{
  "version": 3,
  "sources": ["../src/aes-gcm.ts", "../src/helpers/hex-to-bytes.ts", "../src/constants.ts", "../src/helpers/encoding.ts", "../src/helpers/validators.ts", "../src/random.ts"],
  "sourcesContent": ["import { gcm } from \"@noble/ciphers/aes.js\";\nimport {\n  AES_GCM_ENVELOPE_NONCE_MAX_LENGTH,\n  AES_GCM_NONCE_LENGTH,\n  AES_GCM_TAG_LENGTH,\n  ERROR_AES_GCM_CIPHERTEXT_LENGTH,\n  ERROR_AES_GCM_KEY_LENGTH,\n  ERROR_AES_GCM_NONCE_LENGTH,\n  KEY_LENGTH,\n} from \"./constants\";\nimport {\n  aes128StringKeyMaterial,\n  base64ToBuffer,\n  base64UrlToBuffer,\n  bufferToBase64,\n  bufferToBase64Url,\n  bufferToHex,\n  bufferToUtf8,\n  concatBuffers,\n  hexToBuffer,\n  utf8ToBuffer,\n} from \"./helpers/encoding\";\nimport type { AesGcmJsonWire } from \"./helpers/types\";\nimport { randomBytes } from \"./random\";\n\nconst MIN_NONCE_BYTES = 8;\n\nfunction assertAesGcmKey(key: Uint8Array): void {\n  const len = key.length;\n  if (len !== 16 && len !== 24 && len !== 32) {\n    throw new Error(ERROR_AES_GCM_KEY_LENGTH);\n  }\n}\n\nfunction assertAesGcmNonce(nonce: Uint8Array): void {\n  if (nonce.length < MIN_NONCE_BYTES) {\n    throw new Error(ERROR_AES_GCM_NONCE_LENGTH);\n  }\n}\n\nfunction assertAesGcmCiphertext(ct: Uint8Array): void {\n  if (ct.length <= AES_GCM_TAG_LENGTH) {\n    throw new Error(ERROR_AES_GCM_CIPHERTEXT_LENGTH);\n  }\n}\n\nfunction assertEnvelopeNonceByteLength(n: number): void {\n  if (\n    !Number.isInteger(n) ||\n    n < MIN_NONCE_BYTES ||\n    n > AES_GCM_ENVELOPE_NONCE_MAX_LENGTH\n  ) {\n    throw new Error(\n      `encryptJsonAes256GcmSync: nonceByteLength must be an integer from ${MIN_NONCE_BYTES} to ${AES_GCM_ENVELOPE_NONCE_MAX_LENGTH}`,\n    );\n  }\n}\n\n/**\n * AES-GCM encrypt (128-bit tag). Ciphertext layout matches Web Crypto `AES-GCM`\n * (`ciphertext || tag`). Delegates to {@link aesGcmEncryptSync}.\n *\n * @param nonce IV/nonce; use {@link AES_GCM_NONCE_LENGTH} bytes when possible (minimum 8).\n * @param key Raw AES key: 16, 24, or 32 bytes.\n * @param plaintext Plaintext.\n * @param aad Optional AAD; must match on decrypt.\n * @returns `Uint8Array` ciphertext with tag appended.\n * @throws {Error} Invalid key length, nonce shorter than 8 bytes, or cipher failure.\n */\nexport async function aesGcmEncrypt(\n  nonce: Uint8Array,\n  key: Uint8Array,\n  plaintext: Uint8Array,\n  aad?: Uint8Array,\n): Promise<Uint8Array> {\n  return aesGcmEncryptSync(nonce, key, plaintext, aad);\n}\n\n/**\n * AES-GCM encrypt (128-bit tag); same output layout as Web Crypto `AES-GCM`.\n *\n * @param nonce IV/nonce (\u2265 8 bytes; {@link AES_GCM_NONCE_LENGTH} recommended).\n * @param key Raw AES key (16, 24, or 32 bytes).\n * @param plaintext Plaintext.\n * @param aad Optional AAD.\n * @returns Ciphertext with tag appended.\n * @throws {Error} Invalid key or nonce length, or cipher failure.\n */\nexport function aesGcmEncryptSync(\n  nonce: Uint8Array,\n  key: Uint8Array,\n  plaintext: Uint8Array,\n  aad?: Uint8Array,\n): Uint8Array {\n  assertAesGcmKey(key);\n  assertAesGcmNonce(nonce);\n  return gcm(key, nonce, aad).encrypt(plaintext);\n}\n\n/**\n * AES-GCM decrypt and verify. Delegates to {@link aesGcmDecryptSync}.\n *\n * @param nonce Same as encrypt.\n * @param key Same as encrypt.\n * @param ciphertext Ciphertext including 128-bit tag.\n * @param aad Same AAD as encrypt, if any.\n * @returns Plaintext.