		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.output = exports.exists = exports.hash = exports.bytes = exports.bool = exports.number = exports.isBytes = void 0;
		exports.isBytes = isBytes;
		exports.number = number;
		exports.bool = bool;
		exports.bytes = bytes;
		exports.hash = hash;
		exports.exists = exists;
		exports.output = output;
		function number(n) {
		@@ -8,3 +14,2 @@ if (!Number.isSafeInteger(n) \|\| n < 0)
		}
		exports.number = number;
		function bool(b) {
		@@ -14,3 +19,2 @@ if (typeof b !== 'boolean')
		}
		exports.bool = bool;
		// copied from utils
		@@ -21,3 +25,2 @@ function isBytes(a) {
		}
		exports.isBytes = isBytes;
		function bytes(b, ...lengths) {
		@@ -29,3 +32,2 @@ if (!isBytes(b))
		}
		exports.bytes = bytes;
		function hash(h) {
		@@ -37,3 +39,2 @@ if (typeof h !== 'function' \|\| typeof h.create !== 'function')
		}
		exports.hash = hash;
		function exists(instance, checkFinished = true) {
		@@ -45,3 +46,2 @@ if (instance.destroyed)
		}
		exports.exists = exists;
		function output(out, instance) {
		@@ -54,5 +54,4 @@ bytes(out);
		}
		exports.output = output;
		const assert = { number, bool, bytes, hash, exists, output };
		exports.default = assert;
		//# sourceMappingURL=_assert.js.map

_md.d.ts

		import { Hash, Input } from './utils.js';
		/**
		* Choice: a ? b : c
		*/
		export declare const Chi: (a: number, b: number, c: number) => number;
		/**
		* Majority function, true if any two inputs is true
		*/
		export declare const Maj: (a: number, b: number, c: number) => number;
		@@ -4,0 +10,0 @@ /**

_md.js

		@@ -6,3 +6,5 @@ "use strict";
		const utils_js_1 = require("./utils.js");
		// Polyfill for Safari 14
		/**
		* Polyfill for Safari 14
		*/
		function setBigUint64(view, byteOffset, value, isLE) {
		@@ -20,6 +22,10 @@ if (typeof view.setBigUint64 === 'function')
		}
		// Choice: a ? b : c
		/**
		* Choice: a ? b : c
		*/
		const Chi = (a, b, c) => (a & b) ^ (~a & c);
		exports.Chi = Chi;
		// Majority function, true if any two inpust is true
		/**
		* Majority function, true if any two inputs is true
		*/
		const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c);
		@@ -26,0 +32,0 @@ exports.Maj = Maj;

_u64.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.add5L = exports.add5H = exports.add4H = exports.add4L = exports.add3H = exports.add3L = exports.add = exports.rotlBL = exports.rotlBH = exports.rotlSL = exports.rotlSH = exports.rotr32L = exports.rotr32H = exports.rotrBL = exports.rotrBH = exports.rotrSL = exports.rotrSH = exports.shrSL = exports.shrSH = exports.toBig = exports.split = exports.fromBig = void 0;
		exports.add5L = exports.add5H = exports.add4H = exports.add4L = exports.add3H = exports.add3L = exports.rotlBL = exports.rotlBH = exports.rotlSL = exports.rotlSH = exports.rotr32L = exports.rotr32H = exports.rotrBL = exports.rotrBH = exports.rotrSL = exports.rotrSH = exports.shrSL = exports.shrSH = exports.toBig = void 0;
		exports.fromBig = fromBig;
		exports.split = split;
		exports.add = add;
		const U32_MASK64 = /* @__PURE__ / BigInt(2 * 32 - 1);
		@@ -12,3 +15,2 @@ const _32n = /* @__PURE__ */ BigInt(32);
		}
		exports.fromBig = fromBig;
		function split(lst, le = false) {
		@@ -23,3 +25,2 @@ let Ah = new Uint32Array(lst.length);
		}
		exports.split = split;
		const toBig = (h, l) => (BigInt(h >>> 0) << _32n) \| BigInt(l >>> 0);
		@@ -63,3 +64,2 @@ exports.toBig = toBig;
		}
		exports.add = add;
		// Addition with more than 2 elements
		@@ -66,0 +66,0 @@ const add3L = (Al, Bl, Cl) => (Al >>> 0) + (Bl >>> 0) + (Cl >>> 0);

blake2b.d.ts

		import { BLAKE, BlakeOpts } from './_blake.js';
		declare class BLAKE2b extends BLAKE<BLAKE2b> {
		export declare class BLAKE2b extends BLAKE<BLAKE2b> {
		private v0l;
		@@ -53,3 +53,2 @@ private v0h;
		};
		export {};
		//# sourceMappingURL=blake2b.d.ts.map

blake2b.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.blake2b = void 0;
		exports.blake2b = exports.BLAKE2b = void 0;
		const _blake_js_1 = require("./_blake.js");
		@@ -186,2 +186,3 @@ const _u64_js_1 = require("./_u64.js");
		}
		exports.BLAKE2b = BLAKE2b;
		/**
		@@ -188,0 +189,0 @@ * BLAKE2b - optimized for 64-bit platforms. JS doesn't have uint64, so it's slower than BLAKE2s.

blake2s.d.ts

		@@ -21,3 +21,3 @@ import { BLAKE, BlakeOpts } from './_blake.js';
		};
		declare class BLAKE2s extends BLAKE<BLAKE2s> {
		export declare class BLAKE2s extends BLAKE<BLAKE2s> {
		private v0;
		@@ -48,3 +48,2 @@ private v1;
		};
		export {};
		//# sourceMappingURL=blake2s.d.ts.map

blake2s.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.blake2s = exports.compress = exports.B2S_IV = void 0;
		exports.blake2s = exports.BLAKE2s = exports.B2S_IV = void 0;
		exports.compress = compress;
		const _blake_js_1 = require("./_blake.js");
		@@ -51,3 +52,2 @@ const _u64_js_1 = require("./_u64.js");
		}
		exports.compress = compress;
		class BLAKE2s extends _blake_js_1.BLAKE {
		@@ -118,2 +118,3 @@ constructor(opts = {}) {
		}
		exports.BLAKE2s = BLAKE2s;
		/**
		@@ -120,0 +121,0 @@ * BLAKE2s - optimized for 32-bit platforms. JS doesn't have uint64, so it's faster than BLAKE2b.

blake3.d.ts

		@@ -8,3 +8,3 @@ import { BLAKE } from './_blake.js';
		};
		declare class BLAKE3 extends BLAKE<BLAKE3> implements HashXOF<BLAKE3> {
		export declare class BLAKE3 extends BLAKE<BLAKE3> implements HashXOF<BLAKE3> {
		private IV;
		@@ -47,3 +47,2 @@ private flags;
		};
		export {};
		//# sourceMappingURL=blake3.d.ts.map

blake3.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.blake3 = void 0;
		exports.blake3 = exports.BLAKE3 = void 0;
		const _assert_js_1 = require("./_assert.js");
		@@ -237,2 +237,3 @@ const _u64_js_1 = require("./_u64.js");
		}
		exports.BLAKE3 = BLAKE3;
		/**
		@@ -239,0 +240,0 @@ * BLAKE3 hash function.

