cipher-kit 2.0.0-beta.2 → 2.0.0-beta.4

package/dist/{chunk-AEQNI5EZ.js → chunk-N5T4PNG7.js}

@@ -1,4 +1,4 @@
-import { __export, $fmtResultErr, $ok, $err, $fmtError, $isStr, ENCRYPTION_ALGORITHMS, DIGEST_ALGORITHMS, ENCODINGS, isSecretKey, matchPattern, $stringifyObj, $parseToObj } from './chunk-LOJKJJX5.js';
+import { __export, $isSecretKey, $fmtResultErr, $ok, $err, $fmtError, title, $isStr, ENCRYPTION_ALGORITHMS, DIGEST_ALGORITHMS, CIPHER_ENCODING, matchPattern, $stringifyObj, $parseToObj, ENCODING } from './chunk-YMNOTRET.js';
 import { Buffer } from 'buffer';
 import nodeCrypto from 'crypto';
 
@@ -16,6 +16,7 @@ __export(kit_exports, {
   generateUuid: () => generateUuid,
   hash: () => hash,
   hashPassword: () => hashPassword,
+  isNodeSecretKey: () => isNodeSecretKey,
   tryConvertBytesToStr: () => tryConvertBytesToStr,
   tryConvertEncoding: () => tryConvertEncoding,
   tryConvertStrToBytes: () => tryConvertStrToBytes,
@@ -36,7 +37,7 @@ function $convertStrToBytes(data, inputEncoding = "utf8") {
       desc: "Data must be a non-empty string"
     });
   }
-  if (!ENCODINGS.includes(inputEncoding)) {
+  if (!ENCODING.includes(inputEncoding)) {
     return $err({
       msg: `Crypto NodeJS API - String to Bytes: Unsupported encoding: ${inputEncoding}`,
       desc: "Use base64, base64url, hex, utf8, or latin1"
@@ -55,7 +56,7 @@ function $convertBytesToStr(data, outputEncoding = "utf8") {
       desc: "Data must be a Buffer"
     });
   }
-  if (!ENCODINGS.includes(outputEncoding)) {
+  if (!ENCODING.includes(outputEncoding)) {
     return $err({
       msg: `Crypto NodeJS API - Bytes to String: Unsupported encoding: ${outputEncoding}`,
       desc: "Use base64, base64url, hex, utf8, or latin1"
@@ -74,7 +75,7 @@ function $convertEncoding(data, from, to) {
       desc: "Data must be a non-empty string"
     });
   }
-  if (!ENCODINGS.includes(from) || !ENCODINGS.includes(to)) {
+  if (!ENCODING.includes(from) || !ENCODING.includes(to)) {
     return $err({
       msg: `Crypto NodeJS API - Convert Format: Unsupported encoding: from ${from} to ${to}`,
       desc: "Use base64, base64url, hex, utf8, or latin1"
@@ -90,38 +91,38 @@ function $generateUuid() {
   try {
     return $ok(nodeCrypto.randomUUID());
   } catch (error) {
-    return $err({ msg: "Crypto NodeJS API - UUID Generation: Failed to generate UUID", desc: $fmtError(error) });
+    return $err({ msg: `${title("node", "UUID Generation")}: Failed to generate UUID`, desc: $fmtError(error) });
   }
 }
 function $createSecretKey(secret, options = {}) {
   if (!$isStr(secret)) {
-    return $err({ msg: "Crypto NodeJS API - Key Generation: Empty Secret", desc: "Secret must be a non-empty string" });
+    return $err({ msg: `${title("node", "Key Generation")}: Empty Secret`, desc: "Secret must be a non-empty string" });
   }
   const algorithm = options.algorithm ?? "aes256gcm";
   if (!(algorithm in ENCRYPTION_ALGORITHMS)) {
     return $err({
-      msg: `Crypto NodeJS API - Key Generation: Unsupported algorithm: ${algorithm}`,
+      msg: `${title("node", "Key Generation")}: Unsupported algorithm: ${algorithm}`,
       desc: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(", ")}`
     });
   }
   const digest = options.digest ?? "sha256";
   if (!(digest in DIGEST_ALGORITHMS)) {
     return $err({
-      msg: `Crypto NodeJS API - Key Generation: Unsupported digest: ${digest}`,
+      msg: `${title("node", "Key Generation")}: Unsupported digest: ${digest}`,
       desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
     });
   }
   const salt = options.salt ?? "cipher-kit-salt";
   if (!$isStr(salt, 8)) {
     return $err({
-      msg: "Crypto NodeJS API - Key Generation: Weak salt",
+      msg: `${title("node", "Key Generation")}: Weak salt`,
       desc: "Salt must be a non-empty string with at least 8 characters"
     });
   }
   const info = options.info ?? "cipher-kit";
   if (!$isStr(info)) {
     return $err({
-      msg: "Crypto NodeJS API - Key Generation: Invalid info",
+      msg: `${title("node", "Key Generation")}: Invalid info`,
       desc: "Info must be a non-empty string"
     });
   }
@@ -139,100 +140,100 @@ function $createSecretKey(secret, options = {}) {
     const secretKey = Object.freeze({
       platform: "node",
       digest,
-      algo: encryptAlgo,
+      algorithm,
       key
     });
     return $ok({ result: secretKey });
   } catch (error) {
-    return $err({ msg: "Crypto NodeJS API - Key Generation: Failed to create secret key", desc: $fmtError(error) });
+    return $err({ msg: `${title("node", "Key Generation")}: Failed to create secret key`, desc: $fmtError(error) });
   }
 }
 function $encrypt(data, secretKey, options = {}) {
   if (!$isStr(data)) {
     return $err({
-      msg: "Crypto NodeJS API - Encryption: Empty data for encryption",
+      msg: `${title("node", "Encryption")}: Empty data for encryption`,
       desc: "Data must be a non-empty string"
     });
   }
-  const inputEncoding = options.inputEncoding ?? "utf8";
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
+  const encoding = options.encoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(encoding)) {
     return $err({
-      msg: `Crypto NodeJS API - Encryption: Unsupported input encoding: ${inputEncoding} or output encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
+      msg: `${title("node", "Encryption")}: Unsupported output encoding: ${encoding}`,
+      desc: "Use base64, base64url, or hex"
     });
   }
-  if (!isSecretKey(secretKey, "node")) {
+  const injectedKey = $isSecretKey(secretKey, "node");
+  if (!injectedKey) {
     return $err({
-      msg: "Crypto NodeJS API - Encryption: Invalid Secret Key",
+      msg: `${title("node", "Encryption")}: Invalid Secret Key`,
       desc: "Expected a Node SecretKey"
     });
   }
-  const { result, error } = $convertStrToBytes(data, inputEncoding);
+  const { result, error } = $convertStrToBytes(data, "utf8");
   if (error) return $err(error);
   try {
-    const iv = nodeCrypto.randomBytes(secretKey.algo.ivLength);
-    const cipher = nodeCrypto.createCipheriv(secretKey.algo.node, secretKey.key, iv);
+    const iv = nodeCrypto.randomBytes(injectedKey.injected.ivLength);
+    const cipher = nodeCrypto.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);
     const encrypted = Buffer.concat([cipher.update(result), cipher.final()]);
     const tag = cipher.getAuthTag();
-    const ivStr = $convertBytesToStr(iv, outputEncoding);
-    const cipherStr = $convertBytesToStr(encrypted, outputEncoding);
-    const tagStr = $convertBytesToStr(tag, outputEncoding);
+    const ivStr = $convertBytesToStr(iv, encoding);
+    const cipherStr = $convertBytesToStr(encrypted, encoding);
+    const tagStr = $convertBytesToStr(tag, encoding);
     if (ivStr.error || cipherStr.error || tagStr.error) {
       return $err({
         msg: "Crypto NodeJS API - Encryption: Failed to convert IV or encrypted data or tag",
-        desc: `Conversion error: ${ivStr.error || cipherStr.error || tagStr.error}`
+        desc: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
       });
     }
     return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
   } catch (error2) {
-    return $err({ msg: "Crypto NodeJS API - Encryption: Failed to encrypt data", desc: $fmtError(error2) });
+    return $err({ msg: `${title("node", "Encryption")}: Failed to encrypt data`, desc: $fmtError(error2) });
   }
 }
 function $decrypt(encrypted, secretKey, options = {}) {
   if (matchPattern(encrypted, "node") === false) {
     return $err({
-      msg: "Crypto NodeJS API - Decryption: Invalid encrypted data format",
+      msg: `${title("node", "Decryption")}: Invalid encrypted data format`,
       desc: 'Encrypted data must be in the format "iv.cipher.tag."'
