@digitaldefiance/secrets 2.0.3

package/dist/umd/node-types.js

@@ -0,0 +1,201 @@
+// Node.js-specific type definitions and error handling
+// Provides enhanced typing for Node.js crypto APIs and environment-specific behavior
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+(function (factory) {
+    if (typeof module === "object" && typeof module.exports === "object") {
+        var v = factory(require, exports);
+        if (v !== undefined) module.exports = v;
+    }
+    else if (typeof define === "function" && define.amd) {
+        define(["require", "exports", "./errors"], factory);
+    }
+})(function (require, exports) {
+    "use strict";
+    Object.defineProperty(exports, "__esModule", { value: true });
+    exports.NodeEnvironmentError = exports.NodeCryptoError = void 0;
+    exports.isNodeBuffer = isNodeBuffer;
+    exports.isNodeEnvironment = isNodeEnvironment;
+    exports.getNodeCrypto = getNodeCrypto;
+    exports.hasNodeCryptoRandomBytes = hasNodeCryptoRandomBytes;
+    exports.createNodeRNG = createNodeRNG;
+    exports.createNodeCryptoEnvironment = createNodeCryptoEnvironment;
+    exports.validateNodeBuffer = validateNodeBuffer;
+    exports.requireNodeCrypto = requireNodeCrypto;
+    var errors_1 = require("./errors");
+    /**
+     * Node.js Buffer type guard
+     */
+    function isNodeBuffer(value) {
+        return value !== null &&
+            typeof value === 'object' &&
+            'length' in value &&
+            typeof value.readUInt8 === 'function';
+    }
+    // ============================================================================
+    // Node.js Environment Detection
+    // ============================================================================
+    /**
+     * Detects if the current environment is Node.js
+     * @returns true if running in Node.js, false otherwise
+     */
+    function isNodeEnvironment() {
+        return typeof process !== 'undefined' &&
+            process.versions != null &&
+            process.versions.node != null;
+    }
+    /**
+     * Attempts to load the Node.js crypto module
+     * @returns NodeCryptoModule if available, null otherwise
+     */
+    function getNodeCrypto() {
+        if (!isNodeEnvironment()) {
+            return null;
+        }
+        try {
+            // Dynamic require to avoid bundler issues
+            var crypto_1 = require('crypto');
+            if (typeof crypto_1 === 'object' && typeof crypto_1.randomBytes === 'function') {
+                return crypto_1;
+            }
+            return null;
+        }
+        catch (error) {
+            return null;
+        }
+    }
+    /**
+     * Checks if Node.js crypto.randomBytes is available
+     * @returns true if crypto.randomBytes is available
+     */
+    function hasNodeCryptoRandomBytes() {
+        var crypto = getNodeCrypto();
+        return crypto !== null && typeof crypto.randomBytes === 'function';
+    }
+    // ============================================================================
+    // Node.js-Specific Error Types
+    // ============================================================================
+    /**
+     * Error thrown when Node.js crypto operations fail
+     */
+    var NodeCryptoError = /** @class */ (function (_super) {
+        __extends(NodeCryptoError, _super);
+        function NodeCryptoError(operation, reason, originalError) {
+            var _this = _super.call(this, operation, "Node.js crypto error: ".concat(reason)) || this;
+            _this.originalError = originalError;
+            _this.name = 'NodeCryptoError';
+            if (originalError && Error.captureStackTrace) {
+                Error.captureStackTrace(_this, NodeCryptoError);
+            }
+            return _this;
+        }
+        return NodeCryptoError;
+    }(errors_1.CryptoError));
+    exports.NodeCryptoError = NodeCryptoError;
+    /**
+     * Error thrown when Node.js environment is required but not available
