npm - @smonn/ids - Versions diffs - 0.4.0 → 0.6.0 - Mend

@smonn/ids 0.4.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/README.md +416 -14
package/dist/bytes-lhzKVaBV.mjs +53 -0
package/dist/bytes-lhzKVaBV.mjs.map +1 -0
package/dist/cli.mjs +196 -17
package/dist/cli.mjs.map +1 -1
package/dist/{codec-shell-C0arqqX3.mjs → codec-shell-dWpxoFmy.mjs} +2 -23
package/dist/codec-shell-dWpxoFmy.mjs.map +1 -0
package/dist/drizzle-CeSni5PB.d.mts +44 -0
package/dist/drizzle-CeSni5PB.d.mts.map +1 -0
package/dist/drizzle.d.mts +2 -0
package/dist/drizzle.mjs +42 -0
package/dist/drizzle.mjs.map +1 -0
package/dist/express.d.mts +92 -0
package/dist/express.d.mts.map +1 -0
package/dist/express.mjs +90 -0
package/dist/express.mjs.map +1 -0
package/dist/hono.d.mts +75 -0
package/dist/hono.d.mts.map +1 -0
package/dist/hono.mjs +63 -0
package/dist/hono.mjs.map +1 -0
package/dist/index.mjs +1 -1
package/dist/kysely.d.mts +55 -0
package/dist/kysely.d.mts.map +1 -0
package/dist/kysely.mjs +42 -0
package/dist/kysely.mjs.map +1 -0
package/dist/{opaque-CX-Lc5B9.mjs → opaque-goLnFoo7.mjs} +32 -64
package/dist/opaque-goLnFoo7.mjs.map +1 -0
package/dist/opaque.d.mts +33 -9
package/dist/opaque.d.mts.map +1 -1
package/dist/opaque.mjs +1 -1
package/dist/prisma.d.mts +84 -0
package/dist/prisma.d.mts.map +1 -0
package/dist/prisma.mjs +53 -0
package/dist/prisma.mjs.map +1 -0
package/dist/reverse--n4D2yxu.mjs +87 -0
package/dist/reverse--n4D2yxu.mjs.map +1 -0
package/dist/reverse.d.mts +76 -0
package/dist/reverse.d.mts.map +1 -0
package/dist/reverse.mjs +2 -0
package/dist/{timestamp-BjdAetut.mjs → timestamp-Bgzxx8bE.mjs} +3 -2
package/dist/{timestamp-BjdAetut.mjs.map → timestamp-Bgzxx8bE.mjs.map} +1 -1
package/dist/timestamp-bytes-B57RM7Ho.mjs +26 -0
package/dist/timestamp-bytes-B57RM7Ho.mjs.map +1 -0
package/dist/wrapped-Dw5mHQhn.mjs +363 -0
package/dist/wrapped-Dw5mHQhn.mjs.map +1 -0
package/dist/wrapped.d.mts +133 -0
package/dist/wrapped.d.mts.map +1 -0
package/dist/wrapped.mjs +2 -0
package/package.json +43 -7
package/dist/codec-shell-C0arqqX3.mjs.map +0 -1
package/dist/opaque-CX-Lc5B9.mjs.map +0 -1

package/dist/wrapped-Dw5mHQhn.mjs ADDED Viewed

@@ -0,0 +1,363 @@
+import { a as toWireId, i as payloadBytesFromId, n as registerBrand, r as payloadBase32Length, s as validateBrand, t as wireMethods } from "./codec-shell-dWpxoFmy.mjs";
+import { i as encodeHex, n as decodeHex, r as encodeBase64Url, t as decodeBase64Url } from "./bytes-lhzKVaBV.mjs";
+//#region src/layouts/wrapped.ts
+const zeroIv = new Uint8Array(16);
+const pkcsPad = 16;
+const laneByteLength = 8;
+const tagByteLength = 8;
+function writeU32Lane(value, lane) {
+	lane[0] = 0;
+	lane[1] = 0;
+	lane[2] = 0;
+	lane[3] = 0;
+	lane[4] = value >>> 24 & 255;
+	lane[5] = value >>> 16 & 255;
+	lane[6] = value >>> 8 & 255;
+	lane[7] = value & 255;
+}
+function readU32Lane(lane) {
+	for (let i = 0; i < 4; i++) if (lane[i] !== 0) return null;
+	return (lane[4] << 24 | lane[5] << 16 | lane[6] << 8 | lane[7]) >>> 0;
+}
+function writeI32Lane(value, lane) {
+	lane.fill(value < 0 ? 255 : 0, 0, 4);
+	new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setInt32(4, value, false);
+}
+function readI32Lane(lane) {
+	const signExtension = (lane[4] & 128) === 0 ? 0 : 255;
+	for (let i = 0; i < 4; i++) if (lane[i] !== signExtension) return null;
+	return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getInt32(4, false);
+}
+function writeU64Lane(value, lane) {
+	new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigUint64(0, value, false);
+}
+function readU64Lane(lane) {
+	return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigUint64(0, false);
+}
+function writeI64Lane(value, lane) {
+	new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigInt64(0, value, false);
+}
+function readI64Lane(lane) {
+	return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigInt64(0, false);
+}
+function writeLane(kind, value, lane) {
+	if (kind === "i32") {
+		writeI32Lane(value, lane);
+		return;
+	}
+	if (kind === "u64") {
+		writeU64Lane(value, lane);
+		return;
+	}
+	if (kind === "i64") {
+		writeI64Lane(value, lane);
+		return;
+	}
+	writeU32Lane(value, lane);
+}
+function readLane(kind, lane) {
+	if (kind === "u64") return readU64Lane(lane);
+	if (kind === "i64") return readI64Lane(lane);
+	return kind === "i32" ? readI32Lane(lane) : readU32Lane(lane);
+}
+function hmacMessage(brand, kind, lane) {
+	const prefix = new TextEncoder().encode(`${brand}:${kind}:`);
+	const message = new Uint8Array(prefix.length + lane.length);
+	message.set(prefix, 0);
+	message.set(lane, prefix.length);
+	return message;
+}
+async function computeTag(key, brand, kind, lane) {
+	return new Uint8Array(await crypto.subtle.sign("HMAC", key.hmacKey, hmacMessage(brand, kind, lane))).subarray(0, tagByteLength);
+}
+function tagsEqual(a, b) {
+	let diff = 0;
+	for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i];
+	return diff === 0;
+}
+async function encryptPayload(key, plaintext) {
+	return new Uint8Array(await crypto.subtle.encrypt({
+		name: "AES-CBC",
+		iv: zeroIv
+	}, key.aesKey, plaintext)).subarray(0, 16);
+}
+async function decryptPayload(key, c1) {
+	const c2Input = new Uint8Array(16);
+	for (let i = 0; i < 16; i++) c2Input[i] = pkcsPad ^ c1[i];
+	const c2Encrypted = new Uint8Array(await crypto.subtle.encrypt({
+		name: "AES-CBC",
+		iv: zeroIv
+	}, key.aesKey, c2Input));
+	const ciphertext = new Uint8Array(32);
+	ciphertext.set(c1, 0);
+	ciphertext.set(c2Encrypted.subarray(0, 16), 16);
+	return new Uint8Array(await crypto.subtle.decrypt({
+		name: "AES-CBC",
+		iv: zeroIv
+	}, key.aesKey, ciphertext));
+}
+function buildPlaintext(lane, tag) {
+	const plaintext = new Uint8Array(16);
+	plaintext.set(lane, 0);
+	plaintext.set(tag, laneByteLength);
+	return plaintext;
+}
+async function wrapLookupKey(prefix, brand, key, kind, lookupKey) {
+	const lane = new Uint8Array(laneByteLength);
+	writeLane(kind, lookupKey, lane);
+	return toWireId(prefix, await encryptPayload(key, buildPlaintext(lane, await computeTag(key, brand, kind, lane))));
+}
+async function tryUnwrapLookupKey(prefix, brand, key, kind, id) {
+	const plaintext = await decryptPayload(key, payloadBytesFromId(prefix, id));
+	const lane = plaintext.subarray(0, laneByteLength);
+	if (!tagsEqual(plaintext.subarray(laneByteLength, 16), await computeTag(key, brand, kind, lane))) return null;
+	return readLane(kind, lane);
+}
+function schemaExample(prefix) {
+	return prefix + "0".repeat(payloadBase32Length);
+}
+function createWrappedLayoutOps(prefix, brand, kind, keys) {
+	const wrapKey = keys[0];
+	return {
+		wrap: (lookupKey) => wrapLookupKey(prefix, brand, wrapKey, kind, lookupKey),
+		unwrap: async (id) => {
+			for (const key of keys) {
+				const lookupKey = await tryUnwrapLookupKey(prefix, brand, key, kind, id);
+				if (lookupKey !== null) return lookupKey;
+			}
+			throw new Error("verification failed");
+		},
+		tryUnwrap: async (id) => {
+			for (const key of keys) {
+				const lookupKey = await tryUnwrapLookupKey(prefix, brand, key, kind, id);
+				if (lookupKey !== null) return lookupKey;
+			}
+			return null;
+		},
+		exampleWireId: () => schemaExample(prefix)
+	};
+}
+//#endregion
+//#region src/wrapping-key.ts
+const validKeyByteLengths = new Set([
+	16,
+	24,
+	32
+]);
+const aesInfo = new TextEncoder().encode("@smonn/ids/wrapped/aes/v1");
+const hmacInfo = new TextEncoder().encode("@smonn/ids/wrapped/hmac/v1");
+const internals = /* @__PURE__ */ new WeakMap();
+/**
+* Import raw operator secret bytes into a {@link WrappingKey} handle.
