cipher-kit 2.0.0 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/README.md +25 -27
  2. package/dist/{chunk-3UX5MZ2P.cjs → chunk-BHG5RSUV.cjs} +22 -20
  3. package/dist/chunk-BHG5RSUV.cjs.map +1 -0
  4. package/dist/{chunk-4MFF6V3R.js → chunk-CRTOKS3Q.js} +76 -41
  5. package/dist/chunk-CRTOKS3Q.js.map +1 -0
  6. package/dist/{chunk-N2EW2FDZ.cjs → chunk-HMTHK2IY.cjs} +183 -148
  7. package/dist/chunk-HMTHK2IY.cjs.map +1 -0
  8. package/dist/{chunk-ACFPMIXO.js → chunk-RAEBT46G.js} +75 -40
  9. package/dist/chunk-RAEBT46G.js.map +1 -0
  10. package/dist/{chunk-FKSYSPJR.js → chunk-RUTGDMVR.js} +21 -20
  11. package/dist/chunk-RUTGDMVR.js.map +1 -0
  12. package/dist/{chunk-CVCDAHDW.cjs → chunk-UVEMRK5F.cjs} +189 -154
  13. package/dist/chunk-UVEMRK5F.cjs.map +1 -0
  14. package/dist/{export-BMvZq46v.d.ts → export-5hmOiU0J.d.cts} +194 -20
  15. package/dist/{export-CQNsJFh_.d.cts → export-BF9wW56f.d.ts} +194 -20
  16. package/dist/{export-llM6c7Do.d.ts → export-DVERZibl.d.cts} +194 -20
  17. package/dist/{export-55tHE0Bw.d.cts → export-w8sBcKXw.d.ts} +194 -20
  18. package/dist/index.cjs +12 -12
  19. package/dist/index.cjs.map +1 -1
  20. package/dist/index.d.cts +3 -3
  21. package/dist/index.d.ts +3 -3
  22. package/dist/index.js +3 -3
  23. package/dist/index.js.map +1 -1
  24. package/dist/node.cjs +33 -33
  25. package/dist/node.d.cts +2 -2
  26. package/dist/node.d.ts +2 -2
  27. package/dist/node.js +2 -2
  28. package/dist/{validate-EHuJC5QQ.d.cts → validate-B3uHoP8n.d.cts} +26 -38
  29. package/dist/{validate-EHuJC5QQ.d.ts → validate-B3uHoP8n.d.ts} +26 -38
  30. package/dist/web-api.cjs +33 -33
  31. package/dist/web-api.d.cts +2 -2
  32. package/dist/web-api.d.ts +2 -2
  33. package/dist/web-api.js +2 -2
  34. package/package.json +6 -7
  35. package/dist/chunk-3UX5MZ2P.cjs.map +0 -1
  36. package/dist/chunk-4MFF6V3R.js.map +0 -1
  37. package/dist/chunk-ACFPMIXO.js.map +0 -1
  38. package/dist/chunk-CVCDAHDW.cjs.map +0 -1
  39. package/dist/chunk-FKSYSPJR.js.map +0 -1
  40. package/dist/chunk-N2EW2FDZ.cjs.map +0 -1
package/dist/{chunk-N2EW2FDZ.cjs → chunk-HMTHK2IY.cjs} RENAMED
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- var chunk3UX5MZ2P_cjs = require('./chunk-3UX5MZ2P.cjs');
3
+ var chunkBHG5RSUV_cjs = require('./chunk-BHG5RSUV.cjs');
4
4
  var buffer = require('buffer');
5
5
  var nodeCrypto = require('crypto');
6
6
 
@@ -10,7 +10,7 @@ var nodeCrypto__default = /*#__PURE__*/_interopDefault(nodeCrypto);
10
10
 
11
11
  // src/node/kit.ts
12
12
  var kit_exports = {};
13
- chunk3UX5MZ2P_cjs.__export(kit_exports, {
13
+ chunkBHG5RSUV_cjs.__export(kit_exports, {
14
14
  convertBytesToStr: () => convertBytesToStr,
15
15
  convertEncoding: () => convertEncoding,
16
16
  convertStrToBytes: () => convertStrToBytes,
@@ -37,103 +37,112 @@ chunk3UX5MZ2P_cjs.__export(kit_exports, {
37
37
  verifyPassword: () => verifyPassword
38
38
  });
39
39
  function $convertStrToBytes(data, inputEncoding = "utf8") {
40
- if (!chunk3UX5MZ2P_cjs.$isStr(data)) {
41
- return chunk3UX5MZ2P_cjs.$err({
40
+ if (!chunkBHG5RSUV_cjs.$isStr(data)) {
41
+ return chunkBHG5RSUV_cjs.$err({
42
42
  msg: "Crypto NodeJS API - String to Bytes: Empty data",
43
43
  desc: "Data must be a non-empty string"
44
44
  });
45
45
  }
46
- if (!chunk3UX5MZ2P_cjs.ENCODING.includes(inputEncoding)) {
47
- return chunk3UX5MZ2P_cjs.$err({
46
+ if (!chunkBHG5RSUV_cjs.ENCODING.includes(inputEncoding)) {
47
+ return chunkBHG5RSUV_cjs.$err({
48
48
  msg: `Crypto NodeJS API - String to Bytes: Unsupported encoding: ${inputEncoding}`,
49
49
  desc: "Use base64, base64url, hex, utf8, or latin1"
50
50
  });
51
51
  }
52
52
  try {
53
- return chunk3UX5MZ2P_cjs.$ok({ result: buffer.Buffer.from(data, inputEncoding) });
53
+ return chunkBHG5RSUV_cjs.$ok({ result: buffer.Buffer.from(data, inputEncoding) });
54
54
  } catch (error) {
55
- return chunk3UX5MZ2P_cjs.$err({ msg: "Crypto NodeJS API - String to Bytes: Failed to convert data", desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
55
