@cedros/login-react 0.0.11 → 0.0.13

package/dist/components/templates/index.d.ts

@@ -1,4 +0,0 @@
-export { FullPageLayout } from './FullPageLayout';
-export type { FullPageLayoutProps } from './FullPageLayout';
-export { SplitPageLayout } from './SplitPageLayout';
-export type { SplitPageLayoutProps } from './SplitPageLayout';

package/dist/components/totp/OtpInput.d.ts

@@ -1,32 +0,0 @@
-/**
- * OTP Input component (shadcn-style)
- *
- * A 6-digit input with separate boxes for each digit,
- * designed for TOTP verification codes.
- */
-export interface OtpInputProps {
-    /** Current value (up to 6 digits) */
-    value?: string;
-    /** Called when the value changes */
-    onChange?: (value: string) => void;
-    /** Called when all 6 digits are entered */
-    onComplete?: (value: string) => void;
-    /** Whether the input is disabled */
-    disabled?: boolean;
-    /** Error message to display */
-    error?: string;
-    /** Auto-focus the first input on mount */
-    autoFocus?: boolean;
-    /** Additional CSS class */
-    className?: string;
-}
-/**
- * OTP input with separate boxes for each digit (shadcn pattern)
- *
- * Features:
- * - Auto-advances to next input on digit entry
- * - Backspace moves to previous input
- * - Supports paste of full code
- * - Numeric keyboard on mobile
- */
-export declare function OtpInput({ value, onChange, onComplete, disabled, error, autoFocus, className, }: OtpInputProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/totp/QrCode.d.ts

@@ -1,21 +0,0 @@
-/**
- * QR Code component for TOTP setup
- *
- * Generates QR codes client-side using the qrcode library.
- * SECURITY: Never sends the TOTP secret to external services.
- */
-export interface QrCodeProps {
-    /** The data to encode in the QR code (e.g., otpauth:// URL) */
-    value: string;
-    /** Size in pixels (width and height) */
-    size?: number;
-    /** Alt text for accessibility */
-    alt?: string;
-    /** Additional CSS class */
-    className?: string;
-}
-/**
- * Renders a QR code as a canvas element.
- * Generated entirely client-side for security.
- */
-export declare function QrCode({ value, size, alt, className }: QrCodeProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/totp/TotpSettings.d.ts

@@ -1,38 +0,0 @@
-/**
- * TOTP Settings component for managing two-factor authentication
- *
- * Allows users to:
- * - View current 2FA status
- * - Enable 2FA (via TotpSetup wizard)
- * - Disable 2FA (requires verification)
- * - Regenerate backup codes
- */
-export interface TotpSettingsProps {
-    /** Called when 2FA status changes */
-    onStatusChange?: (enabled: boolean) => void;
-    /** Additional CSS class */
-    className?: string;
-}
-/**
- * Two-factor authentication settings panel.
- *
- * Shows current 2FA status and provides controls for
- * enabling, disabling, and managing backup codes.
- *
- * @example
- * ```tsx
- * function SecuritySettings() {
- *   return (
- *     <div>
- *       <h2>Security</h2>
- *       <TotpSettings
- *         onStatusChange={(enabled) => {
- *           console.log('2FA is now', enabled ? 'enabled' : 'disabled');
- *         }}
- *       />
- *     </div>
- *   );
- * }
- * ```
- */
-export declare function TotpSettings({ onStatusChange, className }: TotpSettingsProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/totp/TotpSetup.d.ts

@@ -1,23 +0,0 @@
-/**
- * TOTP Setup component for enabling two-factor authentication
- *
- * Guides users through:
- * 1. Scanning QR code with authenticator app
- * 2. Saving backup codes
- * 3. Verifying setup with a code
- */
-export interface TotpSetupProps {
-    /** Called when setup is completed successfully */
-    onSuccess?: () => void;
-    /** Called when user cancels setup */
-    onCancel?: () => void;
-    /** Additional CSS class */
-    className?: string;
-}
-/**
- * Two-factor authentication setup wizard.
- *
- * Displays QR code for authenticator app scanning,
- * recovery codes for account recovery, and verification step.
- */
-export declare function TotpSetup({ onSuccess, onCancel, className }: TotpSetupProps): import("react/jsx-runtime").JSX.Element | null;