cryptoNode.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.crypto = void 0;
		// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
		// We prefer WebCrypto aka globalThis.crypto, which exists in node.js 16+.
		// Falls back to Node.js built-in crypto for Node.js <=v14
		// See utils.ts for details.
		// The file will throw on node.js 14 and earlier.
		// @ts-ignore
		const nc = require("node:crypto");
		exports.crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined;
		exports.crypto = nc && typeof nc === 'object' && 'webcrypto' in nc
		? nc.webcrypto
		: nc && typeof nc === 'object' && 'randomBytes' in nc
		? nc
		: undefined;
		//# sourceMappingURL=cryptoNode.js.map

eskdf.d.ts

		@@ -15,3 +15,3 @@ export declare function scrypt(password: string, salt: string): Uint8Array;
		type KeyOpts = undefined \| OptsLength \| OptsMod;
		type ESKDF = Promise<Readonly<{
		export interface ESKDF {
		/**
		@@ -35,3 +35,3 @@ * Derives a child key. Child key will not be associated with any
		fingerprint: string;
		}>>;
		}
		/**
		@@ -47,4 +47,4 @@ * ESKDF
		*/
		export declare function eskdf(username: string, password: string): ESKDF;
		export declare function eskdf(username: string, password: string): Promise<ESKDF>;
		export {};
		//# sourceMappingURL=eskdf.d.ts.map

eskdf.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.eskdf = exports.deriveMainSeed = exports.pbkdf2 = exports.scrypt = void 0;
		exports.scrypt = scrypt;
		exports.pbkdf2 = pbkdf2;
		exports.deriveMainSeed = deriveMainSeed;
		exports.eskdf = eskdf;
		const _assert_js_1 = require("./_assert.js");
		@@ -19,3 +22,2 @@ const hkdf_js_1 = require("./hkdf.js");
		}
		exports.scrypt = scrypt;
		// PBKDF2-HMAC-SHA256
		@@ -25,3 +27,2 @@ function pbkdf2(password, salt) {
		}
		exports.pbkdf2 = pbkdf2;
		// Combines two 32-byte byte arrays
		@@ -55,3 +56,2 @@ function xor32(a, b) {
		}
		exports.deriveMainSeed = deriveMainSeed;
		/**
		@@ -164,3 +164,2 @@ * Converts protocol & accountId pair to HKDF salt & info params.
		}
		exports.eskdf = eskdf;
		//# sourceMappingURL=eskdf.js.map

esm/_md.js

		import { exists, output } from './_assert.js';
		import { Hash, createView, toBytes } from './utils.js';
		// Polyfill for Safari 14
		/**
		* Polyfill for Safari 14
		*/
		function setBigUint64(view, byteOffset, value, isLE) {
		@@ -16,5 +18,9 @@ if (typeof view.setBigUint64 === 'function')
		}
		// Choice: a ? b : c
		/**
		* Choice: a ? b : c
		*/
		export const Chi = (a, b, c) => (a & b) ^ (~a & c);
		// Majority function, true if any two inpust is true
		/**
		* Majority function, true if any two inputs is true
		*/
		export const Maj = (a, b, c) => (a & b) ^ (a & c) ^ (b & c);
		@@ -21,0 +27,0 @@ /**

esm/blake2b.js

		@@ -61,3 +61,3 @@ import { BLAKE, SIGMA } from './_blake.js';
		}
		class BLAKE2b extends BLAKE {
		export class BLAKE2b extends BLAKE {
		constructor(opts = {}) {
		@@ -64,0 +64,0 @@ super(128, opts.dkLen === undefined ? 64 : opts.dkLen, opts, 64, 16, 16);

esm/blake2s.js

		@@ -48,3 +48,3 @@ import { BLAKE, SIGMA } from './_blake.js';
		}
		class BLAKE2s extends BLAKE {
		export class BLAKE2s extends BLAKE {
		constructor(opts = {}) {
		@@ -51,0 +51,0 @@ super(64, opts.dkLen === undefined ? 32 : opts.dkLen, opts, 32, 8, 8);

esm/blake3.js

		@@ -22,3 +22,3 @@ import { bytes, exists, number, output } from './_assert.js';
		// which won't really benefit small inputs.
		class BLAKE3 extends BLAKE {
		export class BLAKE3 extends BLAKE {
		constructor(opts = {}, flags = 0) {
		@@ -25,0 +25,0 @@ super(64, opts.dkLen === undefined ? 32 : opts.dkLen, {}, Number.MAX_SAFE_INTEGER, 0, 0);

esm/cryptoNode.js

		@@ -1,7 +0,11 @@
		// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
		// We prefer WebCrypto aka globalThis.crypto, which exists in node.js 16+.
		// Falls back to Node.js built-in crypto for Node.js <=v14
		// See utils.ts for details.
		// The file will throw on node.js 14 and earlier.
		// @ts-ignore
		import * as nc from 'node:crypto';
		export const crypto = nc && typeof nc === 'object' && 'webcrypto' in nc ? nc.webcrypto : undefined;
		export const crypto = nc && typeof nc === 'object' && 'webcrypto' in nc
		? nc.webcrypto
		: nc && typeof nc === 'object' && 'randomBytes' in nc
		? nc
		: undefined;
		//# sourceMappingURL=cryptoNode.js.map

esm/hmac.js

		@@ -74,2 +74,6 @@ import { hash as assertHash, bytes as assertBytes, exists as assertExists } from './_assert.js';
		* @param message - message data
		* @example
		* import { hmac } from '@noble/hashes/hmac';
		* import { sha256 } from '@noble/hashes/sha2';
		* const mac1 = hmac(sha256, 'key', 'message');
		*/
		@@ -76,0 +80,0 @@ export const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest();

esm/index.js

		@@ -1,3 +0,3 @@
		throw new Error('noble-hashes have no entry-point: consult README for usage');
		throw new Error('root module cannot be imported: import submodules instead. Check out README');
		export {};
		//# sourceMappingURL=index.js.map

esm/scrypt.js

		@@ -108,6 +108,8 @@ import { number as assertNumber } from './_assert.js';
		const blockSize32 = blockSize / 4;
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N >= 2 (blockSize / 8) \|\| N > 2 32) {
		// NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function
		// There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future.
		throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32');
		// Max N is 2^32 (Integrify is 32-bit). Real limit is 2^22: JS engines Uint8Array limit is 4GB in 2024.
		// Spec check `N >= 2 ** (blockSize / 8)` is not done for compat with popular libs,
		// which used incorrect r: 1, p: 8. Also, the check seems to be a spec error:
		// https://www.rfc-editor.org/errata_search.php?rfc=7914
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N > 2 ** 32) {
		throw new Error('Scrypt: N must be larger than 1, a power of 2, and less than 2^32');
		}
		@@ -114,0 +116,0 @@ if (p < 0 \|\| p > ((2 ** 32 - 1) * 32) / blockSize) {

esm/sha1.js

		import { HashMD, Chi, Maj } from './_md.js';
		import { rotl, wrapConstructor } from './utils.js';
		// SHA1 (RFC 3174) was cryptographically broken. It's still used. Don't use it for a new protocol.
		// SHA1 (RFC 3174). It was cryptographically broken: prefer newer algorithms.
		// Initial state
		@@ -11,3 +11,3 @@ const SHA1_IV = /* @__PURE__ */ new Uint32Array([
		const SHA1_W = /* @__PURE__ */ new Uint32Array(80);
		class SHA1 extends HashMD {
		export class SHA1 extends HashMD {
		constructor() {
		@@ -80,3 +80,8 @@ super(64, 20, 8, false);
		}
		/**
		* SHA1 (RFC 3174) hash function.
		* It was cryptographically broken: prefer newer algorithms.
		* @param message - data that would be hashed
		*/
		export const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1());
		//# sourceMappingURL=sha1.js.map

esm/sha256.js

		@@ -27,3 +27,3 @@ import { HashMD, Chi, Maj } from './_md.js';
		const SHA256_W = /* @__PURE__ */ new Uint32Array(64);
		class SHA256 extends HashMD {
		export class SHA256 extends HashMD {
		constructor() {
		@@ -123,3 +123,6 @@ super(64, 32, 8, false);
		export const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256());
		/**
		* SHA2-224 hash function
		*/
		export const sha224 = /* @__PURE__ */ wrapConstructor(() => new SHA224());
		//# sourceMappingURL=sha256.js.map

