npm - @fgv/ts-web-extras - Versions diffs - 5.1.0-32 → 5.1.0-34 - Mend

@fgv/ts-web-extras 5.1.0-32 → 5.1.0-34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/packlets/crypto-utils/idbPrivateKeyStorage.js ADDED Viewed

@@ -0,0 +1,238 @@
+/*
+ * Copyright (c) 2026 Erik Fortune
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+import { captureAsyncResult, captureResult, fail, succeed } from '@fgv/ts-utils';
+const DEFAULT_DATABASE_NAME = 'fgv-keystore-private-keys';
+const DEFAULT_STORE_NAME = 'privateKeys';
+/**
+ * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}
+ * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via
+ * IndexedDB's structured-clone serialization — no JWK round-trip — so it works
+ * with non-extractable keys.
+ *
+ * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by
+ * reference (structured clone) rather than exported, the keystore may generate
+ * `extractable: false` keys for maximum security on browsers that support it.
+ *
+ * The database is opened lazily on first use and cached. Each operation runs in
+ * its own transaction, relying on IndexedDB's default serialization. Multi-tab
+ * concurrency is a known limitation: two tabs writing the same id can race; this
+ * implementation targets single-tab use.
+ *
+ * @public
+ */
+export class IdbPrivateKeyStorage {
+    constructor(factory, databaseName, storeName) {
+        /**
+         * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable
+         * keys are supported.
+         */
+        this.supportsNonExtractable = true;
+        this._factory = factory;
+        this._databaseName = databaseName;
+        this._storeName = storeName;
+    }
+    /**
+     * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.
+     * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.
+     * @returns `Success` with the new instance, or `Failure` if no IndexedDB
+     * factory is available.
+     */
+    static create(params = {}) {
+        var _a, _b, _c;
+        const factory = (_a = params.indexedDB) !== null && _a !== void 0 ? _a : globalThis.indexedDB;
+        if (factory === undefined) {
+            return fail('IdbPrivateKeyStorage: no IndexedDB factory available (pass params.indexedDB)');
+        }
+        return succeed(new IdbPrivateKeyStorage(factory, (_b = params.databaseName) !== null && _b !== void 0 ? _b : DEFAULT_DATABASE_NAME, (_c = params.storeName) !== null && _c !== void 0 ? _c : DEFAULT_STORE_NAME));
+    }
+    /**
+     * Stores `key` under `id`.
+     * @param id - Storage handle to write under.
+     * @param key - The private `CryptoKey` to persist.
+     */
+    async store(id, key) {
+        if (key.type !== 'private') {
+            return fail(`failed to store private key '${id}': expected a private key, got '${key.type}'`);
+        }
+        return (await this._withStore('readwrite', (store) => this._request(store.put(key, id))))
+            .withErrorFormat((msg) => `failed to store private key '${id}': ${msg}`)
+            .onSuccess(() => succeed(id));
+    }
+    /**
+     * Loads the private key stored under `id`.
+     * @param id - Storage handle to look up.
+     */
+    async load(id) {
+        return (await this._getRaw(id))
+            .withErrorFormat((msg) => `failed to load private key '${id}': ${msg}`)
+            .onSuccess((key) => (key === undefined ? fail(`key not found: '${id}'`) : succeed(key)));
+    }
+    /**
+     * Deletes the entry stored under `id`. Missing ids fail, mirroring the
+     * encrypted-file backend. The existence check and the delete run in separate
+     * transactions (single-tab assumption).
+     * @param id - Storage handle to remove.
+     */
+    async delete(id) {
+        const existingResult = await this._getRaw(id);
+        /* c8 ignore next 3 - defensive: the existence-check read only fails on an IndexedDB environment error */
+        if (existingResult.isFailure()) {
+            return fail(`failed to delete private key '${id}': ${existingResult.message}`);
+        }
+        if (existingResult.value === undefined) {
+            return fail(`key not found: '${id}'`);
+        }
+        return (await this._withStore('readwrite', (store) => this._request(store.delete(id))))
+            .withErrorFormat((msg) => `failed to delete private key '${id}': ${msg}`)
+            .onSuccess(() => succeed(id));
+    }
+    /**
+     * Lists every stored id.
+     */
+    async list() {
+        return (await this._withStore('readonly', (store) => this._request(store.getAllKeys())))
+            .withErrorFormat((msg) => `failed to list private keys: ${msg}`)
+            .onSuccess((keys) => succeed(keys.map((key) => String(key))));
+    }
+    async _getRaw(id) {
+        return this._withStore('readonly', (store) => this._request(store.get(id)));
+    }
+    async _openDb() {
+        if (this._db !== undefined) {
+            return succeed(this._db);
+        }
+        const firstOpen = await this._open(undefined);
+        /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */
+        if (firstOpen.isFailure()) {
+            return firstOpen;
+        }
+        // The object store is created in `onupgradeneeded`, which only fires when
+        // the version changes. If a database at this name already existed at the
+        // current version but without our store (e.g. a different `storeName` than
+        // a prior instance used), the store is absent. Re-open at the next version
+        // to add it via a version-bump upgrade rather than failing later writes
+        // with NotFoundError.
+        let db = firstOpen.value;
+        if (!db.objectStoreNames.contains(this._storeName)) {
+            const nextVersion = db.version + 1;
+            db.close();
+            const reopen = await this._open(nextVersion);
+            /* c8 ignore next 3 - defensive: the version-bump re-open only fails on an IndexedDB environment fault */
+            if (reopen.isFailure()) {
+                return reopen;
+            }
+            db = reopen.value;
+        }
+        this._db = db;
+        return succeed(db);
+    }
+    async _open(version) {
+        return captureAsyncResult(() => new Promise((resolve, reject) => {
+            const request = version === undefined
+                ? this._factory.open(this._databaseName)
+                : this._factory.open(this._databaseName, version);
+            request.onupgradeneeded = () => {
+                // Create our object store if absent. This fires on initial creation
+                // and on the version bump used to add a store to an existing
+                // database; future schema migrations extend this hook additively.
+                if (!request.result.objectStoreNames.contains(this._storeName)) {
+                    request.result.createObjectStore(this._storeName);
+                }
+            };
+            request.onsuccess = () => {
+                const db = request.result;
+                // If another connection (e.g. a sibling instance adding a store via
+                // version bump, or another tab) needs to upgrade, close this one so
+                // we don't block it. Clear the cached handle first so the next
+                // operation reopens rather than reusing the now-closed connection.
+                // Single-tab use is the documented assumption; this just prevents a
+                // deadlock when several instances share a db.
+                db.onversionchange = () => {
+                    if (this._db === db) {
+                        this._db = undefined;
+                    }
+                    db.close();
+                };
+                resolve(db);
+            };
+            /* c8 ignore next 2 - defensive: open errors require a corrupted/blocked IndexedDB environment */
+            request.onerror = () => { var _a; return reject((_a = request.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB open failed')); };
+        }));
+    }
+    async _withStore(mode, op) {
+        const dbResult = await this._openDb();
+        /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */
+        if (dbResult.isFailure()) {
+            return fail(dbResult.message);
+        }
+        const txnResult = captureResult(() => dbResult.value.transaction(this._storeName, mode));
+        /* c8 ignore next 3 - transaction creation only throws if the store was deleted out from under us */
+        if (txnResult.isFailure()) {
+            return fail(txnResult.message);
+        }
+        const transaction = txnResult.value;
+        // For writes, a successful request is not durable until the transaction
+        // commits (oncomplete); it can still abort afterwards. Attach the completion
+        // listener BEFORE issuing the request so no event is missed, and wait for it
+        // before reporting success. Reads need no such wait.
+        const completion = mode === 'readwrite' ? this._awaitCompletion(transaction) : undefined;
+        // `op` builds and issues the IDB request synchronously (e.g. `store.put`),
+        // which can throw before any Promise is created — DataCloneError on a
+        // non-cloneable value, or a transaction-state DOMException. Run it inside a
+        // capture boundary so those surface as Failure rather than a rejection,
+        // preserving the Result contract.
+        const opOuter = await captureAsyncResult(() => op(transaction.objectStore(this._storeName)));
+        /* c8 ignore next 3 - defensive: synchronous IDB throws (e.g. DataCloneError) are unreachable for the typed public surface (private CryptoKeys clone; reads pass a string id), but the capture preserves the Result contract */
+        if (opOuter.isFailure()) {
+            return fail(opOuter.message);
+        }
+        const opResult = opOuter.value;
+        /* c8 ignore next 3 - defensive: the request itself only fails on an IndexedDB environment fault */
+        if (opResult.isFailure()) {
+            return opResult;
+        }
+        if (completion !== undefined) {
+            const commitResult = await completion;
+            /* c8 ignore next 3 - defensive: a transaction abort after a successful request requires an IndexedDB environment fault */
+            if (commitResult.isFailure()) {
+                return fail(commitResult.message);
+            }
+        }
+        return opResult;
+    }
+    async _request(request) {
+        return captureAsyncResult(() => new Promise((resolve, reject) => {
+            request.onsuccess = () => resolve(request.result);
+            /* c8 ignore next 2 - defensive: per-request errors require a corrupted IndexedDB environment */
+            request.onerror = () => { var _a; return reject((_a = request.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB request failed')); };
+        }));
+    }
+    async _awaitCompletion(transaction) {
+        return captureAsyncResult(() => new Promise((resolve, reject) => {
+            transaction.oncomplete = () => resolve(true);
+            /* c8 ignore next 4 - defensive: abort/error after a successful write requires an IndexedDB environment fault */
+            transaction.onabort = () => { var _a; return reject((_a = transaction.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB transaction aborted')); };
+            transaction.onerror = () => { var _a; return reject((_a = transaction.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB transaction error')); };
+        }));
+    }
+}
+//# sourceMappingURL=idbPrivateKeyStorage.js.map