     });
   }
-  const inputEncoding = options.inputEncoding ?? "base64url";
-  const outputEncoding = options.outputEncoding ?? "utf8";
-  if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
+  const encoding = options.encoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(encoding)) {
     return $err({
-      msg: `Crypto NodeJS API - Decryption: Unsupported input encoding: ${inputEncoding} or output encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
+      msg: `${title("node", "Decryption")}: Unsupported input encoding: ${encoding}`,
+      desc: "Use base64, base64url, or hex"
     });
   }
   const [iv, cipher, tag] = encrypted.split(".", 4);
   if (!$isStr(iv) || !$isStr(cipher) || !$isStr(tag)) {
     return $err({
-      msg: "Crypto NodeJS API - Decryption: Invalid encrypted data",
+      msg: `${title("node", "Decryption")}: Invalid encrypted data`,
       desc: "Encrypted data must contain valid IV, encrypted data, and tag components"
     });
   }
-  if (!isSecretKey(secretKey, "node")) {
+  const injectedKey = $isSecretKey(secretKey, "node");
+  if (!injectedKey) {
     return $err({
       msg: "Crypto NodeJS API - Decryption: Invalid Secret Key",
       desc: "Expected a Node SecretKey"
     });
   }
-  const ivBytes = $convertStrToBytes(iv, inputEncoding);
-  const cipherBytes = $convertStrToBytes(cipher, inputEncoding);
-  const tagBytes = $convertStrToBytes(tag, inputEncoding);
+  const ivBytes = $convertStrToBytes(iv, encoding);
+  const cipherBytes = $convertStrToBytes(cipher, encoding);
+  const tagBytes = $convertStrToBytes(tag, encoding);
   if (ivBytes.error || cipherBytes.error || tagBytes.error) {
     return $err({
-      msg: "Crypto NodeJS API - Decryption: Failed to convert IV or encrypted data or tag",
-      desc: `Conversion error: ${ivBytes.error || cipherBytes.error || tagBytes.error}`
+      msg: `${title("node", "Decryption")}: Failed to convert IV or encrypted data or tag`,
+      desc: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
     });
   }
   try {
-    const decipher = nodeCrypto.createDecipheriv(secretKey.algo.node, secretKey.key, ivBytes.result);
+    const decipher = nodeCrypto.createDecipheriv(injectedKey.injected.node, injectedKey.key, ivBytes.result);
     decipher.setAuthTag(tagBytes.result);
     const decrypted = Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);
-    return $convertBytesToStr(decrypted, outputEncoding);
+    return $convertBytesToStr(decrypted, "utf8");
   } catch (error) {
-    return $err({ msg: "Crypto NodeJS API - Decryption: Failed to decrypt data", desc: $fmtError(error) });
+    return $err({ msg: `${title("node", "Decryption")}: Failed to decrypt data`, desc: $fmtError(error) });
   }
 }
 function $encryptObj(data, secretKey, options = {}) {
@@ -248,84 +249,83 @@ function $decryptObj(encrypted, secretKey, options = {}) {
 function $hash(data, options = {}) {
   if (!$isStr(data)) {
     return $err({
-      msg: "Crypto NodeJS API - Hashing: Empty data for hashing",
+      msg: `${title("node", "Hashing")}: Empty data for hashing`,
       desc: "Data must be a non-empty string"
     });
   }
-  const inputEncoding = options.inputEncoding ?? "utf8";
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
+  const encoding = options.encoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(encoding)) {
     return $err({
-      msg: `Crypto NodeJS API - Hashing: Unsupported encoding: ${inputEncoding} or ${outputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
+      msg: `${title("node", "Hashing")}: Unsupported output encoding: ${encoding}`,
+      desc: "Use base64, base64url, or hex"
     });
   }
   const digest = options.digest ?? "sha256";
   if (!(digest in DIGEST_ALGORITHMS)) {
     return $err({
-      msg: `Crypto NodeJS API - Hashing: Unsupported digest: ${digest}`,
+      msg: `${title("node", "Hashing")}: Unsupported digest: ${digest}`,
       desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
     });
   }
   const digestAlgo = DIGEST_ALGORITHMS[digest];
-  const { result, error } = $convertStrToBytes(data, inputEncoding);
+  const { result, error } = $convertStrToBytes(data, "utf8");
   if (error) return $err(error);
   try {
     const hashed = nodeCrypto.createHash(digestAlgo.node).update(result).digest();
-    return $convertBytesToStr(hashed, outputEncoding);
+    return $convertBytesToStr(hashed, encoding);
   } catch (error2) {
-    return $err({ msg: "Crypto NodeJS API - Hashing: Failed to hash data with Crypto NodeJS", desc: $fmtError(error2) });
+    return $err({ msg: `${title("node", "Hashing")}: Failed to hash data with Crypto NodeJS`, desc: $fmtError(error2) });
   }
 }
 function $hashPassword(password, options = {}) {
   if (!$isStr(password)) {
     return $err({
-      msg: "Crypto NodeJS API - Password Hashing: Empty password for hashing",
+      msg: `${title("node", "Password Hashing")}: Empty password for hashing`,
       desc: "Password must be a non-empty string"
     });
   }
   const digest = options.digest ?? "sha512";
   if (!(digest in DIGEST_ALGORITHMS)) {
     return $err({
-      msg: `Crypto NodeJS API - Password Hashing: Unsupported digest: ${digest}`,
+      msg: `${title("node", "Password Hashing")}: Unsupported digest: ${digest}`,
       desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
     });
   }
   const digestAlgo = DIGEST_ALGORITHMS[digest];
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!ENCODINGS.includes(outputEncoding)) {
+  const encoding = options.encoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(encoding)) {
     return $err({
-      msg: `Crypto NodeJS API - Password Hashing: Unsupported encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
+      msg: `${title("node", "Password Hashing")}: Unsupported encoding: ${encoding}`,
+      desc: "Use base64, base64url, or hex"
     });
   }
   const saltLength = options.saltLength ?? 16;
   if (typeof saltLength !== "number" || saltLength < 8) {
     return $err({
-      msg: "Crypto NodeJS API - Password Hashing: Weak salt length",
+      msg: `${title("node", "Password Hashing")}: Weak salt length`,
       desc: "Salt length must be a number and at least 8 bytes (recommended 16 or more)"
     });
   }
   const iterations = options.iterations ?? 32e4;
   if (typeof iterations !== "number" || iterations < 1e3) {
     return $err({
-      msg: "Crypto NodeJS API - Password Hashing: Weak iterations count",
+      msg: `${title("node", "Password Hashing")}: Weak iterations count`,
       desc: "Iterations must be a number and at least 1000 (recommended 320,000 or more)"
     });
   }
   const keyLength = options.keyLength ?? 64;
   if (typeof keyLength !== "number" || keyLength < 16) {
     return $err({
-      msg: "Crypto NodeJS API - Password Hashing: Invalid key length",
+      msg: `${title("node", "Password Hashing")}: Invalid key length`,
       desc: "Key length must be a number and at least 16 bytes (recommended 64 or more)"
     });
   }
   try {
     const salt = nodeCrypto.randomBytes(saltLength);
     const hash2 = nodeCrypto.pbkdf2Sync(password.normalize("NFKC"), salt, iterations, keyLength, digestAlgo.node);
-    return $ok({ salt: salt.toString(outputEncoding), hash: hash2.toString(outputEncoding) });
+    return $ok({ salt: salt.toString(encoding), hash: hash2.toString(encoding) });
   } catch (error) {
-    return $err({ msg: "Crypto NodeJS API - Password Hashing: Failed to hash password", desc: $fmtError(error) });
+    return $err({ msg: `${title("node", "Password Hashing")}: Failed to hash password`, desc: $fmtError(error) });
   }
 }
 function $verifyPassword(password, hashedPassword, salt, options = {}) {
@@ -333,15 +333,15 @@ function $verifyPassword(password, hashedPassword, salt, options = {}) {
   const digest = options.digest ?? "sha512";
   if (!(digest in DIGEST_ALGORITHMS)) return false;
   const digestAlgo = DIGEST_ALGORITHMS[digest];
-  const inputEncoding = options.inputEncoding ?? "base64url";
-  if (!ENCODINGS.includes(inputEncoding)) return false;
+  const encoding = options.encoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(encoding)) return false;
   const iterations = options.iterations ?? 32e4;
   if (typeof iterations !== "number" || iterations < 1e3) return false;
   const keyLength = options.keyLength ?? 64;
   if (typeof keyLength !== "number" || keyLength < 16) return false;
-  const saltBytes = $convertStrToBytes(salt, inputEncoding);
+  const saltBytes = $convertStrToBytes(salt, encoding);
   if (saltBytes.error) return false;
-  const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);
+  const hashedPasswordBytes = $convertStrToBytes(hashedPassword, encoding);
   if (hashedPasswordBytes.error) return false;
   try {
     return nodeCrypto.timingSafeEqual(
@@ -354,6 +354,9 @@ function $verifyPassword(password, hashedPassword, salt, options = {}) {
 }
 
 // src/node/kit.ts
+function isNodeSecretKey(x) {
+  return $isSecretKey(x, "node") !== null;
+}
 function tryGenerateUuid() {
   return $generateUuid();
 }