+ return chunkBHG5RSUV_cjs.$err({ msg: "Crypto NodeJS API - String to Bytes: Failed to convert data", desc: chunkBHG5RSUV_cjs.$fmtError(error) });
56
56
  }
57
57
  }
58
58
  function $convertBytesToStr(data, outputEncoding = "utf8") {
59
59
  if (!(data instanceof buffer.Buffer)) {
60
- return chunk3UX5MZ2P_cjs.$err({
60
+ return chunkBHG5RSUV_cjs.$err({
61
61
  msg: "Crypto NodeJS API - Bytes to String: Invalid data type",
62
62
  desc: "Data must be a Buffer"
63
63
  });
64
64
  }
65
- if (!chunk3UX5MZ2P_cjs.ENCODING.includes(outputEncoding)) {
66
- return chunk3UX5MZ2P_cjs.$err({
65
+ if (!chunkBHG5RSUV_cjs.ENCODING.includes(outputEncoding)) {
66
+ return chunkBHG5RSUV_cjs.$err({
67
67
  msg: `Crypto NodeJS API - Bytes to String: Unsupported encoding: ${outputEncoding}`,
68
68
  desc: "Use base64, base64url, hex, utf8, or latin1"
69
69
  });
70
70
  }
71
71
  try {
72
- return chunk3UX5MZ2P_cjs.$ok(buffer.Buffer.from(data).toString(outputEncoding));
72
+ return chunkBHG5RSUV_cjs.$ok(buffer.Buffer.from(data).toString(outputEncoding));
73
73
  } catch (error) {
74
- return chunk3UX5MZ2P_cjs.$err({ msg: "Crypto NodeJS API - Bytes to String: Failed to convert data", desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
74
+ return chunkBHG5RSUV_cjs.$err({ msg: "Crypto NodeJS API - Bytes to String: Failed to convert data", desc: chunkBHG5RSUV_cjs.$fmtError(error) });
75
75
  }
76
76
  }
77
77
  function $convertEncoding(data, from, to) {
78
- if (!chunk3UX5MZ2P_cjs.$isStr(data)) {
79
- return chunk3UX5MZ2P_cjs.$err({
78
+ if (!chunkBHG5RSUV_cjs.$isStr(data)) {
79
+ return chunkBHG5RSUV_cjs.$err({
80
80
  msg: "Crypto NodeJS API - Convert Format: Empty data",
81
81
  desc: "Data must be a non-empty string"
82
82
  });
83
83
  }
84
- if (!chunk3UX5MZ2P_cjs.ENCODING.includes(from) || !chunk3UX5MZ2P_cjs.ENCODING.includes(to)) {
85
- return chunk3UX5MZ2P_cjs.$err({
84
+ if (!chunkBHG5RSUV_cjs.ENCODING.includes(from) || !chunkBHG5RSUV_cjs.ENCODING.includes(to)) {
85
+ return chunkBHG5RSUV_cjs.$err({
86
86
  msg: `Crypto NodeJS API - Convert Format: Unsupported encoding: from ${from} to ${to}`,
87
87
  desc: "Use base64, base64url, hex, utf8, or latin1"
88
88
  });
89
89
  }
90
90
  const bytes = $convertStrToBytes(data, from);
91
- if (bytes.error) return chunk3UX5MZ2P_cjs.$err({ msg: bytes.error.message, desc: bytes.error.description });
91
+ if (bytes.error) return chunkBHG5RSUV_cjs.$err({ msg: bytes.error.message, desc: bytes.error.description });
92
92
  const str = $convertBytesToStr(bytes.result, to);
93
- if (str.error) return chunk3UX5MZ2P_cjs.$err({ msg: str.error.message, desc: str.error.description });
94
- return chunk3UX5MZ2P_cjs.$ok({ result: str.result });
93
+ if (str.error) return chunkBHG5RSUV_cjs.$err({ msg: str.error.message, desc: str.error.description });
94
+ return chunkBHG5RSUV_cjs.$ok({ result: str.result });
95
95
  }
96
96
  function $generateUuid() {
97
97
  try {
98
- return chunk3UX5MZ2P_cjs.$ok(nodeCrypto__default.default.randomUUID());
98
+ return chunkBHG5RSUV_cjs.$ok(nodeCrypto__default.default.randomUUID());
99
99
  } catch (error) {
100
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "UUID Generation")}: Failed to generate UUID`, desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
100
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "UUID Generation")}: Failed to generate UUID`, desc: chunkBHG5RSUV_cjs.$fmtError(error) });
101
101
  }
102
102
  }
103
- function $createSecretKey(secret, options = {}) {
104
- if (!chunk3UX5MZ2P_cjs.$isStr(secret)) {
105
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Empty Secret`, desc: "Secret must be a non-empty string" });
103
+ function $createSecretKey(secret, options) {
104
+ if (!chunkBHG5RSUV_cjs.$isStr(secret, 8)) {
105
+ return chunkBHG5RSUV_cjs.$err({
106
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Empty Secret`,
107
+ desc: "Secret must be a non-empty string with at least 8 characters"
108
+ });
109
+ }
110
+ if (!chunkBHG5RSUV_cjs.$isPlainObj(options)) {
