@bantis/local-cipher 2.2.0 → 2.3.0

package/dist/index.esm.js

@@ -17,6 +17,9 @@ const DEFAULT_CONFIG = {
         compressionThreshold: 1024,
         autoCleanup: true,
         cleanupInterval: 60000,
+        enableCache: true,
+        verifyIntegrityOnRead: false,
+        storageEngine: typeof window !== 'undefined' ? window.localStorage : {},
     },
     debug: {
         enabled: false,
@@ -44,6 +47,8 @@ class EncryptionHelper {
         this.baseKey = '';
         this.baseKeyPromise = null;
         this.keyVersion = 1;
+        // Cache para optimización de rendimiento
+        this.keyNameCache = new Map();
         this.config = { ...DEFAULT_CONFIG.encryption, ...config };
         // Load key version from storage
         const storedVersion = localStorage.getItem(EncryptionHelper.KEY_VERSION_KEY);
@@ -213,10 +218,16 @@ class EncryptionHelper {
      * @returns Nombre encriptado con prefijo __enc_
      */
     async encryptKey(keyName) {
+        // Optimización: devolver desde cache si existe
+        if (this.keyNameCache.has(keyName)) {
+            return this.keyNameCache.get(keyName);
+        }
         const baseKey = await this.generateBaseKey();
         const combined = keyName + baseKey;
         const hash = await this.hashString(combined);
-        return `__enc_${hash.substring(0, 16)}`;
+        const encryptedKey = `__enc_${hash.substring(0, 16)}`;
+        this.keyNameCache.set(keyName, encryptedKey);
+        return encryptedKey;
     }
     /**
      * Limpia todos los datos encriptados del localStorage
@@ -234,10 +245,11 @@ class EncryptionHelper {
         keysToRemove.forEach(key => localStorage.removeItem(key));
         // Eliminar salt
         localStorage.removeItem(EncryptionHelper.SALT_STORAGE_KEY);
-        // Resetear clave en memoria
+        // Resetear clave en memoria y cache
         this.key = null;
         this.baseKey = '';
         this.baseKeyPromise = null;
+        this.keyNameCache.clear();
     }
     /**
      * Verifica si el navegador soporta Web Crypto API
@@ -677,6 +689,7 @@ function shouldCompress(data, threshold = 1024) {
 class SecureStorage {
     constructor(config) {
         this.cleanupInterval = null;
+        this.memoryCache = new Map();
         // Merge config with defaults
         this.config = {
             encryption: { ...DEFAULT_CONFIG.encryption, ...config?.encryption },
@@ -758,8 +771,12 @@ class SecureStorage {
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
             // Encrypt the value
             const encryptedValue = await this.encryptionHelper.encrypt(serialized);
-            // Store in localStorage
-            localStorage.setItem(encryptedKey, encryptedValue);
+            // Store in storage
+            this.config.storage.storageEngine.setItem(encryptedKey, encryptedValue);
+            // Update cache
+            if (this.config.storage.enableCache) {
+                this.memoryCache.set(key, { value });
+            }
             this.logger.verbose(`Stored key: ${key}, compressed: ${compressed}, size: ${encryptedValue.length}`);
             this.eventEmitter.emit('encrypted', { key, metadata: { compressed, size: encryptedValue.length } });
             this.logger.timeEnd(`setItem:${key}`);
@@ -767,7 +784,7 @@ class SecureStorage {
         catch (error) {
             this.logger.error(`Error al guardar dato encriptado para ${key}:`, error);
             this.eventEmitter.emit('error', { key, error: error });
-            localStorage.setItem(key, value);
+            this.config.storage.storageEngine.setItem(key, value);
         }
     }
     /**
@@ -820,8 +837,12 @@ class SecureStorage {
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
             // Encrypt the value
             const encryptedValue = await this.encryptionHelper.encrypt(serialized);
-            // Store in localStorage
-            localStorage.setItem(encryptedKey, encryptedValue);
+            // Store in storage
+            this.config.storage.storageEngine.setItem(encryptedKey, encryptedValue);
+            // Update cache
+            if (this.config.storage.enableCache) {
+                this.memoryCache.set(key, { value, expiresAt });
+            }
             this.logger.verbose(`Stored key with expiry: ${key}, expiresAt: ${expiresAt}`);
             this.eventEmitter.emit('encrypted', { key, metadata: { compressed, expiresAt } });
             this.logger.timeEnd(`setItemWithExpiry:${key}`);