@@ -446,6 +449,6 @@ function convertEncoding(data, from, to) {
   return result;
 }
 
-export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, kit_exports, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, verifyPassword };
-//# sourceMappingURL=chunk-AEQNI5EZ.js.map
-//# sourceMappingURL=chunk-AEQNI5EZ.js.map
+export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, isNodeSecretKey, kit_exports, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, verifyPassword };
+//# sourceMappingURL=chunk-N5T4PNG7.js.map
+//# sourceMappingURL=chunk-N5T4PNG7.js.map

package/dist/chunk-N5T4PNG7.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/node/kit.ts","../src/node/node-encode.ts","../src/node/node-encrypt.ts"],"names":["Buffer","error","hash"],"mappings":";;;;;AAAA,IAAA,WAAA,GAAA;AAAA,QAAA,CAAA,WAAA,EAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,IAAA,EAAA,MAAA,IAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,cAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACMO,SAAS,kBAAA,CAAmB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC7G,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,iDAAA;AAAA,MACL,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,8DAA8D,aAAa,CAAA,CAAA;AAAA,MAChF,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AACA,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,MAAA,CAAO,KAAK,IAAA,EAAM,aAAa,GAAG,CAAA;AAAA,EACzD,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,6DAAA,EAA+D,MAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC5G;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AAClG,EAAA,IAAI,EAAE,gBAAgB,MAAA,CAAA,EAAS;AAC7B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,wDAAA;AAAA,MACL,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,8DAA8D,cAAc,CAAA,CAAA;AAAA,MACjF,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AACA,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,MAAA,CAAO,IAAA,CAAK,IAAI,CAAA,CAAE,QAAA,CAAS,cAAc,CAAC,CAAA;AAAA,EACvD,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,6DAAA,EAA+D,MAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC5G;AACF;AAEO,SAAS,gBAAA,CAAiB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC3F,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,gDAAA;AAAA,MACL,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,SAAS,QAAA,CAAS,IAAI,KAAK,CAAC,QAAA,CAAS,QAAA,CAAS,EAAE,CAAA,EAAG;AACtD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,+DAAA,EAAkE,IAAI,CAAA,IAAA,EAAO,EAAE,CAAA,CAAA;AAAA,MACpF,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAC3C,EAAA,IAAI,KAAA,CAAM,KAAA,EAAO,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,KAAA,CAAM,KAAA,CAAM,OAAA,EAAS,IAAA,EAAM,KAAA,CAAM,KAAA,CAAM,aAAa,CAAA;AAExF,EAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,KAAA,CAAM,MAAA,EAAQ,EAAE,CAAA;AAC/C,EAAA,IAAI,GAAA,CAAI,KAAA,EAAO,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,GAAA,CAAI,KAAA,CAAM,OAAA,EAAS,IAAA,EAAM,GAAA,CAAI,KAAA,CAAM,aAAa,CAAA;AAElF,EAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,GAAA,CAAI,QAAQ,CAAA;AACnC;ACnDO,SAAS,aAAA,GAAgC;AAC9C,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,UAAA,CAAW,UAAA,EAAY,CAAA;AAAA,EACpC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,iBAAiB,CAAC,CAAA,yBAAA,CAAA,EAA6B,IAAA,EAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC7G;AACF;AAEO,SAAS,gBAAA,CACd,MAAA,EACA,OAAA,GAAkC,EAAC,EACI;AACvC,EAAA,IAAI,CAAC,MAAA,CAAO,MAAM,CAAA,EAAG;AACnB,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,gBAAgB,CAAC,CAAA,cAAA,CAAA,EAAkB,IAAA,EAAM,mCAAA,EAAqC,CAAA;AAAA,EACpH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,WAAA;AACvC,EAAA,IAAI,EAAE,aAAa,qBAAA,CAAA,EAAwB;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,gBAAgB,CAAC,4BAA4B,SAAS,CAAA,CAAA;AAAA,MAC5E,IAAA,EAAM,6BAA6B,MAAA,CAAO,IAAA,CAAK,qBAAqB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,gBAAgB,CAAC,yBAAyB,MAAM,CAAA,CAAA;AAAA,MACtE,IAAA,EAAM,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC1E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,iBAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA,EAAG;AACpB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,gBAAgB,CAAC,CAAA,WAAA,CAAA;AAAA,MACvC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,gBAAgB,CAAC,CAAA,cAAA,CAAA;AAAA,MACvC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,sBAAsB,SAAS,CAAA;AACnD,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,UAAA,CAAW,QAAA;AAAA,MAC5B,UAAA,CAAW,IAAA;AAAA,MACX,MAAA,CAAO,UAAU,MAAM,CAAA;AAAA,MACvB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,MACrB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,MACrB,WAAA,CAAY;AAAA,KACd;AACA,IAAA,MAAM,MAAM,UAAA,CAAW,eAAA,CAAgBA,MAAAA,CAAO,IAAA,CAAK,UAAU,CAAC,CAAA;AAC9D,IAAA,MAAM,SAAA,GAAY,OAAO,MAAA,CAAO;AAAA,MAC9B,QAAA,EAAU,MAAA;AAAA,MACV,MAAA;AAAA,MACA,SAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAAA,EAClC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,gBAAgB,CAAC,CAAA,6BAAA,CAAA,EAAiC,IAAA,EAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAChH;AACF;AAEO,SAAS,QAAA,CAAS,IAAA,EAAc,SAAA,EAA8B,OAAA,GAA0B,EAAC,EAAmB;AACjH,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,2BAAA,CAAA;AAAA,MACnC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,QAAA,GAAW,QAAQ,QAAA,IAAY,WAAA;AACrC,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,QAAQ,CAAA,EAAG;AACvC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,YAAY,CAAC,kCAAkC,QAAQ,CAAA,CAAA;AAAA,MAC7E,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,YAAA,CAAa,SAAA,EAAW,MAAM,CAAA;AAClD,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,oBAAA,CAAA;AAAA,MACnC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,UAAA,CAAW,WAAA,CAAY,WAAA,CAAY,SAAS,QAAQ,CAAA;AAC/D,IAAA,MAAM,MAAA,GAAS,WAAW,cAAA,CAAe,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,KAAK,EAAE,CAAA;AACvF,IAAA,MAAM,SAAA,GAAYA,MAAAA,CAAO,MAAA,CAAO,CAAC,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA,EAAG,MAAA,CAAO,KAAA,EAAO,CAAC,CAAA;AACvE,IAAA,MAAM,GAAA,GAAM,OAAO,UAAA,EAAW;AAE9B,IAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,EAAA,EAAI,QAAQ,CAAA;AAC7C,IAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,SAAA,EAAW,QAAQ,CAAA;AACxD,IAAA,MAAM,MAAA,GAAS,kBAAA,CAAmB,GAAA,EAAK,QAAQ,CAAA;AAE/C,IAAA,IAAI,KAAA,CAAM,KAAA,IAAS,SAAA,CAAU,KAAA,IAAS,OAAO,KAAA,EAAO;AAClD,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,GAAA,EAAK,+EAAA;AAAA,QACL,IAAA,EAAM,qBAAqB,aAAA,CAAc,KAAA,CAAM,SAAS,SAAA,CAAU,KAAA,IAAS,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,OACzF,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,GAAA,CAAI,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,CAAA,EAAI,UAAU,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACpE,SAASC,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,wBAAA,CAAA,EAA4B,IAAA,EAAM,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EACvG;AACF;AAEO,SAAS,QAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,IAAI,YAAA,CAAa,SAAA,EAAW,MAAM,CAAA,KAAM,KAAA,EAAO;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,+BAAA,CAAA;AAAA,MACnC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,QAAA,GAAW,QAAQ,QAAA,IAAY,WAAA;AACrC,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,QAAQ,CAAA,EAAG;AACvC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,YAAY,CAAC,iCAAiC,QAAQ,CAAA,CAAA;AAAA,MAC5E,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,CAAC,IAAI,MAAA,EAAQ,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,EAAA,IAAI,CAAC,MAAA,CAAO,EAAE,CAAA,IAAK,CAAC,MAAA,CAAO,MAAM,CAAA,IAAK,CAAC,MAAA,CAAO,GAAG,CAAA,EAAG;AAClD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,wBAAA,CAAA;AAAA,MACnC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,YAAA,CAAa,SAAA,EAAW,MAAM,CAAA;AAClD,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,oDAAA;AAAA,MACL,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,EAAA,EAAI,QAAQ,CAAA;AAC/C,EAAA,MAAM,WAAA,GAAc,kBAAA,CAAmB,MAAA,EAAQ,QAAQ,CAAA;AACvD,EAAA,MAAM,QAAA,GAAW,kBAAA,CAAmB,GAAA,EAAK,QAAQ,CAAA;AAEjD,EAAA,IAAI,OAAA,CAAQ,KAAA,IAAS,WAAA,CAAY,KAAA,IAAS,SAAS,KAAA,EAAO;AACxD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,+CAAA,CAAA;AAAA,MACnC,IAAA,EAAM,qBAAqB,aAAA,CAAc,OAAA,CAAQ,SAAS,WAAA,CAAY,KAAA,IAAS,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,KAC/F,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,WAAW,gBAAA,CAAiB,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,GAAA,EAAK,OAAA,CAAQ,MAAM,CAAA;AACvG,IAAA,QAAA,CAAS,UAAA,CAAW,SAAS,MAAM,CAAA;AACnC,IAAA,MAAM,SAAA,GAAYD,MAAAA,CAAO,MAAA,CAAO,CAAC,QAAA,CAAS,MAAA,CAAO,WAAA,CAAY,MAAM,CAAA,EAAG,QAAA,CAAS,KAAA,EAAO,CAAC,CAAA;AAEvF,IAAA,OAAO,kBAAA,CAAmB,WAAW,MAAM,CAAA;AAAA,EAC7C,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,YAAY,CAAC,CAAA,wBAAA,CAAA,EAA4B,IAAA,EAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACvG;AACF;AACO,SAAS,WAAA,CACd,IAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,IAAI,CAAA;AAC5C,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,QAAA,CAAS,MAAA,EAAQ,SAAA,EAAW,OAAO,CAAA;AAC5C;AAEO,SAAS,WAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACJ;AACvB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,YAAe,MAAM,CAAA;AAC9B;AAEO,SAAS,KAAA,CAAM,