+     */
+    var NodeEnvironmentError = /** @class */ (function (_super) {
+        __extends(NodeEnvironmentError, _super);
+        function NodeEnvironmentError(feature) {
+            var _this = _super.call(this, 'environment_check', "Feature '".concat(feature, "' requires Node.js environment but is not available")) || this;
+            _this.name = 'NodeEnvironmentError';
+            return _this;
+        }
+        return NodeEnvironmentError;
+    }(errors_1.CryptoError));
+    exports.NodeEnvironmentError = NodeEnvironmentError;
+    // ============================================================================
+    // Node.js RNG Implementation
+    // ============================================================================
+    /**
+     * Creates a Node.js-specific RNG function using crypto.randomBytes
+     * @param crypto - Node.js crypto module
+     * @returns RNG function that generates random binary strings
+     * @throws {NodeCryptoError} If random byte generation fails
+     */
+    function createNodeRNG(crypto) {
+        return function nodeCryptoRandomBytes(bits) {
+            if (typeof bits !== 'number' || bits <= 0 || bits % 1 !== 0) {
+                throw new NodeCryptoError('randomBytes', "Invalid bits parameter: ".concat(bits, ". Must be a positive integer."));
+            }
+            var bytes = Math.ceil(bits / 8);
+            try {
+                var buffer = crypto.randomBytes(bytes);
+                // Convert buffer to hex string
+                var hex = '';
+                for (var i = 0; i < buffer.length; i++) {
+                    var byte = buffer[i].toString(16);
+                    hex += byte.length === 1 ? '0' + byte : byte;
+                }
+                // Convert hex to binary
+                var binary = '';
+                for (var i = 0; i < hex.length; i++) {
+                    var num = parseInt(hex[i], 16);
+                    var bin = num.toString(2);
+                    binary += '0000'.substring(bin.length) + bin;
+                }
+                // Return exactly the requested number of bits
+                return binary.substring(0, bits);
+            }
+            catch (error) {
+                throw new NodeCryptoError('randomBytes', 'Failed to generate random bytes', error);
+            }
+        };
+    }
+    /**
+     * Creates a Node.js crypto environment descriptor
+     * @returns NodeCryptoEnvironment if Node.js crypto is available, null otherwise
+     */
+    function createNodeCryptoEnvironment() {
+        var crypto = getNodeCrypto();
+        if (!crypto) {
+            return null;
+        }
+        return {
+            type: 'node',
+            crypto: crypto,
+            rngType: 'nodeCryptoRandomBytes',
+            rng: createNodeRNG(crypto)
+        };
+    }
+    // ============================================================================
+    // Type Validation for Node.js
+    // ============================================================================
+    /**
+     * Validates that a value is a valid Node.js Buffer
+     * @param value - Value to validate
+     * @param paramName - Parameter name for error messages
+     * @throws {NodeCryptoError} If value is not a valid Buffer
+     */
+    function validateNodeBuffer(value, paramName) {
+        if (!isNodeBuffer(value)) {
+            throw new NodeCryptoError('validation', "Parameter '".concat(paramName, "' must be a Node.js Buffer"));
+        }
+    }
+    /**
+     * Validates that Node.js crypto is available
+     * @throws {NodeEnvironmentError} If Node.js crypto is not available
+     */
+    function requireNodeCrypto() {
+        var crypto = getNodeCrypto();
+        if (!crypto) {
+            throw new NodeEnvironmentError('crypto.randomBytes');
+        }
+        return crypto;
+    }
+});
+//# sourceMappingURL=node-types.js.map