\n * @throws {Error} Invalid inputs, auth failure, or decrypt failure.\n */\nexport async function aesGcmDecrypt(\n  nonce: Uint8Array,\n  key: Uint8Array,\n  ciphertext: Uint8Array,\n  aad?: Uint8Array,\n): Promise<Uint8Array> {\n  return aesGcmDecryptSync(nonce, key, ciphertext, aad);\n}\n\n/**\n * AES-GCM decrypt and verify (`ciphertext` includes tag).\n *\n * @param nonce Same as encrypt.\n * @param key Same as encrypt.\n * @param ciphertext Ciphertext including tag.\n * @param aad Same optional AAD as encrypt.\n * @returns Plaintext.\n * @throws {Error} Invalid inputs or authentication failure.\n */\nexport function aesGcmDecryptSync(\n  nonce: Uint8Array,\n  key: Uint8Array,\n  ciphertext: Uint8Array,\n  aad?: Uint8Array,\n): Uint8Array {\n  assertAesGcmKey(key);\n  assertAesGcmNonce(nonce);\n  assertAesGcmCiphertext(ciphertext);\n  return gcm(key, nonce, aad).decrypt(ciphertext);\n}\n\n/**\n * AES-128-GCM over `JSON.stringify(data)` with a passphrase string. Key bytes come from\n * {@link aes128StringKeyMaterial} (`padEnd(16)` then UTF-8; must be 16 bytes). Random\n * {@link AES_GCM_NONCE_LENGTH}-byte nonce per call. Returns lowercase hex: `nonce || ct||tag`.\n *\n * @param data Any `JSON.stringify` input.\n * @param key Passphrase (see {@link aes128StringKeyMaterial} constraints).\n * @returns Lowercase hex wire string.\n * @throws {Error} Invalid key material or encrypt failure.\n */\nexport function encryptObjectAes128GcmJsonHex(data: unknown, key: string): string {\n  const keyBytes = aes128StringKeyMaterial(key);\n  const iv = randomBytes(AES_GCM_NONCE_LENGTH);\n  const pt = utf8ToBuffer(JSON.stringify(data));\n  const ct = aesGcmEncryptSync(iv, keyBytes, pt);\n  return bufferToHex(concatBuffers(iv, ct));\n}\n\n/**\n * Inverse of {@link encryptObjectAes128GcmJsonHex}: hex \u2192 nonce + ciphertext||tag, then\n * `JSON.parse` on UTF-8 plaintext. Narrow the return type at the call site.\n *\n * @param hex Wire from {@link encryptObjectAes128GcmJsonHex} (hex as accepted by {@link hexToBuffer}).\n * @param key Same passphrase as encrypt.\n * @returns Parsed JSON (`unknown`).\n * @throws {Error} Invalid input or auth failure.\n * @throws {SyntaxError} Invalid JSON in plaintext after decrypt.\n */\nexport function decryptObjectAes128GcmJsonHex(hex: string, key: string): unknown {\n  const keyBytes = aes128StringKeyMaterial(key);\n  const combined = hexToBuffer(hex);\n  if (combined.length < AES_GCM_NONCE_LENGTH + AES_GCM_TAG_LENGTH + 1) {\n    throw new Error(ERROR_AES_GCM_CIPHERTEXT_LENGTH);\n  }\n  const iv = combined.subarray(0, AES_GCM_NONCE_LENGTH);\n  const ciphertext = combined.subarray(AES_GCM_NONCE_LENGTH);\n  const pt = aesGcmDecryptSync(iv, keyBytes, ciphertext);\n  return JSON.parse(bufferToUtf8(pt));\n}\n\nfunction encryptJsonAes256GcmWireSync(data: unknown, nonceByteLength: number): AesGcmJsonWire {\n  assertEnvelopeNonceByteLength(nonceByteLength);\n  const key = randomBytes(KEY_LENGTH);\n  const iv = randomBytes(nonceByteLength);\n  const pt = utf8ToBuffer(JSON.stringify(data));\n  const ct = aesGcmEncryptSync(iv, key, pt);\n  return {\n    iv: bufferToBase64(iv),\n    key: bufferToBase64Url(key),\n    stream: bufferToBase64(ct),\n  };\n}\n\n/**\n * AES-256-GCM over `JSON.stringify(data)` with random 32-byte key. Wire: {@link AesGcmJsonWire}\n * (Base64 `iv`/`stream`, unpadded Base64url `key`).\n *\n * @param data Any `JSON.stringify` input.