[{"data":1,"prerenderedAt":980},["ShallowReactive",2],{"navigation":3,"-jwt-jwe":167,"-jwt-jwe-surround":977},[4,22,78,106,141,148],{"title":5,"path":6,"stem":7,"children":8},"Introduction","\u002Fgetting-started","0.Getting-Started\u002F0.index",[9,10,14,18],{"title":5,"path":6,"stem":7},{"title":11,"path":12,"stem":13},"Installation","\u002Fgetting-started\u002Finstallation","0.Getting-Started\u002F1.installation",{"title":15,"path":16,"stem":17},"Quickstart","\u002Fgetting-started\u002Fquickstart","0.Getting-Started\u002F2.quickstart",{"title":19,"path":20,"stem":21},"Core concepts","\u002Fgetting-started\u002Fcore-concepts","0.Getting-Started\u002F3.core-concepts",{"title":23,"path":24,"stem":25,"children":26,"icon":28},"JWT","\u002Fjwt","1.JWT\u002F0.index",[27,29,52],{"title":23,"path":24,"stem":25,"icon":28},"i-carbon-certificate",{"title":30,"path":31,"stem":32,"children":33,"icon":35},"JWS","\u002Fjwt\u002Fjws","1.JWT\u002F1.JWS\u002F0.index",[34,36,40,44,48],{"title":30,"path":31,"stem":32,"icon":35},"i-carbon-document-signed",{"title":37,"path":38,"stem":39},"Signing","\u002Fjwt\u002Fjws\u002Fsigning","1.JWT\u002F1.JWS\u002F1.signing",{"title":41,"path":42,"stem":43},"Verifying","\u002Fjwt\u002Fjws\u002Fverifying","1.JWT\u002F1.JWS\u002F2.verifying",{"title":45,"path":46,"stem":47},"Multi-signature","\u002Fjwt\u002Fjws\u002Fmulti-signature","1.JWT\u002F1.JWS\u002F3.multi-signature",{"title":49,"path":50,"stem":51},"Algorithms","\u002Fjwt\u002Fjws\u002Falgorithms","1.JWT\u002F1.JWS\u002F4.algorithms",{"title":53,"path":54,"stem":55,"children":56,"icon":58},"JWE","\u002Fjwt\u002Fjwe","1.JWT\u002F2.JWE\u002F0.index",[57,59,63,67,71,75],{"title":53,"path":54,"stem":55,"icon":58},"i-carbon-locked",{"title":60,"path":61,"stem":62},"Encrypting","\u002Fjwt\u002Fjwe\u002Fencrypting","1.JWT\u002F2.JWE\u002F1.encrypting",{"title":64,"path":65,"stem":66},"Decrypting","\u002Fjwt\u002Fjwe\u002Fdecrypting","1.JWT\u002F2.JWE\u002F2.decrypting",{"title":68,"path":69,"stem":70},"Multi-recipient","\u002Fjwt\u002Fjwe\u002Fmulti-recipient","1.JWT\u002F2.JWE\u002F3.multi-recipient",{"title":72,"path":73,"stem":74},"ECDH-ES and end-to-end encryption","\u002Fjwt\u002Fjwe\u002Fecdh-es","1.JWT\u002F2.JWE\u002F4.ecdh-es",{"title":49,"path":76,"stem":77},"\u002Fjwt\u002Fjwe\u002Falgorithms","1.JWT\u002F2.JWE\u002F5.algorithms",{"title":79,"path":80,"stem":81,"children":82,"icon":84},"Examples","\u002Fexamples","10.Examples\u002F0.index",[83,85,90,94,98,102],{"title":79,"path":80,"stem":81,"icon":84},"i-carbon-code-reference",{"title":86,"path":87,"stem":88,"icon":89},"Authentication basics","\u002Fexamples\u002Fauthentication-basics","10.Examples\u002F1.authentication-basics","i-lucide-code",{"title":91,"path":92,"stem":93,"icon":89},"Consuming a JWKS endpoint","\u002Fexamples\u002Fjwks-endpoint","10.Examples\u002F2.jwks-endpoint",{"title":95,"path":96,"stem":97,"icon":89},"Refresh token pattern","\u002Fexamples\u002Frefresh-token-pattern","10.Examples\u002F3.refresh-token-pattern",{"title":99,"path":100,"stem":101,"icon":89},"End-to-end encryption","\u002Fexamples\u002Fend-to-end-encryption","10.Examples\u002F4.end-to-end-encryption",{"title":103,"path":104,"stem":105,"icon":89},"Signed receipts","\u002Fexamples\u002Fsigned-receipts","10.Examples\u002F5.signed-receipts",{"title":107,"path":108,"stem":109,"children":110,"icon":112},"JWK","\u002Fjwk","2.JWK\u002F0.index",[111,113,117,121,125,129,133,137],{"title":107,"path":108,"stem":109,"icon":112},"i-carbon-two-factor-authentication",{"title":114,"path":115,"stem":116},"Generating