npm - @msdis/shield - Versions diffs - 0.2.0 - Mend

@msdis/shield 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (92) hide show

package/LICENSE +140 -0
package/README.md +106 -0
package/dist/aead/index.d.ts +37 -0
package/dist/aead/index.js +7 -0
package/dist/aead/index.js.map +1 -0
package/dist/asymmetric/index.d.ts +32 -0
package/dist/asymmetric/index.js +6 -0
package/dist/asymmetric/index.js.map +1 -0
package/dist/chunk-3DQPQCAR.js +114 -0
package/dist/chunk-3DQPQCAR.js.map +1 -0
package/dist/chunk-3HCT6A2P.js +55 -0
package/dist/chunk-3HCT6A2P.js.map +1 -0
package/dist/chunk-AB2WZ7Y2.js +57 -0
package/dist/chunk-AB2WZ7Y2.js.map +1 -0
package/dist/chunk-BUFRR5PB.js +9 -0
package/dist/chunk-BUFRR5PB.js.map +1 -0
package/dist/chunk-CYIGDF63.js +30 -0
package/dist/chunk-CYIGDF63.js.map +1 -0
package/dist/chunk-EOXWR7DS.js +153 -0
package/dist/chunk-EOXWR7DS.js.map +1 -0
package/dist/chunk-FUDDBD2G.js +43 -0
package/dist/chunk-FUDDBD2G.js.map +1 -0
package/dist/chunk-JSKIWIEC.js +56 -0
package/dist/chunk-JSKIWIEC.js.map +1 -0
package/dist/chunk-JVFP2GAO.js +66 -0
package/dist/chunk-JVFP2GAO.js.map +1 -0
package/dist/chunk-KNCZMIZA.js +55 -0
package/dist/chunk-KNCZMIZA.js.map +1 -0
package/dist/chunk-MJO7IJZC.js +44 -0
package/dist/chunk-MJO7IJZC.js.map +1 -0
package/dist/chunk-MPWYZXW7.js +66 -0
package/dist/chunk-MPWYZXW7.js.map +1 -0
package/dist/chunk-OA5ARYJM.js +73 -0
package/dist/chunk-OA5ARYJM.js.map +1 -0
package/dist/chunk-OPHN2B3N.js +147 -0
package/dist/chunk-OPHN2B3N.js.map +1 -0
package/dist/chunk-RTAJJZKO.js +116 -0
package/dist/chunk-RTAJJZKO.js.map +1 -0
package/dist/chunk-SCHZI6YY.js +35 -0
package/dist/chunk-SCHZI6YY.js.map +1 -0
package/dist/chunk-T3IV7SHD.js +388 -0
package/dist/chunk-T3IV7SHD.js.map +1 -0
package/dist/chunk-U65A4HIY.js +133 -0
package/dist/chunk-U65A4HIY.js.map +1 -0
package/dist/core/index.d.ts +20 -0
package/dist/core/index.js +6 -0
package/dist/core/index.js.map +1 -0
package/dist/encoding-B-cb7Duu.d.ts +37 -0
package/dist/errors-C79jA9vX.d.ts +65 -0
package/dist/file-encryption/index.d.ts +135 -0
package/dist/file-encryption/index.js +11 -0
package/dist/file-encryption/index.js.map +1 -0
package/dist/format-versioning/index.d.ts +37 -0
package/dist/format-versioning/index.js +4 -0
package/dist/format-versioning/index.js.map +1 -0
package/dist/index.d.ts +27 -0
package/dist/index.js +24 -0
package/dist/index.js.map +1 -0
package/dist/integrity/index.d.ts +46 -0
package/dist/integrity/index.js +6 -0
package/dist/integrity/index.js.map +1 -0
package/dist/kdf/index.d.ts +104 -0
package/dist/kdf/index.js +7 -0
package/dist/kdf/index.js.map +1 -0
package/dist/key-management/index.d.ts +69 -0
package/dist/key-management/index.js +10 -0
package/dist/key-management/index.js.map +1 -0
package/dist/migrations/index.d.ts +41 -0
package/dist/migrations/index.js +4 -0
package/dist/migrations/index.js.map +1 -0
package/dist/post-quantum/index.d.ts +153 -0
package/dist/post-quantum/index.js +3 -0
package/dist/post-quantum/index.js.map +1 -0
package/dist/random/index.d.ts +28 -0
package/dist/random/index.js +5 -0
package/dist/random/index.js.map +1 -0
package/dist/secure-memory/index.d.ts +40 -0
package/dist/secure-memory/index.js +5 -0
package/dist/secure-memory/index.js.map +1 -0
package/dist/signing/index.d.ts +41 -0
package/dist/signing/index.js +5 -0
package/dist/signing/index.js.map +1 -0
package/dist/totp/index.d.ts +69 -0
package/dist/totp/index.js +4 -0
package/dist/totp/index.js.map +1 -0
package/dist/vault-crypto/index.d.ts +225 -0
package/dist/vault-crypto/index.js +465 -0
package/dist/vault-crypto/index.js.map +1 -0
package/dist/vault-encryption/index.d.ts +40 -0
package/dist/vault-encryption/index.js +9 -0
package/dist/vault-encryption/index.js.map +1 -0
package/package.json +137 -0

package/dist/vault-crypto/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/vault-crypto/index.ts"],"names":["CURRENT_KDF_VERSION","VAULT_ITEM_ENVELOPE_V1_PREFIX","generateSalt","deriveRawKey","encryptBytes","decryptBytes","decrypted","unwrapUserKey","newVerifier","salt","kdfVersion","key","encryptedPrivateKey","unwrapUserKeyBytes"],"mappings":";;;;;;;;;;;;;;;AAqEO,IAAMA,oBAAAA,GAAsB;AAS5B,IAAM,UAAA,GAAwC,EAAE,GAAG,kBAAA;AAGnD,IAAMC,8BAAAA,GAAgC;AAG7C,IAAM,oBAAA,GAAuB,sBAAA;AAG7B,IAAM,wBAAA,GAA2B,wBAAA;AAGjC,IAAM,yBAAA,GAA4B,aAAA;AAGlC,IAAM,aAAA,GAAgB,SAAA;AAGtB,IAAI,mBAAA,GAAsB,CAAA;AA4BnB,SAASC,aAAAA,GAAuB;AACnC,EAAA,OAAO,YAAA,EAAgB;AAC3B;AAEA,SAAS,kBAAkB,SAAA,EAAwB;AAC/C,EAAA,OAAO,YAAY,EAAE,QAAA,EAAU,SAAA,EAAW,IAAA,EAAM,sBAAqB,GAAI,MAAA;AAC7E;AAOA,eAAsBC,aAAAA,CAClB,cAAA,EACA,UAAA,EACA,UAAA,GAAqBH,sBACrB,SAAA,EACmB;AACnB,EAAA,OAAO,YAAA,CAAgB,gBAAgB,UAAA,EAAY;AAAA,IAC/C,OAAA,EAAS,UAAA;AAAA,IACT,UAAA,EAAY,kBAAkB,SAAS;AAAA,GAC1C,CAAA;AACL;AAMA,eAAsB,kBAAA,CAClB,cAAA,EACA,UAAA,EACA,UAAA,GAAqBA,sBACrB,SAAA,EACqB;AACrB,EAAA,MAAM,WAAW,MAAMG,aAAAA,CAAa,cAAA,EAAgB,UAAA,EAAY,YAAY,SAAS,CAAA;AACrF,EAAA,MAAM,MAAA,GAAS,YAAA,CAAa,SAAA,CAAU,QAAQ,CAAA;AAC9C,EAAA,QAAA,CAAS,KAAK,CAAC,CAAA;AACf,EAAA,OAAO,MAAA;AACX;AAGA,eAAsB,SAAA,CAClB,cAAA,EACA,UAAA,EACA,UAAA,GAAqBH,sBACrB,SAAA,EACkB;AAClB,EAAA,MAAM,WAAW,MAAMG,aAAAA,CAAa,cAAA,EAAgB,UAAA,EAAY,YAAY,SAAS,CAAA;AACrF,EAAA,IAAI;AACA,IAAA,OAAO,MAAM,gBAAgB,QAAQ,CAAA;AAAA,EACzC,CAAA,SAAE;AACE,IAAA,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,EACnB;AACJ;AAGA,eAAsB,gBAAgB,QAAA,EAAyD;AAC3F,EAAA,OAAO,gBAAgB,QAAQ,CAAA;AACnC;AAKA,eAAsB,OAAA,CAAQ,SAAA,EAAmB,GAAA,EAAgB,GAAA,EAA+B;AAC5F,EAAA,OAAO,aAAA,CAAc,SAAA,EAAW,GAAA,EAAK,GAAG,CAAA;AAC5C;AAGA,eAAsBC,aAAAA,CAClB,cAAA,EACA,GAAA,EACA,GAAA,EACe;AACf,EAAA,OAAO,YAAA,CAAgB,cAAA,EAAgB,GAAA,EAAK,GAAG,CAAA;AACnD;AAGA,eAAsB,OAAA,CAAQ,eAAA,EAAyB,GAAA,EAAgB,GAAA,EAA+B;AAClG,EAAA,OAAO,aAAA,CAAc,eAAA,EAAiB,GAAA,EAAK,GAAG,CAAA;AAClD;AAGA,eAAsBC,aAAAA,CAClB,eAAA,EACA,GAAA,EACA,GAAA,EACmB;AACnB,EAAA,OAAO,YAAA,CAAgB,eAAA,EAAiB,GAAA,EAAK,GAAG,CAAA;AACpD;AAKA,eAAsB,gBAAA,CAClB,IAAA,EACA,GAAA,EACA,OAAA,EACe;AACf,EAAA,OAAO,iBAAA,CAAkB,IAAA,EAAiC,GAAA,EAAK,OAAO,CAAA;AAC1E;AAOA,eAAsB,iBAClB,aAAA,EACA,GAAA,EACA,OAAA,EACA,OAAA,GAAkD,EAAC,EAC7B;AACtB,EAAA,IAAI,QAAQ,wBAAA,EAA0B;AAClC,IAAA,MAAM,MAAA,GAAS,MAAM,6BAAA,CAA8B,aAAA,EAAe,KAAK,OAAO,CAAA;AAC9E,IAAA,IAAI,OAAO,uBAAA,EAAyB;AAChC,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,mCAAA,EAAsC,OAAO,CAAA,CAAE,CAAA;AAC5D,MAAA,mBAAA,EAAA;AAAA,IACJ;AACA,IAAA,OAAO,MAAA,CAAO,IAAA;AAAA,EAClB;AACA,EAAA,OAAQ,MAAM,iBAAA,CAAkB,aAAA,EAAe,GAAA,EAAK,OAAO,CAAA;AAC/D;AAYA,eAAsB,4BAAA,CAClB,aAAA,EACA,GAAA,EACA,OAAA,EACwC;AACxC,EAAA,MAAM,MAAA,GAAS,MAAM,6BAAA,CAA8B,aAAA,EAAe,KAAK,OAAO,CAAA;AAC9E,EAAA,IAAI,OAAO,uBAAA,EAAyB;AAChC,IAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,mCAAA,EAAsC,OAAO,CAAA,CAAE,CAAA;AAC5D,IAAA,mBAAA,EAAA;AAAA,EACJ;AACA,EAAA,OAAO;AAAA,IACH,MAAM,MAAA,CAAO,IAAA;AAAA,IACb,oBAAoB,MAAA,CAAO,kBAAA;AAAA,IAC3B,yBAAyB,MAAA,CAAO;AAAA,GACpC;AACJ;AAUO,SAAS,2BAA2B,aAAA,EAAgC;AACvE,EAAA,OAAO,aAAA,CAAc,wBAAA,EAA0B,aAAa,CAAA,CAAE,OAAA,KAAY,CAAA;AAC9E;AAKA,eAAsB,uBAAuB,GAAA,EAAiC;AAC1E,EAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,wBAAA,EAA0B,GAAG,CAAA;AAC7D,EAAA,OAAO,MAAM,SAAS,CAAA,CAAA;AAC1B;AAGA,eAAsB,SAAA,CAAU,kBAA0B,GAAA,EAAkC;AACxF,EAAA,IAAI;AACA,IAAA,IAAI,gBAAA,CAAiB,UAAA,CAAW,KAAK,CAAA,EAAG;AACpC,MAAA,MAAM,SAAA,GAAY,gBAAA,CAAiB,KAAA,CAAM,CAAC,CAAA;AAC1C,MAAA,MAAMC,UAAAA,GAAY,MAAM,OAAA,CAAQ,SAAA,EAAW,GAAG,CAAA;AAC9C,MAAA,OAAOA,UAAAA,KAAc,wBAAA;AAAA,IACzB;AACA,IAAA,IAAI,gBAAA,CAAiB,UAAA,CAAW,KAAK,CAAA,EAAG;AACpC,MAAA,MAAM,KAAA,