\n * @param nonceByteLength Nonce size in bytes; default {@link AES_GCM_NONCE_LENGTH} (8\u2013{@link AES_GCM_ENVELOPE_NONCE_MAX_LENGTH}).\n * @returns Serializable envelope.\n * @throws {Error} Invalid `nonceByteLength`, key or nonce length, encrypt failure, or `JSON.stringify` failure.\n */\nexport function encryptJsonAes256GcmSync(\n  data: unknown,\n  nonceByteLength: number = AES_GCM_NONCE_LENGTH,\n): AesGcmJsonWire {\n  return encryptJsonAes256GcmWireSync(data, nonceByteLength);\n}\n\n/** Async {@link encryptJsonAes256GcmSync}. */\nexport async function encryptJsonAes256Gcm(\n  data: unknown,\n  nonceByteLength: number = AES_GCM_NONCE_LENGTH,\n): Promise<AesGcmJsonWire> {\n  return encryptJsonAes256GcmSync(data, nonceByteLength);\n}\n\n/**\n * Decrypts {@link AesGcmJsonWire} from {@link encryptJsonAes256GcmSync}. Verifies GCM tag, then\n * `JSON.parse` on UTF-8 plaintext.\n *\n * @param wire Envelope ({@link AesGcmJsonWire}).\n * @returns Parsed JSON (`unknown`).\n * @throws {Error} Bad encoding, lengths, or auth failure.\n * @throws {SyntaxError} Invalid JSON in plaintext after decrypt.\n */\nexport function decryptJsonAes256GcmSync(wire: AesGcmJsonWire): unknown {\n  const iv = base64ToBuffer(wire.iv);\n  const key = base64UrlToBuffer(wire.key);\n  const ciphertext = base64ToBuffer(wire.stream);\n  const pt = aesGcmDecryptSync(iv, key, ciphertext);\n  return JSON.parse(bufferToUtf8(pt));\n}\n\n/** Async {@link decryptJsonAes256GcmSync}. */\nexport async function decryptJsonAes256Gcm(wire: AesGcmJsonWire): Promise<unknown> {\n  return decryptJsonAes256GcmSync(wire);\n}\n", "/**\n * Hex string \u2192 byte values `0..255`. Odd length implies a leading `0` nibble (unlike {@link hexToBuffer}).\n *\n * @param hex Contiguous hex digits (no `0x` stripping).\n * @returns `number[]` of byte values.\n */\nexport function hexToBytes(hex: string): number[] {\n  const clean = hex.length % 2 ? `0${hex}` : hex;\n  const out: number[] = [];\n  for (let i = 0; i < clean.length; i += 2) {\n    out.push(Number.parseInt(clean.slice(i, i + 2), 16));\n  }\n  return out;\n}\n", "import { hexToBytes } from \"./helpers/hex-to-bytes\";\n\nexport const HEX_ENC = \"hex\";\nexport const UTF8_ENC = \"utf8\";\nexport const BINARY_ENC = \"binary\";\n\nexport const ENCRYPT_OP = \"encrypt\";\nexport const DECRYPT_OP = \"decrypt\";\n\nexport const SIGN_OP = \"sign\";\nexport const VERIFY_OP = \"verify\";\n\nexport const LENGTH_0 = 0;\nexport const LENGTH_1 = 1;\nexport const LENGTH_12 = 12;\nexport const LENGTH_16 = 16;\nexport const LENGTH_32 = 32;\nexport const LENGTH_64 = 64;\nexport const LENGTH_128 = 128;\nexport const LENGTH_256 = 256;\nexport const LENGTH_512 = 512;\nexport const LENGTH_1024 = 1024;\n\nexport const AES_LENGTH = LENGTH_256;\nexport const HMAC_LENGTH = LENGTH_256;\n\nexport const AES_BROWSER_ALGO = \"AES-CBC\";\nexport const HMAC_BROWSER_ALGO = `SHA-${AES_LENGTH}`;\nexport const HMAC_BROWSER = \"HMAC\";\n\nexport const SHA256_BROWSER_ALGO = \"SHA-256\";\nexport const SHA512_BROWSER_ALGO = \"SHA-512\";\n\nexport const AES_NODE_ALGO = `aes-${AES_LENGTH}-cbc`;\nexport const HMAC_NODE_ALGO = `sha${HMAC_LENGTH}`;\n\nexport const SHA256_NODE_ALGO = \"sha256\";\nexport const SHA512_NODE_ALGO = \"sha512\";\nexport const RIPEMD160_NODE_ALGO = \"ripemd160\";\n\nexport const PBKDF2_DIGEST_SHA256 = SHA256_NODE_ALGO;\nexport const PBKDF2_DIGEST_SHA512 = SHA512_NODE_ALGO;\n\nexport const PREFIX_LENGTH = LENGTH_1;\nexport const KEY_LENGTH = LENGTH_32;\nexport const IV_LENGTH = LENGTH_16;\nexport const AES_GCM_NONCE_LENGTH = LENGTH_12;\nexport const AES_GCM_ENVELOPE_NONCE_MAX_LENGTH = LENGTH_128;\nexport const AES_GCM_TAG_LENGTH = LENGTH_16;\nexport const MAC_LENGTH = LENGTH_32;\nexport const DECOMPRESSED_LENGTH = LENGTH_64;\n\nexport const PREFIXED_KEY_LENGTH = KEY_LENGTH + PREFIX_LENGTH;\nexport const PREFIXED_DECOMPRESSED_LENGTH = DECOMPRESSED_LENGTH + PREFIX_LENGTH;\n\nexport const ECIES_SERIALIZED_MIN_LENGTH =\n  IV_LENGTH + PREFIXED_KEY_LENGTH + MAC_LENGTH;\n\nexport const MAX_KEY_LENGTH = LENGTH_1024;\nexport const PBKDF2_DEFAULT_ITERATIONS = 210_000;\nexport const MAX_MSG_LENGTH = LENGTH_32;\n\nexport const EMPTY_BUFFER = new Uint8Array(LENGTH_0);\n\nexport const EC_GROUP_ORDER = new Uint8Array(\n  hexToBytes(\n    \"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141\"\n  )\n);\n\nexport const ZERO32 = new Uint8Array(LENGTH_32).fill(LENGTH_0);\n\nexport const ERROR_BAD_MAC = \"Bad MAC\";\nexport const ERROR_BAD_SIGNATURE = \"Bad signature\";\nexport const ERROR_BAD_PRIVATE_KEY = \"Bad private key\";\nexport const ERROR_BAD_PUBLIC_KEY = \"Bad public key\";\nexport const ERROR_ECIES_SERIALIZED_LENGTH =\n  \"ECIES deserialize: buffer shorter than minimum serialized length\";\n\nexport const ERROR_EMPTY_MESSAGE = \"Message should not be empty\";\nexport const ERROR_MESSAGE_TOO_LONG = \"Message is too long\";\n\nexport const ERROR_BAD_EPHEM_PRIVATE_KEY = \"Invalid ephemeral private key\";\n\nexport const ERROR_AES_IV_LENGTH = \"AES-CBC: IV must be 16 bytes\";\nexport const ERROR_AES_KEY_LENGTH = \"AES-CBC: key must be 32 bytes\";\n\nexport const ERROR_AES_GCM_KEY_LENGTH =\n  \"AES-GCM: key must be 16, 24, or 32 bytes\";\nexport const ERROR_AES_GCM_NONCE_LENGTH =\n  \"AES-GCM: nonce must be at least 8 bytes\";\nexport const ERROR_AES_GCM_CIPHERTEXT_LENGTH =\n  \"AES-GCM: ciphertext must be longer than the authentication tag\";\n", "import {\n  HEX_ENC,\n  LENGTH_0,\n  LENGTH_16,\n  type UTF8_ENC,\n} from \"../constants\";\n\nconst textEncoder = new TextEncoder();\nconst textDecoder = new TextDecoder();\n\n/**\n * Encodes a UTF-8 string into bytes.\n * @param str Input string.\n * @returns UTF-8 encoded bytes.\n */\nexport function utf8ToBuffer(str: string): Uint8Array {\n  return textEncoder.encode(str);\n}\n\n/**\n * Decodes UTF-8 bytes into a string.\n * @param buf UTF-8 encoded bytes.\n * @returns Decoded string.\n */\nexport function bufferToUtf8(buf: Uint8Array): string {\n  return textDecoder.decode(buf);\n}\n\n/**\n * Concatenates multiple byte arrays.\n * @param buffers Byte arrays to concatenate.\n * @returns Concatenated byte array.\n */\nexport function concatBuffers(...buffers: Uint8Array[]): Uint8Array {\n  const total = buffers.reduce((n, b) => n + b.length, LENGTH_0);\n  const out = new Uint8Array(total);\n  let offset = LENGTH_0;\n  for (const b of buffers) {\n    out.set(b, offset);\n    offset += b.length;\n  }\n  return out;\n}\n\n/**\n * Converts bytes to a lowercase hex string.\n * @param buf Input bytes.\n * @param enc Output encoding selector. Only `hex` is accepted.\n * @returns Hex string.\n */\nexport function bufferToHex(\n  buf: Uint8Array,\n  enc: typeof HEX_ENC | typeof UTF8_ENC = HEX_ENC\n): string {\n  if (enc !