@otplib/plugin-crypto-web 13.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Gerald Yeo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,135 @@
+# @otplib/plugin-crypto-web
+
+Web Crypto API plugin for otplib, compatible with browsers and edge runtimes.
+
+## Installation
+
+```bash
+npm install @otplib/plugin-crypto-web
+pnpm add @otplib/plugin-crypto-web
+yarn add @otplib/plugin-crypto-web
+```
+
+## Overview
+
+This plugin provides HMAC and random byte generation using the Web Crypto API. It supports all hash algorithms available in modern browsers:
+
+- `SHA-1`
+- `SHA-256`
+- `SHA-512`
+
+## Usage
+
+### Basic Usage
+
+```typescript
+import { generateSecret, generate } from "otplib";
+import { WebCryptoPlugin } from "@otplib/plugin-crypto-web";
+import { ScureBase32Plugin } from "@otplib/plugin-base32-scure";
+
+const crypto = new WebCryptoPlugin();
+const base32 = new ScureBase32Plugin();
+
+// Generate a secret
+const secret = await generateSecret({ crypto, base32 });
+
+// Generate a token
+const token = await generate({
+  secret,
+  crypto,
+  base32,
+});
+```
+
+### With Custom Algorithm
+
+```typescript
+import { generate } from "otplib";
+import { WebCryptoPlugin } from "@otplib/plugin-crypto-web";
+import { ScureBase32Plugin } from "@otplib/plugin-base32-scure";
+
+const crypto = new WebCryptoPlugin();
+const base32 = new ScureBase32Plugin();
+
+const token = await generate({
+  secret: "JBSWY3DPEHPK3PXP",
+  algorithm: "sha256",
+  crypto,
+  base32,
+});
+```
+
+### Asynchronous Operations
+
+The Web Crypto API only supports asynchronous operations:
+
+```typescript
+import { WebCryptoPlugin } from "@otplib/plugin-crypto-web";
+
+const crypto = new WebCryptoPlugin();
+
+// Async HMAC (required by Web Crypto API)
+const digest = await crypto.hmac("SHA-1", key, data);
+
+// Async random bytes
+const bytes = await crypto.randomBytes(20);
+```
+
+## Browser Compatibility
+
+| Browser     | SHA-1 | SHA-256 | SHA-512 |
+| ----------- | ----- | ------- | ------- |
+| Chrome 37+  | Yes   | Yes     | Yes     |
+| Firefox 34+ | Yes   | Yes     | Yes     |
+| Safari 7+   | Yes   | Yes     | Yes     |
+| Edge 79+    | Yes   | Yes     | Yes     |
+| IE 11       | No    | No      | No      |
+
+## Edge Runtime Support
+
+Works in Cloudflare Workers, Vercel Edge Functions, Deno, and other edge runtimes that implement Web Crypto API:
+
+```typescript
+// Cloudflare Worker example
+import { WebCryptoPlugin } from "@otplib/plugin-crypto-web";
+
+export default {
+  async fetch(request) {
+    const crypto = new WebCryptoPlugin();
+    // Use crypto for OTP operations
+  },
+};
+```
+
+## When to Use
+
+Use this plugin when:
+
+- Running in browsers (Chrome, Firefox, Safari, Edge)
+- Using edge runtimes (Cloudflare Workers, Vercel Edge)
+- Building web applications with React, Vue, etc.
