{ "version": 3, "sources": ["../src/helpers/hex-to-bytes.ts", "../src/constants.ts", "../src/helpers/encoding.ts", "../src/helpers/byte-conversions.ts", "../src/helpers/util.ts", "../src/helpers/validators.ts", "../src/aes.ts", "../src/aes-gcm.ts", "../src/random.ts", "../src/ecdh.ts", "../src/ecdsa.ts", "../src/internal/der.ts", "../src/hmac.ts", "../src/internal/sha512.ts", "../src/ecies.ts", "../src/pbkdf2.ts", "../src/sha2.ts", "../src/sha3.ts"], "sourcesContent": ["/**\n * Hex string \u2192 byte values `0..255`. Odd length implies a leading `0` nibble (unlike {@link hexToBuffer}).\n *\n * @param hex Contiguous hex digits (no `0x` stripping).\n * @returns `number[]` of byte values.\n */\nexport function hexToBytes(hex: string): number[] {\n const clean = hex.length % 2 ? `0${hex}` : hex;\n const out: number[] = [];\n for (let i = 0; i < clean.length; i += 2) {\n out.push(Number.parseInt(clean.slice(i, i + 2), 16));\n }\n return out;\n}\n", "import { hexToBytes } from \"./helpers/hex-to-bytes\";\n\nexport const HEX_ENC = \"hex\";\nexport const UTF8_ENC = \"utf8\";\nexport const BINARY_ENC = \"binary\";\n\nexport const ENCRYPT_OP = \"encrypt\";\nexport const DECRYPT_OP = \"decrypt\";\n\nexport const SIGN_OP = \"sign\";\nexport const VERIFY_OP = \"verify\";\n\nexport const LENGTH_0 = 0;\nexport const LENGTH_1 = 1;\nexport const LENGTH_12 = 12;\nexport const LENGTH_16 = 16;\nexport const LENGTH_32 = 32;\nexport const LENGTH_64 = 64;\nexport const LENGTH_128 = 128;\nexport const LENGTH_256 = 256;\nexport const LENGTH_512 = 512;\nexport const LENGTH_1024 = 1024;\n\nexport const AES_LENGTH = LENGTH_256;\nexport const HMAC_LENGTH = LENGTH_256;\n\nexport const AES_BROWSER_ALGO = \"AES-CBC\";\nexport const HMAC_BROWSER_ALGO = `SHA-${AES_LENGTH}`;\nexport const HMAC_BROWSER = \"HMAC\";\n\nexport const SHA256_BROWSER_ALGO = \"SHA-256\";\nexport const SHA512_BROWSER_ALGO = \"SHA-512\";\n\nexport const AES_NODE_ALGO = `aes-${AES_LENGTH}-cbc`;\nexport const HMAC_NODE_ALGO = `sha${HMAC_LENGTH}`;\n\nexport const SHA256_NODE_ALGO = \"sha256\";\nexport const SHA512_NODE_ALGO = \"sha512\";\nexport const RIPEMD160_NODE_ALGO = \"ripemd160\";\n\nexport const PBKDF2_DIGEST_SHA256 = SHA256_NODE_ALGO;\nexport const PBKDF2_DIGEST_SHA512 = SHA512_NODE_ALGO;\n\nexport const PREFIX_LENGTH = LENGTH_1;\nexport const KEY_LENGTH = LENGTH_32;\nexport const IV_LENGTH = LENGTH_16;\nexport const AES_GCM_NONCE_LENGTH = LENGTH_12;\nexport const AES_GCM_ENVELOPE_NONCE_MAX_LENGTH = LENGTH_128;\nexport const AES_GCM_TAG_LENGTH = LENGTH_16;\nexport const MAC_LENGTH = LENGTH_32;\nexport const DECOMPRESSED_LENGTH = LENGTH_64;\n\nexport const PREFIXED_KEY_LENGTH = KEY_LENGTH + PREFIX_LENGTH;\nexport const PREFIXED_DECOMPRESSED_LENGTH = DECOMPRESSED_LENGTH + PREFIX_LENGTH;\n\nexport const ECIES_SERIALIZED_MIN_LENGTH =\n IV_LENGTH + PREFIXED_KEY_LENGTH + MAC_LENGTH;\n\nexport const MAX_KEY_LENGTH = LENGTH_1024;\nexport const PBKDF2_DEFAULT_ITERATIONS = 210_000;\nexport const MAX_MSG_LENGTH = LENGTH_32;\n\nexport const EMPTY_BUFFER = new Uint8Array(LENGTH_0);\n\nexport const EC_GROUP_ORDER = new Uint8Array(\n hexToBytes(\n \"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141\"\n )\n);\n\nexport const ZERO32 = new Uint8Array(LENGTH_32).fill(LENGTH_0);\n\nexport const ERROR_BAD_MAC = \"Bad MAC\";\nexport const ERROR_BAD_SIGNATURE = \"Bad signature\";\nexport const ERROR_BAD_PRIVATE_KEY = \"Bad private key\";\nexport const ERROR_BAD_PUBLIC_KEY = \"Bad public key\";\nexport const ERROR_ECIES_SERIALIZED_LENGTH =\n \"ECIES deserialize: buffer shorter than minimum serialized length\";\n\nexport const ERROR_EMPTY_MESSAGE = \"Message should not be empty\";\nexport const ERROR_MESSAGE_TOO_LONG = \"Message is too long\";\n\nexport const ERROR_BAD_EPHEM_PRIVATE_KEY = \"Invalid ephemeral private key\";\n\nexport const ERROR_AES_IV_LENGTH = \"AES-CBC: IV must be 16 bytes\";\nexport const ERROR_AES_KEY_LENGTH = \"AES-CBC: key must be 32 bytes\";\n\nexport const ERROR_AES_GCM_KEY_LENGTH =\n \"AES-GCM: key must be 16, 24, or 32 bytes\";\nexport const ERROR_AES_GCM_NONCE_LENGTH =\n \"AES-GCM: nonce must be at least 8 bytes\";\nexport const ERROR_AES_GCM_CIPHERTEXT_LENGTH =\n \"AES-GCM: ciphertext must be longer than the authentication tag\";\n", "import {\n HEX_ENC,\n LENGTH_0,\n LENGTH_16,\n type UTF8_ENC,\n} from \"../constants\";\n\nconst textEncoder = new TextEncoder();\nconst textDecoder = new TextDecoder();\n\n/**\n * Encodes a UTF-8 string into bytes.\n * @param str Input string.\n * @returns UTF-8 encoded bytes.\n */\nexport function utf8ToBuffer(str: string): Uint8Array {\n return textEncoder.encode(str);\n}\n\n/**\n * Decodes UTF-8 bytes into a string.\n * @param buf UTF-8 encoded bytes.\n * @returns Decoded string.\n */\nexport function bufferToUtf8(buf: Uint8Array): string {\n return textDecoder.decode(buf);\n}\n\n/**\n * Concatenates multiple byte arrays.\n * @param buffers Byte arrays to concatenate.\n * @returns Concatenated byte array.\n */\nexport function concatBuffers(...buffers: Uint8Array[]): Uint8Array {\n const total = buffers.reduce((n, b) => n + b.length, LENGTH_0);\n const out = new Uint8Array(total);\n let offset = LENGTH_0;\n for (const b of buffers) {\n out.set(b, offset);\n offset += b.length;\n }\n return out;\n}\n\n/**\n * Converts bytes to a lowercase hex string.\n * @param buf Input bytes.\n * @param enc Output encoding selector. Only `hex` is accepted.\n * @returns Hex string.\n */\nexport function bufferToHex(\n buf: Uint8Array,\n enc: typeof HEX_ENC | typeof UTF8_ENC = HEX_ENC\n): string {\n if (enc !== HEX_ENC) {\n throw new Error(\"bufferToHex: only hex encoding is supported\");\n }\n let hex = \"\";\n for (const byte of buf) {\n hex += byte.toString(16).padStart(2, \"0\");\n }\n return hex;\n}\n\n/**\n * Converts a hex string to bytes.\n * @param hex Input hex string, with optional `0x` prefix.\n * @returns Decoded bytes.\n */\nexport function hexToBuffer(hex: string): Uint8Array {\n const clean = hex.startsWith(\"0x\") ? hex.slice(2) : hex;\n if (clean.length % 2 !== 0) {\n throw new Error(\"hexToBuffer: invalid length\");\n }\n const out = new Uint8Array(clean.length / 2);\n for (let i = 0; i < out.length; i++) {\n const byte = Number.parseInt(clean.slice(i * 2, i * 2 + 2), 16);\n if (!Number.isFinite(byte) || byte < 0 || byte > 255) {\n throw new Error(\"hexToBuffer: invalid hex character\");\n }\n out[i] = byte;\n }\n return out;\n}\n\n/**\n * Removes a leading `0x` prefix from a hex string.\n * @param hex Input hex string.\n * @returns Hex string without prefix.\n */\nexport function sanitizeHex(hex: string): string {\n return hex.startsWith(\"0x\") ? hex.slice(2) : hex;\n}\n\n/**\n * Removes leading zeros from a hex string.\n * @param hex Input hex string.\n * @returns Hex string without leading zeros.\n */\nexport function removeHexLeadingZeros(hex: string): string {\n const h = sanitizeHex(hex);\n const stripped = h.replace(/^0+/, \"\");\n return stripped.length ? stripped : \"0\";\n}\n\n/**\n * Parses a hex string into a number.\n * @param hex Input hex string.\n * @returns Parsed number.\n */\nexport function hexToNumber(hex: string): number {\n return Number.parseInt(sanitizeHex(hex), 16);\n}\n\n/**\n * RFC 4648 Base64 from bytes. Chunks `btoa` input to avoid huge spread argument lists.\n *\n * @param buf Input bytes.\n * @returns Base64 string (no line breaks).\n */\nexport function bufferToBase64(buf: Uint8Array): string {\n const chunk = 0x8000;\n let binary = \"\";\n for (let i = 0; i < buf.length; i += chunk) {\n binary += String.fromCharCode(...buf.subarray(i, i + chunk));\n }\n return btoa(binary);\n}\n\n/**\n * RFC 4648 Base64 to bytes (whitespace stripped). Uses `atob`.\n *\n * @param str Base64 string.\n * @returns New `Uint8Array`.\n * @throws {DOMException} Invalid Base64 where `atob` throws.\n */\nexport function base64ToBuffer(str: string): Uint8Array {\n const normalized = str.replace(/\\s+/g, \"\");\n const binary = atob(normalized);\n const out = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n out[i] = binary.charCodeAt(i) & 0xff;\n }\n return out;\n}\n\n/**\n * RFC 4648 Base64url without `=` padding (`-`/`_`). Common for JWK `k`.\n *\n * @param buf Input bytes.\n * @returns Base64url string.\n */\nexport function bufferToBase64Url(buf: Uint8Array): string {\n return bufferToBase64(buf)\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/, \"\");\n}\n\n/**\n * Base64url to bytes (optional padding; then {@link base64ToBuffer}).\n *\n * @param str Base64url string.\n * @returns New `Uint8Array`.\n * @throws {Error} Length mod 4 === 1 (invalid).\n */\nexport function base64UrlToBuffer(str: string): Uint8Array {\n let s = str.replace(/-/g, \"+\").replace(/_/g, \"/\");\n const pad = s.length % 4;\n if (pad === 2) s += \"==\";\n else if (pad === 3) s += \"=\";\n else if (pad === 1) {\n throw new Error(\"base64UrlToBuffer: invalid length\");\n }\n return base64ToBuffer(s);\n}\n\n/**\n * 16-byte AES-128 raw key from `utf8ToBuffer(key.padEnd(16, \" \"))`. Must yield exactly 16 UTF-8 bytes\n * (same constraint as Web Crypto `importKey(\"raw\", \u2026)` for AES-128).\n *\n * @param key Passphrase.\n * @returns 16 key bytes.\n * @throws {Error} UTF-8 length \u2260 16 after padding.\n */\nexport function aes128StringKeyMaterial(key: string): Uint8Array {\n const padded = key.padEnd(LENGTH_16, \" \");\n const bytes = textEncoder.encode(padded);\n if (bytes.length !== LENGTH_16) {\n throw new Error(\n \"aes128StringKeyMaterial: padded key must UTF-8 encode to exactly 16 bytes\",\n );\n }\n return bytes;\n}\n\n", "import { BINARY_ENC, HEX_ENC, UTF8_ENC } from \"../constants\";\nimport {\n bufferToHex as bufferToHexRaw,\n bufferToUtf8,\n hexToBuffer,\n utf8ToBuffer,\n} from \"./encoding\";\n\nconst TYPE_BUFFER = \"buffer\";\nconst TYPE_ARRAY = \"array\";\nconst TYPE_TYPED_ARRAY = \"typed-array\";\nconst TYPE_ARRAY_BUFFER = \"array-buffer\";\n\n/**\n * Rounds a length in **characters** (e.g. binary digits) up to the next multiple of `byteSize` (default 8).\n * Used to build fixed-width `0`/`1` or hex string layouts in the same way as **enc-utils**.\n *\n * @param length - Current length.\n * @param byteSize - Group size in characters; default `8` (one byte of binary digits).\n * @returns The smallest multiple of `byteSize` that is `>=` `length`, or `length` if already aligned.\n */\nexport function calcByteLength(length: number, byteSize = 8): number {\n const remainder = length % byteSize;\n return remainder\n ? ((length - remainder) / byteSize) * byteSize + byteSize\n : length;\n}\n\n/**\n * Pads a string to a minimum length on the **left** or **right** using a repeated `padding` string.\n * Base implementation for {@link padLeft} and {@link padRight}. If `str` is already longer than `length`,\n * it is returned unchanged (no truncation).\n *\n * @param str - Source string.\n * @param length - Target character length.\n * @param left - `true` to pad on the left, `false` on the right.\n * @param padding - Character or string to repeat; default `\"0\"`.\n * @returns Padded string.\n */\nexport function padString(\n str: string,\n length: number,\n left: boolean,\n padding = \"0\",\n): string {\n const diff = length - str.length;\n let result = str;\n if (diff > 0) {\n const pad = padding.repeat(diff);\n result = left ? pad + str : str + pad;\n }\n return result;\n}\n\n/**\n * Left-pads a string to a minimum character length.\n *\n * @param str - Input string.\n * @param length - Target length (if `str` is longer, it is not truncated).\n * @param padding - Character or string repeated for padding (default `\"0\"`).\n * @returns Padded string.\n */\nexport function padLeft(str: string, length: number, padding = \"0\"): string {\n return padString(str, length, true, padding);\n}\n\n/**\n * Right-pads a string to a minimum character length.