package/dist/components/totp/TotpVerify.d.ts

@@ -1,25 +0,0 @@
-/**
- * TOTP Verification component for login flow
- *
- * Displayed when a user with 2FA enabled needs to
- * enter their verification code to complete login.
- */
-export interface TotpVerifyProps {
-    /** Temporary token from password authentication */
-    mfaToken: string;
-    /** Email address (for display) */
-    email?: string;
-    /** Called when verification succeeds */
-    onSuccess?: () => void;
-    /** Called when user wants to go back */
-    onBack?: () => void;
-    /** Additional CSS class */
-    className?: string;
-}
-/**
- * Two-factor authentication verification for login.
- *
- * Accepts 6-digit codes from authenticator apps
- * or recovery codes for account recovery.
- */
-export declare function TotpVerify({ mfaToken, email, onSuccess, onBack, className, }: TotpVerifyProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/totp/index.d.ts

@@ -1,10 +0,0 @@
-export { OtpInput } from './OtpInput';
-export type { OtpInputProps } from './OtpInput';
-export { QrCode } from './QrCode';
-export type { QrCodeProps } from './QrCode';
-export { TotpSetup } from './TotpSetup';
-export type { TotpSetupProps } from './TotpSetup';
-export { TotpVerify } from './TotpVerify';
-export type { TotpVerifyProps } from './TotpVerify';
-export { TotpSettings } from './TotpSettings';
-export type { TotpSettingsProps } from './TotpSettings';

package/dist/components/wallet/CapabilityWarning.d.ts

@@ -1,11 +0,0 @@
-import { CryptoCapabilities } from '../../crypto';
-export interface CapabilityWarningProps {
-    /** Capability check results */
-    capabilities: CryptoCapabilities;
-    /** Optional class name */
-    className?: string;
-}
-/**
- * Warning display for missing capabilities
- */
-export declare function CapabilityWarning({ capabilities, className }: CapabilityWarningProps): import("react/jsx-runtime").JSX.Element | null;

package/dist/components/wallet/PasskeyPrompt.d.ts

@@ -1,34 +0,0 @@
-/**
- * Passkey prompt component for WebAuthn interactions
- *
- * Provides visual feedback during WebAuthn ceremonies:
- * - Registration of new passkeys
- * - Authentication with existing passkeys
- * - PRF extension operations
- */
-export interface PasskeyPromptProps {
-    /** Type of WebAuthn operation */
-    mode: 'register' | 'authenticate';
-    /** Whether the operation is in progress */
-    isLoading?: boolean;
-    /** Error message if operation failed */
-    error?: string;
-    /** Callback to trigger the operation */
-    onPrompt?: () => void;
-    /** Callback to retry after error */
-    onRetry?: () => void;
-    /** Callback to cancel the operation */
-    onCancel?: () => void;
-    /** Optional custom title */
-    title?: string;
-    /** Optional custom description */
-    description?: string;
-    /** Additional CSS classes */
-    className?: string;
-}
-/**
- * WebAuthn passkey interaction prompt
- *
- * Displays appropriate UI and messaging for passkey operations.
- */
-export declare function PasskeyPrompt({ mode, isLoading, error, onPrompt, onRetry, onCancel, title, description, className, }: PasskeyPromptProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/RecoveryPhraseDisplay.d.ts

@@ -1,18 +0,0 @@
-/**
- * Component to display BIP-39 recovery phrase
- *
- * Shows 12 words in a grid format with copy functionality.
- * Includes security warnings about storing the phrase safely.
- */
-export interface RecoveryPhraseDisplayProps {
-    /** Array of 12 mnemonic words */
-    words: string[];
-    /** Callback when user confirms they've saved the phrase */
-    onConfirm: () => void;
-    /** Optional class name */
-    className?: string;
-}
-/**
- * Display recovery phrase with security warnings
- */
-export declare function RecoveryPhraseDisplay({ words, onConfirm, className, }: RecoveryPhraseDisplayProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/RecoveryPhraseInput.d.ts

@@ -1,21 +0,0 @@
-/**
- * Component for entering BIP-39 recovery phrase
- *
- * Provides input fields for 12 words with validation and autocomplete.
- */
-export interface RecoveryPhraseInputProps {
-    /** Callback when valid phrase is entered */
-    onSubmit: (words: string[]) => void;
-    /** Callback to cancel */
-    onCancel?: () => void;
-    /** Whether submission is in progress */
-    isSubmitting?: boolean;
-    /** Error message to display */
-    error?: string;
-    /** Optional class name */
-    className?: string;
-}
-/**
- * Input form for recovery phrase
- */
-export declare function RecoveryPhraseInput({ onSubmit, onCancel, isSubmitting, error, className, }: RecoveryPhraseInputProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletAddressRow.d.ts

