cipher-kit 2.1.3 → 3.0.0

package/dist/chunk-BMX42IZM.cjs

@@ -1,623 +0,0 @@
-'use strict';
-
-var chunkHTRGOBZF_cjs = require('./chunk-HTRGOBZF.cjs');
-
-// src/web/kit.ts
-var kit_exports = {};
-chunkHTRGOBZF_cjs.__export(kit_exports, {
-  convertBytesToStr: () => convertBytesToStr,
-  convertEncoding: () => convertEncoding,
-  convertStrToBytes: () => convertStrToBytes,
-  createSecretKey: () => createSecretKey,
-  decrypt: () => decrypt,
-  decryptObj: () => decryptObj,
-  encrypt: () => encrypt,
-  encryptObj: () => encryptObj,
-  generateUuid: () => generateUuid,
-  hash: () => hash,
-  hashPassword: () => hashPassword,
-  tryConvertBytesToStr: () => tryConvertBytesToStr,
-  tryConvertEncoding: () => tryConvertEncoding,
-  tryConvertStrToBytes: () => tryConvertStrToBytes,
-  tryCreateSecretKey: () => tryCreateSecretKey,
-  tryDecrypt: () => tryDecrypt,
-  tryDecryptObj: () => tryDecryptObj,
-  tryEncrypt: () => tryEncrypt,
-  tryEncryptObj: () => tryEncryptObj,
-  tryGenerateUuid: () => tryGenerateUuid,
-  tryHash: () => tryHash,
-  tryHashPassword: () => tryHashPassword,
-  verifyPassword: () => verifyPassword
-});
-
-// src/web/web-encode.ts
-var textEncoder = new TextEncoder();
-var textDecoder = new TextDecoder();
-function $convertStrToBytes(data, inputEncoding = "utf8") {
-  if (!chunkHTRGOBZF_cjs.$isStr(data)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: "Crypto Web API - String to Bytes: Empty data",
-      desc: "Data must be a non-empty string"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.ENCODING.includes(inputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `Crypto Web API - String to Bytes: Unsupported encoding: ${inputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
-    });
-  }
-  try {
-    const bytes = strToBytes[inputEncoding](data);
-    return chunkHTRGOBZF_cjs.$ok({ result: bytes });
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({ msg: "Crypto Web API - String to Bytes: Failed to convert data", desc: chunkHTRGOBZF_cjs.$fmtError(error) });
-  }
-}
-function $convertBytesToStr(data, outputEncoding = "utf8") {
-  if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: "Crypto Web API - Bytes to String: Invalid data type",
-      desc: "Data must be an ArrayBuffer or Uint8Array"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.ENCODING.includes(outputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `Crypto Web API - Bytes to String: Unsupported encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
-    });
-  }
-  try {
-    const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
-    const str = bytesToStr[outputEncoding](bytes);
-    return chunkHTRGOBZF_cjs.$ok(str);
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({ msg: "Crypto Web API - Bytes to String: Failed to convert data", desc: chunkHTRGOBZF_cjs.$fmtError(error) });
-  }
-}
-function $convertEncoding(data, from, to) {
-  if (!chunkHTRGOBZF_cjs.$isStr(data)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: "Crypto Web API - Convert Format: Empty data",
-      desc: "Data must be a non-empty string"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.ENCODING.includes(from) || !chunkHTRGOBZF_cjs.ENCODING.includes(to)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `Crypto Web API - Convert Format: Unsupported encoding: from ${from} to ${to}`,
-      desc: "Use base64, base64url, hex, utf8, or latin1"
-    });
-  }
-  const bytes = $convertStrToBytes(data, from);
