@workglow/util 0.0.103 → 0.0.105

package/dist/common.d.ts

@@ -3,6 +3,7 @@
  * Copyright 2025 Steven Roussey <sroussey@gmail.com>
  * SPDX-License-Identifier: Apache-2.0
  */
+export * from "./crypto/Crypto";
 export * from "./di";
 export * from "./events/EventEmitter";
 export * from "./logging";
@@ -24,4 +25,6 @@ export * from "./vector/VectorSimilarityUtils";
 export * from "./vector/VectorUtils";
 export * from "./worker/WorkerManager";
 export * from "./worker/WorkerServer";
+export * from "./credentials";
+export * from "./crypto/WebCrypto";
 //# sourceMappingURL=common.d.ts.map

package/dist/common.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../src/common.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,cAAc,MAAM,CAAC;AACrB,cAAc,uBAAuB,CAAC;AACtC,cAAc,WAAW,CAAC;AAC1B,cAAc,SAAS,CAAC;AACxB,cAAc,8BAA8B,CAAC;AAC7C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,uBAAuB,CAAC;AACtC,cAAc,kBAAkB,CAAC;AACjC,cAAc,4CAA4C,CAAC;AAC3D,cAAc,2BAA2B,CAAC;AAC1C,cAAc,iBAAiB,CAAC;AAChC,cAAc,qBAAqB,CAAC;AACpC,cAAc,0BAA0B,CAAC;AACzC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,sBAAsB,CAAC;AACrC,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC"}
+{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../src/common.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,cAAc,iBAAiB,CAAC;AAChC,cAAc,MAAM,CAAC;AACrB,cAAc,uBAAuB,CAAC;AACtC,cAAc,WAAW,CAAC;AAC1B,cAAc,SAAS,CAAC;AACxB,cAAc,8BAA8B,CAAC;AAC7C,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,uBAAuB,CAAC;AACtC,cAAc,kBAAkB,CAAC;AACjC,cAAc,4CAA4C,CAAC;AAC3D,cAAc,2BAA2B,CAAC;AAC1C,cAAc,iBAAiB,CAAC;AAChC,cAAc,qBAAqB,CAAC;AACpC,cAAc,0BAA0B,CAAC;AACzC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,sBAAsB,CAAC;AACrC,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC;AACtC,cAAc,eAAe,CAAC;AAC9B,cAAc,oBAAoB,CAAC"}

package/dist/credentials/ChainedCredentialStore.d.ts

@@ -0,0 +1,34 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import type { CredentialPutOptions, ICredentialStore } from "./ICredentialStore";
+/**
+ * A credential store that chains multiple stores together, trying each
+ * in order until a value is found.
+ *
+ * Writes always go to the first (primary) store. Reads cascade through
+ * the chain, returning the first match. This enables layered resolution:
+ * explicit config → encrypted store → environment variables.
+ *
+ * @example
+ * ```ts
+ * const store = new ChainedCredentialStore([
+ *   new InMemoryCredentialStore(),  // runtime overrides
+ *   new EncryptedKvCredentialStore(kv, passphrase),  // persistent encrypted
+ *   new EnvCredentialStore({ ... }),  // environment fallback
+ * ]);
+ * ```
+ */
+export declare class ChainedCredentialStore implements ICredentialStore {
+    private readonly stores;
+    constructor(stores: readonly ICredentialStore[]);
+    get(key: string): Promise<string | undefined>;
+    put(key: string, value: string, options?: CredentialPutOptions): Promise<void>;
+    delete(key: string): Promise<boolean>;
+    has(key: string): Promise<boolean>;
+    keys(): Promise<readonly string[]>;
+    deleteAll(): Promise<void>;
+}
+//# sourceMappingURL=ChainedCredentialStore.d.ts.map

package/dist/credentials/ChainedCredentialStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ChainedCredentialStore.d.ts","sourceRoot":"","sources":["../../src/credentials/ChainedCredentialStore.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEjF;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,sBAAuB,YAAW,gBAAgB;IACjD,OAAO,CAAC,QAAQ,CAAC,MAAM;gBAAN,MAAM,EAAE,SAAS,gBAAgB,EAAE;IAM1D,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAQ7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9E,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAUrC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAOlC,IAAI,IAAI,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC;IAUlC,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;CAGjC"}