+*
+* One raw secret derives into AES and HMAC subkeys held inside the returned
+* handle. Accepts 16, 24, or 32 bytes (AES-128 / AES-192 / AES-256 strength).
+* To store or transport key material, use {@link encodeWrappingKey} /
+* {@link decodeWrappingKey} (`"hex"` or `"base64url"` — not Crockford base32).
+*
+* @param bytes - 16, 24, or 32 raw key bytes.
+*/
+async function importWrappingKey(bytes) {
+	assertValidKeyByteLength(bytes.length);
+	const aesKey = await deriveAesKey(bytes);
+	const hmacKey = await deriveHmacKey(bytes);
+	const key = Object.freeze({});
+	internals.set(key, {
+		rawBytes: bytes.slice(),
+		aesKey,
+		hmacKey
+	});
+	return key;
+}
+/**
+* Encode raw wrapping operator secret bytes for storage in env vars or secret managers.
+*
+* Supports `"hex"` (lowercase) and `"base64url"`. Output round-trips through
+* {@link decodeWrappingKey} back to the original bytes.
+*/
+function encodeWrappingKey(bytes, format) {
+	assertWrappingKeyFormat(format);
+	assertValidKeyByteLength(bytes.length);
+	if (format === "hex") return encodeHex(bytes);
+	return encodeBase64Url(bytes);
+}
+/**
+* Decode key material emitted by {@link encodeWrappingKey} back to raw bytes.
+*
+* The result can be passed directly to {@link importWrappingKey}.
+*/
+function decodeWrappingKey(encoded, format) {
+	assertWrappingKeyFormat(format);
+	let bytes;
+	if (format === "hex") {
+		if (encoded.length === 0 || encoded.length % 2 !== 0) throw new Error("invalid hex key: length must be a positive even number of characters");
+		if (!/^[0-9a-fA-F]+$/.test(encoded)) throw new Error("invalid hex key: expected [0-9a-fA-F] only");
+		bytes = decodeHex(encoded);
+	} else try {
+		bytes = decodeBase64Url(encoded);
+	} catch {
+		throw new Error("invalid base64url key");
+	}
+	assertValidKeyByteLength(bytes.length);
+	return bytes;
+}
+/** Returns true when two handles were imported from the same raw operator secret. */
+function wrappingKeysEqual(a, b) {
+	const aInternals = getWrappingKeyInternals(a);
+	const bInternals = getWrappingKeyInternals(b);
+	if (aInternals.rawBytes.length !== bInternals.rawBytes.length) return false;
+	for (let i = 0; i < aInternals.rawBytes.length; i++) if (aInternals.rawBytes[i] !== bInternals.rawBytes[i]) return false;
+	return true;
+}
+function getWrappingKeyMaterial(key) {
+	const keyInternals = getWrappingKeyInternals(key);
+	return {
+		aesKey: keyInternals.aesKey,
+		hmacKey: keyInternals.hmacKey
+	};
+}
+function getWrappingKeyInternals(key) {
+	const keyInternals = internals.get(key);
+	if (keyInternals === void 0) throw new Error("invalid wrapping key");
+	return keyInternals;
+}
+async function deriveAesKey(bytes) {
+	const base = await crypto.subtle.importKey("raw", bytes, "HKDF", false, ["deriveKey"]);
+	return crypto.subtle.deriveKey({
+		name: "HKDF",
+		hash: "SHA-256",
+		salt: new Uint8Array(),
+		info: aesInfo
+	}, base, {
+		name: "AES-CBC",
+		length: 256
+	}, false, ["encrypt", "decrypt"]);
+}
+async function deriveHmacKey(bytes) {
+	const base = await crypto.subtle.importKey("raw", bytes, "HKDF", false, ["deriveKey"]);
+	return crypto.subtle.deriveKey({
+		name: "HKDF",
+		hash: "SHA-256",
+		salt: new Uint8Array(),
+		info: hmacInfo
+	}, base, {
+		name: "HMAC",
+		hash: "SHA-256",
+		length: 256
+	}, false, ["sign", "verify"]);
+}
+function assertValidKeyByteLength(byteLength) {
+	if (!validKeyByteLengths.has(byteLength)) throw new Error(`invalid wrapping key length: expected 16, 24, or 32 bytes, got ${byteLength}`);
+}
+function assertWrappingKeyFormat(format) {
+	if (format !== "hex" && format !== "base64url") throw new Error(`invalid wrapping key format: expected hex or base64url, got '${formatForError(format)}'`);
+}
+function formatForError(value) {
+	try {
+		return String(value);
+	} catch {
+		return "[unprintable]";
+	}
+}
+//#endregion
+//#region src/wrapped.ts
+const u32Max = 4294967295;
+const i32Min = -2147483648;
+const i32Max = 2147483647;
+const u64Max = 18446744073709551615n;
+const i64Min = -(1n << 63n);
+const i64Max = (1n << 63n) - 1n;
+function assertSupportedKind(kind) {
+	if (kind !== "u32" && kind !== "i32" && kind !== "u64" && kind !== "i64") throw new Error("invalid wrapped key kind: expected u32, i32, u64, or i64");
+}
+function assertNonEmptyKeyring(keys) {
+	if (keys.length === 0) throw new Error("wrapped keyring must contain at least one key");
+}
+function assertNonDuplicateKeys(keys) {
+	for (let i = 0; i < keys.length; i++) for (let j = i + 1; j < keys.length; j++) if (wrappingKeysEqual(keys[i], keys[j])) throw new Error("duplicate wrapping key in keyring");
+}
+function assertU32LookupKey(lookupKey) {
+	if (typeof lookupKey !== "number" || !Number.isInteger(lookupKey) || Object.is(lookupKey, -0) || lookupKey < 0 || lookupKey > u32Max) throw new Error(`invalid u32 lookup key: expected integer in [0, ${u32Max}], got ${lookupKey}`);
+}
+function assertI32LookupKey(lookupKey) {
+	if (typeof lookupKey !== "number" || !Number.isInteger(lookupKey) || Object.is(lookupKey, -0) || lookupKey < i32Min || lookupKey > i32Max) throw new Error(`invalid i32 lookup key: expected integer in [${i32Min}, ${i32Max}], got ${lookupKey}`);
+}
+function assertU64LookupKey(lookupKey) {
+	if (typeof lookupKey !== "bigint" || lookupKey < 0n || lookupKey > u64Max) throw new Error(`invalid u64 lookup key: expected bigint in [0, ${u64Max}], got ${lookupKey}`);
+}
+function assertI64LookupKey(lookupKey) {
+	if (typeof lookupKey !== "bigint" || lookupKey < i64Min || lookupKey > i64Max) throw new Error(`invalid i64 lookup key: expected bigint in [${i64Min}, ${i64Max}], got ${lookupKey}`);
+}
+function assertLookupKey(kind, lookupKey) {
+	if (kind === "i32") {
+		assertI32LookupKey(lookupKey);
+		return;
+	}
+	if (kind === "u64") {
+		assertU64LookupKey(lookupKey);
+		return;
+	}
+	if (kind === "i64") {
+		assertI64LookupKey(lookupKey);
+		return;
+	}
+	assertU32LookupKey(lookupKey);
+}
+/**
+* Construct a {@link WrappedKeyCodec} for `brand` and the given `kind`.
+*
+* `opts.kind` fixes the integer type at construction time — one brand, one
+* kind. `opts.keys` is a non-empty ordered wrapping keyring: the first entry
+* is current (used by `wrap`); all entries are tried on `unwrap`; duplicate
+* operator secrets are rejected at construction.