esm/sha3-addons.js

		@@ -49,3 +49,3 @@ import { number as assertNumber } from './_assert.js';
		export const cshake256 = /* @__PURE__ */ (() => gencShake(0x1f, 136, 256 / 8))();
		class KMAC extends Keccak {
		export class KMAC extends Keccak {
		constructor(blockLen, outputLen, enableXOF, key, opts = {}) {
		@@ -93,3 +93,3 @@ super(blockLen, 0x1f, outputLen, enableXOF);
		// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd'])
		class TupleHash extends Keccak {
		export class TupleHash extends Keccak {
		constructor(blockLen, outputLen, enableXOF, opts = {}) {
		@@ -133,3 +133,3 @@ super(blockLen, 0x1f, outputLen, enableXOF);
		export const tuplehash256xof = /* @__PURE__ */ (() => genTuple(136, 256 / 8, true))();
		class ParallelHash extends Keccak {
		export class ParallelHash extends Keccak {
		constructor(blockLen, outputLen, leafCons, enableXOF, opts = {}) {
		@@ -224,3 +224,3 @@ super(blockLen, 0x1f, outputLen, enableXOF);
		const EMPTY = new Uint8Array([]);
		class KangarooTwelve extends Keccak {
		export class KangarooTwelve extends Keccak {
		constructor(blockLen, leafLen, outputLen, rounds, opts) {
		@@ -303,3 +303,3 @@ super(blockLen, 0x07, outputLen, true, rounds);
		// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG
		class KeccakPRG extends Keccak {
		export class KeccakPRG extends Keccak {
		constructor(capacity) {
		@@ -306,0 +306,0 @@ assertNumber(capacity);

esm/sha512.js

		@@ -158,3 +158,3 @@ import { HashMD } from './_md.js';
		}
		class SHA512_224 extends SHA512 {
		export class SHA512_224 extends SHA512 {
		constructor() {
		@@ -182,3 +182,3 @@ super();
		}
		class SHA512_256 extends SHA512 {
		export class SHA512_256 extends SHA512 {
		constructor() {
		@@ -206,3 +206,3 @@ super();
		}
		class SHA384 extends SHA512 {
		export class SHA384 extends SHA512 {
		constructor() {
		@@ -209,0 +209,0 @@ super();

esm/utils.js

		@@ -185,4 +185,8 @@ /! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) /
		}
		// Legacy Node.js compatibility
		if (crypto && typeof crypto.randomBytes === 'function') {
		return crypto.randomBytes(bytesLength);
		}
		throw new Error('crypto.getRandomValues must be defined');
		}
		//# sourceMappingURL=utils.js.map

hkdf.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.hkdf = exports.expand = exports.extract = void 0;
		exports.hkdf = void 0;
		exports.extract = extract;
		exports.expand = expand;
		const _assert_js_1 = require("./_assert.js");
		@@ -26,3 +28,2 @@ const utils_js_1 = require("./utils.js");
		}
		exports.extract = extract;
		// HKDF-Expand(PRK, info, L) -> OKM
		@@ -68,3 +69,2 @@ const HKDF_COUNTER = /* @__PURE__ */ new Uint8Array([0]);
		}
		exports.expand = expand;
		/**
		@@ -71,0 +71,0 @@ * HKDF (RFC 5869): extract + expand in one step.

hmac.d.ts

		@@ -21,2 +21,6 @@ import { Hash, CHash, Input } from './utils.js';
		* @param message - message data
		* @example
		* import { hmac } from '@noble/hashes/hmac';
		* import { sha256 } from '@noble/hashes/sha2';
		* const mac1 = hmac(sha256, 'key', 'message');
		*/
		@@ -23,0 +27,0 @@ export declare const hmac: {

hmac.js

		@@ -78,2 +78,6 @@ "use strict";
		* @param message - message data
		* @example
		* import { hmac } from '@noble/hashes/hmac';
		* import { sha256 } from '@noble/hashes/sha2';
		* const mac1 = hmac(sha256, 'key', 'message');
		*/
		@@ -80,0 +84,0 @@ const hmac = (hash, key, message) => new HMAC(hash, key).update(message).digest();

index.js

		"use strict";
		throw new Error('noble-hashes have no entry-point: consult README for usage');
		throw new Error('root module cannot be imported: import submodules instead. Check out README');
		//# sourceMappingURL=index.js.map

package.json

		{
		"name": "@noble/hashes",
		"version": "1.4.0",
		"version": "1.5.0",
		"description": "Audited & minimal 0-dependency JS implementation of SHA, RIPEMD, BLAKE, HMAC, HKDF, PBKDF & Scrypt",
		@@ -13,8 +13,7 @@ "files": [
		"scripts": {
		"bench": "node benchmark/index.js noble",
		"bench:all": "node benchmark/index.js",
		"bench:install": "cd benchmark && npm install && cd ../../",
		"bench": "node benchmark/hashes.js noble; node benchmark/kdf.js noble",
		"bench:all": "node benchmark/hashes.js; node benchmark/kdf.js",
		"bench:install": "npm pack && mv *.tgz benchmark/noble-hashes.tgz && cd benchmark && npm install && cd ..",
		"build": "npm run build:clean; tsc && tsc -p tsconfig.esm.json",
		"build:release": "cd build && npm i && npm run build",
		"build:clean": "rm .{js,d.ts,js.map} esm/.{js,js.map} 2> /dev/null",
		"build:clean": "rm -f .{js,d.ts,js.map,d.ts.map} esm/.{js,js.map,d.ts.map}",
		"lint": "prettier --check 'src/*/.{js,ts}' 'test/*/.{js,ts}'",
		@@ -33,24 +32,18 @@ "format": "prettier --write 'src/*/.{js,ts}' 'test/*/.{js,ts}'",
		"license": "MIT",
		"sideEffects": false,
		"browser": {
		"node:crypto": false,
		"./crypto": "./crypto.js"
		},
		"devDependencies": {
		"@paulmillr/jsbt": "0.2.1",
		"micro-bmark": "0.3.1",
		"micro-should": "0.4.0",
		"prettier": "3.1.1",
		"typescript": "5.3.2"
		"prettier": "3.3.2",
		"typescript": "5.5.2"
		},
		"engines": {
		"node": ">= 16"
		"node": "^14.21.3 \|\| >=16"
		},
		"exports": {
		".": {
		"types": "./index.d.ts",
		"import": "./esm/index.js",
		"default": "./index.js"
		"require": "./index.js"
		},
		"./crypto": {
		"types": "./crypto.d.ts",
		"node": {
		@@ -64,97 +57,83 @@ "import": "./esm/cryptoNode.js",
		"./_assert": {
		"types": "./_assert.d.ts",
		"import": "./esm/_assert.js",
		"default": "./_assert.js"
		"require": "./_assert.js"
		},
		"./_md": {
		"types": "./_md.d.ts",
		"import": "./esm/_md.js",
		"default": "./_md.js"
		"require": "./_md.js"
		},
		"./argon2": {
		"types": "./argon2.d.ts",
		"import": "./esm/argon2.js",
		"default": "./argon2.js"
		"require": "./argon2.js"
		},
		"./blake2b": {
		"types": "./blake2b.d.ts",
		"import": "./esm/blake2b.js",
		"default": "./blake2b.js"
		"require": "./blake2b.js"
		},
		"./blake2s": {
		"types": "./blake2s.d.ts",
		"import": "./esm/blake2s.js",
		"default": "./blake2s.js"
		"require": "./blake2s.js"
		},
		"./blake3": {
		"types": "./blake3.d.ts",
		"import": "./esm/blake3.js",
		"default": "./blake3.js"
		"require": "./blake3.js"
		},
		"./eskdf": {
		"types": "./eskdf.d.ts",
		"import": "./esm/eskdf.js",
		"default": "./eskdf.js"
		"require": "./eskdf.js"
		},
		"./hkdf": {
		"types": "./hkdf.d.ts",
		"import": "./esm/hkdf.js",
		"default": "./hkdf.js"
		"require": "./hkdf.js"
		},
		"./hmac": {
		"types": "./hmac.d.ts",
		"import": "./esm/hmac.js",
		"default": "./hmac.js"
		"require": "./hmac.js"
		},
		"./pbkdf2": {
		"types": "./pbkdf2.d.ts",
		"import": "./esm/pbkdf2.js",
		"default": "./pbkdf2.js"
		"require": "./pbkdf2.js"
		},
		"./ripemd160": {
		"types": "./ripemd160.d.ts",
		"import": "./esm/ripemd160.js",
		"default": "./ripemd160.js"
		"require": "./ripemd160.js"
		},
		"./scrypt": {
		"types": "./scrypt.d.ts",
		"import": "./esm/scrypt.js",
		"default": "./scrypt.js"
		"require": "./scrypt.js"
		},
		"./sha1": {
		"types": "./sha1.d.ts",
		"import": "./esm/sha1.js",
		"default": "./sha1.js"
		"require": "./sha1.js"
		},
		"./sha2": {
		"types": "./sha2.d.ts",
		"import": "./esm/sha2.js",
		"default": "./sha2.js"
		"require": "./sha2.js"
		},
		"./sha3-addons": {
		"types": "./sha3-addons.d.ts",
		"import": "./esm/sha3-addons.js",
		"default": "./sha3-addons.js"
		"require": "./sha3-addons.js"
		},
		"./sha3": {
		"types": "./sha3.d.ts",
		"import": "./esm/sha3.js",
		"default": "./sha3.js"
		"require": "./sha3.js"
		},
		"./sha256": {
		"types": "./sha256.d.ts",
		"import": "./esm/sha256.js",
		"default": "./sha256.js"
		"require": "./sha256.js"
		},
		"./sha512": {
		"types": "./sha512.d.ts",
		"import": "./esm/sha512.js",
		"default": "./sha512.js"
		"require": "./sha512.js"
		},
		"./utils": {
		"types": "./utils.d.ts",
		"import": "./esm/utils.js",
		"default": "./utils.js"
		"require": "./utils.js"
		}
		},
		"sideEffects": false,
		"browser": {
		"node:crypto": false,
		"./crypto": "./crypto.js"
		},
		"keywords": [
		@@ -161,0 +140,0 @@ "sha",

