cipher-kit 3.0.0-beta.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +3 -1
  2. package/dist/{chunk-ZYX6MYHS.cjs → chunk-3A4RTUKO.cjs} +101 -101
  3. package/dist/chunk-3A4RTUKO.cjs.map +1 -0
  4. package/dist/{chunk-LC5HP75W.cjs → chunk-7254PEID.cjs} +102 -102
  5. package/dist/chunk-7254PEID.cjs.map +1 -0
  6. package/dist/{chunk-ZN7EFZ7Z.js → chunk-GL32EZRA.js} +5 -5
  7. package/dist/chunk-GL32EZRA.js.map +1 -0
  8. package/dist/{chunk-4YR2SBOH.js → chunk-IY6XGUYO.js} +8 -2
  9. package/dist/chunk-IY6XGUYO.js.map +1 -0
  10. package/dist/{chunk-X7IPAA7B.cjs → chunk-VCBHSRCS.cjs} +8 -2
  11. package/dist/chunk-VCBHSRCS.cjs.map +1 -0
  12. package/dist/{chunk-3NFJMV33.js → chunk-X6MX4NDE.js} +3 -3
  13. package/dist/chunk-X6MX4NDE.js.map +1 -0
  14. package/dist/{export-DAIDJRX3.d.ts → export-B-3CCZIO.d.cts} +2 -1
  15. package/dist/{export-BEp4DFEB.d.cts → export-BPo6yPV-.d.ts} +2 -1
  16. package/dist/{export-Cxfev8fi.d.ts → export-C0_UEEg8.d.ts} +2 -1
  17. package/dist/{export-e7IN_bU5.d.cts → export-DPuocAr3.d.cts} +2 -1
  18. package/dist/index.cjs +11 -11
  19. package/dist/index.d.cts +5 -5
  20. package/dist/index.d.ts +5 -5
  21. package/dist/index.js +3 -3
  22. package/dist/node.cjs +33 -33
  23. package/dist/node.d.cts +2 -2
  24. package/dist/node.d.ts +2 -2
  25. package/dist/node.js +2 -2
  26. package/dist/{validate-DN59A2-Y.d.cts → validate-vDTesb-X.d.cts} +4 -1
  27. package/dist/{validate-DN59A2-Y.d.ts → validate-vDTesb-X.d.ts} +4 -1
  28. package/dist/web-api.cjs +33 -33
  29. package/dist/web-api.d.cts +2 -2
  30. package/dist/web-api.d.ts +2 -2
  31. package/dist/web-api.js +2 -2
  32. package/package.json +2 -2
  33. package/dist/chunk-3NFJMV33.js.map +0 -1
  34. package/dist/chunk-4YR2SBOH.js.map +0 -1
  35. package/dist/chunk-LC5HP75W.cjs.map +0 -1
  36. package/dist/chunk-X7IPAA7B.cjs.map +0 -1
  37. package/dist/chunk-ZN7EFZ7Z.js.map +0 -1
  38. package/dist/chunk-ZYX6MYHS.cjs.map +0 -1
package/dist/chunk-3A4RTUKO.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/node/kit.ts","../src/node/node-encode.ts","../src/node/node-secret-key.ts","../src/node/node-encrypt.ts","../src/node/node-hash.ts"],"names":["__export","$err","ENCODING","$ok","Buffer","$fmtError","$isStr","$validateSecretKeyBase","nodeCrypto","$validateCreateSecretKeyOptions","$isPlainObj","CIPHER_ENCODING","GCM_IV_LENGTH","$fmtResultErr","error","matchEncryptedPattern","GCM_TAG_BYTES","$stringifyObj","$parseToObj","DIGEST_ALGORITHMS","$validateHashPasswordOptions","hash","$validateVerifyPasswordOptions"],"mappings":";;;;;;;;;;;AAAA,IAAA,WAAA,GAAA;AAAAA,0BAAA,CAAA,WAAA,EAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,IAAA,EAAA,MAAA,IAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACKO,SAAS,kBAAA,CAAmB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC7G,EAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAC5B,IAAA,OAAOC,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,wCAAA;AAAA,MACT,WAAA,EAAa,CAAA,kCAAA,EAAqC,OAAO,IAAI,CAAA;AAAA,KAC9D,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAACC,0BAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAOD,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,aAAa,CAAA,CAAA;AAAA,MAChE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,IAAA,MAAM,KAAA,GAAQ,OAAO,IAAA,CAAK,IAAI,IAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAClD,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,KAAM,CAAA,IAAK,CAAC,gBAAA,CAAiB,IAAA,CAAK,KAAK,CAAA,EAAG;AAC3D,MAAA,OAAOA,sBAAA,CAAK;AAAA,QACV,OAAA,EAAS,qCAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,OAAOE,qBAAA,CAAI,EAAE,MAAA,EAAQC,aAAAA,CAAO,KAAK,KAAA,EAAO,KAAK,GAAG,CAAA;AAAA,EAClD;AACA,EAAA,IAAI,kBAAkB,QAAA,EAAU;AAC9B,IAAA,IAAI,CAAC,oEAAA,CAAqE,IAAA,CAAK,IAAI,CAAA,EAAG;AACpF,MAAA,OAAOH,sBAAA,CAAK;AAAA,QACV,OAAA,EAAS,wCAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AACA,EAAA,IAAI,kBAAkB,WAAA,EAAa;AACjC,IAAA,IAAI,CAAC,wBAAA,CAAyB,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,MAAA,GAAS,CAAA,KAAM,CAAA,EAAG;AACpF,MAAA,OAAOA,sBAAA,CAAK;AAAA,QACV,OAAA,EAAS,2CAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AACA,EAAA,IAAI;AACF,IAAA,OAAOE,qBAAA,CAAI,EAAE,MAAA,EAAQC,aAAAA,CAAO,KAAK,IAAA,EAAM,aAAa,GAAG,CAAA;AAAA,EACzD,SAAS,KAAA,EAAO;AACd,IAAA,OAAOH,sBAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AAClG,EAAA,IAAI,EAAE,gBAAgBD,aAAAA,CAAAA,EAAS;AAC7B,IAAA,OAAOH,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,wCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAACC,0BAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAOD,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,cAAc,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI;AACF,IAAA,OAAOE,qBAAA,CAAI,IAAA,CAAK,QAAA,CAAS,cAAc,CAAC,CAAA;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,OAAOF,sBAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG;AACF;AAEO,SAAS,gBAAA,CAAiB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC3F,EAAA,IAAI,CAACC,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOL,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,uDAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACC,2BAAS,QAAA,CAAS,IAAI,KAAK,CAACA,0BAAA,CAAS,QAAA,CAAS,EAAE,CAAA,EAAG;AACtD,IAAA,OAAOD,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,iDAAA,EAAoD,IAAI,CAAA,IAAA,EAAO,EAAE,CAAA,CAAA;AAAA,MAC1E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAC3C,EAAA,IAAI,KAAA,CAAM,KAAA,EAAO,OAAOA,sBAAA,CAAK,MAAM,KAAK,CAAA;AAExC,EAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,KAAA,CAAM,MAAA,EAAQ,EAAE,CAAA;AAC/C,EAAA,IAAI,GAAA,CAAI,KAAA,EAAO,OAAOA,sBAAA,CAAK,IAAI,KAAK,CAAA;AAEpC,EAAA,OAAOE,qBAAA,CAAI,IAAI,MAAM,CAAA;AACvB;AC7EO,SAAS,iBAAiB,CAAA,EAAkC;AACjE,EAAA,MAAM,IAAA,GAAOI,wCAAA,CAAuB,CAAA,EAAG,MAAM,CAAA;AAC7C,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,IACE,EAAE,IAAA,CAAK,GAAA,CAAI,eAAeC,4BAAA,CAAW,SAAA,CAAA,IACpC,OAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,gBAAA,KAAqB,YAAY,IAAA,CAAK,GAAA,CAAI,IAAI,gBAAA,KAAqB,IAAA,CAAK,UAAU,QAAA,EACvG;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,QAAgB,OAAA,EAAoE;AACnH,EAAA,MAAM,SAAA,GAAYC,iDAAA,CAAgC,MAAA,EAAQ,OAAA,EAAS,MAAM,CAAA;AACzE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOR,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,WAAA,EAAa,YAAW,GAAI,SAAA;AAEnE,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,MAAA,CAAO,IAAA;AAAA,MACxBO,4BAAA,CAAW,QAAA;AAAA,QACT,UAAA,CAAW,IAAA;AAAA,QACX,MAAA,CAAO,UAAU,MAAM,CAAA;AAAA,QACvB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,QACrB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,QACrB,WAAA,CAAY;AAAA;AACd,KACF;AACA,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAMA,4BAAA,CAAW,eAAA,CAAgB,UAAU,CAAA;AACjD,MAAA,MAAM,SAAA,GAAY,OAAO,MAAA,CAAO;AAAA,QAC9B,QAAA,EAAU,MAAA;AAAA,QACV,MAAA;AAAA,QACA,SAAA;AAAA,QACA,GAAA;AAAA,QACA,QAAA,EAAU;AAAA,OACX,CAAA;AAED,MAAA,OAAOL,qBAAA,CAAI,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAAA,IAClC,CAAA,SAAE;AACA,MAAA,UAAA,CAAW,KAAK,CAAC,CAAA;AAAA,IACnB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAOF,sBAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG;AACF;;;AC3CO,SAAS,QAAA,CAAS,IAAA,EAAc,SAAA,EAA0B,OAAA,EAAyC;AACxG,EAAA,IAAI,CAACC,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOL,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,+CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACS,6BAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAOT,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAACU,iCAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAA8C,cAAc,CAAA,CAAA;AAAA,MACrE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,iBAAiB,SAAS,CAAA;AAC9C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAOA,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAOA,sBAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAKO,4BAAAA,CAAW,WAAA,CAAYI,+BAAa,CAAA;AAC/C,IAAA,MAAM,MAAA,GAASJ,6BAAW,cAAA,CAAe,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,KAAK,EAAE,CAAA;AACvF,IAAA,MAAM,SAAA,GAAYJ,aAAAA,CAAO,MAAA,CAAO,CAAC,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA,EAAG,MAAA,CAAO,KAAA,EAAO,CAAC,CAAA;AACvE,IAAA,MAAM,GAAA,GAAM,OAAO,UAAA,EAAW;AAE9B,IAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,EAAA,EAAI,cAAc,CAAA;AACnD,IAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,SAAA,EAAW,cAAc,CAAA;AAC9D,IAAA,MAAM,MAAA,GAAS,kBAAA,CAAmB,GAAA,EAAK,cAAc,CAAA;AAErD,IAAA,IAAI,KAAA,CAAM,KAAA,IAAS,SAAA,CAAU,KAAA,IAAS,OAAO,KAAA,EAAO;AAClD,MAAA,OAAOH,sBAAA,CAAK;AAAA,QACV,OAAA,EAAS,uCAAA;AAAA,QACT,WAAA,EAAa,qBAAqBY,+BAAA,CAAc,KAAA,CAAM,SAAS,SAAA,CAAU,KAAA,IAAS,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,OAChG,CAAA;AAAA,IACH;AAEA,IAAA,OAAOV,qBAAA,CAAI,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,CAAA,EAAI,UAAU,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACpE,SAASW,MAAAA,EAAO;AACd,IAAA,OAAOb,sBAAA,CAAK,EAAE,OAAA,EAAS,sCAAA,EAAwC,aAAaI,2BAAA,CAAUS,MAAK,GAAG,CAAA;AAAA,EAChG,CAAA,SAAE;AACA,IAAA,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACf;AACF;AAEO,SAAS,QAAA,CAAS,SAAA,EAAmB,SAAA,EAA0B,OAAA,EAAyC;AAC7G,EAAA,IAAI,CAACC,uCAAA,CAAsB,SAAS,CAAA,EAAG;AACrC,IAAA,OAAOd,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACS,6BAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAOT,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAACU,iCAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAA6C,aAAa,CAAA,CAAA;AAAA,MACnE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,CAAC,IAAI,MAAA,EAAQ,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,KAAK,CAAC,CAAA;AAEhD,EAAA,MAAM,WAAA,GAAc,iBAAiB,SAAS,CAAA;AAC9C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAOA,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,EAAA,EAAI,aAAa,CAAA;AACpD,EAAA,MAAM,WAAA,GAAc,kBAAA,CAAmB,MAAA,EAAQ,aAAa,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAW,kBAAA,CAAmB,GAAA,EAAK,aAAa,CAAA;AAEtD,EAAA,IAAI,OAAA,CAAQ,KAAA,IAAS,WAAA,CAAY,KAAA,IAAS,SAAS,KAAA,EAAO;AACxD,IAAA,OAAOA,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,sCAAA;AAAA,MACT,WAAA,EAAa,qBAAqBY,+BAAA,CAAc,OAAA,CAAQ,SAAS,WAAA,CAAY,KAAA,IAAS,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,KACtG,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,MAAA,CAAO,UAAA,KAAeD,+BAAA,EAAe;AAC/C,IAAA,OAAOX,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAYW,+BAAa,CAAA,YAAA,EAAe,OAAA,CAAQ,OAAO,UAAU,CAAA;AAAA,KAC/E,