@@ -838,16 +859,31 @@ class SecureStorage {
     async getItem(key) {
         this.logger.time(`getItem:${key}`);
         if (!EncryptionHelper.isSupported()) {
-            return localStorage.getItem(key);
+            return this.config.storage.storageEngine.getItem(key);
         }
         try {
+            // Check memory cache first
+            if (this.config.storage.enableCache && this.memoryCache.has(key)) {
+                const cached = this.memoryCache.get(key);
+                if (cached.expiresAt && cached.expiresAt < Date.now()) {
+                    this.logger.info(`Key expired in cache: ${key}`);
+                    await this.removeItem(key);
+                    this.eventEmitter.emit('expired', { key });
+                    this.logger.timeEnd(`getItem:${key}`);
+                    return null;
+                }
+                this.logger.debug(`Retrieved from cache: ${key}`);
+                this.eventEmitter.emit('decrypted', { key });
+                this.logger.timeEnd(`getItem:${key}`);
+                return cached.value;
+            }
             // Encrypt the key
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
             // Get encrypted value
-            let encryptedValue = localStorage.getItem(encryptedKey);
+            let encryptedValue = this.config.storage.storageEngine.getItem(encryptedKey);
             // Backward compatibility: try with plain key
             if (!encryptedValue) {
-                encryptedValue = localStorage.getItem(key);
+                encryptedValue = this.config.storage.storageEngine.getItem(key);
                 if (!encryptedValue) {
                     this.logger.timeEnd(`getItem:${key}`);
                     return null;
@@ -883,8 +919,8 @@ class SecureStorage {
                 this.logger.timeEnd(`getItem:${key}`);
                 return null;
             }
-            // Verify integrity if checksum exists
-            if (storedValue.checksum) {
+            // Verify integrity if checksum exists and configured
+            if (storedValue.checksum && this.config.storage.verifyIntegrityOnRead) {
                 const calculatedChecksum = await this.calculateChecksum(storedValue.value);
                 if (calculatedChecksum !== storedValue.checksum) {
                     this.logger.warn(`Integrity check failed for key: ${key}`);
@@ -902,6 +938,9 @@ class SecureStorage {
                 finalValue = await decompress(new Uint8Array(compressedData));
                 this.eventEmitter.emit('decompressed', { key });
             }
+            if (this.config.storage.enableCache) {
+                this.memoryCache.set(key, { value: finalValue, expiresAt: storedValue.expiresAt });
+            }
             this.eventEmitter.emit('decrypted', { key });
             this.logger.timeEnd(`getItem:${key}`);
             return finalValue;
@@ -910,7 +949,7 @@ class SecureStorage {
             this.logger.error(`Error al recuperar dato encriptado para ${key}:`, error);
             this.eventEmitter.emit('error', { key, error: error });
             // Fallback: try plain key
-            const fallback = localStorage.getItem(key);
+            const fallback = this.config.storage.storageEngine.getItem(key);
             this.logger.timeEnd(`getItem:${key}`);
             return fallback;
         }
@@ -920,19 +959,20 @@ class SecureStorage {
      */
     async removeItem(key) {
         if (!EncryptionHelper.isSupported()) {
-            localStorage.removeItem(key);
+            this.config.storage.storageEngine.removeItem(key);
             return;
         }
         try {
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
-            localStorage.removeItem(encryptedKey);
-            localStorage.removeItem(key); // Remove both versions
+            this.config.storage.storageEngine.removeItem(encryptedKey);
+            this.config.storage.storageEngine.removeItem(key); // Remove both versions
+            this.memoryCache.delete(key);
             this.eventEmitter.emit('deleted', { key });
             this.logger.info(`Removed key: ${key}`);
         }
         catch (error) {
             this.logger.error(`Error al eliminar dato para ${key}:`, error);
-            localStorage.removeItem(key);
+            this.config.storage.storageEngine.removeItem(key);
         }
     }
     /**
@@ -947,6 +987,7 @@ class SecureStorage {
      */
