in ${elapsed}ms${_c.r}
290
+ `);
291
+ }
292
+ function section(title) {
293
+ _ui(`
294
+ ${_c.w}${title}${_c.r}
295
+
296
+ `);
297
+ }
298
+ function usage() {
299
+ _ui(`
300
+ ${_c.b}${_c.c}${exports2.PKG}${_c.r} ${_c.dim}v${exports2.VERSION}${_c.r} ChaCha20-Poly1305 / AES-256-GCM
301
+
302
+ `);
303
+ const c = (s) => ` ${_c.c}${s}${_c.r}`;
304
+ const lines = [
305
+ `${_c.w}commands${_c.r}`,
306
+ ``,
307
+ c(`${exports2.BIN} enc <text|@file> -sw <password>`) + " encrypt",
308
+ c(`${exports2.BIN} denc <token> -sw <password>`) + " decrypt",
309
+ c(`${exports2.BIN} verify <token> -sw <password>`) + " verify token integrity",
310
+ c(`${exports2.BIN} fp <text> -sw <secret> `) + " HMAC fingerprint",
311
+ c(`${exports2.BIN} gen [bytes] `) + " generate secure password",
312
+ c(`${exports2.BIN} info <token> `) + " inspect token metadata",
313
+ c(`${exports2.BIN} history `) + " show session history",
314
+ c(`${exports2.BIN} upgrade (or -u) `) + " check for updates",
315
+ ``,
316
+ `${_c.w}flags${_c.r}`,
317
+ ``,
318
+ ` ${_c.c}-sw <password>${_c.r} password source`,
319
+ ` ${_c.c}--expires <time>${_c.r} token expiry (30s, 5m, 2h, 7d)`,
320
+ ` ${_c.c}--clip${_c.r} copy result to clipboard`,
321
+ ` ${_c.c}--out <file>${_c.r} (denc) save output to file`,
322
+ ` ${_c.c}--no-color${_c.r} disable ANSI colors`,
323
+ ` ${_c.c}-v, --version${_c.r} print version`,
324
+ ` ${_c.c}-h, --help${_c.r} show this help`,
325
+ ``,
326
+ `${_c.w}password sources${_c.r}`,
327
+ ``,
328
+ ` -sw mypassword inline`,
329
+ ` -sw @~/.rwn64key read from file (recommended)`,
330
+ ` -sw env:RWN64_KEY read from env variable`,
331
+ ``,
332
+ `${_c.w}.rwn64rc${_c.r}`,
333
+ ``,
334
+ ` password = env:RWN64_KEY`,
335
+ ` bytes = 32`,
336
+ ` maxSize = 20`,
337
+ ` clip = false`,
338
+ ``,
339
+ `${_c.w}examples${_c.r}`,
340
+ ``,
341
+ ` rwn64 enc 'my secret' -sw mypassword`,
342
+ ` rwn64 enc 'expires in 1 hour' -sw mypassword --expires 1h`,
343
+ ` rwn64 enc @notes.txt -sw mypassword`,
344
+ ` rwn64 denc 'rwn64:v2:...' -sw mypassword`,
345
+ ` rwn64 denc 'rwn64:v2:...' -sw mypassword --out result.txt`,
346
+ ` TOKEN=$(rwn64 enc 'text' -sw pass)`,
347
+ ` rwn64 denc "$TOKEN" -sw pass`,
348
+ ``
349
+ ];
350
+ _ui(lines.join("\n") + "\n");
351
+ }
352
+ function row(label, value, color = _c.hi) {
353
+ const pad = " ".repeat(Math.max(1, 10 - label.length));
354
+ _ui(`${_c.dim}${label}${_c.r}${pad}${color}${value}${_c.r}
355
+ `);
356
+ }
357
+ }
358
+ });
359
+
360
+ // dist/lib/crypto.js
361
+ var require_crypto = __commonJS({
362
+ "dist/lib/crypto.js"(exports2) {
363
+ "use strict";
364
+ Object.defineProperty(exports2, "__esModule", { value: true });
365
+ exports2.VERSION = exports2.TOKEN_PREFIX = void 0;
366
+ exports2.encrypt = encrypt;
367
+ exports2.decrypt = decrypt;
368
+ exports2.verify = verify;
369
+ exports2.hmacFingerprint = hmacFingerprint;
370
+ exports2.inspectToken = inspectToken;
371
+ exports2.generatePassword = generatePassword;
372
+ exports2.parseExpiry = parseExpiry;
373
+ var crypto_1 = require("crypto");
374
+ var _PFX_V1 = "rwn64:v1:";
375
+ var _PFX_V2 = "rwn64:v2:";
376
+ var _ALG_V1 = "aes-256-gcm";
377
+ var _ALG_V2 = "chacha20-poly1305";
378
+ var _SL = 16;
379
+ var _NL = 12;
380
+ var _TL = 16;
381
+ var _KL = 32;
382
+ var _SCRYPT = { N: 16384, r: 8, p: 1 };
383
+ exports2.TOKEN_PREFIX = _PFX_V2;
384
+ exports2.VERSION = "v2";
385
+ function _kdf(pass, salt) {
386
+ const buf = Buffer.from(pass, "utf8");
387
+ const key = (0, crypto_1.scryptSync)(buf, salt, _KL, _SCRYPT);
388
+ buf.fill(0);
389
+ return key;
390
+ }
391
+ function _encExp(ms) {
392
+ const b = Buffer.allocUnsafe(8);
393
+ b.writeUInt32BE(Math.floor(ms / 4294967296), 0);
394
+ b.writeUInt32BE(ms >>> 0, 4);
395
+ return b;
396
+ }
397
+ function _decExp(b) {
398
+ return b.readUInt32BE(0) * 4294967296 + b.readUInt32BE(4);
399
+ }
400
+ function encrypt(plaintext, password, opts = {}) {
401
+ const salt = (0, crypto_1.randomBytes)(_SL);
402
+ const nonce = (0, crypto_1.randomBytes)(_NL);
403
+ const key = _kdf(password, salt);
404
+ const hasx = opts.expiresMs !== void 0;
405
+ const meta = Buffer.alloc(1);
406
+ meta[0] = hasx ? 1 : 0;
407
