cipher-kit 2.1.3 → 3.0.0

package/dist/chunk-VCBHSRCS.cjs

@@ -0,0 +1,523 @@
+'use strict';
+
+var __defProp = Object.defineProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+
+// ../internal-helpers/dist/index.js
+function $isStr(x, min = 1) {
+  return typeof x === "string" && x.trim().length >= min;
+}
+function $isIntIn(x, min, max) {
+  return typeof x === "number" && Number.isInteger(x) && x >= min && x <= max;
+}
+function $isPlainObj(x) {
+  if (typeof x !== "object" || x === null) return false;
+  const proto = Object.getPrototypeOf(x);
+  return proto === Object.prototype || proto === null;
+}
+function $ok(result) {
+  if ($isPlainObj(result)) {
+    const obj = result;
+    if (Object.hasOwn(obj, "success") || Object.hasOwn(obj, "error")) {
+      return { success: true, result };
+    }
+    return { success: true, ...obj };
+  }
+  return { success: true, result };
+}
+function $err(err) {
+  return {
+    success: false,
+    error: { message: err.message, description: err.description }
+  };
+}
+function $fmtError(error) {
+  if (typeof error === "string") return error;
+  if (error instanceof Error) return error.message;
+  return String(error);
+}
+function $fmtResultErr(err) {
+  if (!err) return "Unknown error";
+  return `${err.message} - ${err.description}`;
+}
+var textEncoder = new TextEncoder();
+new TextDecoder();
+var strictUtf8Decoder = new TextDecoder("utf-8", { fatal: true });
+var ENCODING = Object.freeze(["base64", "base64url", "hex", "utf8", "latin1"]);
+var CIPHER_ENCODING = Object.freeze(["base64", "base64url", "hex"]);
+function $convertStrToBytes(data, inputEncoding = "utf8") {
+  if (typeof data !== "string") {
+    return $err({
+      message: "strToBytes: Data must be a string",
+      description: `Expected a string value, received ${typeof data}`
+    });
+  }
+  if (!ENCODING.includes(inputEncoding)) {
+    return $err({
+      message: `strToBytes: Unsupported encoding: ${inputEncoding}`,
+      description: "Use base64, base64url, hex, utf8, or latin1"
+    });
+  }
+  try {
+    const bytes = strToBytes[inputEncoding](data);
+    return $ok({ result: bytes });
+  } catch (error) {
+    return $err({ message: "strToBytes: Failed to convert data", description: $fmtError(error) });
+  }
+}
+function $convertBytesToStr(data, outputEncoding = "utf8") {
+  if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {
+    return $err({
+      message: "bytesToStr: Data must be an ArrayBuffer or Uint8Array",
+      description: `Expected binary data (ArrayBuffer or Uint8Array), received ${typeof data}`
+    });
+  }
+  if (!ENCODING.includes(outputEncoding)) {
+    return $err({
+      message: `bytesToStr: Unsupported encoding: ${outputEncoding}`,
+      description: "Use base64, base64url, hex, utf8, or latin1"
+    });
+  }
+  try {
+    const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
+    const str = bytesToStr[outputEncoding](bytes);
+    return $ok(str);
+  } catch (error) {
+    return $err({ message: "bytesToStr: Failed to convert data", description: $fmtError(error) });
+  }
+}
+var strToBytes = {
+  base64: $fromBase64,
+  base64url: $fromBase64Url,
+  hex: $fromHex,
+  latin1: $fromLatin1,
+  utf8: (data) => textEncoder.encode(data)
+};
+var bytesToStr = {
+  base64: $toBase64,
+  base64url: $toBase64Url,
+  hex: $toHex,
+  latin1: $toLatin1,
+  utf8: (data) => strictUtf8Decoder.decode(data)
+};
+function $toLatin1(bytes) {
+  let out = "";
+  const chunk = 1 << 15;
+  for (let i = 0; i < bytes.length; i += chunk) {
+    out += String.fromCharCode(...bytes.subarray(i, i + chunk));
+  }
+  return out;
+}
+function $fromLatin1(data) {
+  const out = new Uint8Array(data.length);
+  for (let i = 0; i < data.length; i++) {
+    const charCode = data.charCodeAt(i);
+    if (charCode > 255) throw new Error("Invalid latin1 string");
+    out[i] = charCode;
+  }
+  return out;
+}
+function $toBase64(bytes) {
+  return btoa($toLatin1(bytes));
+}
+var BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;
+function $fromBase64(data) {
+  if (!BASE64_REGEX.test(data)) throw new Error("Invalid base64 string");
+  return $fromLatin1(atob(data));
+}
+function $toBase64Url(bytes) {
+  return $toBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+var BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;
+function $fromBase64Url(data) {
+  if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, "").length % 4 === 1) {
+    throw new Error("Invalid base64url string");
+  }
+  let base64 = data.replace(/-/g, "+").replace(/_/g, "/");
+  const padLen = (4 - base64.length % 4) % 4;
+  base64 += "=".repeat(padLen);
+  return $fromBase64(base64);
+}
+var HEX_TABLE = Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, "0"));
+var HEX_NIBBLE = new Uint8Array(256).fill(255);
+for (let i = 48; i <= 57; i++) HEX_NIBBLE[i] = i - 48;
+for (let i = 65; i <= 70; i++) HEX_NIBBLE[i] = i - 55;
+for (let i = 97; i <= 102; i++) HEX_NIBBLE[i] = i - 87;
+function $toHex(bytes) {
+  const hex = new Array(bytes.length);
+  for (let i = 0; i < bytes.length; i++) {
+    hex[i] = HEX_TABLE[bytes[i]];
+  }
+  return hex.join("");
+}
+function $fromHex(data) {
+  const clean = data.startsWith("0x") || data.startsWith("0X") ? data.slice(2) : data;
+  if (clean.length % 2 !== 0) throw new Error("Invalid hex string");
+  const out = new Uint8Array(clean.length / 2);
+  for (let i = 0, j = 0; i < clean.length; i += 2, j++) {
+    const hiCode = clean.charCodeAt(i);
+    const loCode = clean.charCodeAt(i + 1);
+    if (hiCode > 255 || loCode > 255) throw new Error("Invalid hex string");
+    const hi = HEX_NIBBLE[hiCode];
+    const lo = HEX_NIBBLE[loCode];
+    if (hi === 255 || lo === 255) throw new Error("Invalid hex string");
+    out[j] = hi << 4 | lo;
+  }
+  return out;
+}
+var ProtoTraversalLimitError = class extends Error {
+  constructor(limit) {
+    super(`Object graph exceeded prototype-scan limit (${limit} nodes)`);
+    this.name = "ProtoTraversalLimitError";
+  }
+};
+var MAX_PROTO_SCAN_NODES = 1e5;
+function $hasProtoKey(obj) {
+  if (typeof obj !== "object" || obj === null) return false;
+  const seen = /* @__PURE__ */ new WeakSet();
+  const stack = [obj];
+  let scannedNodes = 0;
+  while (stack.length > 0) {
+    const current = stack.pop();
+    if (typeof current !== "object" || current === null) continue;
+    if (seen.has(current)) continue;
+    seen.add(current);
+    scannedNodes++;
+    if (scannedNodes > MAX_PROTO_SCAN_NODES) {
+      throw new ProtoTraversalLimitError(MAX_PROTO_SCAN_NODES);
+    }
+    if (Object.hasOwn(current, "__proto__")) return true;
+    const currentObj = current;
+    if (Object.hasOwn(currentObj, "constructor") && typeof currentObj.constructor === "object" && currentObj.constructor !== null && Object.hasOwn(currentObj.constructor, "prototype") && typeof currentObj.constructor.prototype === "object" && currentObj.constructor.prototype !== null) {
+      return true;
+    }
+    for (const val of Object.values(currentObj)) {
+      if (typeof val === "object" && val !== null) {
+        stack.push(val);
+      }
+    }