package/dist/packlets/crypto-utils/idbPrivateKeyStorage.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"idbPrivateKeyStorage.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/idbPrivateKeyStorage.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,IAAI,EAAU,OAAO,EAAE,MAAM,eAAe,CAAC;AA0BzF,MAAM,qBAAqB,GAAW,2BAA2B,CAAC;AAClE,MAAM,kBAAkB,GAAW,aAAa,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,OAAO,oBAAoB;IAY/B,YAAoB,OAAmB,EAAE,YAAoB,EAAE,SAAiB;QAXhF;;;WAGG;QACa,2BAAsB,GAAS,IAAI,CAAC;QAQlD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,SAA4C,EAAE;;QACjE,MAAM,OAAO,GAA2B,MAAA,MAAM,CAAC,SAAS,mCAAI,UAAU,CAAC,SAAS,CAAC;QACjF,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,8EAA8E,CAAC,CAAC;QAC9F,CAAC;QACD,OAAO,OAAO,CACZ,IAAI,oBAAoB,CACtB,OAAO,EACP,MAAA,MAAM,CAAC,YAAY,mCAAI,qBAAqB,EAC5C,MAAA,MAAM,CAAC,SAAS,mCAAI,kBAAkB,CACvC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,KAAK,CAAC,EAAU,EAAE,GAAc;QAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,gCAAgC,EAAE,mCAAmC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;aACtF,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gCAAgC,EAAE,MAAM,GAAG,EAAE,CAAC;aACvE,SAAS,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,IAAI,CAAC,EAAU;QAC1B,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;aAC5B,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,+BAA+B,EAAE,MAAM,GAAG,EAAE,CAAC;aACtE,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7F,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,MAAM,CAAC,EAAU;QAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC9C,yGAAyG;QACzG,IAAI,cAAc,CAAC,SAAS,EAAE,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC,iCAAiC,EAAE,MAAM,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,IAAI,cAAc,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;aACpF,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,iCAAiC,EAAE,MAAM,GAAG,EAAE,CAAC;aACxE,SAAS,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,IAAI;QACf,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAgB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;aACpG,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gCAAgC,GAAG,EAAE,CAAC;aAC/D,SAAS,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,CAAC;IAEO,KAAK,CAAC,OAAO,CAAC,EAAU;QAC9B,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAwB,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACrG,CAAC;IAEO,KAAK,CAAC,OAAO;QACnB,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC9C,yGAAyG;QACzG,IAAI,SAAS,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,0EAA0E;QAC1E,yEAAyE;QACzE,2EAA2E;QAC3E,2EAA2E;QAC3E,wEAAwE;QACxE,sBAAsB;QACtB,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,GAAG,CAAC,CAAC;YACnC,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC7C,yGAAyG;YACzG,IAAI,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;gBACvB,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC;QACpB,CAAC;QACD,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC;QACd,OAAO,OAAO,CAAC,EAAE,CAAC,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,KAAK,CAAC,OAA2B;QAC7C,OAAO,kBAAkB,CACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAc,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,OAAO,GACX,OAAO,KAAK,SAAS;gBACnB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC;gBACxC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACtD,OAAO,CAAC,eAAe,GAAG,GAAS,EAAE;gBACnC,oEAAoE;gBACpE,6DAA6D;gBAC7D,kEAAkE;gBAClE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC/D,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,CAAC;YACF,OAAO,CAAC,SAAS,GAAG,GAAS,EAAE;gBAC7B,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;gBAC1B,oEAAoE;gBACpE,oEAAoE;gBACpE,+DAA+D;gBAC/D,mEAAmE;gBACnE,oEAAoE;gBACpE,8CAA8C;gBAC9C,EAAE,CAAC,eAAe,GAAG,GAAS,EAAE;oBAC9B,IAAI,IAAI,CAAC,GAAG,KAAK,EAAE,EAAE,CAAC;wBACpB,IAAI,CAAC,GAAG,GAAG,SAAS,CAAC;oBACvB,CAAC;oBACD,EAAE,CAAC,KAAK,EAAE,CAAC;gBACb,CAAC,CAAC;gBACF,OAAO,CAAC,EAAE,CAAC,CAAC;YACd,CAAC,CAAC;YACF,iGAAiG;YACjG,OAAO,CAAC,OAAO,GAAG,GAAS,EAAE,WAAC,OAAA,MAAM,CAAC,MAAA,OAAO,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAA,EAAA,CAAC;QAC5F,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,UAAU,CACtB,IAAwB,EACxB,EAAiD;QAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACtC,yGAAyG;QACzG,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,SAAS,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;QACzF,oGAAoG;QACpG,IAAI,SAAS,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC;QAEpC,wEAAwE;QACxE,6EAA6E;QAC7E,6EAA6E;QAC7E,qDAAqD;QACrD,MAAM,UAAU,GAAG,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEzF,2EAA2E;QAC3E,sEAAsE;QACtE,4EAA4E;QAC5E,wEAAwE;QACxE,kCAAkC;QAClC,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC7F,+NAA+N;QAC/N,IAAI,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC;QAC/B,mGAAmG;QACnG,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACtC,0HAA0H;YAC1H,IAAI,YAAY,CAAC,SAAS,EAAE,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAI,OAAsB;QAC9C,OAAO,kBAAkB,CACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACjC,OAAO,CAAC,SAAS,GAAG,GAAS,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACxD,gGAAgG;YAChG,OAAO,CAAC,OAAO,GAAG,GAAS,EAAE,WAAC,OAAA,MAAM,CAAC,MAAA,OAAO,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAA,EAAA,CAAC;QAC/F,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,WAA2B;QACxD,OAAO,kBAAkB,CACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpC,WAAW,CAAC,UAAU,GAAG,GAAS,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnD,gHAAgH;YAChH,WAAW,CAAC,OAAO,GAAG,GAAS,EAAE,WAC/B,OAAA,MAAM,CAAC,MAAA,WAAW,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAA,EAAA,CAAC;YAC1E,WAAW,CAAC,OAAO,GAAG,GAAS,EAAE,WAC/B,OAAA,MAAM,CAAC,MAAA,WAAW,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAA,EAAA,CAAC;QAC1E,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;CACF","sourcesContent":["/*\n * Copyright (c) 2026 Erik Fortune\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nimport { captureAsyncResult, captureResult, fail, Result, succeed } from '@fgv/ts-utils';\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/**\n * Parameters for {@link CryptoUtils.IdbPrivateKeyStorage.create}.\n * @public\n */\nexport interface IIdbPrivateKeyStorageCreateParams {\n /**\n * IndexedDB database name. Default: `'fgv-keystore-private-keys'`.\n */\n readonly databaseName?: string;\n\n /**\n * IndexedDB object-store name. Default: `'privateKeys'`.\n */\n readonly storeName?: string;\n\n /**\n * IndexedDB factory to use. Defaults to `globalThis.indexedDB`. Supplied\n * explicitly in tests (e.g. a `fake-indexeddb` factory) or to target a\n * non-default factory.\n */\n readonly indexedDB?: IDBFactory;\n}\n\nconst DEFAULT_DATABASE_NAME: string = 'fgv-keystore-private-keys';\nconst DEFAULT_STORE_NAME: string = 'privateKeys';\n\n/**\n * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}\n * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via\n * IndexedDB's structured-clone serialization — no JWK round-trip — so it works\n * with non-extractable keys.\n *\n * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by\n * reference (structured clone) rather than exported, the keystore may generate\n * `extractable: false` keys for maximum security on browsers that support it.\n *\n * The database is opened lazily on first use and cached. Each operation runs in\n * its own transaction, relying on IndexedDB's default serialization. Multi-tab\n * concurrency is a known limitation: two tabs writing the same id can race; this\n * implementation targets single-tab use.\n *\n * @public\n */\nexport class IdbPrivateKeyStorage implements CryptoUtils.KeyStore.IPrivateKeyStorage {\n /**\n * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable\n * keys are supported.\n */\n public readonly supportsNonExtractable: true = true;\n\n private readonly _factory: IDBFactory;\n private readonly _databaseName: string;\n private readonly _storeName: string;\n private _db: IDBDatabase | undefined;\n\n private constructor(factory: IDBFactory, databaseName: string, storeName: string) {\n this._factory = factory;\n this._databaseName = databaseName;\n this._storeName = storeName;\n }\n\n /**\n * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.\n * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.\n * @returns `Success` with the new instance, or `Failure` if no IndexedDB\n * factory is available.