zeed 1.3.0 → 1.4.0

package/dist/common/bin/lib0/string.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"string.mjs","names":[],"sources":["../../../../src/common/bin/lib0/string.ts"],"sourcesContent":["/**\n * Original at https://github.com/dmonad/lib0\n *\n * Utility module to work with strings.\n */\n\n// export const fromCharCode = String.fromCharCode\n// export const fromCodePoint = String.fromCodePoint\n\nfunction toLowerCase(s: string): string {\n  return s.toLowerCase()\n}\n\nconst trimLeftRegex = /^\\s*/g\n\nexport function trimLeft(s: string): string {\n  return s.replace(trimLeftRegex, '')\n}\n\nconst fromCamelCaseRegex = /([A-Z])/g\n\nexport function fromCamelCase(s: string, separator: string): string {\n  return trimLeft(s.replace(fromCamelCaseRegex, match => `${separator}${toLowerCase(match)}`))\n}\n\n/**\n * Compute the utf8ByteLength\n */\nexport function utf8ByteLength(str: string): number {\n  return unescape(encodeURIComponent(str)).length\n}\n\nexport function _encodeUtf8Polyfill(str: string): Uint8Array {\n  const encodedString = unescape(encodeURIComponent(str))\n  const len = encodedString.length\n  const buf = new Uint8Array(len)\n  for (let i = 0; i < len; i++)\n    buf[i] = (encodedString.codePointAt(i) as number)\n\n  return buf\n}\n\nlet utf8TextEncoder: TextEncoder | undefined | null\n\nexport function getUtf8TextEncoder(): TextEncoder | null {\n  if (utf8TextEncoder === undefined)\n    utf8TextEncoder = (typeof TextEncoder !== 'undefined' ? new TextEncoder() : null)\n  return utf8TextEncoder\n}\n\nexport function encodeUtf8(str: string): Uint8Array {\n  return getUtf8TextEncoder()\n    ? utf8TextEncoder!.encode(str)\n    : _encodeUtf8Polyfill(str)\n}\n\nfunction _decodeUtf8Polyfill(buf: Uint8Array): string {\n  let remainingLen = buf.length\n  let encodedString = ''\n  let bufPos = 0\n  while (remainingLen > 0) {\n    const nextLen = remainingLen < 10000 ? remainingLen : 10000\n    const bytes = buf.subarray(bufPos, bufPos + nextLen)\n    bufPos += nextLen\n    // Starting with ES5.1 we can supply a generic array-like object as arguments\n    encodedString += String.fromCodePoint(...bytes as any)\n    remainingLen -= nextLen\n  }\n  return decodeURIComponent(escape(encodedString))\n}\n\nlet utf8TextDecoder: any\n\nexport function getUtf8TextDecoder(): TextDecoder | undefined {\n  if (utf8TextDecoder === undefined) {\n    utf8TextDecoder = (typeof TextDecoder === 'undefined' ? null : new TextDecoder('utf-8', { fatal: true, ignoreBOM: true })) ?? null\n    if (utf8TextDecoder && utf8TextDecoder.decode(new Uint8Array()).length === 1) {\n      // Safari doesn't handle BOM correctly.\n      // This fixes a bug in Safari 13.0.5 where it produces a BOM the first time it is called.\n      // utf8TextDecoder.decode(new Uint8Array()).length === 1 on the first call and\n      // utf8TextDecoder.decode(new Uint8Array()).length === 1 on the second call\n      // Another issue is that from then on no BOM chars are recognized anymore\n      utf8TextDecoder = null\n    }\n  }\n  return utf8TextDecoder\n}\n\nexport function decodeUtf8(buf: Uint8Array): string {\n  return getUtf8TextDecoder()\n    ? utf8TextDecoder.decode(buf)\n    : _decodeUtf8Polyfill(buf)\n}\n\nexport function splice(str: string, index: number, remove: number, insert = '') {\n  return str.slice(0, index) + insert + str.slice(index + remove)\n}\n"],"mappings":"AASA,SAAS,EAAY,EAAmB,CACtC,OAAO,EAAE,aAAa,CAGxB,MAAM,EAAgB,QAEtB,SAAgB,EAAS,EAAmB,CAC1C,OAAO,EAAE,QAAQ,EAAe,GAAG,CAGrC,MAAM,EAAqB,WAE3B,SAAgB,EAAc,EAAW,EAA2B,CAClE,OAAO,EAAS,EAAE,QAAQ,EAAoB,GAAS,GAAG,IAAY,EAAY,EAAM,GAAG,CAAC,CAM9F,SAAgB,EAAe,EAAqB,CAClD,OAAO,SAAS,mBAAmB,EAAI,CAAC,CAAC,OAG3C,SAAgB,EAAoB,EAAyB,CAC3D,IAAM,EAAgB,SAAS,mBAAmB,EAAI,CAAC,CACjD,EAAM,EAAc,OACpB,EAAM,IAAI,WAAW,EAAI,CAC/B,IAAK,IAAI,EAAI,EAAG,EAAI,EAAK,IACvB,EAAI,GAAM,EAAc,YAAY,EAAE,CAExC,OAAO,EAGT,IAAI,EAEJ,SAAgB,GAAyC,CAGvD,OAFI,IAAoB,IAAA,KACtB,EAAmB,OAAO,YAAgB,IAAc,IAAI,YAAgB,MACvE,EAGT,SAAgB,EAAW,EAAyB,CAClD,OAAO,GAAoB,CACvB,EAAiB,OAAO,EAAI,CAC5B,EAAoB,EAAI,CAG9B,SAAS,EAAoB,EAAyB,CACpD,IAAI,EAAe,EAAI,OACnB,EAAgB,GAChB,EAAS,EACb,KAAO,EAAe,GAAG,CACvB,IAAM,EAAU,EAAe,IAAQ,EAAe,IAChD,EAAQ,EAAI,SAAS,EAAQ,EAAS,EAAQ,CACpD,GAAU,EAEV,GAAiB,OAAO,cAAc,GAAG,EAAa,CACtD,GAAgB,EAElB,OAAO,mBAAmB,OAAO,EAAc,CAAC,CAGlD,IAAI,EAEJ,SAAgB,GAA8C,CAY5D,OAXI,IAAoB,IAAA,KACtB,GAAmB,OAAO,YAAgB,IAAc,KAAO,IAAI,YAAY,QAAS,CAAE,MAAO,GAAM,UAAW,GAAM,CAAC,GAAK,KAC1H,GAAmB,EAAgB,OAAO,IAAI,WAAa,CAAC,SAAW,IAMzE,EAAkB,OAGf,EAGT,SAAgB,EAAW,EAAyB,CAClD,OAAO,GAAoB,CACvB,EAAgB,OAAO,EAAI,CAC3B,EAAoB,EAAI,CAG9B,SAAgB,EAAO,EAAa,EAAe,EAAgB,EAAS,GAAI,CAC9E,OAAO,EAAI,MAAM,EAAG,EAAM,CAAG,EAAS,EAAI,MAAM,EAAQ,EAAO"}
+{"version":3,"file":"string.mjs","names":[],"sources":["../../../../src/common/bin/lib0/string.ts"],"sourcesContent":["/**\n * Original at https://github.com/dmonad/lib0\n *\n * Utility module to work with strings.\n */\n\n// export const fromCharCode = String.fromCharCode\n// export const fromCodePoint = String.fromCodePoint\n\nfunction toLowerCase(s: string): string {\n  return s.toLowerCase()\n}\n\nconst trimLeftRegex = /^\\s*/g\n\nexport function trimLeft(s: string): string {\n  return s.replace(trimLeftRegex, '')\n}\n\nconst fromCamelCaseRegex = /([A-Z])/g\n\nexport function fromCamelCase(s: string, separator: string): string {\n  return trimLeft(s.replace(fromCamelCaseRegex, match => `${separator}${toLowerCase(match)}`))\n}\n\n/**\n * Compute the utf8ByteLength\n */\nexport function utf8ByteLength(str: string): number {\n  return unescape(encodeURIComponent(str)).length\n}\n\nexport function _encodeUtf8Polyfill(str: string): Uint8Array {\n  const encodedString = unescape(encodeURIComponent(str))\n  const len = encodedString.length\n  const buf = new Uint8Array(len)\n  for (let i = 0; i < len; i++)\n    buf[i] = (encodedString.codePointAt(i) as number)\n\n  return buf\n}\n\nlet utf8TextEncoder: TextEncoder | undefined | null\n\nexport function getUtf8TextEncoder(): TextEncoder | null {\n  if (utf8TextEncoder === undefined)\n    utf8TextEncoder = (typeof TextEncoder !== 'undefined' ? new TextEncoder() : null)\n  return utf8TextEncoder\n}\n\nexport function encodeUtf8(str: string): Uint8Array {\n  return getUtf8TextEncoder()\n    ? utf8TextEncoder!.encode(str)\n    : _encodeUtf8Polyfill(str)\n}\n\nfunction _decodeUtf8Polyfill(buf: Uint8Array): string {\n  let remainingLen = buf.length\n  let encodedString = ''\n  let bufPos = 0\n  while (remainingLen > 0) {\n    const nextLen = remainingLen < 10000 ? remainingLen : 10000\n    const bytes = buf.subarray(bufPos, bufPos + nextLen)\n    bufPos += nextLen\n    // Starting with ES5.1 we can supply a generic array-like object as arguments\n    encodedString += String.fromCodePoint(...bytes as any)\n    remainingLen -= nextLen\n  }\n  return decodeURIComponent(escape(encodedString))\n}\n\nlet utf8TextDecoder: any\n\nexport function getUtf8TextDecoder(): TextDecoder | undefined {\n  if (utf8TextDecoder === undefined) {\n    utf8TextDecoder = (typeof TextDecoder === 'undefined' ? null : new TextDecoder('utf-8', { fatal: true, ignoreBOM: true })) ?? null\n    if (utf8TextDecoder && utf8TextDecoder.decode(new Uint8Array()).length === 1) {\n      // Safari doesn't handle BOM correctly.\n      // This fixes a bug in Safari 13.0.5 where it produces a BOM the first time it is called.\n      // utf8TextDecoder.decode(new Uint8Array()).length === 1 on the first call and\n      // utf8TextDecoder.decode(new Uint8Array()).length === 1 on the second call\n      // Another issue is that from then on no BOM chars are recognized anymore\n      utf8TextDecoder = null\n    }\n  }\n  return utf8TextDecoder\n}\n\nexport function decodeUtf8(buf: Uint8Array): string {\n  return getUtf8TextDecoder()\n    ? utf8TextDecoder.decode(buf)\n    : _decodeUtf8Polyfill(buf)\n}\n\nexport function splice(str: string, index: number, remove: number, insert = '') {\n  return str.slice(0, index) + insert + str.slice(index + remove)\n}\n"],"mappings":";;;;;;AASA,SAAS,YAAY,GAAmB;AACtC,QAAO,EAAE,aAAa;;AAGxB,MAAM,gBAAgB;AAEtB,SAAgB,SAAS,GAAmB;AAC1C,QAAO,EAAE,QAAQ,eAAe,GAAG;;AAGrC,MAAM,qBAAqB;AAE3B,SAAgB,cAAc,GAAW,WAA2B;AAClE,QAAO,SAAS,EAAE,QAAQ,qBAAoB,UAAS,GAAG,YAAY,YAAY,MAAM,GAAG,CAAC;;;;;AAM9F,SAAgB,eAAe,KAAqB;AAClD,QAAO,SAAS,mBAAmB,IAAI,CAAC,CAAC;;AAG3C,SAAgB,oBAAoB,KAAyB;CAC3D,MAAM,gBAAgB,SAAS,mBAAmB,IAAI,CAAC;CACvD,MAAM,MAAM,cAAc;CAC1B,MAAM,MAAM,IAAI,WAAW,IAAI;AAC/B,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IACvB,KAAI,KAAM,cAAc,YAAY,EAAE;AAExC,QAAO;;AAGT,IAAI;AAEJ,SAAgB,qBAAyC;AACvD,KAAI,oBAAoB,OACtB,mBAAmB,OAAO,gBAAgB,cAAc,IAAI,aAAa,GAAG;AAC9E,QAAO;;AAGT,SAAgB,WAAW,KAAyB;AAClD,QAAO,oBAAoB,GACvB,gBAAiB,OAAO,IAAI,GAC5B,oBAAoB,IAAI;;AAG9B,SAAS,oBAAoB,KAAyB;CACpD,IAAI,eAAe,IAAI;CACvB,IAAI,gBAAgB;CACpB,IAAI,SAAS;AACb,QAAO,eAAe,GAAG;EACvB,MAAM,UAAU,eAAe,MAAQ,eAAe;EACtD,MAAM,QAAQ,IAAI,SAAS,QAAQ,SAAS,QAAQ;AACpD,YAAU;AAEV,mBAAiB,OAAO,cAAc,GAAG,MAAa;AACtD,kBAAgB;;AAElB,QAAO,mBAAmB,OAAO,cAAc,CAAC;;AAGlD,IAAI;AAEJ,SAAgB,qBAA8C;AAC5D,KAAI,oBAAoB,QAAW;AACjC,qBAAmB,OAAO,gBAAgB,cAAc,OAAO,IAAI,YAAY,SAAS;GAAE,OAAO;GAAM,WAAW;GAAM,CAAC,KAAK;AAC9H,MAAI,mBAAmB,gBAAgB,OAAO,IAAI,YAAY,CAAC,CAAC,WAAW,EAMzE,mBAAkB;;AAGtB,QAAO;;AAGT,SAAgB,WAAW,KAAyB;AAClD,QAAO,oBAAoB,GACvB,gBAAgB,OAAO,IAAI,GAC3B,oBAAoB,IAAI;;AAG9B,SAAgB,OAAO,KAAa,OAAe,QAAgB,SAAS,IAAI;AAC9E,QAAO,IAAI,MAAM,GAAG,MAAM,GAAG,SAAS,IAAI,MAAM,QAAQ,OAAO"}