GAAQ,gBAAA,CAAiB,KAAA,CAAM,GAAG,CAAA;AACxC,MAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACpB,QAAA,OAAO,KAAA;AAAA,MACX;AACA,MAAA,MAAM,SAAA,GAAY,MAAM,CAAC,CAAA;AACzB,MAAA,MAAM,kBAAA,GAAqB,MAAM,CAAC,CAAA;AAClC,MAAA,MAAMA,UAAAA,GAAY,MAAM,OAAA,CAAQ,kBAAA,EAAoB,GAAG,CAAA;AACvD,MAAA,OAAOA,UAAAA,KAAc,SAAA;AAAA,IACzB;AACA,IAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,gBAAA,EAAkB,GAAG,CAAA;AACrD,IAAA,OAAO,SAAA,KAAc,wBAAA;AAAA,EACzB,CAAA,CAAA,MAAQ;AACJ,IAAA,OAAO,KAAA;AAAA,EACX;AACJ;AAkBA,eAAsB,kBAClB,cAAA,EACA,UAAA,EACA,cAAA,EACA,SAAA,EACA,kBACA,sBAAA,EACyB;AACzB,EAAA,IAAI,kBAAkBN,oBAAAA,EAAqB;AACvC,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,aAAA,EAAe,cAAA,EAAe;AAAA,EAC5D;AAEA,EAAA,IAAI;AACA,IAAA,IAAI,gBAAA,EAAkB;AAClB,MAAA,MAAM,aAAA,GAAgB,yBAChB,IAAA,GACA,MAAMG,cAAa,cAAA,EAAgB,UAAA,EAAY,gBAAgB,SAAS,CAAA;AAC9E,MAAA,MAAM,oBAAoB,sBAAA,IAA0B,aAAA;AACpD,MAAA,MAAM,oBAAoB,MAAMA,aAAAA;AAAA,QAC5B,cAAA;AAAA,QACA,UAAA;AAAA,QACAH,oBAAAA;AAAA,QACA;AAAA,OACJ;AACA,MAAA,IAAI;AACA,QAAA,MAAM,sBAAsB,MAAM,aAAA;AAAA,UAC9B,gBAAA;AAAA,UACA,iBAAA;AAAA,UACA;AAAA,SACJ;AACA,QAAA,MAAM,UAAA,GAAa,MAAMO,cAAAA,CAAc,mBAAA,EAAqB,iBAAiB,CAAA;AAC7E,QAAA,MAAMC,YAAAA,GAAc,MAAM,sBAAA,CAAuB,UAAU,CAAA;AAC3D,QAAA,OAAO;AAAA,UACH,QAAA,EAAU,IAAA;AAAA,UACV,WAAA,EAAAA,YAAAA;AAAA,UACA,mBAAA;AAAA,UACA,aAAA,EAAeR;AAAA,SACnB;AAAA,MACJ,CAAA,SAAE;AACE,QAAA,aAAA,EAAe,KAAK,CAAC,CAAA;AACrB,QAAA,iBAAA,CAAkB,KAAK,CAAC,CAAA;AAAA,MAC5B;AAAA,IACJ;AAEA,IAAA,MAAM,SAAS,MAAM,SAAA,CAAU,cAAA,EAAgB,UAAA,EAAYA,sBAAqB,SAAS,CAAA;AACzF,IAAA,MAAM,SAAS,MAAM,SAAA,CAAU,cAAA,EAAgB,UAAA,EAAY,gBAAgB,SAAS,CAAA;AACpF,IAAA,MAAM,WAAA,GAAc,MAAM,sBAAA,CAAuB,MAAM,CAAA;AACvD,IAAA,OAAO,EAAE,QAAA,EAAU,IAAA,EAAM,QAAQ,MAAA,EAAQ,WAAA,EAAa,eAAeA,oBAAAA,EAAoB;AAAA,EAC7F,SAAS,GAAA,EAAK;AACV,IAAA,OAAA,CAAQ,IAAA;AAAA,MACJ,CAAA,kBAAA,EAAqB,cAAc,CAAA,KAAA,EAAQA,oBAAmB,qCAAqC,cAAc,CAAA,CAAA,CAAA;AAAA,MACjH;AAAA,KACJ;AACA,IAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,aAAA,EAAe,cAAA,EAAe;AAAA,EAC5D;AACJ;AAKA,eAAsB,eAAA,CAClB,eAAA,EACA,MAAA,EACA,MAAA,EACA,GAAA,EACe;AACf,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI,GAAA,EAAK;AACL,IAAA,IAAI;AACA,MAAA,SAAA,GAAY,MAAM,OAAA,CAAQ,eAAA,EAAiB,MAAA,EAAQ,GAAG,CAAA;AAAA,IAC1D,CAAA,CAAA,MAAQ;AACJ,MAAA,SAAA,GAAY,MAAM,OAAA,CAAQ,eAAA,EAAiB,MAAM,CAAA;AAAA,IACrD;AAAA,EACJ,CAAA,MAAO;AACH,IAAA,SAAA,GAAY,MAAM,OAAA,CAAQ,eAAA,EAAiB,MAAM,CAAA;AAAA,EACrD;AACA,EAAA,OAAO,OAAA,CAAQ,SAAA,EAAW,MAAA,EAAQ,GAAG,CAAA;AACzC;AAcA,eAAsB,cAAA,CAClB,KAAA,EACA,UAAA,EACA,MAAA,EACA,MAAA,EAC2B;AAC3B,EAAA,MAAM,cAA6D,EAAC;AACpE,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACtB,IAAA,IAAI;AACA,MAAA,MAAM,YAAY,MAAM,gBAAA,CAAiB,KAAK,cAAA,EAAgB,MAAA,EAAQ,KAAK,EAAA,EAAI;AAAA,QAC3E,wBAAA,EAA0B;AAAA,OAC7B,CAAA;AACD,MAAA,MAAM,eAAe,MAAM,gBAAA,CAAiB,SAAA,EAAW,MAAA,EAAQ,KAAK,EAAE,CAAA;AACtE,MAAA,WAAA,CAAY,KAAK,EAAE,EAAA,EAAI,KAAK,EAAA,EAAI,cAAA,EAAgB,cAAc,CAAA;AAAA,IAClE,SAAS,GAAA,EAAK;AACV,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,gCAAA,EAAmC,KAAK,EAAE,CAAA,EAAA,EAAK,GAAG,CAAA,CAAE,CAAA;AAAA,IACxE;AAAA,EACJ;AAEA,EAAA,MAAM,kBAKD,EAAC;AACN,EAAA,KAAA,MAAW,OAAO,UAAA,EAAY;AAC1B,IAAA,IAAI,UAAU,GAAA,CAAI,IAAA;AAClB,IAAA,IAAI,UAAU,GAAA,CAAI,IAAA;AAClB,IAAA,IAAI,WAAW,GAAA,CAAI,KAAA;AACnB,IAAA,IAAI,OAAA,GAAU,KAAA;AAEd,IAAA,IAAI,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,yBAAyB,CAAA,EAAG;AAChD,MAAA,IAAI;AACA,QAAA,MAAM,OAAA,GAAU,GAAA,CAAI,IAAA,CAAK,KAAA,CAAM,0BAA0B,MAAM,CAAA;AAC/D,QAAA,MAAM,WAAA,GAAc,MAAM,eAAA,CAAgB,OAAA,EAAS,QAAQ,MAAM,CAAA;AACjE,QAAA,OAAA,GAAU,CAAA,EAAG,yBAAyB,CAAA,EAAG,WAAW,CAAA,CAAA;AACpD,QAAA,OAAA,GAAU,IAAA;AAAA,MACd,SAAS,GAAA,EAAK;AACV,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mCAAA,EAAsC,IAAI,EAAE,CAAA,EAAA,EAAK,GAAG,CAAA,CAAE,CAAA;AAAA,MAC1E;AAAA,IACJ;AAEA,IAAA,IAAI,IAAI,IAAA,IAAQ,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,yBAAyB,CAAA,EAAG;AAC5D,MAAA,IAAI;AACA,QAAA,MAAM,OAAA,GAAU,GAAA,CAAI,IAAA,CAAK,KAAA,CAAM,0BAA0B,MAAM,CAAA;AAC/D,QAAA,MAAM,WAAA,GAAc,MAAM,eAAA,CAAgB,OAAA,EAAS,QAAQ,MAAM,CAAA;AACjE,QAAA,OAAA,GAAU,CAAA,EAAG,yBAAyB,CAAA,EAAG,WAAW,CAAA,CAAA;AACpD,QAAA,OAAA,GAAU,IAAA;AAAA,MACd,SAAS,GAAA,EAAK;AACV,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mCAAA,EAAsC,IAAI,EAAE,CAAA,EAAA,EAAK,GAAG,CAAA,CAAE,CAAA;AAAA,MAC1E;AAAA,IACJ;AAEA,IAAA,IAAI,IAAI,KAAA,IAAS,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,yBAAyB,CAAA,EAAG;AAC9D,MAAA,IAAI;AACA,QAAA,MAAM,OAAA,GAAU,GAAA,CAAI,KAAA,CAAM,KAAA,CAAM,0BAA0B,MAAM,CAAA;AAChE,QAAA,MAAM,WAAA,GAAc,MAAM,eAAA,CAAgB,OAAA,EAAS,QAAQ,MAAM,CAAA;AACjE,QAAA,QAAA,GAAW,CAAA,EAAG,yBAAyB,CAAA,EAAG,WAAW,CAAA,CAAA;AACrD,QAAA,OAAA,GAAU,IAAA;AAAA,MACd,SAAS,GAAA,EAAK;AACV,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oCAAA,EAAuC,IAAI,EAAE,CAAA,EAAA,EAAK,GAAG,CAAA,CAAE,CAAA;AAAA,MAC3E;AAAA,IACJ;AAEA,IAAA,IAAI,OAAA,EAAS;AACT,MAAA,eAAA,CAAgB,IAAA,CAAK,EAAE,EAAA,EAAI,GAAA,CAAI,EAAA,EAAI,IAAA,EAAM,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,CAAA;AAAA,IACtF;AAAA,EACJ;AAEA,EAAA,MAAM,WAAA,GAAc,mBAAA;AACpB,EAAA,mBAAA,GAAsB,CAAA;AAEtB,EAAA,OAAO;AAAA,IACH,kBAAkB,WAAA,CAAY,MAAA;AAAA,IAC9B,uBAAuB,eAAA,CAAgB,MAAA;AAAA,IACvC,WAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA,EAAkB;AAAA,GACtB;AACJ;AAQO,SAAS,gBAAgB,IAAA,EAA2B;AACvD,EAAA,IAAI,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,KAAA,GAAQ,EAAA;AAC7B,EAAA,IAAI,IAAA,CAAK,UAAA,EAAY,IAAA,CAAK,UAAA,GAAa,EAAA;AACvC,EAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,UAAA;AACnC,EAAA,IAAI,OAAO,IAAA,CAAK,UAAA,KAAe,SAAA,OAAgB,UAAA,GAAa,KAAA;AAC5D,EAAA,IAAI,OAAO,IAAA,CAAK,UAAA,KAAe,WAAA,OAAkB,UAAA,GAAa,IAAA;AAC9D,EAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,EAAA;AACnC,EAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,EAAA;AACnC,EAAA,IAAI,IAAA,CAAK,KAAA,EAAO,IAAA,CAAK,KAAA,GAAQ,EAAA;AAC7B,EAAA,IAAI,IAAA,CAAK,UAAA,EAAY,IAAA,CAAK,UAAA,GAAa,EAAA;AACvC,EAAA,IAAI,IAAA,CAAK,UAAA,EAAY,IAAA,CAAK,UAAA,GAAa,EAAA;AACvC,EAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,EAAA;AACrC,EAAA,IAAI,KAAK,YAAA,EAAc;AACnB,IAAA,MAAA,CAAO,KAAK,IAAA,CAAK,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AAC5C,MAAA,IAAA,CAAK,YAAA,CAAc,GAAG,CAAA,GAAI,EAAA;AAAA,IAC9B,CAAC,CAAA;AAAA,EACL;AACJ;AAGO,IAAM,WAAA,GAAc;AAI3B,eAAsB,kBAAA,GAA6C;AAC/D,EAAA,OAAO,sBAAA,EAAuB;AAClC;AAEA,eAAsB,gBAAgB,GAAA,EAAqC;AACvE,EAAA,OAAO,UAAU,GAAG,CAAA;AACxB;AAEA,eAAsB,gBAAgB,GAAA,EAAqC;AACvE,EAAA,OAAO,uBAAuB,GAAG,CAAA;AACrC;AAEA,eAAsB,iBAAiB,GAAA,EAAqC;AACxE,EAAA,OAAO,wBAAwB,GAAG,CAAA;AACtC;AAEA,eAAsB,iBAAiB,GAAA,EAAqC;AACxE,EAAA,OAAO,UAAU,GAAG,CAAA;AACxB;AAEA,eAAsB,UAAA,CAAW,WAAmB,SAAA,EAAuC;AACvF,EAAA,OAAO,cAAA,CAAe,WAAW,SAAS,CAAA;AAC9C;AAEA,eAAsB,UAAA,CAAW,kBAA0B,UAAA,EAAwC;AAC/F,EAAA,OAAO,cAAA,CAAe,kBAAkB,UAAU,CAAA;AACtD;AAQA,eAAsB,mBAAA,CAClB,cAAA,EACA,OAAA,GAAiB,CAAA,EACgE;AACjF,EAAA,IAAI,YAAY,CAAA,EAAG;AACf,IAAA,MAAM,OAAA,GAAU,MAAM,sBAAA,EAAuB;AAC7C,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA,CAAU,MAAM,SAAA,CAAU,OAAA,CAAQ,SAAS,CAAC,CAAA;AACnE,IAAA,MAAM,aAAa,IAAA,CAAK,SAAA,CAAU,MAAM,SAAA,CAAU,OAAA,CAAQ,UAAU,CAAC,CAAA;AAErE,IAAA,MAAMS,QAAOP,aAAAA,EAAa;AAC1B,IAAA,MAAMQ,WAAAA,GAAaV,oBAAAA;AACnB,IAAA,MAAMW,IAAAA,GAAM,MAAM,SAAA,CAAU,cAAA,EAAgBF,OAAMC,WAAU,CAAA;AAC5D,IAAA,MAAME,oBAAAA,GAAsB,MAAM,OAAA,CAAQ,UAAA,EAAYD,IAAG,CAAA;AAEzD,IAAA,OAAO;AAAA,MACH,SAAA;AAAA,MACA,qBAAqB,CAAA,EAAGD,WAAU,CAAA,CAAA,EAAID,KAAI,IAAIG,oBAAmB,CAAA;AAAA,KACrE;AAAA,EACJ;AAGA,EAAA,MAAM,UAAA,GAAa,MAAM,sBAAA,EAAuB;AAChD,EAAA,MAAM,YAAY,iBAAA,EAAkB;AACpC,EAAA,MAAM,EAAE,SAAA,EAAW,iBAAA,EAAmB,SAAA,EAAW,mBAAkB,GAAI,SAAA;AAEvE