package/dist/credentials/CredentialStoreRegistry.d.ts

@@ -0,0 +1,27 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import type { ServiceRegistry } from "../di/ServiceRegistry";
+import type { ICredentialStore } from "./ICredentialStore";
+/**
+ * Gets the global credential store instance
+ */
+export declare function getGlobalCredentialStore(): ICredentialStore;
+/**
+ * Sets the global credential store instance
+ */
+export declare function setGlobalCredentialStore(store: ICredentialStore): void;
+/**
+ * Resolves a credential from the store registered in the given registry,
+ * falling back to the global credential store.
+ *
+ * Intended for use in provider `getClient` functions and tasks.
+ *
+ * @param key The credential key to resolve
+ * @param registry Optional service registry (e.g., from task context)
+ * @returns The credential value, or undefined if not found
+ */
+export declare function resolveCredential(key: string, registry?: ServiceRegistry): Promise<string | undefined>;
+//# sourceMappingURL=CredentialStoreRegistry.d.ts.map

package/dist/credentials/CredentialStoreRegistry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CredentialStoreRegistry.d.ts","sourceRoot":"","sources":["../../src/credentials/CredentialStoreRegistry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAG7D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAY3D;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,gBAAgB,CAE3D;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAEtE;AAED;;;;;;;;;GASG;AACH,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,QAAQ,CAAC,EAAE,eAAe,GACzB,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAO7B"}

package/dist/credentials/EnvCredentialStore.d.ts

@@ -0,0 +1,41 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import type { CredentialPutOptions, ICredentialStore } from "./ICredentialStore";
+/**
+ * Credential store backed by environment variables.
+ *
+ * Keys are mapped to environment variable names via an explicit mapping
+ * or an optional prefix convention. This store is read-only for env vars
+ * that already exist, but `put` can be used to set them for the current
+ * process lifetime.
+ *
+ * @example
+ * ```ts
+ * const store = new EnvCredentialStore({
+ *   "anthropic-api-key": "ANTHROPIC_API_KEY",
+ *   "openai-api-key": "OPENAI_API_KEY",
+ * });
+ * const key = await store.get("anthropic-api-key"); // reads process.env.ANTHROPIC_API_KEY
+ * ```
+ */
+export declare class EnvCredentialStore implements ICredentialStore {
+    private readonly keyToEnvVar;
+    private readonly prefix;
+    /**
+     * @param mapping Explicit credential-key → env-var-name mapping
+     * @param prefix Optional prefix: if a key has no explicit mapping, try `PREFIX_KEY` (uppercased, hyphens → underscores)
+     */
+    constructor(mapping?: Record<string, string>, prefix?: string);
+    private resolveEnvVar;
+    private getEnv;
+    get(key: string): Promise<string | undefined>;
+    put(key: string, value: string, _options?: CredentialPutOptions): Promise<void>;
+    delete(key: string): Promise<boolean>;
+    has(key: string): Promise<boolean>;
+    keys(): Promise<readonly string[]>;
+    deleteAll(): Promise<void>;
+}
+//# sourceMappingURL=EnvCredentialStore.d.ts.map

package/dist/credentials/EnvCredentialStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"EnvCredentialStore.d.ts","sourceRoot":"","sources":["../../src/credentials/EnvCredentialStore.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEjF;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,kBAAmB,YAAW,gBAAgB;IACzD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAsB;IAClD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAqB;IAE5C;;;OAGG;gBACS,OAAO,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,EAAE,MAAM,CAAC,EAAE,MAAM;IAKjE,OAAO,CAAC,aAAa;IAWrB,OAAO,CAAC,MAAM;IAOR,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAK7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAU/E,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IASrC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlC,IAAI,IAAI,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC;IAUlC,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;CAKjC"}