\n *\n * @param str - Input string.\n * @param length - Target length (if `str` is longer, it is not truncated).\n * @param padding - Character or string repeated for padding (default `\"0\"`).\n * @returns Padded string.\n */\nexport function padRight(str: string, length: number, padding = \"0\"): string {\n return padString(str, length, false, padding);\n}\n\n/**\n * Left-pads a `0`/`1` string with `padding` (default `0`) so the result length is a **multiple of `byteSize`**\n * (default 8). Empty input returns an empty string. Used by {@link numberToBinary} and {@link splitBytes}.\n *\n * @param str - Binary digit string.\n * @param byteSize - Bits per group; default `8`.\n * @param padding - Pad character; default `0`.\n */\nexport function sanitizeBytes(str: string, byteSize = 8, padding = \"0\"): string {\n return padLeft(str, calcByteLength(str.length, byteSize), padding);\n}\n\n/**\n * Splits a `0`/`1` string into chunks of `byteSize` characters after {@link sanitizeBytes} (default 8).\n * Produces the same groupings as the bytes derived from {@link binaryToArray}. Returns `[]` for empty input\n * (or if `String#match` cannot match, which is defensive for unusual environments).\n *\n * @param str - Binary digit string.\n * @param byteSize - Chunk width in characters; default `8`.\n * @returns Consecutive substrings, each one byte in binary form.\n */\nexport function splitBytes(str: string, byteSize = 8): string[] {\n const padded = sanitizeBytes(str, byteSize);\n if (padded.length === 0) {\n return [];\n }\n const m = padded.match(new RegExp(`.{${byteSize}}`, \"gi\"));\n if (m == null) {\n return [];\n }\n return Array.from(m);\n}\n\n/**\n * Decodes a binary string of `0`/`1` (internally {@link sanitizeBytes} / {@link splitBytes} to full bytes) into a\n * `Uint8Array`. An empty string yields an empty `Uint8Array`.\n *\n * @param bin - `0`/`1` string; non-empty input should have length a multiple of 8 for typical enc-utils behavior.\n */\nexport function binaryToArray(bin: string): Uint8Array {\n return new Uint8Array(splitBytes(bin).map((x) => Number.parseInt(x, 2)));\n}\n\n/**\n * Encodes a number as **unsigned 32-bit** (`num >>> 0`), then minimal base-2 without leading zero padding\n * in the *integer* part, then {@link sanitizeBytes} to a whole number of 8-bit groups. Same layout as\n * **enc-utils**; used by {@link numberToArray} and {@link numberToHex}.\n *\n * @param num - Any number; only the low 32 unsigned bits are used.\n * @returns Padded `0`/`1` string.\n */\nexport function numberToBinary(num: number): string {\n const bin = (num >>> 0).toString(2);\n return sanitizeBytes(bin);\n}\n\n/**\n * Whether the value is a **non-empty** string of only `0`/`1` whose **length** is a multiple of 8.\n * This is the same rule as the \u201Cbinary\u201D branch in {@link getEncoding} (before {@link isHexString} and UTF-8).\n *\n * @param str - Value to test; non-strings and empty strings are `false`.\n * @returns `true` if the value matches the binary string pattern.\n */\nexport function isBinaryString(str: unknown): boolean {\n if (typeof str !== \"string\" || !/^[01]+$/.test(str)) {\n return false;\n }\n if (str.length % 8 !== 0) {\n return false;\n }\n return true;\n}\n\n/**\n * Whether the string is hex **with a `0x` prefix** and ASCII hex digits only.\n *\n * @remarks\n * Strict enc-utils rule: hex strings **without** `0x` return `false`.\n * The prefix must be exactly lowercase `0x` (not `0X`).\n *\n * @param str - Value to test.\n * @param length - When set, expected **byte** length: the string must be `2 + 2 * length` characters long.\n * @returns `true` if the pattern (and optional length) matches.\n */\nexport function isHexString(str: unknown, length?: number): boolean {\n if (typeof str !== \"string\" || !/^0x[0-9A-Fa-f]*$/.test(str)) {\n return false;\n }\n if (length !== undefined && str.length !== 2 + 2 * length) {\n return false;\n }\n return true;\n}\n\n/**\n * Whether the value is a Node.js **`Buffer`** instance.\n *\n * @param val - Any value.\n * @returns `false` if `Buffer` is not defined in the environment; otherwise delegates to `Buffer.isBuffer`.\n */\nexport function isBuffer(val: unknown): boolean {\n const bufferCtor = (globalThis as { Buffer?: { isBuffer(value: unknown): boolean } })\n .Buffer;\n if (bufferCtor === undefined) {\n return false;\n }\n return bufferCtor.isBuffer(val);\n}\n\n/**\n * Whether the value is an **ArrayBuffer view** (`TypedArray` / `DataView`), excluding `Buffer`.\n *\n * @param val - Any value.\n * @returns `true` for e.g. `Uint8Array`, `DataView`, etc., but not for `Buffer` or a bare `ArrayBuffer`.\n */\nexport function isTypedArray(val: unknown): boolean {\n return ArrayBuffer.isView(val) && !isBuffer(val);\n}\n\n/**\n * Whether the value is a bare **`ArrayBuffer`** (not a view or `Buffer`).\n *\n * @param val - Any value.\n */\nexport function isArrayBuffer(val: unknown): boolean {\n return !isTypedArray(val) && !isBuffer(val) && val instanceof ArrayBuffer;\n}\n\n/**\n * Type tag returned by {@link getType} for binary values, and `typeof` for everything else.\n */\nexport type EncLikeType =\n | \"string\"\n | \"number\"\n | \"bigint\"\n | \"boolean\"\n | \"symbol\"\n | \"undefined\"\n | \"object\"\n | \"function\"\n | typeof TYPE_BUFFER\n | typeof TYPE_ARRAY\n | typeof TYPE_TYPED_ARRAY\n | typeof TYPE_ARRAY_BUFFER;\n\n/**\n * Classifies a value: `Buffer`, typed views, `ArrayBuffer`, then JS arrays; otherwise `typeof val`.\n *\n * @param val - Value to classify.\n * @returns One of the {@link EncLikeType} tags.\n */\nexport function getType(val: unknown): EncLikeType {\n if (isBuffer(val)) {\n return TYPE_BUFFER;\n }\n if (isTypedArray(val)) {\n return TYPE_TYPED_ARRAY;\n }\n if (isArrayBuffer(val)) {\n return TYPE_ARRAY_BUFFER;\n }\n if (Array.isArray(val)) {\n return TYPE_ARRAY;\n }\n return typeof val as EncLikeType;\n}\n\n/**\n * Heuristic **string** \u201Cencoding\u201D: binary, strict `0x` hex, or UTF-8 by default.\n *\n * @remarks\n * Check order: {@link isBinaryString} \u2192 {@link isHexString} \u2192 otherwise treat as UTF-8 text.\n *\n * @param str - Input string.\n * @returns `\"binary\"`, `\"hex\"`, or `\"utf8\"`.\n */\nexport function getEncoding(\n str: string,\n): typeof BINARY_ENC | typeof HEX_ENC | typeof UTF8_ENC {\n if (isBinaryString(str)) {\n return BINARY_ENC;\n }\n if (isHexString(str)) {\n return HEX_ENC;\n }\n return UTF8_ENC;\n}\n\n/**\n * Ensures a `0x` prefix on a hex string (does not duplicate if it already starts with `0x`).\n *\n * @param hex - Hex with or without prefix (does not validate digits).\n */\nexport function addHexPrefix(hex: string): string {\n return hex.startsWith(\"0x\") ? hex : `0x${hex}`;\n}\n\n/**\n * Strips a leading literal `0x` prefix (lowercase only). Does not change the rest of the string.\n *\n * @param hex - String that may start with `0x`.\n */\nexport function removeHexPrefix(hex: string): string {\n return hex.replace(/^0x/, \"\");\n}\n\n/**\n * Copies bytes into a **new** `Uint8Array` (same idea as enc-utils `bufferToArray`).\n *\n * @param buf - Source bytes (typically `Uint8Array`).\n */\nexport function bufferToArray(buf: Uint8Array): Uint8Array {\n return new Uint8Array(buf);\n}\n\n/**\n * Interprets all bytes as one **unsigned** **big-endian** integer (MSB first).\n *\n * @remarks\n * Empty input returns `0`. With many bytes the value may exceed `2^53 - 1`;\n * JavaScript numbers then lose integer precision.\n *\n * @param buf - Byte sequence to interpret.\n */\nexport function bufferToNumber(buf: Uint8Array): number {\n if (buf.length === 0) {\n return 0;\n }\n let n = 0;\n for (const byte of buf) {\n n = (n << 8) | byte;\n }\n return n;\n}\n\n/**\n * Copies an octet `ArrayLike` into a new `Uint8Array`.\n *\n * @remarks\n * Historical name `arrayToBuffer`; here the result is always `Uint8Array`, not Node `Buffer`.\n *\n * @param arr - Indexable bytes or octets (e.g. `Uint8Array`, `number[]`).\n */\nexport function arrayToBuffer(arr: ArrayLike): Uint8Array {\n return Uint8Array.from(arr);\n}\n\n/**\n * Encodes bytes as lowercase hex, with an optional `0x` prefix.\n *\n * @param arr - Bytes to encode.\n * @param prefixed - If `true`, prepends `0x` to the unprefixed hex.\n */\nexport function arrayToHex(arr: Uint8Array, prefixed = false): string {\n const hex = bufferToHexRaw(arr);\n return prefixed ? addHexPrefix(hex) : hex;\n}\n\n/**\n * Decodes UTF-8 bytes to a text string.\n *\n * @param arr - Valid UTF-8 bytes.\n */\nexport function arrayToUtf8(arr: Uint8Array): string {\n return bufferToUtf8(arr);\n}\n\n/**\n * Same as {@link bufferToNumber} applied to `arr`.\n *\n * @param arr - Big-endian bytes.\n */\nexport function arrayToNumber(arr: Uint8Array): number {\n return bufferToNumber(arr);\n}\n\n/**\n * Decodes hex to bytes. Optional `0x` prefix; delegates to {@link hexToBuffer}.\n *\n * @param hex - Hex string (same rules as `hexToBuffer` in the `encoding` module).\n * @throws If the hex is invalid (odd length, non-hex characters, etc.).\n */\nexport function hexToArray(hex: string): Uint8Array {\n return new Uint8Array(hexToBuffer(hex));\n}\n\n/**\n * Decodes hex to bytes and interprets them as **UTF-8** to produce a string.\n *\n * @param hex - Hex of the UTF-8 payload.\n * @throws If the hex or UTF-8 bytes are invalid.\n */\nexport function hexToUtf8(hex: string): string {\n return bufferToUtf8(hexToBuffer(hex));\n}\n\n/**\n * Encodes UTF-8 text to bytes (explicit copy in a new `Uint8Array`).\n *\n * @remarks\n * Practically equivalent to {@link utf8ToBuffer} from the `encoding` module, with a defensive copy.\n *\n * @param utf8 - JavaScript Unicode string (encoded as UTF-8).\n */\nexport function utf8ToArray(utf8: string): Uint8Array {\n return new Uint8Array(utf8ToBuffer(utf8));\n}\n\n/**\n * Encodes UTF-8 text to lowercase hex, with an optional `0x` prefix.\n *\n * @param utf8 - Input text.\n * @param prefixed - If `true`, result includes a `0x` prefix.\n */\nexport function utf8ToHex(utf8: string, prefixed = false): string {\n return arrayToHex(utf8ToBuffer(utf8), prefixed);\n}\n\n/**\n * Parses a base-**10** integer from a UTF-8 string.\n *\n * @param utf8 - Decimal string (e.g. `\"42\"`).\n * @returns A safe integer.\n * @throws If parsing does not yield a finite integer in JS safe range.\n */\nexport function utf8ToNumber(utf8: string): number {\n const num = Number.parseInt(utf8, 10);\n if (!Number.isFinite(num) || !Number.isSafeInteger(num)) {\n throw new Error(\"utf8ToNumber: value is not a safe integer\");\n }\n return num;\n}\n\n/**\n * Converts a number as **uint32** (`num >>> 0`) to minimal big-endian bytes\n * (bit string padded to a multiple of 8 bits, same logic as enc-utils).\n *\n * @param num - Numeric value; only the low 32 unsigned bits are used.\n */\nexport function numberToArray(num: number): Uint8Array {\n return binaryToArray(numberToBinary(num));\n}\n\n/**\n * Same as {@link numberToArray} (copy in a new `Uint8Array`).\n *\n * @param num - See {@link numberToArray}.\n */\nexport function numberToBuffer(num: number): Uint8Array {\n return Uint8Array.from(numberToArray(num));\n}\n\n/**\n * Lowercase hex of the byte layout produced by {@link numberToArray} for `num`, with an optional `0x` prefix.\n *\n * @param num - Integer; uint32 projection as in enc-utils.\n * @param prefixed - Defaults to `false` when omitted.\n */\nexport function numberToHex(num: number, prefixed?: boolean): string {\n return arrayToHex(numberToArray(num), prefixed ?? false);\n}\n\n/**\n * Converts the number to its decimal string form (`String(num)`).\n *\n * @param num - Input number.