+- Need cross-platform crypto support
+- Want modern browser-native crypto (no external dependencies)
+
+## Performance
+
+- All operations return Promises (asynchronous only)
+- Uses native browser crypto implementations
+- Uses OS-level crypto primitives
+
+## Limitations
+
+- Only supports asynchronous operations (no sync HMAC)
+- Not available in Node.js (use `@otplib/plugin-crypto-node` instead)
+- Requires modern browser with Web Crypto API support
+
+## Documentation
+
+Full documentation available at [otplib.yeojz.dev](https://otplib.yeojz.dev):
+
+- [Getting Started Guide](https://otplib.yeojz.dev/guide/getting-started)
+- [API Reference](https://otplib.yeojz.dev/api/)
+
+## License
+
+[MIT](./LICENSE) © 2026 Gerald Yeo

package/dist/index.cjs

@@ -0,0 +1,2 @@
+"use strict";var o=Object.defineProperty;var b=Object.getOwnPropertyDescriptor;var h=Object.getOwnPropertyNames;var A=Object.prototype.hasOwnProperty;var c=(t,e)=>{for(var r in e)o(t,r,{get:e[r],enumerable:!0})},m=(t,e,r,s)=>{if(e&&typeof e=="object"||typeof e=="function")for(let n of h(e))!A.call(t,n)&&n!==r&&o(t,n,{get:()=>e[n],enumerable:!(s=b(e,n))||s.enumerable});return t};var g=t=>m(o({},"__esModule",{value:!0}),t);var C={};c(C,{WebCryptoPlugin:()=>a,crypto:()=>w,default:()=>U});module.exports=g(C);var y=require("@otplib/core"),p={sha1:"SHA-1",sha256:"SHA-256",sha512:"SHA-512"};function i(t){return t.byteOffset===0&&t.byteLength===t.buffer.byteLength?t.buffer:t.buffer.slice(t.byteOffset,t.byteOffset+t.byteLength)}var a=class{name="web";async hmac(e,r,s){let n=globalThis.crypto;if(!n?.subtle)throw new Error("Web Crypto API is not available in this environment");let l=p[e],f=await n.subtle.importKey("raw",i(r),{name:"HMAC",hash:l},!1,["sign"]),u=await n.subtle.sign("HMAC",f,i(s));return new Uint8Array(u)}randomBytes(e){let r=globalThis.crypto;if(!r?.getRandomValues)throw new Error("Web Crypto API getRandomValues is not available in this environment");let s=new Uint8Array(e);return r.getRandomValues(s),s}constantTimeEqual(e,r){return(0,y.constantTimeEqual)(e,r)}},w=Object.freeze(new a),U=a;0&&(module.exports={WebCryptoPlugin,crypto});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import { constantTimeEqual as constantTimeEqualUtil } from \"@otplib/core\";\n\nimport type { CryptoPlugin, HashAlgorithm } from \"@otplib/core\";\n\n/**\n * Web Crypto algorithm name mapping\n *\n * Maps our algorithm names to Web Crypto API algorithm identifiers.\n */\nconst ALGORITHM_MAP = {\n  sha1: \"SHA-1\",\n  sha256: \"SHA-256\",\n  sha512: \"SHA-512\",\n} as const satisfies Record<HashAlgorithm, string>;\n\n/**\n * Get ArrayBuffer from Uint8Array, avoiding copy when possible\n *\n * Only slices when the Uint8Array is a view into a larger buffer.\n * When the array owns its buffer entirely, returns buffer directly.