+ const inner = Buffer.concat([meta, hasx ? _encExp(opts.expiresMs) : Buffer.alloc(0), Buffer.from(plaintext, "utf8")]);
408
+ const ciph = (0, crypto_1.createCipheriv)(_ALG_V2, key, nonce, { authTagLength: _TL });
409
+ const body = Buffer.concat([ciph.update(inner), ciph.final()]);
410
+ const tag = ciph.getAuthTag();
411
+ return _PFX_V2 + Buffer.concat([salt, nonce, tag, body]).toString("base64url");
412
+ }
413
+ function decrypt(token, password) {
414
+ let pfx;
415
+ let alg;
416
+ let ver;
417
+ if (token.startsWith(_PFX_V2)) {
418
+ pfx = _PFX_V2;
419
+ alg = _ALG_V2;
420
+ ver = 2;
421
+ } else if (token.startsWith(_PFX_V1)) {
422
+ pfx = _PFX_V1;
423
+ alg = _ALG_V1;
424
+ ver = 1;
425
+ } else
426
+ throw Object.assign(new Error("invalid token format"), { code: "ERR_FORMAT" });
427
+ const payload = Buffer.from(token.slice(pfx.length), "base64url");
428
+ if (payload.length < _SL + _NL + _TL + 2)
429
+ throw Object.assign(new Error("token is too short or malformed"), { code: "ERR_MALFORMED" });
430
+ const salt = payload.subarray(0, _SL);
431
+ const nonce = payload.subarray(_SL, _SL + _NL);
432
+ const tag = payload.subarray(_SL + _NL, _SL + _NL + _TL);
433
+ const body = payload.subarray(_SL + _NL + _TL);
434
+ const key = _kdf(password, salt);
435
+ const dc = (0, crypto_1.createDecipheriv)(alg, key, nonce, ver === 2 ? { authTagLength: _TL } : void 0);
436
+ dc.setAuthTag(tag);
437
+ let inner;
438
+ try {
439
+ inner = Buffer.concat([dc.update(body), dc.final()]);
440
+ } catch {
441
+ throw Object.assign(new Error("wrong password or corrupted token"), { code: "ERR_AUTH" });
442
+ }
443
+ const hasx = inner[0] === 1;
444
+ if (hasx) {
445
+ const expMs = _decExp(inner.subarray(1, 9));
446
+ const expDate = new Date(expMs);
447
+ if (Date.now() > expMs)
448
+ throw Object.assign(new Error(`token expired at ${expDate.toISOString()}`), { code: "ERR_EXPIRED", expiredAt: expDate });
449
+ return { plaintext: inner.subarray(9).toString("utf8"), expiresAt: expDate, tokenVersion: ver };
450
+ }
451
+ return { plaintext: inner.subarray(1).toString("utf8"), tokenVersion: ver };
452
+ }
453
+ function verify(token, password) {
454
+ try {
455
+ decrypt(token, password);
456
+ return true;
457
+ } catch {
458
+ return false;
459
+ }
460
+ }
461
+ function hmacFingerprint(input, secret) {
462
+ return (0, crypto_1.createHmac)("sha256", secret).update(input).digest("hex").slice(0, 16);
463
+ }
464
+ function inspectToken(token) {
465
+ let pfx;
466
+ let algo;
467
+ let ver;
468
+ if (token.startsWith(_PFX_V2)) {
469
+ pfx = _PFX_V2;
470
+ algo = "ChaCha20-Poly1305";
471
+ ver = 2;
472
+ } else if (token.startsWith(_PFX_V1)) {
473
+ pfx = _PFX_V1;
474
+ algo = "AES-256-GCM";
475
+ ver = 1;
476
+ } else
477
+ throw Object.assign(new Error("invalid token format"), { code: "ERR_FORMAT" });
478
+ const payload = Buffer.from(token.slice(pfx.length), "base64url");
479
+ if (payload.length < _SL + _NL + _TL + 2)
480
+ throw Object.assign(new Error("token is too short or malformed"), { code: "ERR_MALFORMED" });
481
+ return { version: `v${ver}`, prefix: pfx, algo, saltHex: payload.subarray(0, _SL).toString("hex"), nonceHex: payload.subarray(_SL, _SL + _NL).toString("hex"), payloadBytes: payload.length };
482
+ }
483
+ function generatePassword(bytes = 24) {
484
+ return (0, crypto_1.randomBytes)(bytes).toString("base64url");
485
+ }
486
+ function parseExpiry(raw) {
487
+ const m = raw.match(/^(\d+)(s|m|h|d)$/);
488
+ if (!m)
489
+ throw new Error(`invalid expiry format: "${raw}" \u2014 use 30s, 5m, 2h, 7d`);
490
+ const u = { s: 1e3, m: 6e4, h: 36e5, d: 864e5 };
491
+ return Date.now() + parseInt(m[1], 10) * u[m[2]];
492
+ }
493
+ }
494
+ });
495
+
496
+ // dist/lib/password.js
497
+ var require_password = __commonJS({
498
+ "dist/lib/password.js"(exports2) {
499
+ "use strict";
500
+ Object.defineProperty(exports2, "__esModule", { value: true });
501
+ exports2.resolvePassword = resolvePassword;
502
+ exports2.describePasswordSource = describePasswordSource;
503
+ var fs_1 = require("fs");
504
+ function resolvePassword(raw) {
505
+ if (raw.startsWith("@")) {
506
+ const path = raw.slice(1).trim();
507
+ try {
508