\n */\nexport function numberToUtf8(num: number): string {\n return `${num}`;\n}\n\n/**\n * Trims from the **left** to at most `length` bytes: keeps the **tail** of the buffer.\n *\n * @remarks\n * If `data.length <= length`, returns `data` unchanged (same reference).\n *\n * @param data - Byte sequence.\n * @param length - Maximum number of bytes in the result.\n */\nexport function trimLeft(data: Uint8Array, length: number): Uint8Array {\n const diff = data.length - length;\n if (diff > 0) {\n return data.slice(diff);\n }\n return data;\n}\n\n/**\n * Trims from the **right**: keeps the first `length` bytes.\n *\n * @remarks\n * If `length` is greater than the current length, `slice` returns the whole buffer.\n *\n * @param data - Byte sequence.\n * @param length - Number of bytes to keep from the start.\n */\nexport function trimRight(data: Uint8Array, length: number): Uint8Array {\n return data.slice(0, length);\n}\n", "import {\n DECOMPRESSED_LENGTH,\n KEY_LENGTH,\n PREFIXED_DECOMPRESSED_LENGTH,\n PREFIXED_KEY_LENGTH,\n} from \"../constants\";\nimport type { Signature, SignResult } from \"./types\";\nimport {\n bufferToHex,\n concatBuffers,\n hexToBuffer,\n hexToNumber,\n removeHexLeadingZeros,\n sanitizeHex,\n} from \"./encoding\";\n\n/**\n * Checks whether a public key is in compressed format.\n * @param publicKey Public key bytes.\n * @returns True when key is compressed.\n */\nexport function isCompressed(publicKey: Uint8Array): boolean {\n return (\n publicKey.length === KEY_LENGTH || publicKey.length === PREFIXED_KEY_LENGTH\n );\n}\n\n/**\n * Checks whether a public key is in uncompressed format.\n * @param publicKey Public key bytes.\n * @returns True when key is uncompressed.\n */\nexport function isDecompressed(publicKey: Uint8Array): boolean {\n return (\n publicKey.length === DECOMPRESSED_LENGTH ||\n publicKey.length === PREFIXED_DECOMPRESSED_LENGTH\n );\n}\n\n/**\n * Checks whether a public key has SEC1 prefix byte.\n * @param publicKey Public key bytes.\n * @returns True when key includes prefix.\n */\nexport function isPrefixed(publicKey: Uint8Array): boolean {\n if (isCompressed(publicKey)) {\n return publicKey.length === PREFIXED_KEY_LENGTH;\n }\n return publicKey.length === PREFIXED_DECOMPRESSED_LENGTH;\n}\n\n/**\n * Ensures a public key is SEC1-prefixed.\n * @param publicKey Public key bytes.\n * @returns Prefixed public key bytes.\n */\nexport function sanitizePublicKey(publicKey: Uint8Array): Uint8Array {\n return isPrefixed(publicKey)\n ? publicKey\n : concatBuffers(hexToBuffer(\"04\"), publicKey);\n}\n\n/**\n * Converts recovery id to Ethereum-style recovery byte.\n * @param recoveryParam Recovery id.\n * @returns Recovery byte as Uint8Array.\n */\nexport function exportRecoveryParam(recoveryParam: number): Uint8Array {\n return hexToBuffer(sanitizeHex((recoveryParam + 27).toString(16)));\n}\n\n/**\n * Converts recovery byte to recovery id.\n * @param v Recovery byte.\n * @returns Recovery id.\n */\nexport function importRecoveryParam(v: Uint8Array): number {\n return hexToNumber(removeHexLeadingZeros(bufferToHex(v))) - 27;\n}\n\n/**\n * Splits compact signature bytes into r, s, and v components.\n * @param sig Signature bytes.\n * @returns Signature object with r, s, and v.\n */\nexport function splitSignature(sig: Uint8Array): Signature {\n return {\n r: sig.slice(0, 32),\n s: sig.slice(32, 64),\n v: sig.slice(64, 65),\n };\n}\n\n/**\n * Joins r, s, and v signature components into byte array.\n * @param sig Signature object.\n * @returns Signature bytes.\n */\nexport function joinSignature(sig: Signature): Uint8Array {\n return concatBuffers(sig.r, sig.s, sig.v);\n}\n\n/**\n * Checks whether signature bytes look like DER format.\n * @param sig Signature bytes.\n * @returns True when signature appears DER-encoded.\n */\nexport function isValidDERSignature(sig: Uint8Array): boolean {\n return sig.length > 65 && sig[0] === 0x30;\n}\n\n/**\n * Converts recovered signature bytes into signature and recovery id.\n * @param sig Recovered signature bytes.\n * @returns Signature bytes and recovery id.\n */\nexport function sanitizeRSVSignature(sig: Uint8Array): SignResult {\n return {\n signature: sig.slice(0, 64),\n recovery: importRecoveryParam(sig.slice(64, 65)),\n };\n}\n", "import {\n EC_GROUP_ORDER,\n ERROR_BAD_PRIVATE_KEY,\n ERROR_BAD_PUBLIC_KEY,\n ERROR_EMPTY_MESSAGE,\n ERROR_MESSAGE_TOO_LONG,\n KEY_LENGTH,\n LENGTH_0,\n MAX_KEY_LENGTH,\n MAX_MSG_LENGTH,\n PREFIXED_DECOMPRESSED_LENGTH,\n PREFIXED_KEY_LENGTH,\n ZERO32,\n} from \"../constants\";\n\n/**\n * Asserts a condition and throws when it fails.\n * @param condition Condition to evaluate.\n * @param message Error message when condition fails.\n */\nexport function assert(condition: boolean, message: string): void {\n if (!condition) {\n throw new Error(message || \"Assertion failed\");\n }\n}\n\n/**\n * Checks whether input is a 32-byte scalar.\n * @param x Input bytes.\n * @returns True when input is a scalar.\n */\nexport function isScalar(x: Uint8Array): boolean {\n return x instanceof Uint8Array && x.length === 32;\n}\n\n/**\n * Validates a secp256k1 private key range.\n * @param privateKey Private key bytes.\n * @returns True when key is valid.\n */\nexport function isValidPrivateKey(privateKey: Uint8Array): boolean {\n if (!isScalar(privateKey)) {\n return false;\n }\n return (\n compareBuffers(privateKey, ZERO32) > 0 &&\n compareBuffers(privateKey, EC_GROUP_ORDER) < 0\n );\n}\n\n/**\n * Compares two byte arrays lexicographically.\n * @param a First byte array.\n * @param b Second byte array.\n * @returns -1, 0, or 1 depending on comparison result.\n */\nexport function compareBuffers(a: Uint8Array, b: Uint8Array): number {\n const len = Math.max(a.length, b.length);\n for (let i = 0; i < len; i++) {\n const av = a[i] ?? 0;\n const bv = b[i] ?? 0;\n if (av !== bv) {\n return av < bv ? -1 : 1;\n }\n }\n return 0;\n}\n\n/**\n * Compares two byte arrays in constant time.\n * @param b1 First byte array.\n * @param b2 Second byte array.\n * @returns True when arrays are equal.\n */\nexport function equalConstTime(b1: Uint8Array, b2: Uint8Array): boolean {\n if (b1.length !== b2.length) {\n return false;\n }\n let res = 0;\n for (let i = 0; i < b1.length; i++) {\n res |= b1[i] ^ b2[i];\n }\n return res === 0;\n}\n\n/**\n * Validates random key length constraints.\n * @param length Requested length.\n * @returns True when length is valid.\n */\nexport function isValidKeyLength(length: number): boolean {\n return !(\n length <= LENGTH_0 ||\n length > MAX_KEY_LENGTH ||\n Number.parseInt(String(length), 10) !== length\n );\n}\n\n/**\n * Validates a private key and throws when invalid.\n * @param privateKey Private key bytes.\n */\nexport function checkPrivateKey(privateKey: Uint8Array): void {\n assert(privateKey.length === KEY_LENGTH, ERROR_BAD_PRIVATE_KEY);\n assert(isValidPrivateKey(privateKey), ERROR_BAD_PRIVATE_KEY);\n}\n\n/**\n * Validates a public key and throws when invalid.\n * @param publicKey Public key bytes.\n */\nexport function checkPublicKey(publicKey: Uint8Array): void {\n assert(\n publicKey.length === PREFIXED_DECOMPRESSED_LENGTH ||\n publicKey.length === PREFIXED_KEY_LENGTH,\n ERROR_BAD_PUBLIC_KEY\n );\n if (publicKey.length === PREFIXED_DECOMPRESSED_LENGTH) {\n assert(publicKey[0] === 4, ERROR_BAD_PUBLIC_KEY);\n }\n if (publicKey.length === PREFIXED_KEY_LENGTH) {\n assert(publicKey[0] === 2 || publicKey[0] === 3, ERROR_BAD_PUBLIC_KEY);\n }\n}\n\n/**\n * Validates message bytes and throws when invalid.\n * @param msg Message bytes.\n */\nexport function checkMessage(msg: Uint8Array): void {\n assert(msg.length > 0, ERROR_EMPTY_MESSAGE);\n assert(msg.length <= MAX_MSG_LENGTH, ERROR_MESSAGE_TOO_LONG);\n}\n", "import * as aesJs from \"aes-js\";\nimport {\n ERROR_AES_IV_LENGTH,\n ERROR_AES_KEY_LENGTH,\n IV_LENGTH,\n KEY_LENGTH,\n} from \"./constants\";\n\nconst { ModeOfOperation } = aesJs;\n\nfunction bytesToAesNumberArray(buf: Uint8Array): number[] {\n return Array.from(buf);\n}\n\nfunction assertAesLengths(iv: Uint8Array, key: Uint8Array): void {\n if (iv.length !== IV_LENGTH) {\n throw new Error(ERROR_AES_IV_LENGTH);\n }\n if (key.length !== KEY_LENGTH) {\n throw new Error(ERROR_AES_KEY_LENGTH);\n }\n}\n\n/**\n * Encrypts data using AES-256-CBC.\n * @param iv Initialization vector (16 bytes).\n * @param key Encryption key (32 bytes).\n * @param data Plaintext bytes.\n * @returns Ciphertext bytes with PKCS#7 padding applied.\n */\nexport async function aesCbcEncrypt(\n iv: Uint8Array,\n key: Uint8Array,\n data: Uint8Array\n): Promise {\n return aesCbcEncryptSync(iv, key, data);\n}\n\n/**\n * Decrypts data using AES-256-CBC.\n * @param iv Initialization vector (16 bytes).\n * @param key Encryption key (32 bytes).\n * @param data Ciphertext bytes.\n * @returns Decrypted plaintext bytes without PKCS#7 padding.\n */\nexport async function aesCbcDecrypt(\n iv: Uint8Array,\n key: Uint8Array,\n data: Uint8Array\n): Promise {\n return aesCbcDecryptSync(iv, key, data);\n}\n\n/**\n * Encrypts data using AES-256-CBC.\n * @param iv Initialization vector (16 bytes).\n * @param key Encryption key (32 bytes).\n * @param data Plaintext bytes.\n * @returns Ciphertext bytes with PKCS#7 padding applied.\n */\nexport function aesCbcEncryptSync(\n iv: Uint8Array,\n key: Uint8Array,\n data: Uint8Array\n): Uint8Array {\n assertAesLengths(iv, key);\n const padded = pkcs7Pad(data, IV_LENGTH);\n const cbc = new ModeOfOperation.cbc(\n bytesToAesNumberArray(key),\n bytesToAesNumberArray(iv)\n );\n return new Uint8Array(cbc.encrypt(bytesToAesNumberArray(padded)));\n}\n\n/**\n * Decrypts data using AES-256-CBC.\n * @param iv Initialization vector (16 bytes).\n * @param key Encryption key (32 bytes).\n * @param data Ciphertext bytes.\n * @returns Decrypted plaintext bytes without PKCS#7 padding.\n */\nexport function aesCbcDecryptSync(\n iv: Uint8Array,\n key: Uint8Array,\n data: Uint8Array\n): Uint8Array {\n assertAesLengths(iv, key);\n const cbc = new ModeOfOperation.cbc(\n bytesToAesNumberArray(key),\n bytesToAesNumberArray(iv)\n );\n const decrypted = new Uint8Array(cbc.decrypt(bytesToAesNumberArray(data)));\n return pkcs7Unpad(decrypted, IV_LENGTH);\n}\n\n/**\n * Applies PKCS#7 padding to a byte array.\n * @param data Input bytes.\n * @param blockSize Cipher block size in bytes.\n * @returns Padded byte array.\n */\nfunction pkcs7Pad(data: Uint8Array, blockSize: number): Uint8Array {\n const pad = blockSize - (data.length % blockSize);\n const out = new Uint8Array(data.length + pad);\n out.set(data);\n out.fill(pad, data.length);\n return out;\n}\n\n/**\n * Removes PKCS#7 padding from a byte array.\n * @param data Input bytes with PKCS#7 padding.\n * @returns Unpadded byte array.\n * @throws Error if padding is invalid.\n */\nfunction pkcs7Unpad(data: Uint8Array, blockSize: number): Uint8Array {\n const padByte =\n data.length === 0 ? undefined : data[data.length - 1];\n if (padByte === undefined) {\n throw new Error(\"PKCS#7: empty data\");\n }\n const pad = padByte;\n if (pad < 1 || pad > blockSize || pad > data.length) {\n throw new Error(\"PKCS#7: invalid padding\");\n }\n for (let i = data.length - pad; i < data.length; i++) {\n if (data[i] !== pad) {\n throw new Error(\"PKCS#7: invalid padding\");\n }\n }\n return data.slice(0, data.length - pad);\n}\n", "import { gcm } from \"@noble/ciphers/aes.js\";\nimport {\n AES_GCM_ENVELOPE_NONCE_MAX_LENGTH,\n AES_GCM_NONCE_LENGTH,\n AES_GCM_TAG_LENGTH,\n ERROR_AES_GCM_CIPHERTEXT_LENGTH,\n ERROR_AES_GCM_KEY_LENGTH,\n ERROR_AES_GCM_NONCE_LENGTH,\n KEY_LENGTH,\n} from \"./constants\";\nimport {\n aes128StringKeyMaterial,\n base64ToBuffer,\n base64UrlToBuffer,\n bufferToBase64,\n bufferToBase64Url,\n bufferToHex,\n bufferToUtf8,\n concatBuffers,\n hexToBuffer,\n utf8ToBuffer,\n} from \"./helpers/encoding\";\nimport type { AesGcmJsonWire } from \"./helpers/types\";\nimport { randomBytes } from \"./random\";\n\nconst MIN_NONCE_BYTES = 8;\n\nfunction assertAesGcmKey(key: Uint8Array): void {\n const len = key.length;\n if (len !