package/dist/common/crypto/aes-sealed.cjs

@@ -1,2 +1,35 @@
-Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../../bin-Ce3i6ABn.cjs`);async function t(t,n,r=new Uint8Array){let i=crypto.getRandomValues(new Uint8Array(12)),a=await crypto.subtle.encrypt({name:`AES-GCM`,iv:i,tagLength:128,additionalData:e.o(r)},n,e.o(t)),o=new Uint8Array(a),s=new Uint8Array(i.length+o.length);return s.set(i),s.set(o,i.length),s}async function n(t,n,r=new Uint8Array){let i=e.o(t.slice(0,12)),a=e.o(t.slice(12)),o=await crypto.subtle.decrypt({name:`AES-GCM`,iv:i,tagLength:128,additionalData:e.o(r)},n,a);return new Uint8Array(o)}exports.decryptAesGcm=n,exports.encryptAesGcm=t;
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_bin = require('../../bin-Ddaz2lxM.cjs');
+
+//#region src/common/crypto/aes-sealed.ts
+const AES_GCM_TAG_LENGTH_BITS = 128;
+async function encryptAesGcm(data, key, authenticating = new Uint8Array()) {
+	const iv = crypto.getRandomValues(new Uint8Array(12));
+	const encrypted = await crypto.subtle.encrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: AES_GCM_TAG_LENGTH_BITS,
+		additionalData: require_bin.ensureUint8Array(authenticating)
+	}, key, require_bin.ensureUint8Array(data));
+	const encryptedArray = new Uint8Array(encrypted);
+	const combined = new Uint8Array(iv.length + encryptedArray.length);
+	combined.set(iv);
+	combined.set(encryptedArray, iv.length);
+	return combined;
+}
+async function decryptAesGcm(data, key, authenticating = new Uint8Array()) {
+	const iv = require_bin.ensureUint8Array(data.slice(0, 12));
+	const encrypted = require_bin.ensureUint8Array(data.slice(12));
+	const decrypted = await crypto.subtle.decrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: AES_GCM_TAG_LENGTH_BITS,
+		additionalData: require_bin.ensureUint8Array(authenticating)
+	}, key, encrypted);
+	return new Uint8Array(decrypted);
+}
+
+//#endregion
+exports.decryptAesGcm = decryptAesGcm;
+exports.encryptAesGcm = encryptAesGcm;
 //# sourceMappingURL=aes-sealed.cjs.map

package/dist/common/crypto/aes-sealed.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"aes-sealed.cjs","names":["ensureUint8Array"],"sources":["../../../src/common/crypto/aes-sealed.ts"],"sourcesContent":["import { ensureUint8Array } from '../data/bin'\n\nconst AES_GCM_TAG_LENGTH_BITS = 128\n\nexport async function encryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = crypto.getRandomValues(new Uint8Array(12)) // AES-GCM requires a 12-byte IV\n  const encrypted = await crypto.subtle.encrypt(\n    {\n      name: 'AES-GCM',\n      iv,\n      tagLength: AES_GCM_TAG_LENGTH_BITS,\n      additionalData: ensureUint8Array(authenticating),\n    },\n    key,\n    ensureUint8Array(data),\n  )\n\n  const encryptedArray = new Uint8Array(encrypted)\n  const combined = new Uint8Array(iv.length + encryptedArray.length)\n  combined.set(iv)\n  combined.set(encryptedArray, iv.length)\n  return combined\n}\n\nexport async function decryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = ensureUint8Array(data.slice(0, 12)) // nonce is the first 12 bytes\n  const encrypted = ensureUint8Array(data.slice(12)) // ciphertext and tag of 128 bits\n  const decrypted = await crypto.subtle.decrypt({\n    name: 'AES-GCM',\n    iv,\n    tagLength: AES_GCM_TAG_LENGTH_BITS,\n    additionalData: ensureUint8Array(authenticating),\n  }, key, encrypted)\n  return new Uint8Array(decrypted)\n}\n"],"mappings":"6GAIA,eAAsB,EAAc,EAAkB,EAAgB,EAA6B,IAAI,WAAmC,CACxI,IAAM,EAAK,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC,CAC/C,EAAY,MAAM,OAAO,OAAO,QACpC,CACE,KAAM,UACN,KACA,UAAW,IACX,eAAgBA,EAAAA,EAAiB,EAAe,CACjD,CACD,EACAA,EAAAA,EAAiB,EAAK,CACvB,CAEK,EAAiB,IAAI,WAAW,EAAU,CAC1C,EAAW,IAAI,WAAW,EAAG,OAAS,EAAe,OAAO,CAGlE,OAFA,EAAS,IAAI,EAAG,CAChB,EAAS,IAAI,EAAgB,EAAG,OAAO,CAChC,EAGT,eAAsB,EAAc,EAAkB,EAAgB,EAA6B,IAAI,WAAmC,CACxI,IAAM,EAAKA,EAAAA,EAAiB,EAAK,MAAM,EAAG,GAAG,CAAC,CACxC,EAAYA,EAAAA,EAAiB,EAAK,MAAM,GAAG,CAAC,CAC5C,EAAY,MAAM,OAAO,OAAO,QAAQ,CAC5C,KAAM,UACN,KACA,UAAW,IACX,eAAgBA,EAAAA,EAAiB,EAAe,CACjD,CAAE,EAAK,EAAU,CAClB,OAAO,IAAI,WAAW,EAAU"}
+{"version":3,"file":"aes-sealed.cjs","names":["ensureUint8Array"],"sources":["../../../src/common/crypto/aes-sealed.ts"],"sourcesContent":["import { ensureUint8Array } from '../data/bin'\n\nconst AES_GCM_TAG_LENGTH_BITS = 128\n\nexport async function encryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = crypto.getRandomValues(new Uint8Array(12)) // AES-GCM requires a 12-byte IV\n  const encrypted = await crypto.subtle.encrypt(\n    {\n      name: 'AES-GCM',\n      iv,\n      tagLength: AES_GCM_TAG_LENGTH_BITS,\n      additionalData: ensureUint8Array(authenticating),\n    },\n    key,\n    ensureUint8Array(data),\n  )\n\n  const encryptedArray = new Uint8Array(encrypted)\n  const combined = new Uint8Array(iv.length + encryptedArray.length)\n  combined.set(iv)\n  combined.set(encryptedArray, iv.length)\n  return combined\n}\n\nexport async function decryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = ensureUint8Array(data.slice(0, 12)) // nonce is the first 12 bytes\n  const encrypted = ensureUint8Array(data.slice(12)) // ciphertext and tag of 128 bits\n  const decrypted = await crypto.subtle.decrypt({\n    name: 'AES-GCM',\n    iv,\n    tagLength: AES_GCM_TAG_LENGTH_BITS,\n    additionalData: ensureUint8Array(authenticating),\n  }, key, encrypted)\n  return new Uint8Array(decrypted)\n}\n"],"mappings":";;;;AAEA,MAAM,0BAA0B;AAEhC,eAAsB,cAAc,MAAkB,KAAgB,iBAA6B,IAAI,YAAY,EAAuB;CACxI,MAAM,KAAK,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC;CACrD,MAAM,YAAY,MAAM,OAAO,OAAO,QACpC;EACE,MAAM;EACN;EACA,WAAW;EACX,gBAAgBA,6BAAiB,eAAe;EACjD,EACD,KACAA,6BAAiB,KAAK,CACvB;CAED,MAAM,iBAAiB,IAAI,WAAW,UAAU;CAChD,MAAM,WAAW,IAAI,WAAW,GAAG,SAAS,eAAe,OAAO;AAClE,UAAS,IAAI,GAAG;AAChB,UAAS,IAAI,gBAAgB,GAAG,OAAO;AACvC,QAAO;;AAGT,eAAsB,cAAc,MAAkB,KAAgB,iBAA6B,IAAI,YAAY,EAAuB;CACxI,MAAM,KAAKA,6BAAiB,KAAK,MAAM,GAAG,GAAG,CAAC;CAC9C,MAAM,YAAYA,6BAAiB,KAAK,MAAM,GAAG,CAAC;CAClD,MAAM,YAAY,MAAM,OAAO,OAAO,QAAQ;EAC5C,MAAM;EACN;EACA,WAAW;EACX,gBAAgBA,6BAAiB,eAAe;EACjD,EAAE,KAAK,UAAU;AAClB,QAAO,IAAI,WAAW,UAAU"}

