{ "version": 3, "sources": ["../src/index.ts"], "sourcesContent": ["import { webcrypto } from '@bicycle-codes/one-webcrypto'\nimport { fromString, type SupportedEncodings, toString } from 'uint8arrays'\nimport { get, set, delMany } from 'idb-keyval'\nimport {\n RSA_ALGORITHM,\n DEFAULT_RSA_SIZE,\n DEFAULT_HASH_ALGORITHM,\n RSA_SIGN_ALGORITHM,\n DEFAULT_CHAR_SIZE,\n DEFAULT_SYMM_ALGORITHM,\n DEFAULT_SYMM_LENGTH,\n AES_GCM,\n DEFAULT_ENC_NAME,\n DEFAULT_SIG_NAME,\n IV_LENGTH,\n} from './constants.js'\nimport {\n SymmKeyLength,\n type SymmAlgorithm,\n KeyUse,\n type RsaSize,\n HashAlg,\n type DID,\n type Msg,\n type CharSize,\n type SymmKey,\n} from './types.js'\nimport {\n publicKeyToDid,\n getPublicKeyAsArrayBuffer,\n rsaOperations,\n didToPublicKey,\n importPublicKey,\n toBase64,\n isCryptoKey,\n normalizeUnicodeToBuf,\n importKey,\n randomBuf,\n joinBufs,\n normalizeBase64ToBuf,\n base64ToArrBuf,\n sha256,\n getPublicKeyAsUint8Array,\n normalizeToBuf\n} from './util.js'\n\nexport { publicKeyToDid, getPublicKeyAsArrayBuffer }\nexport * from './constants.js'\n\nexport type { DID }\n\nexport { getPublicKeyAsUint8Array } from './util.js'\n\nexport type SerializedKeys = {\n DID:DID;\n publicEncryptKey:string;\n}\n\n/**\n * Expose RSA keys only for now, because we are\n * waiting for more browsers to support ECC.\n *\n * Create an instance with `Keys.create` b/c async.\n */\nexport class Keys {\n private _encryptKey:CryptoKeyPair\n private _signKey:CryptoKeyPair\n static _instance // a cache for indexedDB\n persisted:boolean\n ENCRYPTION_KEY_NAME:string = DEFAULT_ENC_NAME\n SIGNING_KEY_NAME:string = DEFAULT_SIG_NAME\n DID:DID\n session:boolean // in memory only?\n\n constructor (opts:{\n keys:{ encrypt:CryptoKeyPair, sign:CryptoKeyPair };\n did:DID;\n persisted:boolean;\n session:boolean; // in memory only?\n }) {\n const { keys } = opts\n this._encryptKey = keys.encrypt\n this._signKey = keys.sign\n this.DID = opts.did\n this.persisted = opts.persisted\n this.session = opts.session ?? false\n Keys._instance = this\n }\n\n get signKeypair ():CryptoKeyPair {\n return {\n privateKey: this.privateSignKey,\n publicKey: this.publicSignKey\n }\n }\n\n get encryptKeypair ():CryptoKeyPair {\n return {\n privateKey: this.privateEncryptKey,\n publicKey: this.publicEncryptKey\n }\n }\n\n get publicSignKey ():CryptoKey {\n return this._signKey.publicKey\n }\n\n get privateSignKey ():CryptoKey {\n return this._signKey.privateKey\n }\n\n get privateEncryptKey ():CryptoKey {\n return this._encryptKey.privateKey\n }\n\n get publicEncryptKey ():CryptoKey {\n return this._encryptKey.publicKey\n }\n\n get deviceName ():Promise {\n return Keys.deviceName(this.DID)\n }\n\n /**\n * Delete the keys stored in indexedDB.\n */\n async delete ():Promise {\n await delMany([this.ENCRYPTION_KEY_NAME, this.SIGNING_KEY_NAME])\n this.persisted = false\n }\n\n /**\n * Get the public encryption key as a string.\n *\n * @param {SupportedEncodings} [format] Optional string format for\n * `uint8arrays`. Defaults to base64.\n * @returns {string} Return a string b/c mostly would use this for\n * serializing the public encryption key.\n */\n getPublicEncryptKey = Object.assign(\n async (format?:SupportedEncodings):Promise => {\n const { publicKey } = this._encryptKey\n const spki = await webcrypto.subtle.exportKey(\n 'spki',\n publicKey\n )\n\n return (format ?