@@ -1,10 +0,0 @@
-export interface WalletAddressRowProps {
-    address: string;
-    label?: string;
-    showCopy?: boolean;
-    showExplorerLink?: boolean;
-    /** If address is long, show a truncated preview with a reveal toggle. */
-    allowReveal?: boolean;
-    className?: string;
-}
-export declare function WalletAddressRow({ address, label, showCopy, showExplorerLink, allowReveal, className, }: WalletAddressRowProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletEnrollment.d.ts

@@ -1,15 +0,0 @@
-import { ShareAAuthMethod } from '../../types/wallet';
-export interface WalletEnrollmentProps {
-    /** Callback when enrollment completes */
-    onComplete?: (solanaPubkey: string) => void;
-    /** Callback to cancel enrollment */
-    onCancel?: () => void;
-    /** Optional class name */
-    className?: string;
-    /** Force a specific auth method (otherwise auto-detected) */
-    forceAuthMethod?: ShareAAuthMethod;
-}
-/**
- * Wallet enrollment wizard
- */
-export declare function WalletEnrollment({ onComplete, onCancel, className, forceAuthMethod, }: WalletEnrollmentProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletManager.d.ts

@@ -1,9 +0,0 @@
-export interface WalletManagerProps {
-    className?: string;
-    showActions?: boolean;
-}
-/**
- * Orchestrates embedded wallet flows in one cohesive surface:
- * status -> enroll/unlock/recover.
- */
-export declare function WalletManager({ className, showActions }: WalletManagerProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletRecovery.d.ts

@@ -1,19 +0,0 @@
-import { ShareAAuthMethod } from '../../types/wallet';
-export interface WalletRecoveryProps {
-    /** Callback when recovery completes successfully */
-    onComplete?: () => void;
-    /** Callback when user cancels recovery */
-    onCancel?: () => void;
-    /** Additional CSS classes */
-    className?: string;
-    /** Default auth method (optional) */
-    defaultAuthMethod?: ShareAAuthMethod;
-}
-/**
- * Wallet recovery wizard
- *
- * Two-phase flow:
- * 1. Enter recovery phrase
- * 2. Enter new credential (password/passkey)
- */
-export declare function WalletRecovery({ onComplete, onCancel, className, defaultAuthMethod, }: WalletRecoveryProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletStatus.d.ts

@@ -1,28 +0,0 @@
-import { WalletStatus as WalletStatusType } from '../../types/wallet';
-export interface WalletStatusProps {
-    /** Controlled mode: Override wallet status (for demos/stories) */
-    status?: WalletStatusType;
-    /** Controlled mode: Override public key display */
-    publicKey?: string;
-    /** Controlled mode: Override lock state */
-    onLock?: () => void;
-    /** Callback when user wants to create a wallet */
-    onEnroll?: () => void;
-    /** Callback when user wants to unlock wallet */
-    onUnlock?: () => void;
-    /** Callback when user wants to recover wallet */
-    onRecover?: () => void;
-    /** Whether to show action buttons */
-    showActions?: boolean;
-    /** Compact display mode */
-    compact?: boolean;
-    /** Additional CSS classes */
-    className?: string;
-}
-/**
- * Wallet status indicator
- *
- * Shows current wallet state with optional action buttons.
- * Pass `status` prop to use in controlled mode (bypasses hook).
- */
-export declare function WalletStatus({ status: controlledStatus, publicKey: controlledPubkey, onLock: _onLock, onEnroll, onUnlock, onRecover, showActions, compact, className, }: WalletStatusProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/WalletUnlock.d.ts