\n */\n public static create(params: IIdbPrivateKeyStorageCreateParams = {}): Result<IdbPrivateKeyStorage> {\n const factory: IDBFactory | undefined = params.indexedDB ?? globalThis.indexedDB;\n if (factory === undefined) {\n return fail('IdbPrivateKeyStorage: no IndexedDB factory available (pass params.indexedDB)');\n }\n return succeed(\n new IdbPrivateKeyStorage(\n factory,\n params.databaseName ?? DEFAULT_DATABASE_NAME,\n params.storeName ?? DEFAULT_STORE_NAME\n )\n );\n }\n\n /**\n * Stores `key` under `id`.\n * @param id - Storage handle to write under.\n * @param key - The private `CryptoKey` to persist.\n */\n public async store(id: string, key: CryptoKey): Promise<Result<string>> {\n if (key.type !== 'private') {\n return fail(`failed to store private key '${id}': expected a private key, got '${key.type}'`);\n }\n return (await this._withStore('readwrite', (store) => this._request(store.put(key, id))))\n .withErrorFormat((msg) => `failed to store private key '${id}': ${msg}`)\n .onSuccess(() => succeed(id));\n }\n\n /**\n * Loads the private key stored under `id`.\n * @param id - Storage handle to look up.\n */\n public async load(id: string): Promise<Result<CryptoKey>> {\n return (await this._getRaw(id))\n .withErrorFormat((msg) => `failed to load private key '${id}': ${msg}`)\n .onSuccess((key) => (key === undefined ? fail(`key not found: '${id}'`) : succeed(key)));\n }\n\n /**\n * Deletes the entry stored under `id`. Missing ids fail, mirroring the\n * encrypted-file backend. The existence check and the delete run in separate\n * transactions (single-tab assumption).\n * @param id - Storage handle to remove.\n */\n public async delete(id: string): Promise<Result<string>> {\n const existingResult = await this._getRaw(id);\n /* c8 ignore next 3 - defensive: the existence-check read only fails on an IndexedDB environment error */\n if (existingResult.isFailure()) {\n return fail(`failed to delete private key '${id}': ${existingResult.message}`);\n }\n if (existingResult.value === undefined) {\n return fail(`key not found: '${id}'`);\n }\n return (await this._withStore('readwrite', (store) => this._request(store.delete(id))))\n .withErrorFormat((msg) => `failed to delete private key '${id}': ${msg}`)\n .onSuccess(() => succeed(id));\n }\n\n /**\n * Lists every stored id.\n */\n public async list(): Promise<Result<readonly string[]>> {\n return (await this._withStore('readonly', (store) => this._request<IDBValidKey[]>(store.getAllKeys())))\n .withErrorFormat((msg) => `failed to list private keys: ${msg}`)\n .onSuccess((keys) => succeed(keys.map((key) => String(key))));\n }\n\n private async _getRaw(id: string): Promise<Result<CryptoKey | undefined>> {\n return this._withStore('readonly', (store) => this._request<CryptoKey | undefined>(store.get(id)));\n }\n\n private async _openDb(): Promise<Result<IDBDatabase>> {\n if (this._db !== undefined) {\n return succeed(this._db);\n }\n const firstOpen = await this._open(undefined);\n /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */\n if (firstOpen.isFailure()) {\n return firstOpen;\n }\n // The object store is created in `onupgradeneeded`, which only fires when\n // the version changes. If a database at this name already existed at the\n // current version but without our store (e.g. a different `storeName` than\n // a prior instance used), the store is absent. Re-open at the next version\n // to add it via a version-bump upgrade rather than failing later writes\n // with NotFoundError.\n let db = firstOpen.value;\n if (!db.objectStoreNames.contains(this._storeName)) {\n const nextVersion = db.version + 1;\n db.close();\n const reopen = await this._open(nextVersion);\n /* c8 ignore next 3 - defensive: the version-bump re-open only fails on an IndexedDB environment fault */\n if (reopen.isFailure()) {\n return reopen;\n }\n db = reopen.value;\n }\n this._db = db;\n return succeed(db);\n }\n\n private async _open(version: number | undefined): Promise<Result<IDBDatabase>> {\n return captureAsyncResult<IDBDatabase>(\n () =>\n new Promise<IDBDatabase>((resolve, reject) => {\n const request =\n version === undefined\n ? this._factory.open(this._databaseName)\n : this._factory.open(this._databaseName, version);\n request.onupgradeneeded = (): void => {\n // Create our object store if absent. This fires on initial creation\n // and on the version bump used to add a store to an existing\n // database; future schema migrations extend this hook additively.\n if (!request.result.objectStoreNames.contains(this._storeName)) {\n request.result.createObjectStore(this._storeName);\n }\n };\n request.onsuccess = (): void => {\n const db = request.result;\n // If another connection (e.g. a sibling instance adding a store via\n // version bump, or another tab) needs to upgrade, close this one so\n // we don't block it. Clear the cached handle first so the next\n // operation reopens rather than reusing the now-closed connection.\n // Single-tab use is the documented assumption; this just prevents a\n // deadlock when several instances share a db.\n db.onversionchange = (): void => {\n if (this._db === db) {\n this._db = undefined;\n }\n db.close();\n };\n resolve(db);\n };\n /* c8 ignore next 2 - defensive: open errors require a corrupted/blocked IndexedDB environment */\n request.onerror = (): void => reject(request.error ?? new Error('IndexedDB open failed'));\n })\n );\n }\n\n private async _withStore<T>(\n mode: IDBTransactionMode,\n op: (store: IDBObjectStore) => Promise<Result<T>>\n ): Promise<Result<T>> {\n const dbResult = await this._openDb();\n /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */\n if (dbResult.isFailure()) {\n return fail(dbResult.message);\n }\n const txnResult = captureResult(() => dbResult.value.transaction(this._storeName, mode));\n /* c8 ignore next 3 - transaction creation only throws if the store was deleted out from under us */\n if (txnResult.isFailure()) {\n return fail(txnResult.message);\n }\n const transaction = txnResult.value;\n\n // For writes, a successful request is not durable until the transaction\n // commits (oncomplete); it can still abort afterwards. Attach the completion\n // listener BEFORE issuing the request so no event is missed, and wait for it\n // before reporting success. Reads need no such wait.\n const completion = mode === 'readwrite' ? this._awaitCompletion(transaction) : undefined;\n\n // `op` builds and issues the IDB request synchronously (e.g. `store.put`),\n // which can throw before any Promise is created — DataCloneError on a\n // non-cloneable value, or a transaction-state DOMException. Run it inside a\n // capture boundary so those surface as Failure rather than a rejection,\n // preserving the Result contract.\n const opOuter = await captureAsyncResult(() => op(transaction.objectStore(this._storeName)));\n /* c8 ignore next 3 - defensive: synchronous IDB throws (e.g. DataCloneError) are unreachable for the typed public surface (private CryptoKeys clone; reads pass a string id), but the capture preserves the Result contract */\n if (opOuter.isFailure()) {\n return fail(opOuter.message);\n }\n const opResult = opOuter.value;\n /* c8 ignore next 3 - defensive: the request itself only fails on an IndexedDB environment fault */\n if (opResult.isFailure()) {\n return opResult;\n }\n if (completion !== undefined) {\n const commitResult = await completion;\n /* c8 ignore next 3 - defensive: a transaction abort after a successful request requires an IndexedDB environment fault */\n if (commitResult.isFailure()) {\n return fail(commitResult.message);\n }\n }\n return opResult;\n }\n\n private async _request<T>(request: IDBRequest<T>): Promise<Result<T>> {\n return captureAsyncResult<T>(\n () =>\n new Promise<T>((resolve, reject) => {\n request.onsuccess = (): void => resolve(request.result);\n /* c8 ignore next 2 - defensive: per-request errors require a corrupted IndexedDB environment */\n request.onerror = (): void => reject(request.error ?? new Error('IndexedDB request failed'));\n })\n );\n }\n\n private async _awaitCompletion(transaction: IDBTransaction): Promise<Result<true>> {\n return captureAsyncResult<true>(\n () =>\n new Promise<true>((resolve, reject) => {\n transaction.oncomplete = (): void => resolve(true);\n /* c8 ignore next 4 - defensive: abort/error after a successful write requires an IndexedDB environment fault */\n transaction.onabort = (): void =>\n reject(transaction.error ?? new Error('IndexedDB transaction aborted'));\n transaction.onerror = (): void =>\n reject(transaction.error ?? new Error('IndexedDB transaction error'));\n })\n );\n }\n}\n"]}