\n toString(new Uint8Array(spki), format) :\n toBase64(spki))\n },\n\n {\n uint8Array: async ():Promise => {\n const { publicKey } = this._encryptKey\n const arr = await getPublicKeyAsUint8Array(publicKey)\n return arr\n }\n }\n )\n\n /**\n * Return a 32-character, DNS-friendly hash of the given DID.\n *\n * @param {DID} did a DID format string\n * @returns {string} 32 character, base32 hash of the DID\n */\n static deviceName (did:DID):Promise {\n return getDeviceName(did)\n }\n\n /**\n * Create a new `Keys` instance.\n *\n * @returns {Promise}\n */\n static async create (\n opts:{ session:boolean } = { session: false }\n ):Promise {\n const encryptionKeypair = await makeRSAKeypair(\n DEFAULT_RSA_SIZE,\n DEFAULT_HASH_ALGORITHM,\n KeyUse.Encrypt\n )\n const signingKeypair = await makeRSAKeypair(\n DEFAULT_RSA_SIZE,\n DEFAULT_HASH_ALGORITHM,\n KeyUse.Sign\n )\n\n const { session } = opts\n const publicSigningKey = await getPublicKeyAsArrayBuffer(signingKeypair)\n const did = await publicKeyToDid(new Uint8Array(publicSigningKey), 'rsa')\n\n const keys = new Keys({\n keys: { encrypt: encryptionKeypair, sign: signingKeypair },\n did,\n persisted: false,\n session\n })\n\n return keys\n }\n\n /**\n * Save this keys instance to `indexedDB`.\n */\n async persist ():Promise {\n if (this.session) return\n\n await Promise.all([\n set(this.ENCRYPTION_KEY_NAME, this._encryptKey),\n set(this.SIGNING_KEY_NAME, this._signKey)\n ])\n\n this.persisted = true\n }\n\n /**\n * Return a 32-character, DNS friendly hash of the public signing key.\n *\n * @returns {Promise}\n */\n async getDeviceName ():Promise {\n return Keys.deviceName(this.DID)\n }\n\n /**\n * Restore some keys from indexedDB, or create a new keypair if it doesn't\n * exist yet.\n *\n * @param {{ encryptionKeyName, signingKeyName }} opts Strings to use as\n * keys in indexedDB.\n * @returns {Promise}\n */\n static async load (opts:Partial<{\n encryptionKeyName:string,\n signingKeyName:string,\n session:boolean,\n }> = {\n encryptionKeyName: DEFAULT_ENC_NAME,\n signingKeyName: DEFAULT_SIG_NAME,\n session: false\n }):Promise> {\n if (Keys._instance) return Keys._instance // cache\n\n let persisted = true\n let encKeys:CryptoKeyPair|undefined = await get(\n opts.encryptionKeyName || DEFAULT_ENC_NAME\n )\n let signKeys:CryptoKeyPair|undefined = await get(\n opts.signingKeyName || DEFAULT_SIG_NAME\n )\n\n if (!encKeys) {\n persisted = false\n encKeys = await makeRSAKeypair(\n DEFAULT_RSA_SIZE,\n DEFAULT_HASH_ALGORITHM,\n KeyUse.Encrypt\n )\n }\n if (!signKeys) {\n persisted = false\n signKeys = await makeRSAKeypair(\n DEFAULT_RSA_SIZE,\n DEFAULT_HASH_ALGORITHM,\n KeyUse.Sign\n )\n }\n\n const publicKey = await getPublicKeyAsArrayBuffer(signKeys)\n const did = await publicKeyToDid(new Uint8Array(publicKey), 'rsa')\n\n const keys = new Keys({\n keys: { encrypt: encKeys, sign: signKeys },\n did,\n persisted,\n session: opts.session ?? false\n })\n\n return keys\n }\n\n decrypt = Object.assign(\n /**\n * Expect the given cipher content to be the format returned by\n * encryptTo`. That is, encrypted AES key + `iv` + encrypted content.