package/dist/credentials/ICredentialStore.d.ts

@@ -0,0 +1,95 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+/**
+ * Metadata associated with a stored credential
+ */
+export interface CredentialMetadata {
+    /** Human-readable label for the credential */
+    readonly label: string | undefined;
+    /** The provider this credential is associated with (e.g., "anthropic", "openai") */
+    readonly provider: string | undefined;
+    /** When the credential was created */
+    readonly createdAt: Date;
+    /** When the credential was last updated */
+    readonly updatedAt: Date;
+    /** When the credential expires (undefined = never) */
+    readonly expiresAt: Date | undefined;
+}
+/**
+ * A stored credential entry combining the secret value with its metadata
+ */
+export interface CredentialEntry {
+    /** The credential key/name */
+    readonly key: string;
+    /** The secret value */
+    readonly value: string;
+    /** Associated metadata */
+    readonly metadata: CredentialMetadata;
+}
+/**
+ * Options for storing a credential
+ */
+export interface CredentialPutOptions {
+    /** Human-readable label */
+    readonly label?: string;
+    /** Associated provider name */
+    readonly provider?: string;
+    /** Expiration date */
+    readonly expiresAt?: Date;
+}
+/**
+ * Interface defining the contract for credential/secret storage.
+ *
+ * Provides a unified abstraction for storing and retrieving sensitive values
+ * (API keys, tokens, passwords) across different backends: in-memory,
+ * environment variables, encrypted KV stores, or external secret managers
+ * (AWS Secrets Manager, HashiCorp Vault, GCP Secret Manager).
+ *
+ * Implementations MUST NOT log or expose credential values in error messages.
+ */
+export interface ICredentialStore {
+    /**
+     * Retrieve a credential value by key.
+     *
+     * Returns the secret value if found and not expired, or `undefined` if the
+     * credential does not exist or is expired.
+     *
+     * Implementations MAY reject the returned promise on backend, storage, or
+     * cryptographic errors (e.g., I/O failure, decryption failure, corrupt data).
+     * Such errors MUST NOT include credential secret values in their messages or
+     * metadata.
+     */
+    get(key: string): Promise<string | undefined>;
+    /**
+     * Store a credential value.
+     * @param key Unique identifier for the credential
+     * @param value The secret value to store
+     * @param options Optional metadata
+     */
+    put(key: string, value: string, options?: CredentialPutOptions): Promise<void>;
+    /**
+     * Delete a credential by key.
+     * @returns true if the credential existed and was deleted, false otherwise.
+     */
+    delete(key: string): Promise<boolean>;
+    /**
+     * Check whether a credential exists (and is not expired).
+     */
+    has(key: string): Promise<boolean>;
+    /**
+     * List all credential keys (does NOT expose values).
+     */
+    keys(): Promise<readonly string[]>;
+    /**
+     * Delete all credentials.
+     */
+    deleteAll(): Promise<void>;
+}
+/**
+ * Service token for the global credential store
+ */
+export declare const CREDENTIAL_STORE: import("../di").ServiceToken<ICredentialStore>;
+//# sourceMappingURL=ICredentialStore.d.ts.map

package/dist/credentials/ICredentialStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ICredentialStore.d.ts","sourceRoot":"","sources":["../../src/credentials/ICredentialStore.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,8CAA8C;IAC9C,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,oFAAoF;IACpF,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,sCAAsC;IACtC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC;IACzB,2CAA2C;IAC3C,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC;IACzB,sDAAsD;IACtD,QAAQ,CAAC,SAAS,EAAE,IAAI,GAAG,SAAS,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,8BAA8B;IAC9B,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,uBAAuB;IACvB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,0BAA0B;IAC1B,QAAQ,CAAC,QAAQ,EAAE,kBAAkB,CAAC;CACvC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,2BAA2B;IAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,+BAA+B;IAC/B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,sBAAsB;IACtB,QAAQ,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC;CAC3B;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;;;;;;;OAUG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;IAE9C;;;;;OAKG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAE/E;;;OAGG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEtC;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAEnC;;OAEG;IACH,IAAI,IAAI,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;IAEnC;;OAEG;IACH,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAC5B;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,gDAA2D,CAAC"}

package/dist/credentials/InMemoryCredentialStore.d.ts

@@ -0,0 +1,23 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import type { CredentialPutOptions, ICredentialStore } from "./ICredentialStore";
+/**
+ * In-memory credential store for development and testing.
+ *
+ * Credentials are stored in a plain Map and lost when the process exits.
+ * NOT suitable for production use — use {@link EncryptedKvCredentialStore}
+ * or an external secret manager integration instead.
+ */
+export declare class InMemoryCredentialStore implements ICredentialStore {
+    private readonly store;
+    get(key: string): Promise<string | undefined>;
+    put(key: string, value: string, options?: CredentialPutOptions): Promise<void>;
+    delete(key: string): Promise<boolean>;
+    has(key: string): Promise<boolean>;
+    keys(): Promise<readonly string[]>;
+    deleteAll(): Promise<void>;
+}
+//# sourceMappingURL=InMemoryCredentialStore.d.ts.map