-  if (bytes.error) return chunkHTRGOBZF_cjs.$err({ msg: bytes.error.message, desc: bytes.error.description });
-  const str = $convertBytesToStr(bytes.result, to);
-  if (str.error) return chunkHTRGOBZF_cjs.$err({ msg: str.error.message, desc: str.error.description });
-  return chunkHTRGOBZF_cjs.$ok({ result: str.result });
-}
-var strToBytes = {
-  base64: $fromBase64,
-  base64url: $fromBase64Url,
-  hex: $fromHex,
-  latin1: $fromLatin1,
-  utf8: (data) => textEncoder.encode(data)
-};
-var bytesToStr = {
-  base64: $toBase64,
-  base64url: $toBase64Url,
-  hex: $toHex,
-  latin1: $toLatin1,
-  utf8: (data) => textDecoder.decode(data)
-};
-function $toLatin1(bytes) {
-  let out = "";
-  const chunk = 1 << 15;
-  for (let i = 0; i < bytes.length; i += chunk) {
-    out += String.fromCharCode(...bytes.subarray(i, i + chunk));
-  }
-  return out;
-}
-function $fromLatin1(data) {
-  const out = new Uint8Array(data.length);
-  for (let i = 0; i < data.length; i++) {
-    const charCode = data.charCodeAt(i);
-    if (charCode > 255) throw new Error("Invalid latin1 string");
-    out[i] = charCode;
-  }
-  return out;
-}
-function $toBase64(bytes) {
-  return btoa($toLatin1(bytes));
-}
-function $fromBase64(data) {
-  return $fromLatin1(atob(data));
-}
-function $toBase64Url(bytes) {
-  return $toBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-}
-function $fromBase64Url(data) {
-  let base64 = data.replace(/-/g, "+").replace(/_/g, "/");
-  const padLen = (4 - base64.length % 4) % 4;
-  base64 += "=".repeat(padLen);
-  return $fromBase64(base64);
-}
-function $toHex(bytes) {
-  return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
-}
-function $fromHex(data) {
-  const clean = data.startsWith("0x") ? data.slice(2) : data;
-  if (clean.length % 2 !== 0) throw new Error("Invalid hex string");
-  const out = new Uint8Array(clean.length / 2);
-  for (let i = 0; i < out.length; i++) {
-    const byte = Number.parseInt(clean.slice(i * 2, i * 2 + 2), 16);
-    if (Number.isNaN(byte)) throw new Error("Invalid hex string");
-    out[i] = byte;
-  }
-  return out;
-}
-
-// src/web/web-encrypt.ts
-function $generateUuid() {
-  try {
-    return chunkHTRGOBZF_cjs.$ok(crypto.randomUUID());
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "UUID Generation")}: Failed to generate UUID`, desc: chunkHTRGOBZF_cjs.$fmtError(error) });
-  }
-}
-async function $createSecretKey(secret, options) {
-  if (!chunkHTRGOBZF_cjs.$isStr(secret, 8)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Empty Secret`,
-      desc: "Secret must be a non-empty string with at least 8 characters"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Invalid options`,
-      desc: "Options must be an object"
-    });
-  }
-  const algorithm = options.algorithm ?? "aes256gcm";
-  if (!(algorithm in chunkHTRGOBZF_cjs.ENCRYPTION_ALGORITHMS)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Unsupported algorithm: ${algorithm}`,
-      desc: `Supported algorithms are: ${Object.keys(chunkHTRGOBZF_cjs.ENCRYPTION_ALGORITHMS).join(", ")}`
-    });
-  }
-  const digest = options.digest ?? "sha256";
-  if (!(digest in chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Unsupported digest: ${digest}`,
-      desc: `Supported digests are: ${Object.keys(chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS).join(", ")}`
-    });
-  }
-  const salt = options.salt ?? "cipher-kit-salt";
-  if (!chunkHTRGOBZF_cjs.$isStr(salt, 8)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Weak salt`,