\n */\n async (\n msg:string|Uint8Array|ArrayBuffer,\n keysize?:SymmKeyLength\n ):Promise => {\n const length = keysize || DEFAULT_SYMM_LENGTH\n const cipherText = normalizeToBuf(msg, base64ToArrBuf)\n const key = cipherText.slice(0, length)\n const data = cipherText.slice(length)\n const decryptedKey = await this.decryptKey(key)\n const decryptedContent = await AES.decrypt(data, decryptedKey)\n return decryptedContent\n },\n\n {\n asString: async (msg:string, keysize?:SymmKeyLength):Promise => {\n const dec = await this.decrypt(msg, keysize)\n return toString(dec)\n }\n }\n )\n\n sign = Object.assign(\n /**\n * Sign the message, and return the signature as a `Uint8Array`.\n */\n async (\n msg:Msg,\n charsize:CharSize = DEFAULT_CHAR_SIZE\n ):Promise => {\n const key = this._signKey\n const sig = await rsaOperations.sign(\n msg,\n key.privateKey,\n charsize\n )\n\n return new Uint8Array(sig)\n },\n\n {\n /**\n * Sign a message, return the signature as a base64 encoded string.\n *\n * @param {Msg} msg The message to sign\n * @param {CharSize} [charsize] Character size\n * @returns {Promise}\n */\n asString: async (msg:Msg, charsize?:CharSize):Promise => {\n const sig = await this.sign(msg, charsize)\n return toBase64(sig)\n }\n }\n )\n\n /**\n * Decrypt the given encrypted AES key.\n * Return the key as `Uint8Array`.\n */\n decryptKey = Object.assign(\n async (key:string|Uint8Array|ArrayBuffer):Promise => {\n const decrypted = await rsaOperations.decrypt(\n key,\n this.privateEncryptKey\n )\n return decrypted\n },\n\n {\n /**\n * Decrypt the given AES key, return the result as a string.\n */\n asString: async (\n msg:string|Uint8Array,\n format?:SupportedEncodings\n ):Promise => {\n const decrypted = await rsaOperations.decrypt(\n msg,\n this.privateEncryptKey\n )\n\n return toString(decrypted, format)\n }\n }\n )\n\n /**\n * Serialize this keys instance. Will return an object of\n * { DID, publicEncryptionKey }, where DID is the public signature key,\n * and `publicEncryptKey` is the encryption key, `base64` encoded.\n * @returns {Promise<{ DID:DID, publicEncryptKey:string }>}\n */\n async toJson ():Promise<{ DID:DID; publicEncryptKey:string; }> {\n const pubEnc = await this.getPublicEncryptKey()\n const did = this.DID\n\n return {\n publicEncryptKey: pubEnc,\n DID: did\n }\n }\n}\n\nasync function makeRSAKeypair (\n size:RsaSize,\n hashAlg:HashAlg,\n use:KeyUse\n):Promise {\n if (!(Object.values(KeyUse).includes(use))) {\n throw new Error('invalid key use')\n }\n const alg = use === KeyUse.Encrypt ? RSA_ALGORITHM : RSA_SIGN_ALGORITHM\n const uses:KeyUsage[] = (use === KeyUse.Encrypt ?\n ['encrypt', 'decrypt'] :\n ['sign', 'verify'])\n\n return webcrypto.subtle.generateKey({\n name: alg,\n modulusLength: size,\n publicExponent: publicExponent(),\n hash: { name: hashAlg }\n }, false, uses)\n}\n\nfunction publicExponent ():Uint8Array {\n return new Uint8Array([0x01, 0x00, 0x01])\n}\n\n/**\n * Check that the given signature is valid with the given message.\n */\nexport async function verify (\n msg:string|Uint8Array,\n sig:string|Uint8Array,\n signingDid:DID\n):Promise {\n const _key = didToPublicKey(signingDid)\n const key = await importPublicKey(\n _key.publicKey.buffer,\n HashAlg.SHA_256,\n KeyUse.Sign\n )\n\n try {\n const isOk = rsaOperations.verify(msg, sig, key)\n return isOk\n } catch (_err) {\n return false\n }\n}\n\n/**\n * Encrypt the given message to the given public key. If an AES key is not\n * provided, one will be created. Use an AES key to encrypt the given\n * content, then we encrypt the AES key to the given public key.