+*
+* @example
+* ```ts
+* const key = await importWrappingKey(new Uint8Array(32));
+* const invoices = createWrappedKeyId("inv", { kind: "u32", keys: [key] });
+*
+* const id = await invoices.wrap(42);      // Id<"inv">
+* await invoices.unwrap(id);               // 42
+* ```
+*/
+function createWrappedKeyId(brand, opts) {
+	validateBrand(brand);
+	registerBrand(brand, opts.allowDuplicateBrand);
+	assertSupportedKind(opts.kind);
+	assertNonEmptyKeyring(opts.keys);
+	const layoutKeys = opts.keys.map(getWrappingKeyMaterial);
+	assertNonDuplicateKeys(opts.keys);
+	const prefix = `${brand}_`;
+	const wire = wireMethods(prefix);
+	const layout = createWrappedLayoutOps(prefix, brand, opts.kind, layoutKeys);
+	return {
+		wrap: async (lookupKey) => {
+			assertLookupKey(opts.kind, lookupKey);
+			return layout.wrap(lookupKey);
+		},
+		unwrap: (id) => layout.unwrap(id),
+		safeUnwrap: async (input) => {
+			const parsed = wire.safeParse(input);
+			if (!parsed.ok) return parsed;
+			const lookupKey = await layout.tryUnwrap(parsed.id);
+			if (lookupKey === null) return {
+				ok: false,
+				error: "verification_failed"
+			};
+			return {
+				ok: true,
+				id: parsed.id,
+				lookupKey
+			};
+		},
+		is: wire.is,
+		parse: wire.parse,
+		safeParse: wire.safeParse,
+		toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),
+		"~standard": wire["~standard"]
+	};
+}
+//#endregion
+export { importWrappingKey as i, decodeWrappingKey as n, encodeWrappingKey as r, createWrappedKeyId as t };
+//# sourceMappingURL=wrapped-Dw5mHQhn.mjs.map

package/dist/wrapped-Dw5mHQhn.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"wrapped-Dw5mHQhn.mjs","names":[],"sources":["../src/layouts/wrapped.ts","../src/wrapping-key.ts","../src/wrapped.ts"],"sourcesContent":["import type { Id, Prefix } from \"../types.js\";\nimport { payloadBytesFromId, toWireId } from \"../wire/envelope.js\";\nimport { payloadBase32Length, payloadByteLength } from \"../wire/invariants.js\";\n\nconst zeroIv = new Uint8Array(payloadByteLength);\nconst pkcsPad = 0x10;\nconst laneByteLength = 8;\nconst tagByteLength = 8;\n\ntype LayoutWrappingKey = {\n aesKey: CryptoKey;\n hmacKey: CryptoKey;\n};\n\ntype LayoutWrappedKind = \"u32\" | \"i32\" | \"u64\" | \"i64\";\ntype LayoutLookupKey<K extends LayoutWrappedKind> = K extends \"u32\" | \"i32\" ? number : bigint;\n\nfunction writeU32Lane(value: number, lane: Uint8Array): void {\n lane[0] = 0;\n lane[1] = 0;\n lane[2] = 0;\n lane[3] = 0;\n lane[4] = (value >>> 24) & 0xff;\n lane[5] = (value >>> 16) & 0xff;\n lane[6] = (value >>> 8) & 0xff;\n lane[7] = value & 0xff;\n}\n\nfunction readU32Lane(lane: Uint8Array): number | null {\n for (let i = 0; i < 4; i++) {\n if (lane[i] !== 0) return null;\n }\n return ((lane[4]! << 24) | (lane[5]! << 16) | (lane[6]! << 8) | lane[7]!) >>> 0;\n}\n\nfunction writeI32Lane(value: number, lane: Uint8Array): void {\n lane.fill(value < 0 ? 0xff : 0x00, 0, 4);\n new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setInt32(4, value, false);\n}\n\nfunction readI32Lane(lane: Uint8Array): number | null {\n const signExtension = (lane[4]! & 0x80) === 0 ? 0x00 : 0xff;\n for (let i = 0; i < 4; i++) {\n if (lane[i] !== signExtension) return null;\n }\n return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getInt32(4, false);\n}\n\nfunction writeU64Lane(value: bigint, lane: Uint8Array): void {\n new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigUint64(0, value, false);\n}\n\nfunction readU64Lane(lane: Uint8Array): bigint {\n return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigUint64(0, false);\n}\n\nfunction writeI64Lane(value: bigint, lane: Uint8Array): void {\n new DataView(lane.buffer, lane.byteOffset, lane.byteLength).setBigInt64(0, value, false);\n}\n\nfunction readI64Lane(lane: Uint8Array): bigint {\n return new DataView(lane.buffer, lane.byteOffset, lane.byteLength).getBigInt64(0, false);\n}\n\nfunction writeLane<K extends LayoutWrappedKind>(\n kind: K,\n value: LayoutLookupKey<K>,\n lane: Uint8Array,\n): void {\n if (kind === \"i32\") {\n writeI32Lane(value as number, lane);\n return;\n }\n if (kind === \"u64\") {\n writeU64Lane(value as bigint, lane);\n return;\n }\n if (kind === \"i64\") {\n writeI64Lane(value as bigint, lane);\n return;\n }\n writeU32Lane(value as number, lane);\n}\n\nfunction readLane<K extends LayoutWrappedKind>(\n kind: K,\n lane: Uint8Array,\n): LayoutLookupKey<K> | null {\n if (kind === \"u64\") return readU64Lane(lane) as LayoutLookupKey<K>;\n if (kind === \"i64\") return readI64Lane(lane) as LayoutLookupKey<K>;\n const value = kind === \"i32\" ? readI32Lane(lane) : readU32Lane(lane);\n return value as LayoutLookupKey<K> | null;\n}\n\nfunction hmacMessage(brand: string, kind: LayoutWrappedKind, lane: Uint8Array): Uint8Array {\n const prefix = new TextEncoder().encode(`${brand}:${kind}:`);\n const message = new Uint8Array(prefix.length + lane.length);\n message.set(prefix, 0);\n message.set(lane, prefix.length);\n return message;\n}\n\nasync function computeTag(\n key: LayoutWrappingKey,\n brand: string,\n kind: LayoutWrappedKind,\n lane: Uint8Array,\n): Promise<Uint8Array> {\n const signature = new Uint8Array(\n await crypto.subtle.sign(\n \"HMAC\",\n key.hmacKey,\n hmacMessage(brand, kind, lane) as Uint8Array<ArrayBuffer>,\n ),\n );\n return signature.subarray(0, tagByteLength);\n}\n\nfunction tagsEqual(a: Uint8Array, b: Uint8Array): boolean {\n let diff = 0;\n for (let i = 0; i < a.length; i++) diff |= a[i]! ^ b[i]!;\n return diff === 0;\n}\n\nasync function encryptPayload(key: LayoutWrappingKey, plaintext: Uint8Array): Promise<Uint8Array> {\n const encrypted = new Uint8Array(\n await crypto.subtle.encrypt(\n { name: \"AES-CBC\", iv: zeroIv },\n key.aesKey,\n plaintext as Uint8Array<ArrayBuffer>,\n ),\n );\n return encrypted.subarray(0, payloadByteLength);\n}\n\nasync function decryptPayload(key: LayoutWrappingKey, c1: Uint8Array): Promise<Uint8Array> {\n const c2Input = new Uint8Array(payloadByteLength);\n for (let i = 0; i < payloadByteLength; i++) c2Input[i] = pkcsPad ^ c1[i]!;\n const c2Encrypted = new Uint8Array(\n await crypto.subtle.encrypt(\n { name: \"AES-CBC\", iv: zeroIv },\n key.aesKey,\n c2Input as Uint8Array<ArrayBuffer>,\n ),\n );\n const ciphertext = new Uint8Array(payloadByteLength * 2);\n ciphertext.set(c1, 0);\n ciphertext.set(c2Encrypted.subarray(0, payloadByteLength), payloadByteLength);\n return new Uint8Array(\n await crypto.subtle.decrypt(\n { name: \"AES-CBC\", iv: zeroIv },\n key.aesKey,\n ciphertext as Uint8Array<ArrayBuffer>,\n ),\n );\n}\n\nfunction buildPlaintext(lane: Uint8Array, tag: Uint8Array): Uint8Array {\n const plaintext = new Uint8Array(payloadByteLength);\n plaintext.set(lane, 0);\n plaintext.set(tag, laneByteLength);\n return plaintext;\n}\n\nasync function wrapLookupKey<Brand extends