+  }
+  return false;
+}
+function $stringifyObj(obj) {
+  if (!$isPlainObj(obj))
+    return $err({
+      message: "stringifyObj: Input must be a plain object",
+      description: "Only plain objects ({...}) are accepted, not arrays, class instances, or built-ins"
+    });
+  try {
+    return $ok(JSON.stringify(obj));
+  } catch (error) {
+    return $err({ message: "stringifyObj: Failed to stringify object", description: $fmtError(error) });
+  }
+}
+function $parseToObj(str) {
+  if (!$isStr(str))
+    return $err({
+      message: "parseToObj: Input must be a non-empty string",
+      description: "Expected a non-empty JSON string to parse"
+    });
+  try {
+    const obj = JSON.parse(str);
+    if (!$isPlainObj(obj)) {
+      return $err({
+        message: "parseToObj: Parsed data is not a plain object",
+        description: "JSON parsed successfully but the result is not a plain object (e.g. array, string, number)"
+      });
+    }
+    if ($hasProtoKey(obj)) {
+      return $err({
+        message: "parseToObj: Input contains a prototype pollution vector",
+        description: "Objects with __proto__ or constructor.prototype keys are rejected"
+      });
+    }
+    return $ok({ result: obj });
+  } catch (error) {
+    if (error instanceof ProtoTraversalLimitError) {
+      return $err({
+        message: "parseToObj: Input object is too deeply nested to validate safely",
+        description: error.message
+      });
+    }
+    return $err({ message: "parseToObj: Failed to parse JSON", description: $fmtError(error) });
+  }
+}
+
+// src/helpers/consts.ts
+var GCM_TAG_BYTES = 16;
+var GCM_IV_LENGTH = 12;
+var MAX_PBKDF2_ITERATIONS = 1e7;
+var MAX_PBKDF2_KEY_LENGTH = 1024;
+var MAX_PBKDF2_SALT_LENGTH = 1024;
+var DIGEST_ALGORITHMS = Object.freeze({
+  sha256: { node: "sha256", web: "SHA-256" },
+  sha384: { node: "sha384", web: "SHA-384" },
+  sha512: { node: "sha512", web: "SHA-512" }
+});
+var ENCRYPTION_ALGORITHMS = Object.freeze({
+  aes256gcm: { keyBytes: 32, node: "aes-256-gcm", web: "AES-GCM" },
+  aes192gcm: { keyBytes: 24, node: "aes-192-gcm", web: "AES-GCM" },
+  aes128gcm: { keyBytes: 16, node: "aes-128-gcm", web: "AES-GCM" }
+});
+
+// src/helpers/validate.ts
+function $isObj(x) {
+  return typeof x === "object" && x !== null;
+}
+var expectedKeys = /* @__PURE__ */ new Set(["platform", "digest", "algorithm", "key", "injected"]);
+function $validateSecretKeyBase(x, platform) {
+  if (!$isObj(x) || platform !== "node" && platform !== "web" || x.platform !== platform) return null;
+  const keys = Object.keys(x);
+  if (keys.length !== expectedKeys.size) return null;
+  for (const key of keys) if (!expectedKeys.has(key)) return null;
+  if (typeof x.digest !== "string" || !(x.digest in DIGEST_ALGORITHMS) || typeof x.algorithm !== "string" || !(x.algorithm in ENCRYPTION_ALGORITHMS) || !$isObj(x.key) || x.key.type !== "secret") {
+    return null;
+  }
+  const algorithm = ENCRYPTION_ALGORITHMS[x.algorithm];
+  if (!$isObj(x.injected) || x.injected.keyBytes !== algorithm.keyBytes || x.injected.node !== algorithm.node || x.injected.web !== algorithm.web) {
+    return null;
+  }
+  return { obj: x, algorithm };
+}
+var ENCRYPTED_REGEX = /^([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\.$/;
+function matchEncryptedPattern(data) {
+  return typeof data === "string" && ENCRYPTED_REGEX.test(data);
+}
+function $validateCreateSecretKeyOptions(secret, options, prefix) {
+  if (!$isStr(secret, 8)) {
+    return $err({
+      message: `${prefix} createSecretKey: Secret must be at least 8 characters`,
+      description: "Use a high-entropy string of at least 8 characters"
+    });
+  }
+  if (!$isPlainObj(options)) {
+    return $err({
+      message: `${prefix} createSecretKey: Options must be a plain object`,
+      description: 'Pass an object like { algorithm: "aes256gcm" }'
+    });
+  }
+  const algorithm = options.algorithm ?? "aes256gcm";
+  if (!(algorithm in ENCRYPTION_ALGORITHMS)) {
+    return $err({
+      message: `${prefix} createSecretKey: Unsupported algorithm: ${algorithm}`,
+      description: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(", ")}`
+    });
+  }
+  const digest = options.digest ?? "sha256";
+  if (!(digest in DIGEST_ALGORITHMS)) {
+    return $err({
+      message: `${prefix} createSecretKey: Unsupported digest: ${digest}`,
+      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
+    });
+  }
+  const salt = options.salt ?? "cipher-kit";
+  if (!$isStr(salt, 8)) {
+    return $err({
+      message: `${prefix} createSecretKey: Salt must be at least 8 characters`,
+      description: "Provide a salt string with at least 8 characters"
+    });
+  }
+  const info = options.info ?? "cipher-kit";
+  if (!$isStr(info)) {
+    return $err({
+      message: `${prefix} createSecretKey: Info must be a non-empty string`,
+      description: "Received empty or non-string value"
+    });
+  }
+  return $ok({
+    algorithm,
+    digest,
+    salt,
+    info,
+    encryptAlgo: ENCRYPTION_ALGORITHMS[algorithm],
+    digestAlgo: DIGEST_ALGORITHMS[digest]
+  });
+}
+function $validateHashPasswordOptions(password, options, prefix) {
+  if (!$isStr(password)) {
+    return $err({
+      message: `${prefix} hashPassword: Password must be a non-empty string`,
+      description: "Received empty or non-string value"
+    });
+  }
+  if (!$isPlainObj(options)) {
+    return $err({
+      message: `${prefix} hashPassword: Options must be a plain object`,
+      description: "Pass an object like { iterations: 320000 }"
+    });
+  }
+  const digest = options.digest ?? "sha512";
+  if (!(digest in DIGEST_ALGORITHMS)) {
+    return $err({
+      message: `${prefix} hashPassword: Unsupported digest: ${digest}`,
+      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
+    });
+  }
+  const outputEncoding = options.outputEncoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(outputEncoding)) {
+    return $err({
+      message: `${prefix} hashPassword: Unsupported output encoding: ${outputEncoding}`,
+      description: "Use base64, base64url, or hex"
+    });
+  }
+  const saltLength = options.saltLength ?? 16;
+  if (!$isIntIn(saltLength, 8, MAX_PBKDF2_SALT_LENGTH)) {
+    return $err({
+      message: `${prefix} hashPassword: Salt length must be at least 8 bytes`,
+      description: `Must be an integer between 8 and ${MAX_PBKDF2_SALT_LENGTH} (recommended 16 or more)`
+    });
+  }
+  const iterations = options.iterations ?? 32e4;
+  if (!$isIntIn(iterations, 1e5, MAX_PBKDF2_ITERATIONS)) {
+    return $err({
+      message: `${prefix} hashPassword: Iterations must be at least 100,000`,
+      description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS} (recommended 320,000 or more)`
+    });
+  }
+  const keyLength = options.keyLength ?? 64;
+  if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {
+    return $err({
+      message: `${prefix} hashPassword: Key length must be at least 16 bytes`,
+      description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH} (recommended 64 or more)`
+    });
+  }
+  return $ok({
+    digest,