pbkdf2.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.pbkdf2Async = exports.pbkdf2 = void 0;
		exports.pbkdf2 = pbkdf2;
		exports.pbkdf2Async = pbkdf2Async;
		const _assert_js_1 = require("./_assert.js");
		@@ -65,3 +66,2 @@ const hmac_js_1 = require("./hmac.js");
		}
		exports.pbkdf2 = pbkdf2;
		async function pbkdf2Async(hash, password, salt, opts) {
		@@ -91,3 +91,2 @@ const { c, dkLen, asyncTick, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts);
		}
		exports.pbkdf2Async = pbkdf2Async;
		//# sourceMappingURL=pbkdf2.js.map

114

README.md

		@@ -6,16 +6,13 @@ # noble-hashes
		- 🔒 [Audited](#security) by an independent security firm
		- 🔻 Tree-shaking-friendly: use only what's necessary, other code won't be included
		- 🏎 Ultra-fast, hand-optimized for caveats of JS engines
		- 🔍 Unique tests ensure correctness: chained tests, sliding window tests, DoS tests, fuzzing
		- 🔻 Tree-shakeable: unused code is excluded from your builds
		- 🏎 Fast: hand-optimized for caveats of JS engines
		- 🔍 Reliable: chained / sliding window / DoS tests and fuzzing ensure correctness
		- 🔁 No unrolled loops: makes it easier to verify and reduces source code size up to 5x
		- 🐢 Scrypt supports `N: 222`, while other implementations are limited to `220`
		- 🦘 SHA3 supports Keccak, cSHAKE, KangarooTwelve, MarsupilamiFourteen and TurboSHAKE
		- 🪶 45KB for everything, 5KB for single-hash build
		- 🪶 89KB (17KB gzipped) for everything, 10KB (2.5KB gzipped) for single-hash build

		Take a glance at [GitHub Discussions](https://github.com/paulmillr/noble-hashes/discussions) for questions and support.
		The library's initial development was funded by [Ethereum Foundation](https://ethereum.org/).

		For discussions, questions and support, visit
		[GitHub Discussions](https://github.com/paulmillr/noble-hashes/discussions)
		section of the repository.

		### This library belongs to _noble_ cryptography
		@@ -49,4 +46,4 @@
		// import * from '@noble/hashes'; // Error: use sub-imports, to ensure small app size
		import { sha256 } from '@noble/hashes/sha256'; // ECMAScript modules (ESM) and Common.js
		// import { sha256 } from 'npm:@noble/hashes@1.3.0/sha256'; // Deno
		import { sha256 } from '@noble/hashes/sha2'; // ECMAScript modules (ESM) and Common.js
		// import { sha256 } from 'npm:@noble/hashes@1.3.0/sha2'; // Deno
		console.log(sha256(new Uint8Array([1, 2, 3]))); // Uint8Array(32) [3, 144, 88, 198, 242...]
		@@ -58,3 +55,3 @@ // you could also pass strings that will be UTF8-encoded to Uint8Array
		- [Implementations](#implementations)
		- [sha2: sha256, sha384, sha512, sha512_256](#sha2-sha256-sha384-sha512-sha512_256)
		- [sha2: sha256, sha384, sha512 and others](#sha2-sha256-sha384-sha512-and-others)
		- [sha3: FIPS, SHAKE, Keccak](#sha3-fips-shake-keccak)
		@@ -115,7 +112,14 @@ - [sha3-addons: cSHAKE, KMAC, K12, M14, TurboSHAKE](#sha3-addons-cshake-kmac-k12-m14-turboshake)

		##### sha2: sha256, sha384, sha512, sha512_256
		##### sha2: sha256, sha384, sha512 and others

		```typescript
		import { sha256 } from '@noble/hashes/sha256';
		import { sha256, sha384, sha512, sha224, sha512_256, sha512_384 } from '@noble/hashes/sha2';
		// also available as aliases:
		// import ... from '@noble/hashes/sha256'
		// import ... from '@noble/hashes/sha512'

		// Variant A:
		const h1a = sha256('abc');

		// Variant B:
		const h1b = sha256
		@@ -125,31 +129,15 @@ .create()
		.digest();
		```

		```typescript
		import { sha512 } from '@noble/hashes/sha512';
		const h2a = sha512('abc');
		const h2b = sha512
		.create()
		.update(Uint8Array.from([1, 2, 3]))
		.digest();

		// SHA512/256 variant
		import { sha512_256 } from '@noble/hashes/sha512';
		const h3a = sha512_256('abc');
		const h3b = sha512_256
		.create()
		.update(Uint8Array.from([1, 2, 3]))
		.digest();

		// SHA384
		import { sha384 } from '@noble/hashes/sha512';
		const h4a = sha384('abc');
		const h4b = sha384
		.create()
		.update(Uint8Array.from([1, 2, 3]))
		.digest();
		for (let hash of [sha384, sha512, sha224, sha512_256, sha512_384]) {
		const res1 = hash('abc');
		const res2 = hash
		.create()
		.update('def')
		.update(Uint8Array.from([1, 2, 3]))
		.digest();
		}
		```

		See [RFC 4634](https://datatracker.ietf.org/doc/html/rfc4634) and
		[the paper on SHA512/256](https://eprint.iacr.org/2010/548.pdf).
		[the paper on truncated SHA512/256](https://eprint.iacr.org/2010/548.pdf).