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC7E,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,SAAS,CAAC,CAAA,wBAAA,CAAA;AAAA,MAChC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,QAAA,GAAW,QAAQ,QAAA,IAAY,WAAA;AACrC,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,QAAQ,CAAA,EAAG;AACvC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,SAAS,CAAC,kCAAkC,QAAQ,CAAA,CAAA;AAAA,MAC1E,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,SAAS,CAAC,yBAAyB,MAAM,CAAA,CAAA;AAAA,MAC/D,IAAA,EAAM,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC1E,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,WAAW,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,CAAE,MAAA,CAAO,MAAM,CAAA,CAAE,MAAA,EAAO;AAC5E,IAAA,OAAO,kBAAA,CAAmB,QAAQ,QAAQ,CAAA;AAAA,EAC5C,SAASC,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,SAAS,CAAC,CAAA,wCAAA,CAAA,EAA4C,IAAA,EAAM,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EACpH;AACF;AAEO,SAAS,aAAA,CACd,QAAA,EACA,OAAA,GAA+B,EAAC,EACQ;AACxC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,kBAAkB,CAAC,CAAA,4BAAA,CAAA;AAAA,MACzC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,kBAAkB,CAAC,yBAAyB,MAAM,CAAA,CAAA;AAAA,MACxE,IAAA,EAAM,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC1E,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,QAAA,GAAW,QAAQ,QAAA,IAAY,WAAA;AACrC,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,QAAQ,CAAA,EAAG;AACvC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,KAAK,CAAA,EAAG,KAAA,CAAM,QAAQ,kBAAkB,CAAC,2BAA2B,QAAQ,CAAA,CAAA;AAAA,MAC5E,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,EAAA;AACzC,EAAA,IAAI,OAAO,UAAA,KAAe,QAAA,IAAY,UAAA,GAAa,CAAA,EAAG;AACpD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,kBAAkB,CAAC,CAAA,kBAAA,CAAA;AAAA,MACzC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,OAAO,UAAA,KAAe,QAAA,IAAY,UAAA,GAAa,GAAA,EAAM;AACvD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,kBAAkB,CAAC,CAAA,uBAAA,CAAA;AAAA,MACzC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,OAAO,SAAA,KAAc,QAAA,IAAY,SAAA,GAAY,EAAA,EAAI;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,kBAAkB,CAAC,CAAA,oBAAA,CAAA;AAAA,MACzC,IAAA,EAAM;AAAA,KACP,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,UAAA,CAAW,WAAA,CAAY,UAAU,CAAA;AAC9C,IAAA,MAAMC,KAAAA,GAAO,UAAA,CAAW,UAAA,CAAW,QAAA,CAAS,SAAA,CAAU,MAAM,CAAA,EAAG,IAAA,EAAM,UAAA,EAAY,SAAA,EAAW,UAAA,CAAW,IAAI,CAAA;AAE3G,IAAA,OAAO,GAAA,CAAI,EAAE,IAAA,EAAM,IAAA,CAAK,QAAA,CAAS,QAAQ,CAAA,EAAG,IAAA,EAAMA,KAAAA,CAAK,QAAA,CAAS,QAAQ,CAAA,EAAG,CAAA;AAAA,EAC7E,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,KAAA,CAAM,MAAA,EAAQ,kBAAkB,CAAC,CAAA,yBAAA,CAAA,EAA6B,IAAA,EAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC9G;AACF;AAEO,SAAS,gBACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACzB;AACT,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,IAAK,CAAC,MAAA,CAAO,cAAc,CAAA,IAAK,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG,OAAO,KAAA;AAE1E,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,MAAA,IAAU,iBAAA,CAAA,EAAoB,OAAO,KAAA;AAC3C,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,QAAA,GAAW,QAAQ,QAAA,IAAY,WAAA;AACrC,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,QAAQ,GAAG,OAAO,KAAA;AAEhD,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,OAAO,UAAA,KAAe,QAAA,IAAY,UAAA,GAAa,KAAM,OAAO,KAAA;AAEhE,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,OAAO,SAAA,KAAc,QAAA,IAAY,SAAA,GAAY,IAAI,OAAO,KAAA;AAE5D,EAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,IAAA,EAAM,QAAQ,CAAA;AACnD,EAAA,IAAI,SAAA,CAAU,OAAO,OAAO,KAAA;AAE5B,EAAA,MAAM,mBAAA,GAAsB,kBAAA,CAAmB,cAAA,EAAgB,QAAQ,CAAA;AACvE,EAAA,IAAI,mBAAA,CAAoB,OAAO,OAAO,KAAA;AAEtC,EAAA,IAAI;AACF,IAAA,OAAO,UAAA,CAAW,eAAA;AAAA,MAChB,UAAA,CAAW,UAAA,CAAW,QAAA,CAAS,SAAA,CAAU,MAAM,CAAA,EAAG,SAAA,CAAU,MAAA,EAAQ,UAAA,EAAY,SAAA,EAAW,UAAA,CAAW,IAAI,CAAA;AAAA,MAC1G,mBAAA,CAAoB;AAAA,KACtB;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;AF3TO,SAAS,gBAAgB,CAAA,EAAoC;AAClE,EAAA,OAAO,YAAA,CAAa,CAAA,EAAG,MAAM,CAAA,KAAM,IAAA;AACrC;AAWO,SAAS,eAAA,GAAkC;AAChD,EAAA,OAAO,aAAA,EAAc;AACvB;AAYO,SAAS,YAAA,GAAuB;AACrC,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,aAAA,EAAc;AACxC,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAkBO,SAAS,kBAAA,CACd,MAAA,EACA,OAAA,GAAkC,EAAC,EACI;AACvC,EAAA,OAAO,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AACzC;AAmBO,SAAS,eAAA,CAAgB,MAAA,EAAgB,OAAA,GAAkC,EAAC,EAAsB;AACvG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAC1D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAgBO,SAAS,UAAA,CAAW,IAAA,EAAc,SAAA,EAA8B,OAAA,GAA0B,EAAC,EAAmB;AACnH,EAAA,OAAO,QAAA,CAAS,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAC1C;AAiBO,SAAS,OAAA,CAAQ,IAAA,EAAc,SAAA,EAA8B,OAAA,GAA0B,EAAC,EAAW;AACxG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,IAAA,EAAM,WAAW,OAAO,CAAA;AAC3D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAgBO,SAAS,UAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,OAAO,QAAA,CAAS,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAC/C;AAiBO,SAAS,OAAA,CAAQ,SAAA,EAAmB,SAAA,EAA8B,OAAA,GAA0B,EAAC,EAAW;AAC7G,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAmBO,SAAS,aAAA,CACd,IAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,OAAO,WAAA,CAAY,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAC7C;AAoBO,SAAS,UAAA,CACd,IAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACnB;AACR,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAY,IAAA,EAAM,WAAW,OAAO,CAAA;AAC9D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAiBO,SAAS,aAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACJ;AACvB,EAAA,OAAO,WAAA,CAAe,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AACrD;AAkBO,SAAS,UAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACxB;AACH,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAe,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAiBO,SAAS,OAAA,CAAQ,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC/E,EAAA,OAAO,KAAA,CAAM,MAAM,OAAO,CAAA;AAC5B;AAkBO,SAAS,IAAA,CAAK,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAW;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,KAAA,CAAM,MAAM,OAAO,CAAA;AAC7C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAoBO,SAAS,eAAA,CACd,QAAA,EACA,OAAA,GAA+B,EAAC,EACQ;AACxC,EAAA,OAAO,aAAA,CAAc,UAAU,OAAO,CAAA;AACxC;AAqBO,SAAS,YAAA,CAAa,QAAA,EAAkB,OAAA,GAA+B,EAAC,EAAmC;AAChH,EAAA,MAAM,EAAE,MAAAA,KAAAA,EAAM,IAAA,EAAM,OAAM,GAAI,aAAA,CAAc,UAAU,OAAO,CAAA;AAC7D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,EAAE,IAAA,EAAAA,KAAAA,EAAM,IAAA,EAAK;AACtB;AAoBO,SAAS,eACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACzB;AACT,EAAA,OAAO,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,OAAO,CAAA;AAChE;AAcO,SAAS,oBAAA,CAAqB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC/G,EAAA,OAAO,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAC/C;AAeO,SAAS,iBAAA,CAAkB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAgB;AACxF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAcO,SAAS,oBAAA,CAAqB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AACpG,EAAA,OAAO,kBAAA,CAAmB,MAAM,cAAc,CAAA;AAChD;AAeO,SAAS,iBAAA,CAAkB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAgB;AACzF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,cAAc,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAeO,SAAS,kBAAA,CAAmB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC7F,EAAA,OAAO,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,EAAE,CAAA;AACxC;AAgBO,SAAS,eAAA,CAAgB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAAsB;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,gBAAA,CAAiB,IAAA,EAAM,MAAM,EAAE,CAAA;AACzD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-N5T4PNG7.js","sourcesContent":["import type { Buffer } from 'node:buffer';\r\nimport { $fmtResultErr, type Result } from '~/helpers/error';\r\nimport type {\r\n  CreateSecretKeyOptions,\r\n  DecryptOptions,\r\n  Encoding,\r\n  EncryptOptions,\r\n  HashOptions,\r\n  HashPasswordOptions,\r\n  SecretKey,\r\n  VerifyPasswordOptions,\r\n} from '~/helpers/types';\r\nimport { $isSecretKey } from '~/helpers/validate';\r\nimport { $convertBytesToStr, $convertEncoding, $convertStrToBytes } from './node-encode';\r\nimport {\r\n  $createSecretKey,\r\n  $decrypt,\r\n  $decryptObj,\r\n  $encrypt,\r\n  $encryptObj,\r\n  $generateUuid,\r\n  $hash,\r\n  $hashPassword,\r\n  $verifyPassword,\r\n} from './node-encrypt';\r\n\r\n/**\r\n * Type guard to check if the provided value is a SecretKey object for Node.js environment.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Checking if the key in your hand is the right kind of key for the lock.\r\n *\r\n * @param x - The value to check.\r\n * @returns True if the value is a SecretKey object for Node.js, false otherwise.\r\n */\r\nexport function isNodeSecretKey(x: unknown): x is SecretKey<'node'> {\r\n  return $isSecretKey(x, 'node') !== null;\r\n}\r\n\r\n/**\r\n * Safely generates a UUID (v4) (non-throwing).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * It's like giving your pet a name tag with a super random name made of numbers and letters.\r\n * The chance of two pets getting the same name tag is practically zero, and it's very hard to guess!