keys","\u002Fjwk\u002Fgenerating","2.JWK\u002F1.generating",{"title":118,"path":119,"stem":120},"Importing and exporting","\u002Fjwk\u002Fimport-export","2.JWK\u002F2.import-export",{"title":122,"path":123,"stem":124},"PEM conversion","\u002Fjwk\u002Fpem","2.JWK\u002F3.pem",{"title":126,"path":127,"stem":128},"Key wrapping","\u002Fjwk\u002Fwrapping","2.JWK\u002F4.wrapping",{"title":130,"path":131,"stem":132},"Password derivation","\u002Fjwk\u002Fpassword-derivation","2.JWK\u002F5.password-derivation",{"title":134,"path":135,"stem":136},"JWK Sets","\u002Fjwk\u002Fjwk-sets","2.JWK\u002F6.jwk-sets",{"title":138,"path":139,"stem":140},"JWK cache","\u002Fjwk\u002Fcache","2.JWK\u002F7.cache",{"title":142,"path":143,"stem":144,"children":145,"icon":147},"Utilities","\u002Futilities","3.Utilities\u002F0.index",[146],{"title":142,"path":143,"stem":144,"icon":147},"i-carbon-tool-box",{"title":149,"path":150,"stem":151,"children":152,"icon":154},"Adapters","\u002Fadapters","99.Adapters\u002F0.index",[153,155,159,163],{"title":149,"path":150,"stem":151,"icon":154},"i-carbon-plug",{"title":156,"path":157,"stem":158},"H3 sessions","\u002Fadapters\u002Fh3-sessions","99.Adapters\u002F1.h3-sessions",{"title":160,"path":161,"stem":162},"Lifecycle hooks","\u002Fadapters\u002Fhooks","99.Adapters\u002F2.hooks",{"title":164,"path":165,"stem":166},"Lower-level functions","\u002Fadapters\u002Flower-level","99.Adapters\u002F3.lower-level",{"id":168,"title":53,"body":169,"description":207,"extension":972,"meta":973,"navigation":974,"path":54,"seo":975,"stem":55,"__hash__":976},"content\u002F1.JWT\u002F2.JWE\u002F0.index.md",{"type":170,"value":171,"toc":960,"icon":58},"minimark",[172,177,198,201,255,260,263,373,380,384,387,410,417,436,491,497,504,594,603,607,610,615,618,669,673,676,741,745,752,833,836,904,911,915,956],[173,174,176],"h1",{"id":175},"jwe-encrypted-tokens","JWE — encrypted tokens",[178,179,180,181,185,186,193,194,197],"p",{},"A ",[182,183,184],"strong",{},"JSON Web Encryption"," (",[187,188,192],"a",{"href":189,"rel":190},"https:\u002F\u002Fwww.rfc-editor.org\u002Frfc\u002Frfc7516",[191],"nofollow","RFC 7516",") is a JWT whose payload is ",[182,195,196],{},"encrypted",": no one can read it without the right key, and no one can tamper with it without the tag failing.",[178,199,200],{},"Import:",[202,203,208],"pre",{"className":204,"code":205,"language":206,"meta":207,"style":207},"language-ts shiki shiki-themes github-light github-dark github-dark","import { encrypt, decrypt } from \"unjwt\u002Fjwe\";\n\u002F\u002F or from the flat barrel:\nimport { encrypt, decrypt } from \"unjwt\";\n","ts","",[209,210,211,234,241],"code",{"__ignoreMap":207},[212,213,216,220,224,227,231],"span",{"class":214,"line":215},"line",1,[212,217,219],{"class":218},"so5gQ","import",[212,221,223],{"class":222},"slsVL"," { encrypt, decrypt } ",[212,225,226],{"class":218},"from",[212,228,230],{"class":229},"sfrk1"," \"unjwt\u002Fjwe\"",[212,232,233],{"class":222},";\n",[212,235,237],{"class":214,"line":236},2,[212,238,240],{"class":239},"sCsY4","\u002F\u002F or from the flat barrel:\n",[212,242,244,246,248,250,253],{"class":214,"line":243},3,[212,245,219],{"class":218},[212,247,223],{"class":222},[212,249,226],{"class":218},[212,251,252],{"class":229}," \"unjwt\"",[212,254,233],{"class":222},[256,257,259],"h2",{"id":258},"basic-usage","Basic usage",[178,261,262],{},"The shortest path — password-based encryption (PBES2 under the hood):",[202,264,267],{"className":204,"code":265,"filename":266,"language":206,"meta":207,"style":207},"import { encrypt, decrypt } from \"unjwt\u002Fjwe\";\n\nconst token = await encrypt({ secret: \"sensitive\" }, \"my-password\");\nconst { payload } = await decrypt(token, \"my-password\");\n\nconsole.log(payload);\n\u002F\u002F { secret: \"sensitive\" }\n","basic.ts",[209,268,269,281,287,321,350,355,367],{"__ignoreMap":207},[212,270,271,273,275,277,279],{"class":214,"line":215},[212,272,219],{"class":218},[212,274,223],{"class":222},[212,276,226],{"class":218},[212,278,230],{"class":229},[212,280,233],{"class":222},[212,282,283],{"class":214,"line":236},[212,284,286],{"emptyLinePlaceholder":285},true,"\n",[212,288,289,292,296,299,302,306,309,312,315,318],{"class":214,"line":243},[212,290,291],{"class":218},"const",[212,293,295],{"class":294},"suiK_"," token",[212,297,298],{"class":218}," =",[212,300,301],{"class":218}," await",[212,303,305],{"class":304},"shcOC"," encrypt",[212,307,308],{"class":222},"({ secret: ",[212,310,311],{"class":229},"\"sensitive\"",[212,313,314],{"class":222}," }, ",[212,316,317],{"class":229},"\"my-password\"",[212,319,320],{"class":222},");\n",[212,322,324,326,329,332,335,338,340,343,346,348],{"class":214,"line":323},4,[212,325,291],{"class":218},[212,327,328],{"class":222}," { ",[212,330,331],{"class":294},"payload",[212,333,334],{"class":222}," } ",[212,336,337],{"class":218},"=",[212,339,301],{"class":218},[212,341,342],{"class":304}," decrypt",[212,344,345],{"class":222},"(token, ",[212,347,317],{"class":229},[212,349,320],{"class":222},[212,351,353],{"class":214,"line":352},5,[212,354,286],{"emptyLinePlaceholder":285},[212,356,358,361,364],{"class":214,"line":357},6,[212,359,360],{"class":222},"console.",[212,362,363],{"class":304},"log",[212,365,366],{"class":222},"(payload);\n",[212,368,370],{"class":214,"line":369},7,[212,371,372],{"class":239},"\u002F\u002F { secret: \"sensitive\" }\n",[178,374,375,376,379],{},"The token looks like a JWT (dotted segments) but the ",[182,377,378],{},"third segment onwards is ciphertext"," — base64url-decoding the payload gives you random bytes, not claims.",[256,381,383],{"id":382},"how-a-jwe-is-built","How a JWE is built",[178,385,386],{},"Every JWE encrypts its payload in two steps:",[388,389,391,398],"steps",{"level":390},"4",[392,393,394,397],"h4",{},[182,395,396],{},"Content encryption"," — a random Content Encryption Key (CEK) encrypts the payload with an authenticated cipher (AES-GCM or AES-CBC+HMAC-SHA2). The result is the ciphertext segment plus an IV and authentication tag.",[392,399,400,403,404,409],{},[182,401,402],{},"Key management"," — the CEK itself is delivered to the recipient, either wrapped by a key they hold, or derived from a shared secret with them. That's what the ",[182,405,406],{},[209,407,408],{},"alg"," header describes.",[178,411,412,413,416],{},"So every JWE header has ",[182,414,415],{},"two"," algorithm fields:",[418,419,420,428],"ul",{},[421,422,423,427],"li",{},[182,424,425],{},[209,426,408],{}," — how the CEK is delivered. Determines what kind of recipient key is required.",[421,429,430,435],{},[182,431,432],{},[209,433,434],{},"enc"," — how the CEK encrypts the payload. Determines the content cipher.",[202,437,441],{"className":438,"code":439,"language":440,"meta":207,"style":207},"language-json shiki shiki-themes github-light github-dark github-dark","{ \"alg\": \"PBES2-HS256+A128KW\", \"enc\": \"A128GCM\", \"p2s\": \"...