\n *\n * @param {{ content, publicKey }} opts The content to encrypt and\n * public key to encrypt to\n * @param {SymmKey|Uint8Array|string} [aesKey] An optional AES key to encrypt\n * to the given public key\n * @returns {Promise} The encrypted AES key, concattenated with\n * the encrypted content.\n */\nexport async function encryptTo (\n opts:{\n content:string|Uint8Array;\n publicKey:CryptoKey|string;\n },\n aesKey?:SymmKey|Uint8Array|string,\n):Promise {\n const { content, publicKey } = opts\n const key = aesKey || await AES.create()\n const encryptedContent = await AES.encrypt(\n typeof content === 'string' ? fromString(content) : content,\n typeof key === 'string' ? await AES.import(key) : key,\n )\n const encryptedKey = await encryptKeyTo({ key, publicKey })\n\n return joinBufs(encryptedKey, encryptedContent)\n}\n\n/**\n * Encrypt the given AES key to the given public key. Return the encrypted AES\n * key concattenated with the cipher text.\n *\n * @param { content, publicKey } opts The content to encrypt and key to\n * encrypt to.\n * @param {SymmKey|Uint8Array|string} [aesKey] Optional -- the AES key. One will\n * be created if not passed in.\n * @returns {Promise} The encrypted AES key concattenated with the\n * cipher text.\n */\nencryptTo.asString = async function (\n opts:{ content:string|Uint8Array; publicKey:CryptoKey|string },\n aesKey?:SymmKey|Uint8Array|string\n):Promise {\n const { content, publicKey } = opts\n const key = aesKey || await AES.create()\n const encryptedContent = await AES.encrypt(\n typeof content === 'string' ? fromString(content) : content,\n typeof key === 'string' ? await AES.import(key) : key,\n 'arraybuffer'\n )\n\n const encryptedKey = await encryptKeyTo({ key, publicKey })\n const joined = joinBufs(encryptedKey, encryptedContent)\n\n return toString(new Uint8Array(joined), 'base64pad')\n}\n\nexport const AES = {\n create (opts:{ alg:string, length:number } = {\n alg: DEFAULT_SYMM_ALGORITHM,\n length: DEFAULT_SYMM_LENGTH\n }):Promise {\n return webcrypto.subtle.generateKey({\n name: opts.alg,\n length: opts.length\n }, true, ['encrypt', 'decrypt'])\n },\n\n export: Object.assign(\n async (key:CryptoKey):Promise => {\n const raw = await webcrypto.subtle.exportKey('raw', key)\n return new Uint8Array(raw)\n },\n\n {\n asString: async (key:CryptoKey, format?:SupportedEncodings) => {\n const raw = await AES.export(key)\n return format ? toString(raw, format) : toBase64(raw)\n }\n }\n ),\n\n import (key:Uint8Array|string):Promise {\n return importAesKey(typeof key === 'string' ? base64ToArrBuf(key) : key)\n },\n\n async exportAsString (key:CryptoKey):Promise {\n const raw = await AES.export(key)\n return toBase64(raw)\n },\n\n encrypt,\n\n async decrypt (\n encryptedData:Uint8Array|string|ArrayBuffer,\n cryptoKey:CryptoKey|Uint8Array|ArrayBuffer,\n iv?:Uint8Array\n ):Promise {\n const key = (isCryptoKey(cryptoKey) ?\n cryptoKey :\n await importAesKey(cryptoKey))\n\n // the `iv` is prefixed to the cipher text\n const decrypted = (iv ?