package/dist/umd/node-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"node-types.js","sourceRoot":"","sources":["../../src/node-types.ts"],"names":[],"mappings":"AAAA,uDAAuD;AACvD,qFAAqF;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAiCrF,oCAKC;IAUD,8CAIC;IAMD,sCAiBC;IAMD,4DAGC;IA2CD,sCAwCC;IAgBD,kEAaC;IAYD,gDAOC;IAMD,8CAQC;IAlOD,mCAAuC;IA2BvC;;OAEG;IACH,SAAgB,YAAY,CAAC,KAAc;QACzC,OAAO,KAAK,KAAK,IAAI;YACd,OAAO,KAAK,KAAK,QAAQ;YACzB,QAAQ,IAAI,KAAK;YACjB,OAAQ,KAAa,CAAC,SAAS,KAAK,UAAU,CAAC;IACxD,CAAC;IAED,+EAA+E;IAC/E,gCAAgC;IAChC,+EAA+E;IAE/E;;;OAGG;IACH,SAAgB,iBAAiB;QAC/B,OAAO,OAAO,OAAO,KAAK,WAAW;YAC9B,OAAO,CAAC,QAAQ,IAAI,IAAI;YACxB,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC;IACvC,CAAC;IAED;;;OAGG;IACH,SAAgB,aAAa;QAC3B,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,0CAA0C;YAC1C,IAAM,QAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;YAEjC,IAAI,OAAO,QAAM,KAAK,QAAQ,IAAI,OAAO,QAAM,CAAC,WAAW,KAAK,UAAU,EAAE,CAAC;gBAC3E,OAAO,QAA0B,CAAC;YACpC,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,SAAgB,wBAAwB;QACtC,IAAM,MAAM,GAAG,aAAa,EAAE,CAAC;QAC/B,OAAO,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,CAAC,WAAW,KAAK,UAAU,CAAC;IACrE,CAAC;IAED,+EAA+E;IAC/E,+BAA+B;IAC/B,+EAA+E;IAE/E;;OAEG;IACH;QAAqC,mCAAW;QAC9C,yBAAY,SAAiB,EAAE,MAAc,EAAkB,aAAqB;YAClF,YAAA,MAAK,YAAC,SAAS,EAAE,gCAAyB,MAAM,CAAE,CAAC,SAAC;YADS,mBAAa,GAAb,aAAa,CAAQ;YAElF,KAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;YAE9B,IAAI,aAAa,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;gBAC7C,KAAK,CAAC,iBAAiB,CAAC,KAAI,EAAE,eAAe,CAAC,CAAC;YACjD,CAAC;;QACH,CAAC;QACH,sBAAC;IAAD,CAAC,AATD,CAAqC,oBAAW,GAS/C;IATY,0CAAe;IAW5B;;OAEG;IACH;QAA0C,wCAAW;QACnD,8BAAY,OAAe;YACzB,YAAA,MAAK,YACH,mBAAmB,EACnB,mBAAY,OAAO,wDAAqD,CACzE,SAAC;YACF,KAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;;QACrC,CAAC;QACH,2BAAC;IAAD,CAAC,AARD,CAA0C,oBAAW,GAQpD;IARY,oDAAoB;IAUjC,+EAA+E;IAC/E,6BAA6B;IAC7B,+EAA+E;IAE/E;;;;;OAKG;IACH,SAAgB,aAAa,CAAC,MAAwB;QACpD,OAAO,SAAS,qBAAqB,CAAC,IAAY;YAChD,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5D,MAAM,IAAI,eAAe,CACvB,aAAa,EACb,kCAA2B,IAAI,kCAA+B,CAC/D,CAAC;YACJ,CAAC;YAED,IAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAElC,IAAI,CAAC;gBACH,IAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBAEzC,+BAA+B;gBAC/B,IAAI,GAAG,GAAG,EAAE,CAAC;gBACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACvC,IAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;oBACpC,GAAG,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC/C,CAAC;gBAED,wBAAwB;gBACxB,IAAI,MAAM,GAAG,EAAE,CAAC;gBAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACpC,IAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACjC,IAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBAC5B,MAAM,IAAI,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;gBAC/C,CAAC;gBAED,8CAA8C;gBAC9C,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAEnC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,eAAe,CACvB,aAAa,EACb,iCAAiC,EACjC,KAAc,CACf,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC;IAYD;;;OAGG;IACH,SAAgB,2BAA2B;QACzC,IAAM,MAAM,GAAG,aAAa,EAAE,CAAC;QAE/B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,QAAA;YACN,OAAO,EAAE,uBAAuB;YAChC,GAAG,EAAE,aAAa,CAAC,MAAM,CAAC;SAC3B,CAAC;IACJ,CAAC;IAED,+EAA+E;IAC/E,8BAA8B;IAC9B,+EAA+E;IAE/E;;;;;OAKG;IACH,SAAgB,kBAAkB,CAAC,KAAc,EAAE,SAAiB;QAClE,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,eAAe,CACvB,YAAY,EACZ,qBAAc,SAAS,+BAA4B,CACpD,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,SAAgB,iBAAiB;QAC/B,IAAM,MAAM,GAAG,aAAa,EAAE,CAAC;QAE/B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,oBAAoB,CAAC,oBAAoB,CAAC,CAAC;QACvD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC"}

package/dist/umd/secrets.d.ts

@@ -0,0 +1,262 @@
+import type { BinaryString, CSPRNGType, HexString, RNGFunction, SecretsConfig, Share, ShareComponents, Shares } from './types';
+declare global {
+    interface Window {
+        secrets: typeof SecretsLibrary;
+    }
+}