+    digestAlgo: DIGEST_ALGORITHMS[digest],
+    outputEncoding,
+    saltLength,
+    iterations,
+    keyLength
+  });
+}
+function $maxEncodedLength(byteLength, encoding) {
+  if (encoding === "hex") return byteLength * 2;
+  return Math.ceil(byteLength / 3) * 4;
+}
+function $validateVerifyPasswordOptions(password, hashedPassword, salt, options, prefix) {
+  if (!$isStr(password)) {
+    return $err({
+      message: `${prefix} verifyPassword: Password must be a non-empty string`,
+      description: "Received empty or non-string value"
+    });
+  }
+  if (!$isStr(hashedPassword)) {
+    return $err({
+      message: `${prefix} verifyPassword: Hashed password must be a non-empty string`,
+      description: "Pass the hash string returned by hashPassword()"
+    });
+  }
+  if (!$isStr(salt)) {
+    return $err({
+      message: `${prefix} verifyPassword: Salt must be a non-empty string`,
+      description: "Pass the salt string returned by hashPassword()"
+    });
+  }
+  if (!$isPlainObj(options)) {
+    return $err({
+      message: `${prefix} verifyPassword: Options must be a plain object`,
+      description: "Pass an object matching the options used for hashPassword()"
+    });
+  }
+  const digest = options.digest ?? "sha512";
+  if (!(digest in DIGEST_ALGORITHMS)) {
+    return $err({
+      message: `${prefix} verifyPassword: Unsupported digest: ${digest}`,
+      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
+    });
+  }
+  const inputEncoding = options.inputEncoding ?? "base64url";
+  if (!CIPHER_ENCODING.includes(inputEncoding)) {
+    return $err({
+      message: `${prefix} verifyPassword: Unsupported input encoding: ${inputEncoding}`,
+      description: "Use base64, base64url, or hex"
+    });
+  }
+  const iterations = options.iterations ?? 32e4;
+  if (!$isIntIn(iterations, 1e5, MAX_PBKDF2_ITERATIONS)) {
+    return $err({
+      message: `${prefix} verifyPassword: Iterations must be at least 100,000`,
+      description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS}`
+    });
+  }
+  const keyLength = options.keyLength ?? 64;
+  if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {
+    return $err({
+      message: `${prefix} verifyPassword: Key length must be at least 16 bytes`,
+      description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH}`
+    });
+  }
+  const maxHashLen = $maxEncodedLength(keyLength, inputEncoding);
+  if (hashedPassword.length > maxHashLen) {
+    return $err({
+      message: `${prefix} verifyPassword: Hashed password exceeds maximum encoded length`,
+      description: `Expected at most ${maxHashLen} characters for ${keyLength}-byte key with ${inputEncoding} encoding`
+    });
+  }
+  const maxSaltLen = $maxEncodedLength(MAX_PBKDF2_SALT_LENGTH, inputEncoding);
+  if (salt.length > maxSaltLen) {
+    return $err({
+      message: `${prefix} verifyPassword: Salt exceeds maximum encoded length`,
+      description: `Expected at most ${maxSaltLen} characters for ${inputEncoding} encoding`
+    });
+  }
+  return $ok({
+    digest,
+    digestAlgo: DIGEST_ALGORITHMS[digest],
+    inputEncoding,
+    iterations,
+    keyLength
+  });
+}
+
+// src/helpers/object.ts
+function tryStringifyObj(obj) {
+  return $stringifyObj(obj);
+}
+function stringifyObj(obj) {
+  const { result, error } = $stringifyObj(obj);
+  if (error) throw new Error($fmtResultErr(error));
+  return result;
+}
+function tryParseToObj(str) {
+  return $parseToObj(str);
+}
+function parseToObj(str) {
+  const { result, error } = $parseToObj(str);
+  if (error) throw new Error($fmtResultErr(error));
+  return result;
+}
+
+exports.$convertBytesToStr = $convertBytesToStr;
+exports.$convertStrToBytes = $convertStrToBytes;
+exports.$err = $err;
+exports.$fmtError = $fmtError;
+exports.$fmtResultErr = $fmtResultErr;
+exports.$isObj = $isObj;
+exports.$isPlainObj = $isPlainObj;
+exports.$isStr = $isStr;
+exports.$ok = $ok;
+exports.$parseToObj = $parseToObj;
+exports.$stringifyObj = $stringifyObj;
+exports.$validateCreateSecretKeyOptions = $validateCreateSecretKeyOptions;
+exports.$validateHashPasswordOptions = $validateHashPasswordOptions;
+exports.$validateSecretKeyBase = $validateSecretKeyBase;
+exports.$validateVerifyPasswordOptions = $validateVerifyPasswordOptions;
+exports.CIPHER_ENCODING = CIPHER_ENCODING;
+exports.DIGEST_ALGORITHMS = DIGEST_ALGORITHMS;
+exports.ENCODING = ENCODING;
+exports.ENCRYPTED_REGEX = ENCRYPTED_REGEX;
+exports.GCM_IV_LENGTH = GCM_IV_LENGTH;
+exports.GCM_TAG_BYTES = GCM_TAG_BYTES;
+exports.__export = __export;
+exports.matchEncryptedPattern = matchEncryptedPattern;
+exports.parseToObj = parseToObj;
+exports.stringifyObj = stringifyObj;
+exports.textEncoder = textEncoder;
+exports.tryParseToObj = tryParseToObj;
+exports.tryStringifyObj = tryStringifyObj;
+//# sourceMappingURL=chunk-VCBHSRCS.cjs.map
+//# sourceMappingURL=chunk-VCBHSRCS.cjs.map

package/dist/chunk-VCBHSRCS.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../internal-helpers/src/validate.ts","../../internal-helpers/src/error.ts","../../internal-helpers/src/encode.ts","../../internal-helpers/src/object.ts","../src/helpers/consts.ts","../src/helpers/validate.ts","../src/helpers/object.ts"],"names":[],"mappings":";;;;;;;;;AAAO,SAAS,MAAA,CAAO,CAAA,EAAY,GAAA,GAAM,CAAA,EAAgB;AACvD,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,CAAE,IAAA,GAAO,MAAA,IAAU,GAAA;AACrD;AAEO,SAAS,QAAA,CAA2B,CAAA,EAAY,GAAA,EAAa,GAAA,EAAqB;AACvF,EAAA,OAAO,OAAO,MAAM,QAAA,IAAY,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,CAAA,IAAK,GAAA,IAAO,CAAA,IAAK,GAAA;AAC1E;AAEO,SAAS,YAAwD,CAAA,EAAoB;AAC1F,EAAA,IAAI,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,MAAM,OAAO,KAAA;AAChD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,CAAC,CAAA;AACrC,EAAA,OAAO,KAAA,KAAU,MAAA,CAAO,SAAA,IAAa,KAAA,KAAU,IAAA;AACjD;ACmBO,SAAS,IAAO,MAAA,EAAsB;AAC3C,EAAA,IAAI,WAAA,CAAY,MAAM,CAAA,EAAG;AACvB,IAAA,MAAM,GAAA,GAAM,MAAA;AACZ,IAAA,IAAI,MAAA,CAAO,OAAO,GAAA,EAAK,SAAS,KAAK,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,OAAO,CAAA,EAAG;AAChE,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B,IAAA;AACA,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,GAAG,GAAA,EAAA;AAC7B,EAAA;AACA,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B;AAEO,SAAS,KAAK,GAAA,EAAiC;AACpD,EAAA,OAAO;IACL,OAAA,EAAS,KAAA;AACT,IAAA,KAAA,EAAO,EAAE,OAAA,EAAS,GAAA,CAAI,OAAA,EAAS,WAAA,EAAa,IAAI,WAAA;AAAY,GAAA;AAEhE;AAEO,SAAS,UAAU,KAAA,EAAwB;AAChD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,EAAA,OAAO,OAAO,KAAK,CAAA;AACrB;AAEO,SAAS,cAAc,GAAA,EAAsC;AAClE,EAAA,IAAI,CAAC,KAAK,OAAO,eAAA;AACjB,EAAA,OAAO,CAAA,EAAG,GAAA,CAAI,OAAO,CAAA,GAAA,EAAM,IAAI,WAAW,CAAA,CAAA;AAC5C;ACxDO,IAAM,WAAA,GAAc,IAAI,WAAA;AACJ,IAAI,WAAA;AAC/B,IAAM,oBAAoB,IAAI,WAAA,CAAY,SAAS,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3D,IAAM,QAAA,GAAW,OAAO,MAAA,CAAO,CAAC,UAAU,WAAA,EAAa,KAAA,EAAO,MAAA,EAAQ,QAAQ,CAAU;AACxF,IAAM,kBAAkB,MAAA,CAAO,MAAA,CAAO,CAAC,QAAA,EAAU,WAAA,EAAa,KAAK,CAAU;AAK7E,SAAS,kBAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAC5B,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,mCAAA;MACT,WAAA,EAAa,CAAA,kCAAA,EAAqC,OAAO,IAAI,CAAA;KAC9D,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,aAAa,CAAA,CAAA;MAC3D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,aAAa,CAAA,CAAE,IAAI,CAAA;AAC5C,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA;AAC9B,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAwB;AACpH,EAAA,IAAI,EAAE,IAAA,YAAgB,WAAA,IAAe,IAAA,YAAgB,UAAA,CAAA,EAAa;AAChE,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,uDAAA;MACT,WAAA,EAAa,CAAA,2DAAA,EAA8D,OAAO,IAAI,CAAA;KACvF,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,cAAc,CAAA,CAAA;MAC5D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AACA,EAAA,IAAI;AACF,IAAA,MAAM,QAAQ,IAAA,YAAgB,UAAA,GAAa,IAAA,GAAO,IAAI,WAAW,IAAI,CAAA;AACrE,IAAA,MAAM,GAAA,GAAM,UAAA,CAAW,cAAc,CAAA,CAAE,KAAK,CAAA;AAC5C,IAAA,OAAO,IAAI,GAAG,CAAA;AAChB,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,WAAA;EACR,SAAA,EAAW,cAAA;EACX,GAAA,EAAK,QAAA;EACL,MAAA,EAAQ,WAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAiB,WAAA,CAAY,MAAA,CAAO,IAAI;AACjD,CAAA;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,SAAA;EACR,SAAA,EAAW,YAAA;EACX,GAAA,EAAK,MAAA;EACL,MAAA,EAAQ,SAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAqB,iBAAA,CAAkB,MAAA,CAAO,IAAI;AAC3D,CAAA;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,IAAI,GAAA,GAAM,EAAA;AACV,EAAA,MAAM,QAAQ,CAAA,IAAK,EAAA;AACnB,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,KAAK,KAAA,EAAO;AAC5C,IAAA,GAAA,IAAO,MAAA,CAAO,aAAa,GAAG,KAAA,CAAM,SAAS,CAAA,EAAG,CAAA,GAAI,KAAK,CAAC,CAAA;AAC5D,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,CAAA;AACtC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,QAAQ,CAAA,EAAA,EAAK;AACpC,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA;AAClC,IAAA,IAAI,QAAA,GAAW,GAAA,EAAK,MAAM,IAAI,MAAM,uBAAuB,CAAA;AAC3D,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,QAAA;AACX,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAK,CAAC,CAAA;AAC9B;AAEA,IAAM,YAAA,GAAe,oEAAA;AAEd,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,IAAI,CAAC,aAAa,IAAA,CAAK,IAAI,GAAG,MAAM,IAAI,MAAM,uBAAuB,CAAA;AACrE,EAAA,OAAO,WAAA,CAAY,IAAA,CAAK,IAAI,CAAC,CAAA;AAC/B;AAEO,SAAS,aAAa,KAAA,EAA2B;AACtD,EAAA,OAAO,SAAA,CAAU,KAAK,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AACnF;AAEA,IAAM,eAAA,GAAkB,wBAAA;AAEjB,SAAS,eAAe,IAAA,EAAuC;AACpE,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,MAAA,GAAS,CAAA,KAAM,CAAA,EAAG;AAC3E,IAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAC5C,EAAA;AACA,EAAA,IAAI,MAAA,GAAS,KAAK,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACtD,EAAA,MAAM,MAAA,GAAA,CAAU,CAAA,GAAK,MAAA,CAAO,MAAA,GAAS,CAAA,IAAM,CAAA;AAC3C,EAAA,MAAA,IAAU,GAAA,CAAI,OAAO,MAAM,CAAA;AAC3B,EAAA,OAAO,YAAY,MAAM,CAAA;AAC3B;AAEA,IAAM,YAAY,KAAA,CAAM,IAAA,CAAK,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAC,CAAA,EAAG,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEvF,IAAM,aAAa,IAAI,UAAA,CAAW,GAAG,CAAA,CAAE,KAAK,GAAG,CAAA;AAC/C,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,GAAA,EAAK,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AAE7C,SAAS,OAAO,KAAA,EAA2B;AAChD,EAAA,MAAM,GAAA,GAAM,IAAI,KAAA,CAAc,KAAA,CAAM,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,SAAA,CAAU,KAAA,CAAM,CAAC,CAAW,CAAA;AACvC,EAAA;AACA,EAAA,OAAO,GAAA,CAAI,KAAK,EAAE,CAAA;AACpB;AAEO,SAAS,SAAS,IAAA,EAAuC;AAC9D,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,IAAK,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,GAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC/E,EAAA,IAAI,MAAM,MAAA,GAAS,CAAA,KAAM,GAAG,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAEhE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,KAAA,CAAM,SAAS,CAAC,CAAA;AAC3C,EAAA,KAAA,IAAS,CAAA,GAAI,GAAG,CAAA,GAAI,CAAA,EAAG,IAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,IAAK,CAAA,EAAG,CAAA,EAAA,EAAK;AACpD,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAC,CAAA;AACjC,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAA,GAAI,CAAC,CAAA;AACrC,IAAA,IAAI,SAAS,GAAA,IAAO,MAAA,GAAS,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AACtE,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,IAAI,OAAO,GAAA,IAAO,EAAA,KAAO,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAClE,IAAA,GAAA,CAAI,CAAC,CAAA,GAAK,EAAA,IAAM,CAAA,GAAK,EAAA;AACvB,EAAA;AACA,EAAA,OAAO,GAAA;AACT;ACpJA,IAAM,wBAAA,GAAN,cAAuC,KAAA,CAAM;AAC3C,EAAA,WAAA,CAAY,KAAA,EAAe;AACzB,IAAA,KAAA,CAAM,CAAA,4CAAA,EAA+C,KAAK,CAAA,OAAA,CAAS,CAAA;AACnE,IAAA,IAAA,CAAK,IAAA,GAAO,0BAAA;AACd,EAAA;AACF,CAAA;AAEA,IAAM,oBAAA,GAAuB,GAAA;AAE7B,SAAS,aAAa,GAAA,EAAuB;AAC3C,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,MAAM,OAAO,KAAA;AAEpD,EAAA,MAAM,IAAA,uBAAW,OAAA,EAAA;AACjB,EAAA,MAAM,KAAA,GAAmB,CAAC,GAAG,CAAA;AAC7B,EAAA,IAAI,YAAA,GAAe,CAAA;AAEnB,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,EAAG;AACvB,IAAA,MAAM,OAAA,GAAU,MAAM,GAAA,EAAA;AACtB,IAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,KAAY,IAAA,EAAM;AACrD,IAAA,IAAI,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA,EAAG;AAEvB,IAAA,IAAA,CAAK,IAAI,OAAO,CAAA;AAChB,IAAA,YAAA,EAAA;AACA,IAAA,IAAI,eAAe,oBAAA,EAAsB;AACvC,MAAA,MAAM,IAAI,yBAAyB,oBAAoB,CAAA;AACzD,IAAA;AAEA,IAAA,IAAI,MAAA,CAAO,MAAA,CAAO,OAAA,EAAS,WAAW,GAAG,OAAO,IAAA;AAEhD,IAAA,MAAM,UAAA,GAAa,OAAA;AACnB,IAAA,IACE,MAAA,CAAO,MAAA,CAAO,UAAA,EAAY,aAAa,CAAA,IACvC,OAAO,UAAA,CAAW,WAAA,KAAgB,QAAA,IAClC,UAAA,CAAW,WAAA,KAAgB,IAAA,IAC3B,MAAA,CAAO,OAAO,UAAA,CAAW,WAAA,EAAuB,WAAW,CAAA,IAC3D,OAAQ,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,QAAA,IACxE,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,IAAA,EAClE;AACA,MAAA,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,MAAA,CAAO,UAAU,CAAA,EAAG;AAC3C,MAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,IAAA,EAAM;AAC3C,QAAA,KAAA,CAAM,KAAK,GAAG,CAAA;AAChB,MAAA;AACF,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAA0D,GAAA,EAAwB;AAChG,EAAA,IAAI,CAAC,YAAY,GAAG,CAAA;AAClB,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,4CAAA;MACT,WAAA,EAAa;KACd,CAAA;AACH,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAChC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,0CAAA,EAA4C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AACpG,EAAA;AACF;AAEO,SAAS,YAAwD,GAAA,EAAoC;AAC1G,EAAA,IAAI,CAAC,OAAO,GAAG,CAAA;AACb,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,8CAAA;MACT,WAAA,EAAa;KACd,CAAA;AAEH,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAE1B,IAAA,IAAI,CAAC,WAAA,CAAY,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,+CAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,IAAI,YAAA,CAAa,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,yDAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,GAAA,EAAU,CAAA;AACjC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,wBAAA,EAA0B;AAC7C,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,kEAAA;AACT,QAAA,WAAA,EAAa,KAAA,CAAM;OACpB,CAAA;AACH,IAAA;AACA,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,kCAAA,EAAoC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC5F,EAAA;AACF;;;ACnGO,IAAM,aAAA,GAAgB;AACtB,IAAM,aAAA,GAAgB;AAEtB,IAAM,qBAAA,GAAwB,GAAA;AAC9B,IAAM,qBAAA,GAAwB,IAAA;AAC9B,IAAM,sBAAA,GAAyB,IAAA;AAE/B,IAAM,iBAAA,GAAoB,OAAO,MAAA,CAAO;AAAA,EAC7C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA;AACjC