     clear() {
         this.encryptionHelper.clearEncryptedData();
+        this.memoryCache.clear();
         this.eventEmitter.emit('cleared', {});
         this.logger.info('All encrypted data cleared');
     }
@@ -957,21 +998,28 @@ class SecureStorage {
         this.logger.info('Starting cleanup of expired items...');
         let cleanedCount = 0;
         const keysToCheck = [];
-        for (let i = 0; i < localStorage.length; i++) {
-            const key = localStorage.key(i);
+        for (let i = 0; i < this.config.storage.storageEngine.length; i++) {
+            const key = this.config.storage.storageEngine.key(i);
             if (key && key.startsWith('__enc_')) {
                 keysToCheck.push(key);
             }
         }
         for (const encryptedKey of keysToCheck) {
             try {
-                const encryptedValue = localStorage.getItem(encryptedKey);
+                const encryptedValue = this.config.storage.storageEngine.getItem(encryptedKey);
                 if (!encryptedValue)
                     continue;
                 const decrypted = await this.encryptionHelper.decrypt(encryptedValue);
                 const storedValue = JSON.parse(decrypted);
                 if (storedValue.expiresAt && storedValue.expiresAt < Date.now()) {
-                    localStorage.removeItem(encryptedKey);
+                    this.config.storage.storageEngine.removeItem(encryptedKey);
+                    // Encontrar la clave original en el cache y eliminarla
+                    for (const [cacheKey] of Array.from(this.memoryCache.entries())) {
+                        this.encryptionHelper.encryptKey(cacheKey).then(enc => {
+                            if (enc === encryptedKey)
+                                this.memoryCache.delete(cacheKey);
+                        });
+                    }
                     cleanedCount++;
                     this.eventEmitter.emit('expired', { key: encryptedKey });
                 }
@@ -989,7 +1037,7 @@ class SecureStorage {
     async verifyIntegrity(key) {
         try {
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
-            const encryptedValue = localStorage.getItem(encryptedKey);
+            const encryptedValue = this.config.storage.storageEngine.getItem(encryptedKey);
             if (!encryptedValue)
                 return false;
             const decrypted = await this.encryptionHelper.decrypt(encryptedValue);
@@ -1012,7 +1060,7 @@ class SecureStorage {
     async getIntegrityInfo(key) {
         try {
             const encryptedKey = await this.encryptionHelper.encryptKey(key);
-            const encryptedValue = localStorage.getItem(encryptedKey);
+            const encryptedValue = this.config.storage.storageEngine.getItem(encryptedKey);
             if (!encryptedValue)
                 return null;
             const decrypted = await this.encryptionHelper.decrypt(encryptedValue);
@@ -1095,7 +1143,7 @@ class SecureStorage {
         this.logger.info(`Iniciando migración de ${keys.length} claves...`);
         for (const key of keys) {
             try {
-                const value = localStorage.getItem(key);
+                const value = this.config.storage.storageEngine.getItem(key);
                 if (value === null)
                     continue;
                 // Try to decrypt to check if already encrypted
@@ -1108,7 +1156,7 @@ class SecureStorage {
                     // Not encrypted, proceed with migration
                 }
                 await this.setItem(key, value);
-                localStorage.removeItem(key);
+                this.config.storage.storageEngine.removeItem(key);
                 this.logger.info(`✓ ${key} migrado exitosamente`);
             }
             catch (error) {
@@ -1122,8 +1170,8 @@ class SecureStorage {
      */
     getDebugInfo() {
         const allKeys = [];
-        for (let i = 0; i < localStorage.length; i++) {
-            const key = localStorage.key(i);
+        for (let i = 0; i < this.config.storage.storageEngine.length; i++) {
+            const key = this.config.storage.storageEngine.key(i);
             if (key)
                 allKeys.push(key);
         }
@@ -1162,6 +1210,194 @@ class SecureStorage {
 }
 SecureStorage.instance = null;
 
+/**
+ * SecureCookie - API de alto nivel para almacenamiento en cookies cifradas
+ * Soporta opciones de cookies incluyendo domininios/subdominios y compresión.