+ return (0, fs_1.readFileSync)(path, "utf8").trim();
509
+ } catch {
510
+ throw Object.assign(new Error(`cannot read password file: ${path}`), { code: "ERR_PWFILE" });
511
+ }
512
+ }
513
+ if (raw.startsWith("env:")) {
514
+ const name = raw.slice(4).trim();
515
+ const val = process.env[name];
516
+ if (!val)
517
+ throw Object.assign(new Error(`env variable not set: ${name}`), { code: "ERR_PWENV" });
518
+ return val;
519
+ }
520
+ return raw;
521
+ }
522
+ function describePasswordSource(raw) {
523
+ if (raw.startsWith("@"))
524
+ return `file(${raw.slice(1)})`;
525
+ if (raw.startsWith("env:"))
526
+ return `env(${raw.slice(4)})`;
527
+ return "inline";
528
+ }
529
+ }
530
+ });
531
+
532
+ // dist/lib/clip.js
533
+ var require_clip = __commonJS({
534
+ "dist/lib/clip.js"(exports2) {
535
+ "use strict";
536
+ Object.defineProperty(exports2, "__esModule", { value: true });
537
+ exports2.copyToClipboard = copyToClipboard;
538
+ exports2.clipAvailable = clipAvailable;
539
+ var child_process_1 = require("child_process");
540
+ var env_1 = require_env();
541
+ function _cmd() {
542
+ if (env_1.env.isMacOS)
543
+ return "pbcopy";
544
+ if (env_1.env.isTermux) {
545
+ try {
546
+ (0, child_process_1.execSync)("which termux-clipboard-set", { stdio: "ignore" });
547
+ return "termux-clipboard-set";
548
+ } catch {
549
+ }
550
+ return null;
551
+ }
552
+ for (const [bin, cmd] of [["xclip", "xclip -selection clipboard"], ["xsel", "xsel --clipboard --input"], ["wl-copy", "wl-copy"]]) {
553
+ try {
554
+ (0, child_process_1.execSync)(`which ${bin}`, { stdio: "ignore" });
555
+ return cmd;
556
+ } catch {
557
+ }
558
+ }
559
+ return null;
560
+ }
561
+ function copyToClipboard(text) {
562
+ const cmd = _cmd();
563
+ if (!cmd)
564
+ return false;
565
+ try {
566
+ (0, child_process_1.execSync)(cmd, { input: text, stdio: ["pipe", "ignore", "ignore"] });
567
+ return true;
568
+ } catch {
569
+ return false;
570
+ }
571
+ }
572
+ function clipAvailable() {
573
+ return _cmd() !== null;
574
+ }
575
+ }
576
+ });
577
+
578
+ // dist/lib/rc.js
579
+ var require_rc = __commonJS({
580
+ "dist/lib/rc.js"(exports2) {
581
+ "use strict";
582
+ Object.defineProperty(exports2, "__esModule", { value: true });
583
+ exports2.loadRC = loadRC;
584
+ var fs_1 = require("fs");
585
+ var path_1 = require("path");
586
+ var os_1 = require("os");
587
+ var _DEFAULTS = { bytes: 24, maxSize: 20, clip: false };
588
+ var _RC_FILE = ".rwn64rc";
589
+ function _parse(raw) {
590
+ const out = {};
591
+ for (const line of raw.split("\n")) {
592
+ const t = line.trim();
593
+ if (!t || t.startsWith("#"))
594
+ continue;
595
+ const eq = t.indexOf("=");
596
+ if (eq === -1)
597
+ continue;
598
+ const k = t.slice(0, eq).trim();
599
+ const v = t.slice(eq + 1).trim();
600
+ if (k === "password")
601
+ out.password = v;
602
+ if (k === "bytes")
603
+ out.bytes = parseInt(v, 10);
604
+ if (k === "maxSize")
605
+ out.maxSize = parseInt(v, 10);
606
+ if (k === "clip")
607
+ out.clip = v === "true";
608
+ }
609
+ return out;
610
+ }
611
+ function _load(path) {
612
+ if (!(0, fs_1.existsSync)(path))
613
+ return null;
614
+ try {
615
+ return _parse((0, fs_1.readFileSync)(path, "utf8"));
616
+ } catch {
617
+ return null;
618
+ }
619
+ }
620
+ function loadRC() {
621
+ const local = _load((0, path_1.resolve)(process.cwd(), _RC_FILE));
622
+ const global = _load((0, path_1.join)((0, os_1.homedir)(), _RC_FILE));
623
+ return { ..._DEFAULTS, ...global, ...local };
624
+ }
625
+ }
626
+ });
627
+
628
+ // dist/lib/history.js
629
+ var require_history = __commonJS({
630
+ "dist/lib/history.js"(exports2) {
631
+ "use strict";
632
+ Object.defineProperty(exports2, "__esModule", { value: true });
633
+ exports2.recordHistory = recordHistory;
634
+ exports2.getHistory = getHistory;
635
+ exports2.clearHistory = clearHistory;
636
+ var fs_1 = require("fs");
637
+ var path_1 = require("path");
638
+ var os_1 = require("os");
639
+ var crypto_1 = require("crypto");
640
+ var _FILE = (0, path_1.join)((0, os_1.tmpdir)(), ".rwn64_history");
641
+ function _load() {
642
+ if (!(0, fs_1.existsSync)(_FILE))
643
+ return [];
644
+ try {
645
+ return JSON.parse((0, fs_1.readFileSync)(_FILE, "utf8"));
646