,EAAA,MAAM,eAAe,IAAA,CAAK,SAAA,CAAU,MAAM,SAAA,CAAU,UAAA,CAAW,SAAS,CAAC,CAAA;AACzE,EAAA,MAAM,gBAAgB,IAAA,CAAK,SAAA,CAAU,MAAM,SAAA,CAAU,UAAA,CAAW,UAAU,CAAC,CAAA;AAE3E,EAAA,MAAM,OAAOV,aAAAA,EAAa;AAC1B,EAAA,MAAM,UAAA,GAAaF,oBAAAA;AACnB,EAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,cAAA,EAAgB,MAAM,UAAU,CAAA;AAE5D,EAAA,MAAM,eAAA,GAAkB,MAAM,OAAA,CAAQ,aAAA,EAAe,GAAG,CAAA;AACxD,EAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,iBAAA,EAAmB,GAAG,CAAA;AAE3D,EAAA,MAAM,mBAAA,GAAsB,SAAS,UAAU,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA,EAAI,eAAe,IAAI,cAAc,CAAA,CAAA;AAE5F,EAAA,OAAO,EAAE,SAAA,EAAW,YAAA,EAAc,mBAAA,EAAqB,aAAa,iBAAA,EAAkB;AAC1F;AAGA,eAAsB,sBAAA,CAClB,qBACA,cAAA,EACuF;AACvF,EAAA,IAAI;AACA,IAAA,IAAI,mBAAA,CAAoB,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC1C,MAAA,OAAO,IAAA;AAAA,IACX;AAEA,IAAA,MAAM,KAAA,GAAQ,mBAAA,CAAoB,KAAA,CAAM,GAAG,CAAA;AAC3C,IAAA,IAAI,UAAA,GAAa,CAAA;AACjB,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI,aAAA;AAEJ,IAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACpB,MAAA,IAAA,GAAO,MAAM,CAAC,CAAA;AACd,MAAA,aAAA,GAAgB,MAAM,CAAC,CAAA;AAAA,IAC3B,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG;AAC3B,MAAA,UAAA,GAAa,QAAA,CAAS,KAAA,CAAM,CAAC,CAAA,EAAI,EAAE,CAAA;AACnC,MAAA,IAAA,GAAO,MAAM,CAAC,CAAA;AACd,MAAA,aAAA,GAAgB,MAAM,CAAC,CAAA;AAAA,IAC3B,CAAA,MAAO;AACH,MAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AAAA,IAC1D;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,cAAA,EAAgB,MAAM,UAAU,CAAA;AAC5D,IAAA,MAAM,aAAA,GAAgB,MAAM,OAAA,CAAQ,aAAA,EAAe,GAAG,CAAA;AAEtD,IAAA,MAAM,gBAAA,GAAmB,IAAA,CAAK,KAAA,CAAM,aAAa,CAAA;AACjD,IAAA,MAAM,eAAA,GAAkB;AAAA,MACpB,GAAG,gBAAA;AAAA,MACH,CAAA,EAAG,KAAA,CAAA;AAAA,MACH,EAAA,EAAI,KAAA,CAAA;AAAA,MACJ,EAAA,EAAI,KAAA,CAAA;AAAA,MACJ,CAAA,EAAG,KAAA,CAAA;AAAA,MACH,CAAA,EAAG,KAAA,CAAA;AAAA,MACH,EAAA,EAAI,KAAA,CAAA;AAAA,MACJ,OAAA,EAAS,CAAC,SAAS;AAAA,KACvB;AACA,IAAA,MAAM,YAAA,GAAe,IAAA,CAAK,SAAA,CAAU,eAAe,CAAA;AAEnD,IAAA,MAAM,YAAY,iBAAA,EAAkB;AACpC,IAAA,MAAM,EAAE,SAAA,EAAW,WAAA,EAAa,SAAA,EAAW,aAAY,GAAI,SAAA;AAE3D,IAAA,MAAM,UAAUE,aAAAA,EAAa;AAC7B,IAAA,MAAM,aAAA,GAAgBF,oBAAAA;AACtB,IAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,cAAA,EAAgB,SAAS,aAAa,CAAA;AAErE,IAAA,MAAM,eAAA,GAAkB,MAAM,OAAA,CAAQ,aAAA,EAAe,MAAM,CAAA;AAC3D,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,WAAA,EAAa,MAAM,CAAA;AAExD,IAAA,MAAM,kBAAA,GAAqB,SAAS,aAAa,CAAA,CAAA,EAAI,OAAO,CAAA,CAAA,EAAI,eAAe,IAAI,cAAc,CAAA,CAAA;AAEjG,IAAA,OAAO,EAAE,SAAA,EAAW,YAAA,EAAc,mBAAA,EAAqB,oBAAoB,WAAA,EAAY;AAAA,EAC3F,SAAS,GAAA,EAAK;AACV,IAAA,OAAA,CAAQ,KAAA,CAAM,yCAAyC,GAAG,CAAA;AAC1D,IAAA,OAAO,IAAA;AAAA,EACX;AACJ;AAGA,eAAsB,iBAAA,GAAqC;AACvD,EAAA,OAAO,oBAAA,EAAqB;AAChC;AAGA,eAAsB,oBAAA,CAClB,IAAA,EACA,SAAA,EACA,GAAA,EACe;AACf,EAAA,MAAM,MAAM,MAAM,sBAAA,CAAuB,SAAA,EAAW,CAAC,SAAS,CAAC,CAAA;AAC/D,EAAA,OAAO,QAAQ,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,EAAG,KAAK,GAAG,CAAA;AACjD;AAQA,eAAsB,qBAClB,aAAA,EACA,SAAA,EACA,GAAA,EACA,OAAA,GAAmC,EAAC,EACd;AACtB,EAAA,MAAM,MAAM,MAAM,sBAAA,CAAuB,SAAA,EAAW,CAAC,SAAS,CAAC,CAAA;AAC/D,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,GAAA,EAAK;AACL,IAAA,IAAI;AACA,MAAA,IAAA,GAAO,MAAM,OAAA,CAAQ,aAAA,EAAe,GAAA,EAAK,GAAG,CAAA;AAAA,IAChD,CAAA,CAAA,MAAQ;AACJ,MAAA,IAAI,CAAC,QAAQ,wBAAA,EAA0B;AACnC,QAAA,MAAM,IAAI,MAAM,8DAA8D,CAAA;AAAA,MAClF;AACA,MAAA,mBAAA,EAAA;AACA,MAAA,IAAA,GAAO,MAAM,OAAA,CAAQ,aAAA,EAAe,GAAG,CAAA;AAAA,IAC3C;AAAA,EACJ,CAAA,MAAO;AACH,IAAA,IAAA,GAAO,MAAM,OAAA,CAAQ,aAAA,EAAe,GAAG,CAAA;AAAA,EAC3C;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAC1B;AAKA,eAAsB,uBAAuB,cAAA,EAAoD;AAC7F,EAAA,OAAO,qBAAqB,cAAc,CAAA;AAC9C;AAGA,eAAsB,iBAAiB,cAAA,EAAoD;AACvF,EAAA,OAAO,kCAAkC,cAAc,CAAA;AAC3D;AAGA,eAAsBO,cAAAA,CAClB,kBACA,cAAA,EACkB;AAClB,EAAA,OAAO,aAAA,CAAiB,kBAAkB,cAAc,CAAA;AAC5D;AAGA,eAAsBM,mBAAAA,CAClB,kBACA,cAAA,EACmB;AACnB,EAAA,OAAO,kBAAA,CAAsB,kBAAkB,cAAc,CAAA;AACjE;AAGA,eAAsB,aAAA,CAClB,gBAAA,EACA,iBAAA,EACA,iBAAA,EACe;AACf,EAAA,OAAO,gBAAA,CAAiB,gBAAA,EAAkB,iBAAA,EAAmB,iBAAiB,CAAA;AAClF;AAGA,eAAsB,yBAAA,CAClB,oBACA,OAAA,EACe;AACf,EAAA,MAAM,GAAA,GAAM,MAAM,OAAA,CAAQ,kBAAA,EAAoB,OAAO,CAAA;AACrD,EAAA,OAAO,CAAA,EAAG,aAAa,CAAA,EAAG,GAAG,CAAA,CAAA;AACjC;AAGA,eAAsB,2BAAA,CAClB,YACA,OAAA,EACe;AACf,EAAA,IAAI,CAAC,UAAA,CAAW,UAAA,CAAW,aAAa,CAAA,EAAG;AACvC,IAAA,MAAM,IAAI,MAAM,yEAAyE,CAAA;AAAA,EAC7F;AACA,EAAA,OAAO,QAAQ,UAAA,CAAW,KAAA,CAAM,aAAA,CAAc,MAAM,GAAG,OAAO,CAAA;AAClE;AAMA,eAAsB,uBAAA,CAClB,mBAAA,EACA,cAAA,EACA,aAAA,GAAgB,KAAA,EACD;AACf,EAAA,IAAI,mBAAA,CAAoB,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC1C,IAAA,MAAM,IAAA,GAAO,mBAAA,CAAoB,KAAA,CAAM,QAAA,CAAS,MAAM,CAAA;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,OAAA,CAAQ,GAAG,CAAA;AAClC,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,OAAA,CAAQ,GAAA,EAAK,YAAY,CAAC,CAAA;AACjD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,OAAA,CAAQ,GAAA,EAAK,YAAY,CAAC,CAAA;AACjD,IAAA,IAAI,SAAA,GAAY,CAAA,IAAK,SAAA,GAAY,CAAA,IAAK,YAAY,CAAA,EAAG;AACjD,MAAA,MAAM,IAAI,MAAM,+CAA+C,CAAA;AAAA,IACnE;AACA,IAAA,MAAMH,cAAa,QAAA,CAAS,IAAA,CAAK,MAAM,CAAA,EAAG,SAAS,GAAG,EAAE,CAAA;AACxD,IAAA,MAAMD,KAAAA,GAAO,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,GAAG,SAAS,CAAA;AAChD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,GAAG,SAAS,CAAA;AACrD,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA;AACzC,IAAA,MAAME,IAAAA,GAAM,MAAM,SAAA,CAAU,cAAA,EAAgBF,OAAMC,WAAU,CAAA;AAC5D,IAAA,OAAO,gBAAgB,OAAA,CAAQ,QAAA,EAAUC,IAAG,CAAA,GAAI,OAAA,CAAQ,WAAWA,IAAG,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,KAAA,GAAQ,mBAAA,CAAoB,KAAA,CAAM,GAAG,CAAA;AAC3C,EAAA,IAAI,UAAA,GAAa,CAAA;AACjB,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,OAAA;AAEJ,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACpB,IAAA,IAAA,GAAO,MAAM,CAAC,CAAA;AACd,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAAA,EACrB,CAAA,MAAA,IAAW,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG;AAC3B,IAAA,UAAA,GAAa,QAAA,CAAS,KAAA,CAAM,CAAC,CAAA,EAAI,EAAE,CAAA;AACnC,IAAA,IAAA,GAAO,MAAM,CAAC,CAAA;AACd,IAAA,OAAA,GAAU,MAAM,CAAC,CAAA;AAAA,EACrB,CAAA,MAAO;AACH,IAAA,MAAM,IAAI,KAAA;AAAA,MACN,CAAA,8CAAA,EAAiD,MAAM,MAAM,CAAA,uBAAA;AAAA,KACjE;AAAA,EACJ;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,cAAA,EAAgB,MAAM,UAAU,CAAA;AAC5D,EAAA,OAAO,OAAA,CAAQ,SAAS,GAAG,CAAA;AAC/B;AAGA,eAAsB,yBAAA,CAClB,mBAAA,EACA,OAAA,EACA,cAAA,EACe;AACf,EAAA,IAAI,mBAAA,CAAoB,UAAA,CAAW,aAAa,CAAA,EAAG;AAC/C,IAAA,IAAI,CAAC,OAAA,EAAS;AACV,MAAA,MAAM,IAAI,MAAM,+DAA+D,CAAA;AAAA,IACnF;AACA,IAAA,OAAO,2BAAA,CAA4B,qBAAqB,OAAO,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,uBAAA,CAAwB,mBAAA,EAAqB,cAAA,EAAgB,KAAK,CAAA;AAC7E;AAGA,eAAsB,wBAAA,CAClB,qBAAA,EACA,OAAA,EACA,cAAA,EACe;AACf,EAAA,IAAI,qBAAA,CAAsB,UAAA,CAAW,aAAa,CAAA,EAAG;AACjD,IAAA,IAAI,CAAC,OAAA,EAAS;AACV,MAAA,MAAM,IAAI,MAAM,8DAA8D,CAAA;AAAA,IAClF;AACA,IAAA,OAAO,2BAAA,CAA4B,uBAAuB,OAAO,CAAA;AAAA,EACrE;AACA,EAAA,IAAI,qBAAA,CAAsB,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC5C,IAAA,OAAO,uBAAA,CAAwB,qBAAA,EAAuB,cAAA,EAAgB,IAAI,CAAA;AAAA,EAC9E;AACA,EAAA,OAAO,uBAAA,CAAwB,qBAAA,EAAuB,cAAA,EAAgB,KAAK,CAAA;AAC/E","file":"index.js","sourcesContent":["/**\r\n * dis-vault-crypto — the Singra Vault *application crypto profile*.