		@@ -226,5 +214,5 @@ ##### sha3: FIPS, SHAKE, Keccak
		- [Reduced-round Keccak](https://datatracker.ietf.org/doc/draft-irtf-cfrg-kangarootwelve/):
		- 🦘 K12 aka KangarooTwelve
		- M14 aka MarsupilamiFourteen
		- TurboSHAKE
		- 🦘 K12 aka KangarooTwelve
		- M14 aka MarsupilamiFourteen
		- TurboSHAKE
		- [KeccakPRG](https://keccak.team/files/CSF-0.1.pdf): Pseudo-random generator based on Keccak
		@@ -252,2 +240,4 @@
		import { blake2s } from '@noble/hashes/blake2s';
		import { blake3 } from '@noble/hashes/blake3';

		const h10a = blake2s('abc');
		@@ -261,3 +251,2 @@ const b2params = { key: new Uint8Array([1]), personalization: t, salt: t, dkLen: 32 };

		import { blake3 } from '@noble/hashes/blake3';
		// All params are optional
		@@ -286,3 +275,3 @@ const h11 = blake3('abc', { dkLen: 256, key: 'def', context: 'fji' });
		import { hmac } from '@noble/hashes/hmac';
		import { sha256 } from '@noble/hashes/sha256';
		import { sha256 } from '@noble/hashes/sha2';
		const mac1 = hmac(sha256, 'key', 'message');
		@@ -301,3 +290,3 @@ const mac2 = hmac
		import { hkdf } from '@noble/hashes/hkdf';
		import { sha256 } from '@noble/hashes/sha256';
		import { sha256 } from '@noble/hashes/sha2';
		import { randomBytes } from '@noble/hashes/utils';
		@@ -312,3 +301,3 @@ const inputKey = randomBytes(32);
		import * as hkdf from '@noble/hashes/hkdf';
		import { sha256 } from '@noble/hashes/sha256';
		import { sha256 } from '@noble/hashes/sha2';
		const prk = hkdf.extract(sha256, inputKey, salt);
		@@ -324,3 +313,3 @@ const hk2 = hkdf.expand(sha256, prk, info, dkLen);
		import { pbkdf2, pbkdf2Async } from '@noble/hashes/pbkdf2';
		import { sha256 } from '@noble/hashes/sha256';
		import { sha256 } from '@noble/hashes/sha2';
		const pbkey1 = pbkdf2(sha256, 'password', 'salt', { c: 32, dkLen: 32 });
		@@ -375,4 +364,7 @@ const pbkey2 = await pbkdf2Async(sha256, 'password', 'salt', { c: 32, dkLen: 32 });

		Experimental Argon2 RFC 9106 implementation. It may be removed at any time.
		> [!WARNING]
		> Experimental: it may be removed at any time.

		Argon2 [RFC 9106](https://datatracker.ietf.org/doc/html/rfc9106) implementation.

		```ts
		@@ -396,4 +388,3 @@ import { argon2d, argon2i, argon2id } from '@noble/hashes/argon2';
		```js
		// sha384 is here, because it uses same internals as sha512
		import { sha512, sha512_256, sha384 } from '@noble/hashes/sha512';
		import { sha256, sha384, sha512, sha224, sha512_256, sha512_384 } from '@noble/hashes/sha2';
		// prettier-ignore
		@@ -408,6 +399,6 @@ import {
		cshake128, cshake256,
		k12, m14,
		turboshake128, turboshake256,
		kmac128, kmac256,
		tuplehash256, parallelhash256, keccakprg
		tuplehash256, parallelhash256,
		k12, m14, keccakprg
		} from '@noble/hashes/sha3-addons';
		@@ -477,12 +468,12 @@ import { ripemd160 } from '@noble/hashes/ripemd160';

		* Commits are signed with PGP keys, to prevent forgery. Make sure to verify commit signatures.
		* Releases are transparent and built on GitHub CI. Make sure to verify [provenance](https://docs.npmjs.com/generating-provenance-statements) logs
		* Rare releasing is followed to ensure less re-audit need for end-users
		* Dependencies are minimized and locked-down:
		- If your app has 500 dependencies, any dep could get hacked and you'll be downloading
		malware with every install. We make sure to use as few dependencies as possible
		- We prevent automatic dependency updates by locking-down version ranges. Every update is checked with `npm-diff`
		* Dev Dependencies are only used if you want to contribute to the repo. They are disabled for end-users:
		- scure-base, scure-bip32, scure-bip39, micro-bmark and micro-should are developed by the same author and follow identical security practices
		- prettier (linter), fast-check (property-based testing) and typescript are used for code quality, vector generation and ts compilation. The packages are big, which makes it hard to audit their source code thoroughly and fully
		- Commits are signed with PGP keys, to prevent forgery. Make sure to verify commit signatures.
		- Releases are transparent and built on GitHub CI. Make sure to verify [provenance](https://docs.npmjs.com/generating-provenance-statements) logs
		- Rare releasing is followed to ensure less re-audit need for end-users
		- Dependencies are minimized and locked-down:
		- If your app has 500 dependencies, any dep could get hacked and you'll be downloading
		malware with every install. We make sure to use as few dependencies as possible
		- We prevent automatic dependency updates by locking-down version ranges. Every update is checked with `npm-diff`
		- Dev Dependencies are only used if you want to contribute to the repo. They are disabled for end-users:
		- scure-base, scure-bip32, scure-bip39, micro-bmark and micro-should are developed by the same author and follow identical security practices
		- prettier (linter), fast-check (property-based testing) and typescript are used for code quality, vector generation and ts compilation. The packages are big, which makes it hard to audit their source code thoroughly and fully

		@@ -561,2 +552,3 @@ ### Randomness
		scrypt with 1024 different `N, r, p` combinations, etc. Takes several hours. Using 8-32+ core CPU helps.
		7. `npm run format` will fix lint issues

		@@ -563,0 +555,0 @@ ## Resources

scrypt.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.scryptAsync = exports.scrypt = void 0;
		exports.scrypt = scrypt;
		exports.scryptAsync = scryptAsync;
		const _assert_js_1 = require("./_assert.js");
		@@ -111,6 +112,8 @@ const sha256_js_1 = require("./sha256.js");
		const blockSize32 = blockSize / 4;
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N >= 2 (blockSize / 8) \|\| N > 2 32) {
		// NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function
		// There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future.
		throw new Error('Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32');
		// Max N is 2^32 (Integrify is 32-bit). Real limit is 2^22: JS engines Uint8Array limit is 4GB in 2024.
		// Spec check `N >= 2 ** (blockSize / 8)` is not done for compat with popular libs,
		// which used incorrect r: 1, p: 8. Also, the check seems to be a spec error:
		// https://www.rfc-editor.org/errata_search.php?rfc=7914
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N > 2 ** 32) {
		throw new Error('Scrypt: N must be larger than 1, a power of 2, and less than 2^32');
		}
		@@ -197,3 +200,2 @@ if (p < 0 \|\| p > ((2 ** 32 - 1) * 32) / blockSize) {
		}
		exports.scrypt = scrypt;
		/**
		@@ -230,3 +232,2 @@ * Scrypt KDF from RFC 7914.
		}
		exports.scryptAsync = scryptAsync;
		//# sourceMappingURL=scrypt.js.map

sha1.d.ts

		import { HashMD } from './_md.js';
		declare class SHA1 extends HashMD<SHA1> {
		export declare class SHA1 extends HashMD<SHA1> {
		private A;
		@@ -15,2 +15,7 @@ private B;
		}
		/**
		* SHA1 (RFC 3174) hash function.
		* It was cryptographically broken: prefer newer algorithms.
		* @param message - data that would be hashed
		*/
		export declare const sha1: {
		@@ -22,3 +27,2 @@ (msg: import("./utils.js").Input): Uint8Array;
		};
		export {};
		//# sourceMappingURL=sha1.d.ts.map

sha1.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.sha1 = void 0;
		exports.sha1 = exports.SHA1 = void 0;
		const _md_js_1 = require("./_md.js");
		const utils_js_1 = require("./utils.js");
		// SHA1 (RFC 3174) was cryptographically broken. It's still used. Don't use it for a new protocol.
		// SHA1 (RFC 3174). It was cryptographically broken: prefer newer algorithms.
		// Initial state
		@@ -82,3 +82,9 @@ const SHA1_IV = /* @__PURE__ */ new Uint32Array([
		}
		exports.SHA1 = SHA1;
		/**
		* SHA1 (RFC 3174) hash function.
		* It was cryptographically broken: prefer newer algorithms.
		* @param message - data that would be hashed
		*/
		exports.sha1 = (0, utils_js_1.wrapConstructor)(() => new SHA1());
		//# sourceMappingURL=sha1.js.map

sha256.d.ts

		import { HashMD } from './_md.js';
		declare class SHA256 extends HashMD<SHA256> {
		export declare class SHA256 extends HashMD<SHA256> {
		A: number;
		@@ -28,2 +28,5 @@ B: number;
		};
		/**
		* SHA2-224 hash function
		*/
		export declare const sha224: {
		@@ -35,3 +38,2 @@ (msg: import("./utils.js").Input): Uint8Array;
		};
		export {};
		//# sourceMappingURL=sha256.d.ts.map