-      desc: "Salt must be a non-empty string with at least 8 characters"
-    });
-  }
-  const info = options.info ?? "cipher-kit";
-  if (!chunkHTRGOBZF_cjs.$isStr(info)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Invalid info`,
-      desc: "Info must be a non-empty string"
-    });
-  }
-  const encryptAlgo = chunkHTRGOBZF_cjs.ENCRYPTION_ALGORITHMS[algorithm];
-  const digestAlgo = chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS[digest];
-  try {
-    const ikm = await crypto.subtle.importKey("raw", textEncoder.encode(secret.normalize("NFKC")), "HKDF", false, [
-      "deriveKey"
-    ]);
-    const key = await crypto.subtle.deriveKey(
-      {
-        name: "HKDF",
-        hash: digestAlgo.web,
-        salt: textEncoder.encode(salt.normalize("NFKC")),
-        info: textEncoder.encode(info.normalize("NFKC"))
-      },
-      ikm,
-      { name: encryptAlgo.web, length: encryptAlgo.keyBytes * 8 },
-      true,
-      ["encrypt", "decrypt"]
-    );
-    const secretKey = Object.freeze({
-      platform: "web",
-      digest,
-      algorithm,
-      key
-    });
-    return chunkHTRGOBZF_cjs.$ok({ result: secretKey });
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Key Generation")}: Failed to create secret key`,
-      desc: chunkHTRGOBZF_cjs.$fmtError(error)
-    });
-  }
-}
-async function $encrypt(data, secretKey, options) {
-  if (!chunkHTRGOBZF_cjs.$isStr(data)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Empty data for encryption`,
-      desc: "Data must be a non-empty string"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Invalid options`,
-      desc: "Options must be an object"
-    });
-  }
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!chunkHTRGOBZF_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Unsupported output encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, or hex"
-    });
-  }
-  const injectedKey = chunkHTRGOBZF_cjs.$isSecretKey(secretKey, "web");
-  if (!injectedKey) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Invalid Secret Key`,
-      desc: "Expected a Web SecretKey"
-    });
-  }
-  const { result, error } = $convertStrToBytes(data, "utf8");
-  if (error) return chunkHTRGOBZF_cjs.$err(error);
-  try {
-    const iv = crypto.getRandomValues(new Uint8Array(injectedKey.injected.ivLength));
-    const cipherWithTag = await crypto.subtle.encrypt(
-      { name: injectedKey.injected.web, iv },
-      injectedKey.key,
-      result
-    );
-    const ivStr = $convertBytesToStr(iv, outputEncoding);
-    const cipherStr = $convertBytesToStr(cipherWithTag, outputEncoding);
-    if (ivStr.error || cipherStr.error) {
-      return chunkHTRGOBZF_cjs.$err({
-        msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Failed to convert IV or encrypted data`,
-        desc: `Conversion error: ${chunkHTRGOBZF_cjs.$fmtResultErr(ivStr.error || cipherStr.error)}`
-      });
-    }
-    return chunkHTRGOBZF_cjs.$ok(`${ivStr.result}.${cipherStr.result}.`);
-  } catch (error2) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "Encryption")}: Failed to encrypt data`, desc: chunkHTRGOBZF_cjs.$fmtError(error2) });
-  }
-}
-async function $decrypt(encrypted, secretKey, options) {
-  if (!chunkHTRGOBZF_cjs.matchEncryptedPattern(encrypted, "web")) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Invalid encrypted data format`,
-      desc: 'Encrypted data must be in the format "iv.cipherWithTag."'