package/dist/common/crypto/aes-sealed.mjs

@@ -1,2 +1,33 @@
-import{o as e}from"../../bin-SPdenYkw.mjs";async function t(t,n,r=new Uint8Array){let i=crypto.getRandomValues(new Uint8Array(12)),a=await crypto.subtle.encrypt({name:`AES-GCM`,iv:i,tagLength:128,additionalData:e(r)},n,e(t)),o=new Uint8Array(a),s=new Uint8Array(i.length+o.length);return s.set(i),s.set(o,i.length),s}async function n(t,n,r=new Uint8Array){let i=e(t.slice(0,12)),a=e(t.slice(12)),o=await crypto.subtle.decrypt({name:`AES-GCM`,iv:i,tagLength:128,additionalData:e(r)},n,a);return new Uint8Array(o)}export{n as decryptAesGcm,t as encryptAesGcm};
+import { o as ensureUint8Array } from "../../bin-BAoS4qtm.mjs";
+
+//#region src/common/crypto/aes-sealed.ts
+const AES_GCM_TAG_LENGTH_BITS = 128;
+async function encryptAesGcm(data, key, authenticating = new Uint8Array()) {
+	const iv = crypto.getRandomValues(new Uint8Array(12));
+	const encrypted = await crypto.subtle.encrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: AES_GCM_TAG_LENGTH_BITS,
+		additionalData: ensureUint8Array(authenticating)
+	}, key, ensureUint8Array(data));
+	const encryptedArray = new Uint8Array(encrypted);
+	const combined = new Uint8Array(iv.length + encryptedArray.length);
+	combined.set(iv);
+	combined.set(encryptedArray, iv.length);
+	return combined;
+}
+async function decryptAesGcm(data, key, authenticating = new Uint8Array()) {
+	const iv = ensureUint8Array(data.slice(0, 12));
+	const encrypted = ensureUint8Array(data.slice(12));
+	const decrypted = await crypto.subtle.decrypt({
+		name: "AES-GCM",
+		iv,
+		tagLength: AES_GCM_TAG_LENGTH_BITS,
+		additionalData: ensureUint8Array(authenticating)
+	}, key, encrypted);
+	return new Uint8Array(decrypted);
+}
+
+//#endregion
+export { decryptAesGcm, encryptAesGcm };
 //# sourceMappingURL=aes-sealed.mjs.map

package/dist/common/crypto/aes-sealed.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"aes-sealed.mjs","names":[],"sources":["../../../src/common/crypto/aes-sealed.ts"],"sourcesContent":["import { ensureUint8Array } from '../data/bin'\n\nconst AES_GCM_TAG_LENGTH_BITS = 128\n\nexport async function encryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = crypto.getRandomValues(new Uint8Array(12)) // AES-GCM requires a 12-byte IV\n  const encrypted = await crypto.subtle.encrypt(\n    {\n      name: 'AES-GCM',\n      iv,\n      tagLength: AES_GCM_TAG_LENGTH_BITS,\n      additionalData: ensureUint8Array(authenticating),\n    },\n    key,\n    ensureUint8Array(data),\n  )\n\n  const encryptedArray = new Uint8Array(encrypted)\n  const combined = new Uint8Array(iv.length + encryptedArray.length)\n  combined.set(iv)\n  combined.set(encryptedArray, iv.length)\n  return combined\n}\n\nexport async function decryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = ensureUint8Array(data.slice(0, 12)) // nonce is the first 12 bytes\n  const encrypted = ensureUint8Array(data.slice(12)) // ciphertext and tag of 128 bits\n  const decrypted = await crypto.subtle.decrypt({\n    name: 'AES-GCM',\n    iv,\n    tagLength: AES_GCM_TAG_LENGTH_BITS,\n    additionalData: ensureUint8Array(authenticating),\n  }, key, encrypted)\n  return new Uint8Array(decrypted)\n}\n"],"mappings":"2CAIA,eAAsB,EAAc,EAAkB,EAAgB,EAA6B,IAAI,WAAmC,CACxI,IAAM,EAAK,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC,CAC/C,EAAY,MAAM,OAAO,OAAO,QACpC,CACE,KAAM,UACN,KACA,UAAW,IACX,eAAgB,EAAiB,EAAe,CACjD,CACD,EACA,EAAiB,EAAK,CACvB,CAEK,EAAiB,IAAI,WAAW,EAAU,CAC1C,EAAW,IAAI,WAAW,EAAG,OAAS,EAAe,OAAO,CAGlE,OAFA,EAAS,IAAI,EAAG,CAChB,EAAS,IAAI,EAAgB,EAAG,OAAO,CAChC,EAGT,eAAsB,EAAc,EAAkB,EAAgB,EAA6B,IAAI,WAAmC,CACxI,IAAM,EAAK,EAAiB,EAAK,MAAM,EAAG,GAAG,CAAC,CACxC,EAAY,EAAiB,EAAK,MAAM,GAAG,CAAC,CAC5C,EAAY,MAAM,OAAO,OAAO,QAAQ,CAC5C,KAAM,UACN,KACA,UAAW,IACX,eAAgB,EAAiB,EAAe,CACjD,CAAE,EAAK,EAAU,CAClB,OAAO,IAAI,WAAW,EAAU"}
+{"version":3,"file":"aes-sealed.mjs","names":[],"sources":["../../../src/common/crypto/aes-sealed.ts"],"sourcesContent":["import { ensureUint8Array } from '../data/bin'\n\nconst AES_GCM_TAG_LENGTH_BITS = 128\n\nexport async function encryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = crypto.getRandomValues(new Uint8Array(12)) // AES-GCM requires a 12-byte IV\n  const encrypted = await crypto.subtle.encrypt(\n    {\n      name: 'AES-GCM',\n      iv,\n      tagLength: AES_GCM_TAG_LENGTH_BITS,\n      additionalData: ensureUint8Array(authenticating),\n    },\n    key,\n    ensureUint8Array(data),\n  )\n\n  const encryptedArray = new Uint8Array(encrypted)\n  const combined = new Uint8Array(iv.length + encryptedArray.length)\n  combined.set(iv)\n  combined.set(encryptedArray, iv.length)\n  return combined\n}\n\nexport async function decryptAesGcm(data: Uint8Array, key: CryptoKey, authenticating: Uint8Array = new Uint8Array()): Promise<Uint8Array> {\n  const iv = ensureUint8Array(data.slice(0, 12)) // nonce is the first 12 bytes\n  const encrypted = ensureUint8Array(data.slice(12)) // ciphertext and tag of 128 bits\n  const decrypted = await crypto.subtle.decrypt({\n    name: 'AES-GCM',\n    iv,\n    tagLength: AES_GCM_TAG_LENGTH_BITS,\n    additionalData: ensureUint8Array(authenticating),\n  }, key, encrypted)\n  return new Uint8Array(decrypted)\n}\n"],"mappings":";;;AAEA,MAAM,0BAA0B;AAEhC,eAAsB,cAAc,MAAkB,KAAgB,iBAA6B,IAAI,YAAY,EAAuB;CACxI,MAAM,KAAK,OAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC;CACrD,MAAM,YAAY,MAAM,OAAO,OAAO,QACpC;EACE,MAAM;EACN;EACA,WAAW;EACX,gBAAgB,iBAAiB,eAAe;EACjD,EACD,KACA,iBAAiB,KAAK,CACvB;CAED,MAAM,iBAAiB,IAAI,WAAW,UAAU;CAChD,MAAM,WAAW,IAAI,WAAW,GAAG,SAAS,eAAe,OAAO;AAClE,UAAS,IAAI,GAAG;AAChB,UAAS,IAAI,gBAAgB,GAAG,OAAO;AACvC,QAAO;;AAGT,eAAsB,cAAc,MAAkB,KAAgB,iBAA6B,IAAI,YAAY,EAAuB;CACxI,MAAM,KAAK,iBAAiB,KAAK,MAAM,GAAG,GAAG,CAAC;CAC9C,MAAM,YAAY,iBAAiB,KAAK,MAAM,GAAG,CAAC;CAClD,MAAM,YAAY,MAAM,OAAO,OAAO,QAAQ;EAC5C,MAAM;EACN;EACA,WAAW;EACX,gBAAgB,iBAAiB,eAAe;EACjD,EAAE,KAAK,UAAU;AAClB,QAAO,IAAI,WAAW,UAAU"}

package/dist/common/crypto/crypto.cjs

@@ -1,2 +1,92 @@
-Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../../bin-Ce3i6ABn.cjs`);function t(e=16){let t=new Uint8Array(e);if(typeof crypto<`u`&&crypto.getRandomValues)crypto.getRandomValues(t);else for(let n=0;n<e;n++)t[n]=Math.floor(Math.random()*256);return t}const n=`SHA-256`,r=`AES-GCM`,i=`PBKDF2`;async function a(t,r=n){let i=e.o(e.v(t));return e.v(await crypto.subtle.digest(r,i))}async function o(t,a={}){let o=e.o(e.v(t)),s=await crypto.subtle.importKey(`raw`,o,i,!1,[`deriveKey`]);return await crypto.subtle.deriveKey({name:i,salt:a.salt?e.o(e.v(a.salt)):new Uint8Array,iterations:a.iterations??1e5,hash:n},s,{name:r,length:256},!0,[`encrypt`,`decrypt`])}async function s(t,r={}){let a=e.o(e.v(t)),o=await crypto.subtle.importKey(`raw`,a,i,!1,[`deriveKey`]);return await crypto.subtle.deriveKey({name:i,salt:r.salt?e.o(e.v(r.salt)):new Uint8Array,iterations:r.iterations??1e5,hash:n},o,{name:`AES-CBC`,length:256},!0,[`encrypt`,`decrypt`])}function c(){return new Uint8Array([1,1])}async function l(n,i){let a=c(),o=t(12),s=await crypto.subtle.encrypt({name:r,iv:e.o(o)},i,e.o(n)),l=new Uint8Array(s),u=a.length+o.length+l.length,d=new Uint8Array(u),f=0;return d.set(a,f),f+=a.length,d.set(o,f),f+=o.length,d.set(l,f),d}async function u(t,n){let i=e.o(t.subarray(0,2));if(!e.s(i,c()))return Promise.reject(Error(`Unknown magic ${i}`));let a=e.o(t.subarray(2,14)),o=e.o(t.subarray(14,t.length)),s=await crypto.subtle.decrypt({name:r,iv:a},n,o);return new Uint8Array(s)}exports.CRYPTO_DEFAULT_ALG=r,exports.CRYPTO_DEFAULT_DERIVE_ALG=i,exports.CRYPTO_DEFAULT_DERIVE_ITERATIONS=1e5,exports.CRYPTO_DEFAULT_HASH_ALG=n,exports.CRYPTO_DEFAULT_IV_LENGTH=12,exports.decrypt=u,exports.deriveKeyPbkdf2=o,exports.deriveKeyPbkdf2CBC=s,exports.digest=a,exports.encrypt=l,exports.randomUint8Array=t;
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_bin = require('../../bin-Ddaz2lxM.cjs');
+
+//#region src/common/crypto/crypto.ts
+/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */
+function randomUint8Array(length = 16) {
+	const randomBytes = new Uint8Array(length);
+	if (typeof crypto !== "undefined" && crypto.getRandomValues) crypto.getRandomValues(randomBytes);
+	else for (let i = 0; i < length; i++) randomBytes[i] = Math.floor(Math.random() * 256);
+	return randomBytes;
+}
+const CRYPTO_DEFAULT_HASH_ALG = "SHA-256";
+const CRYPTO_DEFAULT_ALG = "AES-GCM";
+const CRYPTO_DEFAULT_DERIVE_ALG = "PBKDF2";
+const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 1e5;
+const CRYPTO_DEFAULT_IV_LENGTH = 12;
+async function digest(message, algorithm = CRYPTO_DEFAULT_HASH_ALG) {
+	const m = require_bin.ensureUint8Array(require_bin.toUint8Array(message));
+	return require_bin.toUint8Array(await crypto.subtle.digest(algorithm, m));
+}
+async function deriveKeyPbkdf2(secret, opt = {}) {
+	const secretBuffer = require_bin.ensureUint8Array(require_bin.toUint8Array(secret));
+	const keyMaterial = await crypto.subtle.importKey("raw", secretBuffer, CRYPTO_DEFAULT_DERIVE_ALG, false, ["deriveKey"]);
+	return await crypto.subtle.deriveKey({
+		name: CRYPTO_DEFAULT_DERIVE_ALG,
+		salt: opt.salt ? require_bin.ensureUint8Array(require_bin.toUint8Array(opt.salt)) : new Uint8Array(0),
+		iterations: opt.iterations ?? 1e5,
+		hash: CRYPTO_DEFAULT_HASH_ALG
+	}, keyMaterial, {
+		name: CRYPTO_DEFAULT_ALG,
+		length: 256
+	}, true, ["encrypt", "decrypt"]);
+}
+async function deriveKeyPbkdf2CBC(secret, opt = {}) {
+	const secretBuffer = require_bin.ensureUint8Array(require_bin.toUint8Array(secret));
+	const keyMaterial = await crypto.subtle.importKey("raw", secretBuffer, CRYPTO_DEFAULT_DERIVE_ALG, false, ["deriveKey"]);
+	return await crypto.subtle.deriveKey({
+		name: CRYPTO_DEFAULT_DERIVE_ALG,
+		salt: opt.salt ? require_bin.ensureUint8Array(require_bin.toUint8Array(opt.salt)) : new Uint8Array(0),
+		iterations: opt.iterations ?? 1e5,
+		hash: CRYPTO_DEFAULT_HASH_ALG
+	}, keyMaterial, {
+		name: "AES-CBC",
+		length: 256
+	}, true, ["encrypt", "decrypt"]);
+}
+function getMagicId() {
+	return new Uint8Array([1, 1]);
+}
+async function encrypt(data, key) {
+	const MAGIC_ID = getMagicId();
+	const iv = randomUint8Array(12);
+	const cipher = await crypto.subtle.encrypt({
+		name: CRYPTO_DEFAULT_ALG,
+		iv: require_bin.ensureUint8Array(iv)
+	}, key, require_bin.ensureUint8Array(data));
+	const binCypher = new Uint8Array(cipher);
+	const bufferLength = MAGIC_ID.length + iv.length + binCypher.length;
+	const buffer = new Uint8Array(bufferLength);
+	let pos = 0;
+	buffer.set(MAGIC_ID, pos);
+	pos += MAGIC_ID.length;
+	buffer.set(iv, pos);
+	pos += iv.length;
+	buffer.set(binCypher, pos);
+	return buffer;
+}
+async function decrypt(data, key) {
+	const magic = require_bin.ensureUint8Array(data.subarray(0, 2));
+	if (!require_bin.equalBinary(magic, getMagicId())) return Promise.reject(/* @__PURE__ */ new Error(`Unknown magic ${magic}`));
+	const iv = require_bin.ensureUint8Array(data.subarray(2, 2 + 12));
+	const cipher = require_bin.ensureUint8Array(data.subarray(2 + 12, data.length));
+	const plain = await crypto.subtle.decrypt({
+		name: CRYPTO_DEFAULT_ALG,
+		iv
+	}, key, cipher);
+	return new Uint8Array(plain);
+}
+
+//#endregion
+exports.CRYPTO_DEFAULT_ALG = CRYPTO_DEFAULT_ALG;
+exports.CRYPTO_DEFAULT_DERIVE_ALG = CRYPTO_DEFAULT_DERIVE_ALG;
+exports.CRYPTO_DEFAULT_DERIVE_ITERATIONS = CRYPTO_DEFAULT_DERIVE_ITERATIONS;
+exports.CRYPTO_DEFAULT_HASH_ALG = CRYPTO_DEFAULT_HASH_ALG;
+exports.CRYPTO_DEFAULT_IV_LENGTH = CRYPTO_DEFAULT_IV_LENGTH;
+exports.decrypt = decrypt;
+exports.deriveKeyPbkdf2 = deriveKeyPbkdf2;
+exports.deriveKeyPbkdf2CBC = deriveKeyPbkdf2CBC;
+exports.digest = digest;
+exports.encrypt = encrypt;
+exports.randomUint8Array = randomUint8Array;
 //# sourceMappingURL=crypto.cjs.map