== 16 && len !== 24 && len !== 32) {\n throw new Error(ERROR_AES_GCM_KEY_LENGTH);\n }\n}\n\nfunction assertAesGcmNonce(nonce: Uint8Array): void {\n if (nonce.length < MIN_NONCE_BYTES) {\n throw new Error(ERROR_AES_GCM_NONCE_LENGTH);\n }\n}\n\nfunction assertAesGcmCiphertext(ct: Uint8Array): void {\n if (ct.length <= AES_GCM_TAG_LENGTH) {\n throw new Error(ERROR_AES_GCM_CIPHERTEXT_LENGTH);\n }\n}\n\nfunction assertEnvelopeNonceByteLength(n: number): void {\n if (\n !Number.isInteger(n) ||\n n < MIN_NONCE_BYTES ||\n n > AES_GCM_ENVELOPE_NONCE_MAX_LENGTH\n ) {\n throw new Error(\n `encryptJsonAes256GcmSync: nonceByteLength must be an integer from ${MIN_NONCE_BYTES} to ${AES_GCM_ENVELOPE_NONCE_MAX_LENGTH}`,\n );\n }\n}\n\n/**\n * AES-GCM encrypt (128-bit tag). Ciphertext layout matches Web Crypto `AES-GCM`\n * (`ciphertext || tag`). Delegates to {@link aesGcmEncryptSync}.\n *\n * @param nonce IV/nonce; use {@link AES_GCM_NONCE_LENGTH} bytes when possible (minimum 8).\n * @param key Raw AES key: 16, 24, or 32 bytes.\n * @param plaintext Plaintext.\n * @param aad Optional AAD; must match on decrypt.\n * @returns `Uint8Array` ciphertext with tag appended.\n * @throws {Error} Invalid key length, nonce shorter than 8 bytes, or cipher failure.\n */\nexport async function aesGcmEncrypt(\n nonce: Uint8Array,\n key: Uint8Array,\n plaintext: Uint8Array,\n aad?: Uint8Array,\n): Promise {\n return aesGcmEncryptSync(nonce, key, plaintext, aad);\n}\n\n/**\n * AES-GCM encrypt (128-bit tag); same output layout as Web Crypto `AES-GCM`.\n *\n * @param nonce IV/nonce (\u2265 8 bytes; {@link AES_GCM_NONCE_LENGTH} recommended).\n * @param key Raw AES key (16, 24, or 32 bytes).\n * @param plaintext Plaintext.\n * @param aad Optional AAD.\n * @returns Ciphertext with tag appended.\n * @throws {Error} Invalid key or nonce length, or cipher failure.\n */\nexport function aesGcmEncryptSync(\n nonce: Uint8Array,\n key: Uint8Array,\n plaintext: Uint8Array,\n aad?: Uint8Array,\n): Uint8Array {\n assertAesGcmKey(key);\n assertAesGcmNonce(nonce);\n return gcm(key, nonce, aad).encrypt(plaintext);\n}\n\n/**\n * AES-GCM decrypt and verify. Delegates to {@link aesGcmDecryptSync}.\n *\n * @param nonce Same as encrypt.\n * @param key Same as encrypt.\n * @param ciphertext Ciphertext including 128-bit tag.\n * @param aad Same AAD as encrypt, if any.\n * @returns Plaintext.\n * @throws {Error} Invalid inputs, auth failure, or decrypt failure.\n */\nexport async function aesGcmDecrypt(\n nonce: Uint8Array,\n key: Uint8Array,\n ciphertext: Uint8Array,\n aad?: Uint8Array,\n): Promise {\n return aesGcmDecryptSync(nonce, key, ciphertext, aad);\n}\n\n/**\n * AES-GCM decrypt and verify (`ciphertext` includes tag).\n *\n * @param nonce Same as encrypt.\n * @param key Same as encrypt.\n * @param ciphertext Ciphertext including tag.\n * @param aad Same optional AAD as encrypt.\n * @returns Plaintext.\n * @throws {Error} Invalid inputs or authentication failure.\n */\nexport function aesGcmDecryptSync(\n nonce: Uint8Array,\n key: Uint8Array,\n ciphertext: Uint8Array,\n aad?: Uint8Array,\n): Uint8Array {\n assertAesGcmKey(key);\n assertAesGcmNonce(nonce);\n assertAesGcmCiphertext(ciphertext);\n return gcm(key, nonce, aad).decrypt(ciphertext);\n}\n\n/**\n * AES-128-GCM over `JSON.stringify(data)` with a passphrase string. Key bytes come from\n * {@link aes128StringKeyMaterial} (`padEnd(16)` then UTF-8; must be 16 bytes). Random\n * {@link AES_GCM_NONCE_LENGTH}-byte nonce per call. Returns lowercase hex: `nonce || ct||tag`.\n *\n * @param data Any `JSON.stringify` input.\n * @param key Passphrase (see {@link aes128StringKeyMaterial} constraints).\n * @returns Lowercase hex wire string.\n * @throws {Error} Invalid key material or encrypt failure.\n */\nexport function encryptObjectAes128GcmJsonHex(data: unknown, key: string): string {\n const keyBytes = aes128StringKeyMaterial(key);\n const iv = randomBytes(AES_GCM_NONCE_LENGTH);\n const pt = utf8ToBuffer(JSON.stringify(data));\n const ct = aesGcmEncryptSync(iv, keyBytes, pt);\n return bufferToHex(concatBuffers(iv, ct));\n}\n\n/**\n * Inverse of {@link encryptObjectAes128GcmJsonHex}: hex \u2192 nonce + ciphertext||tag, then\n * `JSON.parse` on UTF-8 plaintext. Narrow the return type at the call site.\n *\n * @param hex Wire from {@link encryptObjectAes128GcmJsonHex} (hex as accepted by {@link hexToBuffer}).\n * @param key Same passphrase as encrypt.\n * @returns Parsed JSON (`unknown`).\n * @throws {Error} Invalid input or auth failure.\n * @throws {SyntaxError} Invalid JSON in plaintext after decrypt.\n */\nexport function decryptObjectAes128GcmJsonHex(hex: string, key: string): unknown {\n const keyBytes = aes128StringKeyMaterial(key);\n const combined = hexToBuffer(hex);\n if (combined.length < AES_GCM_NONCE_LENGTH + AES_GCM_TAG_LENGTH + 1) {\n throw new Error(ERROR_AES_GCM_CIPHERTEXT_LENGTH);\n }\n const iv = combined.subarray(0, AES_GCM_NONCE_LENGTH);\n const ciphertext = combined.subarray(AES_GCM_NONCE_LENGTH);\n const pt = aesGcmDecryptSync(iv, keyBytes, ciphertext);\n return JSON.parse(bufferToUtf8(pt));\n}\n\nfunction encryptJsonAes256GcmWireSync(data: unknown, nonceByteLength: number): AesGcmJsonWire {\n assertEnvelopeNonceByteLength(nonceByteLength);\n const key = randomBytes(KEY_LENGTH);\n const iv = randomBytes(nonceByteLength);\n const pt = utf8ToBuffer(JSON.stringify(data));\n const ct = aesGcmEncryptSync(iv, key, pt);\n return {\n iv: bufferToBase64(iv),\n key: bufferToBase64Url(key),\n stream: bufferToBase64(ct),\n };\n}\n\n/**\n * AES-256-GCM over `JSON.stringify(data)` with random 32-byte key. Wire: {@link AesGcmJsonWire}\n * (Base64 `iv`/`stream`, unpadded Base64url `key`).\n *\n * @param data Any `JSON.stringify` input.\n * @param nonceByteLength Nonce size in bytes; default {@link AES_GCM_NONCE_LENGTH} (8\u2013{@link AES_GCM_ENVELOPE_NONCE_MAX_LENGTH}).\n * @returns Serializable envelope.\n * @throws {Error} Invalid `nonceByteLength`, key or nonce length, encrypt failure, or `JSON.stringify` failure.\n */\nexport function encryptJsonAes256GcmSync(\n data: unknown,\n nonceByteLength: number = AES_GCM_NONCE_LENGTH,\n): AesGcmJsonWire {\n return encryptJsonAes256GcmWireSync(data, nonceByteLength);\n}\n\n/** Async {@link encryptJsonAes256GcmSync}. */\nexport async function encryptJsonAes256Gcm(\n data: unknown,\n nonceByteLength: number = AES_GCM_NONCE_LENGTH,\n): Promise {\n return encryptJsonAes256GcmSync(data, nonceByteLength);\n}\n\n/**\n * Decrypts {@link AesGcmJsonWire} from {@link encryptJsonAes256GcmSync}. Verifies GCM tag, then\n * `JSON.parse` on UTF-8 plaintext.\n *\n * @param wire Envelope ({@link AesGcmJsonWire}).\n * @returns Parsed JSON (`unknown`).\n * @throws {Error} Bad encoding, lengths, or auth failure.\n * @throws {SyntaxError} Invalid JSON in plaintext after decrypt.\n */\nexport function decryptJsonAes256GcmSync(wire: AesGcmJsonWire): unknown {\n const iv = base64ToBuffer(wire.iv);\n const key = base64UrlToBuffer(wire.key);\n const ciphertext = base64ToBuffer(wire.stream);\n const pt = aesGcmDecryptSync(iv, key, ciphertext);\n return JSON.parse(bufferToUtf8(pt));\n}\n\n/** Async {@link decryptJsonAes256GcmSync}. */\nexport async function decryptJsonAes256Gcm(wire: AesGcmJsonWire): Promise {\n return decryptJsonAes256GcmSync(wire);\n}\n", "import { isValidKeyLength } from \"./helpers/validators\";\n\n/**\n * Generates cryptographically secure random bytes.\n * @param length Number of bytes to generate.\n * @returns Random bytes.\n */\nexport function randomBytes(length: number): Uint8Array {\n if (!isValidKeyLength(length)) {\n throw new Error(`randomBytes - invalid key length: ${length}`);\n }\n const out = new Uint8Array(length);\n globalThis.crypto.getRandomValues(out);\n return out;\n}\n", "import { Point, etc } from \"@noble/secp256k1\";\nimport { checkPrivateKey, checkPublicKey } from \"./helpers/validators\";\nimport { decompress } from \"./ecdsa\";\n\n/**\n * Derives a shared secret using ECDH over secp256k1.\n * @param privateKeyA Local private key (32 bytes).\n * @param publicKeyB Remote public key (compressed or uncompressed SEC1 format).\n * @returns 32-byte x coordinate of the shared point.\n */\nexport function derive(\n privateKeyA: Uint8Array,\n publicKeyB: Uint8Array\n): Uint8Array {\n checkPrivateKey(privateKeyA);\n checkPublicKey(publicKeyB);\n const pub = decompress(publicKeyB);\n const affine = Point.fromBytes(pub)\n .multiply(etc.secretKeyToScalar(privateKeyA))\n .toAffine();\n return etc.numberToBytesBE(affine.x);\n}\n", "import { hmac } from \"@noble/hashes/hmac.js\";\nimport { sha256 } from \"@noble/hashes/sha2.js\";\nimport * as secp from \"@noble/secp256k1\";\nimport {\n ERROR_BAD_SIGNATURE,\n PREFIXED_DECOMPRESSED_LENGTH,\n PREFIXED_KEY_LENGTH,\n} from \"./constants\";\nimport { derDecodeEcdsaSignature, derEncodeEcdsaSignature } from \"./internal/der\";\nimport type { KeyPair } from \"./helpers/types\";\nimport {\n isCompressed,\n isDecompressed,\n isValidDERSignature,\n} from \"./helpers/util\";\nimport {\n checkMessage,\n checkPrivateKey,\n checkPublicKey,\n} from \"./helpers/validators\";\n\nsecp.hashes.sha256 = sha256;\nsecp.hashes.hmacSha256 = (key: Uint8Array, msg: Uint8Array) =>\n hmac(sha256, key, msg);\n\n/**\n * Generates a random secp256k1 private key.\n * @returns Private key bytes (32 bytes).\n */\nexport function generatePrivate(): Uint8Array {\n return secp.utils.randomSecretKey();\n}\n\n/**\n * Converts a public key to compressed SEC1 format.\n * @param publicKey Public key bytes.\n * @returns Compressed public key bytes.\n */\nexport function compress(publicKey: Uint8Array): Uint8Array {\n if (isCompressed(publicKey)) {\n checkPublicKey(publicKey);\n return publicKey;\n }\n if (publicKey.length === PREFIXED_DECOMPRESSED_LENGTH) {\n checkPublicKey(publicKey);\n }\n return secp.Point.fromBytes(publicKey).toBytes(true);\n}\n\n/**\n * Converts a public key to uncompressed SEC1 format.\n * @param publicKey Public key bytes.\n * @returns Uncompressed public key bytes.\n */\nexport function decompress(publicKey: Uint8Array): Uint8Array {\n if (isDecompressed(publicKey)) {\n if (publicKey.length === PREFIXED_DECOMPRESSED_LENGTH) {\n checkPublicKey(publicKey);\n }\n return publicKey;\n }\n if (publicKey.length === PREFIXED_KEY_LENGTH) {\n checkPublicKey(publicKey);\n }\n return secp.Point.fromBytes(publicKey).toBytes(false);\n}\n\n/**\n * Derives an uncompressed public key from a private key.\n * @param privateKey Private key bytes (32 bytes).\n * @returns Uncompressed public key bytes.\n */\nexport function getPublic(privateKey: Uint8Array): Uint8Array {\n checkPrivateKey(privateKey);\n return secp.getPublicKey(privateKey, false);\n}\n\n/**\n * Derives a compressed public key from a private key.\n * @param privateKey Private key bytes (32 bytes).\n * @returns Compressed public key bytes.\n */\nexport function getPublicCompressed(privateKey: Uint8Array): Uint8Array {\n checkPrivateKey(privateKey);\n return secp.getPublicKey(privateKey, true);\n}\n\n/**\n * Generates a secp256k1 key pair.\n * @returns Object with private and public key bytes.\n */\nexport function generateKeyPair(): KeyPair {\n const privateKey = generatePrivate();\n const publicKey = getPublic(privateKey);\n return { privateKey, publicKey };\n}\n\n/**\n * Converts a compact signature to DER format when needed.\n * @param sig Signature bytes in DER, compact, or recovered format.\n * @returns DER-encoded signature bytes.