\r\n *\r\n * This module is the stable, named API that Singra Vault (and, transitively,\r\n * Singra Premium) consume. It does NOT re-implement any primitive: every\r\n * operation is composed from the audited DIS modules (`kdf`, `aead`,\r\n * `vault-encryption`, `key-management`, `asymmetric`, `post-quantum`). What it\r\n * adds is the *application-specific composition and versioned envelope formats*\r\n * that Singra has always used:\r\n *\r\n * - device-key strengthened Argon2id derivation (HKDF info `SINGRA_DEVICE_KEY_V1`)\r\n * - the `sv-vault-v1:` vault-item envelope (entry-id AAD)\r\n * - the two-tier UserKey model (`usk-wrap-v2:`) and private-key wrapping (`usk-v1:`)\r\n * - sharing / emergency-access key material (`pq-v2:` hybrid keypair envelope)\r\n * - KDF auto-upgrade, verification hashes, and re-encryption helpers\r\n *\r\n * Keeping these names and formats here means applications need ZERO crypto\r\n * code of their own — they import this profile and nothing else. Every byte\r\n * format is covered by golden-vector tests proving compatibility with the\r\n * pre-extraction Singra implementation.\r\n */\r\n\r\nimport { bytesToBase64, base64ToBytes } from '../core/encoding.js';\r\nimport {\r\n CURRENT_KDF_VERSION as DIS_CURRENT_KDF_VERSION,\r\n DEFAULT_KDF_PARAMS,\r\n deriveRawKey as disDeriveRawKey,\r\n generateSalt as disGenerateSalt,\r\n importAesGcmKey,\r\n type KdfParams as DisKdfParams,\r\n} from '../kdf/index.js';\r\nimport {\r\n decryptBytes as disDecryptBytes,\r\n decryptString,\r\n encryptBytes as disEncryptBytes,\r\n encryptString,\r\n} from '../aead/index.js';\r\nimport {\r\n decryptVaultEntry,\r\n decryptVaultEntryForMigration,\r\n encryptVaultEntry,\r\n VAULT_ITEM_ENVELOPE_SPEC,\r\n VAULT_ITEM_ENVELOPE_V1_PREFIX as DIS_VAULT_ITEM_ENVELOPE_V1_PREFIX,\r\n} from '../vault-encryption/index.js';\r\nimport { parseEnvelope } from '../format-versioning/index.js';\r\nimport {\r\n createDeterministicWrappedUserKey,\r\n createWrappedUserKey,\r\n generateAesGcmKeyJwk,\r\n importAesGcmKeyFromJwk,\r\n rotateWrappedKey,\r\n unwrapUserKey as disUnwrapUserKey,\r\n unwrapUserKeyBytes as disUnwrapUserKeyBytes,\r\n type UserKeyBundle as DisUserKeyBundle,\r\n} from '../key-management/index.js';\r\nimport {\r\n exportJwk,\r\n generateRsaOaepKeyPair,\r\n importRsaOaepPrivateKey,\r\n importRsaOaepPublicKey,\r\n rsaOaepDecrypt,\r\n rsaOaepEncrypt,\r\n} from '../asymmetric/index.js';\r\nimport { generatePQKeyPair } from '../post-quantum/index.js';\r\nimport { SecureBuffer } from '../secure-memory/index.js';\r\n\r\n// ============ Constants & format contract ============\r\n\r\n/** The latest KDF version. Newly set-up accounts use this version. */\r\nexport const CURRENT_KDF_VERSION = DIS_CURRENT_KDF_VERSION;\r\n\r\n/** Argon2id parameter set for a given KDF version. */\r\nexport type KdfParams = DisKdfParams;\r\n\r\n/**\r\n * KDF parameter sets indexed by version number. Byte-compatible with Singra.\r\n * Exposed as a plain record for call sites that look up params by version.\r\n */\r\nexport const KDF_PARAMS: Record<number, KdfParams> = { ...DEFAULT_KDF_PARAMS };\r\n\r\n/** Versioned envelope prefix for vault item payloads. */\r\nexport const VAULT_ITEM_ENVELOPE_V1_PREFIX = DIS_VAULT_ITEM_ENVELOPE_V1_PREFIX;\r\n\r\n/** HKDF `info` binding the derived key to a device key (second factor). */\r\nconst DEVICE_KEY_HKDF_INFO = 'SINGRA_DEVICE_KEY_V1';\r\n\r\n/** Constant used in v3 verification hashes (no plaintext stored in DB). */\r\nconst VERIFICATION_CONSTANT_V3 = 'SINGRA_VAULT_VERIFY_V3';\r\n\r\n/** Encrypted category field prefix used for category name/icon/color. */\r\nconst ENCRYPTED_CATEGORY_PREFIX = 'enc:cat:v1:';\r\n\r\n/** Sentinel prefix for private keys wrapped under the UserKey. */\r\nconst USK_V1_PREFIX = 'usk-v1:';\r\n\r\n/** Internal counter for legacy (no-AAD) decryption fallbacks (monitoring). */\r\nlet _legacyDecryptCount = 0;\r\n\r\nexport type UserKeyBundle = DisUserKeyBundle;\r\n\r\n/** Sensitive vault item data that gets encrypted. */\r\nexport interface VaultItemData {\r\n title?: string;\r\n websiteUrl?: string;\r\n itemType?: 'password' | 'note' | 'totp' | 'card';\r\n isFavorite?: boolean;\r\n categoryId?: string | null;\r\n username?: string;\r\n password?: string;\r\n notes?: string;\r\n totpSecret?: string;\r\n totpIssuer?: string;\r\n totpLabel?: string;\r\n totpAlgorithm?: 'SHA1' | 'SHA256' | 'SHA512';\r\n totpDigits?: 6 | 8;\r\n totpPeriod?: number;\r\n customFields?: Record<string, string>;\r\n /** Internal marker for duress/decoy items (never exposed to UI). */\r\n _duress?: boolean;\r\n}\r\n\r\n// ============ Salt & KDF ============\r\n\r\n/** Generates a cryptographically secure random salt (base64, 128-bit). */\r\nexport function generateSalt(): string {\r\n return disGenerateSalt();\r\n}\r\n\r\nfunction strengthenOptions(deviceKey?: Uint8Array) {\r\n return deviceKey ? { hkdfSalt: deviceKey, info: DEVICE_KEY_HKDF_INFO } : undefined;\r\n}\r\n\r\n/**\r\n * Derives raw AES-256 key bytes from a master password using Argon2id.\r\n * When a deviceKey is provided, the result is strengthened via HKDF-Expand\r\n * with the device key as salt. Caller owns/must wipe the returned buffer.\r\n */\r\nexport async function deriveRawKey(\r\n masterPassword: string,\r\n saltBase64: string,\r\n kdfVersion: number = CURRENT_KDF_VERSION,\r\n deviceKey?: Uint8Array,\r\n): Promise<Uint8Array> {\r\n return disDeriveRawKey(masterPassword, saltBase64, {\r\n version: kdfVersion,\r\n strengthen: strengthenOptions(deviceKey),\r\n });\r\n}\r\n\r\n/**\r\n * Derives raw key bytes wrapped in a SecureBuffer for safer handling.\r\n * The SecureBuffer auto-zeros on destroy. Caller MUST call `.destroy()`.\r\n */\r\nexport async function deriveRawKeySecure(\r\n masterPassword: string,\r\n saltBase64: string,\r\n kdfVersion: number = CURRENT_KDF_VERSION,\r\n deviceKey?: Uint8Array,\r\n): Promise<SecureBuffer> {\r\n const rawBytes = await deriveRawKey(masterPassword, saltBase64, kdfVersion, deviceKey);\r\n const secure = SecureBuffer.fromBytes(rawBytes);\r\n rawBytes.fill(0);\r\n return secure;\r\n}\r\n\r\n/** Derives an AES-256-GCM CryptoKey from a master password. */\r\nexport async function deriveKey(\r\n masterPassword: string,\r\n saltBase64: string,\r\n kdfVersion: number = CURRENT_KDF_VERSION,\r\n deviceKey?: Uint8Array,\r\n): Promise<CryptoKey> {\r\n const keyBytes = await deriveRawKey(masterPassword, saltBase64, kdfVersion, deviceKey);\r\n try {\r\n return await importMasterKey(keyBytes);\r\n } finally {\r\n keyBytes.fill(0);\r\n }\r\n}\r\n\r\n/** Imports raw 256-bit key bytes into a non-extractable AES-GCM CryptoKey. */\r\nexport async function importMasterKey(keyBytes: Uint8Array | BufferSource): Promise<CryptoKey> {\r\n return importAesGcmKey(keyBytes);\r\n}\r\n\r\n// ============ AEAD (string + bytes) ============\r\n\r\n/** Encrypts a UTF-8 string with AES-256-GCM. Optional AAD binds context. */\r\nexport async function encrypt(plaintext: string, key: CryptoKey, aad?: string): Promise<string> {\r\n return encryptString(plaintext, key, aad);\r\n}\r\n\r\n/** Encrypts binary data with AES-256-GCM. Caller owns/wipes `plaintextBytes`. */\r\nexport async function encryptBytes(\r\n plaintextBytes: Uint8Array,\r\n key: CryptoKey,\r\n aad?: string,\r\n): Promise<string> {\r\n return disEncryptBytes(plaintextBytes, key, aad);\r\n}\r\n\r\n/** Decrypts AES-256-GCM data to a UTF-8 string. */\r\nexport async function decrypt(encryptedBase64: string, key: CryptoKey, aad?: string): Promise<string> {\r\n return decryptString(encryptedBase64, key, aad);\r\n}\r\n\r\n/** Decrypts AES-256-GCM data to plaintext bytes (secret — caller must wipe). */\r\nexport async function decryptBytes(\r\n encryptedBase64: string,\r\n key: CryptoKey,\r\n aad?: string,\r\n): Promise<Uint8Array> {\r\n return disDecryptBytes(encryptedBase64, key, aad);\r\n}\r\n\r\n// ============ Vault item envelope ============\r\n\r\n/** Encrypts a vault item, binding the ciphertext to `entryId` via AAD. */\r\nexport async function encryptVaultItem(\r\n data: VaultItemData,\r\n key: CryptoKey,\r\n entryId: string,\r\n): Promise<string> {\r\n return encryptVaultEntry(data as Record<string, unknown>, key, entryId);\r\n}\r\n\r\n/**\r\n * Decrypts a vault item. Versioned payloads are read with `entryId` as AAD and\r\n * fail closed for the oldest no-AAD payloads unless the explicit migration\r\n * fallback is requested.