package/dist/packlets/crypto-utils/index.js CHANGED Viewed

@@ -25,6 +25,7 @@
  */
 export * from './browserHashProvider';
 export * from './browserCryptoProvider';
+export * from './idbPrivateKeyStorage';
 // HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;
 // re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.
 // We import from the top-level namespace to avoid relying on package.json exports path

package/dist/packlets/crypto-utils/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH;;;GAGG;AAEH,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;~~AAExC~~,sFAAsF;AACtF,6FAA6F;AAC7F,uFAAuF;AACvF,mEAAmE;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAoC,WAAW,CAAC,YAAY,CAAC","sourcesContent":["/\n Copyright (c) 2025 Erik Fortune\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\n/\n Browser-compatible cryptographic utilities using the Web Crypto API.\n * @packageDocumentation\n /\n\nexport from './browserHashProvider';\nexport * from './browserCryptoProvider';\n\n// HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;\n// re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.\n// We import from the top-level namespace to avoid relying on package.json exports path\n// resolution (which requires moduleResolution: node16 or bundler).\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/*\n HPKE base mode (RFC 9180) — `DHKEM(X25519, HKDF-SHA256) + HKDF-SHA256 + AES-256-GCM`.\n * Re-exported from `@fgv/ts-extras` for browser consumers.\n * @see {@link CryptoUtils.HpkeProvider}\n * @public\n /\nexport const HpkeProvider: typeof CryptoUtils.HpkeProvider = CryptoUtils.HpkeProvider;\n\n/\n Output of `HpkeProvider.sealBase`. Re-exported from `@fgv/ts-extras`.\n * @public\n */\nexport type IHpkeSealResult = CryptoUtils.IHpkeSealResult;\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH;;;GAGG;AAEH,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AAEvC,sFAAsF;AACtF,6FAA6F;AAC7F,uFAAuF;AACvF,mEAAmE;AACnE,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAoC,WAAW,CAAC,YAAY,CAAC","sourcesContent":["/\n Copyright (c) 2025 Erik Fortune\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\n/\n Browser-compatible cryptographic utilities using the Web Crypto API.\n * @packageDocumentation\n /\n\nexport from './browserHashProvider';\nexport * from './browserCryptoProvider';\nexport * from './idbPrivateKeyStorage';\n\n// HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;\n// re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.\n// We import from the top-level namespace to avoid relying on package.json exports path\n// resolution (which requires moduleResolution: node16 or bundler).\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/*\n HPKE base mode (RFC 9180) — `DHKEM(X25519, HKDF-SHA256) + HKDF-SHA256 + AES-256-GCM`.\n * Re-exported from `@fgv/ts-extras` for browser consumers.\n * @see {@link CryptoUtils.HpkeProvider}\n * @public\n /\nexport const HpkeProvider: typeof CryptoUtils.HpkeProvider = CryptoUtils.HpkeProvider;\n\n/\n Output of `HpkeProvider.sealBase`. Re-exported from `@fgv/ts-extras`.\n * @public\n */\nexport type IHpkeSealResult = CryptoUtils.IHpkeSealResult;\n"]}

package/dist/ts-web-extras.d.ts CHANGED Viewed

@@ -230,7 +230,9 @@ declare namespace CryptoUtils {
         IHpkeSealResult,
         BrowserHashProvider,
         createBrowserCryptoProvider,
-        BrowserCryptoProvider
+        BrowserCryptoProvider,
+        IIdbPrivateKeyStorageCreateParams,
+        IdbPrivateKeyStorage
     }
 }
 export { CryptoUtils }
@@ -868,6 +870,71 @@ declare function extractFileListMetadata(fileList: FileList): Array<IFileMetadat
      private static _requestWithParams;
  }
+ /**
+  * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}
+  * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via
+  * IndexedDB's structured-clone serialization — no JWK round-trip — so it works
+  * with non-extractable keys.
+  *
+  * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by
+  * reference (structured clone) rather than exported, the keystore may generate
+  * `extractable: false` keys for maximum security on browsers that support it.
+  *
+  * The database is opened lazily on first use and cached. Each operation runs in
+  * its own transaction, relying on IndexedDB's default serialization. Multi-tab
+  * concurrency is a known limitation: two tabs writing the same id can race; this
+  * implementation targets single-tab use.
+  *
+  * @public
+  */
+ declare class IdbPrivateKeyStorage implements CryptoUtils_2.KeyStore.IPrivateKeyStorage {
+     /**
+      * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable
+      * keys are supported.
+      */
+     readonly supportsNonExtractable: true;
+     private readonly _factory;
+     private readonly _databaseName;
+     private readonly _storeName;
+     private _db;
+     private constructor();
+     /**
+      * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.
+      * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.
+      * @returns `Success` with the new instance, or `Failure` if no IndexedDB
+      * factory is available.
+      */
+     static create(params?: IIdbPrivateKeyStorageCreateParams): Result<IdbPrivateKeyStorage>;
+     /**
+      * Stores `key` under `id`.
+      * @param id - Storage handle to write under.
+      * @param key - The private `CryptoKey` to persist.
+      */
+     store(id: string, key: CryptoKey): Promise<Result<string>>;
+     /**
+      * Loads the private key stored under `id`.
+      * @param id - Storage handle to look up.
+      */
+     load(id: string): Promise<Result<CryptoKey>>;
+     /**
+      * Deletes the entry stored under `id`. Missing ids fail, mirroring the
+      * encrypted-file backend. The existence check and the delete run in separate
+      * transactions (single-tab assumption).
+      * @param id - Storage handle to remove.
+      */
+     delete(id: string): Promise<Result<string>>;
+     /**
+      * Lists every stored id.
+      */
+     list(): Promise<Result<readonly string[]>>;
+     private _getRaw;
+     private _openDb;
+     private _open;
+     private _withStore;
+     private _request;
+     private _awaitCompletion;
+ }
  /**
   * Tree initializer for File System Access API directory handles.
   * @public
@@ -964,6 +1031,27 @@ declare function extractFileListMetadata(fileList: FileList): Array<IFileMetadat
      readonly logger?: Logging.LogReporter<unknown>;
  }
+ /**
+  * Parameters for {@link CryptoUtils.IdbPrivateKeyStorage.create}.
+  * @public
+  */
+ declare interface IIdbPrivateKeyStorageCreateParams {
+     /**
+      * IndexedDB database name. Default: `'fgv-keystore-private-keys'`.
+      */
+     readonly databaseName?: string;
+     /**
+      * IndexedDB object-store name. Default: `'privateKeys'`.
+      */
+     readonly storeName?: string;
+     /**
+      * IndexedDB factory to use. Defaults to `globalThis.indexedDB`. Supplied
+      * explicitly in tests (e.g. a `fake-indexeddb` factory) or to target a
+      * non-default factory.
+      */
+     readonly indexedDB?: IDBFactory;
+ }
  /**
   * Configuration for LocalStorageTreeAccessors.
   * @public

package/lib/packlets/crypto-utils/idbPrivateKeyStorage.d.ts ADDED Viewed

@@ -0,0 +1,87 @@
+import { Result } from '@fgv/ts-utils';
+import { CryptoUtils } from '@fgv/ts-extras';
+/**
+ * Parameters for {@link CryptoUtils.IdbPrivateKeyStorage.create}.
+ * @public
+ */
+export interface IIdbPrivateKeyStorageCreateParams {
+    /**
+     * IndexedDB database name. Default: `'fgv-keystore-private-keys'`.
+     */
+    readonly databaseName?: string;
+    /**
+     * IndexedDB object-store name. Default: `'privateKeys'`.
+     */
+    readonly storeName?: string;
+    /**
+     * IndexedDB factory to use. Defaults to `globalThis.indexedDB`. Supplied
+     * explicitly in tests (e.g. a `fake-indexeddb` factory) or to target a
+     * non-default factory.
+     */
+    readonly indexedDB?: IDBFactory;
+}
+/**
+ * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}
+ * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via
+ * IndexedDB's structured-clone serialization — no JWK round-trip — so it works
+ * with non-extractable keys.
+ *
+ * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by
+ * reference (structured clone) rather than exported, the keystore may generate
+ * `extractable: false` keys for maximum security on browsers that support it.
+ *
+ * The database is opened lazily on first use and cached. Each operation runs in
+ * its own transaction, relying on IndexedDB's default serialization. Multi-tab
+ * concurrency is a known limitation: two tabs writing the same id can race; this
+ * implementation targets single-tab use.
+ *
+ * @public
+ */
+export declare class IdbPrivateKeyStorage implements CryptoUtils.KeyStore.IPrivateKeyStorage {
+    /**
+     * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable
+     * keys are supported.
+     */
+    readonly supportsNonExtractable: true;
+    private readonly _factory;
+    private readonly _databaseName;
+    private readonly _storeName;
+    private _db;
+    private constructor();
+    /**
+     * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.
+     * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.
+     * @returns `Success` with the new instance, or `Failure` if no IndexedDB
+     * factory is available.
+     */
+    static create(params?: IIdbPrivateKeyStorageCreateParams): Result<IdbPrivateKeyStorage>;
+    /**
+     * Stores `key` under `id`.
+     * @param id - Storage handle to write under.
+     * @param key - The private `CryptoKey` to persist.
+     */
+    store(id: string, key: CryptoKey): Promise<Result<string>>;
+    /**
+     * Loads the private key stored under `id`.
+     * @param id - Storage handle to look up.
+     */
+    load(id: string): Promise<Result<CryptoKey>>;
+    /**
+     * Deletes the entry stored under `id`. Missing ids fail, mirroring the
+     * encrypted-file backend. The existence check and the delete run in separate
+     * transactions (single-tab assumption).
+     * @param id - Storage handle to remove.
+     */
+    delete(id: string): Promise<Result<string>>;
+    /**
+     * Lists every stored id.
+     */
+    list(): Promise<Result<readonly string[]>>;
+    private _getRaw;
+    private _openDb;
+    private _open;
+    private _withStore;
+    private _request;
+    private _awaitCompletion;
+}
+//# sourceMappingURL=idbPrivateKeyStorage.d.ts.map