@@ -1,23 +0,0 @@
-import { ShareAAuthMethod } from '../../types/wallet';
-export interface WalletUnlockProps {
-    /** Callback when wallet is successfully unlocked */
-    onUnlock?: () => void;
-    /** Callback when unlock is cancelled */
-    onCancel?: () => void;
-    /** Whether to show the cancel button */
-    showCancel?: boolean;
-    /** The wallet's auth method (if known) */
-    authMethod?: ShareAAuthMethod;
-    /** Additional CSS classes */
-    className?: string;
-}
-/**
- * Wallet unlock form
- *
- * Simple single-credential flow:
- * - Password users: Enter password
- * - Passkey users: Authenticate with passkey
- *
- * Server validates credential and caches derived key for session signing.
- */
-export declare function WalletUnlock({ onUnlock, onCancel, showCancel, authMethod: propAuthMethod, className, }: WalletUnlockProps): import("react/jsx-runtime").JSX.Element;

package/dist/components/wallet/index.d.ts

@@ -1,23 +0,0 @@
-/**
- * Wallet component exports
- */
-export { RecoveryPhraseDisplay } from './RecoveryPhraseDisplay';
-export type { RecoveryPhraseDisplayProps } from './RecoveryPhraseDisplay';
-export { RecoveryPhraseInput } from './RecoveryPhraseInput';
-export type { RecoveryPhraseInputProps } from './RecoveryPhraseInput';
-export { CapabilityWarning } from './CapabilityWarning';
-export type { CapabilityWarningProps } from './CapabilityWarning';
-export { WalletEnrollment } from './WalletEnrollment';
-export type { WalletEnrollmentProps } from './WalletEnrollment';
-export { WalletUnlock } from './WalletUnlock';
-export type { WalletUnlockProps } from './WalletUnlock';
-export { WalletRecovery } from './WalletRecovery';
-export type { WalletRecoveryProps } from './WalletRecovery';
-export { WalletManager } from './WalletManager';
-export type { WalletManagerProps } from './WalletManager';
-export { WalletStatus } from './WalletStatus';
-export type { WalletStatusProps } from './WalletStatus';
-export { WalletAddressRow } from './WalletAddressRow';
-export type { WalletAddressRowProps } from './WalletAddressRow';
-export { PasskeyPrompt } from './PasskeyPrompt';
-export type { PasskeyPromptProps } from './PasskeyPrompt';

package/dist/components/webauthn/PasskeyLoginButton.d.ts

@@ -1,8 +0,0 @@
-import { ReactNode } from 'react';
-export interface PasskeyLoginButtonProps {
-    onSuccess?: () => void;
-    className?: string;
-    children?: ReactNode;
-    disabled?: boolean;
-}
-export declare function PasskeyLoginButton({ onSuccess, className, children, disabled, }: PasskeyLoginButtonProps): import("react/jsx-runtime").JSX.Element;

package/dist/context/CedrosLoginContext.d.ts

@@ -1,24 +0,0 @@
-import { CedrosLoginConfig, AuthUser, AuthState, AuthError, TokenPair } from '../types';
-/**
- * Internal helpers for auth hooks (not part of public API)
- */
-export interface CedrosLoginInternalAPI {
-    handleLoginSuccess: (user: AuthUser, tokens?: TokenPair) => void;
-    getAccessToken: () => string | null;
-}
-/**
- * Context value provided by CedrosLoginProvider
- */
-export interface CedrosLoginContextValue {
-    config: CedrosLoginConfig;
-    user: AuthUser | null;
-    authState: AuthState;
-    error: AuthError | null;
-    logout: () => Promise<void>;
-    refreshUser: () => Promise<void>;
-    isModalOpen: boolean;
-    openModal: () => void;
-    closeModal: () => void;
-    _internal?: CedrosLoginInternalAPI;
-}
-export declare const CedrosLoginContext: import('react').Context<CedrosLoginContextValue | null>;

package/dist/context/CedrosLoginProvider.d.ts

@@ -1,17 +0,0 @@
-import { ReactNode } from 'react';
-import { CedrosLoginConfig } from '../types';
-export interface CedrosLoginProviderProps {
-    config: CedrosLoginConfig;
-    children: ReactNode;
-}
-/**
- * Provider component that wraps your app and provides authentication context.
- *
- * @example
- * ```tsx
- * <CedrosLoginProvider config={{ serverUrl: 'https://api.example.com' }}>
- *   <App />
- * </CedrosLoginProvider>
- * ```
- */
-export declare function CedrosLoginProvider({ config, children }: CedrosLoginProviderProps): import("react/jsx-runtime").JSX.Element;

package/dist/context/EmbeddedWalletExposure.d.ts

@@ -1,19 +0,0 @@
-/**
- * Internal component that exposes embedded wallet availability
- *
- * This component must be rendered inside CedrosLoginProvider since
- * it uses hooks that depend on the login context.
- *
- * @internal
- */
-/**
- * Exposes embedded wallet availability via window global when enabled
- *
- * Only exposes info when:
- * 1. config.wallet.exposeAvailability is true
- * 2. User is logged in
- * 3. Wallet status is known
- *
- * @internal
- */
-export declare function EmbeddedWalletExposure(): null;