\r\n */\r\nexport async function decryptVaultItem(\r\n encryptedData: string,\r\n key: CryptoKey,\r\n entryId: string,\r\n options: { allowLegacyNoAadFallback?: boolean } = {},\r\n): Promise<VaultItemData> {\r\n if (options.allowLegacyNoAadFallback) {\r\n const result = await decryptVaultEntryForMigration(encryptedData, key, entryId);\r\n if (result.legacyNoAadFallbackUsed) {\r\n console.warn(`Legacy entry without AAD detected: ${entryId}`);\r\n _legacyDecryptCount++;\r\n }\r\n return result.data as VaultItemData;\r\n }\r\n return (await decryptVaultEntry(encryptedData, key, entryId)) as VaultItemData;\r\n}\r\n\r\nexport interface VaultItemMigrationDecryptResult {\r\n data: VaultItemData;\r\n legacyEnvelopeUsed: boolean;\r\n legacyNoAadFallbackUsed: boolean;\r\n}\r\n\r\n/**\r\n * Decrypts an item only for an explicit migration path. Runtime reads must use\r\n * decryptVaultItem(), which fails closed for legacy no-AAD payloads.\r\n */\r\nexport async function decryptVaultItemForMigration(\r\n encryptedData: string,\r\n key: CryptoKey,\r\n entryId: string,\r\n): Promise<VaultItemMigrationDecryptResult> {\r\n const result = await decryptVaultEntryForMigration(encryptedData, key, entryId);\r\n if (result.legacyNoAadFallbackUsed) {\r\n console.warn(`Legacy entry without AAD detected: ${entryId}`);\r\n _legacyDecryptCount++;\r\n }\r\n return {\r\n data: result.data as VaultItemData,\r\n legacyEnvelopeUsed: result.legacyEnvelopeUsed,\r\n legacyNoAadFallbackUsed: result.legacyNoAadFallbackUsed,\r\n };\r\n}\r\n\r\n/**\r\n * True if `encryptedData` is a current versioned vault-item envelope.\r\n *\r\n * Fails closed (throws) on an unknown in-family version (`sv-vault-v<n>:`) so a\r\n * future format can never be silently treated as legacy by migration code —\r\n * matching the Singra contract. Callers that need a non-throwing predicate must\r\n * wrap this explicitly.\r\n */\r\nexport function isCurrentVaultItemEnvelope(encryptedData: string): boolean {\r\n return parseEnvelope(VAULT_ITEM_ENVELOPE_SPEC, encryptedData).version === 1;\r\n}\r\n\r\n// ============ Verification hashes ============\r\n\r\n/** Creates a password verification hash (v3: encrypts a known constant). */\r\nexport async function createVerificationHash(key: CryptoKey): Promise<string> {\r\n const encrypted = await encrypt(VERIFICATION_CONSTANT_V3, key);\r\n return `v3:${encrypted}`;\r\n}\r\n\r\n/** Verifies that `key` can decrypt the stored verification hash. */\r\nexport async function verifyKey(verificationHash: string, key: CryptoKey): Promise<boolean> {\r\n try {\r\n if (verificationHash.startsWith('v3:')) {\r\n const encrypted = verificationHash.slice(3);\r\n const decrypted = await decrypt(encrypted, key);\r\n return decrypted === VERIFICATION_CONSTANT_V3;\r\n }\r\n if (verificationHash.startsWith('v2:')) {\r\n const parts = verificationHash.split(':');\r\n if (parts.length !== 3) {\r\n return false;\r\n }\r\n const challenge = parts[1]!;\r\n const encryptedChallenge = parts[2]!;\r\n const decrypted = await decrypt(encryptedChallenge, key);\r\n return decrypted === challenge;\r\n }\r\n const decrypted = await decrypt(verificationHash, key);\r\n return decrypted === 'SINGRA_PW_VERIFICATION';\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\n// ============ KDF auto-migration ============\r\n\r\nexport interface KdfUpgradeResult {\r\n upgraded: boolean;\r\n newKey?: CryptoKey;\r\n oldKey?: CryptoKey;\r\n newVerifier?: string;\r\n activeVersion: number;\r\n newEncryptedUserKey?: string;\r\n}\r\n\r\n/**\r\n * Attempts to upgrade KDF parameters to the latest version after unlock.\r\n * USK path only re-wraps the 32-byte UserKey (no vault re-encryption). Legacy\r\n * path returns old+new keys so the caller can re-encrypt vault data.\r\n */\r\nexport async function attemptKdfUpgrade(\r\n masterPassword: string,\r\n saltBase64: string,\r\n currentVersion: number,\r\n deviceKey?: Uint8Array,\r\n encryptedUserKey?: string,\r\n existingKdfOutputBytes?: Uint8Array,\r\n): Promise<KdfUpgradeResult> {\r\n if (currentVersion >= CURRENT_KDF_VERSION) {\r\n return { upgraded: false, activeVersion: currentVersion };\r\n }\r\n\r\n try {\r\n if (encryptedUserKey) {\r\n const ownedOldBytes = existingKdfOutputBytes\r\n ? null\r\n : await deriveRawKey(masterPassword, saltBase64, currentVersion, deviceKey);\r\n const oldKdfOutputBytes = existingKdfOutputBytes ?? ownedOldBytes!;\r\n const newKdfOutputBytes = await deriveRawKey(\r\n masterPassword,\r\n saltBase64,\r\n CURRENT_KDF_VERSION,\r\n deviceKey,\r\n );\r\n try {\r\n const newEncryptedUserKey = await rewrapUserKey(\r\n encryptedUserKey,\r\n oldKdfOutputBytes,\r\n newKdfOutputBytes,\r\n );\r\n const newUserKey = await unwrapUserKey(newEncryptedUserKey, newKdfOutputBytes);\r\n const newVerifier = await createVerificationHash(newUserKey);\r\n return {\r\n upgraded: true,\r\n newVerifier,\r\n newEncryptedUserKey,\r\n activeVersion: CURRENT_KDF_VERSION,\r\n };\r\n } finally {\r\n ownedOldBytes?.fill(0);\r\n newKdfOutputBytes.fill(0);\r\n }\r\n }\r\n\r\n const newKey = await deriveKey(masterPassword, saltBase64, CURRENT_KDF_VERSION, deviceKey);\r\n const oldKey = await deriveKey(masterPassword, saltBase64, currentVersion, deviceKey);\r\n const newVerifier = await createVerificationHash(newKey);\r\n return { upgraded: true, newKey, oldKey, newVerifier, activeVersion: CURRENT_KDF_VERSION };\r\n } catch (err) {\r\n console.warn(\r\n `KDF upgrade from v${currentVersion} to v${CURRENT_KDF_VERSION} failed (likely OOM), staying on v${currentVersion}:`,\r\n err,\r\n );\r\n return { upgraded: false, activeVersion: currentVersion };\r\n }\r\n}\r\n\r\n// ============ Vault re-encryption ============\r\n\r\n/** Re-encrypts a single encrypted string from oldKey to newKey. */\r\nexport async function reEncryptString(\r\n encryptedBase64: string,\r\n oldKey: CryptoKey,\r\n newKey: CryptoKey,\r\n aad?: string,\r\n): Promise<string> {\r\n let plaintext: string;\r\n if (aad) {\r\n try {\r\n plaintext = await decrypt(encryptedBase64, oldKey, aad);\r\n } catch {\r\n plaintext = await decrypt(encryptedBase64, oldKey);\r\n }\r\n } else {\r\n plaintext = await decrypt(encryptedBase64, oldKey);\r\n }\r\n return encrypt(plaintext, newKey, aad);\r\n}\r\n\r\nexport interface ReEncryptionResult {\r\n itemsReEncrypted: number;\r\n categoriesReEncrypted: number;\r\n itemUpdates: Array<{ id: string; encrypted_data: string }>;\r\n categoryUpdates: Array<{ id: string; name: string; icon: string | null; color: string | null }>;\r\n legacyItemsFound: number;\r\n}\r\n\r\n/**\r\n * Re-encrypts all vault items and encrypted category fields from an old key to\r\n * a new key (required during KDF upgrades). Pure: no DB side effects.