string, Kind extends LayoutWrappedKind>(\n prefix: Prefix<Brand>,\n brand: string,\n key: LayoutWrappingKey,\n kind: Kind,\n lookupKey: LayoutLookupKey<Kind>,\n): Promise<Id<Brand>> {\n const lane = new Uint8Array(laneByteLength);\n writeLane(kind, lookupKey, lane);\n const tag = await computeTag(key, brand, kind, lane);\n const encrypted = await encryptPayload(key, buildPlaintext(lane, tag));\n return toWireId(prefix, encrypted);\n}\n\nasync function tryUnwrapLookupKey<Brand extends string, Kind extends LayoutWrappedKind>(\n prefix: Prefix<Brand>,\n brand: string,\n key: LayoutWrappingKey,\n kind: Kind,\n id: Id<Brand>,\n): Promise<LayoutLookupKey<Kind> | null> {\n const plaintext = await decryptPayload(key, payloadBytesFromId(prefix, id));\n const lane = plaintext.subarray(0, laneByteLength);\n const tag = plaintext.subarray(laneByteLength, payloadByteLength);\n const expected = await computeTag(key, brand, kind, lane);\n if (!tagsEqual(tag, expected)) return null;\n return readLane(kind, lane);\n}\n\nfunction schemaExample<Brand extends string>(prefix: Prefix<Brand>): string {\n return prefix + \"0\".repeat(payloadBase32Length);\n}\n\nexport function createWrappedLayoutOps<Brand extends string, Kind extends LayoutWrappedKind>(\n prefix: Prefix<Brand>,\n brand: Brand,\n kind: Kind,\n keys: readonly LayoutWrappingKey[],\n) {\n const wrapKey = keys[0]!;\n return {\n wrap: (lookupKey: LayoutLookupKey<Kind>): Promise<Id<Brand>> =>\n wrapLookupKey(prefix, brand, wrapKey, kind, lookupKey),\n unwrap: async (id: Id<Brand>): Promise<LayoutLookupKey<Kind>> => {\n for (const key of keys) {\n const lookupKey = await tryUnwrapLookupKey(prefix, brand, key, kind, id);\n if (lookupKey !== null) return lookupKey;\n }\n throw new Error(\"verification failed\");\n },\n tryUnwrap: async (id: Id<Brand>): Promise<LayoutLookupKey<Kind> | null> => {\n for (const key of keys) {\n const lookupKey = await tryUnwrapLookupKey(prefix, brand, key, kind, id);\n if (lookupKey !== null) return lookupKey;\n }\n return null;\n },\n exampleWireId: (): Id<Brand> => schemaExample(prefix) as Id<Brand>,\n };\n}\n","import { decodeBase64Url, decodeHex, encodeBase64Url, encodeHex } from \"./bytes.js\";\n\n/** Wire encoding for wrapping operator secret bytes (not Crockford base32). */\nexport type WrappingKeyFormat = \"hex\" | \"base64url\";\n\nconst validKeyByteLengths = new Set([16, 24, 32]);\n\nconst aesInfo = new TextEncoder().encode(\"@smonn/ids/wrapped/aes/v1\");\nconst hmacInfo = new TextEncoder().encode(\"@smonn/ids/wrapped/hmac/v1\");\n\ndeclare const wrappingKeyBrand: unique symbol;\n\n/**\n * Opaque imported handle for one operator wrapping secret.\n *\n * Holds derived AES and HMAC subkeys internally; callers never access subkeys\n * or raw `CryptoKey` values directly. Obtain handles via {@link importWrappingKey}\n * and pass them to `createWrappedKeyId` as the `keys` wrapping keyring.\n *\n * Distinct from the **Opaque key** used by `@smonn/ids/opaque` — one raw\n * secret must not silently serve both codecs without an explicit import.\n */\nexport type WrappingKey = {\n readonly [wrappingKeyBrand]: \"WrappingKey\";\n};\n\ntype WrappingKeyInternals = {\n rawBytes: Uint8Array;\n aesKey: CryptoKey;\n hmacKey: CryptoKey;\n};\n\nexport type WrappingKeyMaterial = {\n aesKey: CryptoKey;\n hmacKey: CryptoKey;\n};\n\nconst internals = new WeakMap<WrappingKey, WrappingKeyInternals>();\n\n/**\n * Import raw operator secret bytes into a {@link WrappingKey} handle.\n *\n * One raw secret derives into AES and HMAC subkeys held inside the returned\n * handle. Accepts 16, 24, or 32 bytes (AES-128 / AES-192 / AES-256 strength).\n * To store or transport key material, use {@link encodeWrappingKey} /\n * {@link decodeWrappingKey} (`\"hex\"` or `\"base64url\"` — not Crockford base32).\n *\n * @param bytes - 16, 24, or 32 raw key bytes.\n */\nexport async function importWrappingKey(bytes: Uint8Array): Promise<WrappingKey> {\n assertValidKeyByteLength(bytes.length);\n const aesKey = await deriveAesKey(bytes);\n const hmacKey = await deriveHmacKey(bytes);\n const key = Object.freeze({}) as WrappingKey;\n internals.set(key, {\n rawBytes: bytes.slice(),\n aesKey,\n hmacKey,\n });\n return key;\n}\n\n/**\n * Encode raw wrapping operator secret bytes for storage in env vars or secret managers.\n *\n * Supports `\"hex\"` (lowercase) and `\"base64url\"`. Output round-trips through\n * {@link decodeWrappingKey} back to the original bytes.\n */\nexport function encodeWrappingKey(bytes: Uint8Array, format: WrappingKeyFormat): string {\n assertWrappingKeyFormat(format);\n assertValidKeyByteLength(bytes.length);\n if (format === \"hex\") return encodeHex(bytes);\n return encodeBase64Url(bytes);\n}\n\n/**\n * Decode key material emitted by {@link encodeWrappingKey} back to raw bytes.\n *\n * The result can be passed directly to {@link importWrappingKey}.\n */\nexport function decodeWrappingKey(encoded: string, format: WrappingKeyFormat): Uint8Array {\n assertWrappingKeyFormat(format);\n let bytes: Uint8Array;\n if (format === \"hex\") {\n if (encoded.length === 0 || encoded.length % 2 !== 0) {\n throw new Error(\"invalid hex key: length must be a positive even number of characters\");\n }\n if (!/^[0-9a-fA-F]+$/.test(encoded)) {\n throw new Error(\"invalid hex key: expected [0-9a-fA-F] only\");\n }\n bytes = decodeHex(encoded);\n } else {\n try {\n bytes = decodeBase64Url(encoded);\n } catch {\n throw new Error(\"invalid base64url key\");\n }\n }\n assertValidKeyByteLength(bytes.length);\n return bytes;\n}\n\n/** Returns true when two handles were imported from the same raw operator secret. */\nexport function wrappingKeysEqual(a: WrappingKey, b: WrappingKey): boolean {\n const aInternals = getWrappingKeyInternals(a);\n const bInternals = getWrappingKeyInternals(b);\n if (aInternals.rawBytes.length !== bInternals.rawBytes.length) return false;\n for (let i = 0; i < aInternals.rawBytes.length; i++) {\n if (aInternals.rawBytes[i] !== bInternals.rawBytes[i]) return false;\n }\n return true;\n}\n\nexport function getWrappingKeyMaterial(key: WrappingKey): WrappingKeyMaterial {\n const keyInternals = getWrappingKeyInternals(key);\n return {\n aesKey: keyInternals.aesKey,\n hmacKey: keyInternals.hmacKey,\n };\n}\n\nfunction getWrappingKeyInternals(key: WrappingKey): WrappingKeyInternals {\n const keyInternals = internals.get(key);\n if (keyInternals === undefined) {\n throw new Error(\"invalid wrapping key\");\n }\n return keyInternals;\n}\n\nasync function deriveAesKey(bytes: Uint8Array): Promise<CryptoKey> {\n const base = await crypto.subtle.importKey(\n \"raw\",\n bytes as Uint8Array<ArrayBuffer>,\n \"HKDF\",\n false,\n [\"deriveKey\"],\n );\n return crypto.subtle.deriveKey(\n { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: aesInfo },\n base,\n { name: \"AES-CBC\", length: 256 },\n false,\n [\"encrypt\", \"decrypt\"],\n );\n}\n\nasync function deriveHmacKey(bytes: Uint8Array): Promise<CryptoKey> {\n const base = await crypto.subtle.importKey(\n \"raw\",\n bytes as Uint8Array<ArrayBuffer>,\n \"HKDF\",\n false,\n [\"deriveKey\"],\n );\n return crypto.subtle.deriveKey(\n { name: \"HKDF\", hash: \"SHA-256\", salt: new Uint8Array(), info: hmacInfo },\n base,\n { name: \"HMAC\", hash: \"SHA-256\", length: 256 },\n false,\n [\"sign\", \"verify\"],\n );\n}\n\nfunction assertValidKeyByteLength(byteLength: number): void {\n if (!validKeyByteLengths.has(byteLength)) {\n throw new Error(`invalid wrapping key length: expected 16, 24, or 32 bytes, got ${byteLength}`);\n }\n}\n\nfunction assertWrappingKeyFormat(format: unknown): asserts format is WrappingKeyFormat {\n if (format !