+declare function reset(): void;
+declare function isSetRNG(): boolean;
+declare function padLeft(str: string, multipleOfBits?: number): string;
+declare function hex2bin(str: string): BinaryString;
+declare function bin2hex(str: BinaryString): HexString;
+declare function bytesToHex(bytes: Uint8Array | Buffer): HexString;
+declare function hasCryptoGetRandomValues(): boolean;
+declare function hasCryptoRandomBytes(): boolean;
+declare function getRNG(type?: CSPRNGType): RNGFunction | undefined;
+declare function splitNumStringToIntArray(str: string, padLength?: number): number[];
+declare function horner(x: number, coeffs: number[]): number;
+declare function lagrange(at: number, x: number[], y: number[]): number;
+declare function getShares(secret: number, numShares: number, threshold: number): Share[];
+declare function constructPublicShareString(bits: number | string, id: number | string, data: string): string;
+declare const SecretsLibrary: {
+    /**
+     * Initialize the secrets library with specified bit length and RNG type.
+     *
+     * This function sets up the Galois Field arithmetic tables (logs and exps)
+     * required for Shamir's Secret Sharing. It must be called before using
+     * share() or combine() operations.
+     *
+     * @param bits - Number of bits for the Galois Field (between 3 and 20, default 8).
+     *               Determines the maximum number of shares (2^bits - 1).
+     * @param rngType - Type of cryptographically secure random number generator to use.
+     *                  If not specified, automatically detects the best available CSPRNG.
+     * @throws {Error} If bits is not an integer between 3 and 20, inclusive.
+     * @throws {Error} If rngType is invalid or RNG initialization fails.
+     * @throws {Error} If initialization fails for any reason.
+     *
+     * @example
+     * ```typescript
+     * // Initialize with default 8 bits (max 255 shares)
+     * secrets.init();
+     *
+     * // Initialize with 10 bits (max 1023 shares)
+     * secrets.init(10);
+     *
+     * // Initialize with specific RNG type
+     * secrets.init(8, 'nodeCryptoRandomBytes');
+     * ```
+     */
+    init(bits?: number, rngType?: CSPRNGType): void;
+    /**
+     * Combine shares to reconstruct the original secret.
+     *
+     * Uses Lagrange interpolation to reconstruct the secret from a threshold
+     * number of shares. The shares must have been created with the same bit
+     * configuration.
+     *
+     * @param shares - Array of share strings to combine. Must contain at least
+     *                 the threshold number of shares used during secret creation.
+     * @param at - Point at which to evaluate the polynomial (default 0 for secret recovery).
+     *             Use non-zero values to generate new shares.
+     * @returns The reconstructed secret as a hexadecimal string.
+     * @throws {Error} If shares have mismatched bit settings.
+     * @throws {Error} If share format is invalid.
+     *
+     * @example
+     * ```typescript
+     * const shares = secrets.share('deadbeef', 5, 3);
+     * const secret = secrets.combine(shares.slice(0, 3));
+     * console.log(secret); // 'deadbeef'
+     * ```
+     */
+    combine(shares: Shares | string[], at?: number): string;
+    /**
+     * Get the current configuration of the secrets library.
+     *
+     * Returns information about the current Galois Field configuration,
+     * including bit length, radix, maximum shares, and RNG status.
+     *
+     * @returns Configuration object with current settings.
+     *
+     * @example
+     * ```typescript
+     * const config = secrets.getConfig();
+     * console.log(`Max shares: ${config.maxShares}`);
+     * console.log(`Has CSPRNG: ${config.hasCSPRNG}`);
+     * console.log(`RNG Type: ${config.typeCSPRNG}`);
+     * ```
+     */
+    getConfig(): SecretsConfig;
+    /**
+     * Extract the components from a public share string.
