npm - @time-file/browser-file-crypto - Versions diffs - 1.0.0 - Mend

@time-file/browser-file-crypto 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2025 TimeFile
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.ko.md ADDED Viewed

@@ -0,0 +1,287 @@
+# @time-file/browser-file-crypto
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/og-image.png" alt="browser-file-crypto" width="100%" />
+</p>
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/hero.ko.png" alt="Hero" width="100%" />
+</p>
+<p align="center">
+  Web Crypto API 기반의 브라우저 파일 암호화 라이브러리입니다.
+</p>
+<p align="center">
+  <a href="https://www.npmjs.com/package/@time-file/browser-file-crypto"><img src="https://img.shields.io/npm/v/@time-file/browser-file-crypto.svg" alt="npm version" /></a>
+  <a href="https://bundlephobia.com/package/@time-file/browser-file-crypto"><img src="https://img.shields.io/bundlephobia/minzip/@time-file/browser-file-crypto" alt="bundle size" /></a>
+  <a href="https://github.com/time-file/browser-file-crypto/stargazers"><img src="https://img.shields.io/github/stars/time-file/browser-file-crypto?style=flat" alt="stars" /></a>
+  <a href="./LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT" /></a>
+</p>
+<p align="center">
+  <a href="./README.md">English</a> | <strong>한국어</strong>
+</p>
+## 특징
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/features-grid.ko.png" alt="Features" width="100%" />
+</p>
+- **Zero-Knowledge** - 클라이언트 측 암호화로 서버는 평문을 볼 수 없습니다.
+- **Zero-Dependency** - 네이티브 Web Crypto API만 사용합니다.
+- **AES-256-GCM** - 업계 표준 인증 암호화 방식입니다.
+- **비밀번호 & 키파일** - 용도에 따라 두 가지 모드를 지원합니다.
+- **진행률 콜백** - 암호화/복호화 진행 상황을 추적할 수 있습니다.
+- **TypeScript** - 완전한 타입 정의가 포함되어 있습니다.
+- **초경량** - gzip 압축 시 4KB 미만의 용량을 자랑합니다.
+## 왜 사용해야 하나요?
+Web Crypto API는 강력하지만 사용이 복잡합니다. 파일 하나를 암호화하는 데만 약 100줄의 보일러플레이트 코드가 필요하며, 치명적인 실수를 저지르기 쉽습니다.
+- ❌ IV 재사용 (보안에 치명적)
+- ❌ 낮은 PBKDF2 반복 횟수 (브루트포스 공격에 취약)
+- ❌ salt/IV를 출력에 포함하지 않음 (복호화 불가)
+- ❌ ArrayBuffer 슬라이싱 오류 (데이터 손상)
+> 이 라이브러리가 모든 것을 처리합니다.
+```typescript
+// ❌ Before - Raw Web Crypto API
+const encoder = new TextEncoder();
+const salt = crypto.getRandomValues(new Uint8Array(16));
+const iv = crypto.getRandomValues(new Uint8Array(12));
+const keyMaterial = await crypto.subtle.importKey(
+  'raw', encoder.encode(password), 'PBKDF2', false, ['deriveKey']
+);
+const key = await crypto.subtle.deriveKey(
+  { name: 'PBKDF2', salt, iterations: 100000, hash: 'SHA-256' },
+  keyMaterial,
+  { name: 'AES-GCM', length: 256 },
+  false,
+  ['encrypt']
+);
+const arrayBuffer = await file.arrayBuffer();
+const ciphertext = await crypto.subtle.encrypt(
+  { name: 'AES-GCM', iv },
+  key,
+  arrayBuffer
+);
+const result = new Uint8Array(1 + salt.length + iv.length + ciphertext.byteLength);
+result.set([0x01], 0);
+result.set(salt, 1);
+result.set(iv, 17);
+result.set(new Uint8Array(ciphertext), 29);
+// ... 복호화도 30줄 이상 필요합니다
+```
+```typescript
+// ✅ After - With this library
+const encrypted = await encryptFile(file, { password: 'secret' });
+const decrypted = await decryptFile(encrypted, { password: 'secret' });
+```
+**끝입니다.**
+## 비교
+| 기능 | crypto-js | @aws-crypto | Web Crypto (직접) | **browser-file-crypto** |
+|------|-----------|-------------|-------------------|------------------------|
+| 유지보수 | ❌ 중단됨 | ✅ | - | ✅ |
+| 번들 크기 | ~50KB | ~200KB+ | 0 | **< 4KB** |
+| 의존성 | 많음 | 많음 | 없음 | **없음** |
+| 파일 특화 API | ❌ | ⚠️ | ❌ | **✅** |
+| 진행률 콜백 | ❌ | ❌ | ❌ | **✅** |