== HEX_ENC) {\n    throw new Error(\"bufferToHex: only hex encoding is supported\");\n  }\n  let hex = \"\";\n  for (const byte of buf) {\n    hex += byte.toString(16).padStart(2, \"0\");\n  }\n  return hex;\n}\n\n/**\n * Converts a hex string to bytes.\n * @param hex Input hex string, with optional `0x` prefix.\n * @returns Decoded bytes.\n */\nexport function hexToBuffer(hex: string): Uint8Array {\n  const clean = hex.startsWith(\"0x\") ? hex.slice(2) : hex;\n  if (clean.length % 2 !== 0) {\n    throw new Error(\"hexToBuffer: invalid length\");\n  }\n  const out = new Uint8Array(clean.length / 2);\n  for (let i = 0; i < out.length; i++) {\n    const byte = Number.parseInt(clean.slice(i * 2, i * 2 + 2), 16);\n    if (!Number.isFinite(byte) || byte < 0 || byte > 255) {\n      throw new Error(\"hexToBuffer: invalid hex character\");\n    }\n    out[i] = byte;\n  }\n  return out;\n}\n\n/**\n * Removes a leading `0x` prefix from a hex string.\n * @param hex Input hex string.\n * @returns Hex string without prefix.\n */\nexport function sanitizeHex(hex: string): string {\n  return hex.startsWith(\"0x\") ? hex.slice(2) : hex;\n}\n\n/**\n * Removes leading zeros from a hex string.\n * @param hex Input hex string.\n * @returns Hex string without leading zeros.\n */\nexport function removeHexLeadingZeros(hex: string): string {\n  const h = sanitizeHex(hex);\n  const stripped = h.replace(/^0+/, \"\");\n  return stripped.length ? stripped : \"0\";\n}\n\n/**\n * Parses a hex string into a number.\n * @param hex Input hex string.\n * @returns Parsed number.\n */\nexport function hexToNumber(hex: string): number {\n  return Number.parseInt(sanitizeHex(hex), 16);\n}\n\n/**\n * RFC 4648 Base64 from bytes. Chunks `btoa` input to avoid huge spread argument lists.\n *\n * @param buf Input bytes.\n * @returns Base64 string (no line breaks).\n */\nexport function bufferToBase64(buf: Uint8Array): string {\n  const chunk = 0x8000;\n  let binary = \"\";\n  for (let i = 0; i < buf.length; i += chunk) {\n    binary += String.fromCharCode(...buf.subarray(i, i + chunk));\n  }\n  return btoa(binary);\n}\n\n/**\n * RFC 4648 Base64 to bytes (whitespace stripped). Uses `atob`.\n *\n * @param str Base64 string.\n * @returns New `Uint8Array`.\n * @throws {DOMException} Invalid Base64 where `atob` throws.\n */\nexport function base64ToBuffer(str: string): Uint8Array {\n  const normalized = str.replace(/\\s+/g, \"\");\n  const binary = atob(normalized);\n  const out = new Uint8Array(binary.length);\n  for (let i = 0; i < binary.length; i++) {\n    out[i] = binary.charCodeAt(i) & 0xff;\n  }\n  return out;\n}\n\n/**\n * RFC 4648 Base64url without `=` padding (`-`/`_`). Common for JWK `k`.\n *\n * @param buf Input bytes.\n * @returns Base64url string.\n */\nexport function bufferToBase64Url(buf: Uint8Array): string {\n  return bufferToBase64(buf)\n    .replace(/\\+/g, \"-\")\n    .replace(/\\//g, \"_\")\n    .replace(/=+$/, \"\");\n}\n\n/**\n * Base64url to bytes (optional padding; then {@link base64ToBuffer}).\n *\n * @param str Base64url string.\n * @returns New `Uint8Array`.\n * @throws {Error} Length mod 4 === 1 (invalid).\n */\nexport function base64UrlToBuffer(str: string): Uint8Array {\n  let s = str.replace(/-/g, \"+\").replace(/_/g, \"/\");\n  const pad = s.length % 4;\n  if (pad === 2) s += \"==\";\n  else if (pad === 3) s += \"=\";\n  else if (pad === 1) {\n    throw new Error(\"base64UrlToBuffer: invalid length\");\n  }\n  return base64ToBuffer(s);\n}\n\n/**\n * 16-byte AES-128 raw key from `utf8ToBuffer(key.padEnd(16, \" \"))`. Must yield exactly 16 UTF-8 bytes\n * (same constraint as Web Crypto `importKey(\"raw\", \u2026)` for AES-128).