\r\n *\r\n * @returns A `Result` containing the UUID string or an error.\r\n */\r\nexport function tryGenerateUuid(): Result<string> {\r\n  return $generateUuid();\r\n}\r\n\r\n/**\r\n * Generates a UUID (v4) (throwing).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * It's like giving your pet a name tag with a super random name made of numbers and letters.\r\n * The chance of two pets getting the same name tag is practically zero, and it's very hard to guess!\r\n *\r\n * @returns A UUID string.\r\n * @throws {Error} If UUID generation fails.\r\n */\r\nexport function generateUuid(): string {\r\n  const { result, error } = $generateUuid();\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely derives a `SecretKey` from the provided string for encryption/decryption (non-throwing).\r\n *\r\n * Uses HKDF to derive a key from the input string.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Imagine you want to create a special key for future use to lock your treasure box (data).\r\n * So, you stir in some secret ingredients (like salt and info) to make sure your key is one-of-a-kind.\r\n *\r\n * @param secret - The input string to derive the `SecretKey` from.\r\n * @param options.algorithm - The encryption algorithm to use (default: `'aes256gcm'`).\r\n * @param options.digest - The hash algorithm for HKDF (default: `'sha256'`).\r\n * @param options.salt - A salt string (default: `'cipher-kit-salt'`, must be ≥ 8 chars).\r\n * @param options.info - An info string (default: `'cipher-kit'`).\r\n * @returns A `Result` containing the derived `SecretKey` or an error.\r\n */\r\nexport function tryCreateSecretKey(\r\n  secret: string,\r\n  options: CreateSecretKeyOptions = {},\r\n): Result<{ result: SecretKey<'node'> }> {\r\n  return $createSecretKey(secret, options);\r\n}\r\n\r\n/**\r\n * Derives a `SecretKey` from the provided string for encryption/decryption (throwing).\r\n *\r\n * Uses HKDF to derive a key from the input string.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Imagine you want to create a special key for future use to lock your treasure box (data).\r\n * So, you stir in some secret ingredients (like salt and info) to make sure your key is one-of-a-kind.\r\n *\r\n * @param secret - The input string to derive the `SecretKey` from.\r\n * @param options.algorithm - The encryption algorithm to use (default: `'aes256gcm'`).\r\n * @param options.digest - The hash algorithm for HKDF (default: `'sha256'`).\r\n * @param options.salt - A salt string (default: `'cipher-kit-salt'`, must be ≥ 8 chars).\r\n * @param options.info - An info string (default: `'cipher-kit'`).\r\n * @returns The derived `SecretKey`.\r\n * @throws {Error} If key derivation fails.\r\n */\r\nexport function createSecretKey(secret: string, options: CreateSecretKeyOptions = {}): SecretKey<'node'> {\r\n  const { result, error } = $createSecretKey(secret, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely encrypts a UTF-8 string using the provided `SecretKey` (non-throwing).\r\n *\r\n * Output format: \"iv.cipher.tag.\"\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You scramble a secret message with your special key,\r\n * creating a jumbled code that only someone with the right key can read.\r\n *\r\n * @param data - A UTF-8 string to encrypt.\r\n * @param secretKey - The `SecretKey` object used for encryption.\r\n * @param options.encoding - The encoding format for the output ciphertext (default: `'base64url'`).\r\n * @returns A `Result` containing the encrypted string in the specified format or an error.\r\n */\r\nexport function tryEncrypt(data: string, secretKey: SecretKey<'node'>, options: EncryptOptions = {}): Result<string> {\r\n  return $encrypt(data, secretKey, options);\r\n}\r\n\r\n/**\r\n * Encrypts a UTF-8 string using the provided `SecretKey` (throwing).\r\n *\r\n * Output format: \"iv.cipher.tag.\"\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You scramble a secret message with your special key,\r\n * creating a jumbled code that only someone with the right key can read.\r\n *\r\n * @param data - A UTF-8 string to encrypt.\r\n * @param secretKey - The `SecretKey` object used for encryption.\r\n * @param options.encoding - The encoding format for the output ciphertext (default: `'base64url'`).\r\n * @returns The encrypted string in the specified format.\r\n * @throws {Error} If the input data or key is invalid, or if encryption fails.\r\n */\r\nexport function encrypt(data: string, secretKey: SecretKey<'node'>, options: EncryptOptions = {}): string {\r\n  const { result, error } = $encrypt(data, secretKey, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely decrypts the input string using the provided `SecretKey` (non-throwing).\r\n *\r\n * Expects input in the format \"iv.cipher.tag.\" and returns the decrypted UTF-8 string.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You take a scrambled secret message and use your special key to unscramble it,\r\n * revealing the original message inside.\r\n *\r\n * @param encrypted - The input string to decrypt, in the format \"iv.cipher.tag.\".\r\n * @param secretKey - The `SecretKey` object used for decryption.\r\n * @param options.encoding - The encoding format for the input ciphertext (default: `'base64url'`).\r\n * @returns A `Result` containing the decrypted UTF-8 string or an error.\r\n */\r\nexport function tryDecrypt(\r\n  encrypted: string,\r\n  secretKey: SecretKey<'node'>,\r\n  options: DecryptOptions = {},\r\n): Result<string> {\r\n  return $decrypt(encrypted, secretKey, options);\r\n}\r\n\r\n/**\r\n * Decrypts the input string using the provided `SecretKey` (throwing).\r\n *\r\n * Expects input in the format \"iv.cipher.tag.\" and returns the decrypted UTF-8 string.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You take a scrambled secret message and use your special key to unscramble it,\r\n * revealing the original message inside.\r\n *\r\n * @param encrypted - The input string to decrypt, in the format \"iv.cipher.tag.\".\r\n * @param secretKey - The `SecretKey` object used for decryption.\r\n * @param options.encoding - The encoding format for the input ciphertext (default: `'base64url'`).\r\n * @returns The decrypted UTF-8 string.\r\n * @throws {Error} If the input data or key is invalid, or if decryption fails.\r\n */\r\nexport function decrypt(encrypted: string, secretKey: SecretKey<'node'>, options: DecryptOptions = {}): string {\r\n  const { result, error } = $decrypt(encrypted, secretKey, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely encrypts a plain object using the provided `SecretKey` (non-throwing).\r\n *\r\n * Only plain objects (POJOs) are accepted. Class instances, Maps, Sets, etc. are rejected.\r\n *\r\n * Output format: \"iv.cipher.tag.\"\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Imagine you have a toy box (an object) that you want to keep secret.\r\n * So, you take a picture of your toy box (convert it to JSON), and scramble that with\r\n * your special key, creating a jumbled code that only someone with the right key can read.\r\n *\r\n * @param data - A plain object to encrypt.\r\n * @param secretKey - The `SecretKey` object used for encryption.\r\n * @param options.encoding - The encoding format for the output ciphertext (default: `'base64url'`).\r\n * @returns A `Result` containing the encrypted string in the specified format or an error.\r\n */\r\nexport function tryEncryptObj<T extends object = Record<string, unknown>>(\r\n  data: T,\r\n  secretKey: SecretKey<'node'>,\r\n  options: EncryptOptions = {},\r\n): Result<string> {\r\n  return $encryptObj(data, secretKey, options);\r\n}\r\n\r\n/**\r\n * Encrypts a plain object using the provided `SecretKey` (throwing).\r\n *\r\n * Only plain objects (POJOs) are accepted. Class instances, Maps, Sets, etc. are rejected.\r\n *\r\n * Output format: \"iv.cipher.tag.\"\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Imagine you have a toy box (an object) that you want to keep secret.\r\n * So, you take a picture of your toy box (convert it to JSON), and scramble that with\r\n * your special key, creating a jumbled code that only someone with the right key can read.\r\n *\r\n * @param data - A plain object to encrypt.\r\n * @param secretKey - The `SecretKey` object used for encryption.\r\n * @param options.encoding - The encoding format for the output ciphertext (default: `'base64url'`).\r\n * @returns The encrypted string in the specified format.\r\n * @throws {Error} If the input data or key is invalid, or if encryption fails.\r\n */\r\nexport function encryptObj<T extends object = Record<string, unknown>>(\r\n  data: T,\r\n  secretKey: SecretKey<'node'>,\r\n  options: EncryptOptions = {},\r\n): string {\r\n  const { result, error } = $encryptObj(data, secretKey, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely decrypts an encrypted JSON string into an object (non-throwing).\r\n *\r\n * Expects input in the format `\"iv.cipher.tag.\"` and returns a plain object.