+| 키파일 모드 | ❌ | ❌ | ❌ | **✅** |
+| 타입 감지 | ❌ | ❌ | ❌ | **✅** |
+| TypeScript | ❌ | ✅ | - | **✅** |
+## 설치
+```bash
+# npm
+npm install @time-file/browser-file-crypto
+# pnpm
+pnpm add @time-file/browser-file-crypto
+# yarn
+yarn add @time-file/browser-file-crypto
+```
+## 빠른 시작
+```typescript
+import { encryptFile, decryptFile } from '@time-file/browser-file-crypto';
+// 암호화
+const file = document.querySelector('input[type="file"]').files[0];
+const encrypted = await encryptFile(file, {
+  password: 'my-secret-password',
+  onProgress: ({ phase, progress }) => console.log(`${phase}: ${progress}%`)
+});
+// 복호화
+const decrypted = await decryptFile(encrypted, {
+  password: 'my-secret-password'
+});
+```
+## API
+### `encryptFile(file, options)`
+```typescript
+const encrypted = await encryptFile(file, {
+  password: 'secret',        // 또는
+  keyData: keyFile.key,      // 키파일 사용
+  onProgress: (p) => {}      // 선택 사항
+});
+```
+### `decryptFile(encrypted, options)`
+```typescript
+const decrypted = await decryptFile(encrypted, {
+  password: 'secret',        // 또는
+  keyData: keyFile.key,
+  onProgress: (p) => {}
+});
+```
+### 키파일 모드
+비밀번호를 기억할 필요가 없습니다:
+```typescript
+import { generateKeyFile, downloadKeyFile, parseKeyFile } from '@time-file/browser-file-crypto';
+const keyFile = generateKeyFile();
+downloadKeyFile(keyFile.key, 'my-secret-key');           // .key 파일로 저장 (기본값)
+// 커스텀 확장자
+downloadKeyFile(keyFile.key, 'my-secret-key', 'tfkey');  // .tfkey 파일로 저장
+const encrypted = await encryptFile(file, { keyData: keyFile.key });
+// 나중에 불러와서 사용
+const content = await uploadedFile.text();
+const loaded = parseKeyFile(content);
+if (loaded) {
+  const decrypted = await decryptFile(encrypted, { keyData: loaded.key });
+}
+```
+### 유틸리티
+```typescript
+import { getEncryptionType, isEncryptedFile, generateRandomPassword } from '@time-file/browser-file-crypto';
+await getEncryptionType(blob);  // 'password' | 'keyfile' | 'unknown'
+await isEncryptedFile(blob);    // true | false
+generateRandomPassword(24);     // 'Kx9#mP2$vL5@nQ8!...'
+```
+### 다운로드 & 복호화
+```typescript
+import { downloadAndDecrypt } from '@time-file/browser-file-crypto';
+await downloadAndDecrypt('https://example.com/secret.enc', {
+  password: 'secret',
+  fileName: 'document.pdf',
+  onProgress: ({ phase, progress }) => console.log(`${phase}: ${progress}%`)
+});
+```
+### 에러 처리
+```typescript
+import { isCryptoError } from '@time-file/browser-file-crypto';
+try {
+  await decryptFile(encrypted, { password: 'wrong' });
+} catch (error) {
+  if (isCryptoError(error)) {
+    // error.code: 'INVALID_PASSWORD' | 'INVALID_KEYFILE' | 'INVALID_ENCRYPTED_DATA'
+  }
+}
+```
+## 보안
+### 스펙
+| 구성 요소 | 값 |
+|-----------|------|
+| 알고리즘 | AES-256-GCM |
+| 키 유도 | PBKDF2 (SHA-256, 100,000회 반복) |
+| Salt | 16바이트 (암호화마다 랜덤 생성) |
+| IV | 12바이트 (암호화마다 랜덤 생성) |
+| Auth Tag | 16바이트 |
+### 파일 포맷
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/file-format.ko.png" alt="File Format" width="100%" />
+</p>
+```
+비밀번호 암호화:
+=> [0x01] + [salt:16] + [iv:12] + [ciphertext + auth_tag:16]
+키파일 암호화:
+=> [0x02] + [iv:12] + [ciphertext + auth_tag:16]
+```
+### 참고 사항
+- 키는 추출이 불가능합니다 (`extractable: false`)
+- 매번 랜덤 IV/salt를 사용하므로 동일한 암호문이 생성되지 않습니다
+- AES-GCM은 인증 암호화 방식입니다 (변조 감지 가능)
+- 100,000회 PBKDF2 반복으로 브루트포스 공격에 강합니다
+## 브라우저 지원
+| 브라우저 | 버전 |
+|---------|------|
+| Chrome | 80+ |
+| Firefox | 74+ |
+| Safari | 14+ |
+| Edge | 80+ |
+Node.js 18+, Deno, Cloudflare Workers에서도 동작합니다.