\r\n */\r\nexport async function reEncryptVault(\r\n items: Array<{ id: string; encrypted_data: string }>,\r\n categories: Array<{ id: string; name: string; icon: string | null; color: string | null }>,\r\n oldKey: CryptoKey,\r\n newKey: CryptoKey,\r\n): Promise<ReEncryptionResult> {\r\n const itemUpdates: Array<{ id: string; encrypted_data: string }> = [];\r\n for (const item of items) {\r\n try {\r\n const plaintext = await decryptVaultItem(item.encrypted_data, oldKey, item.id, {\r\n allowLegacyNoAadFallback: true,\r\n });\r\n const newEncrypted = await encryptVaultItem(plaintext, newKey, item.id);\r\n itemUpdates.push({ id: item.id, encrypted_data: newEncrypted });\r\n } catch (err) {\r\n throw new Error(`Failed to re-encrypt vault item ${item.id}: ${err}`);\r\n }\r\n }\r\n\r\n const categoryUpdates: Array<{\r\n id: string;\r\n name: string;\r\n icon: string | null;\r\n color: string | null;\r\n }> = [];\r\n for (const cat of categories) {\r\n let newName = cat.name;\r\n let newIcon = cat.icon;\r\n let newColor = cat.color;\r\n let changed = false;\r\n\r\n if (cat.name.startsWith(ENCRYPTED_CATEGORY_PREFIX)) {\r\n try {\r\n const encPart = cat.name.slice(ENCRYPTED_CATEGORY_PREFIX.length);\r\n const reEncrypted = await reEncryptString(encPart, oldKey, newKey);\r\n newName = `${ENCRYPTED_CATEGORY_PREFIX}${reEncrypted}`;\r\n changed = true;\r\n } catch (err) {\r\n throw new Error(`Failed to re-encrypt category name ${cat.id}: ${err}`);\r\n }\r\n }\r\n\r\n if (cat.icon && cat.icon.startsWith(ENCRYPTED_CATEGORY_PREFIX)) {\r\n try {\r\n const encPart = cat.icon.slice(ENCRYPTED_CATEGORY_PREFIX.length);\r\n const reEncrypted = await reEncryptString(encPart, oldKey, newKey);\r\n newIcon = `${ENCRYPTED_CATEGORY_PREFIX}${reEncrypted}`;\r\n changed = true;\r\n } catch (err) {\r\n throw new Error(`Failed to re-encrypt category icon ${cat.id}: ${err}`);\r\n }\r\n }\r\n\r\n if (cat.color && cat.color.startsWith(ENCRYPTED_CATEGORY_PREFIX)) {\r\n try {\r\n const encPart = cat.color.slice(ENCRYPTED_CATEGORY_PREFIX.length);\r\n const reEncrypted = await reEncryptString(encPart, oldKey, newKey);\r\n newColor = `${ENCRYPTED_CATEGORY_PREFIX}${reEncrypted}`;\r\n changed = true;\r\n } catch (err) {\r\n throw new Error(`Failed to re-encrypt category color ${cat.id}: ${err}`);\r\n }\r\n }\r\n\r\n if (changed) {\r\n categoryUpdates.push({ id: cat.id, name: newName, icon: newIcon, color: newColor });\r\n }\r\n }\r\n\r\n const legacyFound = _legacyDecryptCount;\r\n _legacyDecryptCount = 0;\r\n\r\n return {\r\n itemsReEncrypted: itemUpdates.length,\r\n categoriesReEncrypted: categoryUpdates.length,\r\n itemUpdates,\r\n categoryUpdates,\r\n legacyItemsFound: legacyFound,\r\n };\r\n}\r\n\r\n// ============ Vault item data helpers ============\r\n\r\n/**\r\n * Clears sensitive references from a VaultItemData object. NOTE: JS strings are\r\n * immutable; this only drops references so the GC can reclaim them sooner.\r\n */\r\nexport function clearReferences(data: VaultItemData): void {\r\n if (data.title) data.title = '';\r\n if (data.websiteUrl) data.websiteUrl = '';\r\n if (data.itemType) data.itemType = 'password';\r\n if (typeof data.isFavorite === 'boolean') data.isFavorite = false;\r\n if (typeof data.categoryId !== 'undefined') data.categoryId = null;\r\n if (data.username) data.username = '';\r\n if (data.password) data.password = '';\r\n if (data.notes) data.notes = '';\r\n if (data.totpSecret) data.totpSecret = '';\r\n if (data.totpIssuer) data.totpIssuer = '';\r\n if (data.totpLabel) data.totpLabel = '';\r\n if (data.customFields) {\r\n Object.keys(data.customFields).forEach((key) => {\r\n data.customFields![key] = '';\r\n });\r\n }\r\n}\r\n\r\n/** @deprecated Use clearReferences. secureClear implies wiping JS cannot do. */\r\nexport const secureClear = clearReferences;\r\n\r\n// ============ Asymmetric (RSA-OAEP) for emergency access ============\r\n\r\nexport async function generateRSAKeyPair(): Promise<CryptoKeyPair> {\r\n return generateRsaOaepKeyPair();\r\n}\r\n\r\nexport async function exportPublicKey(key: CryptoKey): Promise<JsonWebKey> {\r\n return exportJwk(key);\r\n}\r\n\r\nexport async function importPublicKey(jwk: JsonWebKey): Promise<CryptoKey> {\r\n return importRsaOaepPublicKey(jwk);\r\n}\r\n\r\nexport async function importPrivateKey(jwk: JsonWebKey): Promise<CryptoKey> {\r\n return importRsaOaepPrivateKey(jwk);\r\n}\r\n\r\nexport async function exportPrivateKey(key: CryptoKey): Promise<JsonWebKey> {\r\n return exportJwk(key);\r\n}\r\n\r\nexport async function encryptRSA(plaintext: string, publicKey: CryptoKey): Promise<string> {\r\n return rsaOaepEncrypt(plaintext, publicKey);\r\n}\r\n\r\nexport async function decryptRSA(ciphertextBase64: string, privateKey: CryptoKey): Promise<string> {\r\n return rsaOaepDecrypt(ciphertextBase64, privateKey);\r\n}\r\n\r\n// ============ Shared-collection key material ============\r\n\r\n/**\r\n * Generates a user's asymmetric key material for shared collections.\r\n * v1: RSA-only wrapping. v2: hybrid PQ+RSA (`pq-v2:` envelope).\r\n */\r\nexport async function generateUserKeyPair(\r\n masterPassword: string,\r\n version: 1 | 2 = 2,\r\n): Promise<{ publicKey: string; encryptedPrivateKey: string; pqPublicKey?: string }> {\r\n if (version === 1) {\r\n const keyPair = await generateRsaOaepKeyPair();\r\n const publicKey = JSON.stringify(await exportJwk(keyPair.publicKey));\r\n const privateKey = JSON.stringify(await exportJwk(keyPair.privateKey));\r\n\r\n const salt = generateSalt();\r\n const kdfVersion = CURRENT_KDF_VERSION;\r\n const key = await deriveKey(masterPassword, salt, kdfVersion);\r\n const encryptedPrivateKey = await encrypt(privateKey, key);\r\n\r\n return {\r\n publicKey,\r\n encryptedPrivateKey: `${kdfVersion}:${salt}:${encryptedPrivateKey}`,\r\n };\r\n }\r\n\r\n // Version 2: hybrid PQ+RSA wrapping (ML-KEM-768 + RSA-4096).\r\n const rsaKeyPair = await generateRsaOaepKeyPair();\r\n const pqKeyPair = generatePQKeyPair();\r\n const { publicKey: pqPublicKeyBase64, secretKey: pqSecretKeyBase64 } = pqKeyPair;\r\n\r\n const rsaPublicKey = JSON.stringify(await exportJwk(rsaKeyPair.publicKey));\r\n const rsaPrivateKey = JSON.stringify(await exportJwk(rsaKeyPair.privateKey));\r\n\r\n const salt = generateSalt();\r\n const kdfVersion = CURRENT_KDF_VERSION;\r\n const key = await deriveKey(masterPassword, salt, kdfVersion);\r\n\r\n const encryptedRsaKey = await encrypt(rsaPrivateKey, key);\r\n const encryptedPqKey = await encrypt(pqSecretKeyBase64, key);\r\n\r\n const encryptedPrivateKey = `pq-v2:${kdfVersion}:${salt}:${encryptedRsaKey}:${encryptedPqKey}`;\r\n\r\n return { publicKey: rsaPublicKey, encryptedPrivateKey, pqPublicKey: pqPublicKeyBase64 };\r\n}\r\n\r\n/** Migrates RSA-only wrapping key material to hybrid PQ+RSA key material. */\r\nexport async function migrateToHybridKeyPair(\r\n encryptedPrivateKey: string,\r\n masterPassword: string,\r\n): Promise<{ publicKey: string; encryptedPrivateKey: string; pqPublicKey: string } | null> {\r\n try {\r\n if (encryptedPrivateKey.startsWith('pq-v2:')) {\r\n return null;\r\n }\r\n\r\n const parts = encryptedPrivateKey.split(':');\r\n let kdfVersion = 1;\r\n let salt: string;\r\n let encryptedData: string;\r\n\r\n if (parts.length === 2) {\r\n salt = parts[0]!;\r\n encryptedData = parts[1]!;\r\n } else if (parts.length === 3) {\r\n kdfVersion = parseInt(parts[0]!, 10);\r\n salt = parts[1]!;\r\n