+ */
+class SecureCookie {
+    constructor(config) {
+        this.config = {
+            encryption: { ...DEFAULT_CONFIG.encryption, ...config?.encryption },
+            cookieOptions: { path: '/', ...config?.cookieOptions },
+            compression: config?.compression ?? true,
+            debug: { ...DEFAULT_CONFIG.debug, ...config?.debug }
+        };
+        this.logger = new Logger(this.config.debug);
+        this.encryptionHelper = new EncryptionHelper(this.config.encryption);
+        this.logger.info('SecureCookie initialized', this.config);
+    }
+    /**
+     * Obtiene la instancia singleton de SecureCookie
+     */
+    static getInstance(config) {
+        if (!SecureCookie.instance) {
+            SecureCookie.instance = new SecureCookie(config);
+        }
+        return SecureCookie.instance;
+    }
+    /**
+     * Serializa las opciones de cookie en un string
+     */
+    serializeOptions(options) {
+        let cookieString = '';
+        if (options.expires) {
+            cookieString += `; expires=${options.expires.toUTCString()}`;
+        }
+        if (options.maxAge) {
+            cookieString += `; max-age=${options.maxAge}`;
+        }
+        if (options.domain) {
+            cookieString += `; domain=${options.domain}`;
+        }
+        if (options.path) {
+            cookieString += `; path=${options.path}`;
+        }
+        if (options.secure) {
+            cookieString += `; secure`;
+        }
+        if (options.sameSite) {
+            cookieString += `; samesite=${options.sameSite}`;
+        }
+        return cookieString;
+    }
+    /**
+     * Guarda un valor encriptado en una cookie
+     */
+    async set(name, value, options) {
+        this.logger.time(`cookie:set:${name}`);
+        if (!EncryptionHelper.isSupported()) {
+            this.logger.warn('Web Crypto API no soportada, guardando cookie sin cifrar');
+            const mergedOptions = { ...this.config.cookieOptions, ...options };
+            document.cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)}${this.serializeOptions(mergedOptions)}`;
+            return;
+        }
+        try {
+            // Check compression (aggressively compress cookies to save space since max is ~4KB)
+            const shouldCompressData = this.config.compression && shouldCompress(value, 200);
+            let processedValue = value;
+            let metadataPrefix = 'P_'; // P_ = Plain
+            if (shouldCompressData) {
+                this.logger.debug(`Compressing cookie value for: ${name}`);
+                const compressedData = await compress(value);
+                processedValue = this.encryptionHelper['arrayBufferToBase64'](compressedData.buffer);
+                metadataPrefix = 'C_'; // C_ = Compressed
+            }
+            // Encrypt key name
+            const encryptedKey = await this.encryptionHelper.encryptKey(name);
+            // Serialize and Encrypt Value
+            // Adding metadata prefix to avoid bloating value with massive StoredValue JSON headers
+            const encryptedData = await this.encryptionHelper.encrypt(processedValue);
+            const finalValue = metadataPrefix + encryptedData;
+            // Prepare Cookie string
+            const mergedOptions = { ...this.config.cookieOptions, ...options };
+            const cookieOptionsStr = this.serializeOptions(mergedOptions);
+            const cookieString = `${encodeURIComponent(encryptedKey)}=${encodeURIComponent(finalValue)}${cookieOptionsStr}`;
+            // Verificación de tamaño de cookie
+            if (cookieString.length > 4096) {
+                this.logger.warn(`Cookie '${name}' es muy grande (${cookieString.length} bytes). Puede ser rechazada por el navegador.`);
+            }
+            document.cookie = cookieString;
+            this.logger.verbose(`Stored cookie: ${name}`);
+            this.logger.timeEnd(`cookie:set:${name}`);
+        }
+        catch (error) {
+            this.logger.error(`Error al guardar cookie encriptada para ${name}:`, error);
+            // Fallback sin cifrar como último recurso