\n */\nfunction getArrayBuffer(arr: Uint8Array): ArrayBuffer {\n  if (arr.byteOffset === 0 && arr.byteLength === arr.buffer.byteLength) {\n    return arr.buffer as ArrayBuffer;\n  }\n  return arr.buffer.slice(arr.byteOffset, arr.byteOffset + arr.byteLength) as ArrayBuffer;\n}\n\n/**\n * Web Crypto API implementation of CryptoPlugin\n *\n * This plugin uses the browser's native Web Crypto API which provides:\n * - Hardware-accelerated cryptographic operations\n * - Secure key storage and generation\n * - Async API for non-blocking operations\n *\n * @example\n * ```ts\n * import { WebCryptoPlugin } from '@otplib/plugin-crypto-web';\n *\n * const crypto = new WebCryptoPlugin();\n * const hmac = await crypto.hmac('sha1', key, data);\n * const random = crypto.randomBytes(20);\n * ```\n */\nexport class WebCryptoPlugin implements CryptoPlugin {\n  /**\n   * Plugin name for identification\n   */\n  readonly name = \"web\";\n\n  /**\n   * Compute HMAC using Web Crypto API\n   *\n   * Async implementation using SubtleCrypto.\n   *\n   * @param algorithm - Hash algorithm to use\n   * @param key - Secret key\n   * @param data - Data to authenticate\n   * @returns HMAC digest\n   */\n  async hmac(\n    algorithm: \"sha1\" | \"sha256\" | \"sha512\",\n    key: Uint8Array,\n    data: Uint8Array,\n  ): Promise<Uint8Array> {\n    const webCrypto = globalThis.crypto;\n\n    if (!webCrypto?.subtle) {\n      throw new Error(\"Web Crypto API is not available in this environment\");\n    }\n\n    const hashAlgorithm = ALGORITHM_MAP[algorithm];\n\n    const cryptoKey = await webCrypto.subtle.importKey(\n      \"raw\",\n      getArrayBuffer(key),\n      { name: \"HMAC\", hash: hashAlgorithm },\n      false,\n      [\"sign\"],\n    );\n\n    const signature = await webCrypto.subtle.sign(\"HMAC\", cryptoKey, getArrayBuffer(data));\n\n    return new Uint8Array(signature);\n  }\n\n  /**\n   * Generate cryptographically secure random bytes\n   *\n   * Uses Web Crypto API's getRandomValues.\n   *\n   * @param length - Number of bytes to generate\n   * @returns Random bytes\n   */\n  randomBytes(length: number): Uint8Array {\n    const webCrypto = globalThis.crypto;\n\n    if (!webCrypto?.getRandomValues) {\n      throw new Error(\"Web Crypto API getRandomValues is not available in this environment\");\n    }\n\n    const bytes = new Uint8Array(length);\n    webCrypto.getRandomValues(bytes);\n    return bytes;\n  }\n\n  /**\n   * Constant-time comparison to prevent timing side-channel attacks\n   *\n   * Web Crypto API doesn't provide a built-in constant-time comparison,\n   * so we use the core utility implementation.\n   *\n   * @param a - First value to compare\n   * @param b - Second value to compare\n   * @returns true if values are equal, false otherwise\n   */\n  constantTimeEqual(a: string | Uint8Array, b: string | Uint8Array): boolean {\n    return constantTimeEqualUtil(a, b);\n  }\n}\n\n/**\n * Default singleton instance for convenience\n *\n * @example\n * ```ts\n * import { crypto } from '@otplib/plugin-crypto-web';\n *\n * const hmac = await crypto.hmac('sha1', key, data);\n * ```\n */\nexport const crypto: CryptoPlugin = Object.freeze(new WebCryptoPlugin());\n\nexport default WebCryptoPlugin;\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,qBAAAE,EAAA,WAAAC,EAAA,YAAAC,IAAA,eAAAC,EAAAL,GAAA,IAAAM,EAA2D,wBASrDC,EAAgB,CACpB,KAAM,QACN,OAAQ,UACR,OAAQ,SACV,EAQA,SAASC,EAAeC,EAA8B,CACpD,OAAIA,EAAI,aAAe,GAAKA,EAAI,aAAeA,EAAI,OAAO,WACjDA,EAAI,OAENA,EAAI,OAAO,MAAMA,EAAI,WAAYA,EAAI,WAAaA,EAAI,UAAU,CACzE,CAmBO,IAAMP,EAAN,KAA8C,CAI1C,KAAO,MAYhB,MAAM,KACJQ,EACAC,EACAC,EACqB,CACrB,IAAMC,EAAY,WAAW,OAE7B,GAAI,CAACA,GAAW,OACd,MAAM,IAAI,MAAM,qDAAqD,EAGvE,IAAMC,EAAgBP,EAAcG,CAAS,EAEvCK,EAAY,MAAMF,EAAU,OAAO,UACvC,MACAL,EAAeG,CAAG,EAClB,CAAE,KAAM,OAAQ,KAAMG,CAAc,EACpC,GACA,CAAC,MAAM,CACT,EAEME,EAAY,MAAMH,EAAU,OAAO,KAAK,OAAQE,EAAWP,EAAeI,CAAI,CAAC,EAErF,OAAO,IAAI,WAAWI,CAAS,CACjC,CAUA,YAAYC,EAA4B,CACtC,IAAMJ,EAAY,WAAW,OAE7B,GAAI,CAACA,GAAW,gBACd,MAAM,IAAI,MAAM,qEAAqE,EAGvF,IAAMK,EAAQ,IAAI,WAAWD,CAAM,EACnC,OAAAJ,EAAU,gBAAgBK,CAAK,EACxBA,CACT,CAYA,kBAAkBC,EAAwBC,EAAiC,CACzE,SAAO,EAAAC,mBAAsBF,EAAGC,CAAC,CACnC,CACF,EAYajB,EAAuB,OAAO,OAAO,IAAID,CAAiB,EAEhEE,EAAQF","names":["index_exports","__export","WebCryptoPlugin","crypto","index_default","__toCommonJS","import_core","ALGORITHM_MAP","getArrayBuffer","arr","algorithm","key","data","webCrypto","hashAlgorithm","cryptoKey","signature","length","bytes","a","b","constantTimeEqualUtil"]}

package/dist/index.d.cts

@@ -0,0 +1,69 @@
+import { CryptoPlugin } from '@otplib/core';
+
+/**
+ * Web Crypto API implementation of CryptoPlugin
+ *
+ * This plugin uses the browser's native Web Crypto API which provides:
+ * - Hardware-accelerated cryptographic operations
+ * - Secure key storage and generation
+ * - Async API for non-blocking operations
+ *
+ * @example
+ * ```ts
+ * import { WebCryptoPlugin } from '@otplib/plugin-crypto-web';
+ *
+ * const crypto = new WebCryptoPlugin();
+ * const hmac = await crypto.hmac('sha1', key, data);
+ * const random = crypto.randomBytes(20);
+ * ```
+ */
+declare class WebCryptoPlugin implements CryptoPlugin {
+    /**
+     * Plugin name for identification
+     */
+    readonly name = "web";
+    /**
+     * Compute HMAC using Web Crypto API
+     *
+     * Async implementation using SubtleCrypto.
+     *
+     * @param algorithm - Hash algorithm to use
+     * @param key - Secret key
+     * @param data - Data to authenticate
+     * @returns HMAC digest
+     */
+    hmac(algorithm: "sha1" | "sha256" | "sha512", key: Uint8Array, data: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Generate cryptographically secure random bytes
+     *
+     * Uses Web Crypto API's getRandomValues.
+     *
+     * @param length - Number of bytes to generate
+     * @returns Random bytes
+     */
+    randomBytes(length: number): Uint8Array;
+    /**
+     * Constant-time comparison to prevent timing side-channel attacks
+     *
+     * Web Crypto API doesn't provide a built-in constant-time comparison,
+     * so we use the core utility implementation.