,CAAU;AAEH,IAAM,qBAAA,GAAwB,OAAO,MAAA,CAAO;AAAA,EACjD,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA;AACvD,CAAU,CAAA;;;ACDH,SAAS,OAAO,CAAA,EAA0C;AAC/D,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,IAAA;AACxC;AAEA,IAAM,YAAA,uBAAmB,GAAA,CAAI,CAAC,YAAY,QAAA,EAAU,WAAA,EAAa,KAAA,EAAO,UAAU,CAAC,CAAA;AAE5E,SAAS,sBAAA,CACd,GACA,QAAA,EAIO;AACP,EAAA,IAAI,CAAC,MAAA,CAAO,CAAC,CAAA,IAAM,QAAA,KAAa,MAAA,IAAU,QAAA,KAAa,KAAA,IAAU,CAAA,CAAE,QAAA,KAAa,QAAA,EAAU,OAAO,IAAA;AAEjG,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA;AAC1B,EAAA,IAAI,IAAA,CAAK,MAAA,KAAW,YAAA,CAAa,IAAA,EAAM,OAAO,IAAA;AAC9C,EAAA,KAAA,MAAW,GAAA,IAAO,MAAM,IAAI,CAAC,aAAa,GAAA,CAAI,GAAG,GAAG,OAAO,IAAA;AAE3D,EAAA,IACE,OAAO,CAAA,CAAE,MAAA,KAAW,QAAA,IACpB,EAAE,EAAE,MAAA,IAAU,iBAAA,CAAA,IACd,OAAO,CAAA,CAAE,SAAA,KAAc,QAAA,IACvB,EAAE,CAAA,CAAE,SAAA,IAAa,qBAAA,CAAA,IACjB,CAAC,MAAA,CAAO,CAAA,CAAE,GAAG,CAAA,IACb,CAAA,CAAE,GAAA,CAAI,IAAA,KAAS,QAAA,EACf;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,qBAAA,CAAsB,CAAA,CAAE,SAA+C,CAAA;AAEzF,EAAA,IACE,CAAC,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA,IAClB,CAAA,CAAE,SAAS,QAAA,KAAa,SAAA,CAAU,YAClC,CAAA,CAAE,QAAA,CAAS,SAAS,SAAA,CAAU,IAAA,IAC9B,EAAE,QAAA,CAAS,GAAA,KAAQ,UAAU,GAAA,EAC7B;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,CAAA,EAAG,SAAA,EAAU;AAC7B;AAGO,IAAM,eAAA,GACX;AAMK,SAAS,sBAAsB,IAAA,EAAuB;AAC3D,EAAA,OAAO,OAAO,IAAA,KAAS,QAAA,IAAY,eAAA,CAAgB,KAAK,IAAI,CAAA;AAC9D;AAEO,SAAS,+BAAA,CACd,MAAA,EACA,OAAA,EACA,MAAA,EAC6B;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,EAAQ,CAAC,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,sDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAoC,OAAO,CAAA,EAAG;AACjD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,WAAA;AACvC,EAAA,IAAI,EAAE,aAAa,qBAAA,CAAA,EAAwB;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,yCAAA,EAA4C,SAAS,CAAA,CAAA;AAAA,MACvE,WAAA,EAAa,6BAA6B,MAAA,CAAO,IAAA,CAAK,qBAAqB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACxF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,sCAAA,EAAyC,MAAM,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA,EAAG;AACpB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,iDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,SAAA;AAAA,IACA,MAAA;AAAA,IACA,IAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA,EAAa,sBAAsB,SAAS,CAAA;AAAA,IAC5C,UAAA,EAAY,kBAAkB,MAAM;AAAA,GACrC,CAAA;AACH;AAEO,SAAS,4BAAA,CACd,QAAA,EACA,OAAA,EACA,MAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAiC,OAAO,CAAA,EAAG;AAC9C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,6CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,mCAAA,EAAsC,MAAM,CAAA,CAAA;AAAA,MAC9D,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,4CAAA,EAA+C,cAAc,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,EAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,CAAA,EAAG,sBAAsB,CAAA,EAAG;AACpD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,oCAAoC,sBAAsB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA,8BAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,cAAA;AAAA,IACA,UAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;AAEA,SAAS,iBAAA,CAAkB,YAAoB,QAAA,EAAoD;AACjG,EAAA,IAAI,QAAA,KAAa,KAAA,EAAO,OAAO,UAAA,GAAa,CAAA;AAC5C,EAAA,OAAO,IAAA,CAAK,IAAA,CAAK,UAAA,GAAa,CAAC,CAAA,GAAI,CAAA;AACrC;AAEO,SAAS,8BAAA,CACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,SACA,MAAA,EACgC;AAChC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,cAAc,CAAA,EAAG;AAC3B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,2DAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAmC,OAAO,CAAA,EAAG;AAChD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,qCAAA,EAAwC,MAAM,CAAA,CAAA;AAAA,MAChE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,6CAAA,EAAgD,aAAa,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,qDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,SAAA,EAAW,aAAa,CAAA;AAC7D,EAAA,IAAI,cAAA,CAAe,SAAS,UAAA,EAAY;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+DAAA,CAAA;AAAA,MAClB,aAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,SAAS,kBAAkB,aAAa,CAAA,SAAA;AAAA,KACvG,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,sBAAA,EAAwB,aAAa,CAAA;AAC1E,EAAA,IAAI,IAAA,CAAK,SAAS,UAAA,EAAY;AAC5B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,aAAa,CAAA,SAAA;AAAA,KAC5E,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,aAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;;;ACnSO,SAAS,gBAA4D,GAAA,EAAwB;AAClG,EAAA,OAAO,cAAc,GAAG,CAAA;AAC1B;AAmBO,SAAS,aAAyD,GAAA,EAAgB;AACvF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,GAAG,CAAA;AAC3C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,cAA0D,GAAA,EAAoC;AAC5G,EAAA,OAAO,YAAe,GAAG,CAAA;AAC3B;AAgBO,SAAS,WAAuD,GAAA,EAAgB;AACrF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,YAAe,GAAG,CAAA;AAC5C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-VCBHSRCS.cjs","sourcesContent":["export function $isStr(x: unknown, min = 1): x is string {\n  return typeof x === \"string\" && x.trim().length >= min;\n}\n\nexport function $isIntIn<T extends number>(x: unknown, min: number, max: number): x is T {\n  return typeof x === \"number\" && Number.isInteger(x) && x >= min && x <= max;\n}\n\nexport function $isPlainObj<T extends object = Record<string, unknown>>(x: unknown): x is T {\n  if (typeof x !== \"object\" || x === null) return false;\n  const proto = Object.getPrototypeOf(x);\n  return proto === Object.prototype || proto === null;\n}\n","import { $isPlainObj } from \"./validate.js\";\n\nexport interface ErrorStruct {\n  readonly message: string;\n  readonly description: string;\n}\n\ntype ReservedResultKeys = \"success\" | \"error\";\n\ntype ShouldWrapObject<T extends object> = Extract<keyof T, ReservedResultKeys> extends never ? false : true;\n\ntype OkType<T> = {\n  readonly success: true;\n  readonly error?: undefined;\n} & (T extends object\n  ? ShouldWrapObject<T> extends true\n    ? { readonly result: T }\n    : { readonly [K in keyof T]: T[K] }\n  : { readonly result: T });\n\ntype ErrType<T> = {\n  readonly success: false;\n  readonly error: ErrorStruct;\n} & (T extends object\n  ? ShouldWrapObject<T> extends true\n    ? { readonly result?: undefined }\n    : { readonly [K in keyof T]?: undefined }\n  : { readonly result?: undefined });\n\nexport type Result<T> = OkType<T> | ErrType<T>;\n\nexport function $ok<T>(result: T): Result<T> {\n  if ($isPlainObj(result)) {\n    const obj = result as Record<string, unknown>;\n    if (Object.hasOwn(obj, \"success\") || Object.hasOwn(obj, \"error\")) {\n      return { success: true, result } as Result<T>;\n    }\n    return { success: true, ...obj } as Result<T>;\n  }\n  return { success: true, result } as Result<T>;\n}\n\nexport function $err(err: ErrorStruct): Result<never> {\n  return {\n    success: false,\n    error: { message: err.message, description: err.description },\n  } as Result<never>;\n}\n\nexport function $fmtError(error: unknown): string {\n  if (typeof error === \"string\") return error;\n  if (error instanceof Error) return error.message;\n  return String(error);\n}\n\nexport function $fmtResultErr(err: ErrorStruct | undefined): string {\n  if (!err) return \"Unknown error\";\n  return `${err.message} - ${err.description}`;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\n\nexport const textEncoder = new TextEncoder();\nexport const textDecoder = new TextDecoder();\nconst strictUtf8Decoder = new TextDecoder(\"utf-8\", { fatal: true });\n\nexport const ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\", \"utf8\", \"latin1\"] as const);\nexport const CIPHER_ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\"] as const);\n\nexport type Encoding = (typeof ENCODING)[number];\nexport type CipherEncoding = (typeof CIPHER_ENCODING)[number];\n\nexport function $convertStrToBytes(\n  data: string,\n  inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n  if (typeof data !