package/dist/context/useCedrosLogin.d.ts

@@ -1,12 +0,0 @@
-import { CedrosLoginContextValue } from './CedrosLoginContext';
-/**
- * Hook to access the Cedros Login context.
- * Must be used within a CedrosLoginProvider.
- */
-export declare function useCedrosLogin(): CedrosLoginContextValue;
-/**
- * Optional version of useCedrosLogin that returns null instead of throwing
- * when used outside a CedrosLoginProvider. Useful for components that need
- * to work in both provider and non-provider contexts (e.g., Storybook demos).
- */
-export declare function useCedrosLoginOptional(): CedrosLoginContextValue | null;

package/dist/crypto/aesGcm.d.ts

@@ -1,89 +0,0 @@
-import { EncryptionKey, AesNonce } from './types';
-/** Result of AES-GCM encryption */
-export interface AesGcmEncryptResult {
-    /** Ciphertext including authentication tag */
-    ciphertext: Uint8Array;
-    /** 12-byte nonce used */
-    nonce: AesNonce;
-}
-/**
- * Encrypt plaintext using AES-256-GCM
- *
- * @param plaintext - Data to encrypt
- * @param key - 32-byte encryption key
- * @param nonce - Optional 12-byte nonce (generated if not provided)
- * @returns Ciphertext and nonce
- * @throws Error if encryption fails
- */
-export declare function aesGcmEncrypt(plaintext: Uint8Array, key: EncryptionKey, nonce?: AesNonce): Promise<AesGcmEncryptResult>;
-/**
- * Decrypt ciphertext using AES-256-GCM
- *
- * @param ciphertext - Data to decrypt (includes auth tag)
- * @param key - 32-byte encryption key
- * @param nonce - 12-byte nonce used during encryption
- * @returns Decrypted plaintext
- * @throws Error if decryption or authentication fails
- */
-export declare function aesGcmDecrypt(ciphertext: Uint8Array, key: EncryptionKey, nonce: AesNonce): Promise<Uint8Array>;
-/**
- * Encrypt plaintext and return base64-encoded results
- *
- * @param plaintext - Data to encrypt
- * @param key - 32-byte encryption key
- * @returns Base64-encoded ciphertext and nonce
- */
-export declare function aesGcmEncryptToBase64(plaintext: Uint8Array, key: EncryptionKey): Promise<{
-    ciphertext: string;
-    nonce: string;
-}>;
-/**
- * Decrypt base64-encoded ciphertext
- *
- * @param ciphertextB64 - Base64-encoded ciphertext
- * @param nonceB64 - Base64-encoded nonce
- * @param key - 32-byte encryption key
- * @returns Decrypted plaintext
- */
-export declare function aesGcmDecryptFromBase64(ciphertextB64: string, nonceB64: string, key: EncryptionKey): Promise<Uint8Array>;
-/**
- * Encrypt with automatic key derivation from password
- *
- * This is a convenience wrapper that combines Argon2 KDF with AES-GCM.
- * For more control, use argon2 and aesGcmEncrypt separately.
- *
- * @param plaintext - Data to encrypt
- * @param passwordKey - Key derived from password via Argon2
- * @returns Encrypted result with nonce
- */
-export declare function encryptWithPasswordKey(plaintext: Uint8Array, passwordKey: Uint8Array): Promise<AesGcmEncryptResult>;
-/**
- * Decrypt with password-derived key
- *
- * @param ciphertext - Data to decrypt
- * @param nonce - Nonce used during encryption
- * @param passwordKey - Key derived from password via Argon2
- * @returns Decrypted plaintext
- */
-export declare function decryptWithPasswordKey(ciphertext: Uint8Array, nonce: AesNonce, passwordKey: Uint8Array): Promise<Uint8Array>;
-/**
- * Convert Uint8Array to base64 string
- *
- * MAINT-01: Uses chunked String.fromCharCode for O(n) performance.
- * Simple concatenation (`binary += char`) would be O(n²).
- */
-export declare function uint8ArrayToBase64(bytes: Uint8Array): string;
-/**
- * Convert base64 string to Uint8Array
- *
- * @throws Error if input is not valid base64
- */
-export declare function base64ToUint8Array(base64: string): Uint8Array;
-/**
- * Encrypt and securely wipe plaintext after encryption
- *
- * @param plaintext - Data to encrypt (will be wiped)
- * @param key - Encryption key
- * @returns Encrypted result
- */
-export declare function encryptAndWipe(plaintext: Uint8Array, key: EncryptionKey): Promise<AesGcmEncryptResult>;