package/dist/common/crypto/crypto.cjs.map

@@ -1 +1 @@
-{"version":3,"file":"crypto.cjs","names":["ensureUint8Array","toUint8Array","equalBinary"],"sources":["../../../src/common/crypto/crypto.ts"],"sourcesContent":["import type { BinInput } from '../data/bin-types'\nimport { ensureUint8Array, equalBinary, toUint8Array } from '../data/bin'\n\n/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */\nexport function randomUint8Array(length = 16): Uint8Array {\n  const randomBytes = new Uint8Array(length)\n  if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n    crypto.getRandomValues(randomBytes)\n  }\n  else {\n    // hack: not state of the art secure\n    // throw \"crypto.getRandomValues is required\"\n    for (let i = 0; i < length; i++) {\n      // Math.random: \"...range 0 to less than 1 (inclusive of 0, but not 1)\"\n      // 0.9... * 0xff < 255 therefore * 0x100\n      randomBytes[i] = Math.floor(Math.random() * 0x100) // 0...255\n    }\n  }\n  return randomBytes\n}\n\nexport const CRYPTO_DEFAULT_HASH_ALG = 'SHA-256'\nexport const CRYPTO_DEFAULT_ALG = 'AES-GCM'\nexport const CRYPTO_DEFAULT_DERIVE_ALG = 'PBKDF2'\nexport const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 100000\nexport const CRYPTO_DEFAULT_IV_LENGTH = 12\n\nexport async function digest(\n  message: BinInput,\n  algorithm: AlgorithmIdentifier = CRYPTO_DEFAULT_HASH_ALG,\n): Promise<Uint8Array> {\n  const m = ensureUint8Array(toUint8Array(message))\n  return toUint8Array(\n    await crypto.subtle.digest(algorithm, m),\n  )\n}\n\nexport async function deriveKeyPbkdf2(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: CRYPTO_DEFAULT_ALG,\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nexport async function deriveKeyPbkdf2CBC(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: 'AES-CBC',\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nfunction getMagicId() {\n  return new Uint8Array([1, 1])\n}\n\nexport async function encrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const MAGIC_ID = getMagicId()\n  const iv = randomUint8Array(CRYPTO_DEFAULT_IV_LENGTH)\n  const cipher = await crypto.subtle.encrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv: ensureUint8Array(iv) },\n    key,\n    ensureUint8Array(data),\n  )\n  const binCypher = new Uint8Array(cipher)\n  const bufferLength = MAGIC_ID.length + iv.length + binCypher.length\n  const buffer = new Uint8Array(bufferLength)\n  let pos = 0\n  buffer.set(MAGIC_ID, pos)\n  pos += MAGIC_ID.length\n  buffer.set(iv, pos)\n  pos += iv.length\n  buffer.set(binCypher, pos)\n  return buffer\n}\n\nexport async function decrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const magic = ensureUint8Array(data.subarray(0, 2))\n  if (!equalBinary(magic, getMagicId()))\n    return Promise.reject(new Error(`Unknown magic ${magic}`))\n\n  const iv = ensureUint8Array(data.subarray(2, 2 + CRYPTO_DEFAULT_IV_LENGTH))\n  const cipher = ensureUint8Array(data.subarray(2 + CRYPTO_DEFAULT_IV_LENGTH, data.length))\n  const plain = await crypto.subtle.decrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv },\n    key,\n    cipher,\n  )\n  return new Uint8Array(plain)\n}\n"],"mappings":"6GAIA,SAAgB,EAAiB,EAAS,GAAgB,CACxD,IAAM,EAAc,IAAI,WAAW,EAAO,CAC1C,GAAI,OAAO,OAAW,KAAe,OAAO,gBAC1C,OAAO,gBAAgB,EAAY,MAKnC,IAAK,IAAI,EAAI,EAAG,EAAI,EAAQ,IAG1B,EAAY,GAAK,KAAK,MAAM,KAAK,QAAQ,CAAG,IAAM,CAGtD,OAAO,EAGT,MAAa,EAA0B,UAC1B,EAAqB,UACrB,EAA4B,SAIzC,eAAsB,EACpB,EACA,EAAiC,EACZ,CACrB,IAAM,EAAIA,EAAAA,EAAiBC,EAAAA,EAAa,EAAQ,CAAC,CACjD,OAAOA,EAAAA,EACL,MAAM,OAAO,OAAO,OAAO,EAAW,EAAE,CACzC,CAGH,eAAsB,EACpB,EACA,EAGI,EAAE,CACc,CACpB,IAAM,EAAeD,EAAAA,EAAiBC,EAAAA,EAAa,EAAO,CAAC,CACrD,EAAc,MAAM,OAAO,OAAO,UACtC,MACA,EACA,EACA,GACA,CAAC,YAAY,CACd,CACD,OAAO,MAAM,OAAO,OAAO,UACzB,CACE,KAAM,EACN,KAAM,EAAI,KAAOD,EAAAA,EAAiBC,EAAAA,EAAa,EAAI,KAAK,CAAC,CAAG,IAAI,WAChE,WAAY,EAAI,YAAA,IAChB,KAAM,EACP,CACD,EACA,CACE,KAAM,EACN,OAAQ,IACT,CACD,GACA,CAAC,UAAW,UAAU,CACvB,CAGH,eAAsB,EACpB,EACA,EAGI,EAAE,CACc,CACpB,IAAM,EAAeD,EAAAA,EAAiBC,EAAAA,EAAa,EAAO,CAAC,CACrD,EAAc,MAAM,OAAO,OAAO,UACtC,MACA,EACA,EACA,GACA,CAAC,YAAY,CACd,CACD,OAAO,MAAM,OAAO,OAAO,UACzB,CACE,KAAM,EACN,KAAM,EAAI,KAAOD,EAAAA,EAAiBC,EAAAA,EAAa,EAAI,KAAK,CAAC,CAAG,IAAI,WAChE,WAAY,EAAI,YAAA,IAChB,KAAM,EACP,CACD,EACA,CACE,KAAM,UACN,OAAQ,IACT,CACD,GACA,CAAC,UAAW,UAAU,CACvB,CAGH,SAAS,GAAa,CACpB,OAAO,IAAI,WAAW,CAAC,EAAG,EAAE,CAAC,CAG/B,eAAsB,EACpB,EACA,EACqB,CACrB,IAAM,EAAW,GAAY,CACvB,EAAK,EAAA,GAA0C,CAC/C,EAAS,MAAM,OAAO,OAAO,QACjC,CAAE,KAAM,EAAoB,GAAID,EAAAA,EAAiB,EAAG,CAAE,CACtD,EACAA,EAAAA,EAAiB,EAAK,CACvB,CACK,EAAY,IAAI,WAAW,EAAO,CAClC,EAAe,EAAS,OAAS,EAAG,OAAS,EAAU,OACvD,EAAS,IAAI,WAAW,EAAa,CACvC,EAAM,EAMV,OALA,EAAO,IAAI,EAAU,EAAI,CACzB,GAAO,EAAS,OAChB,EAAO,IAAI,EAAI,EAAI,CACnB,GAAO,EAAG,OACV,EAAO,IAAI,EAAW,EAAI,CACnB,EAGT,eAAsB,EACpB,EACA,EACqB,CACrB,IAAM,EAAQA,EAAAA,EAAiB,EAAK,SAAS,EAAG,EAAE,CAAC,CACnD,GAAI,CAACE,EAAAA,EAAY,EAAO,GAAY,CAAC,CACnC,OAAO,QAAQ,OAAW,MAAM,iBAAiB,IAAQ,CAAC,CAE5D,IAAM,EAAKF,EAAAA,EAAiB,EAAK,SAAS,EAAG,GAA6B,CAAC,CACrE,EAASA,EAAAA,EAAiB,EAAK,SAAS,GAA8B,EAAK,OAAO,CAAC,CACnF,EAAQ,MAAM,OAAO,OAAO,QAChC,CAAE,KAAM,EAAoB,KAAI,CAChC,EACA,EACD,CACD,OAAO,IAAI,WAAW,EAAM"}
+{"version":3,"file":"crypto.cjs","names":["ensureUint8Array","toUint8Array","equalBinary"],"sources":["../../../src/common/crypto/crypto.ts"],"sourcesContent":["import type { BinInput } from '../data/bin-types'\nimport { ensureUint8Array, equalBinary, toUint8Array } from '../data/bin'\n\n/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */\nexport function randomUint8Array(length = 16): Uint8Array {\n  const randomBytes = new Uint8Array(length)\n  if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n    crypto.getRandomValues(randomBytes)\n  }\n  else {\n    // hack: not state of the art secure\n    // throw \"crypto.getRandomValues is required\"\n    for (let i = 0; i < length; i++) {\n      // Math.random: \"...range 0 to less than 1 (inclusive of 0, but not 1)\"\n      // 0.9... * 0xff < 255 therefore * 0x100\n      randomBytes[i] = Math.floor(Math.random() * 0x100) // 0...255\n    }\n  }\n  return randomBytes\n}\n\nexport const CRYPTO_DEFAULT_HASH_ALG = 'SHA-256'\nexport const CRYPTO_DEFAULT_ALG = 'AES-GCM'\nexport const CRYPTO_DEFAULT_DERIVE_ALG = 'PBKDF2'\nexport const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 100000\nexport const CRYPTO_DEFAULT_IV_LENGTH = 12\n\nexport async function digest(\n  message: BinInput,\n  algorithm: AlgorithmIdentifier = CRYPTO_DEFAULT_HASH_ALG,\n): Promise<Uint8Array> {\n  const m = ensureUint8Array(toUint8Array(message))\n  return toUint8Array(\n    await crypto.subtle.digest(algorithm, m),\n  )\n}\n\nexport async function deriveKeyPbkdf2(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: CRYPTO_DEFAULT_ALG,\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nexport async function deriveKeyPbkdf2CBC(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: 'AES-CBC',\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nfunction getMagicId() {\n  return new Uint8Array([1, 1])\n}\n\nexport async function encrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const MAGIC_ID = getMagicId()\n  const iv = randomUint8Array(CRYPTO_DEFAULT_IV_LENGTH)\n  const cipher = await crypto.subtle.encrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv: ensureUint8Array(iv) },\n    key,\n    ensureUint8Array(data),\n  )\n  const binCypher = new Uint8Array(cipher)\n  const bufferLength = MAGIC_ID.length + iv.length + binCypher.length\n  const buffer = new Uint8Array(bufferLength)\n  let pos = 0\n  buffer.set(MAGIC_ID, pos)\n  pos += MAGIC_ID.length\n  buffer.set(iv, pos)\n  pos += iv.length\n  buffer.set(binCypher, pos)\n  return buffer\n}\n\nexport async function decrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const magic = ensureUint8Array(data.subarray(0, 2))\n  if (!equalBinary(magic, getMagicId()))\n    return Promise.reject(new Error(`Unknown magic ${magic}`))\n\n  const iv = ensureUint8Array(data.subarray(2, 2 + CRYPTO_DEFAULT_IV_LENGTH))\n  const cipher = ensureUint8Array(data.subarray(2 + CRYPTO_DEFAULT_IV_LENGTH, data.length))\n  const plain = await crypto.subtle.decrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv },\n    key,\n    cipher,\n  )\n  return new Uint8Array(plain)\n}\n"],"mappings":";;;;;AAIA,SAAgB,iBAAiB,SAAS,IAAgB;CACxD,MAAM,cAAc,IAAI,WAAW,OAAO;AAC1C,KAAI,OAAO,WAAW,eAAe,OAAO,gBAC1C,QAAO,gBAAgB,YAAY;KAKnC,MAAK,IAAI,IAAI,GAAG,IAAI,QAAQ,IAG1B,aAAY,KAAK,KAAK,MAAM,KAAK,QAAQ,GAAG,IAAM;AAGtD,QAAO;;AAGT,MAAa,0BAA0B;AACvC,MAAa,qBAAqB;AAClC,MAAa,4BAA4B;AACzC,MAAa,mCAAmC;AAChD,MAAa,2BAA2B;AAExC,eAAsB,OACpB,SACA,YAAiC,yBACZ;CACrB,MAAM,IAAIA,6BAAiBC,yBAAa,QAAQ,CAAC;AACjD,QAAOA,yBACL,MAAM,OAAO,OAAO,OAAO,WAAW,EAAE,CACzC;;AAGH,eAAsB,gBACpB,QACA,MAGI,EAAE,EACc;CACpB,MAAM,eAAeD,6BAAiBC,yBAAa,OAAO,CAAC;CAC3D,MAAM,cAAc,MAAM,OAAO,OAAO,UACtC,OACA,cACA,2BACA,OACA,CAAC,YAAY,CACd;AACD,QAAO,MAAM,OAAO,OAAO,UACzB;EACE,MAAM;EACN,MAAM,IAAI,OAAOD,6BAAiBC,yBAAa,IAAI,KAAK,CAAC,GAAG,IAAI,WAAW,EAAE;EAC7E,YAAY,IAAI;EAChB,MAAM;EACP,EACD,aACA;EACE,MAAM;EACN,QAAQ;EACT,EACD,MACA,CAAC,WAAW,UAAU,CACvB;;AAGH,eAAsB,mBACpB,QACA,MAGI,EAAE,EACc;CACpB,MAAM,eAAeD,6BAAiBC,yBAAa,OAAO,CAAC;CAC3D,MAAM,cAAc,MAAM,OAAO,OAAO,UACtC,OACA,cACA,2BACA,OACA,CAAC,YAAY,CACd;AACD,QAAO,MAAM,OAAO,OAAO,UACzB;EACE,MAAM;EACN,MAAM,IAAI,OAAOD,6BAAiBC,yBAAa,IAAI,KAAK,CAAC,GAAG,IAAI,WAAW,EAAE;EAC7E,YAAY,IAAI;EAChB,MAAM;EACP,EACD,aACA;EACE,MAAM;EACN,QAAQ;EACT,EACD,MACA,CAAC,WAAW,UAAU,CACvB;;AAGH,SAAS,aAAa;AACpB,QAAO,IAAI,WAAW,CAAC,GAAG,EAAE,CAAC;;AAG/B,eAAsB,QACpB,MACA,KACqB;CACrB,MAAM,WAAW,YAAY;CAC7B,MAAM,KAAK,oBAA0C;CACrD,MAAM,SAAS,MAAM,OAAO,OAAO,QACjC;EAAE,MAAM;EAAoB,IAAID,6BAAiB,GAAG;EAAE,EACtD,KACAA,6BAAiB,KAAK,CACvB;CACD,MAAM,YAAY,IAAI,WAAW,OAAO;CACxC,MAAM,eAAe,SAAS,SAAS,GAAG,SAAS,UAAU;CAC7D,MAAM,SAAS,IAAI,WAAW,aAAa;CAC3C,IAAI,MAAM;AACV,QAAO,IAAI,UAAU,IAAI;AACzB,QAAO,SAAS;AAChB,QAAO,IAAI,IAAI,IAAI;AACnB,QAAO,GAAG;AACV,QAAO,IAAI,WAAW,IAAI;AAC1B,QAAO;;AAGT,eAAsB,QACpB,MACA,KACqB;CACrB,MAAM,QAAQA,6BAAiB,KAAK,SAAS,GAAG,EAAE,CAAC;AACnD,KAAI,CAACE,wBAAY,OAAO,YAAY,CAAC,CACnC,QAAO,QAAQ,uBAAO,IAAI,MAAM,iBAAiB,QAAQ,CAAC;CAE5D,MAAM,KAAKF,6BAAiB,KAAK,SAAS,GAAG,OAA6B,CAAC;CAC3E,MAAM,SAASA,6BAAiB,KAAK,SAAS,QAA8B,KAAK,OAAO,CAAC;CACzF,MAAM,QAAQ,MAAM,OAAO,OAAO,QAChC;EAAE,MAAM;EAAoB;EAAI,EAChC,KACA,OACD;AACD,QAAO,IAAI,WAAW,MAAM"}

package/dist/common/crypto/crypto.mjs

@@ -1,2 +1,81 @@
-import{o as e,s as t,v as n}from"../../bin-SPdenYkw.mjs";function r(e=16){let t=new Uint8Array(e);if(typeof crypto<`u`&&crypto.getRandomValues)crypto.getRandomValues(t);else for(let n=0;n<e;n++)t[n]=Math.floor(Math.random()*256);return t}const i=`SHA-256`,a=`AES-GCM`,o=`PBKDF2`,s=1e5,c=12;async function l(t,r=i){let a=e(n(t));return n(await crypto.subtle.digest(r,a))}async function u(t,r={}){let s=e(n(t)),c=await crypto.subtle.importKey(`raw`,s,o,!1,[`deriveKey`]);return await crypto.subtle.deriveKey({name:o,salt:r.salt?e(n(r.salt)):new Uint8Array,iterations:r.iterations??1e5,hash:i},c,{name:a,length:256},!0,[`encrypt`,`decrypt`])}async function d(t,r={}){let a=e(n(t)),s=await crypto.subtle.importKey(`raw`,a,o,!1,[`deriveKey`]);return await crypto.subtle.deriveKey({name:o,salt:r.salt?e(n(r.salt)):new Uint8Array,iterations:r.iterations??1e5,hash:i},s,{name:`AES-CBC`,length:256},!0,[`encrypt`,`decrypt`])}function f(){return new Uint8Array([1,1])}async function p(t,n){let i=f(),o=r(12),s=await crypto.subtle.encrypt({name:a,iv:e(o)},n,e(t)),c=new Uint8Array(s),l=i.length+o.length+c.length,u=new Uint8Array(l),d=0;return u.set(i,d),d+=i.length,u.set(o,d),d+=o.length,u.set(c,d),u}async function m(n,r){let i=e(n.subarray(0,2));if(!t(i,f()))return Promise.reject(Error(`Unknown magic ${i}`));let o=e(n.subarray(2,14)),s=e(n.subarray(14,n.length)),c=await crypto.subtle.decrypt({name:a,iv:o},r,s);return new Uint8Array(c)}export{a as CRYPTO_DEFAULT_ALG,o as CRYPTO_DEFAULT_DERIVE_ALG,s as CRYPTO_DEFAULT_DERIVE_ITERATIONS,i as CRYPTO_DEFAULT_HASH_ALG,c as CRYPTO_DEFAULT_IV_LENGTH,m as decrypt,u as deriveKeyPbkdf2,d as deriveKeyPbkdf2CBC,l as digest,p as encrypt,r as randomUint8Array};
+import { o as ensureUint8Array, s as equalBinary, v as toUint8Array } from "../../bin-BAoS4qtm.mjs";
+
+//#region src/common/crypto/crypto.ts
+/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */
+function randomUint8Array(length = 16) {
+	const randomBytes = new Uint8Array(length);
+	if (typeof crypto !== "undefined" && crypto.getRandomValues) crypto.getRandomValues(randomBytes);
+	else for (let i = 0; i < length; i++) randomBytes[i] = Math.floor(Math.random() * 256);
+	return randomBytes;
+}
+const CRYPTO_DEFAULT_HASH_ALG = "SHA-256";
+const CRYPTO_DEFAULT_ALG = "AES-GCM";
+const CRYPTO_DEFAULT_DERIVE_ALG = "PBKDF2";
+const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 1e5;
+const CRYPTO_DEFAULT_IV_LENGTH = 12;
+async function digest(message, algorithm = CRYPTO_DEFAULT_HASH_ALG) {
+	const m = ensureUint8Array(toUint8Array(message));
+	return toUint8Array(await crypto.subtle.digest(algorithm, m));
+}
+async function deriveKeyPbkdf2(secret, opt = {}) {
+	const secretBuffer = ensureUint8Array(toUint8Array(secret));
+	const keyMaterial = await crypto.subtle.importKey("raw", secretBuffer, CRYPTO_DEFAULT_DERIVE_ALG, false, ["deriveKey"]);
+	return await crypto.subtle.deriveKey({
+		name: CRYPTO_DEFAULT_DERIVE_ALG,
+		salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),
+		iterations: opt.iterations ?? 1e5,
+		hash: CRYPTO_DEFAULT_HASH_ALG
+	}, keyMaterial, {
+		name: CRYPTO_DEFAULT_ALG,
+		length: 256
+	}, true, ["encrypt", "decrypt"]);
+}
+async function deriveKeyPbkdf2CBC(secret, opt = {}) {
+	const secretBuffer = ensureUint8Array(toUint8Array(secret));
+	const keyMaterial = await crypto.subtle.importKey("raw", secretBuffer, CRYPTO_DEFAULT_DERIVE_ALG, false, ["deriveKey"]);
+	return await crypto.subtle.deriveKey({
+		name: CRYPTO_DEFAULT_DERIVE_ALG,
+		salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),
+		iterations: opt.iterations ?? 1e5,
+		hash: CRYPTO_DEFAULT_HASH_ALG
+	}, keyMaterial, {
+		name: "AES-CBC",
+		length: 256
+	}, true, ["encrypt", "decrypt"]);
+}
+function getMagicId() {
+	return new Uint8Array([1, 1]);
+}
+async function encrypt(data, key) {
+	const MAGIC_ID = getMagicId();
+	const iv = randomUint8Array(12);
+	const cipher = await crypto.subtle.encrypt({
+		name: CRYPTO_DEFAULT_ALG,
+		iv: ensureUint8Array(iv)
+	}, key, ensureUint8Array(data));
+	const binCypher = new Uint8Array(cipher);
+	const bufferLength = MAGIC_ID.length + iv.length + binCypher.length;
+	const buffer = new Uint8Array(bufferLength);
+	let pos = 0;
+	buffer.set(MAGIC_ID, pos);
+	pos += MAGIC_ID.length;
+	buffer.set(iv, pos);
+	pos += iv.length;
+	buffer.set(binCypher, pos);
+	return buffer;
+}
+async function decrypt(data, key) {
+	const magic = ensureUint8Array(data.subarray(0, 2));
+	if (!equalBinary(magic, getMagicId())) return Promise.reject(/* @__PURE__ */ new Error(`Unknown magic ${magic}`));
+	const iv = ensureUint8Array(data.subarray(2, 2 + 12));
+	const cipher = ensureUint8Array(data.subarray(2 + 12, data.length));
+	const plain = await crypto.subtle.decrypt({
+		name: CRYPTO_DEFAULT_ALG,
+		iv
+	}, key, cipher);
+	return new Uint8Array(plain);
+}
+
+//#endregion
+export { CRYPTO_DEFAULT_ALG, CRYPTO_DEFAULT_DERIVE_ALG, CRYPTO_DEFAULT_DERIVE_ITERATIONS, CRYPTO_DEFAULT_HASH_ALG, CRYPTO_DEFAULT_IV_LENGTH, decrypt, deriveKeyPbkdf2, deriveKeyPbkdf2CBC, digest, encrypt, randomUint8Array };
 //# sourceMappingURL=crypto.mjs.map