+ } catch {
647
+ return [];
648
+ }
649
+ }
650
+ function _save(e) {
651
+ try {
652
+ (0, fs_1.writeFileSync)(_FILE, JSON.stringify(e), "utf8");
653
+ } catch {
654
+ }
655
+ }
656
+ function recordHistory(cmd, token) {
657
+ const e = _load();
658
+ e.push({ ts: Date.now(), cmd, fp: (0, crypto_1.createHash)("sha256").update(token).digest("hex").slice(0, 8) });
659
+ if (e.length > 50)
660
+ e.splice(0, e.length - 50);
661
+ _save(e);
662
+ }
663
+ function getHistory() {
664
+ return _load();
665
+ }
666
+ function clearHistory() {
667
+ _save([]);
668
+ }
669
+ }
670
+ });
671
+
672
+ // dist/cmd/enc.js
673
+ var require_enc = __commonJS({
674
+ "dist/cmd/enc.js"(exports2) {
675
+ "use strict";
676
+ Object.defineProperty(exports2, "__esModule", { value: true });
677
+ exports2.cmdEnc = cmdEnc;
678
+ var fs_1 = require("fs");
679
+ var readline_1 = require("readline");
680
+ var crypto_1 = require_crypto();
681
+ var password_1 = require_password();
682
+ var ui_12 = require_ui();
683
+ var clip_1 = require_clip();
684
+ var rc_1 = require_rc();
685
+ var history_12 = require_history();
686
+ var env_1 = require_env();
687
+ var args_12 = require_args();
688
+ var _MAX = 20 * 1024 * 1024;
689
+ var _WARN = 5 * 1024 * 1024;
690
+ async function _confirm(msg) {
691
+ return new Promise((res) => {
692
+ const rl = (0, readline_1.createInterface)({ input: process.stdin, output: process.stderr });
693
+ rl.question(msg, (a) => {
694
+ rl.close();
695
+ res(a.trim().toLowerCase() === "y");
696
+ });
697
+ });
698
+ }
699
+ async function _interactive() {
700
+ return new Promise((resolve) => {
701
+ process.stderr.write("enter text: ");
702
+ let text = "";
703
+ if (env_1.env.hasRawMode) {
704
+ process.stdin.setRawMode(true);
705
+ process.stdin.resume();
706
+ process.stdin.setEncoding("utf8");
707
+ const onData = (ch) => {
708
+ if (ch === "\r" || ch === "\n") {
709
+ process.stdin.setRawMode(false);
710
+ process.stdin.pause();
711
+ process.stdin.removeListener("data", onData);
712
+ process.stderr.write("\n");
713
+ resolve(text);
714
+ } else if (ch === "") {
715
+ process.stderr.write("\naborted.\n");
716
+ process.exit(0);
717
+ } else if (ch === "\x7F") {
718
+ text = text.slice(0, -1);
719
+ process.stderr.write("\b \b");
720
+ } else {
721
+ text += ch;
722
+ process.stderr.write("\xB7");
723
+ }
724
+ };
725
+ process.stdin.on("data", onData);
726
+ } else {
727
+ const rl = (0, readline_1.createInterface)({ input: process.stdin, output: process.stderr });
728
+ rl.question("", (a) => {
729
+ rl.close();
730
+ resolve(a);
731
+ });
732
+ }
733
+ });
734
+ }
735
+ function _readInput(raw) {
736
+ if (raw.startsWith("@")) {
737
+ const path = raw.slice(1).trim();
738
+ if (!(0, fs_1.existsSync)(path))
739
+ (0, ui_12.err)(`file not found: ${path}`, 2);
740
+ const stat = (0, fs_1.statSync)(path);
741
+ if (stat.size > _MAX)
742
+ (0, ui_12.err)(`file too large: ${(stat.size / 1024 / 1024).toFixed(1)} MB. max 20 MB`, 2);
743
+ return { text: (0, fs_1.readFileSync)(path, "utf8"), source: `file(${path})`, bytes: stat.size };
744
+ }
745
+ const bytes = Buffer.byteLength(raw, "utf8");
746
+ return { text: raw, source: "arg", bytes };
747
+ }
748
+ async function cmdEnc(parsed2) {
749
+ const rc = (0, rc_1.loadRC)();
750
+ const rawPw = (0, args_12.getFlag)(parsed2.flags, "sw") ?? rc.password;
751
+ if (!rawPw)
752
+ (0, ui_12.err)("-sw <password> is required (or set 'password' in .rwn64rc)");
753
+ const password = (0, password_1.resolvePassword)(rawPw);
754
+ const pwSource = (0, password_1.describePasswordSource)(rawPw);
755
+ if (password.length < 8)
756
+ (0, ui_12.warn)("password is short (< 8 chars). consider a stronger password.");
757
+ let text;
758
+ let source;
759
+ let bytes;
760
+ const rawInput = parsed2.positional[0];
761
+ if (!rawInput) {
762
+ text = await _interactive();
763
+ source = "interactive";
764
+ bytes = Buffer.byteLength(text, "utf8");
765
+ } else {
766
+ const r = _readInput(rawInput);
767
+ text = r.text;
768
+ source = r.source;
769
+ bytes = r.bytes;
770
+ }
771
+ const mb = bytes / 1024 / 1024;
772
+ if (bytes > _WARN) {
773
+ let msg = `
774
+ input is ${mb.toFixed(1)} MB. may be slow.