== \"hex\" && format !== \"base64url\") {\n throw new Error(\n `invalid wrapping key format: expected hex or base64url, got '${formatForError(format)}'`,\n );\n }\n}\n\nfunction formatForError(value: unknown): string {\n try {\n return String(value);\n } catch {\n return \"[unprintable]\";\n }\n}\n","import { validateBrand } from \"./brand.js\";\nimport { createWrappedLayoutOps } from \"./layouts/wrapped.js\";\nimport { registerBrand } from \"./registry.js\";\nimport type {\n Id,\n JsonSchema,\n ParseError,\n ParseResult,\n Prefix,\n StandardSchemaProps,\n} from \"./types.js\";\nimport { wireMethods } from \"./wire/codec-shell.js\";\nimport {\n decodeWrappingKey,\n encodeWrappingKey,\n getWrappingKeyMaterial,\n importWrappingKey,\n type WrappingKey,\n type WrappingKeyFormat,\n wrappingKeysEqual,\n} from \"./wrapping-key.js\";\n\nexport {\n decodeWrappingKey,\n encodeWrappingKey,\n importWrappingKey,\n type WrappingKey,\n type WrappingKeyFormat,\n};\n\nexport type WrappedKind = \"u32\" | \"i32\" | \"u64\" | \"i64\";\n\ntype LookupKeyForKind<K extends WrappedKind> = K extends \"u32\" | \"i32\" ? number : bigint;\n\n/**\n * Result returned by {@link WrappedKeyCodec.safeUnwrap}.\n *\n * On success, `id` is the canonical {@link Id} and `lookupKey` is the recovered\n * integer (`number` for 32-bit kinds, `bigint` for 64-bit kinds).\n * On failure, `error` is a {@link ParseError} for structural problems or\n * `\"verification_failed\"` when the payload is structurally valid but the\n * verification tag does not match any entry in the wrapping keyring.\n */\nexport type UnwrapResult<Brand extends string, Kind extends WrappedKind> =\n | { ok: true; id: Id<Brand>; lookupKey: LookupKeyForKind<Kind> }\n | { ok: false; error: ParseError | \"verification_failed\" };\n\n/**\n * Codec returned by {@link createWrappedKeyId}.\n *\n * Wraps a caller-owned integer **lookup key** into a public {@link Id} and\n * recovers it on unwrap. The codec is deterministic under fixed key material:\n * the same lookup key always yields the same public ID (**equality leakage**).\n *\n * - `wrap` / `unwrap` / `safeUnwrap` are async (WebCrypto).\n * - `is`, `parse`, `safeParse`, and `toJsonSchema` are synchronous and require\n * no key material — they validate prefix and base32 shape only.\n * - The `Kind` type parameter drives value types at the TypeScript boundary:\n * `u32` / `i32` → `number`; `u64` / `i64` → `bigint`.\n */\nexport type WrappedKeyCodec<Brand extends string, Kind extends WrappedKind> = {\n /**\n * Wrap `lookupKey` into a public ID using the current (first) wrapping key.\n *\n * Throws if `lookupKey` is out of range or the wrong JS type for `Kind`.\n */\n wrap(lookupKey: LookupKeyForKind<Kind>): Promise<Id<Brand>>;\n /**\n * Verify the payload of a trusted `Id<Brand>` and return the lookup key.\n *\n * Throws `\"verification failed\"` if no entry in the wrapping keyring matches\n * the payload tag. Use {@link safeUnwrap} for untrusted input.\n */\n unwrap(id: Id<Brand>): Promise<LookupKeyForKind<Kind>>;\n /**\n * Non-throwing path for untrusted input.\n *\n * Structurally parses `input` first (same rules as {@link safeParse}), then\n * verifies the payload. Returns `{ ok: false, error }` on any failure —\n * `ParseError` for structural problems or `\"verification_failed\"` for tag\n * mismatch — without throwing. Tamper, wrong keyring, and revoked-key cases\n * all surface as `\"verification_failed\"`.\n */\n safeUnwrap(input: unknown): Promise<UnwrapResult<Brand, Kind>>;\n /** Strict type guard: `true` only for already-canonical `Id<Brand>` strings. */\n is(value: unknown): value is Id<Brand>;\n /** Normalise to canonical form, or throw on parse failure. */\n parse(value: unknown): Id<Brand>;\n /** Normalise to canonical form, or return `{ ok: false, error }`. */\n safeParse(value: unknown): ParseResult<Brand>;\n toJsonSchema(): JsonSchema;\n readonly \"~standard\": StandardSchemaProps<Brand>;\n};\n\nexport type WrappedKeyOptions<K extends WrappedKind> = {\n kind: K;\n keys: [WrappingKey, ...WrappingKey[]];\n allowDuplicateBrand?: boolean;\n};\n\nconst u32Max = 0xffff_ffff;\nconst i32Min = -0x8000_0000;\nconst i32Max = 0x7fff_ffff;\nconst u64Max = 0xffff_ffff_ffff_ffffn;\nconst i64Min = -(1n << 63n);\nconst i64Max = (1n << 63n) - 1n;\n\nfunction assertSupportedKind(kind: WrappedKind): asserts kind is WrappedKind {\n if (kind !== \"u32\" && kind !== \"i32\" && kind !== \"u64\" && kind !== \"i64\") {\n throw new Error(\"invalid wrapped key kind: expected u32, i32, u64, or i64\");\n }\n}\n\nfunction assertNonEmptyKeyring(keys: readonly WrappingKey[]): void {\n if (keys.length === 0) {\n throw new Error(\"wrapped keyring must contain at least one key\");\n }\n}\n\nfunction assertNonDuplicateKeys(keys: readonly WrappingKey[]): void {\n for (let i = 0; i < keys.length; i++) {\n for (let j = i + 1; j < keys.length; j++) {\n if (wrappingKeysEqual(keys[i]!, keys[j]!)) {\n throw new Error(\"duplicate wrapping key in keyring\");\n }\n }\n }\n}\n\nfunction assertU32LookupKey(lookupKey: unknown): asserts lookupKey is number {\n if (\n typeof lookupKey !== \"number\" ||\n !Number.isInteger(lookupKey) ||\n Object.is(lookupKey, -0) ||\n lookupKey < 0 ||\n lookupKey > u32Max\n ) {\n throw new Error(`invalid u32 lookup key: expected integer in [0, ${u32Max}], got ${lookupKey}`);\n }\n}\n\nfunction assertI32LookupKey(lookupKey: unknown): asserts lookupKey is number {\n if (\n typeof lookupKey !== \"number\" ||\n !Number.isInteger(lookupKey) ||\n Object.is(lookupKey, -0) ||\n lookupKey < i32Min ||\n lookupKey > i32Max\n ) {\n throw new Error(\n `invalid i32 lookup key: expected integer in [${i32Min}, ${i32Max}], got ${lookupKey}`,\n );\n }\n}\n\nfunction assertU64LookupKey(lookupKey: unknown): asserts lookupKey is bigint {\n if (typeof lookupKey !== \"bigint\" || lookupKey < 0n || lookupKey > u64Max) {\n throw new Error(`invalid u64 lookup key: expected bigint in [0, ${u64Max}], got ${lookupKey}`);\n }\n}\n\nfunction assertI64LookupKey(lookupKey: unknown): asserts lookupKey is bigint {\n if (typeof lookupKey !