package/dist/common/crypto/crypto.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"crypto.mjs","names":[],"sources":["../../../src/common/crypto/crypto.ts"],"sourcesContent":["import type { BinInput } from '../data/bin-types'\nimport { ensureUint8Array, equalBinary, toUint8Array } from '../data/bin'\n\n/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */\nexport function randomUint8Array(length = 16): Uint8Array {\n  const randomBytes = new Uint8Array(length)\n  if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n    crypto.getRandomValues(randomBytes)\n  }\n  else {\n    // hack: not state of the art secure\n    // throw \"crypto.getRandomValues is required\"\n    for (let i = 0; i < length; i++) {\n      // Math.random: \"...range 0 to less than 1 (inclusive of 0, but not 1)\"\n      // 0.9... * 0xff < 255 therefore * 0x100\n      randomBytes[i] = Math.floor(Math.random() * 0x100) // 0...255\n    }\n  }\n  return randomBytes\n}\n\nexport const CRYPTO_DEFAULT_HASH_ALG = 'SHA-256'\nexport const CRYPTO_DEFAULT_ALG = 'AES-GCM'\nexport const CRYPTO_DEFAULT_DERIVE_ALG = 'PBKDF2'\nexport const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 100000\nexport const CRYPTO_DEFAULT_IV_LENGTH = 12\n\nexport async function digest(\n  message: BinInput,\n  algorithm: AlgorithmIdentifier = CRYPTO_DEFAULT_HASH_ALG,\n): Promise<Uint8Array> {\n  const m = ensureUint8Array(toUint8Array(message))\n  return toUint8Array(\n    await crypto.subtle.digest(algorithm, m),\n  )\n}\n\nexport async function deriveKeyPbkdf2(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: CRYPTO_DEFAULT_ALG,\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nexport async function deriveKeyPbkdf2CBC(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: 'AES-CBC',\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nfunction getMagicId() {\n  return new Uint8Array([1, 1])\n}\n\nexport async function encrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const MAGIC_ID = getMagicId()\n  const iv = randomUint8Array(CRYPTO_DEFAULT_IV_LENGTH)\n  const cipher = await crypto.subtle.encrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv: ensureUint8Array(iv) },\n    key,\n    ensureUint8Array(data),\n  )\n  const binCypher = new Uint8Array(cipher)\n  const bufferLength = MAGIC_ID.length + iv.length + binCypher.length\n  const buffer = new Uint8Array(bufferLength)\n  let pos = 0\n  buffer.set(MAGIC_ID, pos)\n  pos += MAGIC_ID.length\n  buffer.set(iv, pos)\n  pos += iv.length\n  buffer.set(binCypher, pos)\n  return buffer\n}\n\nexport async function decrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const magic = ensureUint8Array(data.subarray(0, 2))\n  if (!equalBinary(magic, getMagicId()))\n    return Promise.reject(new Error(`Unknown magic ${magic}`))\n\n  const iv = ensureUint8Array(data.subarray(2, 2 + CRYPTO_DEFAULT_IV_LENGTH))\n  const cipher = ensureUint8Array(data.subarray(2 + CRYPTO_DEFAULT_IV_LENGTH, data.length))\n  const plain = await crypto.subtle.decrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv },\n    key,\n    cipher,\n  )\n  return new Uint8Array(plain)\n}\n"],"mappings":"yDAIA,SAAgB,EAAiB,EAAS,GAAgB,CACxD,IAAM,EAAc,IAAI,WAAW,EAAO,CAC1C,GAAI,OAAO,OAAW,KAAe,OAAO,gBAC1C,OAAO,gBAAgB,EAAY,MAKnC,IAAK,IAAI,EAAI,EAAG,EAAI,EAAQ,IAG1B,EAAY,GAAK,KAAK,MAAM,KAAK,QAAQ,CAAG,IAAM,CAGtD,OAAO,EAGT,MAAa,EAA0B,UAC1B,EAAqB,UACrB,EAA4B,SAC5B,EAAmC,IACnC,EAA2B,GAExC,eAAsB,EACpB,EACA,EAAiC,EACZ,CACrB,IAAM,EAAI,EAAiB,EAAa,EAAQ,CAAC,CACjD,OAAO,EACL,MAAM,OAAO,OAAO,OAAO,EAAW,EAAE,CACzC,CAGH,eAAsB,EACpB,EACA,EAGI,EAAE,CACc,CACpB,IAAM,EAAe,EAAiB,EAAa,EAAO,CAAC,CACrD,EAAc,MAAM,OAAO,OAAO,UACtC,MACA,EACA,EACA,GACA,CAAC,YAAY,CACd,CACD,OAAO,MAAM,OAAO,OAAO,UACzB,CACE,KAAM,EACN,KAAM,EAAI,KAAO,EAAiB,EAAa,EAAI,KAAK,CAAC,CAAG,IAAI,WAChE,WAAY,EAAI,YAAA,IAChB,KAAM,EACP,CACD,EACA,CACE,KAAM,EACN,OAAQ,IACT,CACD,GACA,CAAC,UAAW,UAAU,CACvB,CAGH,eAAsB,EACpB,EACA,EAGI,EAAE,CACc,CACpB,IAAM,EAAe,EAAiB,EAAa,EAAO,CAAC,CACrD,EAAc,MAAM,OAAO,OAAO,UACtC,MACA,EACA,EACA,GACA,CAAC,YAAY,CACd,CACD,OAAO,MAAM,OAAO,OAAO,UACzB,CACE,KAAM,EACN,KAAM,EAAI,KAAO,EAAiB,EAAa,EAAI,KAAK,CAAC,CAAG,IAAI,WAChE,WAAY,EAAI,YAAA,IAChB,KAAM,EACP,CACD,EACA,CACE,KAAM,UACN,OAAQ,IACT,CACD,GACA,CAAC,UAAW,UAAU,CACvB,CAGH,SAAS,GAAa,CACpB,OAAO,IAAI,WAAW,CAAC,EAAG,EAAE,CAAC,CAG/B,eAAsB,EACpB,EACA,EACqB,CACrB,IAAM,EAAW,GAAY,CACvB,EAAK,EAAA,GAA0C,CAC/C,EAAS,MAAM,OAAO,OAAO,QACjC,CAAE,KAAM,EAAoB,GAAI,EAAiB,EAAG,CAAE,CACtD,EACA,EAAiB,EAAK,CACvB,CACK,EAAY,IAAI,WAAW,EAAO,CAClC,EAAe,EAAS,OAAS,EAAG,OAAS,EAAU,OACvD,EAAS,IAAI,WAAW,EAAa,CACvC,EAAM,EAMV,OALA,EAAO,IAAI,EAAU,EAAI,CACzB,GAAO,EAAS,OAChB,EAAO,IAAI,EAAI,EAAI,CACnB,GAAO,EAAG,OACV,EAAO,IAAI,EAAW,EAAI,CACnB,EAGT,eAAsB,EACpB,EACA,EACqB,CACrB,IAAM,EAAQ,EAAiB,EAAK,SAAS,EAAG,EAAE,CAAC,CACnD,GAAI,CAAC,EAAY,EAAO,GAAY,CAAC,CACnC,OAAO,QAAQ,OAAW,MAAM,iBAAiB,IAAQ,CAAC,CAE5D,IAAM,EAAK,EAAiB,EAAK,SAAS,EAAG,GAA6B,CAAC,CACrE,EAAS,EAAiB,EAAK,SAAS,GAA8B,EAAK,OAAO,CAAC,CACnF,EAAQ,MAAM,OAAO,OAAO,QAChC,CAAE,KAAM,EAAoB,KAAI,CAChC,EACA,EACD,CACD,OAAO,IAAI,WAAW,EAAM"}
+{"version":3,"file":"crypto.mjs","names":[],"sources":["../../../src/common/crypto/crypto.ts"],"sourcesContent":["import type { BinInput } from '../data/bin-types'\nimport { ensureUint8Array, equalBinary, toUint8Array } from '../data/bin'\n\n/** Get random bytes using window.crypto if available. Else use a poor fallback solution. */\nexport function randomUint8Array(length = 16): Uint8Array {\n  const randomBytes = new Uint8Array(length)\n  if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n    crypto.getRandomValues(randomBytes)\n  }\n  else {\n    // hack: not state of the art secure\n    // throw \"crypto.getRandomValues is required\"\n    for (let i = 0; i < length; i++) {\n      // Math.random: \"...range 0 to less than 1 (inclusive of 0, but not 1)\"\n      // 0.9... * 0xff < 255 therefore * 0x100\n      randomBytes[i] = Math.floor(Math.random() * 0x100) // 0...255\n    }\n  }\n  return randomBytes\n}\n\nexport const CRYPTO_DEFAULT_HASH_ALG = 'SHA-256'\nexport const CRYPTO_DEFAULT_ALG = 'AES-GCM'\nexport const CRYPTO_DEFAULT_DERIVE_ALG = 'PBKDF2'\nexport const CRYPTO_DEFAULT_DERIVE_ITERATIONS = 100000\nexport const CRYPTO_DEFAULT_IV_LENGTH = 12\n\nexport async function digest(\n  message: BinInput,\n  algorithm: AlgorithmIdentifier = CRYPTO_DEFAULT_HASH_ALG,\n): Promise<Uint8Array> {\n  const m = ensureUint8Array(toUint8Array(message))\n  return toUint8Array(\n    await crypto.subtle.digest(algorithm, m),\n  )\n}\n\nexport async function deriveKeyPbkdf2(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: CRYPTO_DEFAULT_ALG,\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nexport async function deriveKeyPbkdf2CBC(\n  secret: BinInput,\n  opt: {\n    iterations?: number\n    salt?: BinInput\n  } = {},\n): Promise<CryptoKey> {\n  const secretBuffer = ensureUint8Array(toUint8Array(secret))\n  const keyMaterial = await crypto.subtle.importKey(\n    'raw',\n    secretBuffer,\n    CRYPTO_DEFAULT_DERIVE_ALG,\n    false,\n    ['deriveKey'],\n  )\n  return await crypto.subtle.deriveKey(\n    {\n      name: CRYPTO_DEFAULT_DERIVE_ALG,\n      salt: opt.salt ? ensureUint8Array(toUint8Array(opt.salt)) : new Uint8Array(0),\n      iterations: opt.iterations ?? CRYPTO_DEFAULT_DERIVE_ITERATIONS,\n      hash: CRYPTO_DEFAULT_HASH_ALG,\n    },\n    keyMaterial,\n    {\n      name: 'AES-CBC',\n      length: 256,\n    },\n    true,\n    ['encrypt', 'decrypt'],\n  )\n}\n\nfunction getMagicId() {\n  return new Uint8Array([1, 1])\n}\n\nexport async function encrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const MAGIC_ID = getMagicId()\n  const iv = randomUint8Array(CRYPTO_DEFAULT_IV_LENGTH)\n  const cipher = await crypto.subtle.encrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv: ensureUint8Array(iv) },\n    key,\n    ensureUint8Array(data),\n  )\n  const binCypher = new Uint8Array(cipher)\n  const bufferLength = MAGIC_ID.length + iv.length + binCypher.length\n  const buffer = new Uint8Array(bufferLength)\n  let pos = 0\n  buffer.set(MAGIC_ID, pos)\n  pos += MAGIC_ID.length\n  buffer.set(iv, pos)\n  pos += iv.length\n  buffer.set(binCypher, pos)\n  return buffer\n}\n\nexport async function decrypt(\n  data: Uint8Array,\n  key: CryptoKey,\n): Promise<Uint8Array> {\n  const magic = ensureUint8Array(data.subarray(0, 2))\n  if (!equalBinary(magic, getMagicId()))\n    return Promise.reject(new Error(`Unknown magic ${magic}`))\n\n  const iv = ensureUint8Array(data.subarray(2, 2 + CRYPTO_DEFAULT_IV_LENGTH))\n  const cipher = ensureUint8Array(data.subarray(2 + CRYPTO_DEFAULT_IV_LENGTH, data.length))\n  const plain = await crypto.subtle.decrypt(\n    { name: CRYPTO_DEFAULT_ALG, iv },\n    key,\n    cipher,\n  )\n  return new Uint8Array(plain)\n}\n"],"mappings":";;;;AAIA,SAAgB,iBAAiB,SAAS,IAAgB;CACxD,MAAM,cAAc,IAAI,WAAW,OAAO;AAC1C,KAAI,OAAO,WAAW,eAAe,OAAO,gBAC1C,QAAO,gBAAgB,YAAY;KAKnC,MAAK,IAAI,IAAI,GAAG,IAAI,QAAQ,IAG1B,aAAY,KAAK,KAAK,MAAM,KAAK,QAAQ,GAAG,IAAM;AAGtD,QAAO;;AAGT,MAAa,0BAA0B;AACvC,MAAa,qBAAqB;AAClC,MAAa,4BAA4B;AACzC,MAAa,mCAAmC;AAChD,MAAa,2BAA2B;AAExC,eAAsB,OACpB,SACA,YAAiC,yBACZ;CACrB,MAAM,IAAI,iBAAiB,aAAa,QAAQ,CAAC;AACjD,QAAO,aACL,MAAM,OAAO,OAAO,OAAO,WAAW,EAAE,CACzC;;AAGH,eAAsB,gBACpB,QACA,MAGI,EAAE,EACc;CACpB,MAAM,eAAe,iBAAiB,aAAa,OAAO,CAAC;CAC3D,MAAM,cAAc,MAAM,OAAO,OAAO,UACtC,OACA,cACA,2BACA,OACA,CAAC,YAAY,CACd;AACD,QAAO,MAAM,OAAO,OAAO,UACzB;EACE,MAAM;EACN,MAAM,IAAI,OAAO,iBAAiB,aAAa,IAAI,KAAK,CAAC,GAAG,IAAI,WAAW,EAAE;EAC7E,YAAY,IAAI;EAChB,MAAM;EACP,EACD,aACA;EACE,MAAM;EACN,QAAQ;EACT,EACD,MACA,CAAC,WAAW,UAAU,CACvB;;AAGH,eAAsB,mBACpB,QACA,MAGI,EAAE,EACc;CACpB,MAAM,eAAe,iBAAiB,aAAa,OAAO,CAAC;CAC3D,MAAM,cAAc,MAAM,OAAO,OAAO,UACtC,OACA,cACA,2BACA,OACA,CAAC,YAAY,CACd;AACD,QAAO,MAAM,OAAO,OAAO,UACzB;EACE,MAAM;EACN,MAAM,IAAI,OAAO,iBAAiB,aAAa,IAAI,KAAK,CAAC,GAAG,IAAI,WAAW,EAAE;EAC7E,YAAY,IAAI;EAChB,MAAM;EACP,EACD,aACA;EACE,MAAM;EACN,QAAQ;EACT,EACD,MACA,CAAC,WAAW,UAAU,CACvB;;AAGH,SAAS,aAAa;AACpB,QAAO,IAAI,WAAW,CAAC,GAAG,EAAE,CAAC;;AAG/B,eAAsB,QACpB,MACA,KACqB;CACrB,MAAM,WAAW,YAAY;CAC7B,MAAM,KAAK,oBAA0C;CACrD,MAAM,SAAS,MAAM,OAAO,OAAO,QACjC;EAAE,MAAM;EAAoB,IAAI,iBAAiB,GAAG;EAAE,EACtD,KACA,iBAAiB,KAAK,CACvB;CACD,MAAM,YAAY,IAAI,WAAW,OAAO;CACxC,MAAM,eAAe,SAAS,SAAS,GAAG,SAAS,UAAU;CAC7D,MAAM,SAAS,IAAI,WAAW,aAAa;CAC3C,IAAI,MAAM;AACV,QAAO,IAAI,UAAU,IAAI;AACzB,QAAO,SAAS;AAChB,QAAO,IAAI,IAAI,IAAI;AACnB,QAAO,GAAG;AACV,QAAO,IAAI,WAAW,IAAI;AAC1B,QAAO;;AAGT,eAAsB,QACpB,MACA,KACqB;CACrB,MAAM,QAAQ,iBAAiB,KAAK,SAAS,GAAG,EAAE,CAAC;AACnD,KAAI,CAAC,YAAY,OAAO,YAAY,CAAC,CACnC,QAAO,QAAQ,uBAAO,IAAI,MAAM,iBAAiB,QAAQ,CAAC;CAE5D,MAAM,KAAK,iBAAiB,KAAK,SAAS,GAAG,OAA6B,CAAC;CAC3E,MAAM,SAAS,iBAAiB,KAAK,SAAS,QAA8B,KAAK,OAAO,CAAC;CACzF,MAAM,QAAQ,MAAM,OAAO,OAAO,QAChC;EAAE,MAAM;EAAoB;EAAI,EAChC,KACA,OACD;AACD,QAAO,IAAI,WAAW,MAAM"}