+            const mergedOptions = { ...this.config.cookieOptions, ...options };
+            document.cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)}${this.serializeOptions(mergedOptions)}`;
+        }
+    }
+    /**
+     * Pide una cookie por nombre
+     * Retorna el string o null si no existe
+     */
+    getRawCookie(name) {
+        const nameEQ = encodeURIComponent(name) + '=';
+        const ca = document.cookie.split(';');
+        for (let i = 0; i < ca.length; i++) {
+            let c = ca[i];
+            while (c.charAt(0) === ' ')
+                c = c.substring(1, c.length);
+            if (c.indexOf(nameEQ) === 0)
+                return decodeURIComponent(c.substring(nameEQ.length, c.length));
+        }
+        return null;
+    }
+    /**
+     * Recupera y desencripta un valor de cookie
+     */
+    async get(name) {
+        this.logger.time(`cookie:get:${name}`);
+        if (!EncryptionHelper.isSupported()) {
+            return this.getRawCookie(name);
+        }
+        try {
+            // Find encrypted key
+            const encryptedKey = await this.encryptionHelper.encryptKey(name);
+            let rawValue = this.getRawCookie(encryptedKey);
+            if (!rawValue) {
+                // Backward compatibility just in case fallback was used
+                rawValue = this.getRawCookie(name);
+                if (!rawValue) {
+                    this.logger.timeEnd(`cookie:get:${name}`);
+                    return null;
+                }
+            }
+            // Check if it has our metadata prefixes
+            if (!rawValue.startsWith('P_') && !rawValue.startsWith('C_')) {
+                // Podría ser un fallback plano
+                this.logger.timeEnd(`cookie:get:${name}`);
+                return rawValue; // Asumimos que es plano
+            }
+            const isCompressed = rawValue.startsWith('C_');
+            const encryptedData = rawValue.substring(2);
+            // Decrypt
+            const decryptedString = await this.encryptionHelper.decrypt(encryptedData);
+            // Decompress if needed
+            let finalValue = decryptedString;
+            if (isCompressed) {
+                const compressedBuffer = this.encryptionHelper['base64ToArrayBuffer'](decryptedString);
+                finalValue = await decompress(new Uint8Array(compressedBuffer));
+            }
+            this.logger.timeEnd(`cookie:get:${name}`);
+            return finalValue;
+        }
+        catch (error) {
+            this.logger.error(`Error al recuperar cookie encriptada para ${name}:`, error);
+            // Fallback
+            return this.getRawCookie(name);
+        }
+    }
+    /**
+     * Elimina una cookie
+     */
+    async remove(name, options) {
+        const mergedOptions = { ...this.config.cookieOptions, ...options };
+        // Expirar la cookie configurándole una fecha del pasado
+        const expireOptions = {
+            ...mergedOptions,
+            expires: new Date(0),
+            maxAge: 0
+        };
+        if (!EncryptionHelper.isSupported()) {
+            document.cookie = `${encodeURIComponent(name)}=${this.serializeOptions(expireOptions)}`;
+            return;
+        }
+        const encryptedKey = await this.encryptionHelper.encryptKey(name);
+        // Remove encrypted cookie
+        document.cookie = `${encodeURIComponent(encryptedKey)}=${this.serializeOptions(expireOptions)}`;
+        // Also remove plain version just in case
+        document.cookie = `${encodeURIComponent(name)}=${this.serializeOptions(expireOptions)}`;
+    }
+    /**
+     * Limpia la instancia actual (útil para testing o refresco)
+     */
+    destroy() {
+        SecureCookie.instance = null;
+    }
+}
+SecureCookie.instance = null;
+
 const secureStorage$1 = SecureStorage.getInstance();
 /**
  * Función de debug para verificar el estado del sistema de encriptación
@@ -1214,6 +1450,202 @@ async function forceMigration(customKeys) {
     await debugEncryptionState();
 }
 
+/**
+ * PlainStorage - Una interfaz consistente con SecureStorage pero sin cifrado.