111
+ return chunkBHG5RSUV_cjs.$err({
112
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Invalid options`,
113
+ desc: "Options must be an object"
114
+ });
106
115
  }
107
116
  const algorithm = options.algorithm ?? "aes256gcm";
108
- if (!(algorithm in chunk3UX5MZ2P_cjs.ENCRYPTION_ALGORITHMS)) {
109
- return chunk3UX5MZ2P_cjs.$err({
110
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Unsupported algorithm: ${algorithm}`,
111
- desc: `Supported algorithms are: ${Object.keys(chunk3UX5MZ2P_cjs.ENCRYPTION_ALGORITHMS).join(", ")}`
117
+ if (!(algorithm in chunkBHG5RSUV_cjs.ENCRYPTION_ALGORITHMS)) {
118
+ return chunkBHG5RSUV_cjs.$err({
119
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Unsupported algorithm: ${algorithm}`,
120
+ desc: `Supported algorithms are: ${Object.keys(chunkBHG5RSUV_cjs.ENCRYPTION_ALGORITHMS).join(", ")}`
112
121
  });
113
122
  }
114
123
  const digest = options.digest ?? "sha256";
115
- if (!(digest in chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS)) {
116
- return chunk3UX5MZ2P_cjs.$err({
117
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Unsupported digest: ${digest}`,
118
- desc: `Supported digests are: ${Object.keys(chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS).join(", ")}`
124
+ if (!(digest in chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS)) {
125
+ return chunkBHG5RSUV_cjs.$err({
126
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Unsupported digest: ${digest}`,
127
+ desc: `Supported digests are: ${Object.keys(chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS).join(", ")}`
119
128
  });
120
129
  }
121
130
  const salt = options.salt ?? "cipher-kit-salt";
122
- if (!chunk3UX5MZ2P_cjs.$isStr(salt, 8)) {
123
- return chunk3UX5MZ2P_cjs.$err({
124
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Weak salt`,
131
+ if (!chunkBHG5RSUV_cjs.$isStr(salt, 8)) {
132
+ return chunkBHG5RSUV_cjs.$err({
133
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Weak salt`,
125
134
  desc: "Salt must be a non-empty string with at least 8 characters"
126
135
  });
127
136
  }
128
137
  const info = options.info ?? "cipher-kit";
129
- if (!chunk3UX5MZ2P_cjs.$isStr(info)) {
130
- return chunk3UX5MZ2P_cjs.$err({
131
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Invalid info`,
138
+ if (!chunkBHG5RSUV_cjs.$isStr(info)) {
139
+ return chunkBHG5RSUV_cjs.$err({
140
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Invalid info`,
132
141
  desc: "Info must be a non-empty string"
133
142
  });
134
143
  }
135
- const encryptAlgo = chunk3UX5MZ2P_cjs.ENCRYPTION_ALGORITHMS[algorithm];
136
- const digestAlgo = chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS[digest];
144
+ const encryptAlgo = chunkBHG5RSUV_cjs.ENCRYPTION_ALGORITHMS[algorithm];
145
+ const digestAlgo = chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS[digest];
137
146
  try {
138
147
  const derivedKey = nodeCrypto__default.default.hkdfSync(
139
148
  digestAlgo.node,
@@ -149,88 +158,100 @@ function $createSecretKey(secret, options = {}) {
149
158
  algorithm,
150
159
  key
151
160
  });
152
- return chunk3UX5MZ2P_cjs.$ok({ result: secretKey });
161
+ return chunkBHG5RSUV_cjs.$ok({ result: secretKey });
153
162
  } catch (error) {
154
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Key Generation")}: Failed to create secret key`, desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
163
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "Key Generation")}: Failed to create secret key`, desc: chunkBHG5RSUV_cjs.$fmtError(error) });
155
164
  }
156
165
  }
157
- function $encrypt(data, secretKey, options = {}) {
158
- if (!chunk3UX5MZ2P_cjs.$isStr(data)) {
159
- return chunk3UX5MZ2P_cjs.$err({
160
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Encryption")}: Empty data for encryption`,
166
+ function $encrypt(data, secretKey, options) {
167
+ if (!chunkBHG5RSUV_cjs.$isStr(data)) {
168
+ return chunkBHG5RSUV_cjs.$err({
169
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Encryption")}: Empty data for encryption`,