+## TypeScript
+```typescript
+import type {
+  EncryptOptions,
+  DecryptOptions,
+  Progress,
+  KeyFile,
+  EncryptionType,
+  CryptoErrorCode
+} from '@time-file/browser-file-crypto';
+```
+## 링크
+- [변경 이력](./CHANGELOG.md)
+- [라이선스](./LICENSE)
+- [npm](https://www.npmjs.com/package/@time-file/browser-file-crypto)
+- [GitHub](https://github.com/time-file/browser-file-crypto)
+## 라이선스
+[MIT](./LICENSE)
+---
+<p align="center">
+  <a href="https://timefile.co/ko">
+    <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/timefile-footer.ko.png#gh-light-mode-only" alt="Made by timefile.co" />
+    <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/timefile-footer-dark.ko.png#gh-dark-mode-only" alt="Made by timefile.co" />
+  </a>
+</p>

package/README.md ADDED Viewed

@@ -0,0 +1,292 @@
+# @time-file/browser-file-crypto
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/og-image.png#gh-light-mode-only" alt="browser-file-crypto" width="100%" />
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/og-image-dark.png#gh-dark-mode-only" alt="browser-file-crypto" width="100%" />
+</p>
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/encryption-structure.png#gh-light-mode-only" alt="Encryption Flow" width="100%" />
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/encryption-structure-dark.png#gh-dark-mode-only" alt="Encryption Flow" width="100%" />
+</p>
+<p align="center">
+  Zero-dependency file encryption for browsers using Web Crypto API.
+</p>
+<p align="center">
+  <a href="https://www.npmjs.com/package/@time-file/browser-file-crypto"><img src="https://img.shields.io/npm/v/@time-file/browser-file-crypto.svg" alt="npm version" /></a>
+  <a href="https://bundlephobia.com/package/@time-file/browser-file-crypto"><img src="https://img.shields.io/bundlephobia/minzip/@time-file/browser-file-crypto" alt="bundle size" /></a>
+  <a href="https://github.com/time-file/browser-file-crypto/stargazers"><img src="https://img.shields.io/github/stars/time-file/browser-file-crypto?style=flat" alt="stars" /></a>
+  <a href="./LICENSE"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT" /></a>
+</p>
+<p align="center">
+  <strong>English</strong> | <a href="./README.ko.md">한국어</a>
+</p>
+## Features
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/features-grid.png#gh-light-mode-only" alt="Features" width="100%" />
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/features-grid-dark.png#gh-dark-mode-only" alt="Features" width="100%" />
+</p>
+- **Zero-Knowledge** - Client-side encryption, server never sees plaintext
+- **Zero-Dependency** - Native Web Crypto API only
+- **AES-256-GCM** - Industry-standard authenticated encryption
+- **Password & Keyfile** - Two modes for different use cases
+- **Progress Callbacks** - Track encryption/decryption progress
+- **TypeScript** - Full type definitions
+- **Tiny** - < 4KB gzipped
+## Why?
+Web Crypto API is powerful but verbose. You need ~100 lines of boilerplate just to encrypt a file, and it's easy to make critical mistakes.
+- ❌ Reusing IV (catastrophic for security)
+- ❌ Low PBKDF2 iterations (brute-forceable)
+- ❌ Missing salt/IV in output (can't decrypt later)
+- ❌ Wrong ArrayBuffer slicing (corrupted data)
+> This library handles it all.