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Invalid options`,
-      desc: "Options must be an object"
-    });
-  }
-  const inputEncoding = options.inputEncoding ?? "base64url";
-  if (!chunkHTRGOBZF_cjs.CIPHER_ENCODING.includes(inputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Unsupported input encoding: ${inputEncoding}`,
-      desc: "Use base64, base64url, or hex"
-    });
-  }
-  const [iv, encryptedWithTag] = encrypted.split(".", 3);
-  if (!chunkHTRGOBZF_cjs.$isStr(iv) || !chunkHTRGOBZF_cjs.$isStr(encryptedWithTag)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Invalid encrypted data`,
-      desc: "Encrypted data must contain valid IV, encrypted and tag components"
-    });
-  }
-  const injectedKey = chunkHTRGOBZF_cjs.$isSecretKey(secretKey, "web");
-  if (!injectedKey) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Invalid Secret Key`,
-      desc: "Expected a Web SecretKey"
-    });
-  }
-  const ivBytes = $convertStrToBytes(iv, inputEncoding);
-  const cipherWithTagBytes = $convertStrToBytes(encryptedWithTag, inputEncoding);
-  if (ivBytes.error || cipherWithTagBytes.error) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Failed to convert IV or encrypted data`,
-      desc: `Conversion error: ${chunkHTRGOBZF_cjs.$fmtResultErr(ivBytes.error || cipherWithTagBytes.error)}`
-    });
-  }
-  try {
-    const decrypted = await crypto.subtle.decrypt(
-      { name: injectedKey.injected.web, iv: ivBytes.result },
-      injectedKey.key,
-      cipherWithTagBytes.result
-    );
-    return $convertBytesToStr(decrypted, "utf8");
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "Decryption")}: Failed to decrypt data`, desc: chunkHTRGOBZF_cjs.$fmtError(error) });
-  }
-}
-async function $encryptObj(data, secretKey, options) {
-  const { result, error } = chunkHTRGOBZF_cjs.$stringifyObj(data);
-  if (error) return chunkHTRGOBZF_cjs.$err(error);
-  return await $encrypt(result, secretKey, options);
-}
-async function $decryptObj(encrypted, secretKey, options) {
-  const { result, error } = await $decrypt(encrypted, secretKey, options);
-  if (error) return chunkHTRGOBZF_cjs.$err(error);
-  return chunkHTRGOBZF_cjs.$parseToObj(result);
-}
-async function $hash(data, options) {
-  if (!chunkHTRGOBZF_cjs.$isStr(data)) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "Hashing")}: Empty data for hashing`, desc: "Data must be a non-empty string" });
-  }
-  if (!chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Hashing")}: Invalid options`,
-      desc: "Options must be an object"
-    });
-  }
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!chunkHTRGOBZF_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Hashing")}: Unsupported output encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, or hex"
-    });
-  }
-  const digest = options.digest ?? "sha256";
-  if (!(digest in chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Hashing")}: Unsupported digest: ${digest}`,
-      desc: `Supported digests are: ${Object.keys(chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS).join(", ")}`
-    });
-  }
-  const digestAlgo = chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS[digest];
-  const { result, error } = $convertStrToBytes(data, "utf8");
-  if (error) return chunkHTRGOBZF_cjs.$err(error);
-  try {
-    const hashed = await crypto.subtle.digest(digestAlgo.web, result);
-    return $convertBytesToStr(hashed, outputEncoding);
-  } catch (error2) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "Hashing")}: Failed to hash data`, desc: chunkHTRGOBZF_cjs.$fmtError(error2) });
-  }
-}
-async function $hashPassword(password, options) {
-  if (!chunkHTRGOBZF_cjs.$isStr(password)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Empty password`,
-      desc: "Password must be a non-empty string"
-    });
-  }
-  if (!chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Invalid options`,
-      desc: "Options must be an object"
-    });
-  }
-  const digest = options.digest ?? "sha512";
-  if (!(digest in chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Unsupported digest: ${digest}`,
-      desc: `Supported digests are: ${Object.keys(chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS).join(", ")}`