+     *
+     * Parses a share string to extract the bit configuration, share ID,
+     * and share data. Useful for inspecting shares or validating share format.
+     *
+     * @param share - The share string to parse.
+     * @returns Object containing bits, id, and data components.
+     * @throws {Error} If share format is invalid.
+     * @throws {Error} If share ID is out of valid range.
+     *
+     * @example
+     * ```typescript
+     * const shares = secrets.share('abc123', 5, 3);
+     * const components = secrets.extractShareComponents(shares[0]);
+     * console.log(`Bits: ${components.bits}`);
+     * console.log(`ID: ${components.id}`);
+     * console.log(`Data: ${components.data}`);
+     * ```
+     */
+    extractShareComponents(share: string): ShareComponents;
+    /**
+     * Set the random number generator to use for share generation.
+     *
+     * Allows specifying a custom RNG or selecting a specific CSPRNG type.
+     * If no argument is provided, automatically detects and uses the best
+     * available CSPRNG for the current environment.
+     *
+     * @param rng - Either a CSPRNG type string or a custom RNG function.
+     *              Custom functions must return a binary string of specified length.
+     * @returns True if RNG was successfully set.
+     * @throws {Error} If RNG type is invalid.
+     * @throws {Error} If custom RNG function fails validation tests.
+     *
+     * @example
+     * ```typescript
+     * // Use specific CSPRNG type
+     * secrets.setRNG('nodeCryptoRandomBytes');
+     *
+     * // Use custom RNG function
+     * secrets.setRNG((bits) => {
+     *   // Return binary string of specified length
+     *   return customRandomBits(bits);
+     * });
+     * ```
+     */
+    setRNG(rng?: CSPRNGType | RNGFunction): boolean;
+    /**
+     * Convert a UTF-16 string to hexadecimal representation.
+     *
+     * Each character is represented by bytesPerChar bytes in the output.
+     * Useful for converting text secrets to hex format before sharing.
+     *
+     * @param str - The string to convert to hexadecimal.
+     * @param bytesPerChar - Number of bytes per character (1-6, default 2).
+     *                       Higher values support larger character codes.
+     * @returns Hexadecimal string representation.
+     * @throws {Error} If input is not a string.
+     * @throws {Error} If bytesPerChar is not an integer between 1 and 6.
+     * @throws {Error} If character code exceeds maximum for bytesPerChar.
+     *
+     * @example
+     * ```typescript
+     * const hex = secrets.str2hex('Hello');
+     * const shares = secrets.share(hex, 5, 3);
+     * ```
+     */
+    str2hex(str: string, bytesPerChar?: number): HexString;
+    /**
+     * Convert a hexadecimal string to UTF-16 string representation.
+     *
+     * Reverses the str2hex operation. Each bytesPerChar bytes in the input
+     * represents one character in the output.
+     *
+     * @param str - The hexadecimal string to convert.
+     * @param bytesPerChar - Number of bytes per character (1-6, default 2).
+     *                       Must match the value used in str2hex.
+     * @returns UTF-16 string representation.
+     * @throws {Error} If input is not a hexadecimal string.
+     * @throws {Error} If bytesPerChar is not an integer between 1 and 6.
+     *
+     * @example
+     * ```typescript
+     * const shares = secrets.share(secrets.str2hex('Hello'), 5, 3);
+     * const recovered = secrets.hex2str(secrets.combine(shares));
+     * console.log(recovered); // 'Hello'
+     * ```
+     */
+    hex2str(str: string, bytesPerChar?: number): string;
+    /**
+     * Generate a random hexadecimal string of specified bit length.
+     *
+     * Uses the configured CSPRNG to generate cryptographically secure
+     * random numbers. Useful for generating random secrets.
+     *
+     * @param bits - Number of random bits to generate (2-65536).
+     * @returns Random hexadecimal string.
+     * @throws {Error} If bits is not an integer between 2 and 65536.