\n *\n * @param key Passphrase.\n * @returns 16 key bytes.\n * @throws {Error} UTF-8 length \u2260 16 after padding.\n */\nexport function aes128StringKeyMaterial(key: string): Uint8Array {\n  const padded = key.padEnd(LENGTH_16, \" \");\n  const bytes = textEncoder.encode(padded);\n  if (bytes.length !== LENGTH_16) {\n    throw new Error(\n      \"aes128StringKeyMaterial: padded key must UTF-8 encode to exactly 16 bytes\",\n    );\n  }\n  return bytes;\n}\n\n", "import {\n  EC_GROUP_ORDER,\n  ERROR_BAD_PRIVATE_KEY,\n  ERROR_BAD_PUBLIC_KEY,\n  ERROR_EMPTY_MESSAGE,\n  ERROR_MESSAGE_TOO_LONG,\n  KEY_LENGTH,\n  LENGTH_0,\n  MAX_KEY_LENGTH,\n  MAX_MSG_LENGTH,\n  PREFIXED_DECOMPRESSED_LENGTH,\n  PREFIXED_KEY_LENGTH,\n  ZERO32,\n} from \"../constants\";\n\n/**\n * Asserts a condition and throws when it fails.\n * @param condition Condition to evaluate.\n * @param message Error message when condition fails.\n */\nexport function assert(condition: boolean, message: string): void {\n  if (!condition) {\n    throw new Error(message || \"Assertion failed\");\n  }\n}\n\n/**\n * Checks whether input is a 32-byte scalar.\n * @param x Input bytes.\n * @returns True when input is a scalar.\n */\nexport function isScalar(x: Uint8Array): boolean {\n  return x instanceof Uint8Array && x.length === 32;\n}\n\n/**\n * Validates a secp256k1 private key range.\n * @param privateKey Private key bytes.\n * @returns True when key is valid.\n */\nexport function isValidPrivateKey(privateKey: Uint8Array): boolean {\n  if (!isScalar(privateKey)) {\n    return false;\n  }\n  return (\n    compareBuffers(privateKey, ZERO32) > 0 &&\n    compareBuffers(privateKey, EC_GROUP_ORDER) < 0\n  );\n}\n\n/**\n * Compares two byte arrays lexicographically.\n * @param a First byte array.\n * @param b Second byte array.\n * @returns -1, 0, or 1 depending on comparison result.\n */\nexport function compareBuffers(a: Uint8Array, b: Uint8Array): number {\n  const len = Math.max(a.length, b.length);\n  for (let i = 0; i < len; i++) {\n    const av = a[i] ?? 0;\n    const bv = b[i] ?? 0;\n    if (av !== bv) {\n      return av < bv ? -1 : 1;\n    }\n  }\n  return 0;\n}\n\n/**\n * Compares two byte arrays in constant time.\n * @param b1 First byte array.\n * @param b2 Second byte array.\n * @returns True when arrays are equal.\n */\nexport function equalConstTime(b1: Uint8Array, b2: Uint8Array): boolean {\n  if (b1.length !== b2.length) {\n    return false;\n  }\n  let res = 0;\n  for (let i = 0; i < b1.length; i++) {\n    res |= b1[i] ^ b2[i];\n  }\n  return res === 0;\n}\n\n/**\n * Validates random key length constraints.\n * @param length Requested length.\n * @returns True when length is valid.\n */\nexport function isValidKeyLength(length: number): boolean {\n  return !(\n    length <= LENGTH_0 ||\n    length > MAX_KEY_LENGTH ||\n    Number.parseInt(String(length), 10) !== length\n  );\n}\n\n/**\n * Validates a private key and throws when invalid.\n * @param privateKey Private key bytes.\n */\nexport function checkPrivateKey(privateKey: Uint8Array): void {\n  assert(privateKey.length === KEY_LENGTH, ERROR_BAD_PRIVATE_KEY);\n  assert(isValidPrivateKey(privateKey), ERROR_BAD_PRIVATE_KEY);\n}\n\n/**\n * Validates a public key and throws when invalid.