package/lib/packlets/crypto-utils/idbPrivateKeyStorage.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"idbPrivateKeyStorage.d.ts","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/idbPrivateKeyStorage.ts"],"names":[],"mappings":"AAsBA,OAAO,EAA2C,MAAM,EAAW,MAAM,eAAe,CAAC;AACzF,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C;;;GAGG;AACH,MAAM,WAAW,iCAAiC;IAChD;;OAEG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAE/B;;OAEG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAE5B;;;;OAIG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC;CACjC;AAKD;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,oBAAqB,YAAW,WAAW,CAAC,QAAQ,CAAC,kBAAkB;IAClF;;;OAGG;IACH,SAAgB,sBAAsB,EAAE,IAAI,CAAQ;IAEpD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAa;IACtC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,GAAG,CAA0B;IAErC,OAAO;IAMP;;;;;OAKG;WACW,MAAM,CAAC,MAAM,GAAE,iCAAsC,GAAG,MAAM,CAAC,oBAAoB,CAAC;IAclG;;;;OAIG;IACU,KAAK,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IASvE;;;OAGG;IACU,IAAI,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAMzD;;;;;OAKG;IACU,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAcxD;;OAEG;IACU,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAMzC,OAAO;YAIP,OAAO;YA8BP,KAAK;YAsCL,UAAU;YA+CV,QAAQ;YAWR,gBAAgB;CAa/B"}

package/lib/packlets/crypto-utils/idbPrivateKeyStorage.js ADDED Viewed

@@ -0,0 +1,242 @@
+"use strict";
+/*
+ * Copyright (c) 2026 Erik Fortune
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IdbPrivateKeyStorage = void 0;
+const ts_utils_1 = require("@fgv/ts-utils");
+const DEFAULT_DATABASE_NAME = 'fgv-keystore-private-keys';
+const DEFAULT_STORE_NAME = 'privateKeys';
+/**
+ * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}
+ * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via
+ * IndexedDB's structured-clone serialization — no JWK round-trip — so it works
+ * with non-extractable keys.
+ *
+ * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by
+ * reference (structured clone) rather than exported, the keystore may generate
+ * `extractable: false` keys for maximum security on browsers that support it.
+ *
+ * The database is opened lazily on first use and cached. Each operation runs in
+ * its own transaction, relying on IndexedDB's default serialization. Multi-tab
+ * concurrency is a known limitation: two tabs writing the same id can race; this
+ * implementation targets single-tab use.
+ *
+ * @public
+ */
+class IdbPrivateKeyStorage {
+    constructor(factory, databaseName, storeName) {
+        /**
+         * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable
+         * keys are supported.
+         */
+        this.supportsNonExtractable = true;
+        this._factory = factory;
+        this._databaseName = databaseName;
+        this._storeName = storeName;
+    }
+    /**
+     * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.
+     * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.
+     * @returns `Success` with the new instance, or `Failure` if no IndexedDB
+     * factory is available.
+     */
+    static create(params = {}) {
+        var _a, _b, _c;
+        const factory = (_a = params.indexedDB) !== null && _a !== void 0 ? _a : globalThis.indexedDB;
+        if (factory === undefined) {
+            return (0, ts_utils_1.fail)('IdbPrivateKeyStorage: no IndexedDB factory available (pass params.indexedDB)');
+        }
+        return (0, ts_utils_1.succeed)(new IdbPrivateKeyStorage(factory, (_b = params.databaseName) !== null && _b !== void 0 ? _b : DEFAULT_DATABASE_NAME, (_c = params.storeName) !== null && _c !== void 0 ? _c : DEFAULT_STORE_NAME));
+    }
+    /**
+     * Stores `key` under `id`.
+     * @param id - Storage handle to write under.
+     * @param key - The private `CryptoKey` to persist.
+     */
+    async store(id, key) {
+        if (key.type !== 'private') {
+            return (0, ts_utils_1.fail)(`failed to store private key '${id}': expected a private key, got '${key.type}'`);
+        }
+        return (await this._withStore('readwrite', (store) => this._request(store.put(key, id))))
+            .withErrorFormat((msg) => `failed to store private key '${id}': ${msg}`)
+            .onSuccess(() => (0, ts_utils_1.succeed)(id));
+    }
+    /**
+     * Loads the private key stored under `id`.
+     * @param id - Storage handle to look up.
+     */
+    async load(id) {
+        return (await this._getRaw(id))
+            .withErrorFormat((msg) => `failed to load private key '${id}': ${msg}`)
+            .onSuccess((key) => (key === undefined ? (0, ts_utils_1.fail)(`key not found: '${id}'`) : (0, ts_utils_1.succeed)(key)));
+    }
+    /**
+     * Deletes the entry stored under `id`. Missing ids fail, mirroring the
+     * encrypted-file backend. The existence check and the delete run in separate
+     * transactions (single-tab assumption).
+     * @param id - Storage handle to remove.
+     */
+    async delete(id) {
+        const existingResult = await this._getRaw(id);
+        /* c8 ignore next 3 - defensive: the existence-check read only fails on an IndexedDB environment error */
+        if (existingResult.isFailure()) {
+            return (0, ts_utils_1.fail)(`failed to delete private key '${id}': ${existingResult.message}`);
+        }
+        if (existingResult.value === undefined) {
+            return (0, ts_utils_1.fail)(`key not found: '${id}'`);
+        }
+        return (await this._withStore('readwrite', (store) => this._request(store.delete(id))))
+            .withErrorFormat((msg) => `failed to delete private key '${id}': ${msg}`)
+            .onSuccess(() => (0, ts_utils_1.succeed)(id));
+    }
+    /**
+     * Lists every stored id.
+     */
+    async list() {
+        return (await this._withStore('readonly', (store) => this._request(store.getAllKeys())))
+            .withErrorFormat((msg) => `failed to list private keys: ${msg}`)
+            .onSuccess((keys) => (0, ts_utils_1.succeed)(keys.map((key) => String(key))));
+    }
+    async _getRaw(id) {
+        return this._withStore('readonly', (store) => this._request(store.get(id)));
+    }
+    async _openDb() {
+        if (this._db !== undefined) {
+            return (0, ts_utils_1.succeed)(this._db);
+        }
+        const firstOpen = await this._open(undefined);
+        /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */
+        if (firstOpen.isFailure()) {
+            return firstOpen;
+        }
+        // The object store is created in `onupgradeneeded`, which only fires when
+        // the version changes. If a database at this name already existed at the
+        // current version but without our store (e.g. a different `storeName` than
+        // a prior instance used), the store is absent. Re-open at the next version
+        // to add it via a version-bump upgrade rather than failing later writes
+        // with NotFoundError.
+        let db = firstOpen.value;
+        if (!db.objectStoreNames.contains(this._storeName)) {
+            const nextVersion = db.version + 1;
+            db.close();
+            const reopen = await this._open(nextVersion);
+            /* c8 ignore next 3 - defensive: the version-bump re-open only fails on an IndexedDB environment fault */
+            if (reopen.isFailure()) {
+                return reopen;
+            }
+            db = reopen.value;
+        }
+        this._db = db;
+        return (0, ts_utils_1.succeed)(db);
+    }
+    async _open(version) {
+        return (0, ts_utils_1.captureAsyncResult)(() => new Promise((resolve, reject) => {
+            const request = version === undefined
+                ? this._factory.open(this._databaseName)
+                : this._factory.open(this._databaseName, version);
+            request.onupgradeneeded = () => {
+                // Create our object store if absent. This fires on initial creation
+                // and on the version bump used to add a store to an existing
+                // database; future schema migrations extend this hook additively.
+                if (!request.result.objectStoreNames.contains(this._storeName)) {
+                    request.result.createObjectStore(this._storeName);
+                }
+            };
+            request.onsuccess = () => {
+                const db = request.result;
+                // If another connection (e.g. a sibling instance adding a store via
+                // version bump, or another tab) needs to upgrade, close this one so
+                // we don't block it. Clear the cached handle first so the next
+                // operation reopens rather than reusing the now-closed connection.
+                // Single-tab use is the documented assumption; this just prevents a
+                // deadlock when several instances share a db.
+                db.onversionchange = () => {
+                    if (this._db === db) {
+                        this._db = undefined;
+                    }
+                    db.close();
+                };
+                resolve(db);
+            };
+            /* c8 ignore next 2 - defensive: open errors require a corrupted/blocked IndexedDB environment */
+            request.onerror = () => { var _a; return reject((_a = request.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB open failed')); };
+        }));
+    }
+    async _withStore(mode, op) {
+        const dbResult = await this._openDb();
+        /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */
+        if (dbResult.isFailure()) {
+            return (0, ts_utils_1.fail)(dbResult.message);
+        }
+        const txnResult = (0, ts_utils_1.captureResult)(() => dbResult.value.transaction(this._storeName, mode));
+        /* c8 ignore next 3 - transaction creation only throws if the store was deleted out from under us */
+        if (txnResult.isFailure()) {
+            return (0, ts_utils_1.fail)(txnResult.message);
+        }
+        const transaction = txnResult.value;
+        // For writes, a successful request is not durable until the transaction
+        // commits (oncomplete); it can still abort afterwards. Attach the completion
+        // listener BEFORE issuing the request so no event is missed, and wait for it
+        // before reporting success. Reads need no such wait.
+        const completion = mode === 'readwrite' ? this._awaitCompletion(transaction) : undefined;
+        // `op` builds and issues the IDB request synchronously (e.g. `store.put`),
+        // which can throw before any Promise is created — DataCloneError on a
+        // non-cloneable value, or a transaction-state DOMException. Run it inside a
+        // capture boundary so those surface as Failure rather than a rejection,
+        // preserving the Result contract.
+        const opOuter = await (0, ts_utils_1.captureAsyncResult)(() => op(transaction.objectStore(this._storeName)));
+        /* c8 ignore next 3 - defensive: synchronous IDB throws (e.g. DataCloneError) are unreachable for the typed public surface (private CryptoKeys clone; reads pass a string id), but the capture preserves the Result contract */
+        if (opOuter.isFailure()) {
+            return (0, ts_utils_1.fail)(opOuter.message);
+        }
+        const opResult = opOuter.value;
+        /* c8 ignore next 3 - defensive: the request itself only fails on an IndexedDB environment fault */
+        if (opResult.isFailure()) {
+            return opResult;
+        }
+        if (completion !== undefined) {
+            const commitResult = await completion;
+            /* c8 ignore next 3 - defensive: a transaction abort after a successful request requires an IndexedDB environment fault */
+            if (commitResult.isFailure()) {
+                return (0, ts_utils_1.fail)(commitResult.message);
+            }
+        }
+        return opResult;
+    }
+    async _request(request) {
+        return (0, ts_utils_1.captureAsyncResult)(() => new Promise((resolve, reject) => {
+            request.onsuccess = () => resolve(request.result);
+            /* c8 ignore next 2 - defensive: per-request errors require a corrupted IndexedDB environment */
+            request.onerror = () => { var _a; return reject((_a = request.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB request failed')); };
+        }));
+    }
+    async _awaitCompletion(transaction) {
+        return (0, ts_utils_1.captureAsyncResult)(() => new Promise((resolve, reject) => {
+            transaction.oncomplete = () => resolve(true);
+            /* c8 ignore next 4 - defensive: abort/error after a successful write requires an IndexedDB environment fault */
+            transaction.onabort = () => { var _a; return reject((_a = transaction.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB transaction aborted')); };
+            transaction.onerror = () => { var _a; return reject((_a = transaction.error) !== null && _a !== void 0 ? _a : new Error('IndexedDB transaction error')); };
+        }));
+    }
+}
+exports.IdbPrivateKeyStorage = IdbPrivateKeyStorage;
+//# sourceMappingURL=idbPrivateKeyStorage.js.map