+     *
+     * @example
+     * ```typescript
+     * const randomSecret = secrets.random(128);
+     * const shares = secrets.share(randomSecret, 5, 3);
+     * ```
+     */
+    random(bits: number): HexString;
+    /**
+     * Split a secret into shares using Shamir's Secret Sharing.
+     *
+     * Creates numShares shares such that any threshold number of shares
+     * can reconstruct the original secret, but fewer shares reveal no
+     * information about the secret.
+     *
+     * @param secret - The secret to split, as a hexadecimal string.
+     * @param numShares - Total number of shares to generate (2 to 2^bits-1).
+     * @param threshold - Minimum number of shares needed to reconstruct (2 to numShares).
+     * @param padLength - Zero-pad the secret to a multiple of this length (0-1024, default 128).
+     * @returns Array of share strings.
+     * @throws {Error} If secret is not a string.
+     * @throws {Error} If numShares or threshold are invalid.
+     * @throws {Error} If threshold exceeds numShares.
+     * @throws {Error} If padLength is invalid.
+     *
+     * @example
+     * ```typescript
+     * // Split a hex secret into 5 shares, requiring 3 to reconstruct
+     * const shares = secrets.share('deadbeef', 5, 3);
+     *
+     * // Any 3 shares can reconstruct the secret
+     * const recovered = secrets.combine([shares[0], shares[2], shares[4]]);
+     * console.log(recovered); // 'deadbeef'
+     * ```
+     */
+    share(secret: string, numShares: number, threshold: number, padLength?: number): string[];
+    /**
+     * Generate a new share with a specific ID from existing shares.
+     *
+     * Uses Lagrange interpolation to create a new share at the specified
+     * ID point. Useful for generating additional shares without access to
+     * the original secret.
+     *
+     * @param id - The ID for the new share (1 to 2^bits-1).
+     * @param shares - Array of existing shares (at least threshold number).
+     * @returns New share string with the specified ID.
+     * @throws {Error} If id is invalid.
+     * @throws {Error} If shares array is invalid or empty.
+     *
+     * @example
+     * ```typescript
+     * const shares = secrets.share('abc123', 5, 3);
+     * // Generate a new share with ID 10
+     * const newShare = secrets.newShare(10, shares.slice(0, 3));
+     * ```
+     */
+    newShare(id: number | string, shares: Shares | string[]): string;
+    _reset: typeof reset;
+    _padLeft: typeof padLeft;
+    _hex2bin: typeof hex2bin;
+    _bin2hex: typeof bin2hex;
+    _bytesToHex: typeof bytesToHex;
+    _hasCryptoGetRandomValues: typeof hasCryptoGetRandomValues;
+    _hasCryptoRandomBytes: typeof hasCryptoRandomBytes;
+    _getRNG: typeof getRNG;
+    _isSetRNG: typeof isSetRNG;
+    _splitNumStringToIntArray: typeof splitNumStringToIntArray;
+    _horner: typeof horner;
+    _lagrange: typeof lagrange;
+    _getShares: typeof getShares;
+    _constructPublicShareString: typeof constructPublicShareString;
+};
+export default SecretsLibrary;