\n */\nexport function signatureExport(sig: Uint8Array): Uint8Array {\n if (isValidDERSignature(sig)) {\n return sig;\n }\n const compact = sig.length === 65 ? sig.slice(0, 64) : sig;\n if (compact.length !== 64) {\n throw new Error(\"signatureExport: invalid compact signature\");\n }\n return derEncodeEcdsaSignature(compact);\n}\n\n/**\n * Signs a message digest with ECDSA.\n * @param privateKey Private key bytes (32 bytes).\n * @param msg Message digest bytes.\n * @param rsvSig If true, returns recovered format (65 bytes); otherwise compact format (64 bytes).\n * @returns Signature bytes.\n */\nexport function sign(\n privateKey: Uint8Array,\n msg: Uint8Array,\n rsvSig = false\n): Uint8Array {\n checkPrivateKey(privateKey);\n checkMessage(msg);\n return secp.sign(msg, privateKey, {\n prehash: false,\n format: rsvSig ? \"recovered\" : \"compact\",\n lowS: false,\n });\n}\n\n/**\n * Recovers a public key from a signature and message digest.\n * @param msg Message digest bytes.\n * @param sig Recovered signature bytes.\n * @param compressed If true, returns compressed public key format.\n * @returns Recovered public key bytes.\n */\nexport function recover(\n msg: Uint8Array,\n sig: Uint8Array,\n compressed = false\n): Uint8Array {\n checkMessage(msg);\n const pub = secp.recoverPublicKey(sig, msg, { prehash: false });\n return secp.Point.fromBytes(pub).toBytes(compressed);\n}\n\n/**\n * Verifies an ECDSA signature.\n * @param publicKey Public key bytes.\n * @param msg Message digest bytes.\n * @param sig Signature bytes in DER, compact, or recovered format.\n * @throws Error when signature is invalid.\n */\nexport function verify(\n publicKey: Uint8Array,\n msg: Uint8Array,\n sig: Uint8Array\n): void {\n checkPublicKey(publicKey);\n checkMessage(msg);\n\n let sigBytes: Uint8Array;\n let format: \"compact\" | \"recovered\";\n if (sig.length === 64) {\n sigBytes = sig;\n format = \"compact\";\n } else if (sig[0] === 0x30) {\n sigBytes = derDecodeEcdsaSignature(sig);\n format = \"compact\";\n } else {\n sigBytes = sig;\n format = sig.length === 65 ? \"recovered\" : \"compact\";\n }\n\n const ok = secp.verify(sigBytes, msg, publicKey, {\n prehash: false,\n format,\n lowS: false,\n });\n if (!ok) throw new Error(ERROR_BAD_SIGNATURE);\n}\n", "import { concatBuffers } from \"../helpers/encoding\";\n\n/**\n * Decodes a secp256k1 ECDSA signature from ASN.1 DER into 64 compact bytes (r||s), each 32 bytes big-endian.\n * @param der Full DER SEQUENCE containing two INTEGERs (r and s).\n * @returns 64-byte compact signature.\n */\nexport function derDecodeEcdsaSignature(der: Uint8Array): Uint8Array {\n if (der.length < 8 || der[0] !== 0x30) {\n throw new Error(\"Invalid DER signature\");\n }\n const { value: seqLen, next: bodyStart } = readAsn1Length(der, 1);\n const bodyEnd = bodyStart + seqLen;\n if (bodyEnd > der.length) {\n throw new Error(\"Truncated DER signature\");\n }\n const r = readInteger(der, bodyStart, bodyEnd);\n const s = readInteger(der, r.next, bodyEnd);\n if (s.next !== bodyEnd) {\n throw new Error(\"DER signature: trailing data\");\n }\n return concatBuffers(pad32(r.value), pad32(s.value));\n}\n\n/**\n * Reads a BER/DER definite length at `start` (first length octet).\n * @param der Buffer being parsed.\n * @param start Index of the length\u2019s first octet.\n * @returns Parsed length value and index immediately after the length encoding.\n */\nfunction readAsn1Length(\n der: Uint8Array,\n start: number\n): { value: number; next: number } {\n const b = der.at(start);\n if (b === undefined) {\n throw new Error(\"Truncated DER\");\n }\n if ((b & 0x80) === 0) {\n return { value: b, next: start + 1 };\n }\n const n = b & 0x7f;\n if (n === 0 || n > 4) {\n throw new Error(\"Invalid DER length encoding\");\n }\n const payloadStart = start + 1;\n const nextAfterPayload = payloadStart + n;\n if (nextAfterPayload > der.length) {\n throw new Error(\"Truncated DER length\");\n }\n let len = 0;\n for (let i = payloadStart; i < nextAfterPayload; i++) {\n len = (len << 8) | der[i];\n }\n return { value: len, next: nextAfterPayload };\n}\n\n/**\n * Reads a DER INTEGER tag and value bytes within `[start, end)`.\n * @param der Buffer being parsed.\n * @param start Index of the INTEGER tag (0x02).\n * @param end Exclusive upper bound for the enclosing structure.\n * @returns Integer magnitude as big-endian bytes and index after the value.\n */\nfunction readInteger(\n der: Uint8Array,\n start: number,\n end: number\n): { value: Uint8Array; next: number } {\n if (der[start] !== 0x02) {\n throw new Error(\"Expected DER INTEGER\");\n }\n const { value: len, next: valueStart } = readAsn1Length(der, start + 1);\n const valueEnd = valueStart + len;\n if (valueEnd > end) {\n throw new Error(\"Truncated DER INTEGER\");\n }\n let v = der.slice(valueStart, valueEnd);\n if (\n v.length >= 2 &&\n v[0] === 0 &&\n (v[1] & 0x80) !== 0\n ) {\n v = v.slice(1);\n }\n return { value: v, next: valueEnd };\n}\n\n/**\n * Left-pads a big-endian component to exactly 32 bytes, or rejects if longer than 32.\n * @param b r or s magnitude bytes.\n * @returns A new 32-byte array.\n */\nfunction pad32(b: Uint8Array): Uint8Array {\n if (b.length === 32) {\n return b;\n }\n if (b.length > 32) {\n throw new Error(\"r/s component is too long\");\n }\n const out = new Uint8Array(32);\n out.set(b, 32 - b.length);\n return out;\n}\n\n/**\n * Encodes a non-negative integer as DER definite length octets (short or long form).\n * @param len Length value to encode.\n * @returns Length bytes only (no tag).\n */\nexport function encodeDerDefiniteLength(len: number): Uint8Array {\n if (len < 0x80) {\n return new Uint8Array([len]);\n }\n const bytes: number[] = [];\n let n = len;\n while (n > 0) {\n bytes.push(n & 0xff);\n n >>>= 8;\n }\n bytes.reverse();\n const out = new Uint8Array(1 + bytes.length);\n out[0] = 0x80 | bytes.length;\n out.set(bytes, 1);\n return out;\n}\n\n/**\n * Encodes a 64-byte compact ECDSA signature (r||s) as ASN.1 DER SEQUENCE of two INTEGERs.\n * @param rs Exactly 64 bytes: r then s, each 32 bytes big-endian.\n * @returns DER-encoded signature bytes.\n */\nexport function derEncodeEcdsaSignature(rs: Uint8Array): Uint8Array {\n if (rs.length !== 64) {\n throw new Error(\"Expected 64 compact bytes\");\n }\n const r = encodeInteger(rs.slice(0, 32));\n const s = encodeInteger(rs.slice(32, 64));\n const seq = concatBuffers(r, s);\n const seqLen = encodeDerDefiniteLength(seq.length);\n return concatBuffers(new Uint8Array([0x30]), seqLen, seq);\n}\n\n/**\n * Builds a DER INTEGER for one signature component: strips redundant leading zeros,\n * adds a leading 0x00 when needed so the value is non-negative in DER.\n * @param bytes Raw 32-byte limb (may include leading zeros).\n * @returns Tag 0x02, length octet(s), and value bytes.\n */\nexport function encodeInteger(bytes: Uint8Array): Uint8Array {\n let b = stripLeadingZeros(bytes);\n if (b.length === 0) {\n b = new Uint8Array([0]);\n }\n const hi = b[0];\n if (hi & 0x80) {\n b = concatBuffers(new Uint8Array([0]), b);\n }\n return concatBuffers(new Uint8Array([0x02, b.length]), b);\n}\n\n/**\n * Removes leading zero bytes while keeping at least one byte (does not strip the last byte).\n * @param bytes Big-endian integer bytes.\n * @returns A slice view with minimal leading zeros.\n */\nfunction stripLeadingZeros(bytes: Uint8Array): Uint8Array {\n let i = 0;\n while (i < bytes.length - 1 && bytes[i] === 0) {\n i++;\n }\n return bytes.slice(i);\n}\n", "import { hmac } from \"@noble/hashes/hmac.js\";\nimport { sha256, sha512 } from \"@noble/hashes/sha2.js\";\nimport { bufferToBase64, utf8ToBuffer } from \"./helpers/encoding\";\nimport { equalConstTime } from \"./helpers/validators\";\n\n/**\n * Computes HMAC-SHA256 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @returns HMAC-SHA256 bytes.\n */\nexport async function hmacSha256Sign(\n key: Uint8Array,\n msg: Uint8Array\n): Promise {\n return hmacSha256SignSync(key, msg);\n}\n\n/**\n * Verifies HMAC-SHA256 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @param sig Signature bytes to verify.\n * @returns True when signature is valid.\n */\nexport async function hmacSha256Verify(\n key: Uint8Array,\n msg: Uint8Array,\n sig: Uint8Array\n): Promise {\n return hmacSha256VerifySync(key, msg, sig);\n}\n\n/**\n * Computes HMAC-SHA512 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @returns HMAC-SHA512 bytes.\n */\nexport async function hmacSha512Sign(\n key: Uint8Array,\n msg: Uint8Array\n): Promise {\n return hmacSha512SignSync(key, msg);\n}\n\n/**\n * Verifies HMAC-SHA512 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @param sig Signature bytes to verify.\n * @returns True when signature is valid.\n */\nexport async function hmacSha512Verify(\n key: Uint8Array,\n msg: Uint8Array,\n sig: Uint8Array\n): Promise {\n return hmacSha512VerifySync(key, msg, sig);\n}\n\n/**\n * Computes HMAC-SHA256 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @returns HMAC-SHA256 bytes.\n */\nexport function hmacSha256SignSync(key: Uint8Array, msg: Uint8Array): Uint8Array {\n return hmac(sha256, key, msg);\n}\n\n/**\n * Verifies HMAC-SHA256 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @param sig Signature bytes to verify.\n * @returns True when signature is valid.\n */\nexport function hmacSha256VerifySync(\n key: Uint8Array,\n msg: Uint8Array,\n sig: Uint8Array\n): boolean {\n const expected = hmacSha256SignSync(key, msg);\n return equalConstTime(expected, sig);\n}\n\n/**\n * Computes HMAC-SHA512 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @returns HMAC-SHA512 bytes.\n */\nexport function hmacSha512SignSync(key: Uint8Array, msg: Uint8Array): Uint8Array {\n return hmac(sha512, key, msg);\n}\n\n/**\n * Verifies HMAC-SHA512 signature.\n * @param key HMAC key bytes.\n * @param msg Message bytes.\n * @param sig Signature bytes to verify.\n * @returns True when signature is valid.\n */\nexport function hmacSha512VerifySync(\n key: Uint8Array,\n msg: Uint8Array,\n sig: Uint8Array\n): boolean {\n const expected = hmacSha512SignSync(key, msg);\n return equalConstTime(expected, sig);\n}\n\n/**\n * HMAC-SHA256: UTF-8(`keyUtf8`) is the raw key (Web Crypto `importKey(\"raw\", \u2026, HMAC-SHA-256)` style).\n * Tag is RFC 4648 Base64.\n *\n * @param keyUtf8 Secret string.\n * @param msg Message bytes.\n * @returns Base64 MAC.\n */\nexport async function hmacSha256SignUtf8KeyBase64(\n keyUtf8: string,\n msg: Uint8Array,\n): Promise {\n return hmacSha256SignUtf8KeyBase64Sync(keyUtf8, msg);\n}\n\n/** Synchronous {@link hmacSha256SignUtf8KeyBase64}. */\nexport function hmacSha256SignUtf8KeyBase64Sync(\n keyUtf8: string,\n msg: Uint8Array,\n): string {\n const keyBytes = utf8ToBuffer(keyUtf8);\n return bufferToBase64(hmacSha256SignSync(keyBytes, msg));\n}\n\n/**\n * HMAC-SHA256 over UTF-8(`JSON.stringify(data)`) with UTF-8 string key; see {@link hmacSha256SignUtf8KeyBase64}.\n *\n * @param keyUtf8 Secret string.\n * @param data `JSON.stringify` input.\n * @returns Base64 MAC.\n */\nexport async function hmacSha256SignJsonUtf8KeyBase64(\n keyUtf8: string,\n data: unknown,\n): Promise {\n return hmacSha256SignJsonUtf8KeyBase64Sync(keyUtf8, data);\n}\n\n/** Synchronous {@link hmacSha256SignJsonUtf8KeyBase64}. */\nexport function hmacSha256SignJsonUtf8KeyBase64Sync(\n keyUtf8: string,\n data: unknown,\n): string {\n return hmacSha256SignUtf8KeyBase64Sync(keyUtf8, utf8ToBuffer(JSON.stringify(data)));\n}\n", "import { sha512 as sha512Noble } from \"@noble/hashes/sha2.js\";\n\n/**\n * Computes SHA-512 digest.\n * @param msg Input bytes.\n * @returns SHA-512 digest bytes.\n */\nexport async function sha512(msg: Uint8Array): Promise {\n return sha512Noble(msg);\n}\n\n/**\n * Computes SHA-512 digest.