== \"string\") {\n    return $err({\n      message: \"strToBytes: Data must be a string\",\n      description: `Expected a string value, received ${typeof data}`,\n    });\n  }\n  if (!ENCODING.includes(inputEncoding)) {\n    return $err({\n      message: `strToBytes: Unsupported encoding: ${inputEncoding}`,\n      description: \"Use base64, base64url, hex, utf8, or latin1\",\n    });\n  }\n\n  try {\n    const bytes = strToBytes[inputEncoding](data);\n    return $ok({ result: bytes });\n  } catch (error) {\n    return $err({ message: \"strToBytes: Failed to convert data\", description: $fmtError(error) });\n  }\n}\n\nexport function $convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n  if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {\n    return $err({\n      message: \"bytesToStr: Data must be an ArrayBuffer or Uint8Array\",\n      description: `Expected binary data (ArrayBuffer or Uint8Array), received ${typeof data}`,\n    });\n  }\n  if (!ENCODING.includes(outputEncoding)) {\n    return $err({\n      message: `bytesToStr: Unsupported encoding: ${outputEncoding}`,\n      description: \"Use base64, base64url, hex, utf8, or latin1\",\n    });\n  }\n  try {\n    const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);\n    const str = bytesToStr[outputEncoding](bytes);\n    return $ok(str);\n  } catch (error) {\n    return $err({ message: \"bytesToStr: Failed to convert data\", description: $fmtError(error) });\n  }\n}\n\nexport const strToBytes = {\n  base64: $fromBase64,\n  base64url: $fromBase64Url,\n  hex: $fromHex,\n  latin1: $fromLatin1,\n  utf8: (data: string) => textEncoder.encode(data),\n} as const satisfies Record<Encoding, (data: string) => Uint8Array<ArrayBuffer>>;\n\nexport const bytesToStr = {\n  base64: $toBase64,\n  base64url: $toBase64Url,\n  hex: $toHex,\n  latin1: $toLatin1,\n  utf8: (data: Uint8Array) => strictUtf8Decoder.decode(data),\n} as const satisfies Record<Encoding, (data: Uint8Array) => string>;\n\nexport function $toLatin1(bytes: Uint8Array): string {\n  let out = \"\";\n  const chunk = 1 << 15;\n  for (let i = 0; i < bytes.length; i += chunk) {\n    out += String.fromCharCode(...bytes.subarray(i, i + chunk));\n  }\n  return out;\n}\n\nexport function $fromLatin1(data: string): Uint8Array<ArrayBuffer> {\n  const out = new Uint8Array(data.length);\n  for (let i = 0; i < data.length; i++) {\n    const charCode = data.charCodeAt(i);\n    if (charCode > 255) throw new Error(\"Invalid latin1 string\");\n    out[i] = charCode;\n  }\n  return out;\n}\n\nexport function $toBase64(bytes: Uint8Array): string {\n  return btoa($toLatin1(bytes));\n}\n\nconst BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;\n\nexport function $fromBase64(data: string): Uint8Array<ArrayBuffer> {\n  if (!BASE64_REGEX.test(data)) throw new Error(\"Invalid base64 string\");\n  return $fromLatin1(atob(data));\n}\n\nexport function $toBase64Url(bytes: Uint8Array): string {\n  return $toBase64(bytes).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\nconst BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;\n\nexport function $fromBase64Url(data: string): Uint8Array<ArrayBuffer> {\n  if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, \"\").length % 4 === 1) {\n    throw new Error(\"Invalid base64url string\");\n  }\n  let base64 = data.replace(/-/g, \"+\").replace(/_/g, \"/\");\n  const padLen = (4 - (base64.length % 4)) % 4;\n  base64 += \"=\".repeat(padLen);\n  return $fromBase64(base64);\n}\n\nconst HEX_TABLE = Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, \"0\"));\n\nconst HEX_NIBBLE = new Uint8Array(256).fill(255);\nfor (let i = 48; i <= 57; i++) HEX_NIBBLE[i] = i - 48; // 0-9\nfor (let i = 65; i <= 70; i++) HEX_NIBBLE[i] = i - 55; // A-F\nfor (let i = 97; i <= 102; i++) HEX_NIBBLE[i] = i - 87; // a-f\n\nexport function $toHex(bytes: Uint8Array): string {\n  const hex = new Array<string>(bytes.length);\n  for (let i = 0; i < bytes.length; i++) {\n    hex[i] = HEX_TABLE[bytes[i] as number] as string;\n  }\n  return hex.join(\"\");\n}\n\nexport function $fromHex(data: string): Uint8Array<ArrayBuffer> {\n  const clean = data.startsWith(\"0x\") || data.startsWith(\"0X\") ? data.slice(2) : data;\n  if (clean.length % 2 !== 0) throw new Error(\"Invalid hex string\");\n\n  const out = new Uint8Array(clean.length / 2);\n  for (let i = 0, j = 0; i < clean.length; i += 2, j++) {\n    const hiCode = clean.charCodeAt(i);\n    const loCode = clean.charCodeAt(i + 1);\n    if (hiCode > 255 || loCode > 255) throw new Error(\"Invalid hex string\");\n    const hi = HEX_NIBBLE[hiCode] as number;\n    const lo = HEX_NIBBLE[loCode] as number;\n    if (hi === 255 || lo === 255) throw new Error(\"Invalid hex string\");\n    out[j] = (hi << 4) | lo;\n  }\n  return out;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\nimport { $isPlainObj, $isStr } from \"./validate.js\";\n\nclass ProtoTraversalLimitError extends Error {\n  constructor(limit: number) {\n    super(`Object graph exceeded prototype-scan limit (${limit} nodes)`);\n    this.name = \"ProtoTraversalLimitError\";\n  }\n}\n\nconst MAX_PROTO_SCAN_NODES = 100_000;\n\nfunction $hasProtoKey(obj: unknown): boolean {\n  if (typeof obj !== \"object\" || obj === null) return false;\n\n  const seen = new WeakSet<object>();\n  const stack: unknown[] = [obj];\n  let scannedNodes = 0;\n\n  while (stack.length > 0) {\n    const current = stack.pop();\n    if (typeof current !== \"object\" || current === null) continue;\n    if (seen.has(current)) continue;\n\n    seen.add(current);\n    scannedNodes++;\n    if (scannedNodes > MAX_PROTO_SCAN_NODES) {\n      throw new ProtoTraversalLimitError(MAX_PROTO_SCAN_NODES);\n    }\n\n    if (Object.hasOwn(current, \"__proto__\")) return true;\n\n    const currentObj = current as Record<string, unknown>;\n    if (\n      Object.hasOwn(currentObj, \"constructor\") &&\n      typeof currentObj.constructor === \"object\" &&\n      currentObj.constructor !== null &&\n      Object.hasOwn(currentObj.constructor as object, \"prototype\") &&\n      typeof (currentObj.constructor as Record<string, unknown>).prototype === \"object\" &&\n      (currentObj.constructor as Record<string, unknown>).prototype !== null\n    ) {\n      return true;\n    }\n\n    for (const val of Object.values(currentObj)) {\n      if (typeof val === \"object\" && val !