\n await webcrypto.subtle.decrypt(\n {\n name: AES_GCM,\n iv\n },\n key,\n (typeof encryptedData === 'string' ?\n fromString(encryptedData) :\n encryptedData)\n ) :\n\n await decryptBytes(encryptedData, key))\n\n return new Uint8Array(decrypted)\n },\n}\n\nexport async function encryptKeyTo ({ key, publicKey }:{\n key:string|Uint8Array|CryptoKey;\n publicKey:CryptoKey|Uint8Array|string;\n}, format:'arraybuffer'):Promise\n\nexport async function encryptKeyTo ({ key, publicKey }:{\n key:string|Uint8Array|CryptoKey;\n publicKey:CryptoKey|Uint8Array|string;\n}, format:'uint8array'):Promise\n\nexport async function encryptKeyTo ({ key, publicKey }:{\n key:string|Uint8Array|CryptoKey;\n publicKey:CryptoKey|Uint8Array|string;\n}, format?:undefined):Promise\n\n/**\n * Encrypt the given content to the given public key. This is RSA encryption,\n * and should be used only to encrypt AES keys.\n *\n * @param {{ content, publicKey }} params The content to encrypt, and public key\n * to encrypt it to.\n * @returns {Promise}\n */\nexport async function encryptKeyTo ({ key, publicKey }:{\n key:string|Uint8Array|CryptoKey;\n publicKey:CryptoKey|Uint8Array|string;\n}, format?:'uint8array'|'arraybuffer'):Promise {\n let _key:Uint8Array|string\n if (key instanceof CryptoKey) {\n _key = await AES.export(key)\n } else {\n _key = key\n }\n\n const buf = await rsaOperations.encrypt(_key, publicKey)\n if (format && format === 'arraybuffer') return buf\n return new Uint8Array(buf)\n}\n\nencryptKeyTo.asString = async function ({ key, publicKey }:{\n key:string|Uint8Array|CryptoKey;\n publicKey:CryptoKey|string|Uint8Array;\n}, format?:SupportedEncodings):Promise {\n const asArr = await encryptKeyTo({ key, publicKey })\n return format ? toString(asArr, format) : toBase64(asArr)\n}\n\nfunction importAesKey (\n key:Uint8Array|ArrayBuffer,\n length?:number\n):Promise {\n return webcrypto.subtle.importKey(\n 'raw',\n key,\n {\n name: AES_GCM,\n length: length || SymmKeyLength.B256,\n },\n true,\n ['encrypt', 'decrypt']\n )\n}\n\nasync function encryptBytes (\n msg:Msg,\n key:CryptoKey|string,\n opts?:Partial<{ iv:ArrayBuffer, charsize:number }>\n):Promise {\n const data = normalizeUnicodeToBuf(msg, opts?.charsize ?? DEFAULT_CHAR_SIZE)\n const importedKey = typeof key === 'string' ?\n await importKey(key, opts) :\n key\n const iv:ArrayBuffer = opts?.iv || randomBuf(IV_LENGTH)\n const cipherBuf = await webcrypto.subtle.encrypt({\n name: AES_GCM,\n iv\n }, importedKey, data)\n\n return joinBufs(iv, cipherBuf)\n}\n\n/**\n * Decrypt the given message with the given key. We expect the `iv` to be\n * prefixed to the encrypted message.\n * @param msg The message to decrypt\n * @param key The key to decrypt with\n * @param opts Optional args for algorithm and stuff\n * @returns {Promise}\n */\nasync function decryptBytes (\n msg:Msg,\n key:CryptoKey|string,\n opts?:Partial<{\n alg:SymmAlgorithm;\n length: SymmKeyLength;\n iv: ArrayBuffer;\n }>\n):Promise {\n const cipherText = normalizeBase64ToBuf(msg)\n const importedKey = typeof key === 'string' ?