package/lib/packlets/crypto-utils/idbPrivateKeyStorage.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"idbPrivateKeyStorage.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/idbPrivateKeyStorage.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;AAEH,4CAAyF;AA0BzF,MAAM,qBAAqB,GAAW,2BAA2B,CAAC;AAClE,MAAM,kBAAkB,GAAW,aAAa,CAAC;AAEjD;;;;;;;;;;;;;;;;GAgBG;AACH,MAAa,oBAAoB;IAY/B,YAAoB,OAAmB,EAAE,YAAoB,EAAE,SAAiB;QAXhF;;;WAGG;QACa,2BAAsB,GAAS,IAAI,CAAC;QAQlD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;IAC9B,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,SAA4C,EAAE;;QACjE,MAAM,OAAO,GAA2B,MAAA,MAAM,CAAC,SAAS,mCAAI,UAAU,CAAC,SAAS,CAAC;QACjF,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,IAAA,eAAI,EAAC,8EAA8E,CAAC,CAAC;QAC9F,CAAC;QACD,OAAO,IAAA,kBAAO,EACZ,IAAI,oBAAoB,CACtB,OAAO,EACP,MAAA,MAAM,CAAC,YAAY,mCAAI,qBAAqB,EAC5C,MAAA,MAAM,CAAC,SAAS,mCAAI,kBAAkB,CACvC,CACF,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,KAAK,CAAC,EAAU,EAAE,GAAc;QAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,IAAA,eAAI,EAAC,gCAAgC,EAAE,mCAAmC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;aACtF,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gCAAgC,EAAE,MAAM,GAAG,EAAE,CAAC;aACvE,SAAS,CAAC,GAAG,EAAE,CAAC,IAAA,kBAAO,EAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,IAAI,CAAC,EAAU;QAC1B,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;aAC5B,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,+BAA+B,EAAE,MAAM,GAAG,EAAE,CAAC;aACtE,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,eAAI,EAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,kBAAO,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7F,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,MAAM,CAAC,EAAU;QAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC9C,yGAAyG;QACzG,IAAI,cAAc,CAAC,SAAS,EAAE,EAAE,CAAC;YAC/B,OAAO,IAAA,eAAI,EAAC,iCAAiC,EAAE,MAAM,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,IAAI,cAAc,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YACvC,OAAO,IAAA,eAAI,EAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;aACpF,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,iCAAiC,EAAE,MAAM,GAAG,EAAE,CAAC;aACxE,SAAS,CAAC,GAAG,EAAE,CAAC,IAAA,kBAAO,EAAC,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,IAAI;QACf,OAAO,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAgB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;aACpG,eAAe,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gCAAgC,GAAG,EAAE,CAAC;aAC/D,SAAS,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,CAAC;IAEO,KAAK,CAAC,OAAO,CAAC,EAAU;QAC9B,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAwB,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACrG,CAAC;IAEO,KAAK,CAAC,OAAO;QACnB,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,IAAA,kBAAO,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC9C,yGAAyG;QACzG,IAAI,SAAS,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,0EAA0E;QAC1E,yEAAyE;QACzE,2EAA2E;QAC3E,2EAA2E;QAC3E,wEAAwE;QACxE,sBAAsB;QACtB,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC;QACzB,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,GAAG,CAAC,CAAC;YACnC,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC7C,yGAAyG;YACzG,IAAI,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;gBACvB,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC;QACpB,CAAC;QACD,IAAI,CAAC,GAAG,GAAG,EAAE,CAAC;QACd,OAAO,IAAA,kBAAO,EAAC,EAAE,CAAC,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,KAAK,CAAC,OAA2B;QAC7C,OAAO,IAAA,6BAAkB,EACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAc,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC3C,MAAM,OAAO,GACX,OAAO,KAAK,SAAS;gBACnB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC;gBACxC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YACtD,OAAO,CAAC,eAAe,GAAG,GAAS,EAAE;gBACnC,oEAAoE;gBACpE,6DAA6D;gBAC7D,kEAAkE;gBAClE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC/D,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC,CAAC;YACF,OAAO,CAAC,SAAS,GAAG,GAAS,EAAE;gBAC7B,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;gBAC1B,oEAAoE;gBACpE,oEAAoE;gBACpE,+DAA+D;gBAC/D,mEAAmE;gBACnE,oEAAoE;gBACpE,8CAA8C;gBAC9C,EAAE,CAAC,eAAe,GAAG,GAAS,EAAE;oBAC9B,IAAI,IAAI,CAAC,GAAG,KAAK,EAAE,EAAE,CAAC;wBACpB,IAAI,CAAC,GAAG,GAAG,SAAS,CAAC;oBACvB,CAAC;oBACD,EAAE,CAAC,KAAK,EAAE,CAAC;gBACb,CAAC,CAAC;gBACF,OAAO,CAAC,EAAE,CAAC,CAAC;YACd,CAAC,CAAC;YACF,iGAAiG;YACjG,OAAO,CAAC,OAAO,GAAG,GAAS,EAAE,WAAC,OAAA,MAAM,CAAC,MAAA,OAAO,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAA,EAAA,CAAC;QAC5F,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,UAAU,CACtB,IAAwB,EACxB,EAAiD;QAEjD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACtC,yGAAyG;QACzG,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO,IAAA,eAAI,EAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,SAAS,GAAG,IAAA,wBAAa,EAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;QACzF,oGAAoG;QACpG,IAAI,SAAS,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1B,OAAO,IAAA,eAAI,EAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC;QAEpC,wEAAwE;QACxE,6EAA6E;QAC7E,6EAA6E;QAC7E,qDAAqD;QACrD,MAAM,UAAU,GAAG,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEzF,2EAA2E;QAC3E,sEAAsE;QACtE,4EAA4E;QAC5E,wEAAwE;QACxE,kCAAkC;QAClC,MAAM,OAAO,GAAG,MAAM,IAAA,6BAAkB,EAAC,GAAG,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC7F,+NAA+N;QAC/N,IAAI,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YACxB,OAAO,IAAA,eAAI,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC;QAC/B,mGAAmG;QACnG,IAAI,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC;YACzB,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACtC,0HAA0H;YAC1H,IAAI,YAAY,CAAC,SAAS,EAAE,EAAE,CAAC;gBAC7B,OAAO,IAAA,eAAI,EAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAI,OAAsB;QAC9C,OAAO,IAAA,6BAAkB,EACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACjC,OAAO,CAAC,SAAS,GAAG,GAAS,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACxD,gGAAgG;YAChG,OAAO,CAAC,OAAO,GAAG,GAAS,EAAE,WAAC,OAAA,MAAM,CAAC,MAAA,OAAO,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAA,EAAA,CAAC;QAC/F,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,WAA2B;QACxD,OAAO,IAAA,6BAAkB,EACvB,GAAG,EAAE,CACH,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACpC,WAAW,CAAC,UAAU,GAAG,GAAS,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnD,gHAAgH;YAChH,WAAW,CAAC,OAAO,GAAG,GAAS,EAAE,WAC/B,OAAA,MAAM,CAAC,MAAA,WAAW,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAA,EAAA,CAAC;YAC1E,WAAW,CAAC,OAAO,GAAG,GAAS,EAAE,WAC/B,OAAA,MAAM,CAAC,MAAA,WAAW,CAAC,KAAK,mCAAI,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAA,EAAA,CAAC;QAC1E,CAAC,CAAC,CACL,CAAC;IACJ,CAAC;CACF;AA1OD,oDA0OC","sourcesContent":["/*\n * Copyright (c) 2026 Erik Fortune\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n */\n\nimport { captureAsyncResult, captureResult, fail, Result, succeed } from '@fgv/ts-utils';\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/**\n * Parameters for {@link CryptoUtils.IdbPrivateKeyStorage.create}.\n * @public\n */\nexport interface IIdbPrivateKeyStorageCreateParams {\n /**\n * IndexedDB database name. Default: `'fgv-keystore-private-keys'`.\n */\n readonly databaseName?: string;\n\n /**\n * IndexedDB object-store name. Default: `'privateKeys'`.\n */\n readonly storeName?: string;\n\n /**\n * IndexedDB factory to use. Defaults to `globalThis.indexedDB`. Supplied\n * explicitly in tests (e.g. a `fake-indexeddb` factory) or to target a\n * non-default factory.\n */\n readonly indexedDB?: IDBFactory;\n}\n\nconst DEFAULT_DATABASE_NAME: string = 'fgv-keystore-private-keys';\nconst DEFAULT_STORE_NAME: string = 'privateKeys';\n\n/**\n * {@link CryptoUtils.KeyStore.IPrivateKeyStorage | IPrivateKeyStorage}\n * implementation backed by IndexedDB. Stores `CryptoKey` objects directly via\n * IndexedDB's structured-clone serialization — no JWK round-trip — so it works\n * with non-extractable keys.\n *\n * `supportsNonExtractable` is `true`: because the `CryptoKey` is stored by\n * reference (structured clone) rather than exported, the keystore may generate\n * `extractable: false` keys for maximum security on browsers that support it.\n *\n * The database is opened lazily on first use and cached. Each operation runs in\n * its own transaction, relying on IndexedDB's default serialization. Multi-tab\n * concurrency is a known limitation: two tabs writing the same id can race; this\n * implementation targets single-tab use.\n *\n * @public\n */\nexport class IdbPrivateKeyStorage implements CryptoUtils.KeyStore.IPrivateKeyStorage {\n /**\n * `true` — IndexedDB stores `CryptoKey` objects directly, so non-extractable\n * keys are supported.\n */\n public readonly supportsNonExtractable: true = true;\n\n private readonly _factory: IDBFactory;\n private readonly _databaseName: string;\n private readonly _storeName: string;\n private _db: IDBDatabase | undefined;\n\n private constructor(factory: IDBFactory, databaseName: string, storeName: string) {\n this._factory = factory;\n this._databaseName = databaseName;\n this._storeName = storeName;\n }\n\n /**\n * Creates a new {@link CryptoUtils.IdbPrivateKeyStorage}.