sha256.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.sha224 = exports.sha256 = void 0;
		exports.sha224 = exports.sha256 = exports.SHA256 = void 0;
		const _md_js_1 = require("./_md.js");
		@@ -105,2 +105,3 @@ const utils_js_1 = require("./utils.js");
		}
		exports.SHA256 = SHA256;
		// Constants from https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
		@@ -126,3 +127,6 @@ class SHA224 extends SHA256 {
		exports.sha256 = (0, utils_js_1.wrapConstructor)(() => new SHA256());
		/**
		* SHA2-224 hash function
		*/
		exports.sha224 = (0, utils_js_1.wrapConstructor)(() => new SHA224());
		//# sourceMappingURL=sha256.js.map

sha3-addons.d.ts

		@@ -19,3 +19,3 @@ import { Input, Hash, HashXOF } from './utils.js';
		};
		declare class KMAC extends Keccak implements HashXOF<KMAC> {
		export declare class KMAC extends Keccak implements HashXOF<KMAC> {
		constructor(blockLen: number, outputLen: number, enableXOF: boolean, key: Input, opts?: cShakeOpts);
		@@ -42,3 +42,3 @@ protected finish(): void;
		};
		declare class TupleHash extends Keccak implements HashXOF<TupleHash> {
		export declare class TupleHash extends Keccak implements HashXOF<TupleHash> {
		constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts?: cShakeOpts);
		@@ -68,3 +68,3 @@ protected finish(): void;
		};
		declare class ParallelHash extends Keccak implements HashXOF<ParallelHash> {
		export declare class ParallelHash extends Keccak implements HashXOF<ParallelHash> {
		protected leafCons: () => Hash<Keccak>;
		@@ -116,3 +116,3 @@ private leafHash?;
		};
		declare class KangarooTwelve extends Keccak implements HashXOF<KangarooTwelve> {
		export declare class KangarooTwelve extends Keccak implements HashXOF<KangarooTwelve> {
		protected leafLen: number;
		@@ -143,3 +143,3 @@ readonly chunkLen = 8192;
		};
		declare class KeccakPRG extends Keccak {
		export declare class KeccakPRG extends Keccak {
		protected rate: number;
		@@ -146,0 +146,0 @@ constructor(capacity: number);

sha3-addons.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.keccakprg = exports.m14 = exports.k12 = exports.turboshake256 = exports.turboshake128 = exports.parallelhash256xof = exports.parallelhash128xof = exports.parallelhash256 = exports.parallelhash128 = exports.tuplehash256xof = exports.tuplehash128xof = exports.tuplehash256 = exports.tuplehash128 = exports.kmac256xof = exports.kmac128xof = exports.kmac256 = exports.kmac128 = exports.cshake256 = exports.cshake128 = void 0;
		exports.keccakprg = exports.KeccakPRG = exports.m14 = exports.k12 = exports.KangarooTwelve = exports.turboshake256 = exports.turboshake128 = exports.parallelhash256xof = exports.parallelhash128xof = exports.parallelhash256 = exports.parallelhash128 = exports.ParallelHash = exports.tuplehash256xof = exports.tuplehash128xof = exports.tuplehash256 = exports.tuplehash128 = exports.TupleHash = exports.kmac256xof = exports.kmac128xof = exports.kmac256 = exports.kmac128 = exports.KMAC = exports.cshake256 = exports.cshake128 = void 0;
		const _assert_js_1 = require("./_assert.js");
		@@ -84,2 +84,3 @@ const utils_js_1 = require("./utils.js");
		}
		exports.KMAC = KMAC;
		function genKmac(blockLen, outputLen, xof = false) {
		@@ -121,2 +122,3 @@ const kmac = (key, message, opts) => kmac.create(key, opts).update(message).digest();
		}
		exports.TupleHash = TupleHash;
		function genTuple(blockLen, outputLen, xof = false) {
		@@ -198,2 +200,3 @@ const tuple = (messages, opts) => {
		}
		exports.ParallelHash = ParallelHash;
		function genPrl(blockLen, outputLen, leaf, xof = false) {
		@@ -299,2 +302,3 @@ const parallel = (message, opts) => parallel.create(opts).update(message).digest();
		}
		exports.KangarooTwelve = KangarooTwelve;
		// Default to 32 bytes, so it can be used without opts
		@@ -362,4 +366,5 @@ exports.k12 = (() => (0, utils_js_1.wrapConstructorWithOpts)((opts = {}) => new KangarooTwelve(168, 32, chooseLen(opts, 32), 12, opts)))();
		}
		exports.KeccakPRG = KeccakPRG;
		const keccakprg = (capacity = 254) => new KeccakPRG(capacity);
		exports.keccakprg = keccakprg;
		//# sourceMappingURL=sha3-addons.js.map

sha3.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.shake256 = exports.shake128 = exports.keccak_512 = exports.keccak_384 = exports.keccak_256 = exports.keccak_224 = exports.sha3_512 = exports.sha3_384 = exports.sha3_256 = exports.sha3_224 = exports.Keccak = exports.keccakP = void 0;
		exports.shake256 = exports.shake128 = exports.keccak_512 = exports.keccak_384 = exports.keccak_256 = exports.keccak_224 = exports.sha3_512 = exports.sha3_384 = exports.sha3_256 = exports.sha3_224 = exports.Keccak = void 0;
		exports.keccakP = keccakP;
		const _assert_js_1 = require("./_assert.js");
		@@ -84,3 +85,2 @@ const _u64_js_1 = require("./_u64.js");
		}
		exports.keccakP = keccakP;
		class Keccak extends utils_js_1.Hash {
		@@ -87,0 +87,0 @@ // NOTE: we accept arguments in bytes instead of bits here.

sha512.d.ts

		@@ -43,2 +43,59 @@ import { HashMD } from './_md.js';
		}
		export declare class SHA512_224 extends SHA512 {
		Ah: number;
		Al: number;
		Bh: number;
		Bl: number;
		Ch: number;
		Cl: number;
		Dh: number;
		Dl: number;
		Eh: number;
		El: number;
		Fh: number;
		Fl: number;
		Gh: number;
		Gl: number;
		Hh: number;
		Hl: number;
		constructor();
		}
		export declare class SHA512_256 extends SHA512 {
		Ah: number;
		Al: number;
		Bh: number;
		Bl: number;
		Ch: number;
		Cl: number;
		Dh: number;
		Dl: number;
		Eh: number;
		El: number;
		Fh: number;
		Fl: number;
		Gh: number;
		Gl: number;
		Hh: number;
		Hl: number;
		constructor();
		}
		export declare class SHA384 extends SHA512 {
		Ah: number;
		Al: number;
		Bh: number;
		Bl: number;
		Ch: number;
		Cl: number;
		Dh: number;
		Dl: number;
		Eh: number;
		El: number;
		Fh: number;
		Fl: number;
		Gh: number;
		Gl: number;
		Hh: number;
		Hl: number;
		constructor();
		}
		export declare const sha512: {
		@@ -45,0 +102,0 @@ (msg: import("./utils.js").Input): Uint8Array;

sha512.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.sha384 = exports.sha512_256 = exports.sha512_224 = exports.sha512 = exports.SHA512 = void 0;
		exports.sha384 = exports.sha512_256 = exports.sha512_224 = exports.sha512 = exports.SHA384 = exports.SHA512_256 = exports.SHA512_224 = exports.SHA512 = void 0;
		const _md_js_1 = require("./_md.js");
		@@ -185,2 +185,3 @@ const _u64_js_1 = require("./_u64.js");
		}
		exports.SHA512_224 = SHA512_224;
		class SHA512_256 extends SHA512 {
		@@ -209,2 +210,3 @@ constructor() {
		}
		exports.SHA512_256 = SHA512_256;
		class SHA384 extends SHA512 {
		@@ -233,2 +235,3 @@ constructor() {
		}
		exports.SHA384 = SHA384;
		exports.sha512 = (0, utils_js_1.wrapConstructor)(() => new SHA512());
		@@ -235,0 +238,0 @@ exports.sha512_224 = (0, utils_js_1.wrapConstructor)(() => new SHA512_224());

src/_md.ts

		import { exists, output } from './_assert.js';
		import { Hash, createView, Input, toBytes } from './utils.js';