\n * @param publicKey Public key bytes.\n */\nexport function checkPublicKey(publicKey: Uint8Array): void {\n  assert(\n    publicKey.length === PREFIXED_DECOMPRESSED_LENGTH ||\n      publicKey.length === PREFIXED_KEY_LENGTH,\n    ERROR_BAD_PUBLIC_KEY\n  );\n  if (publicKey.length === PREFIXED_DECOMPRESSED_LENGTH) {\n    assert(publicKey[0] === 4, ERROR_BAD_PUBLIC_KEY);\n  }\n  if (publicKey.length === PREFIXED_KEY_LENGTH) {\n    assert(publicKey[0] === 2 || publicKey[0] === 3, ERROR_BAD_PUBLIC_KEY);\n  }\n}\n\n/**\n * Validates message bytes and throws when invalid.\n * @param msg Message bytes.\n */\nexport function checkMessage(msg: Uint8Array): void {\n  assert(msg.length > 0, ERROR_EMPTY_MESSAGE);\n  assert(msg.length <= MAX_MSG_LENGTH, ERROR_MESSAGE_TOO_LONG);\n}\n", "import { isValidKeyLength } from \"./helpers/validators\";\n\n/**\n * Generates cryptographically secure random bytes.\n * @param length Number of bytes to generate.\n * @returns Random bytes.\n */\nexport function randomBytes(length: number): Uint8Array {\n  if (!isValidKeyLength(length)) {\n    throw new Error(`randomBytes - invalid key length: ${length}`);\n  }\n  const out = new Uint8Array(length);\n  globalThis.crypto.getRandomValues(out);\n  return out;\n}\n"],
  "mappings": ";AAAA,SAAS,WAAW;;;ACMb,SAAS,WAAW,KAAuB;AAChD,QAAM,QAAQ,IAAI,SAAS,IAAI,IAAI,GAAG,KAAK;AAC3C,QAAM,MAAgB,CAAC;AACvB,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK,GAAG;AACxC,QAAI,KAAK,OAAO,SAAS,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;AAAA,EACrD;AACA,SAAO;AACT;;;ACXO,IAAM,UAAU;AAUhB,IAAM,WAAW;AACjB,IAAM,WAAW;AACjB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,aAAa;AACnB,IAAM,aAAa;AAEnB,IAAM,cAAc;AAEpB,IAAM,aAAa;AACnB,IAAM,cAAc;AAGpB,IAAM,oBAAoB,OAAO,UAAU;AAM3C,IAAM,gBAAgB,OAAO,UAAU;AACvC,IAAM,iBAAiB,MAAM,WAAW;AASxC,IAAM,gBAAgB;AACtB,IAAM,aAAa;AACnB,IAAM,YAAY;AAClB,IAAM,uBAAuB;AAC7B,IAAM,oCAAoC;AAC1C,IAAM,qBAAqB;AAC3B,IAAM,aAAa;AACnB,IAAM,sBAAsB;AAE5B,IAAM,sBAAsB,aAAa;AACzC,IAAM,+BAA+B,sBAAsB;AAE3D,IAAM,8BACX,YAAY,sBAAsB;AAE7B,IAAM,iBAAiB;AAIvB,IAAM,eAAe,IAAI,WAAW,QAAQ;AAE5C,IAAM,iBAAiB,IAAI;AAAA,EAChC;AAAA,IACE;AAAA,EACF;AACF;AAEO,IAAM,SAAS,IAAI,WAAW,SAAS,EAAE,KAAK,QAAQ;AAiBtD,IAAM,2BACX;AACK,IAAM,6BACX;AACK,IAAM,kCACX;;;ACrFF,IAAM,cAAc,IAAI,YAAY;AACpC,IAAM,cAAc,IAAI,YAAY;AAO7B,SAAS,aAAa,KAAyB;AACpD,SAAO,YAAY,OAAO,GAAG;AAC/B;AAOO,SAAS,aAAa,KAAyB;AACpD,SAAO,YAAY,OAAO,GAAG;AAC/B;AAOO,SAAS,iBAAiB,SAAmC;AAClE,QAAM,QAAQ,QAAQ,OAAO,CAAC,GAAG,MAAM,IAAI,EAAE,QAAQ,QAAQ;AAC7D,QAAM,MAAM,IAAI,WAAW,KAAK;AAChC,MAAI,SAAS;AACb,aAAW,KAAK,SAAS;AACvB,QAAI,IAAI,GAAG,MAAM;AACjB,cAAU,EAAE;AAAA,EACd;AACA,SAAO;AACT;AAQO,SAAS,YACd,KACA,MAAwC,SAChC;AACR,MAAI,QAAQ,SAAS;AACnB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AACA,MAAI,MAAM;AACV,aAAW,QAAQ,KAAK;AACtB,WAAO,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC1C;AACA,SAAO;AACT;AAOO,SAAS,YAAY,KAAyB;AACnD,QAAM,QAAQ,IAAI,WAAW,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI;AACpD,MAAI,MAAM,SAAS,MAAM,GAAG;AAC1B,UAAM,IAAI,MAAM,6BAA6B;AAAA,EAC/C;AACA,QAAM,MAAM,IAAI,WAAW,MAAM,SAAS,CAAC;AAC3C,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;AACnC,UAAM,OAAO,OAAO,SAAS,MAAM,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE;AAC9D,QAAI,CAAC,OAAO,SAAS,IAAI,KAAK,OAAO,KAAK,OAAO,KAAK;AACpD,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AACA,QAAI,CAAC,IAAI;AAAA,EACX;AACA,SAAO;AACT;AAqCO,SAAS,eAAe,KAAyB;AACtD,QAAM,QAAQ;AACd,MAAI,SAAS;AACb,