\", \"p2c\": 600000 }\n","json",[209,442,443],{"__ignoreMap":207},[212,444,445,448,451,454,457,460,463,465,468,470,473,475,478,480,483,485,488],{"class":214,"line":215},[212,446,447],{"class":222},"{ ",[212,449,450],{"class":294},"\"alg\"",[212,452,453],{"class":222},": ",[212,455,456],{"class":229},"\"PBES2-HS256+A128KW\"",[212,458,459],{"class":222},", ",[212,461,462],{"class":294},"\"enc\"",[212,464,453],{"class":222},[212,466,467],{"class":229},"\"A128GCM\"",[212,469,459],{"class":222},[212,471,472],{"class":294},"\"p2s\"",[212,474,453],{"class":222},[212,476,477],{"class":229},"\"...\"",[212,479,459],{"class":222},[212,481,482],{"class":294},"\"p2c\"",[212,484,453],{"class":222},[212,486,487],{"class":294},"600000",[212,489,490],{"class":222}," }\n",[178,492,493,494,496],{},"You'll see these in every example below. Full list in ",[187,495,49],{"href":76},".",[256,498,500,501,503],{"id":499},"choosing-the-alg-family","Choosing the ",[209,502,408],{}," family",[505,506,507,523],"table",{},[508,509,510],"thead",{},[511,512,513,517],"tr",{},[514,515,516],"th",{},"You have…",[514,518,519,520,522],{},"Use ",[209,521,408],{},"…",[524,525,526,538,557,571,585],"tbody",{},[511,527,528,532],{},[529,530,531],"td",{},"A password string",[529,533,534,537],{},[209,535,536],{},"PBES2-*"," (inferred automatically for passwords)",[511,539,540,543],{},[529,541,542],{},"A shared secret key (both sides hold it)",[529,544,545,548,549,552,553,556],{},[209,546,547],{},"A128KW","\u002F",[209,550,551],{},"A256KW"," (Key Wrap) or ",[209,554,555],{},"dir"," (direct)",[511,558,559,562],{},[529,560,561],{},"The recipient's RSA public key",[529,563,564,567,568],{},[209,565,566],{},"RSA-OAEP-256"," \u002F ",[209,569,570],{},"RSA-OAEP-512",[511,572,573,576],{},[529,574,575],{},"The recipient's EC public key",[529,577,578,581,582],{},[209,579,580],{},"ECDH-ES"," or ",[209,583,584],{},"ECDH-ES+A256KW",[511,586,587,590],{},[529,588,589],{},"A prearranged CEK used directly as the key",[529,591,592],{},[209,593,555],{},[178,595,596,597,599,600,496],{},"Algorithm inference handles most of this for you — passing a JWK with a ",[209,598,408],{}," field set picks the right path. See ",[187,601,602],{"href":61},"Encrypting →",[256,604,606],{"id":605},"the-three-encryption-patterns","The three encryption patterns",[178,608,609],{},"The rest of JWE is just variations on three recurring shapes:",[611,612,614],"h3",{"id":613},"_1-password-based","1. Password-based",[178,616,617],{},"One secret known to both parties. Simplest, slowest (by design).",[202,619,621],{"className":204,"code":620,"language":206,"meta":207,"style":207},"const token = await encrypt({ data: \"x\" }, \"my-password\");\nconst { payload } = await decrypt(token, \"my-password\");\n",[209,622,623,647],{"__ignoreMap":207},[212,624,625,627,629,631,633,635,638,641,643,645],{"class":214,"line":215},[212,626,291],{"class":218},[212,628,295],{"class":294},[212,630,298],{"class":218},[212,632,301],{"class":218},[212,634,305],{"class":304},[212,636,637],{"class":222},"({ data: ",[212,639,640],{"class":229},"\"x\"",[212,642,314],{"class":222},[212,644,317],{"class":229},[212,646,320],{"class":222},[212,648,649,651,653,655,657,659,661,663,665,667],{"class":214,"line":236},[212,650,291],{"class":218},[212,652,328],{"class":222},[212,654,331],{"class":294},[212,656,334],{"class":222},[212,658,337],{"class":218},[212,660,301],{"class":218},[212,662,342],{"class":304},[212,664,345],{"class":222},[212,666,317],{"class":229},[212,668,320],{"class":222},[611,670,672],{"id":671},"_2-shared-key-symmetric","2. Shared