\n * @param params - Optional {@link CryptoUtils.IIdbPrivateKeyStorageCreateParams}.\n * @returns `Success` with the new instance, or `Failure` if no IndexedDB\n * factory is available.\n */\n public static create(params: IIdbPrivateKeyStorageCreateParams = {}): Result<IdbPrivateKeyStorage> {\n const factory: IDBFactory | undefined = params.indexedDB ?? globalThis.indexedDB;\n if (factory === undefined) {\n return fail('IdbPrivateKeyStorage: no IndexedDB factory available (pass params.indexedDB)');\n }\n return succeed(\n new IdbPrivateKeyStorage(\n factory,\n params.databaseName ?? DEFAULT_DATABASE_NAME,\n params.storeName ?? DEFAULT_STORE_NAME\n )\n );\n }\n\n /**\n * Stores `key` under `id`.\n * @param id - Storage handle to write under.\n * @param key - The private `CryptoKey` to persist.\n */\n public async store(id: string, key: CryptoKey): Promise<Result<string>> {\n if (key.type !== 'private') {\n return fail(`failed to store private key '${id}': expected a private key, got '${key.type}'`);\n }\n return (await this._withStore('readwrite', (store) => this._request(store.put(key, id))))\n .withErrorFormat((msg) => `failed to store private key '${id}': ${msg}`)\n .onSuccess(() => succeed(id));\n }\n\n /**\n * Loads the private key stored under `id`.\n * @param id - Storage handle to look up.\n */\n public async load(id: string): Promise<Result<CryptoKey>> {\n return (await this._getRaw(id))\n .withErrorFormat((msg) => `failed to load private key '${id}': ${msg}`)\n .onSuccess((key) => (key === undefined ? fail(`key not found: '${id}'`) : succeed(key)));\n }\n\n /**\n * Deletes the entry stored under `id`. Missing ids fail, mirroring the\n * encrypted-file backend. The existence check and the delete run in separate\n * transactions (single-tab assumption).\n * @param id - Storage handle to remove.\n */\n public async delete(id: string): Promise<Result<string>> {\n const existingResult = await this._getRaw(id);\n /* c8 ignore next 3 - defensive: the existence-check read only fails on an IndexedDB environment error */\n if (existingResult.isFailure()) {\n return fail(`failed to delete private key '${id}': ${existingResult.message}`);\n }\n if (existingResult.value === undefined) {\n return fail(`key not found: '${id}'`);\n }\n return (await this._withStore('readwrite', (store) => this._request(store.delete(id))))\n .withErrorFormat((msg) => `failed to delete private key '${id}': ${msg}`)\n .onSuccess(() => succeed(id));\n }\n\n /**\n * Lists every stored id.\n */\n public async list(): Promise<Result<readonly string[]>> {\n return (await this._withStore('readonly', (store) => this._request<IDBValidKey[]>(store.getAllKeys())))\n .withErrorFormat((msg) => `failed to list private keys: ${msg}`)\n .onSuccess((keys) => succeed(keys.map((key) => String(key))));\n }\n\n private async _getRaw(id: string): Promise<Result<CryptoKey | undefined>> {\n return this._withStore('readonly', (store) => this._request<CryptoKey | undefined>(store.get(id)));\n }\n\n private async _openDb(): Promise<Result<IDBDatabase>> {\n if (this._db !== undefined) {\n return succeed(this._db);\n }\n const firstOpen = await this._open(undefined);\n /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */\n if (firstOpen.isFailure()) {\n return firstOpen;\n }\n // The object store is created in `onupgradeneeded`, which only fires when\n // the version changes. If a database at this name already existed at the\n // current version but without our store (e.g. a different `storeName` than\n // a prior instance used), the store is absent. Re-open at the next version\n // to add it via a version-bump upgrade rather than failing later writes\n // with NotFoundError.\n let db = firstOpen.value;\n if (!db.objectStoreNames.contains(this._storeName)) {\n const nextVersion = db.version + 1;\n db.close();\n const reopen = await this._open(nextVersion);\n /* c8 ignore next 3 - defensive: the version-bump re-open only fails on an IndexedDB environment fault */\n if (reopen.isFailure()) {\n return reopen;\n }\n db = reopen.value;\n }\n this._db = db;\n return succeed(db);\n }\n\n private async _open(version: number | undefined): Promise<Result<IDBDatabase>> {\n return captureAsyncResult<IDBDatabase>(\n () =>\n new Promise<IDBDatabase>((resolve, reject) => {\n const request =\n version === undefined\n ? this._factory.open(this._databaseName)\n : this._factory.open(this._databaseName, version);\n request.onupgradeneeded = (): void => {\n // Create our object store if absent. This fires on initial creation\n // and on the version bump used to add a store to an existing\n // database; future schema migrations extend this hook additively.\n if (!request.result.objectStoreNames.contains(this._storeName)) {\n request.result.createObjectStore(this._storeName);\n }\n };\n request.onsuccess = (): void => {\n const db = request.result;\n // If another connection (e.g. a sibling instance adding a store via\n // version bump, or another tab) needs to upgrade, close this one so\n // we don't block it. Clear the cached handle first so the next\n // operation reopens rather than reusing the now-closed connection.\n // Single-tab use is the documented assumption; this just prevents a\n // deadlock when several instances share a db.\n db.onversionchange = (): void => {\n if (this._db === db) {\n this._db = undefined;\n }\n db.close();\n };\n resolve(db);\n };\n /* c8 ignore next 2 - defensive: open errors require a corrupted/blocked IndexedDB environment */\n request.onerror = (): void => reject(request.error ?? new Error('IndexedDB open failed'));\n })\n );\n }\n\n private async _withStore<T>(\n mode: IDBTransactionMode,\n op: (store: IDBObjectStore) => Promise<Result<T>>\n ): Promise<Result<T>> {\n const dbResult = await this._openDb();\n /* c8 ignore next 3 - defensive: database open only fails on a corrupted/blocked IndexedDB environment */\n if (dbResult.isFailure()) {\n return fail(dbResult.message);\n }\n const txnResult = captureResult(() => dbResult.value.transaction(this._storeName, mode));\n /* c8 ignore next 3 - transaction creation only throws if the store was deleted out from under us */\n if (txnResult.isFailure()) {\n return fail(txnResult.message);\n }\n const transaction = txnResult.value;\n\n // For writes, a successful request is not durable until the transaction\n // commits (oncomplete); it can still abort afterwards. Attach the completion\n // listener BEFORE issuing the request so no event is missed, and wait for it\n // before reporting success. Reads need no such wait.\n const completion = mode === 'readwrite' ? this._awaitCompletion(transaction) : undefined;\n\n // `op` builds and issues the IDB request synchronously (e.g. `store.put`),\n // which can throw before any Promise is created — DataCloneError on a\n // non-cloneable value, or a transaction-state DOMException. Run it inside a\n // capture boundary so those surface as Failure rather than a rejection,\n // preserving the Result contract.\n const opOuter = await captureAsyncResult(() => op(transaction.objectStore(this._storeName)));\n /* c8 ignore next 3 - defensive: synchronous IDB throws (e.g. DataCloneError) are unreachable for the typed public surface (private CryptoKeys clone; reads pass a string id), but the capture preserves the Result contract */\n if (opOuter.isFailure()) {\n return fail(opOuter.message);\n }\n const opResult = opOuter.value;\n /* c8 ignore next 3 - defensive: the request itself only fails on an IndexedDB environment fault */\n if (opResult.isFailure()) {\n return opResult;\n }\n if (completion !== undefined) {\n const commitResult = await completion;\n /* c8 ignore next 3 - defensive: a transaction abort after a successful request requires an IndexedDB environment fault */\n if (commitResult.isFailure()) {\n return fail(commitResult.message);\n }\n }\n return opResult;\n }\n\n private async _request<T>(request: IDBRequest<T>): Promise<Result<T>> {\n return captureAsyncResult<T>(\n () =>\n new Promise<T>((resolve, reject) => {\n request.onsuccess = (): void => resolve(request.result);\n /* c8 ignore next 2 - defensive: per-request errors require a corrupted IndexedDB environment */\n request.onerror = (): void => reject(request.error ?? new Error('IndexedDB request failed'));\n })\n );\n }\n\n private async _awaitCompletion(transaction: IDBTransaction): Promise<Result<true>> {\n return captureAsyncResult<true>(\n () =>\n new Promise<true>((resolve, reject) => {\n transaction.oncomplete = (): void => resolve(true);\n /* c8 ignore next 4 - defensive: abort/error after a successful write requires an IndexedDB environment fault */\n transaction.onabort = (): void =>\n reject(transaction.error ?? new Error('IndexedDB transaction aborted'));\n transaction.onerror = (): void =>\n reject(transaction.error ?? new Error('IndexedDB transaction error'));\n })\n );\n }\n}\n"]}