+```typescript
+// ❌ Before - Raw Web Crypto API
+const encoder = new TextEncoder();
+const salt = crypto.getRandomValues(new Uint8Array(16));
+const iv = crypto.getRandomValues(new Uint8Array(12));
+const keyMaterial = await crypto.subtle.importKey(
+  'raw', encoder.encode(password), 'PBKDF2', false, ['deriveKey']
+);
+const key = await crypto.subtle.deriveKey(
+  { name: 'PBKDF2', salt, iterations: 100000, hash: 'SHA-256' },
+  keyMaterial,
+  { name: 'AES-GCM', length: 256 },
+  false,
+  ['encrypt']
+);
+const arrayBuffer = await file.arrayBuffer();
+const ciphertext = await crypto.subtle.encrypt(
+  { name: 'AES-GCM', iv },
+  key,
+  arrayBuffer
+);
+const result = new Uint8Array(1 + salt.length + iv.length + ciphertext.byteLength);
+result.set([0x01], 0);
+result.set(salt, 1);
+result.set(iv, 17);
+result.set(new Uint8Array(ciphertext), 29);
+// ... and decryption is another 30 lines
+```
+```typescript
+// ✅ After - With this library
+const encrypted = await encryptFile(file, { password: 'secret' });
+const decrypted = await decryptFile(encrypted, { password: 'secret' });
+```
+**Done.**
+## Comparison
+| Feature | crypto-js | @aws-crypto | Web Crypto (direct) | **browser-file-crypto** |
+|---------|-----------|-------------|---------------------|------------------------|
+| Maintained | ❌ Deprecated | ✅ | - | ✅ |
+| Bundle size | ~50KB | ~200KB+ | 0 | **< 4KB** |
+| Dependencies | Many | Many | None | **None** |
+| File-focused API | ❌ | ⚠️ | ❌ | **✅** |
+| Progress callbacks | ❌ | ❌ | ❌ | **✅** |
+| Keyfile mode | ❌ | ❌ | ❌ | **✅** |
+| Type detection | ❌ | ❌ | ❌ | **✅** |
+| TypeScript | ❌ | ✅ | - | **✅** |
+## Install
+```bash
+# npm
+npm install @time-file/browser-file-crypto
+# pnpm
+pnpm add @time-file/browser-file-crypto
+# yarn
+yarn add @time-file/browser-file-crypto
+```
+## Quick Start
+```typescript
+import { encryptFile, decryptFile } from '@time-file/browser-file-crypto';
+// Encrypt
+const file = document.querySelector('input[type="file"]').files[0];
+const encrypted = await encryptFile(file, {
+  password: 'my-secret-password',
+  onProgress: ({ phase, progress }) => console.log(`${phase}: ${progress}%`)
+});
+// Decrypt
+const decrypted = await decryptFile(encrypted, {
+  password: 'my-secret-password'
+});
+```
+## API
+### `encryptFile(file, options)`
+```typescript
+const encrypted = await encryptFile(file, {
+  password: 'secret',        // OR
+  keyData: keyFile.key,      // use keyfile
+  onProgress: (p) => {}      // optional
+});
+```
+### `decryptFile(encrypted, options)`
+```typescript
+const decrypted = await decryptFile(encrypted, {
+  password: 'secret',        // OR
+  keyData: keyFile.key,
+  onProgress: (p) => {}
+});
+```
+### Keyfile Mode
+No password to remember:
+```typescript
+import { generateKeyFile, downloadKeyFile, parseKeyFile } from '@time-file/browser-file-crypto';
+const keyFile = generateKeyFile();
+downloadKeyFile(keyFile.key, 'my-secret-key');           // saves .key file (default)
+// custom extension
+downloadKeyFile(keyFile.key, 'my-secret-key', 'tfkey');  // saves .tfkey file
+const encrypted = await encryptFile(file, { keyData: keyFile.key });
+// Later, load and use
+const content = await uploadedFile.text();
+const loaded = parseKeyFile(content);
+if (loaded) {
+  const decrypted = await decryptFile(encrypted, { keyData: loaded.key });
+}
+```
+### Utilities
+```typescript
+import { getEncryptionType, isEncryptedFile, generateRandomPassword } from '@time-file/browser-file-crypto';
+await getEncryptionType(blob);  // 'password' | 'keyfile' | 'unknown'
+await isEncryptedFile(blob);    // true | false
+generateRandomPassword(24);     // 'Kx9#mP2$vL5@nQ8!...'