161
170
  desc: "Data must be a non-empty string"
162
171
  });
163
172
  }
164
- const encoding = options.encoding ?? "base64url";
165
- if (!chunk3UX5MZ2P_cjs.CIPHER_ENCODING.includes(encoding)) {
166
- return chunk3UX5MZ2P_cjs.$err({
167
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Encryption")}: Unsupported output encoding: ${encoding}`,
173
+ if (!chunkBHG5RSUV_cjs.$isPlainObj(options)) {
174
+ return chunkBHG5RSUV_cjs.$err({
175
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Encryption")}: Invalid options`,
176
+ desc: "Options must be an object"
177
+ });
178
+ }
179
+ const outputEncoding = options.outputEncoding ?? "base64url";
180
+ if (!chunkBHG5RSUV_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
181
+ return chunkBHG5RSUV_cjs.$err({
182
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Encryption")}: Unsupported output encoding: ${outputEncoding}`,
168
183
  desc: "Use base64, base64url, or hex"
169
184
  });
170
185
  }
171
- const injectedKey = chunk3UX5MZ2P_cjs.$isSecretKey(secretKey, "node");
186
+ const injectedKey = chunkBHG5RSUV_cjs.$isSecretKey(secretKey, "node");
172
187
  if (!injectedKey) {
173
- return chunk3UX5MZ2P_cjs.$err({
174
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Encryption")}: Invalid Secret Key`,
188
+ return chunkBHG5RSUV_cjs.$err({
189
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Encryption")}: Invalid Secret Key`,
175
190
  desc: "Expected a Node SecretKey"
176
191
  });
177
192
  }
178
193
  const { result, error } = $convertStrToBytes(data, "utf8");
179
- if (error) return chunk3UX5MZ2P_cjs.$err(error);
194
+ if (error) return chunkBHG5RSUV_cjs.$err(error);
180
195
  try {
181
196
  const iv = nodeCrypto__default.default.randomBytes(injectedKey.injected.ivLength);
182
197
  const cipher = nodeCrypto__default.default.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);
183
198
  const encrypted = buffer.Buffer.concat([cipher.update(result), cipher.final()]);
184
199
  const tag = cipher.getAuthTag();
185
- const ivStr = $convertBytesToStr(iv, encoding);
186
- const cipherStr = $convertBytesToStr(encrypted, encoding);
187
- const tagStr = $convertBytesToStr(tag, encoding);
200
+ const ivStr = $convertBytesToStr(iv, outputEncoding);
201
+ const cipherStr = $convertBytesToStr(encrypted, outputEncoding);
202
+ const tagStr = $convertBytesToStr(tag, outputEncoding);
188
203
  if (ivStr.error || cipherStr.error || tagStr.error) {
189
- return chunk3UX5MZ2P_cjs.$err({
204
+ return chunkBHG5RSUV_cjs.$err({
190
205
  msg: "Crypto NodeJS API - Encryption: Failed to convert IV or encrypted data or tag",
191
- desc: `Conversion error: ${chunk3UX5MZ2P_cjs.$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
206
+ desc: `Conversion error: ${chunkBHG5RSUV_cjs.$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
192
207
  });
193
208
  }
194
- return chunk3UX5MZ2P_cjs.$ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
209
+ return chunkBHG5RSUV_cjs.$ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
195
210
  } catch (error2) {
196
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Encryption")}: Failed to encrypt data`, desc: chunk3UX5MZ2P_cjs.$fmtError(error2) });
211
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "Encryption")}: Failed to encrypt data`, desc: chunkBHG5RSUV_cjs.$fmtError(error2) });
197
212
  }
198
213
  }
199
- function $decrypt(encrypted, secretKey, options = {}) {
200
- if (chunk3UX5MZ2P_cjs.matchPattern(encrypted, "node") === false) {
201
- return chunk3UX5MZ2P_cjs.$err({
202
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Decryption")}: Invalid encrypted data format`,
214
+ function $decrypt(encrypted, secretKey, options) {
215
+ if (!chunkBHG5RSUV_cjs.matchEncryptedPattern(encrypted, "node")) {
216
+ return chunkBHG5RSUV_cjs.$err({
217
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Invalid encrypted data format`,
203
218
  desc: 'Encrypted data must be in the format "iv.cipher.tag."'