775
+ `;
776
+ if (env_1.env.isTermux)
777
+ msg += " warning: files above 500 MB may crash Termux.\n";
778
+ msg += " continue? [y/N] ";
779
+ if (!await _confirm(msg)) {
780
+ process.stderr.write("aborted.\n");
781
+ process.exit(0);
782
+ }
783
+ }
784
+ const rawExp = (0, args_12.getFlag)(parsed2.flags, "expires");
785
+ const expiresMs = rawExp ? (0, crypto_1.parseExpiry)(rawExp) : void 0;
786
+ const useClip = (0, args_12.hasFlag)(parsed2.flags, "clip") || !!rc.clip;
787
+ const sizeLabel = mb < 0.01 ? `${bytes} B` : `${mb.toFixed(2)} MB`;
788
+ const t0 = Date.now();
789
+ let tok;
790
+ try {
791
+ tok = (0, crypto_1.encrypt)(text, password, { expiresMs });
792
+ } catch (ex) {
793
+ (0, ui_12.err)(ex.message, 2);
794
+ }
795
+ const elapsed = Date.now() - t0;
796
+ (0, history_12.recordHistory)("enc", tok);
797
+ (0, ui_12.section)("encrypt");
798
+ (0, ui_12.box)([
799
+ { label: "input", value: source === "interactive" ? "(hidden)" : source === "arg" ? text.length > 52 ? text.slice(0, 52) + "\u2026" : text : source },
800
+ { label: "size", value: sizeLabel },
801
+ { label: "pw", value: pwSource },
802
+ { label: "algo", value: "ChaCha20-Poly1305 / scrypt" },
803
+ ...expiresMs ? [{ label: "expires", value: new Date(expiresMs).toISOString() }] : []
804
+ ]);
805
+ (0, ui_12.token)(tok);
806
+ (0, ui_12.ms)(elapsed);
807
+ if (useClip) {
808
+ const ok = (0, clip_1.copyToClipboard)(tok);
809
+ if (ok)
810
+ process.stderr.write("\n copied to clipboard\n");
811
+ else
812
+ (0, ui_12.warn)("--clip: no clipboard tool found");
813
+ }
814
+ process.stderr.write("\n");
815
+ process.stdout.write(tok + "\n");
816
+ }
817
+ }
818
+ });
819
+
820
+ // dist/cmd/denc.js
821
+ var require_denc = __commonJS({
822
+ "dist/cmd/denc.js"(exports2) {
823
+ "use strict";
824
+ Object.defineProperty(exports2, "__esModule", { value: true });
825
+ exports2.cmdDenc = cmdDenc;
826
+ var fs_1 = require("fs");
827
+ var crypto_1 = require_crypto();
828
+ var password_1 = require_password();
829
+ var ui_12 = require_ui();
830
+ var clip_1 = require_clip();
831
+ var rc_1 = require_rc();
832
+ var history_12 = require_history();
833
+ var args_12 = require_args();
834
+ function cmdDenc(parsed2) {
835
+ const rc = (0, rc_1.loadRC)();
836
+ const token = parsed2.positional[0];
837
+ if (!token)
838
+ (0, ui_12.err)("missing <token> argument");
839
+ if (token.startsWith("rwn64$")) {
840
+ (0, ui_12.err)("token uses '$' separator \u2014 did you use double quotes?\n fix use single quotes: rwn64 denc 'rwn64:v2:...' -sw password", 2);
841
+ }
842
+ const rawPw = (0, args_12.getFlag)(parsed2.flags, "sw") ?? rc.password;
843
+ if (!rawPw)
844
+ (0, ui_12.err)("-sw <password> is required (or set 'password' in .rwn64rc)");
845
+ const password = (0, password_1.resolvePassword)(rawPw);
846
+ const pwSource = (0, password_1.describePasswordSource)(rawPw);
847
+ const outFile = (0, args_12.getFlag)(parsed2.flags, "out", "o");
848
+ const useClip = (0, args_12.hasFlag)(parsed2.flags, "clip") || !!rc.clip;
849
+ const t0 = Date.now();
850
+ let result;
851
+ try {
852
+ result = (0, crypto_1.decrypt)(token, password);
853
+ } catch (ex) {
854
+ const c = ex.code ?? "";
855
+ if (c === "ERR_EXPIRED")
856
+ (0, ui_12.err)(`token expired at ${ex.expiredAt?.toISOString()}`, 2);
857
+ if (c === "ERR_AUTH")
858
+ (0, ui_12.err)("wrong password or token has been tampered with", 2);
859
+ if (c === "ERR_FORMAT")
860
+ (0, ui_12.err)("value does not look like a rwn64 token", 2);
861
+ if (c === "ERR_MALFORMED")
862
+ (0, ui_12.err)("token is malformed or truncated", 2);
863
+ (0, ui_12.err)(ex.message, 2);
864
+ }
865
+ const elapsed = Date.now() - t0;