encryptedData = parts[2]!;\r\n } else {\r\n throw new Error('Invalid encrypted private key format');\r\n }\r\n\r\n const key = await deriveKey(masterPassword, salt, kdfVersion);\r\n const rsaPrivateKey = await decrypt(encryptedData, key);\r\n\r\n const rsaPrivateKeyJwk = JSON.parse(rsaPrivateKey) as Record<string, unknown>;\r\n const rsaPublicKeyJwk = {\r\n ...rsaPrivateKeyJwk,\r\n d: undefined,\r\n dp: undefined,\r\n dq: undefined,\r\n p: undefined,\r\n q: undefined,\r\n qi: undefined,\r\n key_ops: ['encrypt'],\r\n };\r\n const rsaPublicKey = JSON.stringify(rsaPublicKeyJwk);\r\n\r\n const pqKeyPair = generatePQKeyPair();\r\n const { publicKey: pqPublicKey, secretKey: pqSecretKey } = pqKeyPair;\r\n\r\n const newSalt = generateSalt();\r\n const newKdfVersion = CURRENT_KDF_VERSION;\r\n const newKey = await deriveKey(masterPassword, newSalt, newKdfVersion);\r\n\r\n const encryptedRsaKey = await encrypt(rsaPrivateKey, newKey);\r\n const encryptedPqKey = await encrypt(pqSecretKey, newKey);\r\n\r\n const hybridEncryptedKey = `pq-v2:${newKdfVersion}:${newSalt}:${encryptedRsaKey}:${encryptedPqKey}`;\r\n\r\n return { publicKey: rsaPublicKey, encryptedPrivateKey: hybridEncryptedKey, pqPublicKey };\r\n } catch (err) {\r\n console.error('Failed to migrate to hybrid key pair:', err);\r\n return null;\r\n }\r\n}\r\n\r\n/** Generates a random shared encryption key for a collection (AES-256 JWK). */\r\nexport async function generateSharedKey(): Promise<string> {\r\n return generateAesGcmKeyJwk();\r\n}\r\n\r\n/** Encrypts vault item data with a shared key. Optional AAD binds context. */\r\nexport async function encryptWithSharedKey(\r\n data: VaultItemData,\r\n sharedKey: string,\r\n aad?: string,\r\n): Promise<string> {\r\n const key = await importAesGcmKeyFromJwk(sharedKey, ['encrypt']);\r\n return encrypt(JSON.stringify(data), key, aad);\r\n}\r\n\r\nexport interface SharedKeyDecryptOptions {\r\n /** Allows reading pre-AAD shared ciphertexts during explicit migration only. */\r\n allowLegacyNoAadFallback?: boolean;\r\n}\r\n\r\n/** Decrypts vault item data with a shared key. Fails closed by default. */\r\nexport async function decryptWithSharedKey(\r\n encryptedData: string,\r\n sharedKey: string,\r\n aad?: string,\r\n options: SharedKeyDecryptOptions = {},\r\n): Promise<VaultItemData> {\r\n const key = await importAesGcmKeyFromJwk(sharedKey, ['decrypt']);\r\n let json: string;\r\n if (aad) {\r\n try {\r\n json = await decrypt(encryptedData, key, aad);\r\n } catch {\r\n if (!options.allowLegacyNoAadFallback) {\r\n throw new Error('Shared item decryption failed with the required AAD context.');\r\n }\r\n _legacyDecryptCount++;\r\n json = await decrypt(encryptedData, key);\r\n }\r\n } else {\r\n json = await decrypt(encryptedData, key);\r\n }\r\n return JSON.parse(json) as VaultItemData;\r\n}\r\n\r\n// ============ User Symmetric Key (USK) layer ============\r\n\r\n/** Creates a new random UserKey wrapped under a KEK from the KDF output. */\r\nexport async function createEncryptedUserKey(kdfOutputBytes: Uint8Array): Promise<UserKeyBundle> {\r\n return createWrappedUserKey(kdfOutputBytes);\r\n}\r\n\r\n/** Derives a deterministic UserKey from the KDF output and wraps it (migration). */\r\nexport async function migrateToUserKey(kdfOutputBytes: Uint8Array): Promise<UserKeyBundle> {\r\n return createDeterministicWrappedUserKey(kdfOutputBytes);\r\n}\r\n\r\n/** Decrypts the stored encryptedUserKey to obtain the UserKey CryptoKey. */\r\nexport async function unwrapUserKey(\r\n encryptedUserKey: string,\r\n kdfOutputBytes: Uint8Array,\r\n): Promise<CryptoKey> {\r\n return disUnwrapUserKey(encryptedUserKey, kdfOutputBytes);\r\n}\r\n\r\n/** Decrypts the stored encryptedUserKey and returns the raw UserKey bytes. */\r\nexport async function unwrapUserKeyBytes(\r\n encryptedUserKey: string,\r\n kdfOutputBytes: Uint8Array,\r\n): Promise<Uint8Array> {\r\n return disUnwrapUserKeyBytes(encryptedUserKey, kdfOutputBytes);\r\n}\r\n\r\n/** Re-wraps an existing UserKey under a new KDF output. UserKey unchanged. */\r\nexport async function rewrapUserKey(\r\n encryptedUserKey: string,\r\n oldKdfOutputBytes: Uint8Array,\r\n newKdfOutputBytes: Uint8Array,\r\n): Promise<string> {\r\n return rotateWrappedKey(encryptedUserKey, oldKdfOutputBytes, newKdfOutputBytes);\r\n}\r\n\r\n/** Encrypts a private key (RSA JWK / PQ base64) with the UserKey (`usk-v1:`). */\r\nexport async function wrapPrivateKeyWithUserKey(\r\n privateKeyMaterial: string,\r\n userKey: CryptoKey,\r\n): Promise<string> {\r\n const enc = await encrypt(privateKeyMaterial, userKey);\r\n return `${USK_V1_PREFIX}${enc}`;\r\n}\r\n\r\n/** Decrypts a private key wrapped with wrapPrivateKeyWithUserKey. */\r\nexport async function unwrapPrivateKeyWithUserKey(\r\n wrappedKey: string,\r\n userKey: CryptoKey,\r\n): Promise<string> {\r\n if (!wrappedKey.startsWith(USK_V1_PREFIX)) {\r\n throw new Error('unwrapPrivateKeyWithUserKey: unexpected format (missing usk-v1: prefix)');\r\n }\r\n return decrypt(wrappedKey.slice(USK_V1_PREFIX.length), userKey);\r\n}\r\n\r\n/**\r\n * Decrypts a legacy private key encrypted with its own KDF derivation.\r\n * Handles `kdfVersion:salt:enc`, `salt:enc`, and `pq-v2:kdfVersion:salt:encRsa:encPq`.\r\n */\r\nexport async function decryptPrivateKeyLegacy(\r\n encryptedPrivateKey: string,\r\n masterPassword: string,\r\n extractPqPart = false,\r\n): Promise<string> {\r\n if (encryptedPrivateKey.startsWith('pq-v2:')) {\r\n const rest = encryptedPrivateKey.slice('pq-v2:'.length);\r\n const colonIdx1 = rest.indexOf(':');\r\n const colonIdx2 = rest.indexOf(':', colonIdx1 + 1);\r\n const colonIdx3 = rest.indexOf(':', colonIdx2 + 1);\r\n if (colonIdx1 < 0 || colonIdx2 < 0 || colonIdx3 < 0) {\r\n throw new Error('decryptPrivateKeyLegacy: invalid pq-v2 format');\r\n }\r\n const kdfVersion = parseInt(rest.slice(0, colonIdx1), 10);\r\n const salt = rest.slice(colonIdx1 + 1, colonIdx2);\r\n const encRsaKey = rest.slice(colonIdx2 + 1, colonIdx3);\r\n const encPqKey = rest.slice(colonIdx3 + 1);\r\n const key = await deriveKey(masterPassword, salt, kdfVersion);\r\n return extractPqPart ? decrypt(encPqKey, key) : decrypt(encRsaKey, key);\r\n }\r\n\r\n const parts = encryptedPrivateKey.split(':');\r\n let kdfVersion = 1;\r\n let salt: string;\r\n let encData: string;\r\n\r\n if (parts.length === 2) {\r\n salt = parts[0]!;\r\n encData = parts[1]!;\r\n } else if (parts.length === 3) {\r\n kdfVersion = parseInt(parts[0]!, 10);\r\n salt = parts[1]!;\r\n encData = parts[2]!;\r\n } else {\r\n throw new Error(\r\n `decryptPrivateKeyLegacy: unrecognised format (${parts.length} colon-separated parts)`,\r\n );\r\n }\r\n\r\n const key = await deriveKey(masterPassword, salt, kdfVersion);\r\n return decrypt(encData, key);\r\n}\r\n\r\n/** Decrypts a stored RSA private key, dispatching on format sentinel. */\r\nexport async function getDecryptedRsaPrivateKey(\r\n encryptedPrivateKey: string,\r\n userKey: CryptoKey | null,\r\n masterPassword: string,\r\n): Promise<string> {\r\n if (encryptedPrivateKey.startsWith(USK_V1_PREFIX)) {\r\n if (!userKey) {\r\n throw new Error('getDecryptedRsaPrivateKey: UserKey required for usk-v1 format');\r\n }\r\n return unwrapPrivateKeyWithUserKey(encryptedPrivateKey, userKey);\r\n }\r\n return decryptPrivateKeyLegacy(encryptedPrivateKey, masterPassword, false);\r\n}\r\n\r\n/** Decrypts a stored PQ (ML-KEM-768) private key, dispatching on format sentinel. */\r\nexport async function getDecryptedPqPrivateKey(\r\n encryptedPqPrivateKey: string,\r\n userKey: CryptoKey | null,\r\n masterPassword: string,\r\n): Promise<string> {\r\n if (encryptedPqPrivateKey.startsWith(USK_V1_PREFIX)) {\r\n if (!userKey) {\r\n throw new Error('getDecryptedPqPrivateKey: UserKey required for usk-v1 format');\r\n }\r\n return unwrapPrivateKeyWithUserKey(encryptedPqPrivateKey, userKey);\r\n }\r\n if (encryptedPqPrivateKey.startsWith('pq-v2:')) {\r\n return decryptPrivateKeyLegacy(encryptedPqPrivateKey, masterPassword, true);\r\n }\r\n return decryptPrivateKeyLegacy(encryptedPqPrivateKey, masterPassword, false);\r\n}\r\n\r\n// Internal: base64 helpers exposed for adapters that round-trip raw bytes.\r\nexport { bytesToBase64, base64ToBytes };\r\n"]}