204
219
  });
205
220
  }
206
- const encoding = options.encoding ?? "base64url";
207
- if (!chunk3UX5MZ2P_cjs.CIPHER_ENCODING.includes(encoding)) {
208
- return chunk3UX5MZ2P_cjs.$err({
209
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Decryption")}: Unsupported input encoding: ${encoding}`,
221
+ if (!chunkBHG5RSUV_cjs.$isPlainObj(options)) {
222
+ return chunkBHG5RSUV_cjs.$err({
223
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Invalid options`,
224
+ desc: "Options must be an object"
225
+ });
226
+ }
227
+ const inputEncoding = options.inputEncoding ?? "base64url";
228
+ if (!chunkBHG5RSUV_cjs.CIPHER_ENCODING.includes(inputEncoding)) {
229
+ return chunkBHG5RSUV_cjs.$err({
230
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Unsupported input encoding: ${inputEncoding}`,
210
231
  desc: "Use base64, base64url, or hex"
211
232
  });
212
233
  }
213
234
  const [iv, cipher, tag] = encrypted.split(".", 4);
214
- if (!chunk3UX5MZ2P_cjs.$isStr(iv) || !chunk3UX5MZ2P_cjs.$isStr(cipher) || !chunk3UX5MZ2P_cjs.$isStr(tag)) {
215
- return chunk3UX5MZ2P_cjs.$err({
216
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Decryption")}: Invalid encrypted data`,
235
+ if (!chunkBHG5RSUV_cjs.$isStr(iv) || !chunkBHG5RSUV_cjs.$isStr(cipher) || !chunkBHG5RSUV_cjs.$isStr(tag)) {
236
+ return chunkBHG5RSUV_cjs.$err({
237
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Invalid encrypted data`,
217
238
  desc: "Encrypted data must contain valid IV, encrypted data, and tag components"
218
239
  });
219
240
  }
220
- const injectedKey = chunk3UX5MZ2P_cjs.$isSecretKey(secretKey, "node");
241
+ const injectedKey = chunkBHG5RSUV_cjs.$isSecretKey(secretKey, "node");
221
242
  if (!injectedKey) {
222
- return chunk3UX5MZ2P_cjs.$err({
243
+ return chunkBHG5RSUV_cjs.$err({
223
244
  msg: "Crypto NodeJS API - Decryption: Invalid Secret Key",
224
245
  desc: "Expected a Node SecretKey"
225
246
  });
226
247
  }
227
- const ivBytes = $convertStrToBytes(iv, encoding);
228
- const cipherBytes = $convertStrToBytes(cipher, encoding);
229
- const tagBytes = $convertStrToBytes(tag, encoding);
248
+ const ivBytes = $convertStrToBytes(iv, inputEncoding);
249
+ const cipherBytes = $convertStrToBytes(cipher, inputEncoding);
250
+ const tagBytes = $convertStrToBytes(tag, inputEncoding);
230
251
  if (ivBytes.error || cipherBytes.error || tagBytes.error) {
231
- return chunk3UX5MZ2P_cjs.$err({
232
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Decryption")}: Failed to convert IV or encrypted data or tag`,
233
- desc: `Conversion error: ${chunk3UX5MZ2P_cjs.$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
252
+ return chunkBHG5RSUV_cjs.$err({
253
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Failed to convert IV or encrypted data or tag`,
254
+ desc: `Conversion error: ${chunkBHG5RSUV_cjs.$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
234
255
  });
235
256
  }
236
257
  try {
@@ -239,115 +260,129 @@ function $decrypt(encrypted, secretKey, options = {}) {
239
260
  const decrypted = buffer.Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);
240
261
  return $convertBytesToStr(decrypted, "utf8");
241
262
  } catch (error) {
242
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Decryption")}: Failed to decrypt data`, desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
263
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "Decryption")}: Failed to decrypt data`, desc: chunkBHG5RSUV_cjs.$fmtError(error) });
243
264
  }
244
265
  }
245
- function $encryptObj(data, secretKey, options = {}) {
246
- const { result, error } = chunk3UX5MZ2P_cjs.$stringifyObj(data);
247
- if (error) return chunk3UX5MZ2P_cjs.$err(error);
266
+ function $encryptObj(data, secretKey, options) {
267
+ const { result, error } = chunkBHG5RSUV_cjs.$stringifyObj(data);
268
+ if (error) return chunkBHG5RSUV_cjs.$err(error);
248
269
  return $encrypt(result, secretKey, options);
249
270
  }
250
- function $decryptObj(encrypted, secretKey, options = {}) {
271
+ function $decryptObj(encrypted, secretKey, options) {
251
272
  const { result, error } = $decrypt(encrypted, secretKey, options);
252
- if (error) return chunk3UX5MZ2P_cjs.$err(error);
253
- return chunk3UX5MZ2P_cjs.$parseToObj(result);
273
+ if (error) return chunkBHG5RSUV_cjs.$err(error);
274
+ return chunkBHG5RSUV_cjs.$parseToObj(result);
254
275
  }
255
276
  function $hash(data, options = {}) {
256
- if (!chunk3UX5MZ2P_cjs.$isStr(data)) {
257
- return chunk3UX5MZ2P_cjs.$err({
258
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Hashing")}: Empty data for hashing`,
277
+ if (!chunkBHG5RSUV_cjs.$isStr(data)) {
278
+ return chunkBHG5RSUV_cjs.$err({
279
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Hashing")}: Empty data for hashing`,
259
280
  desc: "Data must be a non-empty string"
260
281
  });
261
282
  }
262
- const encoding = options.encoding ?? "base64url";