866
+ (0, history_12.recordHistory)("denc", token);
867
+ (0, ui_12.section)("decrypt");
868
+ (0, ui_12.box)([
869
+ { label: "token", value: token.length > 40 ? token.slice(0, 40) + "\u2026" : token },
870
+ { label: "pw", value: pwSource },
871
+ { label: "algo", value: result.tokenVersion === 2 ? "ChaCha20-Poly1305" : "AES-256-GCM" },
872
+ ...result.expiresAt ? [{ label: "expires", value: result.expiresAt.toISOString() }] : [],
873
+ { label: "result", value: result.plaintext.length > 52 ? result.plaintext.slice(0, 52) + "\u2026" : result.plaintext }
874
+ ]);
875
+ (0, ui_12.ms)(elapsed);
876
+ process.stderr.write("\n");
877
+ if (outFile) {
878
+ try {
879
+ (0, fs_1.writeFileSync)(outFile, result.plaintext, "utf8");
880
+ process.stderr.write(` saved to ${outFile}
881
+
882
+ `);
883
+ } catch {
884
+ (0, ui_12.err)(`could not write file: ${outFile}`, 2);
885
+ }
886
+ }
887
+ if (useClip) {
888
+ const ok = (0, clip_1.copyToClipboard)(result.plaintext);
889
+ if (ok)
890
+ process.stderr.write(" copied to clipboard\n\n");
891
+ else
892
+ (0, ui_12.warn)("--clip: no clipboard tool found");
893
+ }
894
+ if (!outFile)
895
+ (0, ui_12.data)(result.plaintext);
896
+ }
897
+ }
898
+ });
899
+
900
+ // dist/cmd/verify.js
901
+ var require_verify = __commonJS({
902
+ "dist/cmd/verify.js"(exports2) {
903
+ "use strict";
904
+ Object.defineProperty(exports2, "__esModule", { value: true });
905
+ exports2.cmdVerify = cmdVerify;
906
+ var crypto_1 = require_crypto();
907
+ var password_1 = require_password();
908
+ var ui_12 = require_ui();
909
+ var rc_1 = require_rc();
910
+ var args_12 = require_args();
911
+ function cmdVerify(parsed2) {
912
+ const rc = (0, rc_1.loadRC)();
913
+ const token = parsed2.positional[0];
914
+ if (!token)
915
+ (0, ui_12.err)("missing <token> argument");
916
+ const rawPw = (0, args_12.getFlag)(parsed2.flags, "sw") ?? rc.password;
917
+ if (!rawPw)
918
+ (0, ui_12.err)("-sw <password> is required");
919
+ const password = (0, password_1.resolvePassword)(rawPw);
920
+ const t0 = Date.now();
921
+ const ok = (0, crypto_1.verify)(token, password);
922
+ const elapsed = Date.now() - t0;
923
+ (0, ui_12.section)("verify");
924
+ (0, ui_12.box)([
925
+ { label: "token", value: token.length > 40 ? token.slice(0, 40) + "\u2026" : token },
926
+ { label: "status", value: ok ? "valid" : "invalid", valueColor: ok ? "\x1B[32m" : "\x1B[31m" }
927
+ ]);
928
+ (0, ui_12.ms)(elapsed);
929
+ process.stderr.write("\n");
930
+ process.stdout.write((ok ? "valid" : "invalid") + "\n");
931
+ if (!ok)
932
+ process.exit(2);
933
+ }
934
+ }
935
+ });
936
+
937
+ // dist/cmd/info.js
938
+ var require_info = __commonJS({
939
+ "dist/cmd/info.js"(exports2) {
940
+ "use strict";
941
+ Object.defineProperty(exports2, "__esModule", { value: true });
942
+ exports2.cmdInfo = cmdInfo;
943
+ var crypto_1 = require_crypto();
944
+ var ui_12 = require_ui();
945
+ function cmdInfo(parsed2) {
946
+ const token = parsed2.positional[0];
947
+ if (!token)
948
+ (0, ui_12.err)("missing <token> argument");
949
+ let meta;
950
+ try {
951
+ meta = (0, crypto_1.inspectToken)(token);
952
+ } catch (ex) {
953
+ (0, ui_12.err)(ex.message, 2);
954
+ }
955
+ (0, ui_12.section)("token info");
956
+ (0, ui_12.box)([
957
+ { label: "prefix", value: meta.prefix },
958
+ { label: "version", value: meta.version },
959
+ { label: "algo", value: meta.algo },
960
+ { label: "kdf", value: "scrypt (N=16384,r=8,p=1)" },
961
+ { label: "salt", value: meta.saltHex },
962
+ { label: "nonce", value: meta.nonceHex },
963
+ { label: "bytes", value: String(meta.payloadBytes) + " (raw payload)" }
964
+ ]);
965
+ process.stderr.write("\n");
966