-    });
-  }
-  const digestAlgo = chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS[digest];
-  const outputEncoding = options.outputEncoding ?? "base64url";
-  if (!chunkHTRGOBZF_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Unsupported output encoding: ${outputEncoding}`,
-      desc: "Use base64, base64url, or hex"
-    });
-  }
-  const saltLength = options.saltLength ?? 16;
-  if (typeof saltLength !== "number" || saltLength < 8) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Weak salt length`,
-      desc: "Salt length must be a number and at least 8 bytes (recommended 16)"
-    });
-  }
-  const iterations = options.iterations ?? 32e4;
-  if (typeof iterations !== "number" || iterations < 1e3) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Weak iteration count`,
-      desc: "Iterations must be a number and at least 1000 (recommended 320,000 or more)"
-    });
-  }
-  const keyLength = options.keyLength ?? 64;
-  if (typeof keyLength !== "number" || keyLength < 16) {
-    return chunkHTRGOBZF_cjs.$err({
-      msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Weak key length`,
-      desc: "Key length must be a number and at least 16 bytes (recommended 64)"
-    });
-  }
-  try {
-    const salt = crypto.getRandomValues(new Uint8Array(saltLength));
-    const baseKey = await crypto.subtle.importKey(
-      "raw",
-      textEncoder.encode(password.normalize("NFKC")),
-      "PBKDF2",
-      false,
-      ["deriveBits"]
-    );
-    const bits = await crypto.subtle.deriveBits(
-      { name: "PBKDF2", salt, iterations, hash: digestAlgo.web },
-      baseKey,
-      keyLength * 8
-    );
-    const saltStr = $convertBytesToStr(salt, outputEncoding);
-    if (saltStr.error) return chunkHTRGOBZF_cjs.$err(saltStr.error);
-    const hashedPasswordStr = $convertBytesToStr(bits, outputEncoding);
-    if (hashedPasswordStr.error) return chunkHTRGOBZF_cjs.$err(hashedPasswordStr.error);
-    return chunkHTRGOBZF_cjs.$ok({ result: hashedPasswordStr.result, salt: saltStr.result });
-  } catch (error) {
-    return chunkHTRGOBZF_cjs.$err({ msg: `${chunkHTRGOBZF_cjs.title("web", "Password Hashing")}: Failed to hash password`, desc: chunkHTRGOBZF_cjs.$fmtError(error) });
-  }
-}
-async function $verifyPassword(password, hashedPassword, salt, options) {
-  if (!chunkHTRGOBZF_cjs.$isStr(password) || !chunkHTRGOBZF_cjs.$isStr(hashedPassword) || !chunkHTRGOBZF_cjs.$isStr(salt) || !chunkHTRGOBZF_cjs.$isPlainObj(options)) {
-    return false;
-  }
-  const digest = options.digest ?? "sha512";
-  if (!(digest in chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS)) return false;
-  const digestAlgo = chunkHTRGOBZF_cjs.DIGEST_ALGORITHMS[digest];
-  const inputEncoding = options.inputEncoding ?? "base64url";
-  if (!chunkHTRGOBZF_cjs.CIPHER_ENCODING.includes(inputEncoding)) return false;
-  const iterations = options.iterations ?? 32e4;
-  if (typeof iterations !== "number" || iterations < 1e3) return false;
-  const keyLength = options.keyLength ?? 64;
-  if (typeof keyLength !== "number" || keyLength < 16) return false;
-  const saltBytes = $convertStrToBytes(salt, inputEncoding);
-  if (saltBytes.error) return false;
-  const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);
-  if (hashedPasswordBytes.error) return false;
-  try {
-    const baseKey = await crypto.subtle.importKey(
-      "raw",
-      textEncoder.encode(password.normalize("NFKC")),
-      "PBKDF2",
-      false,
-      ["deriveBits"]
-    );
-    const bits = new Uint8Array(
-      await crypto.subtle.deriveBits(
-        {
-          name: "PBKDF2",
-          salt: saltBytes.result,
-          iterations,
-          hash: digestAlgo.web
-        },
-        baseKey,
-        keyLength * 8
-      )
-    );
-    if (bits === void 0 || hashedPasswordBytes.result === void 0) return false;
-    if (bits.length !== hashedPasswordBytes.result.length) return false;
-    let diff = 0;
-    for (let i = 0; i < bits.length; i++) {
-      diff |= bits[i] ^ hashedPasswordBytes.result[i];
-    }
-    return diff === 0;
-  } catch {
-    return false;
-  }
-}
-
-// src/web/kit.ts