\n * @param msg Input bytes.\n * @returns SHA-512 digest bytes.\n */\nexport function sha512Sync(msg: Uint8Array): Uint8Array {\n return sha512Noble(msg);\n}\n", "import {\n aesCbcDecrypt,\n aesCbcDecryptSync,\n aesCbcEncrypt,\n aesCbcEncryptSync,\n} from \"./aes\";\nimport { derive } from \"./ecdh\";\nimport { compress, decompress, getPublic } from \"./ecdsa\";\nimport {\n assert,\n concatBuffers,\n type Encrypted,\n type PreEncryptOpts,\n} from \"./helpers\";\nimport { isValidPrivateKey } from \"./helpers/validators\";\nimport {\n hmacSha256Sign,\n hmacSha256SignSync,\n hmacSha256Verify,\n hmacSha256VerifySync,\n} from \"./hmac\";\nimport { randomBytes } from \"./random\";\nimport { sha512, sha512Sync } from \"./internal/sha512\";\nimport {\n ECIES_SERIALIZED_MIN_LENGTH,\n ERROR_BAD_EPHEM_PRIVATE_KEY,\n ERROR_BAD_MAC,\n ERROR_ECIES_SERIALIZED_LENGTH,\n IV_LENGTH,\n KEY_LENGTH,\n LENGTH_0,\n MAC_LENGTH,\n PREFIXED_KEY_LENGTH,\n} from \"./constants\";\n\n/**\n * Derives an ECDH shared key from a private key and peer public key.\n * @param privateKey Private key bytes.\n * @param publicKey Public key bytes.\n * @returns Shared key bytes.\n */\nfunction getSharedKey(privateKey: Uint8Array, publicKey: Uint8Array) {\n const pub = decompress(publicKey);\n return derive(privateKey, pub);\n}\n\n/**\n * Extracts the encryption key portion from a SHA-512 digest.\n * @param hash SHA-512 digest bytes.\n * @returns Encryption key bytes.\n */\nfunction getEncryptionKey(hash: Uint8Array) {\n return hash.slice(LENGTH_0, KEY_LENGTH);\n}\n\n/**\n * Extracts the MAC key portion from a SHA-512 digest.\n * @param hash SHA-512 digest bytes.\n * @returns MAC key bytes.\n */\nfunction getMacKey(hash: Uint8Array) {\n return hash.slice(KEY_LENGTH);\n}\n\n/**\n * Derives ECIES encryption and MAC keys.\n * @param privateKey Private key bytes.\n * @param publicKey Peer public key bytes.\n * @returns Object containing encryption and MAC keys.\n */\nasync function getEciesKeys(\n privateKey: Uint8Array,\n publicKey: Uint8Array\n): Promise<{ encryptionKey: Uint8Array; macKey: Uint8Array }> {\n const sharedKey = getSharedKey(privateKey, publicKey);\n const hash = await sha512(sharedKey);\n return { encryptionKey: getEncryptionKey(hash), macKey: getMacKey(hash) };\n}\n\n/**\n * Derives ECIES encryption and MAC keys using sync hashing.\n * @param privateKey Private key bytes.\n * @param publicKey Peer public key bytes.\n * @returns Object containing encryption and MAC keys.\n */\nfunction getEciesKeysSync(privateKey: Uint8Array, publicKey: Uint8Array) {\n const sharedKey = getSharedKey(privateKey, publicKey);\n const hash = sha512Sync(sharedKey);\n return { encryptionKey: getEncryptionKey(hash), macKey: getMacKey(hash) };\n}\n\n/**\n * Creates an ephemeral key pair for ECIES encryption.\n * @param opts Optional encryption overrides.\n * @returns Ephemeral private and public key bytes.\n */\nfunction getEphemKeyPair(opts?: Partial) {\n const fixed = opts?.ephemPrivateKey;\n if (fixed !== undefined) {\n if (!isValidPrivateKey(fixed)) {\n throw new Error(ERROR_BAD_EPHEM_PRIVATE_KEY);\n }\n return { ephemPrivateKey: fixed, ephemPublicKey: getPublic(fixed) };\n }\n let ephemPrivateKey = randomBytes(KEY_LENGTH);\n while (!isValidPrivateKey(ephemPrivateKey)) {\n ephemPrivateKey = randomBytes(KEY_LENGTH);\n }\n const ephemPublicKey = getPublic(ephemPrivateKey);\n return { ephemPrivateKey, ephemPublicKey };\n}\n\n/**\n * Encrypts a message with ECIES.\n * @param publicKeyTo Recipient public key bytes.\n * @param msg Plaintext bytes.\n * @param opts Optional encryption overrides.\n * @returns Encrypted payload.\n */\nexport async function encrypt(\n publicKeyTo: Uint8Array,\n msg: Uint8Array,\n opts?: Partial\n): Promise {\n const { ephemPrivateKey, ephemPublicKey } = getEphemKeyPair(opts);\n const { encryptionKey, macKey } = await getEciesKeys(\n ephemPrivateKey,\n publicKeyTo\n );\n const iv = opts?.iv ?? randomBytes(IV_LENGTH);\n const ciphertext = await aesCbcEncrypt(iv, encryptionKey, msg);\n const dataToMac = concatBuffers(iv, ephemPublicKey, ciphertext);\n const mac = await hmacSha256Sign(macKey, dataToMac);\n return { iv, ephemPublicKey, ciphertext, mac };\n}\n\n/**\n * Decrypts an ECIES payload.\n * @param privateKey Recipient private key bytes.\n * @param opts Encrypted payload.\n * @returns Decrypted plaintext bytes.\n */\nexport async function decrypt(\n privateKey: Uint8Array,\n opts: Encrypted\n): Promise {\n const { ephemPublicKey, iv, mac, ciphertext } = opts;\n const { encryptionKey, macKey } = await getEciesKeys(\n privateKey,\n ephemPublicKey\n );\n const dataToMac = concatBuffers(iv, ephemPublicKey, ciphertext);\n const macTest = await hmacSha256Verify(macKey, dataToMac, mac);\n assert(macTest, ERROR_BAD_MAC);\n return aesCbcDecrypt(iv, encryptionKey, ciphertext);\n}\n\n/**\n * Encrypts a message with ECIES using sync primitives.\n * @param publicKeyTo Recipient public key bytes.\n * @param msg Plaintext bytes.\n * @param opts Optional encryption overrides.\n * @returns Encrypted payload.\n */\nexport function encryptSync(\n publicKeyTo: Uint8Array,\n msg: Uint8Array,\n opts?: Partial\n): Encrypted {\n const { ephemPrivateKey, ephemPublicKey } = getEphemKeyPair(opts);\n const { encryptionKey, macKey } = getEciesKeysSync(\n ephemPrivateKey,\n publicKeyTo\n );\n const iv = opts?.iv ?? randomBytes(IV_LENGTH);\n const ciphertext = aesCbcEncryptSync(iv, encryptionKey, msg);\n const dataToMac = concatBuffers(iv, ephemPublicKey, ciphertext);\n const mac = hmacSha256SignSync(macKey, dataToMac);\n return { iv, ephemPublicKey, ciphertext, mac };\n}\n\n/**\n * Decrypts an ECIES payload using sync primitives.\n * @param privateKey Recipient private key bytes.\n * @param opts Encrypted payload.\n * @returns Decrypted plaintext bytes.\n */\nexport function decryptSync(\n privateKey: Uint8Array,\n opts: Encrypted\n): Uint8Array {\n const { ephemPublicKey, iv, mac, ciphertext } = opts;\n const { encryptionKey, macKey } = getEciesKeysSync(\n privateKey,\n ephemPublicKey\n );\n const dataToMac = concatBuffers(iv, ephemPublicKey, ciphertext);\n const macTest = hmacSha256VerifySync(macKey, dataToMac, mac);\n assert(macTest, ERROR_BAD_MAC);\n return aesCbcDecryptSync(iv, encryptionKey, ciphertext);\n}\n\n/**\n * Serializes an encrypted payload into a single byte array.\n * @param opts Encrypted payload.\n * @returns Serialized payload bytes.\n */\nexport function serialize(opts: Encrypted): Uint8Array {\n const ephemPublicKey = compress(opts.ephemPublicKey);\n return concatBuffers(opts.iv, ephemPublicKey, opts.mac, opts.ciphertext);\n}\n\n/**\n * Deserializes a byte array into an encrypted payload object.\n * @param buf Serialized payload bytes.\n * @returns Encrypted payload.\n */\nexport function deserialize(buf: Uint8Array): Encrypted {\n assert(buf.length >= ECIES_SERIALIZED_MIN_LENGTH, ERROR_ECIES_SERIALIZED_LENGTH);\n const slice0 = LENGTH_0;\n const slice1 = slice0 + IV_LENGTH;\n const slice2 = slice1 + PREFIXED_KEY_LENGTH;\n const slice3 = slice2 + MAC_LENGTH;\n const slice4 = buf.length;\n return {\n iv: buf.slice(slice0, slice1),\n ephemPublicKey: decompress(buf.slice(slice1, slice2)),\n mac: buf.slice(slice2, slice3),\n ciphertext: buf.slice(slice3, slice4),\n };\n}\n", "import {\n KEY_LENGTH,\n LENGTH_16,\n PBKDF2_DEFAULT_ITERATIONS,\n PBKDF2_DIGEST_SHA256,\n PBKDF2_DIGEST_SHA512,\n SHA256_BROWSER_ALGO,\n SHA512_BROWSER_ALGO,\n} from \"./constants\";\nimport type {\n Pbkdf2Digest,\n Pbkdf2Options,\n Pbkdf2Result,\n} from \"./helpers/types\";\nimport { assert } from \"./helpers/validators\";\nimport { randomBytes } from \"./random\";\n\nexport type { Pbkdf2Digest, Pbkdf2Options, Pbkdf2Result } from \"./helpers/types\";\n\nfunction getSubtleCrypto(): SubtleCrypto {\n const cryptoApi = (globalThis as { crypto?: Crypto }).crypto;\n const subtle = cryptoApi?.subtle;\n if (subtle === undefined) {\n throw new Error(\"PBKDF2: Web Crypto API is not available\");\n }\n return subtle;\n}\n\n/**\n * Derives a 32-byte key from a password using PBKDF2 with HMAC-SHA-256 or HMAC-SHA-512.\n *\n * If `options` is omitted, a random 16-byte salt is generated, iterations default to\n * `PBKDF2_DEFAULT_ITERATIONS`, and the PRF is HMAC-SHA-256.\n *\n * @param password Password material as raw bytes (encoding is up to the caller).\n * @param options Optional salt, iteration count, and digest algorithm.\n * @returns Derived key and the salt, iterations, and digest that were used.\n */\nexport async function pbkdf2(\n password: Uint8Array,\n options?: Pbkdf2Options\n): Promise {\n const salt = options?.salt ?? randomBytes(LENGTH_16);\n const passwordBytes = Uint8Array.from(password);\n const saltBytes = Uint8Array.from(salt);\n assert(salt.length > 0, \"PBKDF2: salt must not be empty\");\n const iterations = options?.iterations ?? PBKDF2_DEFAULT_ITERATIONS;\n assert(\n Number.isInteger(iterations) && iterations >= 1,\n \"PBKDF2: iterations must be a positive integer\"\n );\n const digest: Pbkdf2Digest = options?.digest ?? PBKDF2_DIGEST_SHA256;\n const digestWebCrypto =\n digest === PBKDF2_DIGEST_SHA512 ? PBKDF2_DIGEST_SHA512 : PBKDF2_DIGEST_SHA256;\n const hash =\n digestWebCrypto === PBKDF2_DIGEST_SHA512 ? SHA512_BROWSER_ALGO : SHA256_BROWSER_ALGO;\n const subtle = getSubtleCrypto();\n\n const keyMaterial = await subtle.importKey(\n \"raw\",\n passwordBytes,\n { name: \"PBKDF2\" },\n false,\n [\"deriveBits\"]\n );\n const derivedBits = await subtle.deriveBits(\n {\n name: \"PBKDF2\",\n salt: saltBytes,\n iterations,\n hash,\n },\n keyMaterial,\n KEY_LENGTH * 8\n );\n\n return {\n key: new Uint8Array(derivedBits),\n salt: saltBytes,\n iterations,\n digest,\n };\n}\n", "import { ripemd160 as ripemd160Noble } from \"@noble/hashes/legacy.js\";\nimport { sha256 as sha256Noble } from \"@noble/hashes/sha2.js\";\nimport { bufferToHex, utf8ToBuffer } from \"./helpers/encoding\";\nimport { sha512 as sha512Async, sha512Sync } from \"./internal/sha512\";\n\n/**\n * Computes SHA-256 digest.\n * @param msg Input bytes.\n * @returns SHA-256 digest bytes.\n */\nexport async function sha256(msg: Uint8Array): Promise {\n return sha256Noble(msg);\n}\n\n/**\n * Computes SHA-256 digest.\n * @param msg Input bytes.\n * @returns SHA-256 digest bytes.\n */\nexport function sha256Sync(msg: Uint8Array): Uint8Array {\n return sha256Noble(msg);\n}\n\n/**\n * SHA-256 over UTF-8(`str`), returned as 64-character lowercase hex (no `0x` prefix).\n *\n * @param str Input string.\n * @returns Hex digest string.\n */\nexport async function sha256Utf8Hex(str: string): Promise {\n return bufferToHex(await sha256(utf8ToBuffer(str)));\n}\n\n/** Synchronous {@link sha256Utf8Hex}. */\nexport function sha256Utf8HexSync(str: string): string {\n return bufferToHex(sha256Sync(utf8ToBuffer(str)));\n}\n\n/**\n * Computes SHA-512 digest.\n * @param msg Input bytes.\n * @returns SHA-512 digest bytes.\n */\nexport async function sha512(msg: Uint8Array): Promise {\n return sha512Async(msg);\n}\n\nexport { sha512Sync };\n\n/**\n * Computes RIPEMD-160 digest.\n * @param msg Input bytes.\n * @returns RIPEMD-160 digest bytes.\n */\nexport async function ripemd160(msg: Uint8Array): Promise {\n return ripemd160Noble(msg);\n}\n\n/**\n * Computes RIPEMD-160 digest.\n * @param msg Input bytes.\n * @returns RIPEMD-160 digest bytes.\n */\nexport function ripemd160Sync(msg: Uint8Array): Uint8Array {\n return ripemd160Noble(msg);\n}\n", "import { keccak_256, sha3_256 } from \"@noble/hashes/sha3.js\";\n\n/**\n * Computes SHA3-256 digest.\n * @param msg Input bytes.\n * @returns SHA3-256 digest bytes.\n */\nexport function sha3(msg: Uint8Array): Uint8Array {\n return sha3_256(msg);\n}\n\n/**\n * Computes Keccak-256 digest.\n * @param msg Input bytes.\n * @returns Keccak-256 digest bytes.