== \"bigint\" || lookupKey < i64Min || lookupKey > i64Max) {\n throw new Error(\n `invalid i64 lookup key: expected bigint in [${i64Min}, ${i64Max}], got ${lookupKey}`,\n );\n }\n}\n\nfunction assertLookupKey<Kind extends WrappedKind>(\n kind: Kind,\n lookupKey: unknown,\n): asserts lookupKey is LookupKeyForKind<Kind> {\n if (kind === \"i32\") {\n assertI32LookupKey(lookupKey);\n return;\n }\n if (kind === \"u64\") {\n assertU64LookupKey(lookupKey);\n return;\n }\n if (kind === \"i64\") {\n assertI64LookupKey(lookupKey);\n return;\n }\n assertU32LookupKey(lookupKey);\n}\n\n/**\n * Construct a {@link WrappedKeyCodec} for `brand` and the given `kind`.\n *\n * `opts.kind` fixes the integer type at construction time — one brand, one\n * kind. `opts.keys` is a non-empty ordered wrapping keyring: the first entry\n * is current (used by `wrap`); all entries are tried on `unwrap`; duplicate\n * operator secrets are rejected at construction.\n *\n * @example\n * ```ts\n * const key = await importWrappingKey(new Uint8Array(32));\n * const invoices = createWrappedKeyId(\"inv\", { kind: \"u32\", keys: [key] });\n *\n * const id = await invoices.wrap(42); // Id<\"inv\">\n * await invoices.unwrap(id); // 42\n * ```\n */\nexport function createWrappedKeyId<Brand extends string, Kind extends WrappedKind>(\n brand: Brand,\n opts: WrappedKeyOptions<Kind>,\n): WrappedKeyCodec<Brand, Kind> {\n validateBrand(brand);\n registerBrand(brand, opts.allowDuplicateBrand);\n assertSupportedKind(opts.kind);\n assertNonEmptyKeyring(opts.keys);\n const layoutKeys = opts.keys.map(getWrappingKeyMaterial);\n assertNonDuplicateKeys(opts.keys);\n\n const prefix: Prefix<Brand> = `${brand}_`;\n const wire = wireMethods(prefix);\n const layout = createWrappedLayoutOps(prefix, brand, opts.kind, layoutKeys);\n\n return {\n wrap: async (lookupKey) => {\n assertLookupKey(opts.kind, lookupKey);\n return layout.wrap(lookupKey);\n },\n unwrap: (id) => layout.unwrap(id),\n safeUnwrap: async (input) => {\n const parsed = wire.safeParse(input);\n if (!parsed.ok) return parsed;\n const lookupKey = await layout.tryUnwrap(parsed.id);\n if (lookupKey === null) return { ok: false, error: \"verification_failed\" };\n return { ok: true, id: parsed.id, lookupKey };\n },\n is: wire.is,\n parse: wire.parse,\n safeParse: wire.safeParse,\n toJsonSchema: () => wire.toJsonSchema(brand, layout.exampleWireId()),\n \"~standard\": wire[\"~standard\"],\n };\n}\n"],"mappings":";;;AAIA,MAAM,SAAS,IAAI,WAAA,EAA4B;AAC/C,MAAM,UAAU;AAChB,MAAM,iBAAiB;AACvB,MAAM,gBAAgB;AAUtB,SAAS,aAAa,OAAe,MAAwB;CAC3D,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAK;CACV,KAAK,KAAM,UAAU,KAAM;CAC3B,KAAK,KAAM,UAAU,KAAM;CAC3B,KAAK,KAAM,UAAU,IAAK;CAC1B,KAAK,KAAK,QAAQ;AACpB;AAEA,SAAS,YAAY,MAAiC;CACpD,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KACrB,IAAI,KAAK,OAAO,GAAG,OAAO;CAE5B,QAAS,KAAK,MAAO,KAAO,KAAK,MAAO,KAAO,KAAK,MAAO,IAAK,KAAK,QAAS;AAChF;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,KAAK,KAAK,QAAQ,IAAI,MAAO,GAAM,GAAG,CAAC;CACvC,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,SAAS,GAAG,OAAO,KAAK;AACtF;AAEA,SAAS,YAAY,MAAiC;CACpD,MAAM,iBAAiB,KAAK,KAAM,SAAU,IAAI,IAAO;CACvD,KAAK,IAAI,IAAI,GAAG,IAAI,GAAG,KACrB,IAAI,KAAK,OAAO,eAAe,OAAO;CAExC,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,SAAS,GAAG,KAAK;AACtF;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,aAAa,GAAG,OAAO,KAAK;AAC1F;AAEA,SAAS,YAAY,MAA0B;CAC7C,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,aAAa,GAAG,KAAK;AAC1F;AAEA,SAAS,aAAa,OAAe,MAAwB;CAC3D,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,YAAY,GAAG,OAAO,KAAK;AACzF;AAEA,SAAS,YAAY,MAA0B;CAC7C,OAAO,IAAI,SAAS,KAAK,QAAQ,KAAK,YAAY,KAAK,UAAU,CAAC,CAAC,YAAY,GAAG,KAAK;AACzF;AAEA,SAAS,UACP,MACA,OACA,MACM;CACN,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,IAAI,SAAS,OAAO;EAClB,aAAa,OAAiB,IAAI;EAClC;CACF;CACA,aAAa,OAAiB,IAAI;AACpC;AAEA,SAAS,SACP,MACA,MAC2B;CAC3B,IAAI,SAAS,OAAO,OAAO,YAAY,IAAI;CAC3C,IAAI,SAAS,OAAO,OAAO,YAAY,IAAI;CAE3C,OADc,SAAS,QAAQ,YAAY,IAAI,IAAI,YAAY,IAAI;AAErE;AAEA,SAAS,YAAY,OAAe,MAAyB,MAA8B;CACzF,MAAM,SAAS,IAAI,YAAY,CAAC,CAAC,OAAO,GAAG,MAAM,GAAG,KAAK,EAAE;CAC3D,MAAM,UAAU,IAAI,WAAW,OAAO,SAAS,KAAK,MAAM;CAC1D,QAAQ,IAAI,QAAQ,CAAC;CACrB,QAAQ,IAAI,MAAM,OAAO,MAAM;CAC/B,OAAO;AACT;AAEA,eAAe,WACb,KACA,OACA,MACA,MACqB;CAQrB,OAAO,IAPe,WACpB,MAAM,OAAO,OAAO,KAClB,QACA,IAAI,SACJ,YAAY,OAAO,MAAM,IAAI,CAC/B,CAEa,CAAC,CAAC,SAAS,GAAG,aAAa;AAC5C;AAEA,SAAS,UAAU,GAAe,GAAwB;CACxD,IAAI,OAAO;CACX,KAAK,IAAI,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK,QAAQ,EAAE,KAAM,EAAE;CACrD,OAAO,SAAS;AAClB;AAEA,eAAe,eAAe,KAAwB,WAA4C;CAQhG,OAAO,IAPe,WACpB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,SACF,CAEa,CAAC,CAAC,SAAS,GAAA,EAAoB;AAChD;AAEA,eAAe,eAAe,KAAwB,IAAqC;CACzF,MAAM,UAAU,IAAI,WAAA,EAA4B;CAChD,KAAK,IAAI,IAAI,GAAG,IAAA,IAAuB,KAAK,QAAQ,KAAK,UAAU,GAAG;CACtE,MAAM,cAAc,IAAI,WACtB,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,OACF,CACF;CACA,MAAM,aAAa,IAAI,WAAA,EAAgC;CACvD,WAAW,IAAI,IAAI,CAAC;CACpB,WAAW,IAAI,YAAY,SAAS,GAAA,EAAoB,GAAA,EAAoB;CAC5E,OAAO,IAAI,WACT,MAAM,OAAO,OAAO,QAClB;EAAE,MAAM;EAAW,IAAI;CAAO,GAC9B,IAAI,QACJ,UACF,CACF;AACF;AAEA,SAAS,eAAe,MAAkB,KAA6B;CACrE,MAAM,YAAY,IAAI,WAAA,EAA4B;CAClD,UAAU,IAAI,MAAM,CAAC;CACrB,UAAU,IAAI,KAAK,cAAc;CACjC,OAAO;AACT;AAEA,eAAe,cACb,QACA,OACA,KACA,MACA,WACoB;CACpB,MAAM,OAAO,IAAI,WAAW,cAAc;CAC1C,UAAU,MAAM,WAAW,IAAI;CAG/B,OAAO,SAAS,QAAQ,MADA,eAAe,KAAK,eAAe,MAAM,MAD/C,WAAW,KAAK,OAAO,MAAM,IAAI,CACiB,CAAC,CACpC;AACnC;AAEA,eAAe,mBACb,QACA,OACA,KACA,MACA,IACuC;CACvC,MAAM,YAAY,MAAM,eAAe,KAAK,mBAAmB,QAAQ,EAAE,CAAC;CAC1E,MAAM,OAAO,UAAU,SAAS,GAAG,cAAc;CAGjD,IAAI,CAAC,UAFO,UAAU,SAAS,gBAAA,EAEd,GAAG,MADG,WAAW,KAAK,OAAO,MAAM,IAAI,CAC5B,GAAG,OAAO;CACtC,OAAO,SAAS,MAAM,IAAI;AAC5B;AAEA,SAAS,cAAoC,QAA+B;CAC1E,OAAO,SAAS,IAAI,OAAO,mBAAmB;AAChD;AAEA,SAAgB,uBACd,QACA,OACA,MACA,MACA;CACA,MAAM,UAAU,KAAK;CACrB,OAAO;EACL,OAAO,cACL,cAAc,QAAQ,OAAO,SAAS,MAAM,SAAS;EACvD,QAAQ,OAAO,OAAkD;GAC/D,KAAK,MAAM,OAAO,MAAM;IACtB,MAAM,YAAY,MAAM,mBAAmB,QAAQ,OAAO,KAAK,MAAM,EAAE;IACvE,IAAI,cAAc,MAAM,OAAO;GACjC;GACA,MAAM,IAAI,MAAM,qBAAqB;EACvC;EACA,WAAW,OAAO,OAAyD;GACzE,KAAK,MAAM,OAAO,MAAM;IACtB,MAAM,YAAY,MAAM,mBAAmB,QAAQ,OAAO,KAAK,MAAM,EAAE;IACvE,IAAI,cAAc,MAAM,OAAO;GACjC;GACA,OAAO;EACT;EACA,qBAAgC,cAAc,MAAM;CACtD;AACF;;;AC1NA,MAAM,sBAAsB,IAAI,IAAI;CAAC;CAAI;CAAI;AAAE,CAAC;AAEhD,MAAM,UAAU,IAAI,YAAY,CAAC,CAAC,OAAO,2BAA2B;AACpE,MAAM,WAAW,IAAI,YAAY,CAAC,CAAC,OAAO,4BAA4B;AA6BtE,MAAM,4BAAY,IAAI,QAA2C;;;;;;;;;;;AAYjE,eAAsB,kBAAkB,OAAyC;CAC/E,yBAAyB,MAAM,MAAM;CACrC,MAAM,SAAS,MAAM,aAAa,KAAK;CACvC,MAAM,UAAU,MAAM,cAAc,KAAK;CACzC,MAAM,MAAM,OAAO,OAAO,CAAC,CAAC;CAC5B,UAAU,IAAI,KAAK;EACjB,UAAU,MAAM,MAAM;EACtB;EACA;CACF,CAAC;CACD,OAAO;AACT;;;;;;;AAQA,SAAgB,kBAAkB,OAAmB,QAAmC;CACtF,wBAAwB,MAAM;CAC9B,yBAAyB,MAAM,MAAM;CACrC,IAAI,WAAW,OAAO,OAAO,UAAU,KAAK;CAC5C,OAAO,gBAAgB,KAAK;AAC9B;;;;;;AAOA,SAAgB,kBAAkB,SAAiB,QAAuC;CACxF,wBAAwB,MAAM;CAC9B,IAAI;CACJ,IAAI,WAAW,OAAO;EACpB,IAAI,QAAQ,WAAW,KAAK,QAAQ,SAAS,MAAM,GACjD,MAAM,IAAI,MAAM,sEAAsE;EAExF,IAAI,CAAC,iBAAiB,KAAK,OAAO,GAChC,MAAM,IAAI,MAAM,4CAA4C;EAE9D,QAAQ,UAAU,OAAO;CAC3B,OACE,IAAI;EACF,QAAQ,gBAAgB,OAAO;CACjC,QAAQ;EACN,MAAM,IAAI,MAAM,uBAAuB;CACzC;CAEF,yBAAyB,MAAM,MAAM;CACrC,OAAO;AACT;;AAGA,SAAgB,kBAAkB,GAAgB,GAAyB;CACzE,MAAM,aAAa,wBAAwB,CAAC;CAC5C,MAAM,aAAa,wBAAwB,CAAC;CAC5C,IAAI,WAAW,SAAS,WAAW,WAAW,SAAS,QAAQ,OAAO;CACtE,KAAK,IAAI,IAAI,GAAG,IAAI,WAAW,SAAS,QAAQ,KAC9C,IAAI,WAAW,SAAS,OAAO,WAAW,SAAS,IAAI,OAAO;CAEhE,OAAO;AACT;AAEA,SAAgB,uBAAuB,KAAuC;CAC5E,MAAM,eAAe,wBAAwB,GAAG;CAChD,OAAO;EACL,QAAQ,aAAa;EACrB,SAAS,aAAa;CACxB;AACF;AAEA,SAAS,wBAAwB,KAAwC;CACvE,MAAM,eAAe,UAAU,IAAI,GAAG;CACtC,IAAI,iBAAiB,KAAA,GACnB,MAAM,IAAI,MAAM,sBAAsB;CAExC,OAAO;AACT;AAEA,eAAe,aAAa,OAAuC;CACjE,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,MAAM,IAAI,WAAW;EAAG,MAAM;CAAQ,GACvE,MACA;EAAE,MAAM;EAAW,QAAQ;CAAI,GAC/B,OACA,CAAC,WAAW,SAAS,CACvB;AACF;AAEA,eAAe,cAAc,OAAuC;CAClE,MAAM,OAAO,MAAM,OAAO,OAAO,UAC/B,OACA,OACA,QACA,OACA,CAAC,WAAW,CACd;CACA,OAAO,OAAO,OAAO,UACnB;EAAE,MAAM;EAAQ,MAAM;EAAW,MAAM,IAAI,WAAW;EAAG,MAAM;CAAS,GACxE,MACA;EAAE,MAAM;EAAQ,MAAM;EAAW,QAAQ;CAAI,GAC7C,OACA,CAAC,QAAQ,QAAQ,CACnB;AACF;AAEA,SAAS,yBAAyB,YAA0B;CAC1D,IAAI,CAAC,oBAAoB,IAAI,UAAU,GACrC,MAAM,IAAI,MAAM,kEAAkE,YAAY;AAElG;AAEA,SAAS,wBAAwB,QAAsD;CACrF,IAAI,WAAW,SAAS,WAAW,aACjC,MAAM,IAAI,MACR,gEAAgE,eAAe,MAAM,EAAE,EACzF;AAEJ;AAEA,SAAS,eAAe,OAAwB;CAC9C,IAAI;EACF,OAAO,OAAO,KAAK;CACrB,QAAQ;EACN,OAAO;CACT;AACF;;;ACnFA,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS;AACf,MAAM,SAAS,EAAE,MAAM;AACvB,MAAM,UAAU,MAAM,OAAO;AAE7B,SAAS,oBAAoB,MAAgD;CAC3E,IAAI,SAAS,SAAS,SAAS,SAAS,SAAS,SAAS,SAAS,OACjE,MAAM,IAAI,MAAM,0DAA0D;AAE9E;AAEA,SAAS,sBAAsB,MAAoC;CACjE,IAAI,KAAK,WAAW,GAClB,MAAM,IAAI,MAAM,+CAA+C;AAEnE;AAEA,SAAS,uBAAuB,MAAoC;CAClE,KAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAC/B,KAAK,IAAI,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KACnC,IAAI,kBAAkB,KAAK,IAAK,KAAK,EAAG,GACtC,MAAM,IAAI,MAAM,mCAAmC;AAI3D;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IACE,OAAO,cAAc,YACrB,CAAC,OAAO,UAAU,SAAS,KAC3B,OAAO,GAAG,WAAW,EAAE,KACvB,YAAY,KACZ,YAAY,QAEZ,MAAM,IAAI,MAAM,mDAAmD,OAAO,SAAS,WAAW;AAElG;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IACE,OAAO,cAAc,YACrB,CAAC,OAAO,UAAU,SAAS,KAC3B,OAAO,GAAG,WAAW,EAAE,KACvB,YAAY,UACZ,YAAY,QAEZ,MAAM,IAAI,MACR,gDAAgD,OAAO,IAAI,OAAO,SAAS,WAC7E;AAEJ;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IAAI,OAAO,cAAc,YAAY,YAAY,MAAM,YAAY,QACjE,MAAM,IAAI,MAAM,kDAAkD,OAAO,SAAS,WAAW;AAEjG;AAEA,SAAS,mBAAmB,WAAiD;CAC3E,IAAI,OAAO,cAAc,YAAY,YAAY,UAAU,YAAY,QACrE,MAAM,IAAI,MACR,+CAA+C,OAAO,IAAI,OAAO,SAAS,WAC5E;AAEJ;AAEA,SAAS,gBACP,MACA,WAC6C;CAC7C,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,IAAI,SAAS,OAAO;EAClB,mBAAmB,SAAS;EAC5B;CACF;CACA,mBAAmB,SAAS;AAC9B;;;;;;;;;;;;;;;;;;AAmBA,SAAgB,mBACd,OACA,MAC8B;CAC9B,cAAc,KAAK;CACnB,cAAc,OAAO,KAAK,mBAAmB;CAC7C,oBAAoB,KAAK,IAAI;CAC7B,sBAAsB,KAAK,IAAI;CAC/B,MAAM,aAAa,KAAK,KAAK,IAAI,sBAAsB;CACvD,uBAAuB,KAAK,IAAI;CAEhC,MAAM,SAAwB,GAAG,MAAM;CACvC,MAAM,OAAO,YAAY,MAAM;CAC/B,MAAM,SAAS,uBAAuB,QAAQ,OAAO,KAAK,MAAM,UAAU;CAE1E,OAAO;EACL,MAAM,OAAO,cAAc;GACzB,gBAAgB,KAAK,MAAM,SAAS;GACpC,OAAO,OAAO,KAAK,SAAS;EAC9B;EACA,SAAS,OAAO,OAAO,OAAO,EAAE;EAChC,YAAY,OAAO,UAAU;GAC3B,MAAM,SAAS,KAAK,UAAU,KAAK;GACnC,IAAI,CAAC,OAAO,IAAI,OAAO;GACvB,MAAM,YAAY,MAAM,OAAO,UAAU,OAAO,EAAE;GAClD,IAAI,cAAc,MAAM,OAAO;IAAE,IAAI;IAAO,OAAO;GAAsB;GACzE,OAAO;IAAE,IAAI;IAAM,IAAI,OAAO;IAAI;GAAU;EAC9C;EACA,IAAI,KAAK;EACT,OAAO,KAAK;EACZ,WAAW,KAAK;EAChB,oBAAoB,KAAK,aAAa,OAAO,OAAO,cAAc,CAAC;EACnE,aAAa,KAAK;CACpB;AACF"}

package/dist/wrapped.d.mts ADDED Viewed

@@ -0,0 +1,133 @@
+import { a as StandardSchemaProps, i as ParseResult, n as JsonSchema, r as ParseError, t as Id } from "./types-g7CiQDyE.mjs";
+//#region src/wrapping-key.d.ts
+/** Wire encoding for wrapping operator secret bytes (not Crockford base32). */
+type WrappingKeyFormat = "hex" | "base64url";
+declare const wrappingKeyBrand: unique symbol;
+/**
+* Opaque imported handle for one operator wrapping secret.
+*
+* Holds derived AES and HMAC subkeys internally; callers never access subkeys
+* or raw `CryptoKey` values directly. Obtain handles via {@link importWrappingKey}
+* and pass them to `createWrappedKeyId` as the `keys` wrapping keyring.
+*
+* Distinct from the **Opaque key** used by `@smonn/ids/opaque` — one raw
+* secret must not silently serve both codecs without an explicit import.
+*/
+type WrappingKey = {
+  readonly [wrappingKeyBrand]: "WrappingKey";
+};
+/**
+* Import raw operator secret bytes into a {@link WrappingKey} handle.
+*
+* One raw secret derives into AES and HMAC subkeys held inside the returned
+* handle. Accepts 16, 24, or 32 bytes (AES-128 / AES-192 / AES-256 strength).
+* To store or transport key material, use {@link encodeWrappingKey} /
+* {@link decodeWrappingKey} (`"hex"` or `"base64url"` — not Crockford base32).
+*
+* @param bytes - 16, 24, or 32 raw key bytes.
+*/
+declare function importWrappingKey(bytes: Uint8Array): Promise<WrappingKey>;
+/**
+* Encode raw wrapping operator secret bytes for storage in env vars or secret managers.
+*
+* Supports `"hex"` (lowercase) and `"base64url"`. Output round-trips through
+* {@link decodeWrappingKey} back to the original bytes.
+*/
+declare function encodeWrappingKey(bytes: Uint8Array, format: WrappingKeyFormat): string;
+/**
+* Decode key material emitted by {@link encodeWrappingKey} back to raw bytes.
+*
+* The result can be passed directly to {@link importWrappingKey}.
+*/
+declare function decodeWrappingKey(encoded: string, format: WrappingKeyFormat): Uint8Array;
+//#endregion
+//#region src/wrapped.d.ts
+type WrappedKind = "u32" | "i32" | "u64" | "i64";
+type LookupKeyForKind<K extends WrappedKind> = K extends "u32" | "i32" ? number : bigint;
+/**
+* Result returned by {@link WrappedKeyCodec.safeUnwrap}.
+*
+* On success, `id` is the canonical {@link Id} and `lookupKey` is the recovered
+* integer (`number` for 32-bit kinds, `bigint` for 64-bit kinds).
+* On failure, `error` is a {@link ParseError} for structural problems or
+* `"verification_failed"` when the payload is structurally valid but the
+* verification tag does not match any entry in the wrapping keyring.
+*/
+type UnwrapResult<Brand extends string, Kind extends WrappedKind> = {
+  ok: true;
+  id: Id<Brand>;
+  lookupKey: LookupKeyForKind<Kind>;
+} | {
+  ok: false;
+  error: ParseError | "verification_failed";
+};
+/**
+* Codec returned by {@link createWrappedKeyId}.
+*
+* Wraps a caller-owned integer **lookup key** into a public {@link Id} and
+* recovers it on unwrap. The codec is deterministic under fixed key material:
+* the same lookup key always yields the same public ID (**equality leakage**).
+*
+* - `wrap` / `unwrap` / `safeUnwrap` are async (WebCrypto).