== null) {\n        stack.push(val);\n      }\n    }\n  }\n\n  return false;\n}\n\nexport function $stringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n  if (!$isPlainObj(obj))\n    return $err({\n      message: \"stringifyObj: Input must be a plain object\",\n      description: \"Only plain objects ({...}) are accepted, not arrays, class instances, or built-ins\",\n    });\n  try {\n    return $ok(JSON.stringify(obj));\n  } catch (error) {\n    return $err({ message: \"stringifyObj: Failed to stringify object\", description: $fmtError(error) });\n  }\n}\n\nexport function $parseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n  if (!$isStr(str))\n    return $err({\n      message: \"parseToObj: Input must be a non-empty string\",\n      description: \"Expected a non-empty JSON string to parse\",\n    });\n\n  try {\n    const obj = JSON.parse(str);\n\n    if (!$isPlainObj(obj)) {\n      return $err({\n        message: \"parseToObj: Parsed data is not a plain object\",\n        description: \"JSON parsed successfully but the result is not a plain object (e.g. array, string, number)\",\n      });\n    }\n\n    if ($hasProtoKey(obj)) {\n      return $err({\n        message: \"parseToObj: Input contains a prototype pollution vector\",\n        description: \"Objects with __proto__ or constructor.prototype keys are rejected\",\n      });\n    }\n\n    return $ok({ result: obj as T });\n  } catch (error) {\n    if (error instanceof ProtoTraversalLimitError) {\n      return $err({\n        message: \"parseToObj: Input object is too deeply nested to validate safely\",\n        description: error.message,\n      });\n    }\n    return $err({ message: \"parseToObj: Failed to parse JSON\", description: $fmtError(error) });\n  }\n}\n","export { CIPHER_ENCODING, ENCODING } from \"@internal/helpers\";\n\nexport const GCM_TAG_BYTES = 16;\nexport const GCM_IV_LENGTH = 12;\n\nexport const MAX_PBKDF2_ITERATIONS = 10_000_000;\nexport const MAX_PBKDF2_KEY_LENGTH = 1024;\nexport const MAX_PBKDF2_SALT_LENGTH = 1024;\n\nexport const DIGEST_ALGORITHMS = Object.freeze({\n  sha256: { node: \"sha256\", web: \"SHA-256\" },\n  sha384: { node: \"sha384\", web: \"SHA-384\" },\n  sha512: { node: \"sha512\", web: \"SHA-512\" },\n} as const);\n\nexport const ENCRYPTION_ALGORITHMS = Object.freeze({\n  aes256gcm: { keyBytes: 32, node: \"aes-256-gcm\", web: \"AES-GCM\" },\n  aes192gcm: { keyBytes: 24, node: \"aes-192-gcm\", web: \"AES-GCM\" },\n  aes128gcm: { keyBytes: 16, node: \"aes-128-gcm\", web: \"AES-GCM\" },\n} as const);\n","import { $err, $isIntIn, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport {\n  CIPHER_ENCODING,\n  DIGEST_ALGORITHMS,\n  ENCRYPTION_ALGORITHMS,\n  MAX_PBKDF2_ITERATIONS,\n  MAX_PBKDF2_KEY_LENGTH,\n  MAX_PBKDF2_SALT_LENGTH,\n} from \"./consts.js\";\nimport type {\n  CreateSecretKeyOptions,\n  HashPasswordOptions,\n  ValidatedHashOptions,\n  ValidatedKdfOptions,\n  ValidatedVerifyOptions,\n  VerifyPasswordOptions,\n} from \"./types.js\";\n\nexport function $isObj(x: unknown): x is Record<string, unknown> {\n  return typeof x === \"object\" && x !== null;\n}\n\nconst expectedKeys = new Set([\"platform\", \"digest\", \"algorithm\", \"key\", \"injected\"]);\n\nexport function $validateSecretKeyBase(\n  x: unknown,\n  platform: \"node\" | \"web\",\n): {\n  obj: Record<string, unknown>;\n  algorithm: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} | null {\n  if (!$isObj(x) || (platform !== \"node\" && platform !== \"web\") || x.platform !== platform) return null;\n\n  const keys = Object.keys(x);\n  if (keys.length !== expectedKeys.size) return null;\n  for (const key of keys) if (!expectedKeys.has(key)) return null;\n\n  if (\n    typeof x.digest !== \"string\" ||\n    !(x.digest in DIGEST_ALGORITHMS) ||\n    typeof x.algorithm !== \"string\" ||\n    !(x.algorithm in ENCRYPTION_ALGORITHMS) ||\n    !$isObj(x.key) ||\n    x.key.type !== \"secret\"\n  ) {\n    return null;\n  }\n\n  const algorithm = ENCRYPTION_ALGORITHMS[x.algorithm as keyof typeof ENCRYPTION_ALGORITHMS];\n\n  if (\n    !$isObj(x.injected) ||\n    x.injected.keyBytes !== algorithm.keyBytes ||\n    x.injected.node !== algorithm.node ||\n    x.injected.web !== algorithm.web\n  ) {\n    return null;\n  }\n\n  return { obj: x, algorithm };\n}\n\n/** Matches the `\"iv.cipher.tag.\"` encrypted payload format. */\nexport const ENCRYPTED_REGEX =\n  /^([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.$/;\n\n/**\n * Structural check only — validates the dot-separated `\"iv.cipher.tag.\"` format\n * but does NOT verify that individual segments contain valid base64, base64url, or hex encoding.\n */\nexport function matchEncryptedPattern(data: string): boolean {\n  return typeof data === \"string\" && ENCRYPTED_REGEX.test(data);\n}\n\nexport function $validateCreateSecretKeyOptions(\n  secret: string,\n  options: CreateSecretKeyOptions,\n  prefix: string,\n): Result<ValidatedKdfOptions> {\n  if (!$isStr(secret, 8)) {\n    return $err({\n      message: `${prefix} createSecretKey: Secret must be at least 8 characters`,\n      description: \"Use a high-entropy string of at least 8 characters\",\n    });\n  }\n\n  if (!$isPlainObj<CreateSecretKeyOptions>(options)) {\n    return $err({\n      message: `${prefix} createSecretKey: Options must be a plain object`,\n      description: 'Pass an object like { algorithm: \"aes256gcm\" }',\n    });\n  }\n\n  const algorithm = options.algorithm ?? \"aes256gcm\";\n  if (!(algorithm in ENCRYPTION_ALGORITHMS)) {\n    return $err({\n      message: `${prefix} createSecretKey: Unsupported algorithm: ${algorithm}`,\n      description: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(\", \")}`,\n    });\n  }\n\n  const digest = options.digest ?? \"sha256\";\n  if (!(digest in DIGEST_ALGORITHMS)) {\n    return $err({\n      message: `${prefix} createSecretKey: Unsupported digest: ${digest}`,\n      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n    });\n  }\n\n  const salt = options.salt ?? \"cipher-kit\";\n  if (!$isStr(salt, 8)) {\n    return $err({\n      message: `${prefix} createSecretKey: Salt must be at least 8 characters`,\n      description: \"Provide a salt string with at least 8 characters\",\n    });\n  }\n\n  const info = options.info ?? \"cipher-kit\";\n  if (!$isStr(info)) {\n    return $err({\n      message: `${prefix} createSecretKey: Info must be a non-empty string`,\n      description: \"Received empty or non-string value\",\n    });\n  }\n\n  return $ok({\n    algorithm,\n    digest,\n    salt,\n    info,\n    encryptAlgo: ENCRYPTION_ALGORITHMS[algorithm],\n    digestAlgo: DIGEST_ALGORITHMS[digest],\n  });\n}\n\nexport function $validateHashPasswordOptions(\n  password: string,\n  options: HashPasswordOptions,\n  prefix: string,\n): Result<ValidatedHashOptions> {\n  if (!$isStr(password)) {\n    return $err({\n      message: `${prefix} hashPassword: Password must be a non-empty string`,\n      description: \"Received empty or non-string value\",\n    });\n  }\n\n  if (!