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK,OAAO;AAC1C,cAAU,OAAO,aAAa,GAAG,IAAI,SAAS,GAAG,IAAI,KAAK,CAAC;AAAA,EAC7D;AACA,SAAO,KAAK,MAAM;AACpB;AASO,SAAS,eAAe,KAAyB;AACtD,QAAM,aAAa,IAAI,QAAQ,QAAQ,EAAE;AACzC,QAAM,SAAS,KAAK,UAAU;AAC9B,QAAM,MAAM,IAAI,WAAW,OAAO,MAAM;AACxC,WAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,QAAI,CAAC,IAAI,OAAO,WAAW,CAAC,IAAI;AAAA,EAClC;AACA,SAAO;AACT;AAQO,SAAS,kBAAkB,KAAyB;AACzD,SAAO,eAAe,GAAG,EACtB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,EAAE;AACtB;AASO,SAAS,kBAAkB,KAAyB;AACzD,MAAI,IAAI,IAAI,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAChD,QAAM,MAAM,EAAE,SAAS;AACvB,MAAI,QAAQ,EAAG,MAAK;AAAA,WACX,QAAQ,EAAG,MAAK;AAAA,WAChB,QAAQ,GAAG;AAClB,UAAM,IAAI,MAAM,mCAAmC;AAAA,EACrD;AACA,SAAO,eAAe,CAAC;AACzB;AAUO,SAAS,wBAAwB,KAAyB;AAC/D,QAAM,SAAS,IAAI,OAAO,WAAW,GAAG;AACxC,QAAM,QAAQ,YAAY,OAAO,MAAM;AACvC,MAAI,MAAM,WAAW,WAAW;AAC9B,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;;;ACxGO,SAAS,iBAAiB,QAAyB;AACxD,SAAO,EACL,UAAU,YACV,SAAS,kBACT,OAAO,SAAS,OAAO,MAAM,GAAG,EAAE,MAAM;AAE5C;;;ACzFO,SAAS,YAAY,QAA4B;AACtD,MAAI,CAAC,iBAAiB,MAAM,GAAG;AAC7B,UAAM,IAAI,MAAM,qCAAqC,MAAM,EAAE;AAAA,EAC/D;AACA,QAAM,MAAM,IAAI,WAAW,MAAM;AACjC,aAAW,OAAO,gBAAgB,GAAG;AACrC,SAAO;AACT;;;ALWA,IAAM,kBAAkB;AAExB,SAAS,gBAAgB,KAAuB;AAC9C,QAAM,MAAM,IAAI;AAChB,MAAI,QAAQ,MAAM,QAAQ,MAAM,QAAQ,IAAI;AAC1C,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AACF;AAEA,SAAS,kBAAkB,OAAyB;AAClD,MAAI,MAAM,SAAS,iBAAiB;AAClC,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC5C;AACF;AAEA,SAAS,uBAAuB,IAAsB;AACpD,MAAI,GAAG,UAAU,oBAAoB;AACnC,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AACF;AAEA,SAAS,8BAA8B,GAAiB;AACtD,MACE,CAAC,OAAO,UAAU,CAAC,KACnB,IAAI,mBACJ,IAAI,mCACJ;AACA,UAAM,IAAI;AAAA,MACR,qEAAqE,eAAe,OAAO,iCAAiC;AAAA,IAC9H;AAAA,EACF;AACF;AAaA,eAAsB,cACpB,OACA,KACA,WACA,KACqB;AACrB,SAAO,kBAAkB,OAAO,KAAK,WAAW,GAAG;AACrD;AAYO,SAAS,kBACd,OACA,KACA,WACA,KACY;AACZ,kBAAgB,GAAG;AACnB,oBAAkB,KAAK;AACvB,SAAO,IAAI,KAAK,OAAO,GAAG,EAAE,QAAQ,SAAS;AAC/C;AAYA,eAAsB,cACpB,OACA,KACA,YACA,KACqB;AACrB,SAAO,kBAAkB,OAAO,KAAK,YAAY,GAAG;AACtD;AAYO,SAAS,kBACd,OACA,KACA,YACA,KACY;AACZ,kBAAgB,GAAG;AACnB,oBAAkB,KAAK;AACvB,yBAAuB,UAAU;AACjC,SAAO,IAAI,KAAK,OAAO,GAAG,EAAE,QAAQ,UAAU;AAChD;AAYO,SAAS,8BAA8B,MAAe,KAAqB;AAChF,QAAM,WAAW,wBAAwB,GAAG;AAC5C,QAAM,KAAK,YAAY,oBAAoB;AAC3C,QAAM,KAAK,aAAa,KAAK,UAAU,IAAI,CAAC;AAC5C,QAAM,KAAK,kBAAkB,IAAI,UAAU,EAAE;AAC7C,SAAO,YAAY,cAAc,IAAI,EAAE,CAAC;AAC1C;AAYO,SAAS,8BAA8B,KAAa,KAAsB;AAC/E,QAAM,WAAW,wBAAwB,GAAG;AAC5C,QAAM,WAAW,YAAY,GAAG;AAChC,MAAI,SAAS,SAAS,uBAAuB,qBAAqB,GAAG;AACnE,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AACA,QAAM,KAAK,SAAS,SAAS,GAAG,oBAAoB;AACpD,QAAM,aAAa,SAAS,SAAS,oBAAoB;AACzD,QAAM,KAAK,kBAAkB,IAAI,UAAU,UAAU;AACrD,SAAO,KAAK,MAAM,aAAa,EAAE,CAAC;AACpC;AAEA,SAAS,6BAA6B,MAAe,iBAAyC;AAC5F,gCAA8B,eAAe;AAC7C,QAAM,MAAM,YAAY,UAAU;AAClC,QAAM,KAAK,YAAY,eAAe;AACtC,QAAM,KAAK,aAAa,KAAK,UAAU,IAAI,CAAC;AAC5C,QAAM,KAAK,kBAAkB,IAAI,KAAK,EAAE;AACxC,SAAO;AAAA,IACL,IAAI,eAAe,EAAE;AAAA,IACrB,KAAK,kBAAkB,GAAG;AAAA,IAC1B,QAAQ,eAAe,EAAE;AAAA,EAC3B;AACF;AAWO,SAAS,yBACd,MACA,kBAA0B,sBACV;AAChB,SAAO,6BAA6B,MAAM,eAAe;AAC3D;AAGA,eAAsB,qBACpB,MACA,kBAA0B,sBACD;AACzB,SAAO,yBAAyB,MAAM,eAAe;AACvD;AAWO,SAAS,yBAAyB,MAA+B;AACtE,QAAM,KAAK,eAAe,KAAK,EAAE;AACjC,QAAM,MAAM,kBAAkB,KAAK,GAAG;AACtC,QAAM,aAAa,eAAe,KAAK,MAAM;AAC7C,QAAM,KAAK,kBAAkB,IAAI,KAAK,UAAU;AAChD,SAAO,KAAK,MAAM,aAAa,EAAE,CAAC;AACpC;AAGA,eAAsB,qBAAqB,MAAwC;AACjF,SAAO,yBAAyB,IAAI;AACtC;",
  "names": []
}