+* - `is`, `parse`, `safeParse`, and `toJsonSchema` are synchronous and require
+*   no key material — they validate prefix and base32 shape only.
+* - The `Kind` type parameter drives value types at the TypeScript boundary:
+*   `u32` / `i32` → `number`; `u64` / `i64` → `bigint`.
+*/
+type WrappedKeyCodec<Brand extends string, Kind extends WrappedKind> = {
+  /**
+  * Wrap `lookupKey` into a public ID using the current (first) wrapping key.
+  *
+  * Throws if `lookupKey` is out of range or the wrong JS type for `Kind`.
+  */
+  wrap(lookupKey: LookupKeyForKind<Kind>): Promise<Id<Brand>>;
+  /**
+  * Verify the payload of a trusted `Id<Brand>` and return the lookup key.
+  *
+  * Throws `"verification failed"` if no entry in the wrapping keyring matches
+  * the payload tag. Use {@link safeUnwrap} for untrusted input.
+  */
+  unwrap(id: Id<Brand>): Promise<LookupKeyForKind<Kind>>;
+  /**
+  * Non-throwing path for untrusted input.
+  *
+  * Structurally parses `input` first (same rules as {@link safeParse}), then
+  * verifies the payload. Returns `{ ok: false, error }` on any failure —
+  * `ParseError` for structural problems or `"verification_failed"` for tag
+  * mismatch — without throwing. Tamper, wrong keyring, and revoked-key cases
+  * all surface as `"verification_failed"`.
+  */
+  safeUnwrap(input: unknown): Promise<UnwrapResult<Brand, Kind>>; /** Strict type guard: `true` only for already-canonical `Id<Brand>` strings. */
+  is(value: unknown): value is Id<Brand>; /** Normalise to canonical form, or throw on parse failure. */
+  parse(value: unknown): Id<Brand>; /** Normalise to canonical form, or return `{ ok: false, error }`. */
+  safeParse(value: unknown): ParseResult<Brand>;
+  toJsonSchema(): JsonSchema;
+  readonly "~standard": StandardSchemaProps<Brand>;
+};
+type WrappedKeyOptions<K extends WrappedKind> = {
+  kind: K;
+  keys: [WrappingKey, ...WrappingKey[]];
+  allowDuplicateBrand?: boolean;
+};
+/**
+* Construct a {@link WrappedKeyCodec} for `brand` and the given `kind`.
+*
+* `opts.kind` fixes the integer type at construction time — one brand, one
+* kind. `opts.keys` is a non-empty ordered wrapping keyring: the first entry
+* is current (used by `wrap`); all entries are tried on `unwrap`; duplicate
+* operator secrets are rejected at construction.
+*
+* @example
+* ```ts
+* const key = await importWrappingKey(new Uint8Array(32));
+* const invoices = createWrappedKeyId("inv", { kind: "u32", keys: [key] });
+*
+* const id = await invoices.wrap(42);      // Id<"inv">
+* await invoices.unwrap(id);               // 42
+* ```
+*/
+declare function createWrappedKeyId<Brand extends string, Kind extends WrappedKind>(brand: Brand, opts: WrappedKeyOptions<Kind>): WrappedKeyCodec<Brand, Kind>;
+//#endregion
+export { UnwrapResult, WrappedKeyCodec, WrappedKeyOptions, WrappedKind, type WrappingKey, type WrappingKeyFormat, createWrappedKeyId, decodeWrappingKey, encodeWrappingKey, importWrappingKey };
+//# sourceMappingURL=wrapped.d.mts.map

package/dist/wrapped.d.mts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"wrapped.d.mts","names":[],"sources":["../src/wrapping-key.ts","../src/wrapped.ts"],"mappings":";;;;KAGY,iBAAA;AAAA,cAOE,gBAAA;AAPd;;;;AAAY;AAA4B;;;;AAO1B;AAPd,KAmBY,WAAA;EAAA,UACA,gBAAA;AAAA;;;;;;;;;;;iBA0BU,iBAAA,CAAkB,KAAA,EAAO,UAAA,GAAa,OAAA,CAAQ,WAAA;AAAA;AAmBpE;;;;;AAnBoE,iBAmBpD,iBAAA,CAAkB,KAAA,EAAO,UAAA,EAAY,MAAA,EAAQ,iBAAA;;;;AAAA;AAY7D;iBAAgB,iBAAA,CAAkB,OAAA,UAAiB,MAAA,EAAQ,iBAAA,GAAoB,UAAA;;;KClDnE,WAAA;AAAA,KAEP,gBAAA,WAA2B,WAAA,IAAe,CAAA;;;AD7BnC;AAA4B;;;;AAO1B;AAYd;KCqBY,YAAA,oCAAgD,WAAA;EACtD,EAAA;EAAU,EAAA,EAAI,EAAA,CAAG,KAAA;EAAQ,SAAA,EAAW,gBAAA,CAAiB,IAAA;AAAA;EACrD,EAAA;EAAW,KAAA,EAAO,UAAA;AAAA;;;;;;;ADI4C;AAmBpE;;;;;;KCRY,eAAA,oCAAmD,WAAA;EDoB/D;;;;;ECdE,IAAA,CAAK,SAAA,EAAW,gBAAA,CAAiB,IAAA,IAAQ,OAAA,CAAQ,EAAA,CAAG,KAAA;;;;ADcyB;;;ECP7E,MAAA,CAAO,EAAA,EAAI,EAAA,CAAG,KAAA,IAAS,OAAA,CAAQ,gBAAA,CAAiB,IAAA;EA3ClD;;;;AAAY;AAAsC;;;;EAqDhD,UAAA,CAAW,KAAA,YAAiB,OAAA,CAAQ,YAAA,CAAa,KAAA,EAAO,IAAA;EAExD,EAAA,CAAG,KAAA,YAAiB,KAAA,IAAS,EAAA,CAAG,KAAA,GArDa;EAuD7C,KAAA,CAAM,KAAA,YAAiB,EAAA,CAAG,KAAA,GA5C5B;EA8CE,SAAA,CAAU,KAAA,YAAiB,WAAA,CAAY,KAAA;EACvC,YAAA,IAAgB,UAAA;EAAA,SACP,WAAA,EAAa,mBAAA,CAAoB,KAAA;AAAA;AAAA,KAGhC,iBAAA,WAA4B,WAAA;EACtC,IAAA,EAAM,CAAA;EACN,IAAA,GAAO,WAAA,KAAgB,WAAA;EACvB,mBAAA;AAAA;;;;;;;;;;;;;;;;AApDsB;AAexB;iBAiJgB,kBAAA,oCAAsD,WAAA,EACpE,KAAA,EAAO,KAAA,EACP,IAAA,EAAM,iBAAA,CAAkB,IAAA,IACvB,eAAA,CAAgB,KAAA,EAAO,IAAA"}

package/dist/wrapped.mjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { i as importWrappingKey, n as decodeWrappingKey, r as encodeWrappingKey, t as createWrappedKeyId } from "./wrapped-Dw5mHQhn.mjs";
2	+ export { createWrappedKeyId, decodeWrappingKey, encodeWrappingKey, importWrappingKey };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@smonn/ids",
-  "version": "0.4.0",
+  "version": "0.6.0",
   "license": "MIT",
   "author": "Simon Ingeson (https://github.com/smonn)",
   "repository": {
@@ -17,21 +17,57 @@
   "exports": {
     ".": "./dist/index.mjs",
     "./opaque": "./dist/opaque.mjs",
+    "./reverse": "./dist/reverse.mjs",
+    "./wrapped": "./dist/wrapped.mjs",
+    "./drizzle": "./dist/drizzle.mjs",
+    "./hono": "./dist/hono.mjs",
+    "./kysely": "./dist/kysely.mjs",
+    "./prisma": "./dist/prisma.mjs",
+    "./express": "./dist/express.mjs",
     "./package.json": "./package.json"
   },
   "devDependencies": {
     "@changesets/cli": "2.31.0",
-    "@types/node": "25.9.1",
+    "@types/express": "^5.0.6",
+    "@types/node": "25.9.3",
     "@vitest/coverage-v8": "4.1.8",
-    "dependency-cruiser": "16.10.4",
-    "knip": "6.15.0",
+    "dependency-cruiser": "17.4.3",
+    "drizzle-orm": "^0.45.2",
+    "express": "^5.2.1",
+    "hono": "^4.12.26",
+    "knip": "6.16.1",
+    "kysely": "^0.29.2",
     "mitata": "1.0.34",
-    "oxfmt": "0.53.0",
-    "oxlint": "1.68.0",
-    "tsdown": "0.22.1",
+    "oxfmt": "0.55.0",
+    "oxlint": "1.69.0",
+    "tsdown": "0.22.2",
     "typescript": "6.0.3",
     "vitest": "4.1.8"
   },
+  "peerDependencies": {
+    "@prisma/client": ">=5.0.0",
+    "drizzle-orm": ">=0.30.0",
+    "express": ">=4.0.0",
+    "hono": ">=4.0.0",
+    "kysely": ">=0.27.0"
+  },
+  "peerDependenciesMeta": {
+    "drizzle-orm": {
+      "optional": true
+    },
+    "express": {
+      "optional": true
+    },
+    "hono": {
+      "optional": true
+    },
+    "kysely": {
+      "optional": true
+    },
+    "@prisma/client": {
+      "optional": true
+    }
+  },
   "engines": {
     "node": ">=24.0.0"
   },