		// Polyfill for Safari 14
		/**
		* Polyfill for Safari 14
		*/
		function setBigUint64(view: DataView, byteOffset: number, value: bigint, isLE: boolean): void {
		@@ -17,5 +19,10 @@ if (typeof view.setBigUint64 === 'function') return view.setBigUint64(byteOffset, value, isLE);

		// Choice: a ? b : c
		/**
		* Choice: a ? b : c
		*/
		export const Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c);
		// Majority function, true if any two inpust is true

		/**
		* Majority function, true if any two inputs is true
		*/
		export const Maj = (a: number, b: number, c: number) => (a & b) ^ (a & c) ^ (b & c);
		@@ -22,0 +29,0 @@

src/blake2b.ts

		@@ -65,3 +65,3 @@ import { BLAKE, BlakeOpts, SIGMA } from './_blake.js';

		class BLAKE2b extends BLAKE<BLAKE2b> {
		export class BLAKE2b extends BLAKE<BLAKE2b> {
		// Same as SHA-512, but LE
		@@ -115,3 +115,3 @@ private v0l = B2B_IV[0] \| 0;
		] {
		let {v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h} = this;
		let { v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h } = this;
		return [v0l, v0h, v1l, v1h, v2l, v2h, v3l, v3h, v4l, v4h, v5l, v5h, v6l, v6h, v7l, v7h];
		@@ -118,0 +118,0 @@ }

src/blake2s.ts

		@@ -31,3 +31,3 @@ import { BLAKE, BlakeOpts, SIGMA } from './_blake.js';
		export function compress(s: Uint8Array, offset: number, msg: Uint32Array, rounds: number,
		v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number,
		v0: number, v1: number, v2: number, v3: number, v4: number, v5: number, v6: number, v7: number,
		v8: number, v9: number, v10: number, v11: number, v12: number, v13: number, v14: number, v15: number,
		@@ -58,3 +58,3 @@ ) {

		class BLAKE2s extends BLAKE<BLAKE2s> {
		export class BLAKE2s extends BLAKE<BLAKE2s> {
		// Internal state, same as SHA-256
		@@ -61,0 +61,0 @@ private v0 = B2S_IV[0] \| 0;

src/blake3.ts

		@@ -52,3 +52,3 @@ import { bytes, exists, number, output } from './_assert.js';
		// which won't really benefit small inputs.
		class BLAKE3 extends BLAKE<BLAKE3> implements HashXOF<BLAKE3> {
		export class BLAKE3 extends BLAKE<BLAKE3> implements HashXOF<BLAKE3> {
		private IV: Uint32Array;
		@@ -55,0 +55,0 @@ private flags = 0 \| 0;

src/cryptoNode.ts

		@@ -1,7 +0,11 @@
		// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
		// We prefer WebCrypto aka globalThis.crypto, which exists in node.js 16+.
		// Falls back to Node.js built-in crypto for Node.js <=v14
		// See utils.ts for details.
		// The file will throw on node.js 14 and earlier.
		// @ts-ignore
		import * as nc from 'node:crypto';
		export const crypto =
		nc && typeof nc === 'object' && 'webcrypto' in nc ? (nc.webcrypto as any) : undefined;
		nc && typeof nc === 'object' && 'webcrypto' in nc
		? (nc.webcrypto as any)
		: nc && typeof nc === 'object' && 'randomBytes' in nc
		? nc
		: undefined;

src/eskdf.ts

		@@ -127,24 +127,22 @@ import { bytes as assertBytes } from './_assert.js';
		// We are not using classes because constructor cannot be async
		type ESKDF = Promise<
		Readonly<{
		/**
		* Derives a child key. Child key will not be associated with any
		* other child key because of properties of underlying KDF.
		*
		* @param protocol - 3-15 character protocol name
		* @param accountId - numeric identifier of account
		* @param options - `keyLength: 64` or `modulus: 41920438n`
		* @example deriveChildKey('aes', 0)
		*/
		deriveChildKey: (protocol: string, accountId: AccountID, options?: KeyOpts) => Uint8Array;
		/**
		* Deletes the main seed from eskdf instance
		*/
		expire: () => void;
		/**
		* Account fingerprint
		*/
		fingerprint: string;
		}>
		>;
		export interface ESKDF {
		/**
		* Derives a child key. Child key will not be associated with any
		* other child key because of properties of underlying KDF.
		*
		* @param protocol - 3-15 character protocol name
		* @param accountId - numeric identifier of account
		* @param options - `keyLength: 64` or `modulus: 41920438n`
		* @example deriveChildKey('aes', 0)
		*/
		deriveChildKey: (protocol: string, accountId: AccountID, options?: KeyOpts) => Uint8Array;
		/**
		* Deletes the main seed from eskdf instance
		*/
		expire: () => void;
		/**
		* Account fingerprint
		*/
		fingerprint: string;
		}

		@@ -161,3 +159,3 @@ /**
		*/
		export async function eskdf(username: string, password: string): ESKDF {
		export async function eskdf(username: string, password: string): Promise<ESKDF> {
		// We are using closure + object instead of class because
		@@ -164,0 +162,0 @@ // we want to make `seed` non-accessible for any external function.

src/hmac.ts

		@@ -78,2 +78,6 @@ import { hash as assertHash, bytes as assertBytes, exists as assertExists } from './_assert.js';
		* @param message - message data
		* @example
		* import { hmac } from '@noble/hashes/hmac';
		* import { sha256 } from '@noble/hashes/sha2';
		* const mac1 = hmac(sha256, 'key', 'message');
		*/
		@@ -80,0 +84,0 @@ export const hmac = (hash: CHash, key: Input, message: Input): Uint8Array =>

src/index.ts

		@@ -1,1 +0,1 @@
		throw new Error('noble-hashes have no entry-point: consult README for usage');
		throw new Error('root module cannot be imported: import submodules instead. Check out README');

src/scrypt.ts

		@@ -109,8 +109,9 @@ import { number as assertNumber } from './_assert.js';
		const blockSize32 = blockSize / 4;
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N >= 2 (blockSize / 8) \|\| N > 2 32) {
		// NOTE: we limit N to be less than 2**32 because of 32 bit variant of Integrify function
		// There is no JS engines that allows alocate more than 4GB per single Uint8Array for now, but can change in future.
		throw new Error(
		'Scrypt: N must be larger than 1, a power of 2, less than 2^(128 * r / 8) and less than 2^32'
		);

		// Max N is 2^32 (Integrify is 32-bit). Real limit is 2^22: JS engines Uint8Array limit is 4GB in 2024.
		// Spec check `N >= 2 ** (blockSize / 8)` is not done for compat with popular libs,
		// which used incorrect r: 1, p: 8. Also, the check seems to be a spec error:
		// https://www.rfc-editor.org/errata_search.php?rfc=7914
		if (N <= 1 \|\| (N & (N - 1)) !== 0 \|\| N > 2 ** 32) {
		throw new Error('Scrypt: N must be larger than 1, a power of 2, and less than 2^32');
		}
		@@ -117,0 +118,0 @@ if (p < 0 \|\| p > ((2 ** 32 - 1) * 32) / blockSize) {

src/sha1.ts

		import { HashMD, Chi, Maj } from './_md.js';
		import { rotl, wrapConstructor } from './utils.js';

		// SHA1 (RFC 3174) was cryptographically broken. It's still used. Don't use it for a new protocol.
		// SHA1 (RFC 3174). It was cryptographically broken: prefer newer algorithms.