+     *
+     * @param a - First value to compare
+     * @param b - Second value to compare
+     * @returns true if values are equal, false otherwise
+     */
+    constantTimeEqual(a: string | Uint8Array, b: string | Uint8Array): boolean;
+}
+/**
+ * Default singleton instance for convenience
+ *
+ * @example
+ * ```ts
+ * import { crypto } from '@otplib/plugin-crypto-web';
+ *
+ * const hmac = await crypto.hmac('sha1', key, data);
+ * ```
+ */
+declare const crypto: CryptoPlugin;
+
+export { WebCryptoPlugin, crypto, WebCryptoPlugin as default };

package/dist/index.d.ts

@@ -0,0 +1,69 @@
+import { CryptoPlugin } from '@otplib/core';
+
+/**
+ * Web Crypto API implementation of CryptoPlugin
+ *
+ * This plugin uses the browser's native Web Crypto API which provides:
+ * - Hardware-accelerated cryptographic operations
+ * - Secure key storage and generation
+ * - Async API for non-blocking operations
+ *
+ * @example
+ * ```ts
+ * import { WebCryptoPlugin } from '@otplib/plugin-crypto-web';
+ *
+ * const crypto = new WebCryptoPlugin();
+ * const hmac = await crypto.hmac('sha1', key, data);
+ * const random = crypto.randomBytes(20);
+ * ```
+ */
+declare class WebCryptoPlugin implements CryptoPlugin {
+    /**
+     * Plugin name for identification
+     */
+    readonly name = "web";
+    /**
+     * Compute HMAC using Web Crypto API
+     *
+     * Async implementation using SubtleCrypto.
+     *
+     * @param algorithm - Hash algorithm to use
+     * @param key - Secret key
+     * @param data - Data to authenticate
+     * @returns HMAC digest
+     */
+    hmac(algorithm: "sha1" | "sha256" | "sha512", key: Uint8Array, data: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Generate cryptographically secure random bytes
+     *
+     * Uses Web Crypto API's getRandomValues.
+     *
+     * @param length - Number of bytes to generate
+     * @returns Random bytes
+     */
+    randomBytes(length: number): Uint8Array;
+    /**
+     * Constant-time comparison to prevent timing side-channel attacks
+     *
+     * Web Crypto API doesn't provide a built-in constant-time comparison,
+     * so we use the core utility implementation.
+     *
+     * @param a - First value to compare
+     * @param b - Second value to compare
+     * @returns true if values are equal, false otherwise
+     */
+    constantTimeEqual(a: string | Uint8Array, b: string | Uint8Array): boolean;
+}
+/**
+ * Default singleton instance for convenience
+ *
+ * @example
+ * ```ts
+ * import { crypto } from '@otplib/plugin-crypto-web';
+ *
+ * const hmac = await crypto.hmac('sha1', key, data);
+ * ```
+ */
+declare const crypto: CryptoPlugin;
+
+export { WebCryptoPlugin, crypto, WebCryptoPlugin as default };

package/dist/index.js

@@ -0,0 +1,2 @@