\n */\nexport function keccak256(msg: Uint8Array): Uint8Array {\n return keccak_256(msg);\n}\n"], "mappings": ";AAMO,SAAS,WAAW,KAAuB;AAChD,QAAM,QAAQ,IAAI,SAAS,IAAI,IAAI,GAAG,KAAK;AAC3C,QAAM,MAAgB,CAAC;AACvB,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK,GAAG;AACxC,QAAI,KAAK,OAAO,SAAS,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;AAAA,EACrD;AACA,SAAO;AACT;;;ACXO,IAAM,UAAU;AAChB,IAAM,WAAW;AACjB,IAAM,aAAa;AAEnB,IAAM,aAAa;AACnB,IAAM,aAAa;AAEnB,IAAM,UAAU;AAChB,IAAM,YAAY;AAElB,IAAM,WAAW;AACjB,IAAM,WAAW;AACjB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,aAAa;AACnB,IAAM,aAAa;AACnB,IAAM,aAAa;AACnB,IAAM,cAAc;AAEpB,IAAM,aAAa;AACnB,IAAM,cAAc;AAEpB,IAAM,mBAAmB;AACzB,IAAM,oBAAoB,OAAO,UAAU;AAC3C,IAAM,eAAe;AAErB,IAAM,sBAAsB;AAC5B,IAAM,sBAAsB;AAE5B,IAAM,gBAAgB,OAAO,UAAU;AACvC,IAAM,iBAAiB,MAAM,WAAW;AAExC,IAAM,mBAAmB;AACzB,IAAM,mBAAmB;AACzB,IAAM,sBAAsB;AAE5B,IAAM,uBAAuB;AAC7B,IAAM,uBAAuB;AAE7B,IAAM,gBAAgB;AACtB,IAAM,aAAa;AACnB,IAAM,YAAY;AAClB,IAAM,uBAAuB;AAC7B,IAAM,oCAAoC;AAC1C,IAAM,qBAAqB;AAC3B,IAAM,aAAa;AACnB,IAAM,sBAAsB;AAE5B,IAAM,sBAAsB,aAAa;AACzC,IAAM,+BAA+B,sBAAsB;AAE3D,IAAM,8BACX,YAAY,sBAAsB;AAE7B,IAAM,iBAAiB;AACvB,IAAM,4BAA4B;AAClC,IAAM,iBAAiB;AAEvB,IAAM,eAAe,IAAI,WAAW,QAAQ;AAE5C,IAAM,iBAAiB,IAAI;AAAA,EAChC;AAAA,IACE;AAAA,EACF;AACF;AAEO,IAAM,SAAS,IAAI,WAAW,SAAS,EAAE,KAAK,QAAQ;AAEtD,IAAM,gBAAgB;AACtB,IAAM,sBAAsB;AAC5B,IAAM,wBAAwB;AAC9B,IAAM,uBAAuB;AAC7B,IAAM,gCACX;AAEK,IAAM,sBAAsB;AAC5B,IAAM,yBAAyB;AAE/B,IAAM,8BAA8B;AAEpC,IAAM,sBAAsB;AAC5B,IAAM,uBAAuB;AAE7B,IAAM,2BACX;AACK,IAAM,6BACX;AACK,IAAM,kCACX;;;ACrFF,IAAM,cAAc,IAAI,YAAY;AACpC,IAAM,cAAc,IAAI,YAAY;AAO7B,SAAS,aAAa,KAAyB;AACpD,SAAO,YAAY,OAAO,GAAG;AAC/B;AAOO,SAAS,aAAa,KAAyB;AACpD,SAAO,YAAY,OAAO,GAAG;AAC/B;AAOO,SAAS,iBAAiB,SAAmC;AAClE,QAAM,QAAQ,QAAQ,OAAO,CAAC,GAAG,MAAM,IAAI,EAAE,QAAQ,QAAQ;AAC7D,QAAM,MAAM,IAAI,WAAW,KAAK;AAChC,MAAI,SAAS;AACb,aAAW,KAAK,SAAS;AACvB,QAAI,IAAI,GAAG,MAAM;AACjB,cAAU,EAAE;AAAA,EACd;AACA,SAAO;AACT;AAQO,SAAS,YACd,KACA,MAAwC,SAChC;AACR,MAAI,QAAQ,SAAS;AACnB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AACA,MAAI,MAAM;AACV,aAAW,QAAQ,KAAK;AACtB,WAAO,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC1C;AACA,SAAO;AACT;AAOO,SAAS,YAAY,KAAyB;AACnD,QAAM,QAAQ,IAAI,WAAW,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI;AACpD,MAAI,MAAM,SAAS,MAAM,GAAG;AAC1B,UAAM,IAAI,MAAM,6BAA6B;AAAA,EAC/C;AACA,QAAM,MAAM,IAAI,WAAW,MAAM,SAAS,CAAC;AAC3C,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;AACnC,UAAM,OAAO,OAAO,SAAS,MAAM,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE;AAC9D,QAAI,CAAC,OAAO,SAAS,IAAI,KAAK,OAAO,KAAK,OAAO,KAAK;AACpD,YAAM,IAAI,MAAM,oCAAoC;AAAA,IACtD;AACA,QAAI,CAAC,IAAI;AAAA,EACX;AACA,SAAO;AACT;AAOO,SAAS,YAAY,KAAqB;AAC/C,SAAO,IAAI,WAAW,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI;AAC/C;AAOO,SAAS,sBAAsB,KAAqB;AACzD,QAAM,IAAI,YAAY,GAAG;AACzB,QAAM,WAAW,EAAE,QAAQ,OAAO,EAAE;AACpC,SAAO,SAAS,SAAS,WAAW;AACtC;AAOO,SAAS,YAAY,KAAqB;AAC/C,SAAO,OAAO,SAAS,YAAY,GAAG,GAAG,EAAE;AAC7C;AAQO,SAAS,eAAe,KAAyB;AACtD,QAAM,QAAQ;AACd,MAAI,SAAS;AACb,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK,OAAO;AAC1C,cAAU,OAAO,aAAa,GAAG,IAAI,SAAS,GAAG,IAAI,KAAK,CAAC;AAAA,EAC7D;AACA,SAAO,KAAK,MAAM;AACpB;AASO,SAAS,eAAe,KAAyB;AACtD,QAAM,aAAa,IAAI,QAAQ,QAAQ,EAAE;AACzC,QAAM,SAAS,KAAK,UAAU;AAC9B,QAAM,MAAM,IAAI,WAAW,OAAO,MAAM;AACxC,WAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,QAAI,CAAC,IAAI,OAAO,WAAW,CAAC,IAAI;AAAA,EAClC;AACA,SAAO;AACT;AAQO,SAAS,kBAAkB,KAAyB;AACzD,SAAO,eAAe,GAAG,EACtB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,GAAG,EAClB,QAAQ,OAAO,EAAE;AACtB;AASO,SAAS,kBAAkB,KAAyB;AACzD,MAAI,IAAI,IAAI,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AAChD,QAAM,MAAM,EAAE,SAAS;AACvB,MAAI,QAAQ,EAAG,MAAK;AAAA,WACX,QAAQ,EAAG,MAAK;AAAA,WAChB,QAAQ,GAAG;AAClB,UAAM,IAAI,MAAM,mCAAmC;AAAA,EACrD;AACA,SAAO,eAAe,CAAC;AACzB;AAUO,SAAS,wBAAwB,KAAyB;AAC/D,QAAM,SAAS,IAAI,OAAO,WAAW,GAAG;AACxC,QAAM,QAAQ,YAAY,OAAO,MAAM;AACvC,MAAI,MAAM,WAAW,WAAW;AAC9B,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;;;AC1LA,IAAM,cAAc;AACpB,IAAM,aAAa;AACnB,IAAM,mBAAmB;AACzB,IAAM,oBAAoB;AAUnB,SAAS,eAAe,QAAgB,WAAW,GAAW;AACnE,QAAM,YAAY,SAAS;AAC3B,SAAO,aACD,SAAS,aAAa,WAAY,WAAW,WAC/C;AACN;AAaO,SAAS,UACd,KACA,QACA,MACA,UAAU,KACF;AACR,QAAM,OAAO,SAAS,IAAI;AAC1B,MAAI,SAAS;AACb,MAAI,OAAO,GAAG;AACZ,UAAM,MAAM,QAAQ,OAAO,IAAI;AAC/B,aAAS,OAAO,MAAM,MAAM,MAAM;AAAA,EACpC;AACA,SAAO;AACT;AAUO,SAAS,QAAQ,KAAa,QAAgB,UAAU,KAAa;AAC1E,SAAO,UAAU,KAAK,QAAQ,MAAM,OAAO;AAC7C;AAUO,SAAS,SAAS,KAAa,QAAgB,UAAU,KAAa;AAC3E,SAAO,UAAU,KAAK,QAAQ,OAAO,OAAO;AAC9C;AAUO,SAAS,cAAc,KAAa,WAAW,GAAG,UAAU,KAAa;AAC9E,SAAO,QAAQ,KAAK,eAAe,IAAI,QAAQ,QAAQ,GAAG,OAAO;AACnE;AAWO,SAAS,WAAW,KAAa,WAAW,GAAa;AAC9D,QAAM,SAAS,cAAc,KAAK,QAAQ;AAC1C,MAAI,OAAO,WAAW,GAAG;AACvB,WAAO,CAAC;AAAA,EACV;AACA,QAAM,IAAI,OAAO,MAAM,IAAI,OAAO,KAAK,QAAQ,KAAK,IAAI,CAAC;AACzD,MAAI,KAAK,MAAM;AACb,WAAO,CAAC;AAAA,EACV;AACA,SAAO,MAAM,KAAK,CAAC;AACrB;AAQO,SAAS,cAAc,KAAyB;AACrD,SAAO,IAAI,WAAW,WAAW,GAAG,EAAE,IAAI,CAAC,MAAM,OAAO,SAAS,GAAG,CAAC,CAAC,CAAC;AACzE;AAUO,SAAS,eAAe,KAAqB;AAClD,QAAM,OAAO,QAAQ,GAAG,SAAS,CAAC;AAClC,SAAO,cAAc,GAAG;AAC1B;AASO,SAAS,eAAe,KAAuB;AACpD,MAAI,OAAO,QAAQ,YAAY,CAAC,UAAU,KAAK,GAAG,GAAG;AACnD,WAAO;AAAA,EACT;AACA,MAAI,IAAI,SAAS,MAAM,GAAG;AACxB,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAaO,SAAS,YAAY,KAAc,QAA0B;AAClE,MAAI,OAAO,QAAQ,YAAY,CAAC,mBAAmB,KAAK,GAAG,GAAG;AAC5D,WAAO;AAAA,EACT;AACA,MAAI,WAAW,UAAa,IAAI,WAAW,IAAI,IAAI,QAAQ;AACzD,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAQO,SAAS,SAAS,KAAuB;AAC9C,QAAM,aAAc,WACjB;AACH,MAAI,eAAe,QAAW;AAC5B,WAAO;AAAA,EACT;AACA,SAAO,WAAW,SAAS,GAAG;AAChC;AAQO,SAAS,aAAa,KAAuB;AAClD,SAAO,YAAY,OAAO,GAAG,KAAK,CAAC,SAAS,GAAG;AACjD;AAOO,SAAS,cAAc,KAAuB;AACnD,SAAO,CAAC,aAAa,GAAG,KAAK,CAAC,SAAS,GAAG,KAAK,eAAe;AAChE;AAyBO,SAAS,QAAQ,KAA2B;AACjD,MAAI,SAAS,GAAG,GAAG;AACjB,WAAO;AAAA,EACT;AACA,MAAI,aAAa,GAAG,GAAG;AACrB,WAAO;AAAA,EACT;AACA,MAAI,cAAc,GAAG,GAAG;AACtB,WAAO;AAAA,EACT;AACA,MAAI,MAAM,QAAQ,GAAG,GAAG;AACtB,WAAO;AAAA,EACT;AACA,SAAO,OAAO;AAChB;AAWO,SAAS,YACd,KACsD;AACtD,MAAI,eAAe,GAAG,GAAG;AACvB,WAAO;AAAA,EACT;AACA,MAAI,YAAY,GAAG,GAAG;AACpB,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAOO,SAAS,aAAa,KAAqB;AAChD,SAAO,IAAI,WAAW,IAAI,IAAI,MAAM,KAAK,GAAG;AAC9C;AAOO,SAAS,gBAAgB,KAAqB;AACnD,SAAO,IAAI,QAAQ,OAAO,EAAE;AAC9B;AAOO,SAAS,cAAc,KAA6B;AACzD,SAAO,IAAI,WAAW,GAAG;AAC3B;AAWO,SAAS,eAAe,KAAyB;AACtD,MAAI,IAAI,WAAW,GAAG;AACpB,WAAO;AAAA,EACT;AACA,MAAI,IAAI;AACR,aAAW,QAAQ,KAAK;AACtB,QAAK,KAAK,IAAK;AAAA,EACjB;AACA,SAAO;AACT;AAUO,SAAS,cAAc,KAAoC;AAChE,SAAO,WAAW,KAAK,GAAG;AAC5B;AAQO,SAAS,WAAW,KAAiB,WAAW,OAAe;AACpE,QAAM,MAAM,YAAe,GAAG;AAC9B,SAAO,WAAW,aAAa,GAAG,IAAI;AACxC;AAOO,SAAS,YAAY,KAAyB;AACnD,SAAO,aAAa,GAAG;AACzB;AAOO,SAAS,cAAc,KAAyB;AACrD,SAAO,eAAe,GAAG;AAC3B;AAQO,SAAS,WAAW,KAAyB;AAClD,SAAO,IAAI,WAAW,YAAY,GAAG,CAAC;AACxC;AAQO,SAAS,UAAU,KAAqB;AAC7C,SAAO,aAAa,YAAY,GAAG,CAAC;AACtC;AAUO,SAAS,YAAY,MAA0B;AACpD,SAAO,IAAI,WAAW,aAAa,IAAI,CAAC;AAC1C;AAQO,SAAS,UAAU,MAAc,WAAW,OAAe;AAChE,SAAO,WAAW,aAAa,IAAI,GAAG,QAAQ;AAChD;AASO,SAAS,aAAa,MAAsB;AACjD,QAAM,MAAM,OAAO,SAAS,MAAM,EAAE;AACpC,MAAI,CAAC,OAAO,SAAS,GAAG,KAAK,CAAC,OAAO,cAAc,GAAG,GAAG;AACvD,UAAM,IAAI,MAAM,2CAA2C;AAAA,EAC7D;AACA,SAAO;AACT;AAQO,SAAS,cAAc,KAAyB;AACrD,SAAO,cAAc,eAAe,GAAG,CAAC;AAC1C;AAOO,SAAS,eAAe,KAAyB;AACtD,SAAO,WAAW,KAAK,cAAc,GAAG,CAAC;AAC3C;AAQO,SAAS,YAAY,KAAa,UAA4B;AACnE,SAAO,WAAW,cAAc,GAAG,GAAG,YAAY,KAAK;AACzD;AAOO,SAAS,aAAa,KAAqB;AAChD,SAAO,GAAG,GAAG;AACf;AAWO,SAAS,SAAS,MAAkB,QAA4B;AACrE,QAAM,OAAO,KAAK,SAAS;AAC3B,MAAI,OAAO,GAAG;AACZ,WAAO,KAAK,MAAM,IAAI;AAAA,EACxB;AACA,SAAO;AACT;AAWO,SAAS,UAAU,MAAkB,QAA4B;AACtE,SAAO,KAAK,MAAM,GAAG,MAAM;AAC7B;;;ACxcO,SAAS,aAAa,WAAgC;AAC3D,SACE,UAAU,WAAW,cAAc,UAAU,WAAW;AAE5D;AAOO,SAAS,eAAe,WAAgC;AAC7D,SACE,UAAU,WAAW,uBACrB,UAAU,WAAW;AAEzB;AAOO,SAAS,WAAW,WAAgC;AACzD,MAAI,aAAa,SAAS,GAAG;AAC3B,WAAO,UAAU,WAAW;AAAA,EAC9B;AACA,SAAO,UAAU,WAAW;AAC9B;AAOO,SAAS,kBAAkB,WAAmC;AACnE,SAAO,WAAW,SAAS,IACvB,YACA,cAAc,YAAY,IAAI,GAAG,SAAS;AAChD;AAOO,SAAS,oBAAoB,eAAmC;AACrE,SAAO,YAAY,aAAa,gBAAgB,IAAI,SAAS,EAAE,CAAC,CAAC;AACnE;AAOO,SAAS,oBAAoB,GAAuB;AACzD,SAAO,YAAY,sBAAsB,YAAY,CAAC,CAAC,CAAC,IAAI;AAC9D;AAOO,SAAS,eAAe,KAA4B;AACzD,SAAO;AAAA,IACL,GAAG,IAAI,MAAM,GAAG,EAAE;AAAA,IAClB,GAAG,IAAI,MAAM,IAAI,EAAE;AAAA,IACnB,GAAG,IAAI,MAAM,IAAI,EAAE;AAAA,EACrB;AACF;AAOO,SAAS,cAAc,KAA4B;AACxD,SAAO,cAAc,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAC1C;AAOO,SAAS,oBAAoB,KAA0B;AAC5D,SAAO,IAAI,SAAS,MAAM,IAAI,CAAC,MAAM;AACvC;AAOO,SAAS,qBAAqB,KAA6B;AAChE,SAAO;AAAA,IACL,WAAW,IAAI,MAAM,GAAG,EAAE;AAAA,IAC1B,UAAU,oBAAoB,IAAI,MAAM,IAAI,EAAE,CAAC;AAAA,EACjD;AACF;;;ACrGO,SAAS,OAAO,WAAoB,SAAuB;AAChE,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,WAAW,kBAAkB;AAAA,EAC/C;AACF;AAOO,SAAS,SAAS,GAAwB;AAC/C,SAAO,aAAa,cAAc,EAAE,WAAW;AACjD;AAOO,SAAS,kBAAkB,YAAiC;AACjE,MAAI,CAAC,SAAS,UAAU,GAAG;AACzB,WAAO;AAAA,EACT;AACA,SACE,eAAe,YAAY,MAAM,IAAI,KACrC,eAAe,YAAY,cAAc,IAAI;AAEjD;AAQO,SAAS,eAAe,GAAe,GAAuB;AACnE,QAAM,MAAM,KAAK,IAAI,EAAE,QAAQ,EAAE,MAAM;AACvC,WAAS,IAAI,GAAG,IAAI,KAAK,KAAK;AAC5B,UAAM,KAAK,EAAE,CAAC,KAAK;AACnB,UAAM,KAAK,EAAE,CAAC,KAAK;AACnB,QAAI,OAAO,IAAI;AACb,aAAO,KAAK,KAAK,KAAK;AAAA,IACxB;AAAA,EACF;AACA,SAAO;AACT;AAQO,SAAS,eAAe,IAAgB,IAAyB;AACtE,MAAI,GAAG,WAAW,GAAG,QAAQ;AAC3B,WAAO;AAAA,EACT;AACA,MAAI,MAAM;AACV,WAAS,IAAI,GAAG,IAAI,GAAG,QAAQ,KAAK;AAClC,WAAO,GAAG,CAAC,IAAI,GAAG,CAAC;AAAA,EACrB;AACA,SAAO,QAAQ;AACjB;AAOO,SAAS,iBAAiB,QAAyB;AACxD,SAAO,EACL,UAAU,YACV,SAAS,kBACT,OAAO,SAAS,OAAO,MAAM,GAAG,EAAE,MAAM;AAE5C;AAMO,SAAS,gBAAgB,YAA8B;AAC5D,SAAO,WAAW,WAAW,YAAY,qBAAqB;AAC9D,SAAO,kBAAkB,UAAU,GAAG,qBAAqB;AAC7D;AAMO,SAAS,eAAe,WAA6B;AAC1D;AAAA,IACE,UAAU,WAAW,gCACnB,UAAU,WAAW;AAAA,IACvB;AAAA,EACF;AACA,MAAI,UAAU,WAAW,8BAA8B;AACrD,WAAO,UAAU,CAAC,MAAM,GAAG,oBAAoB;AAAA,EACjD;AACA,MAAI,UAAU,WAAW,qBAAqB;AAC5C,WAAO,UAAU,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,GAAG,oBAAoB;AAAA,EACvE;AACF;AAMO,SAAS,aAAa,KAAuB;AAClD,SAAO,IAAI,SAAS,GAAG,mBAAmB;AAC1C,SAAO,IAAI,UAAU,gBAAgB,sBAAsB;AAC7D;;;ACpIA,YAAY,WAAW;AAQvB,IAAM,EAAE,gBAAgB,IAAI;AAE5B,SAAS,sBAAsB,KAA2B;AACxD,SAAO,MAAM,KAAK,GAAG;AACvB;AAEA,SAAS,iBAAiB,IAAgB,KAAuB;AAC/D,MAAI,GAAG,WAAW,WAAW;AAC3B,UAAM,IAAI,MAAM,mBAAmB;AAAA,EACrC;AACA,MAAI,IAAI,WAAW,YAAY;AAC7B,UAAM,IAAI,MAAM,oBAAoB;AAAA,EACtC;AACF;AASA,eAAsB,cACpB,IACA,KACA,MACqB;AACrB,SAAO,kBAAkB,IAAI,KAAK,IAAI;AACxC;AASA,eAAsB,cACpB,IACA,KACA,MACqB;AACrB,SAAO,kBAAkB,IAAI,KAAK,IAAI;AACxC;AASO,SAAS,kBACd,IACA,KACA,MACY;AACZ,mBAAiB,IAAI,GAAG;AACxB,QAAM,SAAS,SAAS,MAAM,SAAS;AACvC,QAAM,MAAM,IAAI,gBAAgB;AAAA,IAC9B,sBAAsB,GAAG;AAAA,IACzB,sBAAsB,EAAE;AAAA,EAC1B;AACA,SAAO,IAAI,WAAW,IAAI,QAAQ,sBAAsB,MAAM,CAAC,CAAC;AAClE;AASO,SAAS,kBACd,IACA,KACA,MACY;AACZ,mBAAiB,IAAI,GAAG;AACxB,QAAM,MAAM,IAAI,gBAAgB;AAAA,IAC9B,sBAAsB,GAAG;AAAA,IACzB,sBAAsB,EAAE;AAAA,EAC1B;AACA,QAAM,YAAY,IAAI,WAAW,IAAI,QAAQ,sBAAsB,IAAI,CAAC,CAAC;AACzE,SAAO,WAAW,WAAW,SAAS;AACxC;AAQA,SAAS,SAAS,MAAkB,WAA+B;AACjE,QAAM,MAAM,YAAa,KAAK,SAAS;AACvC,QAAM,MAAM,IAAI,WAAW,KAAK,SAAS,GAAG;AAC5C,MAAI,IAAI,IAAI;AACZ,MAAI,KAAK,KAAK,KAAK,MAAM;AACzB,SAAO;AACT;AAQA,SAAS,WAAW,MAAkB,WAA+B;AACnE,QAAM,UACJ,KAAK,WAAW,IAAI,SAAY,KAAK,KAAK,SAAS,CAAC;AACtD,MAAI,YAAY,QAAW;AACzB,UAAM,IAAI,MAAM,oBAAoB;AAAA,EACtC;AACA,QAAM,MAAM;AACZ,MAAI,MAAM,KAAK,MAAM,aAAa,MAAM,KAAK,QAAQ;AACnD,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AACA,WAAS,IAAI,KAAK,SAAS,KAAK,IAAI,KAAK,QAAQ,KAAK;AACpD,QAAI,KAAK,CAAC,MAAM,KAAK;AACnB,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC3C;AAAA,EACF;AACA,SAAO,KAAK,MAAM,GAAG,KAAK,SAAS,GAAG;AACxC;;;ACnIA,SAAS,WAAW;;;ACOb,SAAS,YAAY,QAA4B;AACtD,MAAI,CAAC,iBAAiB,MAAM,GAAG;AAC7B,UAAM,IAAI,MAAM,qCAAqC,MAAM,EAAE;AAAA,EAC/D;AACA,QAAM,MAAM,IAAI,WAAW,MAAM;AACjC,aAAW,OAAO,gBAAgB,GAAG;AACrC,SAAO;AACT;;;ADWA,IAAM,kBAAkB;AAExB,SAAS,gBAAgB,KAAuB;AAC9C,QAAM,MAAM,IAAI;AAChB,MAAI,QAAQ,MAAM,QAAQ,MAAM,QAAQ,IAAI;AAC1C,UAAM,IAAI,MAAM,wBAAwB;AAAA,EAC1C;AACF;AAEA,SAAS,kBAAkB,OAAyB;AAClD,MAAI,MAAM,SAAS,iBAAiB;AAClC,UAAM,IAAI,MAAM,0BAA0B;AAAA,EAC5C;AACF;AAEA,SAAS,uBAAuB,IAAsB;AACpD,MAAI,GAAG,UAAU,oBAAoB;AACnC,