+ }
967
+ }
968
+ });
969
+
970
+ // dist/cmd/fp.js
971
+ var require_fp = __commonJS({
972
+ "dist/cmd/fp.js"(exports2) {
973
+ "use strict";
974
+ Object.defineProperty(exports2, "__esModule", { value: true });
975
+ exports2.cmdFp = cmdFp;
976
+ var crypto_1 = require_crypto();
977
+ var password_1 = require_password();
978
+ var ui_12 = require_ui();
979
+ var rc_1 = require_rc();
980
+ var args_12 = require_args();
981
+ function cmdFp(parsed2) {
982
+ const rc = (0, rc_1.loadRC)();
983
+ const text = parsed2.positional[0];
984
+ if (!text)
985
+ (0, ui_12.err)("missing <text> argument");
986
+ const rawPw = (0, args_12.getFlag)(parsed2.flags, "sw") ?? rc.password;
987
+ if (!rawPw)
988
+ (0, ui_12.err)("-sw <secret> is required");
989
+ const secret = (0, password_1.resolvePassword)(rawPw);
990
+ const t0 = Date.now();
991
+ const fp = (0, crypto_1.hmacFingerprint)(text, secret);
992
+ const elapsed = Date.now() - t0;
993
+ (0, ui_12.section)("fingerprint");
994
+ (0, ui_12.box)([
995
+ { label: "input", value: text.length > 52 ? text.slice(0, 52) + "\u2026" : text },
996
+ { label: "algo", value: "HMAC-SHA256" },
997
+ { label: "fp", value: fp }
998
+ ]);
999
+ (0, ui_12.ms)(elapsed);
1000
+ process.stderr.write("\n");
1001
+ (0, ui_12.data)(fp);
1002
+ }
1003
+ }
1004
+ });
1005
+
1006
+ // dist/cmd/gen.js
1007
+ var require_gen = __commonJS({
1008
+ "dist/cmd/gen.js"(exports2) {
1009
+ "use strict";
1010
+ Object.defineProperty(exports2, "__esModule", { value: true });
1011
+ exports2.cmdGen = cmdGen;
1012
+ var crypto_1 = require_crypto();
1013
+ var ui_12 = require_ui();
1014
+ var clip_1 = require_clip();
1015
+ var rc_1 = require_rc();
1016
+ var args_12 = require_args();
1017
+ function cmdGen(parsed2) {
1018
+ const rc = (0, rc_1.loadRC)();
1019
+ const raw = parsed2.positional[0];
1020
+ const bytes = raw ? parseInt(raw, 10) : rc.bytes ?? 24;
1021
+ const useClip = (0, args_12.hasFlag)(parsed2.flags, "clip") || !!rc.clip;
1022
+ if (isNaN(bytes) || bytes < 8 || bytes > 256)
1023
+ (0, ui_12.err)("bytes must be between 8 and 256");
1024
+ const t0 = Date.now();
1025
+ const pw = (0, crypto_1.generatePassword)(bytes);
1026
+ const elapsed = Date.now() - t0;
1027
+ (0, ui_12.section)("generate password");
1028
+ (0, ui_12.box)([
1029
+ { label: "bytes", value: String(bytes) },
1030
+ { label: "entropy", value: `~${Math.floor(bytes * 6)} bits` },
1031
+ { label: "password", value: pw }
1032
+ ]);
1033
+ (0, ui_12.ms)(elapsed);
1034
+ process.stderr.write("\n");
1035
+ if (useClip) {
1036
+ const ok = (0, clip_1.copyToClipboard)(pw);
1037
+ if (ok)
1038
+ process.stderr.write(" copied to clipboard\n\n");
1039
+ else
1040
+ (0, ui_12.warn)("--clip: no clipboard tool found");
1041
+ }
1042
+ (0, ui_12.data)(pw);
1043
+ }
1044
+ }
1045
+ });
1046
+
1047
+ // dist/cmd/history.js
1048
+ var require_history2 = __commonJS({
1049
+ "dist/cmd/history.js"(exports2) {
1050
+ "use strict";
1051
+ Object.defineProperty(exports2, "__esModule", { value: true });
1052
+ exports2.cmdHistory = cmdHistory;
1053
+ var history_12 = require_history();
1054
+ var ui_12 = require_ui();
1055
+ var args_12 = require_args();
1056
+ function cmdHistory(parsed2) {
1057
+ if ((0, args_12.hasFlag)(parsed2.flags, "clear")) {
1058
+ (0, history_12.clearHistory)();
1059
+ process.stderr.write("history cleared\n");
1060
+ return;
1061
+ }
1062
+ const entries = (0, history_12.getHistory)();
1063
+ if (entries.length === 0) {
1064
+ (0, ui_12.warn)("no history yet");
1065
+ return;
1066
+ }
1067
+ (0, ui_12.section)("history");
1068
+ (0, ui_12.box)(entries.map((e) => ({ label: new Date(e.ts).toISOString().slice(0, 19).replace("T", " "), value: `${e.cmd.padEnd(5)} fp:${e.fp}` })));