263
- if (!chunk3UX5MZ2P_cjs.CIPHER_ENCODING.includes(encoding)) {
264
- return chunk3UX5MZ2P_cjs.$err({
265
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Hashing")}: Unsupported output encoding: ${encoding}`,
283
+ if (!chunkBHG5RSUV_cjs.$isPlainObj(options)) {
284
+ return chunkBHG5RSUV_cjs.$err({
285
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Hashing")}: Invalid options`,
286
+ desc: "Options must be an object"
287
+ });
288
+ }
289
+ const outputEncoding = options.outputEncoding ?? "base64url";
290
+ if (!chunkBHG5RSUV_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
291
+ return chunkBHG5RSUV_cjs.$err({
292
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Hashing")}: Unsupported output encoding: ${outputEncoding}`,
266
293
  desc: "Use base64, base64url, or hex"
267
294
  });
268
295
  }
269
296
  const digest = options.digest ?? "sha256";
270
- if (!(digest in chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS)) {
271
- return chunk3UX5MZ2P_cjs.$err({
272
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Hashing")}: Unsupported digest: ${digest}`,
273
- desc: `Supported digests are: ${Object.keys(chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS).join(", ")}`
297
+ if (!(digest in chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS)) {
298
+ return chunkBHG5RSUV_cjs.$err({
299
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Hashing")}: Unsupported digest: ${digest}`,
300
+ desc: `Supported digests are: ${Object.keys(chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS).join(", ")}`
274
301
  });
275
302
  }
276
- const digestAlgo = chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS[digest];
303
+ const digestAlgo = chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS[digest];
277
304
  const { result, error } = $convertStrToBytes(data, "utf8");
278
- if (error) return chunk3UX5MZ2P_cjs.$err(error);
305
+ if (error) return chunkBHG5RSUV_cjs.$err(error);
279
306
  try {
280
307
  const hashed = nodeCrypto__default.default.createHash(digestAlgo.node).update(result).digest();
281
- return $convertBytesToStr(hashed, encoding);
308
+ return $convertBytesToStr(hashed, outputEncoding);
282
309
  } catch (error2) {
283
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Hashing")}: Failed to hash data with Crypto NodeJS`, desc: chunk3UX5MZ2P_cjs.$fmtError(error2) });
310
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "Hashing")}: Failed to hash data with Crypto NodeJS`, desc: chunkBHG5RSUV_cjs.$fmtError(error2) });
284
311
  }
285
312
  }
286
- function $hashPassword(password, options = {}) {
287
- if (!chunk3UX5MZ2P_cjs.$isStr(password)) {
288
- return chunk3UX5MZ2P_cjs.$err({
289
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Empty password for hashing`,
313
+ function $hashPassword(password, options) {
314
+ if (!chunkBHG5RSUV_cjs.$isStr(password)) {
315
+ return chunkBHG5RSUV_cjs.$err({
316
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Empty password for hashing`,
290
317
  desc: "Password must be a non-empty string"
291
318
  });
292
319
  }
320
+ if (!chunkBHG5RSUV_cjs.$isPlainObj(options)) {
321
+ return chunkBHG5RSUV_cjs.$err({
322
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Invalid options`,
323
+ desc: "Options must be an object"
324
+ });
325
+ }
293
326
  const digest = options.digest ?? "sha512";
294
- if (!(digest in chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS)) {
295
- return chunk3UX5MZ2P_cjs.$err({
296
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Unsupported digest: ${digest}`,
297
- desc: `Supported digests are: ${Object.keys(chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS).join(", ")}`
327
+ if (!(digest in chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS)) {
328
+ return chunkBHG5RSUV_cjs.$err({
329
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Unsupported digest: ${digest}`,
330
+ desc: `Supported digests are: ${Object.keys(chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS).join(", ")}`
298
331
  });
299
332
  }
300
- const digestAlgo = chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS[digest];
301
- const encoding = options.encoding ?? "base64url";
302
- if (!chunk3UX5MZ2P_cjs.CIPHER_ENCODING.includes(encoding)) {
303
- return chunk3UX5MZ2P_cjs.$err({
304
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Unsupported encoding: ${encoding}`,
333
+ const digestAlgo = chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS[digest];
334
+ const outputEncoding = options.outputEncoding ?? "base64url";
335
+ if (!chunkBHG5RSUV_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
336
+ return chunkBHG5RSUV_cjs.$err({
337
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Unsupported encoding: ${outputEncoding}`,
305
338
  desc: "Use base64, base64url, or hex"
306
339
  });
307
340
  }
308
341