package/dist/common/crypto/index.cjs

@@ -1 +1,23 @@
-Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`./aes-sealed.cjs`),t=require(`./crypto.cjs`),n=require(`./xaes.cjs`);exports.CRYPTO_DEFAULT_ALG=t.CRYPTO_DEFAULT_ALG,exports.CRYPTO_DEFAULT_DERIVE_ALG=t.CRYPTO_DEFAULT_DERIVE_ALG,exports.CRYPTO_DEFAULT_DERIVE_ITERATIONS=t.CRYPTO_DEFAULT_DERIVE_ITERATIONS,exports.CRYPTO_DEFAULT_HASH_ALG=t.CRYPTO_DEFAULT_HASH_ALG,exports.CRYPTO_DEFAULT_IV_LENGTH=t.CRYPTO_DEFAULT_IV_LENGTH,exports.decrypt=t.decrypt,exports.decryptAesGcm=e.decryptAesGcm,exports.decryptXAES=n.decryptXAES,exports.deriveKeyPbkdf2=t.deriveKeyPbkdf2,exports.deriveKeyPbkdf2CBC=t.deriveKeyPbkdf2CBC,exports.digest=t.digest,exports.encrypt=t.encrypt,exports.encryptAesGcm=e.encryptAesGcm,exports.encryptXAES=n.encryptXAES,exports.exportKeyXAES=n.exportKeyXAES,exports.generateKeyXAES=n.generateKeyXAES,exports.importKeyXAES=n.importKeyXAES,exports.randomUint8Array=t.randomUint8Array;
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_common_crypto_aes_sealed = require('./aes-sealed.cjs');
+const require_common_crypto_crypto = require('./crypto.cjs');
+const require_common_crypto_xaes = require('./xaes.cjs');
+
+exports.CRYPTO_DEFAULT_ALG = require_common_crypto_crypto.CRYPTO_DEFAULT_ALG;
+exports.CRYPTO_DEFAULT_DERIVE_ALG = require_common_crypto_crypto.CRYPTO_DEFAULT_DERIVE_ALG;
+exports.CRYPTO_DEFAULT_DERIVE_ITERATIONS = require_common_crypto_crypto.CRYPTO_DEFAULT_DERIVE_ITERATIONS;
+exports.CRYPTO_DEFAULT_HASH_ALG = require_common_crypto_crypto.CRYPTO_DEFAULT_HASH_ALG;
+exports.CRYPTO_DEFAULT_IV_LENGTH = require_common_crypto_crypto.CRYPTO_DEFAULT_IV_LENGTH;
+exports.decrypt = require_common_crypto_crypto.decrypt;
+exports.decryptAesGcm = require_common_crypto_aes_sealed.decryptAesGcm;
+exports.decryptXAES = require_common_crypto_xaes.decryptXAES;
+exports.deriveKeyPbkdf2 = require_common_crypto_crypto.deriveKeyPbkdf2;
+exports.deriveKeyPbkdf2CBC = require_common_crypto_crypto.deriveKeyPbkdf2CBC;
+exports.digest = require_common_crypto_crypto.digest;
+exports.encrypt = require_common_crypto_crypto.encrypt;
+exports.encryptAesGcm = require_common_crypto_aes_sealed.encryptAesGcm;
+exports.encryptXAES = require_common_crypto_xaes.encryptXAES;
+exports.exportKeyXAES = require_common_crypto_xaes.exportKeyXAES;
+exports.generateKeyXAES = require_common_crypto_xaes.generateKeyXAES;
+exports.importKeyXAES = require_common_crypto_xaes.importKeyXAES;
+exports.randomUint8Array = require_common_crypto_crypto.randomUint8Array;