+```
+### Download & Decrypt
+```typescript
+import { downloadAndDecrypt } from '@time-file/browser-file-crypto';
+await downloadAndDecrypt('https://example.com/secret.enc', {
+  password: 'secret',
+  fileName: 'document.pdf',
+  onProgress: ({ phase, progress }) => console.log(`${phase}: ${progress}%`)
+});
+```
+### Error Handling
+```typescript
+import { isCryptoError } from '@time-file/browser-file-crypto';
+try {
+  await decryptFile(encrypted, { password: 'wrong' });
+} catch (error) {
+  if (isCryptoError(error)) {
+    // error.code: 'INVALID_PASSWORD' | 'INVALID_KEYFILE' | 'INVALID_ENCRYPTED_DATA'
+  }
+}
+```
+## Security
+### Spec
+| Component | Value |
+|-----------|-------|
+| Algorithm | AES-256-GCM |
+| Key Derivation | PBKDF2 (SHA-256, 100k iterations) |
+| Salt | 16 bytes (random per encryption) |
+| IV | 12 bytes (random per encryption) |
+| Auth Tag | 16 bytes |
+### File Format
+<p align="center">
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/file-format.png#gh-light-mode-only" alt="File Format" width="100%" />
+  <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/file-format-dark.png#gh-dark-mode-only" alt="File Format" width="100%" />
+</p>
+```
+Password-encrypted
+=> [0x01] + [salt:16] + [iv:12] + [ciphertext + auth_tag:16]
+Keyfile-encrypted
+=> [0x02] + [iv:12] + [ciphertext + auth_tag:16]
+```
+### Notes
+- Keys are non-extractable (`extractable: false`)
+- Random IV/salt per encryption = no identical ciphertexts
+- AES-GCM = authenticated encryption (tamper detection)
+- 100k PBKDF2 iterations = brute-force resistant
+## Browser Support
+| Browser | Version |
+|---------|---------|
+| Chrome | 80+ |
+| Firefox | 74+ |
+| Safari | 14+ |
+| Edge | 80+ |
+Also works in Node.js 18+, Deno, Cloudflare Workers.
+## TypeScript
+```typescript
+import type {
+  EncryptOptions,
+  DecryptOptions,
+  Progress,
+  KeyFile,
+  EncryptionType,
+  CryptoErrorCode
+} from '@time-file/browser-file-crypto';
+```
+## Links
+- [Changelog](./CHANGELOG.md)
+- [License](./LICENSE)
+- [npm](https://www.npmjs.com/package/@time-file/browser-file-crypto)
+- [GitHub](https://github.com/time-file/browser-file-crypto)
+## License
+[MIT](./LICENSE)
+---
+<p align="center">
+  <a href="https://timefile.co/en">
+    <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/timefile-footer.png#gh-light-mode-only" alt="Made by timefile.co" />
+    <img src="https://raw.githubusercontent.com/Time-File/browser-file-crypto/refs/heads/main/public/timefile-footer-dark.png#gh-dark-mode-only" alt="Made by timefile.co" />
+  </a>
+</p>

package/dist/index.cjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const l=16,p=12,_=256,N=1e5,m=32,d=1,h=2,D=16,R=1+l+p+D,L=1+p+D,f="AES-GCM",S="SHA-256",U={INVALID_INPUT:"Input must be a File, Blob, or ArrayBuffer.",PASSWORD_REQUIRED:"Password or keyfile is required for encryption.",KEYFILE_REQUIRED:"Keyfile is required to decrypt this file.",INVALID_PASSWORD:"Decryption failed: incorrect password.",INVALID_KEYFILE:"Decryption failed: incorrect keyfile.",INVALID_ENCRYPTED_DATA:"Invalid encrypted data: file may be corrupted.",ENCRYPTION_FAILED:"Encryption failed.",DECRYPTION_FAILED:"Decryption failed.",DOWNLOAD_FAILED:"File download failed.",UNSUPPORTED_FORMAT:"Unsupported encryption format."