+import{constantTimeEqual as f}from"@otplib/core";var u={sha1:"SHA-1",sha256:"SHA-256",sha512:"SHA-512"};function o(t){return t.byteOffset===0&&t.byteLength===t.buffer.byteLength?t.buffer:t.buffer.slice(t.byteOffset,t.byteOffset+t.byteLength)}var s=class{name="web";async hmac(r,e,n){let a=globalThis.crypto;if(!a?.subtle)throw new Error("Web Crypto API is not available in this environment");let i=u[r],y=await a.subtle.importKey("raw",o(e),{name:"HMAC",hash:i},!1,["sign"]),l=await a.subtle.sign("HMAC",y,o(n));return new Uint8Array(l)}randomBytes(r){let e=globalThis.crypto;if(!e?.getRandomValues)throw new Error("Web Crypto API getRandomValues is not available in this environment");let n=new Uint8Array(r);return e.getRandomValues(n),n}constantTimeEqual(r,e){return f(r,e)}},h=Object.freeze(new s),A=s;export{s as WebCryptoPlugin,h as crypto,A as default};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/index.ts"],"sourcesContent":["import { constantTimeEqual as constantTimeEqualUtil } from \"@otplib/core\";\n\nimport type { CryptoPlugin, HashAlgorithm } from \"@otplib/core\";\n\n/**\n * Web Crypto algorithm name mapping\n *\n * Maps our algorithm names to Web Crypto API algorithm identifiers.\n */\nconst ALGORITHM_MAP = {\n  sha1: \"SHA-1\",\n  sha256: \"SHA-256\",\n  sha512: \"SHA-512\",\n} as const satisfies Record<HashAlgorithm, string>;\n\n/**\n * Get ArrayBuffer from Uint8Array, avoiding copy when possible\n *\n * Only slices when the Uint8Array is a view into a larger buffer.\n * When the array owns its buffer entirely, returns buffer directly.\n */\nfunction getArrayBuffer(arr: Uint8Array): ArrayBuffer {\n  if (arr.byteOffset === 0 && arr.byteLength === arr.buffer.byteLength) {\n    return arr.buffer as ArrayBuffer;\n  }\n  return arr.buffer.slice(arr.byteOffset, arr.byteOffset + arr.byteLength) as ArrayBuffer;\n}\n\n/**\n * Web Crypto API implementation of CryptoPlugin\n *\n * This plugin uses the browser's native Web Crypto API which provides:\n * - Hardware-accelerated cryptographic operations\n * - Secure key storage and generation\n * - Async API for non-blocking operations\n *\n * @example\n * ```ts\n * import { WebCryptoPlugin } from '@otplib/plugin-crypto-web';\n *\n * const crypto = new WebCryptoPlugin();\n * const hmac = await crypto.hmac('sha1', key, data);\n * const random = crypto.randomBytes(20);\n * ```\n */\nexport class WebCryptoPlugin implements CryptoPlugin {\n  /**\n   * Plugin name for identification\n   */\n  readonly name = \"web\";\n\n  /**\n   * Compute HMAC using Web Crypto API\n   *\n   * Async implementation using SubtleCrypto.\n   *\n   * @param algorithm - Hash algorithm to use\n   * @param key - Secret key\n   * @param data - Data to authenticate\n   * @returns HMAC digest\n   */\n  async hmac(\n    algorithm: \"sha1\" | \"sha256\" | \"sha512\",\n    key: Uint8Array,\n    data: Uint8Array,\n  ): Promise<Uint8Array> {\n    const webCrypto = globalThis.crypto;\n\n    if (!webCrypto?.subtle) {\n      throw new Error(\"Web Crypto API is not available in this environment\");\n    }\n\n    const hashAlgorithm = ALGORITHM_MAP[algorithm];\n\n    const cryptoKey = await webCrypto.subtle.importKey(\n      \"raw\",\n      getArrayBuffer(key),\n      { name: \"HMAC\", hash: hashAlgorithm },\n      false,\n      [\"sign\"],\n    );\n\n    const signature = await webCrypto.subtle.sign(\"HMAC\", cryptoKey, getArrayBuffer(data));\n\n    return new Uint8Array(signature);\n  }\n\n  /**\n   * Generate cryptographically secure random bytes\n   *\n   * Uses Web Crypto API's getRandomValues.