\n await importKey(key, opts) :\n key\n // `iv` is prefixed to the cypher text\n const iv = cipherText.slice(0, IV_LENGTH)\n const cipherBytes = cipherText.slice(IV_LENGTH)\n const msgBuff = await webcrypto.subtle.decrypt({\n name: DEFAULT_SYMM_ALGORITHM,\n iv\n }, importedKey, cipherBytes)\n\n return msgBuff\n}\n\nasync function encrypt (\n data:Uint8Array,\n cryptoKey:CryptoKey|Uint8Array,\n format?:undefined,\n iv?:Uint8Array\n):Promise\n\nasync function encrypt (\n data:Uint8Array,\n cryptoKey:CryptoKey|Uint8Array,\n format:'uint8array',\n iv?:Uint8Array\n):Promise\n\nasync function encrypt (\n data:Uint8Array,\n cryptoKey:CryptoKey|Uint8Array,\n format:'arraybuffer',\n iv?:Uint8Array\n):Promise\n\nasync function encrypt (\n data:Uint8Array,\n cryptoKey:CryptoKey|Uint8Array,\n format?:'uint8array'|'arraybuffer',\n iv?:Uint8Array\n):Promise {\n const key = (isCryptoKey(cryptoKey) ?\n cryptoKey :\n await importAesKey(cryptoKey)\n )\n\n // prefix the `iv` into the cipher text\n const encrypted = (iv ?\n await webcrypto.subtle.encrypt({ name: AES_GCM, iv }, key, data) :\n await encryptBytes(data, key)\n )\n\n if (format && format === 'arraybuffer') return encrypted\n\n return new Uint8Array(encrypted)\n}\n\nexport async function getDeviceName (did:DID|string) {\n const hashedUsername = await sha256(\n new TextEncoder().encode(did.normalize('NFD'))\n )\n\n return toString(hashedUsername, 'base32').slice(0, 32)\n}\n"], "mappings": "spBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,SAAAE,EAAA,SAAAC,EAAA,iBAAAC,EAAA,cAAAC,EAAA,kBAAAC,EAAA,iKAAAC,IAAA,eAAAC,EAAAR,GAAA,IAAAS,EAA0B,wCAC1BC,EAA8D,uBAC9DC,EAAkC,sBAClCC,EAYO,0BACPC,EAUO,sBACPC,EAiBO,qBAGPC,EAAAC,EAAc,0BA/Cd,gBAmDA,IAAAF,EAAyC,qBAalC,MAAMG,EAAN,MAAMA,CAAK,CAUd,YAAaC,EAKV,CAdHC,EAAA,KAAQ,eACRA,EAAA,KAAQ,YAERA,EAAA,kBACAA,EAAA,2BAA6B,oBAC7BA,EAAA,wBAA0B,oBAC1BA,EAAA,YACAA,EAAA,gBAmEAA,EAAA,2BAAsB,OAAO,OACzB,MAAOC,GAA+C,CAClD,KAAM,CAAE,UAAAC,CAAU,EAAI,KAAK,YACrBC,EAAO,MAAM,YAAU,OAAO,UAChC,OACAD,CACJ,EAEA,OAAQD,KACJ,YAAS,IAAI,WAAWE,CAAI,EAAGF,CAAM,KACrC,YAASE,CAAI,CACrB,EAEA,CACI,WAAYC,EAAA,SAAgC,CACxC,KAAM,CAAE,UAAAF,CAAU,EAAI,KAAK,YAE3B,OADY,QAAM,4BAAyBA,CAAS,CAExD,EAJY,aAKhB,CACJ,GA6HAF,EAAA,eAAU,OAAO,OAKb,MACIK,EACAC,IACqB,CACrB,MAAMC,EAASD,GAAW,sBACpBE,KAAa,kBAAeH,EAAK,gBAAc,EAC/CI,EAAMD,EAAW,MAAM,EAAGD,CAAM,EAChCG,EAAOF,EAAW,MAAMD,CAAM,EAC9BI,EAAe,MAAM,KAAK,WAAWF,CAAG,EAE9C,OADyB,MAAMG,EAAI,QAAQF,EAAMC,CAAY,CAEjE,EAEA,CACI,SAAUP,EAAA,MAAOC,EAAYC,IAA2C,CACpE,MAAMO,EAAM,MAAM,KAAK,QAAQR,EAAKC,CAAO,EAC3C,SAAO,YAASO,CAAG,CACvB,EAHU,WAId,CACJ,GAEAb,EAAA,YAAO,OAAO,OAIV,MACIK,EACAS,EAAoB,sBACC,CACrB,MAAML,EAAM,KAAK,SACXM,EAAM,MAAM,gBAAc,KAC5BV,EACAI,EAAI,WACJK,CACJ,EAEA,OAAO,IAAI,WAAWC,CAAG,CAC7B,EAEA,CAQI,SAAUX,EAAA,MAAOC,EAASS,IAAuC,CAC7D,MAAMC,EAAM,MAAM,KAAK,KAAKV,EAAKS,CAAQ,EACzC,SAAO,YAASC,CAAG,CACvB,EAHU,WAId,CACJ,GAMAf,EAAA,kBAAa,OAAO,OAChB,MAAOS,GACe,MAAM,gBAAc,QAClCA,EACA,KAAK,iBACT,EAIJ,CAII,SAAUL,EAAA,MACNC,EACAJ,IACiB,CACjB,MAAMe,EAAY,MAAM,gBAAc,QAClCX,EACA,KAAK,iBACT,EAEA,SAAO,YAASW,EAAWf,CAAM,CACrC,EAVU,WAWd,CACJ,GApSI,KAAM,CAAE,KAAAgB,CAAK,EAAIlB,EACjB,KAAK,YAAckB,EAAK,QACxB,KAAK,SAAWA,EAAK,KACrB,KAAK,IAAMlB,EAAK,IAChB,KAAK,UAAYA,EAAK,UACtB,KAAK,QAAUA,EAAK,SAAW,GAC/BD,EAAK,UAAY,IACrB,CAEA,IAAI,aAA6B,CAC7B,MAAO,CACH,WAAY,KAAK,eACjB,UAAW,KAAK,aACpB,CACJ,CAEA,IAAI,gBAAgC,CAChC,MAAO,CACH,WAAY,KAAK,kBACjB,UAAW,KAAK,gBACpB,CACJ,CAEA,IAAI,eAA2B,CAC3B,OAAO,KAAK,SAAS,SACzB,CAEA,IAAI,gBAA4B,CAC5B,OAAO,KAAK,SAAS,UACzB,CAEA,IAAI,mBAA+B,CAC/B,OAAO,KAAK,YAAY,