		@@ -14,3 +14,3 @@ // Initial state
		const SHA1_W = /* @__PURE__ */ new Uint32Array(80);
		class SHA1 extends HashMD<SHA1> {
		export class SHA1 extends HashMD<SHA1> {
		private A = SHA1_IV[0] \| 0;
		@@ -81,2 +81,7 @@ private B = SHA1_IV[1] \| 0;

		/**
		* SHA1 (RFC 3174) hash function.
		* It was cryptographically broken: prefer newer algorithms.
		* @param message - data that would be hashed
		*/
		export const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1());

src/sha256.ts

		@@ -31,3 +31,3 @@ import { HashMD, Chi, Maj } from './_md.js';
		const SHA256_W = /* @__PURE__ */ new Uint32Array(64);
		class SHA256 extends HashMD<SHA256> {
		export class SHA256 extends HashMD<SHA256> {
		// We cannot use array here since array allows indexing by variable
		@@ -130,2 +130,5 @@ // which means optimizer/compiler cannot use registers.
		export const sha256 = /* @__PURE__ */ wrapConstructor(() => new SHA256());
		/**
		* SHA2-224 hash function
		*/
		export const sha224 = /* @__PURE__ */ wrapConstructor(() => new SHA224());

src/sha3-addons.ts

		@@ -64,3 +64,3 @@ import { number as assertNumber } from './_assert.js';

		class KMAC extends Keccak implements HashXOF<KMAC> {
		export class KMAC extends Keccak implements HashXOF<KMAC> {
		constructor(
		@@ -118,3 +118,3 @@ blockLen: number,
		// Usage: tuple(['ab', 'cd']) != tuple(['a', 'bcd'])
		class TupleHash extends Keccak implements HashXOF<TupleHash> {
		export class TupleHash extends Keccak implements HashXOF<TupleHash> {
		constructor(blockLen: number, outputLen: number, enableXOF: boolean, opts: cShakeOpts = {}) {
		@@ -163,3 +163,3 @@ super(blockLen, 0x1f, outputLen, enableXOF);

		class ParallelHash extends Keccak implements HashXOF<ParallelHash> {
		export class ParallelHash extends Keccak implements HashXOF<ParallelHash> {
		private leafHash?: Hash<Keccak>;
		@@ -284,3 +284,3 @@ private chunkPos = 0; // Position of current block in chunk

		class KangarooTwelve extends Keccak implements HashXOF<KangarooTwelve> {
		export class KangarooTwelve extends Keccak implements HashXOF<KangarooTwelve> {
		readonly chunkLen = 8192;
		@@ -371,3 +371,3 @@ private leafHash?: Keccak;
		// + https://github.com/XKCP/XKCP/tree/master/lib/high/Keccak/PRG
		class KeccakPRG extends Keccak {
		export class KeccakPRG extends Keccak {
		protected rate: number;
		@@ -374,0 +374,0 @@ constructor(capacity: number) {

src/sha512.ts

		@@ -168,3 +168,3 @@ import { HashMD } from './_md.js';

		class SHA512_224 extends SHA512 {
		export class SHA512_224 extends SHA512 {
		// h -- high 32 bits, l -- low 32 bits
		@@ -194,3 +194,3 @@ Ah = 0x8c3d37c8 \| 0;

		class SHA512_256 extends SHA512 {
		export class SHA512_256 extends SHA512 {
		// h -- high 32 bits, l -- low 32 bits
		@@ -220,3 +220,3 @@ Ah = 0x22312194 \| 0;

		class SHA384 extends SHA512 {
		export class SHA384 extends SHA512 {
		// h -- high 32 bits, l -- low 32 bits
		@@ -223,0 +223,0 @@ Ah = 0xcbbb9d5d \| 0;

src/utils.ts

		@@ -255,3 +255,7 @@ /! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) /
		}
		// Legacy Node.js compatibility
		if (crypto && typeof crypto.randomBytes === 'function') {
		return crypto.randomBytes(bytesLength);
		}
		throw new Error('crypto.getRandomValues must be defined');
		}

utils.js

		"use strict";
		/! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) /
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.randomBytes = exports.wrapXOFConstructorWithOpts = exports.wrapConstructorWithOpts = exports.wrapConstructor = exports.checkOpts = exports.Hash = exports.concatBytes = exports.toBytes = exports.utf8ToBytes = exports.asyncLoop = exports.nextTick = exports.hexToBytes = exports.bytesToHex = exports.byteSwap32 = exports.byteSwapIfBE = exports.byteSwap = exports.isLE = exports.rotl = exports.rotr = exports.createView = exports.u32 = exports.u8 = exports.isBytes = void 0;
		exports.Hash = exports.nextTick = exports.byteSwapIfBE = exports.byteSwap = exports.isLE = exports.rotl = exports.rotr = exports.createView = exports.u32 = exports.u8 = void 0;
		exports.isBytes = isBytes;
		exports.byteSwap32 = byteSwap32;
		exports.bytesToHex = bytesToHex;
		exports.hexToBytes = hexToBytes;
		exports.asyncLoop = asyncLoop;
		exports.utf8ToBytes = utf8ToBytes;
		exports.toBytes = toBytes;
		exports.concatBytes = concatBytes;
		exports.checkOpts = checkOpts;
		exports.wrapConstructor = wrapConstructor;
		exports.wrapConstructorWithOpts = wrapConstructorWithOpts;
		exports.wrapXOFConstructorWithOpts = wrapXOFConstructorWithOpts;
		exports.randomBytes = randomBytes;
		// We use WebCrypto aka globalThis.crypto, which exists in browsers and node.js 16+.
		@@ -19,3 +32,2 @@ // node.js versions earlier than v19 don't declare it in global scope.
		}
		exports.isBytes = isBytes;
		// Cast array to different type
		@@ -50,3 +62,2 @@ const u8 = (arr) => new Uint8Array(arr.buffer, arr.byteOffset, arr.byteLength);
		}
		exports.byteSwap32 = byteSwap32;
		// Array where index 0xf0 (240) is mapped to string 'f0'
		@@ -66,3 +77,2 @@ const hexes = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, '0'));
		}
		exports.bytesToHex = bytesToHex;
		// We use optimized technique to convert hex string to byte array
		@@ -101,3 +111,2 @@ const asciis = { _0: 48, _9: 57, _A: 65, _F: 70, _a: 97, _f: 102 };
		}
		exports.hexToBytes = hexToBytes;
		// There is no setImmediate in browser and setTimeout is slow.
		@@ -121,3 +130,2 @@ // call of async fn will return Promise, which will be fullfiled only on
		}
		exports.asyncLoop = asyncLoop;
		/**
		@@ -131,3 +139,2 @@ * @example utf8ToBytes('abc') // new Uint8Array([97, 98, 99])
		}
		exports.utf8ToBytes = utf8ToBytes;
		/**
		@@ -144,3 +151,2 @@ * Normalizes (non-hex) string or Uint8Array to Uint8Array.
		}
		exports.toBytes = toBytes;
		/**
		@@ -164,3 +170,2 @@ * Copies several Uint8Arrays into one.
		}
		exports.concatBytes = concatBytes;
		// For runtime check if class implements interface
		@@ -181,3 +186,2 @@ class Hash {
		}
		exports.checkOpts = checkOpts;
		function wrapConstructor(hashCons) {
		@@ -191,3 +195,2 @@ const hashC = (msg) => hashCons().update(toBytes(msg)).digest();
		}
		exports.wrapConstructor = wrapConstructor;
		function wrapConstructorWithOpts(hashCons) {
		@@ -201,3 +204,2 @@ const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest();
		}
		exports.wrapConstructorWithOpts = wrapConstructorWithOpts;
		function wrapXOFConstructorWithOpts(hashCons) {
		@@ -211,3 +213,2 @@ const hashC = (msg, opts) => hashCons(opts).update(toBytes(msg)).digest();
		}
		exports.wrapXOFConstructorWithOpts = wrapXOFConstructorWithOpts;
		/**
		@@ -220,5 +221,8 @@ * Secure PRNG. Uses `crypto.getRandomValues`, which defers to OS.
		}
		// Legacy Node.js compatibility
		if (crypto_1.crypto && typeof crypto_1.crypto.randomBytes === 'function') {
		return crypto_1.crypto.randomBytes(bytesLength);
		}
		throw new Error('crypto.getRandomValues must be defined');
		}
		exports.randomBytes = randomBytes;
		//# sourceMappingURL=utils.js.map

_assert.js.map