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AACF;AAEA,SAAS,8BAA8B,GAAiB;AACtD,MACE,CAAC,OAAO,UAAU,CAAC,KACnB,IAAI,mBACJ,IAAI,mCACJ;AACA,UAAM,IAAI;AAAA,MACR,qEAAqE,eAAe,OAAO,iCAAiC;AAAA,IAC9H;AAAA,EACF;AACF;AAaA,eAAsB,cACpB,OACA,KACA,WACA,KACqB;AACrB,SAAO,kBAAkB,OAAO,KAAK,WAAW,GAAG;AACrD;AAYO,SAAS,kBACd,OACA,KACA,WACA,KACY;AACZ,kBAAgB,GAAG;AACnB,oBAAkB,KAAK;AACvB,SAAO,IAAI,KAAK,OAAO,GAAG,EAAE,QAAQ,SAAS;AAC/C;AAYA,eAAsB,cACpB,OACA,KACA,YACA,KACqB;AACrB,SAAO,kBAAkB,OAAO,KAAK,YAAY,GAAG;AACtD;AAYO,SAAS,kBACd,OACA,KACA,YACA,KACY;AACZ,kBAAgB,GAAG;AACnB,oBAAkB,KAAK;AACvB,yBAAuB,UAAU;AACjC,SAAO,IAAI,KAAK,OAAO,GAAG,EAAE,QAAQ,UAAU;AAChD;AAYO,SAAS,8BAA8B,MAAe,KAAqB;AAChF,QAAM,WAAW,wBAAwB,GAAG;AAC5C,QAAM,KAAK,YAAY,oBAAoB;AAC3C,QAAM,KAAK,aAAa,KAAK,UAAU,IAAI,CAAC;AAC5C,QAAM,KAAK,kBAAkB,IAAI,UAAU,EAAE;AAC7C,SAAO,YAAY,cAAc,IAAI,EAAE,CAAC;AAC1C;AAYO,SAAS,8BAA8B,KAAa,KAAsB;AAC/E,QAAM,WAAW,wBAAwB,GAAG;AAC5C,QAAM,WAAW,YAAY,GAAG;AAChC,MAAI,SAAS,SAAS,uBAAuB,qBAAqB,GAAG;AACnE,UAAM,IAAI,MAAM,+BAA+B;AAAA,EACjD;AACA,QAAM,KAAK,SAAS,SAAS,GAAG,oBAAoB;AACpD,QAAM,aAAa,SAAS,SAAS,oBAAoB;AACzD,QAAM,KAAK,kBAAkB,IAAI,UAAU,UAAU;AACrD,SAAO,KAAK,MAAM,aAAa,EAAE,CAAC;AACpC;AAEA,SAAS,6BAA6B,MAAe,iBAAyC;AAC5F,gCAA8B,eAAe;AAC7C,QAAM,MAAM,YAAY,UAAU;AAClC,QAAM,KAAK,YAAY,eAAe;AACtC,QAAM,KAAK,aAAa,KAAK,UAAU,IAAI,CAAC;AAC5C,QAAM,KAAK,kBAAkB,IAAI,KAAK,EAAE;AACxC,SAAO;AAAA,IACL,IAAI,eAAe,EAAE;AAAA,IACrB,KAAK,kBAAkB,GAAG;AAAA,IAC1B,QAAQ,eAAe,EAAE;AAAA,EAC3B;AACF;AAWO,SAAS,yBACd,MACA,kBAA0B,sBACV;AAChB,SAAO,6BAA6B,MAAM,eAAe;AAC3D;AAGA,eAAsB,qBACpB,MACA,kBAA0B,sBACD;AACzB,SAAO,yBAAyB,MAAM,eAAe;AACvD;AAWO,SAAS,yBAAyB,MAA+B;AACtE,QAAM,KAAK,eAAe,KAAK,EAAE;AACjC,QAAM,MAAM,kBAAkB,KAAK,GAAG;AACtC,QAAM,aAAa,eAAe,KAAK,MAAM;AAC7C,QAAM,KAAK,kBAAkB,IAAI,KAAK,UAAU;AAChD,SAAO,KAAK,MAAM,aAAa,EAAE,CAAC;AACpC;AAGA,eAAsB,qBAAqB,MAAwC;AACjF,SAAO,yBAAyB,IAAI;AACtC;;;AE7OA,SAAS,SAAAA,QAAO,WAAW;;;ACA3B,SAAS,YAAY;AACrB,SAAS,cAAc;AACvB,YAAY,UAAU;;;ACKf,SAAS,wBAAwB,KAA6B;AACnE,MAAI,IAAI,SAAS,KAAK,IAAI,CAAC,MAAM,IAAM;AACrC,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AACA,QAAM,EAAE,OAAO,QAAQ,MAAM,UAAU,IAAI,eAAe,KAAK,CAAC;AAChE,QAAM,UAAU,YAAY;AAC5B,MAAI,UAAU,IAAI,QAAQ;AACxB,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C;AACA,QAAM,IAAI,YAAY,KAAK,WAAW,OAAO;AAC7C,QAAM,IAAI,YAAY,KAAK,EAAE,MAAM,OAAO;AAC1C,MAAI,EAAE,SAAS,SAAS;AACtB,UAAM,IAAI,MAAM,8BAA8B;AAAA,EAChD;AACA,SAAO,cAAc,MAAM,EAAE,KAAK,GAAG,MAAM,EAAE,KAAK,CAAC;AACrD;AAQA,SAAS,eACP,KACA,OACiC;AACjC,QAAM,IAAI,IAAI,GAAG,KAAK;AACtB,MAAI,MAAM,QAAW;AACnB,UAAM,IAAI,MAAM,eAAe;AAAA,EACjC;AACA,OAAK,IAAI,SAAU,GAAG;AACpB,WAAO,EAAE,OAAO,GAAG,MAAM,QAAQ,EAAE;AAAA,EACrC;AACA,QAAM,IAAI,IAAI;AACd,MAAI,MAAM,KAAK,IAAI,GAAG;AACpB,UAAM,IAAI,MAAM,6BAA6B;AAAA,EAC/C;AACA,QAAM,eAAe,QAAQ;AAC7B,QAAM,mBAAmB,eAAe;AACxC,MAAI,mBAAmB,IAAI,QAAQ;AACjC,UAAM,IAAI,MAAM,sBAAsB;AAAA,EACxC;AACA,MAAI,MAAM;AACV,WAAS,IAAI,cAAc,IAAI,kBAAkB,KAAK;AACpD,UAAO,OAAO,IAAK,IAAI,CAAC;AAAA,EAC1B;AACA,SAAO,EAAE,OAAO,KAAK,MAAM,iBAAiB;AAC9C;AASA,SAAS,YACP,KACA,OACA,KACqC;AACrC,MAAI,IAAI,KAAK,MAAM,GAAM;AACvB,UAAM,IAAI,MAAM,sBAAsB;AAAA,EACxC;AACA,QAAM,EAAE,OAAO,KAAK,MAAM,WAAW,IAAI,eAAe,KAAK,QAAQ,CAAC;AACtE,QAAM,WAAW,aAAa;AAC9B,MAAI,WAAW,KAAK;AAClB,UAAM,IAAI,MAAM,uBAAuB;AAAA,EACzC;AACA,MAAI,IAAI,IAAI,MAAM,YAAY,QAAQ;AACtC,MACE,EAAE,UAAU,KACZ,EAAE,CAAC,MAAM,MACR,EAAE,CAAC,IAAI,SAAU,GAClB;AACA,QAAI,EAAE,MAAM,CAAC;AAAA,EACf;AACA,SAAO,EAAE,OAAO,GAAG,MAAM,SAAS;AACpC;AAOA,SAAS,MAAM,GAA2B;AACxC,MAAI,EAAE,WAAW,IAAI;AACnB,WAAO;AAAA,EACT;AACA,MAAI,EAAE,SAAS,IAAI;AACjB,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AACA,QAAM,MAAM,IAAI,WAAW,EAAE;AAC7B,MAAI,IAAI,GAAG,KAAK,EAAE,MAAM;AACxB,SAAO;AACT;AAOO,SAAS,wBAAwB,KAAyB;AAC/D,MAAI,MAAM,KAAM;AACd,WAAO,IAAI,WAAW,CAAC,GAAG,CAAC;AAAA,EAC7B;AACA,QAAM,QAAkB,CAAC;AACzB,MAAI,IAAI;AACR,SAAO,IAAI,GAAG;AACZ,UAAM,KAAK,IAAI,GAAI;AACnB,WAAO;AAAA,EACT;AACA,QAAM,QAAQ;AACd,QAAM,MAAM,IAAI,WAAW,IAAI,MAAM,MAAM;AAC3C,MAAI,CAAC,IAAI,MAAO,MAAM;AACtB,MAAI,IAAI,OAAO,CAAC;AAChB,SAAO;AACT;AAOO,SAAS,wBAAwB,IAA4B;AAClE,MAAI,GAAG,WAAW,IAAI;AACpB,UAAM,IAAI,MAAM,2BAA2B;AAAA,EAC7C;AACA,QAAM,IAAI,cAAc,GAAG,MAAM,GAAG,EAAE,CAAC;AACvC,QAAM,IAAI,cAAc,GAAG,MAAM,IAAI,EAAE,CAAC;AACxC,QAAM,MAAM,cAAc,GAAG,CAAC;AAC9B,QAAM,SAAS,wBAAwB,IAAI,MAAM;AACjD,SAAO,cAAc,IAAI,WAAW,CAAC,EAAI,CAAC,GAAG,QAAQ,GAAG;AAC1D;AAQO,SAAS,cAAc,OAA+B;AAC3D,MAAI,IAAI,kBAAkB,KAAK;AAC/B,MAAI,EAAE,WAAW,GAAG;AAClB,QAAI,IAAI,WAAW,CAAC,CAAC,CAAC;AAAA,EACxB;AACA,QAAM,KAAK,EAAE,CAAC;AACd,MAAI,KAAK,KAAM;AACb,QAAI,cAAc,IAAI,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC;AAAA,EAC1C;AACA,SAAO,cAAc,IAAI,WAAW,CAAC,GAAM,EAAE,MAAM,CAAC,GAAG,CAAC;AAC1D;AAOA,SAAS,kBAAkB,OAA+B;AACxD,MAAI,IAAI;AACR,SAAO,IAAI,MAAM,SAAS,KAAK,MAAM,CAAC,MAAM,GAAG;AAC7C;AAAA,EACF;AACA,SAAO,MAAM,MAAM,CAAC;AACtB;;;ADvJK,YAAO,SAAS;AAChB,YAAO,aAAa,CAAC,KAAiB,QACzC,KAAK,QAAQ,KAAK,GAAG;AAMhB,SAAS,kBAA8B;AAC5C,SAAY,WAAM,gBAAgB;AACpC;AAOO,SAAS,SAAS,WAAmC;AAC1D,MAAI,aAAa,SAAS,GAAG;AAC3B,mBAAe,SAAS;AACxB,WAAO;AAAA,EACT;AACA,MAAI,UAAU,WAAW,8BAA8B;AACrD,mBAAe,SAAS;AAAA,EAC1B;AACA,SAAY,WAAM,UAAU,SAAS,EAAE,QAAQ,IAAI;AACrD;AAOO,SAAS,WAAW,WAAmC;AAC5D,MAAI,eAAe,SAAS,GAAG;AAC7B,QAAI,UAAU,WAAW,8BAA8B;AACrD,qBAAe,SAAS;AAAA,IAC1B;AACA,WAAO;AAAA,EACT;AACA,MAAI,UAAU,WAAW,qBAAqB;AAC5C,mBAAe,SAAS;AAAA,EAC1B;AACA,SAAY,WAAM,UAAU,SAAS,EAAE,QAAQ,KAAK;AACtD;AAOO,SAAS,UAAU,YAAoC;AAC5D,kBAAgB,UAAU;AAC1B,SAAY,kBAAa,YAAY,KAAK;AAC5C;AAOO,SAAS,oBAAoB,YAAoC;AACtE,kBAAgB,UAAU;AAC1B,SAAY,kBAAa,YAAY,IAAI;AAC3C;AAMO,SAAS,kBAA2B;AACzC,QAAM,aAAa,gBAAgB;AACnC,QAAM,YAAY,UAAU,UAAU;AACtC,SAAO,EAAE,YAAY,UAAU;AACjC;AAOO,SAAS,gBAAgB,KAA6B;AAC3D,MAAI,oBAAoB,GAAG,GAAG;AAC5B,WAAO;AAAA,EACT;AACA,QAAM,UAAU,IAAI,WAAW,KAAK,IAAI,MAAM,GAAG,EAAE,IAAI;AACvD,MAAI,QAAQ,WAAW,IAAI;AACzB,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AACA,SAAO,wBAAwB,OAAO;AACxC;AASO,SAASC,MACd,YACA,KACA,SAAS,OACG;AACZ,kBAAgB,UAAU;AAC1B,eAAa,GAAG;AAChB,SAAY,UAAK,KAAK,YAAY;AAAA,IAChC,SAAS;AAAA,IACT,QAAQ,SAAS,cAAc;AAAA,IAC/B,MAAM;AAAA,EACR,CAAC;AACH;AASO,SAAS,QACd,KACA,KACA,aAAa,OACD;AACZ,eAAa,GAAG;AAChB,QAAM,MAAW,sBAAiB,KAAK,KAAK,EAAE,SAAS,MAAM,CAAC;AAC9D,SAAY,WAAM,UAAU,GAAG,EAAE,QAAQ,UAAU;AACrD;AASO,SAASC,QACd,WACA,KACA,KACM;AACN,iBAAe,SAAS;AACxB,eAAa,GAAG;AAEhB,MAAI;AACJ,MAAI;AACJ,MAAI,IAAI,WAAW,IAAI;AACrB,eAAW;AACX,aAAS;AAAA,EACX,WAAW,IAAI,CAAC,MAAM,IAAM;AAC1B,eAAW,wBAAwB,GAAG;AACtC,aAAS;AAAA,EACX,OAAO;AACL,eAAW;AACX,aAAS,IAAI,WAAW,KAAK,cAAc;AAAA,EAC7C;AAEA,QAAM,KAAU,YAAO,UAAU,KAAK,WAAW;AAAA,IAC/C,SAAS;AAAA,IACT;AAAA,IACA,MAAM;AAAA,EACR,CAAC;AACD,MAAI,CAAC,GAAI,OAAM,IAAI,MAAM,mBAAmB;AAC9C;;;AD/KO,SAAS,OACd,aACA,YACY;AACZ,kBAAgB,WAAW;AAC3B,iBAAe,UAAU;AACzB,QAAM,MAAM,WAAW,UAAU;AACjC,QAAM,SAASC,OAAM,UAAU,GAAG,EAC/B,SAAS,IAAI,kBAAkB,WAAW,CAAC,EAC3C,SAAS;AACZ,SAAO,IAAI,gBAAgB,OAAO,CAAC;AACrC;;;AGrBA,SAAS,QAAAC,aAAY;AACrB,SAAS,UAAAC,SAAQ,cAAc;AAU/B,eAAsB,eACpB,KACA,KACqB;AACrB,SAAO,mBAAmB,KAAK,GAAG;AACpC;AASA,eAAsB,iBACpB,KACA,KACA,KACkB;AAClB,SAAO,qBAAqB,KAAK,KAAK,GAAG;AAC3C;AAQA,eAAsB,eACpB,KACA,KACqB;AACrB,SAAO,mBAAmB,KAAK,GAAG;AACpC;AASA,eAAsB,iBACpB,KACA,KACA,KACkB;AAClB,SAAO,qBAAqB,KAAK,KAAK,GAAG;AAC3C;AAQO,SAAS,mBAAmB,KAAiB,KAA6B;AAC/E,SAAOC,MAAKC,SAAQ,KAAK,GAAG;AAC9B;AASO,SAAS,qBACd,KACA,KACA,KACS;AACT,QAAM,WAAW,mBAAmB,KAAK,GAAG;AAC5C,SAAO,eAAe,UAAU,GAAG;AACrC;AAQO,SAAS,mBAAmB,KAAiB,KAA6B;AAC/E,SAAOD,MAAK,QAAQ,KAAK,GAAG;AAC9B;AASO,SAAS,qBACd,KACA,KACA,KACS;AACT,QAAM,WAAW,mBAAmB,KAAK,GAAG;AAC5C,SAAO,eAAe,UAAU,GAAG;AACrC;AAUA,eAAsB,4BACpB,SACA,KACiB;AACjB,SAAO,gCAAgC,SAAS,GAAG;AACrD;AAGO,SAAS,gCACd,SACA,KACQ;AACR,QAAM,WAAW,aAAa,OAAO;AACrC,SAAO,eAAe,mBAAmB,UAAU,GAAG,CAAC;AACzD;AASA,eAAsB,gCACpB,SACA,MACiB;AACjB,SAAO,oCAAoC,SAAS,IAAI;AAC1D;AAGO,SAAS,oCACd,SACA,MACQ;AACR,SAAO,gCAAgC,SAAS,aAAa,KAAK,UAAU,IAAI,CAAC,CAAC;AACpF;;;AC7JA,SAAS,UAAU,mBAAmB;AAOtC,eAAsBE,QAAO,KAAsC;AACjE,SAAO,YAAY,GAAG;AACxB;AAOO,SAAS,WAAW,KAA6B;AACtD,SAAO,YAAY,GAAG;AACxB;;;ACuBA,SAAS,aAAa,YAAwB,WAAuB;AACnE,QAAM,MAAM,WAAW,SAAS;AAChC,SAAO,OAAO,YAAY,GAAG;AAC/B;AAOA,SAAS,iBAAiB,MAAkB;AAC1C,SAAO,KAAK,MAAM,UAAU,UAAU;AACxC;AAOA,SAAS,UAAU,MAAkB;AACnC,SAAO,KAAK,MAAM,UAAU;AAC9B;AAQA,eAAe,aACb,YACA,WAC4D;AAC5D,QAAM,YAAY,aAAa,YAAY,SAAS;AACpD,QAAM,OAAO,MAAMC,QAAO,SAAS;AACnC,SAAO,EAAE,eAAe,iBAAiB,IAAI,GAAG,QAAQ,UAAU,IAAI,EAAE;AAC1E;AAQA,SAAS,iBAAiB,YAAwB,WAAuB;AACvE,QAAM,YAAY,aAAa,YAAY,SAAS;AACpD,QAAM,OAAO,WAAW,SAAS;AACjC,SAAO,EAAE,eAAe,iBAAiB,IAAI,GAAG,QAAQ,UAAU,IAAI,EAAE;AAC1E;AAOA,SAAS,gBAAgB,MAAgC;AACvD,QAAM,QAAQ,MAAM;AACpB,MAAI,UAAU,QAAW;AACvB,QAAI,CAAC,kBAAkB,KAAK,GAAG;AAC7B,YAAM,IAAI,MAAM,2BAA2B;AAAA,IAC7C;AACA,WAAO,EAAE,iBAAiB,OAAO,gBAAgB,UAAU,KAAK,EAAE;AAAA,EACpE;AACA,MAAI,kBAAkB,YAAY,UAAU;AAC5C,SAAO,CAAC,kBAAkB,eAAe,GAAG;AAC1C,sBAAkB,YAAY,UAAU;AAAA,EAC1C;AACA,QAAM,iBAAiB,UAAU,eAAe;AAChD,SAAO,EAAE,iBAAiB,eAAe;AAC3C;AASA,eAAsB,QACpB,aACA,KACA,MACoB;AACpB,QAAM,EAAE,iBAAiB,eAAe,IAAI,gBAAgB,IAAI;AAChE,QAAM,EAAE,eAAe,OAAO,IAAI,MAAM;AAAA,IACtC;AAAA,IACA;AAAA,EACF;AACA,QAAM,KAAK,MAAM,MAAM,YAAY,SAAS;AAC5C,QAAM,aAAa,MAAM,cAAc,IAAI,eAAe,GAAG;AAC7D,QAAM,YAAY,cAAc,IAAI,gBAAgB,UAAU;AAC9D,QAAM,MAAM,MAAM,eAAe,QAAQ,SAAS;AAClD,SAAO,EAAE,IAAI,gBAAgB,YAAY,IAAI;AAC/C;AAQA,eAAsB,QACpB,YACA,MACqB;AACrB,QAAM,EAAE,gBAAgB,IAAI,KAAK,WAAW,IAAI;AAChD,QAAM,EAAE,eAAe,OAAO,IAAI,MAAM;AAAA,IACtC;AAAA,IACA;AAAA,EACF;AACA,QAAM,YAAY,cAAc,IAAI,gBAAgB,UAAU;AAC9D,QAAM,UAAU,MAAM,iBAAiB,QAAQ,WAAW,GAAG;AAC7D,SAAO,SAAS,aAAa;AAC7B,SAAO,cAAc,IAAI,eAAe,UAAU;AACpD;AASO,SAAS,YACd,aACA,KACA,MACW;AACX,QAAM,EAAE,iBAAiB,eAAe,IAAI,gBAAgB,IAAI;AAChE,QAAM,EAAE,eAAe,OAAO,IAAI;AAAA,IAChC;AAAA,IACA;AAAA,EACF;AACA,QAAM,KAAK,MAAM,MAAM,YAAY,SAAS;AAC5C,QAAM,aAAa,kBAAkB,IAAI,eAAe,GAAG;AAC3D,QAAM,YAAY,cAAc,IAAI,gBAAgB,UAAU;AAC9D,QAAM,MAAM,mBAAmB,QAAQ,SAAS;AAChD,SAAO,EAAE,IAAI,gBAAgB,YAAY,IAAI;AAC/C;AAQO,SAAS,YACd,YACA,MACY;AACZ,QAAM,EAAE,gBAAgB,IAAI,KAAK,WAAW,IAAI;AAChD,QAAM,EAAE,eAAe,OAAO,IAAI;AAAA,IAChC;AAAA,IACA;AAAA,EACF;AACA,QAAM,YAAY,cAAc,IAAI,gBAAgB,UAAU;AAC9D,QAAM,UAAU,qBAAqB,QAAQ,WAAW,GAAG;AAC3D,SAAO,SAAS,aAAa;AAC7B,SAAO,kBAAkB,IAAI,eAAe,UAAU;AACxD;AAOO,SAAS,UAAU,MAA6B;AACrD,QAAM,iBAAiB,SAAS,KAAK,cAAc;AACnD,SAAO,cAAc,KAAK,IAAI,gBAAgB,KAAK,KAAK,KAAK,UAAU;AACzE;AAOO,SAAS,YAAY,KAA4B;AACtD,SAAO,IAAI,UAAU,6BAA6B,6BAA6B;AAC/E,QAAM,SAAS;AACf,QAAM,SAAS,SAAS;AACxB,QAAM,SAAS,SAAS;AACxB,QAAM,SAAS,SAAS;AACxB,QAAM,SAAS,IAAI;AACnB,SAAO;AAAA,IACL,IAAI,IAAI,MAAM,QAAQ,MAAM;AAAA,IAC5B,gBAAgB,WAAW,IAAI,MAAM,QAAQ,MAAM,CAAC;AAAA,IACpD,KAAK,IAAI,MAAM,QAAQ,MAAM;AAAA,IAC7B,YAAY,IAAI,MAAM,QAAQ,MAAM;AAAA,EACtC;AACF;;;ACnNA,SAAS,kBAAgC;AACvC,QAAM,YAAa,WAAmC;AACtD,QAAM,SAAS,WAAW;AAC1B,MAAI,WAAW,QAAW;AACxB,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AACA,SAAO;AACT;AAYA,eAAsB,OACpB,UACA,SACuB;AACvB,QAAM,OAAO,SAAS,QAAQ,YAAY,SAAS;AACnD,QAAM,gBAAgB,WAAW,KAAK,QAAQ;AAC9C,QAAM,YAAY,WAAW,KAAK,IAAI;AACtC,SAAO,KAAK,SAAS,GAAG,gCAAgC;AACxD,QAAM,aAAa,SAAS,cAAc;AAC1C;AAAA,IACE,OAAO,UAAU,UAAU,KAAK,cAAc;AAAA,IAC9C;AAAA,EACF;AACA,QAAM,SAAuB,SAAS,UAAU;AAChD,QAAM,kBACJ,WAAW,uBAAuB,uBAAuB;AAC3D,QAAM,OACJ,oBAAoB,uBAAuB,sBAAsB;AACnE,QAAM,SAAS,gBAAgB;AAE/B,QAAM,cAAc,MAAM,OAAO;AAAA,IAC/B;AAAA,IACA;AAAA,IACA,EAAE,MAAM,SAAS;AAAA,IACjB;AAAA,IACA,CAAC,YAAY;AAAA,EACf;AACA,QAAM,cAAc,MAAM,OAAO;AAAA,IAC/B;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN;AAAA,MACA;AAAA,IACF;AAAA,IACA;AAAA,IACA,aAAa;AAAA,EACf;AAEA,SAAO;AAAA,IACL,KAAK,IAAI,WAAW,WAAW;AAAA,IAC/B,MAAM;AAAA,IACN;AAAA,IACA;AAAA,EACF;AACF;;;AClFA,SAAS,aAAa,sBAAsB;AAC5C,SAAS,UAAU,mBAAmB;AAStC,eAAsBC,QAAO,KAAsC;AACjE,SAAO,YAAY,GAAG;AACxB;AAOO,SAAS,WAAW,KAA6B;AACtD,SAAO,YAAY,GAAG;AACxB;AAQA,eAAsB,cAAc,KAA8B;AAChE,SAAO,YAAY,MAAMA,QAAO,aAAa,GAAG,CAAC,CAAC;AACpD;AAGO,SAAS,kBAAkB,KAAqB;AACrD,SAAO,YAAY,WAAW,aAAa,GAAG,CAAC,CAAC;AAClD;AAOA,eAAsBC,QAAO,KAAsC;AACjE,SAAOA,QAAY,GAAG;AACxB;AASA,eAAsB,UAAU,KAAsC;AACpE,SAAO,eAAe,GAAG;AAC3B;AAOO,SAAS,cAAc,KAA6B;AACzD,SAAO,eAAe,GAAG;AAC3B;;;ACjEA,SAAS,YAAY,gBAAgB;AAO9B,SAAS,KAAK,KAA6B;AAChD,SAAO,SAAS,GAAG;AACrB;AAOO,SAAS,UAAU,KAA6B;AACrD,SAAO,WAAW,GAAG;AACvB;", "names": ["Point", "sign", "verify", "Point", "hmac", "sha256", "hmac", "sha256", "sha512", "sha512", "sha256", "sha512"] }