1069
+ process.stderr.write("\n");
1070
+ }
1071
+ }
1072
+ });
1073
+
1074
+ // dist/cmd/upgrade.js
1075
+ var require_upgrade = __commonJS({
1076
+ "dist/cmd/upgrade.js"(exports2) {
1077
+ "use strict";
1078
+ Object.defineProperty(exports2, "__esModule", { value: true });
1079
+ exports2.cmdUpgrade = cmdUpgrade;
1080
+ var child_process_1 = require("child_process");
1081
+ var ui_12 = require_ui();
1082
+ function _latest() {
1083
+ try {
1084
+ return (0, child_process_1.execSync)("npm info rwn64 version", { encoding: "utf8", timeout: 8e3 }).trim();
1085
+ } catch {
1086
+ return null;
1087
+ }
1088
+ }
1089
+ function _cmp(a, b) {
1090
+ const pa = a.split(".").map(Number);
1091
+ const pb = b.split(".").map(Number);
1092
+ for (let i = 0; i < 3; i++) {
1093
+ const d = (pa[i] ?? 0) - (pb[i] ?? 0);
1094
+ if (d)
1095
+ return d;
1096
+ }
1097
+ return 0;
1098
+ }
1099
+ function cmdUpgrade() {
1100
+ (0, ui_12.section)("upgrade");
1101
+ (0, ui_12.row)("current", ui_12.VERSION);
1102
+ process.stderr.write("\nchecking npm registry...\n\n");
1103
+ const latest = _latest();
1104
+ if (!latest)
1105
+ (0, ui_12.err)("could not reach npm registry. check your connection.", 1);
1106
+ (0, ui_12.row)("latest", latest);
1107
+ process.stderr.write("\n");
1108
+ if (_cmp(latest, ui_12.VERSION) <= 0) {
1109
+ (0, ui_12.row)("status", "already up to date");
1110
+ process.stderr.write("\n");
1111
+ return;
1112
+ }
1113
+ (0, ui_12.row)("status", `update available ${ui_12.VERSION} \u2192 ${latest}`);
1114
+ process.stderr.write("\nrun to update:\n\n");
1115
+ process.stdout.write("npm install -g rwn64\n");
1116
+ process.stderr.write("\n");
1117
+ }
1118
+ }
1119
+ });
1120
+
1121
+ // dist/cli.js
1122
+ Object.defineProperty(exports, "__esModule", { value: true });
1123
+ var errors_1 = require_errors();
1124
+ (0, errors_1.installErrorHandler)();
1125
+ var args_1 = require_args();
1126
+ var ui_1 = require_ui();
1127
+ var enc_1 = require_enc();
1128
+ var denc_1 = require_denc();
1129
+ var verify_1 = require_verify();
1130
+ var info_1 = require_info();
1131
+ var fp_1 = require_fp();
1132
+ var gen_1 = require_gen();
1133
+ var history_1 = require_history2();
1134
+ var upgrade_1 = require_upgrade();
1135
+ if (process.argv.includes("--no-color"))
1136
+ process.env.NO_COLOR = "1";
1137
+ var rawArgv = process.argv.slice(2).filter((a) => a !== "--no-color");
1138
+ if (rawArgv.length === 0 || rawArgv[0] === "-h" || rawArgv[0] === "--help") {
1139
+ (0, ui_1.usage)();
1140
+ process.exit(0);
1141
+ }
1142
+ if (rawArgv[0] === "-v" || rawArgv[0] === "--version") {
1143
+ process.stdout.write(ui_1.VERSION + "\n");
1144
+ process.exit(0);
1145
+ }
1146
+ var parsed = (0, args_1.parseArgs)(rawArgv);
1147
+ async function main() {
1148
+ switch (parsed.cmd) {
1149
+ case "enc":
1150
+ await (0, enc_1.cmdEnc)(parsed);
1151
+ break;
1152
+ case "denc":
1153
+ (0, denc_1.cmdDenc)(parsed);
1154
+ break;
1155
+ case "verify":
1156
+ (0, verify_1.cmdVerify)(parsed);
1157
+ break;
1158
+ case "info":
1159
+ (0, info_1.cmdInfo)(parsed);
1160
+ break;
1161
+ case "fp":
1162
+ (0, fp_1.cmdFp)(parsed);
1163
+ break;
1164
+ case "gen":
1165
+ (0, gen_1.cmdGen)(parsed);
1166
+ break;
1167
+ case "history":
1168
+ (0, history_1.cmdHistory)(parsed);
1169
+ break;
1170
+ case "upgrade":
1171
+ case "-u":
1172
+ case "-upgrade":
1173
+ (0, upgrade_1.cmdUpgrade)();
1174
+ break;
1175
+ default:
1176
+ (0, ui_1.warn)(`unknown command: ${parsed.cmd}`);
1177
+ (0, ui_1.usage)();
1178
+ process.exit(1);
1179
+ }
1180
+ }
1181
+ main().catch((e) => (0, ui_1.err)(e?.message ?? "unexpected error", 1));