UAC5B,CAEA,IAAI,kBAA8B,CAC9B,OAAO,KAAK,YAAY,SAC5B,CAEA,IAAI,YAA8B,CAC9B,OAAOA,EAAK,WAAW,KAAK,GAAG,CACnC,CAKA,MAAM,QAAwB,CAC1B,QAAM,WAAQ,CAAC,KAAK,oBAAqB,KAAK,gBAAgB,CAAC,EAC/D,KAAK,UAAY,EACrB,CAsCA,OAAO,WAAYoB,EAAyB,CACxC,OAAOC,EAAcD,CAAG,CAC5B,CAOA,aAAa,OACTnB,EAA2B,CAAE,QAAS,EAAM,EAChC,CACZ,MAAMqB,EAAoB,MAAMC,EAC5B,mBACA,yBACA,SAAO,OACX,EACMC,EAAiB,MAAMD,EACzB,mBACA,yBACA,SAAO,IACX,EAEM,CAAE,QAAAE,CAAQ,EAAIxB,EACdyB,EAAmB,QAAM,6BAA0BF,CAAc,EACjEJ,EAAM,QAAM,kBAAe,IAAI,WAAWM,CAAgB,EAAG,KAAK,EASxE,OAPa,IAAI1B,EAAK,CAClB,KAAM,CAAE,QAASsB,EAAmB,KAAME,CAAe,EACzD,IAAAJ,EACA,UAAW,GACX,QAAAK,CACJ,CAAC,CAGL,CAKA,MAAM,SAAyB,CACvB,KAAK,UAET,MAAM,QAAQ,IAAI,IACd,OAAI,KAAK,oBAAqB,KAAK,WAAW,KAC9C,OAAI,KAAK,iBAAkB,KAAK,QAAQ,CAC5C,CAAC,EAED,KAAK,UAAY,GACrB,CAOA,MAAM,eAAiC,CACnC,OAAOzB,EAAK,WAAW,KAAK,GAAG,CACnC,CAUA,aAAa,KAAMC,EAId,CACD,kBAAmB,mBACnB,eAAgB,mBAChB,QAAS,EACb,EAAsC,CAClC,GAAID,EAAK,UAAW,OAAOA,EAAK,UAEhC,IAAI2B,EAAY,GACZC,EAAkC,QAAM,OACxC3B,EAAK,mBAAqB,kBAC9B,EACI4B,EAAmC,QAAM,OACzC5B,EAAK,gBAAkB,kBAC3B,EAEK2B,IACDD,EAAY,GACZC,EAAU,MAAML,EACZ,mBACA,yBACA,SAAO,OACX,GAECM,IACDF,EAAY,GACZE,EAAW,MAAMN,EACb,mBACA,yBACA,SAAO,IACX,GAGJ,MAAMnB,EAAY,QAAM,6BAA0ByB,CAAQ,EACpDT,EAAM,QAAM,kBAAe,IAAI,WAAWhB,CAAS,EAAG,KAAK,EASjE,OAPa,IAAIJ,EAAK,CAClB,KAAM,CAAE,QAAS4B,EAAS,KAAMC,CAAS,EACzC,IAAAT,EACA,UAAAO,EACA,QAAS1B,EAAK,SAAW,EAC7B,CAAC,CAGL,CAkGA,MAAM,QAAyD,CAC3D,MAAM6B,EAAS,MAAM,KAAK,oBAAoB,EACxCV,EAAM,KAAK,IAEjB,MAAO,CACH,iBAAkBU,EAClB,IAAKV,CACT,CACJ,CACJ,EArUkBd,EAAAN,EAAA,QAGdE,EAHSF,EAGF,aAHJ,IAAM+B,EAAN/B,EAuUP,eAAeuB,EACXS,EACAC,EACAC,EACqB,CACrB,GAAI,CAAE,OAAO,OAAO,QAAM,EAAE,SAASA,CAAG,EACpC,MAAM,IAAI,MAAM,iBAAiB,EAErC,MAAMC,EAAMD,IAAQ,SAAO,QAAU,gBAAgB,qBAC/CE,EAAmBF,IAAQ,SAAO,QACpC,CAAC,UAAW,SAAS,EACrB,CAAC,OAAQ,QAAQ,EAErB,OAAO,YAAU,OAAO,YAAY,CAChC,KAAMC,EACN,cAAeH,EACf,eAAgBK,EAAe,EAC/B,KAAM,CAAE,KAAMJ,CAAQ,CAC1B,EAAG,GAAOG,CAAI,CAClB,CAnBe9B,EAAAiB,EAAA,kBAqBf,SAASc,GAA6B,CAClC,OAAO,IAAI,WAAW,CAAC,EAAM,EAAM,CAAI,CAAC,CAC5C,CAFS/B,EAAA+B,EAAA,kBAOT,eAAsBC,EAClB/B,EACAU,EACAsB,EACe,CACf,MAAMC,KAAO,kBAAeD,CAAU,EAChC5B,EAAM,QAAM,mBACd6B,EAAK,UAAU,OACf,UAAQ,QACR,SAAO,IACX,EAEA,GAAI,CAEA,OADa,gBAAc,OAAOjC,EAAKU,EAAKN,CAAG,CAEnD,MAAe,CACX,MAAO,EACX,CACJ,CAlBsBL,EAAAgC,EAAA,UAgCtB,eAAsBG,EAClBxC,EAIAyC,EACmB,CACnB,KAAM,CAAE,QAAAC,EAAS,UAAAvC,CAAU,EAAIH,EACzBU,EAAM+B,GAAU,MAAM5B,EAAI,OAAO,EACjC8B,EAAmB,MAAM9B,EAAI,QAC/B,OAAO6B,GAAY,YAAW,cAAWA,CAAO,EAAIA,EACpD,OAAOhC,GAAQ,SAAW,MAAMG,EAAI,OAAOH,CAAG,EAAIA,CACtD,EACMkC,EAAe,MAAMC,EAAa,CAAE,IAAAnC,EAAK,UAAAP,CAAU,CAAC,EAE1D,SAAO,YAASyC,EAAcD,CAAgB,CAClD,CAhBsBtC,EAAAmC,EAAA,aA6BtBA,EAAU,SAAW,eACjBxC,EACAyC,EACc,CACd,KAAM,CAAE,QAAAC,EAAS,UAAAvC,CAAU,EAAIH,EACzBU,EAAM+B,GAAU,MAAM5B,EAAI,OAAO,EACjC8B,EAAmB,MAAM9B,EAAI,QAC/B,OAAO6B,GAAY,YAAW,cAAWA,CAAO,EAAIA,EACpD,OAAOhC,GAAQ,SAAW,MAAMG,EAAI,OAAOH,CAAG,EAAIA,EAClD,aACJ,EAEMkC,EAAe,MAAMC,EAAa,CAAE,IAAAnC,EAAK,UAAAP,CAAU,CAAC,EACpD2C,KAAS,YAASF,EAAcD,CAAgB,EAEtD,SAAO,YAAS,IAAI,WAAWG,CAAM,EAAG,WAAW,CACvD,EAEO,MAAMjC,EAAM,CACf,OAAQb,EAAqC,CACzC,IAAK,yBACL,OAAQ,qBACZ,EAAsB,CAClB,OAAO,YAAU,OAAO,YAAY,CAChC,KAAMA,EAAK,IACX,OAAQA,EAAK,MACjB,EAAG,GAAM,CAAC,UAAW,SAAS,CAAC,CACnC,EAEA,OAAQ,OAAO,OACX,MAAOU,GAAsC,CACzC,MAAMqC,EAAM,MAAM,YAAU,OAAO,UAAU,MAAOrC,CAAG,EACvD,OAAO,IAAI,WAAWqC,CAAG,CAC7B,EAEA,CACI,SAAU1C,EAAA,MAAOK,EAAeR,IAA+B,CAC3D,MAAM6C,EAAM,MAAMlC,EAAI,OAAOH,CAAG,EAChC,OAAOR,KAAS,YAAS6C,EAAK7C,CAAM,KAAI,YAAS6C,CAAG,CACxD,EAHU,WAId,CACJ,EAEA,OAAQrC,EAA0C,CAC9C,OAAOsC,EAAa,OAAOtC,GAAQ,YAAW,kBAAeA,CAAG,EAAIA,CAAG,CAC3E,EAEA,MAAM,eAAgBA,EAA+B,CACjD,MAAMqC,EAAM,MAAMlC,EAAI,OAAOH,CAAG,EAChC,SAAO,YAASqC,CAAG,CACvB,EAEA,QAAAE,EAEA,MAAM,QACFC,EACAC,EACAC,EACkB,CAClB,MAAM1C,KAAO,eAAYyC,CAAS,EAC9BA,EACA,MAAMH,EAAaG,CAAS,EAG1BlC,EAAamC,EACf,MAAM,YAAU,OAAO,QACnB,CACI,KAAM,UACN,GAAAA,CACJ,EACA1C,EACC,OAAOwC,GAAkB,YACtB,cAAWA,CAAa,EACxBA,CACR,EAEA,MAAMG,EAAaH,EAAexC,CAAG,EAEzC,OAAO,IAAI,WAAWO,CAAS,CACnC,CACJ,EAyBA,eAAsB4B,EAAc,CAAE,IAAAnC,EAAK,UAAAP,CAAU,EAGlDD,EAAoE,CACnE,IAAIqC,EACA7B,aAAe,UACf6B,EAAO,MAAM1B,EAAI,OAAOH,CAAG,EAE3B6B,EAAO7B,EAGX,MAAM4C,EAAM,MAAM,gBAAc,QAAQf,EAAMpC,CAAS,EACvD,OAAID,GAAUA,IAAW,cAAsBoD,EACxC,IAAI,WAAWA,CAAG,CAC7B,CAdsBjD,EAAAwC,EAAA,gBAgBtBA,EAAa,SAAW,eAAgB,CAAE,IAAAnC,EAAK,UAAAP,CAAU,EAGtDD,EAA4C,CAC3C,MAAMqD,EAAQ,MAAMV,EAAa,CAAE,IAAAnC,EAAK,UAAAP,CAAU,CAAC,EACnD,OAAOD,KAAS,YAASqD,EAAOrD,CAAM,KAAI,YAASqD,CAAK,CAC5D,EAEA,SAASP,EACLtC,EACAF,EACiB,CACjB,OAAO,YAAU,OAAO,UACpB,MACAE,EACA,CACI,KAAM,UACN,OAAQF,GAAU,gBAAc,IACpC,EACA,GACA,CAAC,UAAW,SAAS,CACzB,CACJ,CAdSH,EAAA2C,EAAA,gBAgBT,eAAeQ,EACXlD,EACAI,EACAV,EACmB,CACnB,MAAMW,KAAO,yBAAsBL,EAAKN,GAAM,UAAY,mBAAiB,EACrEyD,EAAc,OAAO/C,GAAQ,SAC/B,QAAM,aAAUA,EAAKV,CAAI,EACzBU,EACE0C,EAAiBpD,GAAM,OAAM,aAAU,WAAS,EAChD0D,EAAY,MAAM,YAAU,OAAO,QAAQ,CAC7C,KAAM,UACN,GAAAN,CACJ,EAAGK,EAAa9C,CAAI,EAEpB,SAAO,YAASyC,EAAIM,CAAS,CACjC,CAhBerD,EAAAmD,EAAA,gBA0Bf,eAAeH,EACX/C,EACAI,EACAV,EAKmB,CACnB,MAAMS,KAAa,wBAAqBH,CAAG,EACrCmD,EAAc,OAAO/C,GAAQ,SAC/B,QAAM,aAAUA,EAAKV,CAAI,EACzBU,EAEE0C,EAAK3C,EAAW,MAAM,EAAG,WAAS,EAClCkD,EAAclD,EAAW,MAAM,WAAS,EAM9C,OALgB,MAAM,YAAU,OAAO,QAAQ,CAC3C,KAAM,yBACN,GAAA2C,CACJ,EAAGK,EAAaE,CAAW,CAG/B,CAtBetD,EAAAgD,EAAA,gBA6Cf,eAAeJ,EACXtC,EACAwC,EACAjD,EACAkD,EAC8B,CAC9B,MAAM1C,KAAO,eAAYyC,CAAS,EAC9BA,EACA,MAAMH,EAAaG,CAAS,EAI1BS,EAAaR,EACf,MAAM,YAAU,OAAO,QAAQ,CAAE,KAAM,UAAS,GAAAA,CAAG,EAAG1C,EAAKC,CAAI,EAC/D,MAAM6C,EAAa7C,EAAMD,CAAG,EAGhC,OAAIR,GAAUA,IAAW,cAAsB0D,EAExC,IAAI,WAAWA,CAAS,CACnC,CApBevD,EAAA4C,EAAA,WAsBf,eAAsB7B,EAAeD,EAAgB,CACjD,MAAM0C,EAAiB,QAAM,UACzB,IAAI,YAAY,EAAE,OAAO1C,EAAI,UAAU,KAAK,CAAC,CACjD,EAEA,SAAO,YAAS0C,EAAgB,QAAQ,EAAE,MAAM,EAAG,EAAE,CACzD,CANsBxD,EAAAe,EAAA", "names": ["index_exports", "__export", "AES", "Keys", "encryptKeyTo", "encryptTo", "getDeviceName", "verify", "__toCommonJS", "import_one_webcrypto", "import_uint8arrays", "import_idb_keyval", "import_constants", "import_types", "import_util", "__reExport", "index_exports", "_Keys", "opts", "__publicField", "format", "publicKey", "spki", "__name", "msg", "keysize", "length", "cipherText", "key", "data", "decryptedKey", "AES", "dec", "charsize", "sig", "decrypted", "keys", "did", "getDeviceName", "encryptionKeypair", "makeRSAKeypair", "signingKeypair", "session", "publicSigningKey", "persisted", "encKeys", "signKeys", "pubEnc", "Keys", "size", "hashAlg", "use", "alg", "uses", "publicExponent", "verify", "signingDid", "_key", "encryptTo", "aesKey", "content", "encryptedContent", "encryptedKey", "encryptKeyTo", "joined", "raw", "importAesKey", "encrypt", "encryptedData", "cryptoKey", "iv", "decryptBytes", "buf", "asArr", "encryptBytes", "importedKey", "cipherBuf", "cipherBytes", "encrypted", "hashedUsername"] }