-function tryGenerateUuid() {
-  return $generateUuid();
-}
-function generateUuid() {
-  const { result, error } = $generateUuid();
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryCreateSecretKey(secret, options = {}) {
-  return await $createSecretKey(secret, options);
-}
-async function createSecretKey(secret, options = {}) {
-  const { result, error } = await $createSecretKey(secret, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryEncrypt(data, secretKey, options = {}) {
-  return await $encrypt(data, secretKey, options);
-}
-async function encrypt(data, secretKey, options = {}) {
-  const { result, error } = await $encrypt(data, secretKey, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryDecrypt(encrypted, secretKey, options = {}) {
-  return await $decrypt(encrypted, secretKey, options);
-}
-async function decrypt(encrypted, secretKey, options = {}) {
-  const { result, error } = await $decrypt(encrypted, secretKey, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryEncryptObj(obj, secretKey, options = {}) {
-  return await $encryptObj(obj, secretKey, options);
-}
-async function encryptObj(obj, secretKey, options = {}) {
-  const { result, error } = await $encryptObj(obj, secretKey, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryDecryptObj(encrypted, secretKey, options = {}) {
-  return await $decryptObj(encrypted, secretKey, options);
-}
-async function decryptObj(encrypted, secretKey, options = {}) {
-  const { result, error } = await $decryptObj(encrypted, secretKey, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryHash(data, options = {}) {
-  return await $hash(data, options);
-}
-async function hash(data, options = {}) {
-  const { result, error } = await $hash(data, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-async function tryHashPassword(password, options = {}) {
-  return await $hashPassword(password, options);
-}
-async function hashPassword(password, options = {}) {
-  const { result, salt, error } = await $hashPassword(password, options);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return { result, salt };
-}
-async function verifyPassword(password, hashedPassword, salt, options = {}) {
-  return await $verifyPassword(password, hashedPassword, salt, options);
-}
-function tryConvertStrToBytes(data, inputEncoding = "utf8") {
-  return $convertStrToBytes(data, inputEncoding);
-}
-function convertStrToBytes(data, inputEncoding = "utf8") {
-  const { result, error } = $convertStrToBytes(data, inputEncoding);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-function tryConvertBytesToStr(data, outputEncoding = "utf8") {
-  return $convertBytesToStr(data, outputEncoding);
-}
-function convertBytesToStr(data, outputEncoding = "utf8") {
-  const { result, error } = $convertBytesToStr(data, outputEncoding);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-function tryConvertEncoding(data, from, to) {
-  return $convertEncoding(data, from, to);
-}
-function convertEncoding(data, from, to) {
-  const { result, error } = $convertEncoding(data, from, to);
-  if (error) throw new Error(chunkHTRGOBZF_cjs.$fmtResultErr(error));
-  return result;
-}
-
-exports.convertBytesToStr = convertBytesToStr;
-exports.convertEncoding = convertEncoding;
-exports.convertStrToBytes = convertStrToBytes;
-exports.createSecretKey = createSecretKey;
-exports.decrypt = decrypt;
-exports.decryptObj = decryptObj;
-exports.encrypt = encrypt;
-exports.encryptObj = encryptObj;
-exports.generateUuid = generateUuid;
-exports.hash = hash;
-exports.hashPassword = hashPassword;
-exports.kit_exports = kit_exports;
-exports.tryConvertBytesToStr = tryConvertBytesToStr;
-exports.tryConvertEncoding = tryConvertEncoding;
-exports.tryConvertStrToBytes = tryConvertStrToBytes;
-exports.tryCreateSecretKey = tryCreateSecretKey;
-exports.tryDecrypt = tryDecrypt;
-exports.tryDecryptObj = tryDecryptObj;
-exports.tryEncrypt = tryEncrypt;
-exports.tryEncryptObj = tryEncryptObj;
-exports.tryGenerateUuid = tryGenerateUuid;
-exports.tryHash = tryHash;
-exports.tryHashPassword = tryHashPassword;
-exports.verifyPassword = verifyPassword;
-//# sourceMappingURL=chunk-BMX42IZM.cjs.map
-//# sourceMappingURL=chunk-BMX42IZM.cjs.map