key (symmetric)",[178,674,675],{},"A key that both parties already hold — you generated and distributed it out of band.",[202,677,679],{"className":204,"code":678,"language":206,"meta":207,"style":207},"const key = await generateJWK(\"A256KW\");\nconst token = await encrypt({ data: \"x\" }, key);\nconst { payload } = await decrypt(token, key);\n",[209,680,681,703,722],{"__ignoreMap":207},[212,682,683,685,688,690,692,695,698,701],{"class":214,"line":215},[212,684,291],{"class":218},[212,686,687],{"class":294}," key",[212,689,298],{"class":218},[212,691,301],{"class":218},[212,693,694],{"class":304}," generateJWK",[212,696,697],{"class":222},"(",[212,699,700],{"class":229},"\"A256KW\"",[212,702,320],{"class":222},[212,704,705,707,709,711,713,715,717,719],{"class":214,"line":236},[212,706,291],{"class":218},[212,708,295],{"class":294},[212,710,298],{"class":218},[212,712,301],{"class":218},[212,714,305],{"class":304},[212,716,637],{"class":222},[212,718,640],{"class":229},[212,720,721],{"class":222}," }, key);\n",[212,723,724,726,728,730,732,734,736,738],{"class":214,"line":243},[212,725,291],{"class":218},[212,727,328],{"class":222},[212,729,331],{"class":294},[212,731,334],{"class":222},[212,733,337],{"class":218},[212,735,301],{"class":218},[212,737,342],{"class":304},[212,739,740],{"class":222},"(token, key);\n",[611,742,744],{"id":743},"_3-public-key-asymmetric","3. Public-key (asymmetric)",[178,746,747,748,751],{},"The sender only needs the recipient's ",[182,749,750],{},"public key","; only the holder of the matching private key can decrypt. Essential for end-to-end encryption.",[202,753,755],{"className":204,"code":754,"language":206,"meta":207,"style":207},"const { publicKey, privateKey } = await generateJWK(\"RSA-OAEP-256\");\n\u002F\u002F ... publicKey distributed out-of-band ...\n\nconst token = await encrypt({ data: \"x\" }, publicKey);\nconst { payload } = await decrypt(token, privateKey);\n",[209,756,757,786,791,795,814],{"__ignoreMap":207},[212,758,759,761,763,766,768,771,773,775,777,779,781,784],{"class":214,"line":215},[212,760,291],{"class":218},[212,762,328],{"class":222},[212,764,765],{"class":294},"publicKey",[212,767,459],{"class":222},[212,769,770],{"class":294},"privateKey",[212,772,334],{"class":222},[212,774,337],{"class":218},[212,776,301],{"class":218},[212,778,694],{"class":304},[212,780,697],{"class":222},[212,782,783],{"class":229},"\"RSA-OAEP-256\"",[212,785,320],{"class":222},[212,787,788],{"class":214,"line":236},[212,789,790],{"class":239},"\u002F\u002F ... publicKey distributed out-of-band ...\n",[212,792,793],{"class":214,"line":243},[212,794,286],{"emptyLinePlaceholder":285},[212,796,797,799,801,803,805,807,809,811],{"class":214,"line":323},[212,798,291],{"class":218},[212,800,295],{"class":294},[212,802,298],{"class":218},[212,804,301],{"class":218},[212,806,305],{"class":304},[212,808,637],{"class":222},[212,810,640],{"class":229},[212,812,813],{"class":222}," }, publicKey);\n",[212,815,816,818,820,822,824,826,828,830],{"class":214,"line":352},[212,817,291],{"class":218},[212,819,328],{"class":222},[212,821,331],{"class":294},[212,823,334],{"class":222},[212,825,337],{"class":218},[212,827,301],{"class":218},[212,829,342],{"class":304},[212,831,832],{"class":222},"(token, privateKey);\n",[178,834,835],{},"Elliptic-curve equivalent:",[202,837,839],{"className":204,"code":838,"language":206,"meta":207,"style":207},"const { publicKey, privateKey } = await generateJWK(\"ECDH-ES+A256KW\");\nconst token = await encrypt({ data: \"x\" }, publicKey);\nconst { payload } = await decrypt(token, privateKey);\n",[209,840,841,868,886],{"__ignoreMap":207},[212,842,843,845,847,849,851,853,855,857,859,861,863,866],{"class":214,"line":215},[212,844,291],{"class":218},[212,846,328],{"class":222},[212,848,765],{"class":294},[212,850,459],{"class":222},[212,852,770],{"class":294},[212,854,334],{"class":222},[212,856,337],{"class":218},[212,858,301],{"class":218},[212,860,694],{"class":304},[212,862,697],{"class":222},[212,864,865],{"class":229},"\"ECDH-ES+A256KW\"",[212,867,320],{"class":222},[212,869,870,872,874,876,878,880,882,884],{"class":214,"line":236},[212,871,291],{"class":218},[212,873,295],{"class":294},[212,875,298],{"class":218},[212,877,301],{"class":218},[212,879,305],{"class":304},[212,881,637],{"class":222},[212,883,640],{"class":229},[212,885,813],{"class":222},[212,887,888,890,892,894,896,898,900,902],{"class":214,"line":243},[212,889,291],{"class":218},[212,891,328],{"class":222},[212,893,331],{"class":294},[212,895,334],{"class":222},[212,897,337],{"class":218},[212,899,301],{"class":218},[212,901,342],{"class":304},[212,903,832],{"class":222},[178,905,906,907,910],{},"See ",[187,908,909],{"href":73},"ECDH-ES →"," for the full end-to-end messaging story.",[256,912,914],{"id":913},"going-further","Going further",[418,916,917,927,933,939,945],{},[421,918,919,922,923,926],{},[187,920,921],{"href":61},"Encrypting in depth →"," — every ",[209,924,925],{},"encrypt()"," option.",[421,928,929,932],{},[187,930,931],{"href":65},"Decrypting in depth →"," — allowlists, PBES2 DoS bounds, key lookup.",[421,934,935,938],{},[187,936,937],{"href":69},"Multi-recipient →"," — one ciphertext, many recipients (JSON Serialization).",[421,940,941,944],{},[187,942,943],{"href":73},"ECDH-ES and end-to-end encryption →"," — the public-key workflow in detail.",[421,946,947,950,951,953,954,496],{},[187,948,949],{"href":76},"Algorithms →"," — picking ",[209,952,408],{}," and ",[209,955,434],{},[957,958,959],"style",{},"html pre.shiki code .so5gQ, html code.shiki .so5gQ{--shiki-light:#D73A49;--shiki-default:#F97583;--shiki-dark:#F97583}html pre.shiki code .slsVL, html code.shiki .slsVL{--shiki-light:#24292E;--shiki-default:#E1E4E8;--shiki-dark:#E1E4E8}html pre.shiki code .sfrk1, html code.shiki .sfrk1{--shiki-light:#032F62;--shiki-default:#9ECBFF;--shiki-dark:#9ECBFF}html pre.shiki code .sCsY4, html code.shiki .sCsY4{--shiki-light:#6A737D;--shiki-default:#6A737D;--shiki-dark:#6A737D}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .suiK_, html code.shiki .suiK_{--shiki-light:#005CC5;--shiki-default:#79B8FF;--shiki-dark:#79B8FF}html pre.shiki code .shcOC, html code.shiki .shcOC{--shiki-light:#6F42C1;--shiki-default:#B392F0;--shiki-dark:#B392F0}",{"title":207,"searchDepth":236,"depth":236,"links":961},[962,963,964,966,971],{"id":258,"depth":236,"text":259},{"id":382,"depth":236,"text":383},{"id":499,"depth":236,"text":965},"Choosing the alg family",{"id":605,"depth":236,"text":606,"children":967},[968,969,970],{"id":613,"depth":243,"text":614},{"id":671,"depth":243,"text":672},{"id":743,"depth":243,"text":744},{"id":913,"depth":236,"text":914},"md",{"icon":58},{"icon":58},{"title":53,"description":207},"MI_rcwgOKDmTaGtPlMreyLdkipEtlowEouYB7PI9BwU",[978,979],{"title":49,"path":50,"stem":51,"description":207,"children":-1},{"title":60,"path":61,"stem":62,"description":207,"children":-1},1776888560030]