package/dist/crypto/argon2.d.ts

@@ -1,65 +0,0 @@
-import { EncryptionKey, Argon2Salt, KdfParams } from './types';
-/**
- * Derive an encryption key from a password using Argon2id
- *
- * @security H-01: The password string cannot be wiped from memory after use.
- * For sensitive applications, prefer argon2DeriveFromBytes() which accepts
- * Uint8Array that CAN be securely wiped.
- *
- * @param password - User password or PIN
- * @param salt - Unique salt (16+ bytes)
- * @param params - KDF parameters (memory, time, parallelism)
- * @returns 32-byte encryption key
- */
-export declare function argon2Derive(password: string, salt: Argon2Salt, params?: KdfParams): Promise<EncryptionKey>;
-/**
- * Derive key from password bytes (for non-string passwords like PINs)
- *
- * @param passwordBytes - Password as bytes
- * @param salt - Unique salt
- * @param params - KDF parameters
- * @returns 32-byte encryption key
- */
-export declare function argon2DeriveFromBytes(passwordBytes: Uint8Array, salt: Argon2Salt, params?: KdfParams): Promise<EncryptionKey>;
-/**
- * Validate KDF parameters are within safe bounds
- *
- * Prevents DoS attacks via excessive resource consumption.
- *
- * @param params - Parameters to validate
- * @throws Error if parameters are out of bounds
- */
-export declare function validateKdfParams(params: KdfParams): void;
-/**
- * Check if Argon2 WASM is available and working
- *
- * @returns true if Argon2 can be used
- */
-export declare function isArgon2Supported(): Promise<boolean>;
-/**
- * Verify a password against stored parameters
- *
- * This is primarily for testing/validation, not for authentication
- * (the server handles authentication).
- *
- * M-06: Timing Leak Note
- * The length check at the start of comparison returns early on mismatch,
- * creating a timing side-channel. This is acceptable because:
- * 1. Server handles real authentication (not this client-side code)
- * 2. Key lengths are fixed (32 bytes), so mismatch indicates corruption not attack
- * 3. Argon2 derivation dominates timing regardless of comparison path
- *
- * @param password - Password to verify
- * @param salt - Salt used during original derivation
- * @param params - KDF parameters used
- * @param expectedKey - Expected derived key
- * @returns true if password produces the same key
- */
-export declare function verifyPassword(password: string, salt: Argon2Salt, params: KdfParams, expectedKey: Uint8Array): Promise<boolean>;
-/**
- * Get recommended KDF parameters based on target duration
- *
- * @param targetMs - Target duration in milliseconds (default: 500ms)
- * @returns Recommended parameters
- */
-export declare function getRecommendedParams(targetMs?: number): KdfParams;

package/dist/crypto/argon2Worker.d.ts

@@ -1 +0,0 @@
-export {};

package/dist/crypto/argon2WorkerClient.d.ts

@@ -1,28 +0,0 @@
-import { Argon2Salt, EncryptionKey, KdfParams } from './types';
-/**
- * Derive an encryption key from password using Argon2id in a Web Worker.
- *
- * Offloads CPU-intensive Argon2id KDF to a background thread to avoid
- * blocking the main thread. Falls back to synchronous derivation if
- * Web Workers are not available.
- *
- * @param password - User's password
- * @param salt - 16-byte random salt
- * @param params - KDF parameters (memory, iterations, parallelism)
- * @returns 32-byte encryption key
- *
- * @security **CALLER MUST WIPE RETURNED KEY AFTER USE**
- * The returned key contains sensitive cryptographic material.
- * Callers are responsible for wiping it when no longer needed:
- * ```ts
- * const key = await argon2DeriveInWorker(password, salt);
- * try {
- *   // use key for encryption/decryption
- * } finally {
- *   wipeBytes(key);
- * }
- * ```
- * Failure to wipe may leave key material in memory, vulnerable to memory
- * dump attacks.
- */
-export declare function argon2DeriveInWorker(password: string, salt: Argon2Salt, params?: KdfParams): Promise<EncryptionKey>;