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You rebuild your toy box (an object) by unscrambling the jumbled code (encrypted text),\r\n * using your special key to open it.\r\n *\r\n * @template T - The expected shape of the decrypted object.\r\n * @param encrypted - The encrypted string (format: `\"iv.cipher.tag.\"`).\r\n * @param secretKey - The `SecretKey` used for decryption.\r\n * @param options.encoding - Input ciphertext encoding (default: `'base64url'`).\r\n * @returns A `Result` with the decrypted object on success, or an error.\r\n */\r\nexport function tryDecryptObj<T extends object = Record<string, unknown>>(\r\n  encrypted: string,\r\n  secretKey: SecretKey<'node'>,\r\n  options: DecryptOptions = {},\r\n): Result<{ result: T }> {\r\n  return $decryptObj<T>(encrypted, secretKey, options);\r\n}\r\n\r\n/**\r\n * Decrypts an encrypted JSON string into an object (throwing).\r\n *\r\n * Expects input in the format `\"iv.cipher.tag.\"` and returns a plain object.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * You rebuild your toy box (an object) by unscrambling the jumbled code (encrypted text),\r\n * using your special key to open it.\r\n *\r\n * @template T - The expected shape of the decrypted object.\r\n * @param encrypted - The encrypted string (format: `\"iv.cipher.tag.\"`).\r\n * @param secretKey - The `SecretKey` used for decryption.\r\n * @param options.encoding - Input ciphertext encoding (default: `'base64url'`).\r\n * @returns The decrypted object.\r\n * @throws {Error} If decryption or JSON parsing fails.\r\n */\r\nexport function decryptObj<T extends object = Record<string, unknown>>(\r\n  encrypted: string,\r\n  secretKey: SecretKey<'node'>,\r\n  options: DecryptOptions = {},\r\n): T {\r\n  const { result, error } = $decryptObj<T>(encrypted, secretKey, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely hashes a UTF-8 string (non-throwing).\r\n *\r\n * Uses the selected digest (default: `'sha256'`) and returns the hash\r\n * in the chosen encoding (default: `'base64url'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Like putting something in a blender and getting a smoothie, you can’t get the original ingredients back,\r\n * but the smoothie is always the same if you use the same ingredients.\r\n *\r\n * @param data - The input string to hash.\r\n * @param options.digest - Hash algorithm (`'sha256' | 'sha384' | 'sha512'`, default: `'sha256'`).\r\n * @param options.encoding - Output encoding (`'base64' | 'base64url' | 'hex'`, default: `'base64url'`).\r\n * @returns A `Result` with the hash string or an error.\r\n */\r\nexport function tryHash(data: string, options: HashOptions = {}): Result<string> {\r\n  return $hash(data, options);\r\n}\r\n\r\n/**\r\n * Hashes a UTF-8 string (throwing).\r\n *\r\n * Uses the selected digest (default: `'sha256'`) and returns the hash\r\n * in the chosen encoding (default: `'base64url'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * Like putting something in a blender and getting a smoothie, you can’t get the original ingredients back,\r\n * but the smoothie is always the same if you use the same ingredients.\r\n *\r\n * @param data - The input string to hash.\r\n * @param options.digest - Hash algorithm (`'sha256' | 'sha384' | 'sha512'`; default: `'sha256'`).\r\n * @param options.encoding - Output encoding (`'base64' | 'base64url' | 'hex'`; default: `'base64url'`).\r\n * @returns The hashed string.\r\n * @throws {Error} If input is invalid or hashing fails.\r\n */\r\nexport function hash(data: string, options: HashOptions = {}): string {\r\n  const { result, error } = $hash(data, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely hashes a password using PBKDF2 (non-throwing).\r\n *\r\n * Uses strong defaults (`sha512`, 320k iterations, 64-byte key, 16-byte salt) and\r\n * returns `{ hash, salt }` encoded (default: `'base64url'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * We take your password, mix in some random salt, and stir many times.\r\n * The result is a super-secret soup that’s hard to copy.\r\n *\r\n * @param password - The password to hash.\r\n * @param options.digest - Hash algorithm (`'sha256' | 'sha384' | 'sha512'`; default: `'sha512'`).\r\n * @param options.encoding - Output encoding (`'base64' | 'base64url' | 'hex'`; default: `'base64url'`).\r\n * @param options.saltLength - Length of the random salt in bytes (default: `16` bytes, min: `8` bytes).\r\n * @param options.iterations - Number of iterations (default: `320000`, min: `1000`).\r\n * @param options.keyLength - Length of the derived key in bytes (default: `64` bytes, min: `16` bytes).\r\n * @returns A `Result` with `{ hash, salt }` or an error.\r\n */\r\nexport function tryHashPassword(\r\n  password: string,\r\n  options: HashPasswordOptions = {},\r\n): Result<{ hash: string; salt: string }> {\r\n  return $hashPassword(password, options);\r\n}\r\n\r\n/**\r\n * Hashes a password using PBKDF2 (throwing).\r\n *\r\n * Uses strong defaults (`sha512`, 320k iterations, 64-byte key, 16-byte salt) and\r\n * returns `{ hash, salt }` encoded (default: `'base64url'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * We take your password, mix in some random salt, and stir many times.\r\n * The result is a super-secret soup that’s hard to copy.\r\n *\r\n * @param password - The password to hash.\r\n * @param options.digest - Hash algorithm (`'sha256' | 'sha384' | 'sha512'`; default: `'sha512'`).\r\n * @param options.encoding - Output encoding (`'base64' | 'base64url' | 'hex'`; default: `'base64url'`).\r\n * @param options.saltLength - Length of the random salt in bytes (default: `16` bytes, min: `8` bytes).\r\n * @param options.iterations - Number of iterations (default: `320000`, min: `1000`).\r\n * @param options.keyLength - Length of the derived key in bytes (default: `64` bytes, min: `16` bytes).\r\n * @returns `{ hash, salt }` for storage.\r\n * @throws {Error} If inputs are invalid or hashing fails.\r\n */\r\nexport function hashPassword(password: string, options: HashPasswordOptions = {}): { hash: string; salt: string } {\r\n  const { hash, salt, error } = $hashPassword(password, options);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return { hash, salt };\r\n}\r\n\r\n/**\r\n * Verifies a password against a stored PBKDF2 hash (non-throwing).\r\n *\r\n * Re-derives the key using the same parameters and compares in constant time, to prevent timing attacks.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * We follow the same recipe as when we made the secret.\r\n * If the new soup tastes exactly the same, the password is correct.\r\n *\r\n * @param password - The plain password to verify.\r\n * @param hashedPassword - The stored hash (encoded).\r\n * @param salt - The stored salt (encoded).\r\n * @param options.digest - Hash algorithm used during hashing (`'sha256' | 'sha384' | 'sha512'`; default: `'sha512'`).\r\n * @param options.encoding - Encoding of the stored hash and salt (`'base64' | 'base64url' | 'hex'`; default: `'base64url'`).\r\n * @param options.iterations - Number of iterations used during hashing (default: `320000`).\r\n * @param options.keyLength - Length of the derived key in bytes used during hashing (default: `64` bytes).\r\n * @returns `true` if the password matches, otherwise `false`.\r\n */\r\nexport function verifyPassword(\r\n  password: string,\r\n  hashedPassword: string,\r\n  salt: string,\r\n  options: VerifyPasswordOptions = {},\r\n): boolean {\r\n  return $verifyPassword(password, hashedPassword, salt, options);\r\n}\r\n\r\n/**\r\n * Safely converts a string to a Node.js `Buffer` using the specified encoding (non-throwing).\r\n *\r\n * Supported encodings: `'base64' | 'base64url' | 'hex' | 'utf8' | 'latin1'` (default: `'utf8'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * This turns your words into tiny computer building blocks (bytes) so computers can work with them.\r\n *\r\n * @param data - The input string to convert.\r\n * @param inputEncoding - The encoding of the input string (default: `'utf8'`).\r\n * @returns A `Result` with `{ result: Buffer }` or an error.\r\n */\r\nexport function tryConvertStrToBytes(data: string, inputEncoding: Encoding = 'utf8'): Result<{ result: Buffer }> {\r\n  return $convertStrToBytes(data, inputEncoding);\r\n}\r\n\r\n/**\r\n * Converts a string to a Node.js `Buffer` using the specified encoding (throwing).\r\n *\r\n * Supported encodings: `'base64' | 'base64url' | 'hex' | 'utf8' | 'latin1'` (default: `'utf8'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * This turns your words into tiny computer building blocks (bytes) so computers can work with them.\r\n *\r\n * @param data - The input string to convert.\r\n * @param inputEncoding - The encoding of the input string (default: `'utf8'`).\r\n * @returns A `Buffer` containing the bytes.\r\n * @throws {Error} If input is invalid or conversion fails.\r\n */\r\nexport function convertStrToBytes(data: string, inputEncoding: Encoding = 'utf8'): Buffer {\r\n  const { result, error } = $convertStrToBytes(data, inputEncoding);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely converts a Node.js `Buffer` to a string using the specified encoding (non-throwing).