  const saltLength = options.saltLength ?? 16;
309
342
  if (typeof saltLength !== "number" || saltLength < 8) {
310
- return chunk3UX5MZ2P_cjs.$err({
311
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Weak salt length`,
343
+ return chunkBHG5RSUV_cjs.$err({
344
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Weak salt length`,
312
345
  desc: "Salt length must be a number and at least 8 bytes (recommended 16 or more)"
313
346
  });
314
347
  }
315
348
  const iterations = options.iterations ?? 32e4;
316
349
  if (typeof iterations !== "number" || iterations < 1e3) {
317
- return chunk3UX5MZ2P_cjs.$err({
318
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Weak iterations count`,
350
+ return chunkBHG5RSUV_cjs.$err({
351
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Weak iterations count`,
319
352
  desc: "Iterations must be a number and at least 1000 (recommended 320,000 or more)"
320
353
  });
321
354
  }
322
355
  const keyLength = options.keyLength ?? 64;
323
356
  if (typeof keyLength !== "number" || keyLength < 16) {
324
- return chunk3UX5MZ2P_cjs.$err({
325
- msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Invalid key length`,
357
+ return chunkBHG5RSUV_cjs.$err({
358
+ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Invalid key length`,
326
359
  desc: "Key length must be a number and at least 16 bytes (recommended 64 or more)"
327
360
  });
328
361
  }
329
362
  try {
330
363
  const salt = nodeCrypto__default.default.randomBytes(saltLength);
331
364
  const hash2 = nodeCrypto__default.default.pbkdf2Sync(password.normalize("NFKC"), salt, iterations, keyLength, digestAlgo.node);
332
- return chunk3UX5MZ2P_cjs.$ok({ salt: salt.toString(encoding), hash: hash2.toString(encoding) });
365
+ return chunkBHG5RSUV_cjs.$ok({ result: hash2.toString(outputEncoding), salt: salt.toString(outputEncoding) });
333
366
  } catch (error) {
334
- return chunk3UX5MZ2P_cjs.$err({ msg: `${chunk3UX5MZ2P_cjs.title("node", "Password Hashing")}: Failed to hash password`, desc: chunk3UX5MZ2P_cjs.$fmtError(error) });
367
+ return chunkBHG5RSUV_cjs.$err({ msg: `${chunkBHG5RSUV_cjs.title("node", "Password Hashing")}: Failed to hash password`, desc: chunkBHG5RSUV_cjs.$fmtError(error) });
335
368
  }
336
369
  }
337
- function $verifyPassword(password, hashedPassword, salt, options = {}) {
338
- if (!chunk3UX5MZ2P_cjs.$isStr(password) || !chunk3UX5MZ2P_cjs.$isStr(hashedPassword) || !chunk3UX5MZ2P_cjs.$isStr(salt)) return false;
370
+ function $verifyPassword(password, hashedPassword, salt, options) {
371
+ if (!chunkBHG5RSUV_cjs.$isStr(password) || !chunkBHG5RSUV_cjs.$isStr(hashedPassword) || !chunkBHG5RSUV_cjs.$isStr(salt) || !chunkBHG5RSUV_cjs.$isPlainObj(options)) {
372
+ return false;
373
+ }
339
374
  const digest = options.digest ?? "sha512";
340
- if (!(digest in chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS)) return false;
341
- const digestAlgo = chunk3UX5MZ2P_cjs.DIGEST_ALGORITHMS[digest];
342
- const encoding = options.encoding ?? "base64url";
343
- if (!chunk3UX5MZ2P_cjs.CIPHER_ENCODING.includes(encoding)) return false;
375
+ if (!(digest in chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS)) return false;
376
+ const digestAlgo = chunkBHG5RSUV_cjs.DIGEST_ALGORITHMS[digest];
377
+ const inputEncoding = options.inputEncoding ?? "base64url";
378
+ if (!chunkBHG5RSUV_cjs.CIPHER_ENCODING.includes(inputEncoding)) return false;
344
379
  const iterations = options.iterations ?? 32e4;
345
380
  if (typeof iterations !== "number" || iterations < 1e3) return false;
346
381
  const keyLength = options.keyLength ?? 64;
347
382
  if (typeof keyLength !== "number" || keyLength < 16) return false;
348
- const saltBytes = $convertStrToBytes(salt, encoding);
383
+ const saltBytes = $convertStrToBytes(salt, inputEncoding);
349
384
  if (saltBytes.error) return false;
350
- const hashedPasswordBytes = $convertStrToBytes(hashedPassword, encoding);
385
+ const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);
351
386
  if (hashedPasswordBytes.error) return false;
352
387
  try {
353
388
  return nodeCrypto__default.default.timingSafeEqual(
@@ -361,14 +396,14 @@ function $verifyPassword(password, hashedPassword, salt, options = {}) {
361
396
 
362
397
  // src/node/kit.ts
363
398
  function isNodeSecretKey(x) {
364
- return chunk3UX5MZ2P_cjs.$isSecretKey(x, "node") !== null;
399
+ return chunkBHG5RSUV_cjs.$isSecretKey(x, "node") !== null;
365
400
  }
366
401
  function tryGenerateUuid() {
367
402
  return $generateUuid();
368
403
  }
369
404
  function generateUuid() {
370
405
  const { result, error } = $generateUuid();
371
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
406
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
372
407
  return result;
373
408
  }
374
409
  function tryCreateSecretKey(secret, options = {}) {
@@ -376,7 +411,7 @@ function tryCreateSecretKey(secret, options = {}) {