package/lib/packlets/crypto-utils/index.d.ts CHANGED Viewed

@@ -4,6 +4,7 @@
  */
 export * from './browserHashProvider';
 export * from './browserCryptoProvider';
+export * from './idbPrivateKeyStorage';
 import { CryptoUtils } from '@fgv/ts-extras';
 /**
  * HPKE base mode (RFC 9180) — `DHKEM(X25519, HKDF-SHA256) + HKDF-SHA256 + AES-256-GCM`.

package/lib/packlets/crypto-utils/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":"AAsBA;;;GAGG;AAEH,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;~~AAMxC~~,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C;;;;;GAKG;AACH,eAAO,MAAM,YAAY,EAAE,OAAO,WAAW,CAAC,YAAuC,CAAC;AAEtF;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":"AAsBA;;;GAGG;AAEH,cAAc,uBAAuB,CAAC;AACtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AAMvC,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C;;;;;GAKG;AACH,eAAO,MAAM,YAAY,EAAE,OAAO,WAAW,CAAC,YAAuC,CAAC;AAEtF;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC"}

package/lib/packlets/crypto-utils/index.js CHANGED Viewed

@@ -42,6 +42,7 @@ exports.HpkeProvider = void 0;
  */
 __exportStar(require("./browserHashProvider"), exports);
 __exportStar(require("./browserCryptoProvider"), exports);
+__exportStar(require("./idbPrivateKeyStorage"), exports);
 // HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;
 // re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.
 // We import from the top-level namespace to avoid relying on package.json exports path

package/lib/packlets/crypto-utils/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;AAEH;;;GAGG;AAEH,wDAAsC;AACtC,0DAAwC;~~AAExC~~,sFAAsF;AACtF,6FAA6F;AAC7F,uFAAuF;AACvF,mEAAmE;AACnE,8CAA6C;AAE7C;;;;;GAKG;AACU,QAAA,YAAY,GAAoC,uBAAW,CAAC,YAAY,CAAC","sourcesContent":["/\n Copyright (c) 2025 Erik Fortune\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\n/\n Browser-compatible cryptographic utilities using the Web Crypto API.\n * @packageDocumentation\n /\n\nexport from './browserHashProvider';\nexport * from './browserCryptoProvider';\n\n// HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;\n// re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.\n// We import from the top-level namespace to avoid relying on package.json exports path\n// resolution (which requires moduleResolution: node16 or bundler).\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/*\n HPKE base mode (RFC 9180) — `DHKEM(X25519, HKDF-SHA256) + HKDF-SHA256 + AES-256-GCM`.\n * Re-exported from `@fgv/ts-extras` for browser consumers.\n * @see {@link CryptoUtils.HpkeProvider}\n * @public\n /\nexport const HpkeProvider: typeof CryptoUtils.HpkeProvider = CryptoUtils.HpkeProvider;\n\n/\n Output of `HpkeProvider.sealBase`. Re-exported from `@fgv/ts-extras`.\n * @public\n */\nexport type IHpkeSealResult = CryptoUtils.IHpkeSealResult;\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/packlets/crypto-utils/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;AAEH;;;GAGG;AAEH,wDAAsC;AACtC,0DAAwC;AACxC,yDAAuC;AAEvC,sFAAsF;AACtF,6FAA6F;AAC7F,uFAAuF;AACvF,mEAAmE;AACnE,8CAA6C;AAE7C;;;;;GAKG;AACU,QAAA,YAAY,GAAoC,uBAAW,CAAC,YAAY,CAAC","sourcesContent":["/\n Copyright (c) 2025 Erik Fortune\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\n/\n Browser-compatible cryptographic utilities using the Web Crypto API.\n * @packageDocumentation\n /\n\nexport from './browserHashProvider';\nexport * from './browserCryptoProvider';\nexport * from './idbPrivateKeyStorage';\n\n// HpkeProvider re-export: implementation lives in @fgv/ts-extras CryptoUtils packlet;\n// re-exported here so browser callers can import from @fgv/ts-web-extras for this primitive.\n// We import from the top-level namespace to avoid relying on package.json exports path\n// resolution (which requires moduleResolution: node16 or bundler).\nimport { CryptoUtils } from '@fgv/ts-extras';\n\n/*\n HPKE base mode (RFC 9180) — `DHKEM(X25519, HKDF-SHA256) + HKDF-SHA256 + AES-256-GCM`.\n * Re-exported from `@fgv/ts-extras` for browser consumers.\n * @see {@link CryptoUtils.HpkeProvider}\n * @public\n /\nexport const HpkeProvider: typeof CryptoUtils.HpkeProvider = CryptoUtils.HpkeProvider;\n\n/\n Output of `HpkeProvider.sealBase`. Re-exported from `@fgv/ts-extras`.\n * @public\n */\nexport type IHpkeSealResult = CryptoUtils.IHpkeSealResult;\n"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fgv/ts-web-extras",
-  "version": "5.1.0-32",
+  "version": "5.1.0-34",
   "description": "Browser-compatible utilities and FileTree implementations",
   "main": "lib/index.js",
   "types": "dist/ts-web-extras.d.ts",
@@ -46,19 +46,20 @@
     "@types/react": "~19.2.8",
     "typedoc": "~0.28.16",
     "typedoc-plugin-markdown": "~4.9.0",
-    "@fgv/heft-dual-rig": "5.1.0-32",
-    "@fgv/ts-extras": "5.1.0-32",
-    "@fgv/typedoc-compact-theme": "5.1.0-32",
-    "@fgv/ts-utils": "5.1.0-32",
-    "@fgv/ts-json-base": "5.1.0-32",
-    "@fgv/ts-utils-jest": "5.1.0-32"
+    "fake-indexeddb": "~6.2.5",
+    "@fgv/heft-dual-rig": "5.1.0-34",
+    "@fgv/ts-extras": "5.1.0-34",
+    "@fgv/ts-utils": "5.1.0-34",
+    "@fgv/ts-json-base": "5.1.0-34",
+    "@fgv/typedoc-compact-theme": "5.1.0-34",
+    "@fgv/ts-utils-jest": "5.1.0-34"
   },
   "peerDependencies": {
     "react": ">=18 <20",
     "react-dom": ">=18 <20",
-    "@fgv/ts-extras": "5.1.0-32",
-    "@fgv/ts-utils": "5.1.0-32",
-    "@fgv/ts-json-base": "5.1.0-32"
+    "@fgv/ts-extras": "5.1.0-34",
+    "@fgv/ts-utils": "5.1.0-34",
+    "@fgv/ts-json-base": "5.1.0-34"
   },
   "exports": {
     ".": {