package/dist/vault-encryption/index.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import { VersionedCipherEnvelopeSpec } from '../format-versioning/index.js';
+/**
+ * dis-vault-encryption — encryption of structured vault entries.
+ *
+ * A vault entry is an arbitrary JSON-serialisable record. It is sealed with
+ * AES-256-GCM and wrapped in the versioned `sv-vault-v1:` envelope, byte
+ * compatible with Singra Vault. The entry id is passed as AEAD associated data
+ * so ciphertext is cryptographically bound to its row (defeats swap attacks).
+ *
+ * Legacy (pre-versioning, no-AAD) payloads fail closed on the runtime read
+ * path and are only readable through the explicit migration helper.
+ */
+declare const VAULT_ITEM_ENVELOPE_V1_PREFIX = "sv-vault-v1:";
+declare const VAULT_ITEM_ENVELOPE_SPEC: VersionedCipherEnvelopeSpec;
+type VaultEntryData = Record<string, unknown>;
+/** Seals a vault entry, binding it to `entryId` via AEAD associated data. */
+declare function encryptVaultEntry(data: VaultEntryData, key: CryptoKey, entryId: string): Promise<string>;
+/**
+ * Opens a vault entry. Versioned payloads are read with `entryId` as AAD.
+ * Legacy no-AAD payloads throw {@link DisLegacyPayloadError} on the runtime
+ * path; use {@link decryptVaultEntryForMigration} to read and rewrite them.
+ */
+declare function decryptVaultEntry(encryptedData: string, key: CryptoKey, entryId: string): Promise<VaultEntryData>;
+interface VaultEntryMigrationResult {
+    readonly data: VaultEntryData;
+    readonly legacyEnvelopeUsed: boolean;
+    readonly legacyNoAadFallbackUsed: boolean;
+}
+/**
+ * Decrypts an entry on an explicit migration path, permitting the no-AAD
+ * fallback for the oldest payloads so they can be rewritten as versioned,
+ * AAD-bound items. Never use on the normal runtime read path.
+ */
+declare function decryptVaultEntryForMigration(encryptedData: string, key: CryptoKey, entryId: string): Promise<VaultEntryMigrationResult>;
+/** True if `encryptedData` is a current versioned vault-item envelope. */
+declare function isCurrentVaultEntryEnvelope(encryptedData: string): boolean;
+export { VAULT_ITEM_ENVELOPE_SPEC, VAULT_ITEM_ENVELOPE_V1_PREFIX, type VaultEntryData, type VaultEntryMigrationResult, decryptVaultEntry, decryptVaultEntryForMigration, encryptVaultEntry, isCurrentVaultEntryEnvelope };

package/dist/vault-encryption/index.js ADDED Viewed

@@ -0,0 +1,9 @@
+export { VAULT_ITEM_ENVELOPE_SPEC, VAULT_ITEM_ENVELOPE_V1_PREFIX, decryptVaultEntry, decryptVaultEntryForMigration, encryptVaultEntry, isCurrentVaultEntryEnvelope } from '../chunk-JVFP2GAO.js';
+import '../chunk-U65A4HIY.js';
+import '../chunk-BUFRR5PB.js';
+import '../chunk-JSKIWIEC.js';
+import '../chunk-CYIGDF63.js';
+import '../chunk-SCHZI6YY.js';
+import '../chunk-MJO7IJZC.js';
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/vault-encryption/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"sources":[],"names":[],"mappings":"","file":"index.js"}

package/package.json ADDED Viewed

@@ -0,0 +1,137 @@
+{
+  "name": "@msdis/shield",
+  "version": "0.2.0",
+  "description": "DIS — Defensive Integration Shield. Central, framework-agnostic cryptographic security platform (KDF, AEAD, vault & file encryption, key management, versioned formats, migrations). Powered by DIS — Defensive Integration Shield.",
+  "license": "SEE LICENSE IN LICENSE",
+  "type": "module",
+  "engines": {
+    "node": ">=20.19.0"
+  },
+  "sideEffects": false,
+  "files": [
+    "dist",
+    "LICENSE",
+    "README.md"
+  ],
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    },
+    "./core": {
+      "types": "./dist/core/index.d.ts",
+      "import": "./dist/core/index.js"
+    },
+    "./random": {
+      "types": "./dist/random/index.d.ts",
+      "import": "./dist/random/index.js"
+    },
+    "./secure-memory": {
+      "types": "./dist/secure-memory/index.d.ts",
+      "import": "./dist/secure-memory/index.js"
+    },
+    "./kdf": {
+      "types": "./dist/kdf/index.d.ts",
+      "import": "./dist/kdf/index.js"
+    },
+    "./aead": {
+      "types": "./dist/aead/index.d.ts",
+      "import": "./dist/aead/index.js"
+    },
+    "./format-versioning": {
+      "types": "./dist/format-versioning/index.d.ts",
+      "import": "./dist/format-versioning/index.js"
+    },
+    "./vault-encryption": {
+      "types": "./dist/vault-encryption/index.d.ts",
+      "import": "./dist/vault-encryption/index.js"
+    },
+    "./file-encryption": {
+      "types": "./dist/file-encryption/index.d.ts",
+      "import": "./dist/file-encryption/index.js"
+    },
+    "./key-management": {
+      "types": "./dist/key-management/index.d.ts",
+      "import": "./dist/key-management/index.js"
+    },
+    "./asymmetric": {
+      "types": "./dist/asymmetric/index.d.ts",
+      "import": "./dist/asymmetric/index.js"
+    },
+    "./post-quantum": {
+      "types": "./dist/post-quantum/index.d.ts",
+      "import": "./dist/post-quantum/index.js"
+    },
+    "./vault-crypto": {
+      "types": "./dist/vault-crypto/index.d.ts",
+      "import": "./dist/vault-crypto/index.js"
+    },
+    "./integrity": {
+      "types": "./dist/integrity/index.d.ts",
+      "import": "./dist/integrity/index.js"
+    },
+    "./signing": {
+      "types": "./dist/signing/index.d.ts",
+      "import": "./dist/signing/index.js"
+    },
+    "./totp": {
+      "types": "./dist/totp/index.d.ts",
+      "import": "./dist/totp/index.js"
+    },
+    "./migrations": {
+      "types": "./dist/migrations/index.d.ts",
+      "import": "./dist/migrations/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsup",
+    "prepare": "npm run build",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint .",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  },
+  "dependencies": {
+    "hash-wasm": "4.12.0",
+    "otpauth": "^9.5.1"
+  },
+  "peerDependencies": {
+    "@noble/post-quantum": "^0.5.0"
+  },
+  "peerDependenciesMeta": {
+    "@noble/post-quantum": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@noble/post-quantum": "0.5.4",
+    "@types/node": "^20.19.0",
+    "@typescript-eslint/eslint-plugin": "^8.0.0",
+    "@typescript-eslint/parser": "^8.0.0",
+    "eslint": "^9.0.0",
+    "tsup": "^8.5.1",
+    "typescript": "^5.8.3",
+    "vitest": "^4.1.8"
+  },
+  "keywords": [
+    "cryptography",
+    "encryption",
+    "aead",
+    "aes-gcm",
+    "argon2id",
+    "kdf",
+    "key-management",
+    "zero-knowledge",
+    "vault",
+    "password-manager",
+    "post-quantum",
+    "ml-kem",
+    "security"
+  ],
+  "overrides": {
+    "esbuild": "^0.28.1"
+  }
+}