+ * Envuelve localStorage o sessionStorage con serialización JSON.
+ */
+class PlainStorage {
+    constructor(storageEngine = typeof window !== 'undefined' ? window.localStorage : {}) {
+        this.storage = storageEngine;
+        this.logger = new Logger({ prefix: 'PlainStorage' });
+    }
+    async set(key, value) {
+        try {
+            const serialized = typeof value === 'string' ? value : JSON.stringify(value);
+            this.storage.setItem(key, serialized);
+        }
+        catch (error) {
+            this.logger.error(`Error saving unencrypted item ${key}:`, error);
+        }
+    }
+    async get(key) {
+        try {
+            const value = this.storage.getItem(key);
+            if (value === null)
+                return null;
+            try {
+                return JSON.parse(value);
+            }
+            catch {
+                return value; // Fallback for plain strings
+            }
+        }
+        catch (error) {
+            this.logger.error(`Error reading unencrypted item ${key}:`, error);
+            return null;
+        }
+    }
+    async remove(key) {
+        this.storage.removeItem(key);
+    }
+    clear() {
+        this.storage.clear();
+    }
+}
+
+/**
+ * Crea una instancia de almacenamiento encriptado.
+ * @param engine 'localStorage' o 'sessionStorage'
+ * @param secretKey Llave secreta opcional para derivación de claves
+ * @param config Configuración adicional opcional
+ * @returns Instancia de SecureStorage
+ */
+function createEncryptedStorage(engine = 'localStorage', secretKey, config) {
+    const defaultEngine = typeof window !== 'undefined'
+        ? (engine === 'sessionStorage' ? window.sessionStorage : window.localStorage)
+        : {};
+    const mergedConfig = {
+        ...config,
+        encryption: {
+            ...config?.encryption,
+            ...(secretKey ? { appIdentifier: secretKey } : {})
+        },
+        storage: {
+            ...config?.storage,
+            storageEngine: defaultEngine
+        }
+    };
+    return SecureStorage.getInstance(mergedConfig);
+}
+/**
+ * Crea una instancia de almacenamiento plano (sin cifrar).
+ * @param engine 'localStorage' o 'sessionStorage'
+ * @returns Instancia de PlainStorage
+ */
+function createPlainStorage(engine = 'localStorage') {
+    const defaultEngine = typeof window !== 'undefined'
+        ? (engine === 'sessionStorage' ? window.sessionStorage : window.localStorage)
+        : {};
+    return new PlainStorage(defaultEngine);
+}
+
+/**
+ * PlainCookie - Una interfaz consistente con SecureCookie pero sin cifrado.
+ */
+class PlainCookie {
+    constructor(defaultOptions) {
+        this.logger = new Logger({ prefix: 'PlainCookie' });
+        this.defaultOptions = { path: '/', ...defaultOptions };
+    }
+    serializeOptions(options) {
+        let cookieString = '';
+        if (options.expires)
+            cookieString += `; expires=${options.expires.toUTCString()}`;
+        if (options.maxAge)
+            cookieString += `; max-age=${options.maxAge}`;
+        if (options.domain)
+            cookieString += `; domain=${options.domain}`;
+        if (options.path)
+            cookieString += `; path=${options.path}`;
+        if (options.secure)
+            cookieString += `; secure`;
+        if (options.sameSite)
+            cookieString += `; samesite=${options.sameSite}`;
+        return cookieString;
+    }
+    async set(name, value, options) {
+        try {
+            const serialized = typeof value === 'string' ? value : JSON.stringify(value);
+            const mergedOptions = { ...this.defaultOptions, ...options };
+            document.cookie = `${encodeURIComponent(name)}=${encodeURIComponent(serialized)}${this.serializeOptions(mergedOptions)}`;
+        }
+        catch (error) {
+            this.logger.error(`Error saving unencrypted cookie ${name}:`, error);
+        }
+    }
+    async get(name) {
+        try {
+            const nameEQ = encodeURIComponent(name) + '=';