+export declare const init: (bits?: number, rngType?: CSPRNGType) => void, combine: (shares: Shares | string[], at?: number) => string, getConfig: () => SecretsConfig, extractShareComponents: (share: string) => ShareComponents, setRNG: (rng?: CSPRNGType | RNGFunction) => boolean, str2hex: (str: string, bytesPerChar?: number) => HexString, hex2str: (str: string, bytesPerChar?: number) => string, random: (bits: number) => HexString, share: (secret: string, numShares: number, threshold: number, padLength?: number) => string[], newShare: (id: number | string, shares: Shares | string[]) => string;
+//# sourceMappingURL=secrets.d.ts.map

package/dist/umd/secrets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../src/secrets.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAER,YAAY,EACZ,UAAU,EAEV,SAAS,EAET,WAAW,EACX,aAAa,EACb,KAAK,EACL,eAAe,EACf,MAAM,EACT,MAAM,SAAS,CAAC;AAGjB,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,MAAM;QACd,OAAO,EAAE,OAAO,cAAc,CAAC;KAChC;CACF;AAiBD,iBAAS,KAAK,IAAI,IAAI,CAiCrB;AAED,iBAAS,QAAQ,IAAI,OAAO,CAK3B;AAMD,iBAAS,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,CAsB7D;AAED,iBAAS,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,YAAY,CAc1C;AAED,iBAAS,OAAO,CAAC,GAAG,EAAE,YAAY,GAAG,SAAS,CAe7C;AAED,iBAAS,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAQzD;AAMD,iBAAS,wBAAwB,IAAI,OAAO,CAc3C;AAED,iBAAS,oBAAoB,IAAI,OAAO,CAcvC;AAED,iBAAS,MAAM,CAAC,IAAI,CAAC,EAAE,UAAU,GAAG,WAAW,GAAG,SAAS,CAyG1D;AAMD,iBAAS,wBAAwB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAe3E;AAED,iBAAS,MAAM,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAanD;AAED,iBAAS,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,CA6B9D;AAED,iBAAS,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,KAAK,EAAE,CAgBhF;AAED,iBAAS,0BAA0B,CACjC,IAAI,EAAE,MAAM,GAAG,MAAM,EACrB,EAAE,EAAE,MAAM,GAAG,MAAM,EACnB,IAAI,EAAE,MAAM,GACX,MAAM,CA+BR;AAMD,QAAA,MAAM,cAAc;IAClB;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;gBACS,MAAM,YAAY,UAAU,GAAG,IAAI;IAsE/C;;;;;;;;;;;;;;;;;;;;;OAqBG;oBACa,MAAM,GAAG,MAAM,EAAE,OAAO,MAAM,GAAG,MAAM;IAwCvD;;;;;;;;;;;;;;;OAeG;iBACU,aAAa;IAW1B;;;;;;;;;;;;;;;;;;;OAmBG;kCAC2B,MAAM,GAAG,eAAe;IAsDtD;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;iBACU,UAAU,GAAG,WAAW,GAAG,OAAO;IAyD/C;;;;;;;;;;;;;;;;;;;OAmBG;iBACU,MAAM,iBAAiB,MAAM,GAAG,SAAS;IAwDtD;;;;;;;;;;;;;;;;;;;OAmBG;iBACU,MAAM,iBAAiB,MAAM,GAAG,MAAM;IAiCnD;;;;;;;;;;;;;;;OAeG;iBACU,MAAM,GAAG,SAAS;IAa/B;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;kBAEO,MAAM,aACH,MAAM,aACN,MAAM,cACL,MAAM,GACjB,MAAM,EAAE;IAqGX;;;;;;;;;;;;;;;;;;;OAmBG;iBACU,MAAM,GAAG,MAAM,UAAU,MAAM,GAAG,MAAM,EAAE,GAAG,MAAM;;;;;;;;;;;;;;;CAuCjE,CAAC;AAiBF,eAAe,cAAc,CAAC;AAG9B,eAAO,MACL,IAAI,UA9qBQ,MAAM,YAAY,UAAU,KAAG,IAAI,EA+qB/C,OAAO,WAnlBS,MAAM,GAAG,MAAM,EAAE,OAAO,MAAM,KAAG,MAAM,EAolBvD,SAAS,QA5hBI,aAAa,EA6hB1B,sBAAsB,UA9fQ,MAAM,KAAG,eAAe,EA+ftD,MAAM,SAhbO,UAAU,GAAG,WAAW,KAAG,OAAO,EAib/C,OAAO,QApWM,MAAM,iBAAiB,MAAM,KAAG,SAAS,EAqWtD,OAAO,QAzRM,MAAM,iBAAiB,MAAM,KAAG,MAAM,EA0RnD,MAAM,SAzOO,MAAM,KAAG,SAAS,EA0O/B,KAAK,WAjMK,MAAM,aACH,MAAM,aACN,MAAM,cACL,MAAM,KACjB,MAAM,EAAE,EA8LX,QAAQ,OArEK,MAAM,GAAG,MAAM,UAAU,MAAM,GAAG,MAAM,EAAE,KAAG,MAsE1C,CAAC"}