$isPlainObj<HashPasswordOptions>(options)) {\n    return $err({\n      message: `${prefix} hashPassword: Options must be a plain object`,\n      description: \"Pass an object like { iterations: 320000 }\",\n    });\n  }\n\n  const digest = options.digest ?? \"sha512\";\n  if (!(digest in DIGEST_ALGORITHMS)) {\n    return $err({\n      message: `${prefix} hashPassword: Unsupported digest: ${digest}`,\n      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n    });\n  }\n\n  const outputEncoding = options.outputEncoding ?? \"base64url\";\n  if (!CIPHER_ENCODING.includes(outputEncoding)) {\n    return $err({\n      message: `${prefix} hashPassword: Unsupported output encoding: ${outputEncoding}`,\n      description: \"Use base64, base64url, or hex\",\n    });\n  }\n\n  const saltLength = options.saltLength ?? 16;\n  if (!$isIntIn(saltLength, 8, MAX_PBKDF2_SALT_LENGTH)) {\n    return $err({\n      message: `${prefix} hashPassword: Salt length must be at least 8 bytes`,\n      description: `Must be an integer between 8 and ${MAX_PBKDF2_SALT_LENGTH} (recommended 16 or more)`,\n    });\n  }\n\n  const iterations = options.iterations ?? 320_000;\n  if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n    return $err({\n      message: `${prefix} hashPassword: Iterations must be at least 100,000`,\n      description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS} (recommended 320,000 or more)`,\n    });\n  }\n\n  const keyLength = options.keyLength ?? 64;\n  if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n    return $err({\n      message: `${prefix} hashPassword: Key length must be at least 16 bytes`,\n      description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH} (recommended 64 or more)`,\n    });\n  }\n\n  return $ok({\n    digest,\n    digestAlgo: DIGEST_ALGORITHMS[digest],\n    outputEncoding,\n    saltLength,\n    iterations,\n    keyLength,\n  });\n}\n\nfunction $maxEncodedLength(byteLength: number, encoding: (typeof CIPHER_ENCODING)[number]): number {\n  if (encoding === \"hex\") return byteLength * 2;\n  return Math.ceil(byteLength / 3) * 4;\n}\n\nexport function $validateVerifyPasswordOptions(\n  password: string,\n  hashedPassword: string,\n  salt: string,\n  options: VerifyPasswordOptions,\n  prefix: string,\n): Result<ValidatedVerifyOptions> {\n  if (!$isStr(password)) {\n    return $err({\n      message: `${prefix} verifyPassword: Password must be a non-empty string`,\n      description: \"Received empty or non-string value\",\n    });\n  }\n\n  if (!$isStr(hashedPassword)) {\n    return $err({\n      message: `${prefix} verifyPassword: Hashed password must be a non-empty string`,\n      description: \"Pass the hash string returned by hashPassword()\",\n    });\n  }\n\n  if (!$isStr(salt)) {\n    return $err({\n      message: `${prefix} verifyPassword: Salt must be a non-empty string`,\n      description: \"Pass the salt string returned by hashPassword()\",\n    });\n  }\n\n  if (!$isPlainObj<VerifyPasswordOptions>(options)) {\n    return $err({\n      message: `${prefix} verifyPassword: Options must be a plain object`,\n      description: \"Pass an object matching the options used for hashPassword()\",\n    });\n  }\n\n  const digest = options.digest ?? \"sha512\";\n  if (!(digest in DIGEST_ALGORITHMS)) {\n    return $err({\n      message: `${prefix} verifyPassword: Unsupported digest: ${digest}`,\n      description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n    });\n  }\n\n  const inputEncoding = options.inputEncoding ?? \"base64url\";\n  if (!CIPHER_ENCODING.includes(inputEncoding)) {\n    return $err({\n      message: `${prefix} verifyPassword: Unsupported input encoding: ${inputEncoding}`,\n      description: \"Use base64, base64url, or hex\",\n    });\n  }\n\n  const iterations = options.iterations ?? 320_000;\n  if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n    return $err({\n      message: `${prefix} verifyPassword: Iterations must be at least 100,000`,\n      description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS}`,\n    });\n  }\n\n  const keyLength = options.keyLength ?? 64;\n  if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n    return $err({\n      message: `${prefix} verifyPassword: Key length must be at least 16 bytes`,\n      description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH}`,\n    });\n  }\n\n  const maxHashLen = $maxEncodedLength(keyLength, inputEncoding);\n  if (hashedPassword.length > maxHashLen) {\n    return $err({\n      message: `${prefix} verifyPassword: Hashed password exceeds maximum encoded length`,\n      description: `Expected at most ${maxHashLen} characters for ${keyLength}-byte key with ${inputEncoding} encoding`,\n    });\n  }\n\n  const maxSaltLen = $maxEncodedLength(MAX_PBKDF2_SALT_LENGTH, inputEncoding);\n  if (salt.length > maxSaltLen) {\n    return $err({\n      message: `${prefix} verifyPassword: Salt exceeds maximum encoded length`,\n      description: `Expected at most ${maxSaltLen} characters for ${inputEncoding} encoding`,\n    });\n  }\n\n  return $ok({\n    digest,\n    digestAlgo: DIGEST_ALGORITHMS[digest],\n    inputEncoding,\n    iterations,\n    keyLength,\n  });\n}\n","import { $fmtResultErr, $parseToObj, $stringifyObj, type Result } from \"@internal/helpers\";\n\n/**\n * Serializes a plain object to JSON (non-throwing).\n *\n * @returns `Result<string>` with the JSON string or error.\n * @see {@link stringifyObj} For full parameter/behavior docs.\n */\nexport function tryStringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n  return $stringifyObj(obj);\n}\n\n/**\n * Serializes a plain object to JSON.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n *\n * @param obj - The object to stringify.\n * @returns JSON string representation of the object.\n * @throws {Error} If `obj` is not a plain object or serialization fails.\n *\n * @example\n * ```ts\n * const json = stringifyObj({ a: 1 }); // '{\"a\":1}'\n * ```\n *\n * @see {@link tryStringifyObj} Non-throwing variant returning `Result<string>`.\n */\nexport function stringifyObj<T extends object = Record<string, unknown>>(obj: T): string {\n  const { result, error } = $stringifyObj(obj);\n  if (error) throw new Error($fmtResultErr(error));\n  return result;\n}\n\n/**\n * Parses a JSON string to a plain object (non-throwing).\n *\n * @returns `Result<{ result: T }>` with the parsed object or error.\n * @see {@link parseToObj} For full parameter/behavior docs.\n */\nexport function tryParseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n  return $parseToObj<T>(str);\n}\n\n/**\n * Parses a JSON string to a plain object.\n *\n * @param str - The JSON string to parse.\n * @returns The parsed plain object.\n * @throws {Error} If the string can't be parsed or doesn't represent a plain object.\n *\n * @example\n * ```ts\n * const obj = parseToObj<{ a: number }>('{\"a\":1}'); // obj.a === 1\n * ```\n *\n * @see {@link tryParseToObj} Non-throwing variant returning `Result<{ result: T }>`.\n */\nexport function parseToObj<T extends object = Record<string, unknown>>(str: string): T {\n  const { result, error } = $parseToObj<T>(str);\n  if (error) throw new Error($fmtResultErr(error));\n  return result;\n}\n"]}