\n   *\n   * @param length - Number of bytes to generate\n   * @returns Random bytes\n   */\n  randomBytes(length: number): Uint8Array {\n    const webCrypto = globalThis.crypto;\n\n    if (!webCrypto?.getRandomValues) {\n      throw new Error(\"Web Crypto API getRandomValues is not available in this environment\");\n    }\n\n    const bytes = new Uint8Array(length);\n    webCrypto.getRandomValues(bytes);\n    return bytes;\n  }\n\n  /**\n   * Constant-time comparison to prevent timing side-channel attacks\n   *\n   * Web Crypto API doesn't provide a built-in constant-time comparison,\n   * so we use the core utility implementation.\n   *\n   * @param a - First value to compare\n   * @param b - Second value to compare\n   * @returns true if values are equal, false otherwise\n   */\n  constantTimeEqual(a: string | Uint8Array, b: string | Uint8Array): boolean {\n    return constantTimeEqualUtil(a, b);\n  }\n}\n\n/**\n * Default singleton instance for convenience\n *\n * @example\n * ```ts\n * import { crypto } from '@otplib/plugin-crypto-web';\n *\n * const hmac = await crypto.hmac('sha1', key, data);\n * ```\n */\nexport const crypto: CryptoPlugin = Object.freeze(new WebCryptoPlugin());\n\nexport default WebCryptoPlugin;\n"],"mappings":"AAAA,OAAS,qBAAqBA,MAA6B,eAS3D,IAAMC,EAAgB,CACpB,KAAM,QACN,OAAQ,UACR,OAAQ,SACV,EAQA,SAASC,EAAeC,EAA8B,CACpD,OAAIA,EAAI,aAAe,GAAKA,EAAI,aAAeA,EAAI,OAAO,WACjDA,EAAI,OAENA,EAAI,OAAO,MAAMA,EAAI,WAAYA,EAAI,WAAaA,EAAI,UAAU,CACzE,CAmBO,IAAMC,EAAN,KAA8C,CAI1C,KAAO,MAYhB,MAAM,KACJC,EACAC,EACAC,EACqB,CACrB,IAAMC,EAAY,WAAW,OAE7B,GAAI,CAACA,GAAW,OACd,MAAM,IAAI,MAAM,qDAAqD,EAGvE,IAAMC,EAAgBR,EAAcI,CAAS,EAEvCK,EAAY,MAAMF,EAAU,OAAO,UACvC,MACAN,EAAeI,CAAG,EAClB,CAAE,KAAM,OAAQ,KAAMG,CAAc,EACpC,GACA,CAAC,MAAM,CACT,EAEME,EAAY,MAAMH,EAAU,OAAO,KAAK,OAAQE,EAAWR,EAAeK,CAAI,CAAC,EAErF,OAAO,IAAI,WAAWI,CAAS,CACjC,CAUA,YAAYC,EAA4B,CACtC,IAAMJ,EAAY,WAAW,OAE7B,GAAI,CAACA,GAAW,gBACd,MAAM,IAAI,MAAM,qEAAqE,EAGvF,IAAMK,EAAQ,IAAI,WAAWD,CAAM,EACnC,OAAAJ,EAAU,gBAAgBK,CAAK,EACxBA,CACT,CAYA,kBAAkBC,EAAwBC,EAAiC,CACzE,OAAOf,EAAsBc,EAAGC,CAAC,CACnC,CACF,EAYaC,EAAuB,OAAO,OAAO,IAAIZ,CAAiB,EAEhEa,EAAQb","names":["constantTimeEqualUtil","ALGORITHM_MAP","getArrayBuffer","arr","WebCryptoPlugin","algorithm","key","data","webCrypto","hashAlgorithm","cryptoKey","signature","length","bytes","a","b","crypto","index_default"]}

package/package.json

@@ -0,0 +1,66 @@
+{
+  "name": "@otplib/plugin-crypto-web",
+  "version": "13.0.0",
+  "description": "Web Crypto API adapter for otplib",
+  "license": "MIT",
+  "author": "Gerald Yeo <support@yeojz.dev>",
+  "homepage": "https://otplib.yeojz.dev",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/yeojz/otplib.git",
+    "directory": "packages/plugin-crypto-web"
+  },
+  "bugs": {
+    "url": "https://github.com/yeojz/otplib/issues"
+  },
+  "keywords": [
+    "otp",
+    "crypto",
+    "webcrypto",
+    "browser",
+    "hmac",
+    "plugin"
+  ],
+  "sideEffects": false,
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "@otplib/core": "13.0.0"
+  },
+  "devDependencies": {
+    "tsup": "^8.0.1",
+    "typescript": "^5.3.3",
+    "vitest": "^4.0.16"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "test": "vitest",
+    "test:ci": "vitest run --coverage",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint src/",
+    "clean": "rm -rf dist .tsbuildinfo"
+  }
+}