376
411
  }
377
412
  function createSecretKey(secret, options = {}) {
378
413
  const { result, error } = $createSecretKey(secret, options);
379
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
414
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
380
415
  return result;
381
416
  }
382
417
  function tryEncrypt(data, secretKey, options = {}) {
@@ -384,7 +419,7 @@ function tryEncrypt(data, secretKey, options = {}) {
384
419
  }
385
420
  function encrypt(data, secretKey, options = {}) {
386
421
  const { result, error } = $encrypt(data, secretKey, options);
387
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
422
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
388
423
  return result;
389
424
  }
390
425
  function tryDecrypt(encrypted, secretKey, options = {}) {
@@ -392,7 +427,7 @@ function tryDecrypt(encrypted, secretKey, options = {}) {
392
427
  }
393
428
  function decrypt(encrypted, secretKey, options = {}) {
394
429
  const { result, error } = $decrypt(encrypted, secretKey, options);
395
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
430
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
396
431
  return result;
397
432
  }
398
433
  function tryEncryptObj(data, secretKey, options = {}) {
@@ -400,7 +435,7 @@ function tryEncryptObj(data, secretKey, options = {}) {
400
435
  }
401
436
  function encryptObj(data, secretKey, options = {}) {
402
437
  const { result, error } = $encryptObj(data, secretKey, options);
403
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
438
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
404
439
  return result;
405
440
  }
406
441
  function tryDecryptObj(encrypted, secretKey, options = {}) {
@@ -408,7 +443,7 @@ function tryDecryptObj(encrypted, secretKey, options = {}) {
408
443
  }
409
444
  function decryptObj(encrypted, secretKey, options = {}) {
410
445
  const { result, error } = $decryptObj(encrypted, secretKey, options);
411
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
446
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
412
447
  return result;
413
448
  }
414
449
  function tryHash(data, options = {}) {
@@ -416,16 +451,16 @@ function tryHash(data, options = {}) {
416
451
  }
417
452
  function hash(data, options = {}) {
418
453
  const { result, error } = $hash(data, options);
419
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
454
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
420
455
  return result;
421
456
  }
422
457
  function tryHashPassword(password, options = {}) {
423
458
  return $hashPassword(password, options);
424
459
  }
425
460
  function hashPassword(password, options = {}) {
426
- const { hash: hash2, salt, error } = $hashPassword(password, options);
427
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
428
- return { hash: hash2, salt };
461
+ const { result, salt, error } = $hashPassword(password, options);
462
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
463
+ return { result, salt };
429
464
  }
430
465
  function verifyPassword(password, hashedPassword, salt, options = {}) {
431
466
  return $verifyPassword(password, hashedPassword, salt, options);
@@ -435,7 +470,7 @@ function tryConvertStrToBytes(data, inputEncoding = "utf8") {
435
470
  }
436
471
  function convertStrToBytes(data, inputEncoding = "utf8") {
437
472
  const { result, error } = $convertStrToBytes(data, inputEncoding);
438
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
473
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
439
474
  return result;
440
475
  }
441
476
  function tryConvertBytesToStr(data, outputEncoding = "utf8") {
@@ -443,7 +478,7 @@ function tryConvertBytesToStr(data, outputEncoding = "utf8") {
443
478
  }
444
479
  function convertBytesToStr(data, outputEncoding = "utf8") {
445
480
  const { result, error } = $convertBytesToStr(data, outputEncoding);
446
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
481
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
447
482
  return result;
448
483
  }
449
484
  function tryConvertEncoding(data, from, to) {
@@ -451,7 +486,7 @@ function tryConvertEncoding(data, from, to) {
451
486
  }
452
487
  function convertEncoding(data, from, to) {
453
488
  const { result, error } = $convertEncoding(data, from, to);
454
- if (error) throw new Error(chunk3UX5MZ2P_cjs.$fmtResultErr(error));
489
+ if (error) throw new Error(chunkBHG5RSUV_cjs.$fmtResultErr(error));
455
490
  return result;
456
491
  }
457
492
 
@@ -480,5 +515,5 @@ exports.tryGenerateUuid = tryGenerateUuid;
480
515
  exports.tryHash = tryHash;
481
516
  exports.tryHashPassword = tryHashPassword;
482
517
  exports.verifyPassword = verifyPassword;
483
- //# sourceMappingURL=chunk-N2EW2FDZ.cjs.map
484
- //# sourceMappingURL=chunk-N2EW2FDZ.cjs.map
518
+ //# sourceMappingURL=chunk-HMTHK2IY.cjs.map
519
+ //# sourceMappingURL=chunk-HMTHK2IY.cjs.map