+            const ca = document.cookie.split(';');
+            for (let i = 0; i < ca.length; i++) {
+                let c = ca[i];
+                while (c.charAt(0) === ' ')
+                    c = c.substring(1, c.length);
+                if (c.indexOf(nameEQ) === 0) {
+                    const decoded = decodeURIComponent(c.substring(nameEQ.length, c.length));
+                    try {
+                        return JSON.parse(decoded);
+                    }
+                    catch {
+                        return decoded;
+                    }
+                }
+            }
+            return null;
+        }
+        catch (error) {
+            this.logger.error(`Error reading unencrypted cookie ${name}:`, error);
+            return null;
+        }
+    }
+    async remove(name, options) {
+        const mergedOptions = { ...this.defaultOptions, ...options };
+        document.cookie = `${encodeURIComponent(name)}=${this.serializeOptions({ ...mergedOptions, expires: new Date(0), maxAge: 0 })}`;
+    }
+    clearAll() {
+        const cookies = document.cookie.split(';');
+        for (let i = 0; i < cookies.length; i++) {
+            const cookie = cookies[i];
+            const eqPos = cookie.indexOf('=');
+            const name = eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();
+            this.remove(decodeURIComponent(name));
+        }
+    }
+}
+
+/**
+ * Crea una instancia de manejador de cookies encriptadas.
+ * @param secretKey Llave secreta opcional para derivación de claves
+ * @param domain Dominio opcional (incluir punto inicial para subdominios ej. '.dominio.com')
+ * @param config Configuración adicional opcional
+ * @returns Instancia de SecureCookie
+ */
+function createEncryptedCookieManager(secretKey, domain, config) {
+    const mergedConfig = {
+        ...config,
+        encryption: {
+            ...config?.encryption,
+            ...(secretKey ? { appIdentifier: secretKey } : {})
+        },
+        cookieOptions: {
+            ...config?.cookieOptions,
+            ...(domain ? { domain } : {})
+        }
+    };
+    return SecureCookie.getInstance(mergedConfig);
+}
+/**
+ * Crea una instancia de manejador de cookies plano (sin cifrar).
+ * @param defaultOptions Opciones por defecto para las cookies (ej. domain)
+ * @returns Instancia de PlainCookie
+ */
+function createPlainCookieManager(defaultOptions) {
+    return new PlainCookie(defaultOptions);
+}
+
+/**
+ * Instancia predeterminada de almacenamiento local (sin cifrar).
+ */
+const localStore = createPlainStorage('localStorage');
+/**
+ * Instancia predeterminada de almacenamiento de sesión (sin cifrar).
+ */
+const sessionStore = createPlainStorage('sessionStorage');
+/**
+ * Instancia predeterminada de gestor de cookies (sin cifrar).
+ */
+const cookies = createPlainCookieManager();
+
 /**
  * @bantis/local-cipher - Core Module
  * Framework-agnostic client-side encryption for browser storage
@@ -1223,8 +1655,9 @@ async function forceMigration(customKeys) {
  */
 // Core classes
 const secureStorage = SecureStorage.getInstance();
+const secureCookie = SecureCookie.getInstance();
 // Version
-const VERSION = '2.1.0';
+const VERSION = '2.2.0';
 
-export { DEFAULT_CONFIG, EncryptionHelper, EventEmitter, KeyRotation, LIBRARY_VERSION, Logger, NamespacedStorage, STORAGE_VERSION, SecureStorage, VERSION, compress, debugEncryptionState, decompress, forceMigration, isCompressionSupported, secureStorage, shouldCompress };
+export { DEFAULT_CONFIG, EncryptionHelper, EventEmitter, KeyRotation, LIBRARY_VERSION, Logger, NamespacedStorage, PlainCookie, PlainStorage, STORAGE_VERSION, SecureCookie, SecureStorage, VERSION, compress, cookies, createEncryptedCookieManager, createEncryptedStorage, createPlainCookieManager, createPlainStorage, debugEncryptionState, decompress, forceMigration, isCompressionSupported, localStore, secureCookie, secureStorage, sessionStore, shouldCompress };
 //# sourceMappingURL=index.esm.js.map