};class y extends Error{constructor(a,t){super(t??U[a]),this.name="CryptoError",this.code=a,Error.captureStackTrace&&Error.captureStackTrace(this,y)}}function C(n){return n instanceof y}async function w(n){if(n instanceof ArrayBuffer)return n;if(n instanceof Blob)return n.arrayBuffer();throw new y("INVALID_INPUT")}function E(n){return n.buffer.slice(n.byteOffset,n.byteOffset+n.byteLength)}function Y(n){const a=new Uint8Array(n);let t="";for(let e=0;e<a.byteLength;e++)t+=String.fromCharCode(a[e]);return btoa(t)}function b(n){const a=atob(n),t=new Uint8Array(a.length);for(let e=0;e<a.length;e++)t[e]=a.charCodeAt(e);return t.buffer}async function O(n,a){const t=new TextEncoder,e=await crypto.subtle.importKey("raw",t.encode(n),"PBKDF2",!1,["deriveKey"]);return crypto.subtle.deriveKey({name:"PBKDF2",salt:E(a),iterations:N,hash:S},e,{name:f,length:_},!1,["encrypt","decrypt"])}async function F(n){try{const a=b(n);return await crypto.subtle.importKey("raw",a,{name:f,length:_},!1,["encrypt","decrypt"])}catch{throw new y("INVALID_KEYFILE")}}function A(n){return crypto.getRandomValues(new Uint8Array(n))}function v(){return A(l)}function k(){return A(p)}const T="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&",H=16;function M(n=H){const a=Math.max(8,Math.min(128,n)),t=A(a);let e="";for(let i=0;i<a;i++){const c=t[i]%T.length;e+=T[c]}return e}async function B(n,a){const{password:t,keyData:e,onProgress:i}=a;if(!t&&!e)throw new y("PASSWORD_REQUIRED");try{i==null\|\|i({phase:"deriving_key",progress:0});const c=await w(n);return i==null\|\|i({phase:"deriving_key",progress:10}),e?await W(c,e,i):await G(c,t,i)}catch(c){throw c instanceof y?c:new y("ENCRYPTION_FAILED")}}async function G(n,a,t){const e=v(),i=k();t==null\|\|t({phase:"deriving_key",progress:20});const c=await O(a,e);t==null\|\|t({phase:"encrypting",progress:30});const r=await crypto.subtle.encrypt({name:f,iv:E(i)},c,n);t==null\|\|t({phase:"encrypting",progress:90});const o=new Uint8Array(1+l+p+r.byteLength);return o[0]=d,o.set(e,1),o.set(i,1+l),o.set(new Uint8Array(r),1+l+p),t==null\|\|t({phase:"complete",progress:100}),new Blob([o],{type:"application/octet-stream"})}async function W(n,a,t){const e=k();t==null\|\|t({phase:"deriving_key",progress:20});const i=await F(a);t==null\|\|t({phase:"encrypting",progress:30});const c=await crypto.subtle.encrypt({name:f,iv:E(e)},i,n);t==null\|\|t({phase:"encrypting",progress:90});const r=new Uint8Array(1+p+c.byteLength);return r[0]=h,r.set(e,1),r.set(new Uint8Array(c),1+p),t==null\|\|t({phase:"complete",progress:100}),new Blob([r],{type:"application/octet-stream"})}async function K(n,a){const{password:t,keyData:e,onProgress:i}=a;try{i==null\|\|i({phase:"decrypting",progress:0});const c=new Uint8Array(await w(n));if(i==null\|\|i({phase:"decrypting",progress:5}),c.length<1)throw new y("INVALID_ENCRYPTED_DATA");const r=c[0];if(r===d){if(!t)throw new y("PASSWORD_REQUIRED");return await V(c,t,i)}else if(r===h){if(!e)throw new y("KEYFILE_REQUIRED");return await x(c,e,i)}else throw new y("UNSUPPORTED_FORMAT")}catch(c){throw c instanceof y?c:new y("DECRYPTION_FAILED")}}async function V(n,a,t){if(n.length<R)throw new y("INVALID_ENCRYPTED_DATA");t==null\|\|t({phase:"deriving_key",progress:10});const e=n.slice(1,1+l),i=n.slice(1+l,1+l+p),c=n.slice(1+l+p),r=await O(a,e);t==null\|\|t({phase:"decrypting",progress:30});try{const o=await crypto.subtle.decrypt({name:f,iv:E(i)},r,c);return t==null\|\|t({phase:"complete",progress:100}),new Blob([o])}catch{throw new y("INVALID_PASSWORD")}}async function x(n,a,t){if(n.length<L)throw new y("INVALID_ENCRYPTED_DATA");t==null\|\|t({phase:"decrypting",progress:10});const