package/dist/common/crypto/index.mjs

@@ -1 +1,5 @@
-import{decryptAesGcm as e,encryptAesGcm as t}from"./aes-sealed.mjs";import{CRYPTO_DEFAULT_ALG as n,CRYPTO_DEFAULT_DERIVE_ALG as r,CRYPTO_DEFAULT_DERIVE_ITERATIONS as i,CRYPTO_DEFAULT_HASH_ALG as a,CRYPTO_DEFAULT_IV_LENGTH as o,decrypt as s,deriveKeyPbkdf2 as c,deriveKeyPbkdf2CBC as l,digest as u,encrypt as d,randomUint8Array as f}from"./crypto.mjs";import{decryptXAES as p,encryptXAES as m,exportKeyXAES as h,generateKeyXAES as g,importKeyXAES as _}from"./xaes.mjs";export{n as CRYPTO_DEFAULT_ALG,r as CRYPTO_DEFAULT_DERIVE_ALG,i as CRYPTO_DEFAULT_DERIVE_ITERATIONS,a as CRYPTO_DEFAULT_HASH_ALG,o as CRYPTO_DEFAULT_IV_LENGTH,s as decrypt,e as decryptAesGcm,p as decryptXAES,c as deriveKeyPbkdf2,l as deriveKeyPbkdf2CBC,u as digest,d as encrypt,t as encryptAesGcm,m as encryptXAES,h as exportKeyXAES,g as generateKeyXAES,_ as importKeyXAES,f as randomUint8Array};
+import { decryptAesGcm, encryptAesGcm } from "./aes-sealed.mjs";
+import { CRYPTO_DEFAULT_ALG, CRYPTO_DEFAULT_DERIVE_ALG, CRYPTO_DEFAULT_DERIVE_ITERATIONS, CRYPTO_DEFAULT_HASH_ALG, CRYPTO_DEFAULT_IV_LENGTH, decrypt, deriveKeyPbkdf2, deriveKeyPbkdf2CBC, digest, encrypt, randomUint8Array } from "./crypto.mjs";
+import { decryptXAES, encryptXAES, exportKeyXAES, generateKeyXAES, importKeyXAES } from "./xaes.mjs";
+
+export { CRYPTO_DEFAULT_ALG, CRYPTO_DEFAULT_DERIVE_ALG, CRYPTO_DEFAULT_DERIVE_ITERATIONS, CRYPTO_DEFAULT_HASH_ALG, CRYPTO_DEFAULT_IV_LENGTH, decrypt, decryptAesGcm, decryptXAES, deriveKeyPbkdf2, deriveKeyPbkdf2CBC, digest, encrypt, encryptAesGcm, encryptXAES, exportKeyXAES, generateKeyXAES, importKeyXAES, randomUint8Array };

package/dist/common/crypto/xaes.cjs

@@ -1,2 +1,129 @@
-Object.defineProperty(exports,Symbol.toStringTag,{value:`Module`});const e=require(`../../bin-Ce3i6ABn.cjs`);async function t(e,t,n){let r=await crypto.subtle.encrypt({name:`AES-CBC`,iv:n},e,t);return new Uint8Array(r,0,16)}async function n(n,r,i,a){let o=new Uint8Array(16);return o[1]=n,o[2]=88,o.set(e.o(i.subarray(0,12)),4),await t(r,o,e.o(a))}async function r(r,i){if(r.algorithm.name!==`AES-CBC`)throw Error(`key must be for AES-CBC`);if(!r.usages.includes(`encrypt`))throw Error(`key must have 'encrypt' usage`);if(r.algorithm.length!==256)throw Error(`key must be 256 bits`);if(i==null||i.byteLength!==24)throw Error(`iv must be 24 bytes`);let a=ArrayBuffer.isView(i)?new Uint8Array(i.buffer,i.byteOffset,i.byteLength):new Uint8Array(i),o=await t(r,new Uint8Array(16),new Uint8Array(16)),s=0;for(let e=o.length-1;e>=0;e--)[s,o[e]]=[o[e]>>>7&255,(o[e]<<1|s)&255];o[o.length-1]^=s*135&255;let c=new Uint8Array(32);return c.set(await n(1,r,a,o),0),c.set(await n(2,r,a,o),16),{key:await crypto.subtle.importKey(`raw`,c,{name:`AES-GCM`,length:256},!1,[...r.usages]),iv:e.o(a.subarray(12))}}async function i(e,t,n){let i=await r(t,e.iv);return await crypto.subtle.encrypt({name:`AES-GCM`,iv:i.iv,tagLength:128,additionalData:e.additionalData??new Uint8Array},i.key,n)}async function a(e,t,n){let i=await r(t,e.iv);return await crypto.subtle.decrypt({name:`AES-GCM`,iv:i.iv,tagLength:128,additionalData:e.additionalData??new Uint8Array},i.key,n)}async function o(e){return await crypto.subtle.generateKey({name:`AES-CBC`,length:256},e,[`encrypt`,`decrypt`])}async function s(e,t,n){return await crypto.subtle.importKey(e,t,{name:`AES-CBC`,length:256},n,[`encrypt`,`decrypt`])}async function c(e,t){return await crypto.subtle.exportKey(e,t)}exports.decryptXAES=a,exports.encryptXAES=i,exports.exportKeyXAES=c,exports.generateKeyXAES=o,exports.importKeyXAES=s;
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_bin = require('../../bin-Ddaz2lxM.cjs');
+
+//#region src/common/crypto/xaes.ts
+/**
+* Implementation of XAES-256-GCM as defined in https://c2sp.org/XAES-256-GCM
+* based on the Web Cryptography API (https://www.w3.org/TR/WebCryptoAPI/).
+*
+* It uses a 256-bit AES-CBC CryptoKey and a 192-bit nonce to derive
+* a 256-bit key and a 96-bit nonce for AES-GCM.
+*
+* Due to the use of the standard CryptoKey and Web Cryptography API operations,
+* this implementation is fully compatible with other parts of the Web Cryptography API.
+* For example, keys can be stored in IndexedDB and be non-extractable. The only
+* additional requirement is that the key must have 'encrypt' usage even for decryption,
+* however, there's no real distinction between encryption and decryption operations
+* for AES-GCM anyway (you can simulate decryption by encrypting the ciphertext).
+*/
+/**
+* Generates an AES block using the given key and data xored with the given xor.
+*/
+async function aesBlock(key, data, xor) {
+	const block = await crypto.subtle.encrypt({
+		name: "AES-CBC",
+		iv: xor
+	}, key, data);
+	return new Uint8Array(block, 0, 16);
+}
+/**
+* Derives a half key.
+*/
+async function halfKey(index, key, iv, k1) {
+	const m = new Uint8Array(16);
+	m[1] = index;
+	m[2] = 88;
+	m.set(require_bin.ensureUint8Array(iv.subarray(0, 12)), 4);
+	return await aesBlock(key, m, require_bin.ensureUint8Array(k1));
+}
+/**
+* Derives a 256-bit key and 96-bit nonce from the given 256-bit key and a 192-bit nonce.
+*/
+async function deriveKeyNonce(key, iv) {
+	if (key.algorithm.name !== "AES-CBC") throw new Error("key must be for AES-CBC");
+	if (!key.usages.includes("encrypt")) throw new Error("key must have 'encrypt' usage");
+	if (key.algorithm.length !== 256) throw new Error("key must be 256 bits");
+	if (iv == null || iv.byteLength !== 24) throw new Error("iv must be 24 bytes");
+	const ivBytes = ArrayBuffer.isView(iv) ? new Uint8Array(iv.buffer, iv.byteOffset, iv.byteLength) : new Uint8Array(iv);
+	const k1 = await aesBlock(key, new Uint8Array(16), new Uint8Array(16));
+	let msb = 0;
+	for (let i = k1.length - 1; i >= 0; i--) [msb, k1[i]] = [k1[i] >>> 7 & 255, (k1[i] << 1 | msb) & 255];
+	k1[k1.length - 1] ^= msb * 135 & 255;
+	const kxBytes = new Uint8Array(32);
+	kxBytes.set(await halfKey(1, key, ivBytes, k1), 0);
+	kxBytes.set(await halfKey(2, key, ivBytes, k1), 16);
+	return {
+		key: await crypto.subtle.importKey("raw", kxBytes, {
+			name: "AES-GCM",
+			length: 256
+		}, false, [...key.usages]),
+		iv: require_bin.ensureUint8Array(ivBytes.subarray(12))
+	};
+}
+/**
+* Encrypts data using XAES-256-GCM with the given key and iv.
+* Key must be a 256-bit AES-CBC CryptoKey with 'encrypt' usage.
+*/
+async function encryptXAES(params, key, data) {
+	const derived = await deriveKeyNonce(key, params.iv);
+	return await crypto.subtle.encrypt({
+		name: "AES-GCM",
+		iv: derived.iv,
+		tagLength: 128,
+		additionalData: params.additionalData ?? new Uint8Array()
+	}, derived.key, data);
+}
+/**
+* Decrypts data using XAES-256-GCM with the given key and iv.
+* Key must be a 256-bit AES-CBC CryptoKey with 'encrypt' and 'decrypt' usages.
+*/
+async function decryptXAES(params, key, data) {
+	const derived = await deriveKeyNonce(key, params.iv);
+	return await crypto.subtle.decrypt({
+		name: "AES-GCM",
+		iv: derived.iv,
+		tagLength: 128,
+		additionalData: params.additionalData ?? new Uint8Array()
+	}, derived.key, data);
+}
+/**
+* Generate a random key suitable for XAES-256-GCM.
+* The actual key is an AES-CBC CryptoKey with 256-bit length.
+*
+* This function is not necessary, as you can use crypto.subtle.generateKey with AES-CBC directly.
+*/
+async function generateKeyXAES(extractable) {
+	return await crypto.subtle.generateKey({
+		name: "AES-CBC",
+		length: 256
+	}, extractable, ["encrypt", "decrypt"]);
+}
+/**
+* Import a key suitable for XAES-256-GCM.
+* The actual key must be an AES-CBC CryptoKey with 256-bit length.
+*
+* This function is not necessary, as you can use crypto.subtle.importKey with AES-CBC directly.
+*/
+async function importKeyXAES(format, keyData, extractable) {
+	return await crypto.subtle.importKey(format, keyData, {
+		name: "AES-CBC",
+		length: 256
+	}, extractable, ["encrypt", "decrypt"]);
+}
+/**
+* Export a key.
+* The resulting export will have AES-CBC algorithm specified.
+*
+* This function is not necessary, as you can use crypto.subtle.exportKey directly.
+*/
+async function exportKeyXAES(format, key) {
+	return await crypto.subtle.exportKey(format, key);
+}
+
+//#endregion
+exports.decryptXAES = decryptXAES;
+exports.encryptXAES = encryptXAES;
+exports.exportKeyXAES = exportKeyXAES;
+exports.generateKeyXAES = generateKeyXAES;
+exports.importKeyXAES = importKeyXAES;
 //# sourceMappingURL=xaes.cjs.map