\r\n *\r\n * Supported encodings: `'base64' | 'base64url' | 'hex' | 'utf8' | 'latin1'` (default: `'utf8'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * This turns the tiny computer building blocks (bytes) back into a readable sentence.\r\n *\r\n * @param data - The `Buffer` to convert.\r\n * @param outputEncoding - The output encoding (default: `'utf8'`).\r\n * @returns A `Result` with the string or an error.\r\n */\r\nexport function tryConvertBytesToStr(data: Buffer, outputEncoding: Encoding = 'utf8'): Result<string> {\r\n  return $convertBytesToStr(data, outputEncoding);\r\n}\r\n\r\n/**\r\n * Converts a Node.js `Buffer` to a string using the specified encoding (throwing).\r\n *\r\n * Supported encodings: `'base64' | 'base64url' | 'hex' | 'utf8' | 'latin1'` (default: `'utf8'`).\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * This turns the tiny computer building blocks (bytes) back into a readable sentence.\r\n *\r\n * @param data - The `Buffer` to convert.\r\n * @param outputEncoding - The output encoding (default: `'utf8'`).\r\n * @returns The encoded string.\r\n * @throws {Error} If input is invalid or conversion fails.\r\n */\r\nexport function convertBytesToStr(data: Buffer, outputEncoding: Encoding = 'utf8'): string {\r\n  const { result, error } = $convertBytesToStr(data, outputEncoding);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n\r\n/**\r\n * Safely converts text between encodings (non-throwing).\r\n *\r\n * Example: convert `'utf8'` text to `'base64url'`, or `'hex'` to `'utf8'`.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * It’s like translating your sentence from one alphabet to another.\r\n *\r\n * @param data - The input string to convert.\r\n * @param from - The current encoding of `data`.\r\n * @param to - The target encoding for `data`.\r\n * @returns A `Result` with a string or an error.\r\n */\r\nexport function tryConvertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\r\n  return $convertEncoding(data, from, to);\r\n}\r\n\r\n/**\r\n * Converts text between encodings (throwing).\r\n *\r\n * Example: convert `'utf8'` text to `'base64url'`, or `'hex'` to `'utf8'`.\r\n *\r\n * ### 🍼 Explain Like I'm Five\r\n * It’s like translating your sentence from one alphabet to another.\r\n *\r\n * @param data - The input string to convert.\r\n * @param from - The current encoding of `data`.\r\n * @param to - The target encoding for `data`.\r\n * @returns The converted string.\r\n * @throws {Error} If encodings are invalid or conversion fails.\r\n */\r\nexport function convertEncoding(data: string, from: Encoding, to: Encoding): string {\r\n  const { result, error } = $convertEncoding(data, from, to);\r\n  if (error) throw new Error($fmtResultErr(error));\r\n  return result;\r\n}\r\n","import { Buffer } from 'node:buffer';\r\nimport { ENCODING } from '~/helpers/consts';\r\nimport { $err, $fmtError, $ok, type Result } from '~/helpers/error';\r\nimport type { Encoding } from '~/helpers/types';\r\nimport { $isStr } from '~/helpers/validate';\r\n\r\nexport function $convertStrToBytes(data: string, inputEncoding: Encoding = 'utf8'): Result<{ result: Buffer }> {\r\n  if (!$isStr(data)) {\r\n    return $err({\r\n      msg: 'Crypto NodeJS API - String to Bytes: Empty data',\r\n      desc: 'Data must be a non-empty string',\r\n    });\r\n  }\r\n  if (!ENCODING.includes(inputEncoding)) {\r\n    return $err({\r\n      msg: `Crypto NodeJS API - String to Bytes: Unsupported encoding: ${inputEncoding}`,\r\n      desc: 'Use base64, base64url, hex, utf8, or latin1',\r\n    });\r\n  }\r\n  try {\r\n    return $ok({ result: Buffer.from(data, inputEncoding) });\r\n  } catch (error) {\r\n    return $err({ msg: 'Crypto NodeJS API - String to Bytes: Failed to convert data', desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $convertBytesToStr(data: Buffer, outputEncoding: Encoding = 'utf8'): Result<string> {\r\n  if (!(data instanceof Buffer)) {\r\n    return $err({\r\n      msg: 'Crypto NodeJS API - Bytes to String: Invalid data type',\r\n      desc: 'Data must be a Buffer',\r\n    });\r\n  }\r\n  if (!ENCODING.includes(outputEncoding)) {\r\n    return $err({\r\n      msg: `Crypto NodeJS API - Bytes to String: Unsupported encoding: ${outputEncoding}`,\r\n      desc: 'Use base64, base64url, hex, utf8, or latin1',\r\n    });\r\n  }\r\n  try {\r\n    return $ok(Buffer.from(data).toString(outputEncoding));\r\n  } catch (error) {\r\n    return $err({ msg: 'Crypto NodeJS API - Bytes to String: Failed to convert data', desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $convertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\r\n  if (!$isStr(data)) {\r\n    return $err({\r\n      msg: 'Crypto NodeJS API - Convert Format: Empty data',\r\n      desc: 'Data must be a non-empty string',\r\n    });\r\n  }\r\n\r\n  if (!ENCODING.includes(from) || !ENCODING.includes(to)) {\r\n    return $err({\r\n      msg: `Crypto NodeJS API - Convert Format: Unsupported encoding: from ${from} to ${to}`,\r\n      desc: 'Use base64, base64url, hex, utf8, or latin1',\r\n    });\r\n  }\r\n\r\n  const bytes = $convertStrToBytes(data, from);\r\n  if (bytes.error) return $err({ msg: bytes.error.message, desc: bytes.error.description });\r\n\r\n  const str = $convertBytesToStr(bytes.result, to);\r\n  if (str.error) return $err({ msg: str.error.message, desc: str.error.description });\r\n\r\n  return $ok({ result: str.result });\r\n}\r\n","import { Buffer } from 'node:buffer';\r\nimport nodeCrypto from 'node:crypto';\r\nimport { CIPHER_ENCODING, DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from '~/helpers/consts';\r\nimport { $err, $fmtError, $fmtResultErr, $ok, type Result, title } from '~/helpers/error';\r\nimport { $parseToObj, $stringifyObj } from '~/helpers/object';\r\nimport type {\r\n  CreateSecretKeyOptions,\r\n  DecryptOptions,\r\n  EncryptOptions,\r\n  HashOptions,\r\n  HashPasswordOptions,\r\n  SecretKey,\r\n  VerifyPasswordOptions,\r\n} from '~/helpers/types';\r\nimport { $isSecretKey, $isStr, matchPattern } from '~/helpers/validate';\r\nimport { $convertBytesToStr, $convertStrToBytes } from './node-encode';\r\n\r\nexport function $generateUuid(): Result<string> {\r\n  try {\r\n    return $ok(nodeCrypto.randomUUID());\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'UUID Generation')}: Failed to generate UUID`, desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $createSecretKey(\r\n  secret: string,\r\n  options: CreateSecretKeyOptions = {},\r\n): Result<{ result: SecretKey<'node'> }> {\r\n  if (!$isStr(secret)) {\r\n    return $err({ msg: `${title('node', 'Key Generation')}: Empty Secret`, desc: 'Secret must be a non-empty string' });\r\n  }\r\n\r\n  const algorithm = options.algorithm ?? 'aes256gcm';\r\n  if (!(algorithm in ENCRYPTION_ALGORITHMS)) {\r\n    return $err({\r\n      msg: `${title('node', 'Key Generation')}: Unsupported algorithm: ${algorithm}`,\r\n      desc: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(', ')}`,\r\n    });\r\n  }\r\n\r\n  const digest = options.digest ?? 'sha256';\r\n  if (!(digest in DIGEST_ALGORITHMS)) {\r\n    return $err({\r\n      msg: `${title('node', 'Key Generation')}: Unsupported digest: ${digest}`,\r\n      desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(', ')}`,\r\n    });\r\n  }\r\n\r\n  const salt = options.salt ?? 'cipher-kit-salt';\r\n  if (!$isStr(salt, 8)) {\r\n    return $err({\r\n      msg: `${title('node', 'Key Generation')}: Weak salt`,\r\n      desc: 'Salt must be a non-empty string with at least 8 characters',\r\n    });\r\n  }\r\n\r\n  const info = options.info ?? 'cipher-kit';\r\n  if (!$isStr(info)) {\r\n    return $err({\r\n      msg: `${title('node', 'Key Generation')}: Invalid info`,\r\n      desc: 'Info must be a non-empty string',\r\n    });\r\n  }\r\n\r\n  const encryptAlgo = ENCRYPTION_ALGORITHMS[algorithm];\r\n  const digestAlgo = DIGEST_ALGORITHMS[digest];\r\n\r\n  try {\r\n    const derivedKey = nodeCrypto.hkdfSync(\r\n      digestAlgo.node,\r\n      secret.normalize('NFKC'),\r\n      salt.normalize('NFKC'),\r\n      info.normalize('NFKC'),\r\n      encryptAlgo.keyBytes,\r\n    );\r\n    const key = nodeCrypto.createSecretKey(Buffer.from(derivedKey));\r\n    const secretKey = Object.freeze({\r\n      platform: 'node',\r\n      digest: digest,\r\n      algorithm: algorithm,\r\n      key: key,\r\n    }) as SecretKey<'node'>;\r\n\r\n    return $ok({ result: secretKey });\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'Key Generation')}: Failed to create secret key`, desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $encrypt(data: string, secretKey: SecretKey<'node'>, options: EncryptOptions = {}): Result<string> {\r\n  if (!$isStr(data)) {\r\n    return $err({\r\n      msg: `${title('node', 'Encryption')}: Empty data for encryption`,\r\n      desc: 'Data must be a non-empty string',\r\n    });\r\n  }\r\n\r\n  const encoding = options.encoding ?? 