e=n.slice(1,1+p),i=n.slice(1+p),c=await F(a);t==null\|\|t({phase:"decrypting",progress:30});try{const r=await crypto.subtle.decrypt({name:f,iv:E(e)},c,i);return t==null\|\|t({phase:"complete",progress:100}),new Blob([r])}catch{throw new y("INVALID_KEYFILE")}}async function g(n){const a=await w(n),t=new Uint8Array(a);if(t.length<1)return"unknown";const e=t[0];return e===d?"password":e===h?"keyfile":"unknown"}async function j(n){const a=await w(n),t=new Uint8Array(a);if(t.length<1)return!1;const e=t[0];return e===d&&t.length>=R\|\|e===h&&t.length>=L}function Q(){const n=A(m);return{version:1,algorithm:"AES-256-GCM",key:Y(n.buffer),createdAt:new Date().toISOString()}}function Z(n){try{const a=JSON.parse(n);return $(a)?a:null}catch{return null}}function $(n){if(typeof n!="object"\|\|n===null)return!1;const a=n;return a.version===1&&a.algorithm==="AES-256-GCM"&&typeof a.key=="string"&&a.key.length>0&&typeof a.createdAt=="string"}function q(n,a,t="key"){const e={version:1,algorithm:"AES-256-GCM",key:n,createdAt:new Date().toISOString()},i=JSON.stringify(e,null,2),c=new Blob([i],{type:"application/json"}),r=URL.createObjectURL(c),o=document.createElement("a");o.href=r,o.download=`${a}.${t}`,o.style.display="none",document.body.appendChild(o),o.click(),document.body.removeChild(o),URL.revokeObjectURL(r)}async function J(n){const a=b(n),t=await crypto.subtle.digest("SHA-256",a),e=new Uint8Array(t);return Array.from(e).map(i=>i.toString(16).padStart(2,"0")).join("")}async function z(n,a){const{fileName:t,onProgress:e,...i}=a;try{e==null\|\|e({phase:"downloading",progress:0});const c=await fetch(n);if(!c.ok)throw new y("DOWNLOAD_FAILED",`Download failed: ${c.status} ${c.statusText}`);const r=c.headers.get("content-length");let o;r&&c.body?o=await X(c.body,parseInt(r,10),s=>{e==null\|\|e({phase:"downloading",progress:Math.round(s50)})}):(e==null\|\|e({phase:"downloading",progress:25}),o=await c.arrayBuffer()),e==null\|\|e({phase:"downloading",progress:50});const u=await K(o,{...i,onProgress:s=>{const I=50+Math.round(s.progress*.45);e==null\|\|e({phase:s.phase==="complete"?"complete":s.phase,progress:s.phase==="complete"?100:I})}});P(u,t),e==null\|\|e({phase:"complete",progress:100})}catch(c){throw c instanceof y?c:new y("DOWNLOAD_FAILED")}}async function X(n,a,t){const e=n.getReader(),i=[];let c=0;for(;;){const{done:u,value:s}=await e.read();if(u)break;i.push(s),c+=s.length;const I=c/a;t(Math.min(I,1))}const r=new Uint8Array(c);let o=0;for(const u of i)r.set(u,o),o+=u.length;return r.buffer}function P(n,a){const t=URL.createObjectURL(n),e=document.createElement("a");e.href=t,e.download=a,e.style.display="none",document.body.appendChild(e),e.click(),document.body.removeChild(e),URL.revokeObjectURL(t)}exports.ALGORITHM=f;exports.AUTH_TAG_LENGTH=D;exports.CryptoError=y;exports.ENCRYPTION_MARKER_KEYFILE=h;exports.ENCRYPTION_MARKER_PASSWORD=d;exports.HASH_ALGORITHM=S;exports.IV_LENGTH=p;exports.KEYFILE_KEY_LENGTH=m;exports.KEY_LENGTH=_;exports.MIN_ENCRYPTED_SIZE_KEYFILE=L;exports.MIN_ENCRYPTED_SIZE_PASSWORD=R;exports.PBKDF2_ITERATIONS=N;exports.SALT_LENGTH=l;exports.computeKeyFileHash=J;exports.decryptFile=K;exports.downloadAndDecrypt=z;exports.downloadKeyFile=q;exports.encryptFile=B;exports.generateKeyFile=Q;exports.generateRandomPassword=M;exports.getEncryptionType=g;exports.isCryptoError=C;exports.isEncryptedFile=j;exports.parseKeyFile=Z;
2	+ //# sourceMappingURL=index.cjs.map