package/dist/credentials/InMemoryCredentialStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"InMemoryCredentialStore.d.ts","sourceRoot":"","sources":["../../src/credentials/InMemoryCredentialStore.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAGV,oBAAoB,EACpB,gBAAgB,EACjB,MAAM,oBAAoB,CAAC;AAE5B;;;;;;GAMG;AACH,qBAAa,uBAAwB,YAAW,gBAAgB;IAC9D,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAsC;IAEtD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAU7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IAa9E,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAIrC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAUlC,IAAI,IAAI,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC;IAalC,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;CAGjC"}

package/dist/credentials/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+export * from "./ICredentialStore";
+export * from "./InMemoryCredentialStore";
+export * from "./EnvCredentialStore";
+export * from "./ChainedCredentialStore";
+export * from "./CredentialStoreRegistry";
+//# sourceMappingURL=index.d.ts.map

package/dist/credentials/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/credentials/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,cAAc,oBAAoB,CAAC;AACnC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,sBAAsB,CAAC;AACrC,cAAc,0BAA0B,CAAC;AACzC,cAAc,2BAA2B,CAAC"}

package/dist/crypto/{Crypto.bun.d.ts → Crypto.d.ts}

@@ -7,4 +7,4 @@ export declare function sha256(data: string): Promise<string>;
 export declare function makeFingerprint(input: any): Promise<string>;
 export type uuid4 = `${string}-${string}-${string}-${string}-${string}`;
 export declare function uuid4(): uuid4;
-//# sourceMappingURL=Crypto.bun.d.ts.map
+//# sourceMappingURL=Crypto.d.ts.map

package/dist/crypto/Crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"Crypto.d.ts","sourceRoot":"","sources":["../../src/crypto/Crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAK1D;AAED,wBAAsB,eAAe,CAAC,KAAK,EAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,CAIjE;AAED,MAAM,MAAM,KAAK,GAAG,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;AAExE,wBAAgB,KAAK,IAAI,KAAK,CAE7B"}

package/dist/crypto/WebCrypto.d.ts

@@ -0,0 +1,29 @@
+/**
+ * @license
+ * Copyright 2025 Steven Roussey <sroussey@gmail.com>
+ * SPDX-License-Identifier: Apache-2.0
+ */
+/**
+ * Derives a 256-bit AES-GCM key from a passphrase using PBKDF2.
+ */
+export declare function deriveKey(passphrase: string, salt: Uint8Array): Promise<CryptoKey>;
+/**
+ * Encrypts plaintext using AES-256-GCM with a random salt and IV.
+ * The salt is prepended to the ciphertext bytes and stored in the `encrypted` field
+ * so that decryption can reconstruct the same key.
+ *
+ * @param keyCache - Per-store cache of derived CryptoKey instances keyed by base64(salt).
+ */
+export declare function encrypt(plaintext: string, passphrase: string, keyCache: Map<string, CryptoKey>): Promise<{
+    encrypted: string;
+    iv: string;
+}>;
+/**
+ * Decrypts ciphertext encrypted with {@link encrypt}.
+ *
+ * @param keyCache - Per-store cache of derived CryptoKey instances keyed by base64(salt).
+ */
+export declare function decrypt(encrypted: string, iv: string, passphrase: string, keyCache: Map<string, CryptoKey>): Promise<string>;
+export declare function bufToBase64(buf: Uint8Array): string;
+export declare function base64ToBuf(b64: string): Uint8Array;
+//# sourceMappingURL=WebCrypto.d.ts.map

package/dist/crypto/WebCrypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"WebCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/WebCrypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH;;GAEG;AACH,wBAAsB,SAAS,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAYxF;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CAC3B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,GAC/B,OAAO,CAAC;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAAC,CAwB5C;AAED;;;;GAIG;AACH,wBAAsB,OAAO,CAC3B,SAAS,EAAE,MAAM,EACjB,EAAE,EAAE,MAAM,EACV,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,GAC/B,OAAO,CAAC,MAAM,CAAC,CAgBjB;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,UAAU,GAAG,MAAM,CAMnD;AAED,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAOnD"}