'base64url';\r\n  if (!CIPHER_ENCODING.includes(encoding)) {\r\n    return $err({\r\n      msg: `${title('node', 'Encryption')}: Unsupported output encoding: ${encoding}`,\r\n      desc: 'Use base64, base64url, or hex',\r\n    });\r\n  }\r\n\r\n  const injectedKey = $isSecretKey(secretKey, 'node');\r\n  if (!injectedKey) {\r\n    return $err({\r\n      msg: `${title('node', 'Encryption')}: Invalid Secret Key`,\r\n      desc: 'Expected a Node SecretKey',\r\n    });\r\n  }\r\n\r\n  const { result, error } = $convertStrToBytes(data, 'utf8');\r\n  if (error) return $err(error);\r\n\r\n  try {\r\n    const iv = nodeCrypto.randomBytes(injectedKey.injected.ivLength);\r\n    const cipher = nodeCrypto.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);\r\n    const encrypted = Buffer.concat([cipher.update(result), cipher.final()]);\r\n    const tag = cipher.getAuthTag();\r\n\r\n    const ivStr = $convertBytesToStr(iv, encoding);\r\n    const cipherStr = $convertBytesToStr(encrypted, encoding);\r\n    const tagStr = $convertBytesToStr(tag, encoding);\r\n\r\n    if (ivStr.error || cipherStr.error || tagStr.error) {\r\n      return $err({\r\n        msg: 'Crypto NodeJS API - Encryption: Failed to convert IV or encrypted data or tag',\r\n        desc: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`,\r\n      });\r\n    }\r\n\r\n    return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'Encryption')}: Failed to encrypt data`, desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $decrypt(\r\n  encrypted: string,\r\n  secretKey: SecretKey<'node'>,\r\n  options: DecryptOptions = {},\r\n): Result<string> {\r\n  if (matchPattern(encrypted, 'node') === false) {\r\n    return $err({\r\n      msg: `${title('node', 'Decryption')}: Invalid encrypted data format`,\r\n      desc: 'Encrypted data must be in the format \"iv.cipher.tag.\"',\r\n    });\r\n  }\r\n\r\n  const encoding = options.encoding ?? 'base64url';\r\n  if (!CIPHER_ENCODING.includes(encoding)) {\r\n    return $err({\r\n      msg: `${title('node', 'Decryption')}: Unsupported input encoding: ${encoding}`,\r\n      desc: 'Use base64, base64url, or hex',\r\n    });\r\n  }\r\n\r\n  const [iv, cipher, tag] = encrypted.split('.', 4);\r\n  if (!$isStr(iv) || !$isStr(cipher) || !$isStr(tag)) {\r\n    return $err({\r\n      msg: `${title('node', 'Decryption')}: Invalid encrypted data`,\r\n      desc: 'Encrypted data must contain valid IV, encrypted data, and tag components',\r\n    });\r\n  }\r\n\r\n  const injectedKey = $isSecretKey(secretKey, 'node');\r\n  if (!injectedKey) {\r\n    return $err({\r\n      msg: 'Crypto NodeJS API - Decryption: Invalid Secret Key',\r\n      desc: 'Expected a Node SecretKey',\r\n    });\r\n  }\r\n\r\n  const ivBytes = $convertStrToBytes(iv, encoding);\r\n  const cipherBytes = $convertStrToBytes(cipher, encoding);\r\n  const tagBytes = $convertStrToBytes(tag, encoding);\r\n\r\n  if (ivBytes.error || cipherBytes.error || tagBytes.error) {\r\n    return $err({\r\n      msg: `${title('node', 'Decryption')}: Failed to convert IV or encrypted data or tag`,\r\n      desc: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`,\r\n    });\r\n  }\r\n\r\n  try {\r\n    const decipher = nodeCrypto.createDecipheriv(injectedKey.injected.node, injectedKey.key, ivBytes.result);\r\n    decipher.setAuthTag(tagBytes.result);\r\n    const decrypted = Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);\r\n\r\n    return $convertBytesToStr(decrypted, 'utf8');\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'Decryption')}: Failed to decrypt data`, desc: $fmtError(error) });\r\n  }\r\n}\r\nexport function $encryptObj<T extends object = Record<string, unknown>>(\r\n  data: T,\r\n  secretKey: SecretKey<'node'>,\r\n  options: EncryptOptions = {},\r\n): Result<string> {\r\n  const { result, error } = $stringifyObj(data);\r\n  if (error) return $err(error);\r\n  return $encrypt(result, secretKey, options);\r\n}\r\n\r\nexport function $decryptObj<T extends object = Record<string, unknown>>(\r\n  encrypted: string,\r\n  secretKey: SecretKey<'node'>,\r\n  options: DecryptOptions = {},\r\n): Result<{ result: T }> {\r\n  const { result, error } = $decrypt(encrypted, secretKey, options);\r\n  if (error) return $err(error);\r\n  return $parseToObj<T>(result);\r\n}\r\n\r\nexport function $hash(data: string, options: HashOptions = {}): Result<string> {\r\n  if (!$isStr(data)) {\r\n    return $err({\r\n      msg: `${title('node', 'Hashing')}: Empty data for hashing`,\r\n      desc: 'Data must be a non-empty string',\r\n    });\r\n  }\r\n\r\n  const encoding = options.encoding ?? 'base64url';\r\n  if (!CIPHER_ENCODING.includes(encoding)) {\r\n    return $err({\r\n      msg: `${title('node', 'Hashing')}: Unsupported output encoding: ${encoding}`,\r\n      desc: 'Use base64, base64url, or hex',\r\n    });\r\n  }\r\n\r\n  const digest = options.digest ?? 'sha256';\r\n  if (!(digest in DIGEST_ALGORITHMS)) {\r\n    return $err({\r\n      msg: `${title('node', 'Hashing')}: Unsupported digest: ${digest}`,\r\n      desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(', ')}`,\r\n    });\r\n  }\r\n  const digestAlgo = DIGEST_ALGORITHMS[digest];\r\n\r\n  const { result, error } = $convertStrToBytes(data, 'utf8');\r\n  if (error) return $err(error);\r\n\r\n  try {\r\n    const hashed = nodeCrypto.createHash(digestAlgo.node).update(result).digest();\r\n    return $convertBytesToStr(hashed, encoding);\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'Hashing')}: Failed to hash data with Crypto NodeJS`, desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $hashPassword(\r\n  password: string,\r\n  options: HashPasswordOptions = {},\r\n): Result<{ hash: string; salt: string }> {\r\n  if (!$isStr(password)) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Empty password for hashing`,\r\n      desc: 'Password must be a non-empty string',\r\n    });\r\n  }\r\n\r\n  const digest = options.digest ?? 'sha512';\r\n  if (!(digest in DIGEST_ALGORITHMS)) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Unsupported digest: ${digest}`,\r\n      desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(', ')}`,\r\n    });\r\n  }\r\n  const digestAlgo = DIGEST_ALGORITHMS[digest];\r\n\r\n  const encoding = options.encoding ?? 'base64url';\r\n  if (!CIPHER_ENCODING.includes(encoding)) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Unsupported encoding: ${encoding}`,\r\n      desc: 'Use base64, base64url, or hex',\r\n    });\r\n  }\r\n\r\n  const saltLength = options.saltLength ?? 16;\r\n  if (typeof saltLength !== 'number' || saltLength < 8) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Weak salt length`,\r\n      desc: 'Salt length must be a number and at least 8 bytes (recommended 16 or more)',\r\n    });\r\n  }\r\n\r\n  const iterations = options.iterations ?? 320_000;\r\n  if (typeof iterations !== 'number' || iterations < 1000) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Weak iterations count`,\r\n      desc: 'Iterations must be a number and at least 1000 (recommended 320,000 or more)',\r\n    });\r\n  }\r\n\r\n  const keyLength = options.keyLength ?? 64;\r\n  if (typeof keyLength !== 'number' || keyLength < 16) {\r\n    return $err({\r\n      msg: `${title('node', 'Password Hashing')}: Invalid key length`,\r\n      desc: 'Key length must be a number and at least 16 bytes (recommended 64 or more)',\r\n    });\r\n  }\r\n\r\n  try {\r\n    const salt = nodeCrypto.randomBytes(saltLength);\r\n    const hash = nodeCrypto.pbkdf2Sync(password.normalize('NFKC'), salt, iterations, keyLength, digestAlgo.node);\r\n\r\n    return $ok({ salt: salt.toString(encoding), hash: hash.toString(encoding) });\r\n  } catch (error) {\r\n    return $err({ msg: `${title('node', 'Password Hashing')}: Failed to hash password`, desc: $fmtError(error) });\r\n  }\r\n}\r\n\r\nexport function $verifyPassword(\r\n  password: string,\r\n  hashedPassword: string,\r\n  salt: string,\r\n  options: VerifyPasswordOptions = {},\r\n): boolean {\r\n  if (!$isStr(password) || !$isStr(hashedPassword) || !$isStr(salt)) return false;\r\n\r\n  const digest = options.digest ?? 'sha512';\r\n  if (!(digest in DIGEST_ALGORITHMS)) return false;\r\n  const digestAlgo = DIGEST_ALGORITHMS[digest];\r\n\r\n  const encoding = options.encoding ?? 'base64url';\r\n  if (!CIPHER_ENCODING.includes(encoding)) return false;\r\n\r\n  const iterations = options.iterations ?? 320_000;\r\n  if (typeof iterations !== 'number' || iterations < 1000) return false;\r\n\r\n  const keyLength = options.keyLength ?? 64;\r\n  if (typeof keyLength !== 'number' || keyLength < 16) return false;\r\n\r\n  const saltBytes = $convertStrToBytes(salt, encoding);\r\n  if (saltBytes.error) return false;\r\n\r\n  const hashedPasswordBytes = $convertStrToBytes(hashedPassword, encoding);\r\n  if (hashedPasswordBytes.error) return false;\r\n\r\n  try {\r\n    return nodeCrypto.timingSafeEqual(\r\n      nodeCrypto.pbkdf2Sync(password.normalize('NFKC'), saltBytes.result, iterations, keyLength, digestAlgo.node),\r\n      hashedPasswordBytes.result,\r\n    );\r\n  } catch {\r\n    return false;\r\n  }\r\n}\r\n"]}