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,MAAA,CAAO,UAAA,KAAeI,+BAAA,EAAe;AAChD,IAAA,OAAOf,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,uCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAYe,+BAAa,CAAA,YAAA,EAAe,QAAA,CAAS,OAAO,UAAU,CAAA;AAAA,KAChF,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAWR,6BAAW,gBAAA,CAAiB,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,GAAA,EAAK,OAAA,CAAQ,MAAM,CAAA;AACvG,IAAA,QAAA,CAAS,UAAA,CAAW,SAAS,MAAM,CAAA;AACnC,IAAA,SAAA,GAAYJ,aAAAA,CAAO,MAAA,CAAO,CAAC,QAAA,CAAS,MAAA,CAAO,WAAA,CAAY,MAAM,CAAA,EAAG,QAAA,CAAS,KAAA,EAAO,CAAC,CAAA;AAEjF,IAAA,OAAO,kBAAA,CAAmB,WAAW,MAAM,CAAA;AAAA,EAC7C,SAAS,KAAA,EAAO;AACd,IAAA,OAAOH,sBAAA,CAAK,EAAE,OAAA,EAAS,sCAAA,EAAwC,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAChG,CAAA,SAAE;AACA,IAAA,SAAA,EAAW,KAAK,CAAC,CAAA;AAAA,EACnB;AACF;AAEO,SAAS,WAAA,CACd,IAAA,EACA,SAAA,EACA,OAAA,EACgB;AAChB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIY,gCAAc,IAAI,CAAA;AAC5C,EAAA,IAAI,KAAA,EAAO,OAAOhB,sBAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,QAAA,CAAS,MAAA,EAAQ,SAAA,EAAW,OAAO,CAAA;AAC5C;AAEO,SAAS,WAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,EACuB;AACvB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,KAAA,EAAO,OAAOA,sBAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAOiB,8BAAe,MAAM,CAAA;AAC9B;AChKO,SAAS,KAAA,CAAM,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC7E,EAAA,IAAI,CAACZ,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOL,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACS,6BAAA,CAAyB,OAAO,CAAA,EAAG;AACtC,IAAA,OAAOT,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAACU,iCAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAA2C,cAAc,CAAA,CAAA;AAAA,MAClE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAUkB,mCAAA,CAAA,EAAoB;AAClC,IAAA,OAAOlB,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAkC,MAAM,CAAA,CAAA;AAAA,MACjD,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAKkB,mCAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAaA,oCAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAOlB,sBAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAASO,6BAAW,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,CAAE,MAAA,CAAO,MAAM,CAAA,CAAE,MAAA,EAAO;AAC5E,IAAA,OAAO,kBAAA,CAAmB,QAAQ,cAAc,CAAA;AAAA,EAClD,SAASM,MAAAA,EAAO;AACd,IAAA,OAAOb,sBAAA,CAAK,EAAE,OAAA,EAAS,gCAAA,EAAkC,aAAaI,2BAAA,CAAUS,MAAK,GAAG,CAAA;AAAA,EAC1F;AACF;AAEO,SAAS,aAAA,CACd,UACA,OAAA,EAC0C;AAC1C,EAAA,MAAM,SAAA,GAAYM,8CAAA,CAA6B,QAAA,EAAU,OAAA,EAAS,MAAM,CAAA;AACxE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOnB,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,cAAA,EAAgB,UAAA,EAAY,UAAA,EAAY,WAAU,GAAI,SAAA;AAE1E,EAAA,MAAM,IAAA,GAAOO,4BAAAA,CAAW,WAAA,CAAY,UAAU,CAAA;AAC9C,EAAA,MAAMa,KAAAA,GAAOb,4BAAAA,CAAW,UAAA,CAAW,QAAA,CAAS,SAAA,CAAU,MAAM,CAAA,EAAG,IAAA,EAAM,UAAA,EAAY,SAAA,EAAW,UAAA,CAAW,IAAI,CAAA;AAE3G,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAOP,sBAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmBoB,KAAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAOpB,sBAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,OAAOE,qBAAA,CAAI,EAAE,MAAA,EAAQ,OAAA,CAAQ,QAAQ,IAAA,EAAM,OAAA,CAAQ,QAAQ,CAAA;AAAA,EAC7D,SAAS,KAAA,EAAO;AACd,IAAA,OAAOF,sBAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG,CAAA,SAAE;AACA,IAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,IAAAgB,KAAAA,CAAK,KAAK,CAAC,CAAA;AAAA,EACb;AACF;AAEO,SAAS,eAAA,CACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,EACiB;AACjB,EAAA,MAAM,YAAYC,gDAAA,CAA+B,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,SAAS,MAAM,CAAA;AAChG,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOrB,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,aAAA,EAAe,UAAA,EAAY,WAAU,GAAI,SAAA;AAE7D,EAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,IAAA,EAAM,aAAa,CAAA;AACxD,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOA,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,mBAAA,GAAsB,kBAAA,CAAmB,cAAA,EAAgB,aAAa,CAAA;AAC5E,EAAA,IAAI,mBAAA,CAAoB,KAAA,EAAO,OAAOA,sBAAA,CAAK,oBAAoB,KAAK,CAAA;AAEpE,EAAA,IAAI,oBAAoB,MAAA,CAAO,UAAA,KAAe,SAAA,EAAW,OAAOE,sBAAI,KAAK,CAAA;AAEzE,EAAA,IAAI;AACF,IAAA,MAAM,UAAUK,4BAAAA,CAAW,UAAA;AAAA,MACzB,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,MACzB,SAAA,CAAU,MAAA;AAAA,MACV,UAAA;AAAA,MACA,SAAA;AAAA,MACA,UAAA,CAAW;AAAA,KACb;AAEA,IAAA,MAAM,WAAW,mBAAA,CAAoB,MAAA;AAErC,IAAA,MAAM,IAAA,GAAOJ,aAAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AACnC,IAAA,MAAM,KAAA,GAAQA,aAAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AACpC,IAAA,OAAA,CAAQ,KAAK,IAAI,CAAA;AACjB,IAAA,QAAA,CAAS,KAAK,KAAK,CAAA;AAEnB,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAUI,4BAAAA,CAAW,eAAA,CAAgB,IAAA,EAAM,KAAK,CAAA;AACtD,MAAA,OAAOL,sBAAI,OAAO,CAAA;AAAA,IACpB,CAAA,SAAE;AACA,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AACZ,MAAA,OAAA,CAAQ,KAAK,CAAC,CAAA;AAAA,IAChB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAOF,sBAAA,CAAK,EAAE,OAAA,EAAS,0CAAA,EAA4C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACpG,CAAA,SAAE;AACA,IAAA,SAAA,CAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AACvB,IAAA,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACnC;AACF;;;AJnGO,SAAS,gBAAgB,CAAA,EAAgC;AAC9D,EAAA,OAAO,gBAAA,CAAiB,CAAC,CAAA,KAAM,IAAA;AACjC;AAQO,SAAS,eAAA,GAAkC;AAChD,EAAA,IAAI;AACF,IAAA,OAAOF,qBAAA,CAAIK,4BAAAA,CAAW,UAAA,EAAY,CAAA;AAAA,EACpC,SAAS,KAAA,EAAO;AACd,IAAA,OAAOP,sBAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAaI,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG;AACF;AAeO,SAAS,YAAA,GAAuB;AACrC,EAAA,OAAOG,6BAAW,UAAA,EAAW;AAC/B;AAQO,SAAS,kBAAA,CACd,MAAA,EACA,OAAA,GAAkC,EAAC,EACA;AACnC,EAAA,OAAO,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AACzC;AAoBO,SAAS,eAAA,CAAgB,MAAA,EAAgB,OAAA,GAAkC,EAAC,EAAkB;AACnG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAC1D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMK,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,UAAA,CAAW,IAAA,EAAc,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAmB;AAC/G,EAAA,OAAO,QAAA,CAAS,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAC1C;AAwBO,SAAS,OAAA,CAAQ,IAAA,EAAc,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAW;AACpG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,IAAA,EAAM,WAAW,OAAO,CAAA;AAC3D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,UAAA,CAAW,SAAA,EAAmB,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAmB;AACpH,EAAA,OAAO,QAAA,CAAS,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAC/C;AAwBO,SAAS,OAAA,CAAQ,SAAA,EAAmB,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAW;AACzG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,aAAA,CACd,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,OAAO,WAAA,CAAY,GAAA,EAAK,SAAA,EAAW,OAAO,CAAA;AAC5C;AAuBO,SAAS,UAAA,CACd,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACnB;AACR,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAY,GAAA,EAAK,WAAW,OAAO,CAAA;AAC7D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,aAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACJ;AACvB,EAAA,OAAO,WAAA,CAAe,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AACrD;AAuBO,SAAS,UAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACxB;AACH,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAe,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,OAAA,CAAQ,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC/E,EAAA,OAAO,KAAA,CAAM,MAAM,OAAO,CAAA;AAC5B;AAiBO,SAAS,IAAA,CAAK,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAW;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,KAAA,CAAM,MAAM,OAAO,CAAA;AAC7C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,eAAA,CACd,QAAA,EACA,OAAA,GAA+B,EAAC,EACU;AAC1C,EAAA,OAAO,aAAA,CAAc,UAAU,OAAO,CAAA;AACxC;AAwBO,SAAS,YAAA,CAAa,QAAA,EAAkB,OAAA,GAA+B,EAAC,EAAqC;AAClH,EAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAM,GAAI,aAAA,CAAc,UAAU,OAAO,CAAA;AAC/D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,EAAE,QAAQ,IAAA,EAAK;AACxB;AAQO,SAAS,kBACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACjB;AACjB,EAAA,OAAO,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,OAAO,CAAA;AAChE;AA8BO,SAAS,eACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACzB;AACT,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,gBAAgB,QAAA,EAAU,cAAA,EAAgB,MAAM,OAAO,CAAA;AACjF,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CAAqB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC/G,EAAA,OAAO,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAC/C;AAiBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAgB;AACxF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CAAqB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AACpG,EAAA,OAAO,kBAAA,CAAmB,MAAM,cAAc,CAAA;AAChD;AAkBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAgB;AACzF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,cAAc,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,kBAAA,CAAmB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC7F,EAAA,OAAO,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,EAAE,CAAA;AACxC;AAkBO,SAAS,eAAA,CAAgB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAAsB;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,gBAAA,CAAiB,IAAA,EAAM,MAAM,EAAE,CAAA;AACzD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-3A4RTUKO.cjs","sourcesContent":["import type { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $fmtResultErr, $ok, type Result } from \"@internal/helpers\";\nimport type {\n CreateSecretKeyOptions,\n DecryptOptions,\n Encoding,\n EncryptOptions,\n HashOptions,\n HashPasswordOptions,\n VerifyPasswordOptions,\n} from \"~/helpers/types.js\";\nimport { $convertBytesToStr, $convertEncoding, $convertStrToBytes } from \"./node-encode.js\";\nimport { $decrypt, $decryptObj, $encrypt, $encryptObj } from \"./node-encrypt.js\";\nimport { $hash, $hashPassword, $verifyPassword } from \"./node-hash.js\";\nimport { $createSecretKey, $isNodeSecretKey, type NodeSecretKey } from \"./node-secret-key.js\";\n\n/**\n * Checks whether a value is a `NodeSecretKey` for the Node.js platform.\n *\n * @param x - The value to check.\n * @returns `true` if `x` is a `NodeSecretKey`.\n *\n * @example\n * ```ts\n * isNodeSecretKey(nodeKey); // true\n * isNodeSecretKey({}); // false\n * ```\n */\nexport function isNodeSecretKey(x: unknown): x is NodeSecretKey {\n return $isNodeSecretKey(x) !== null;\n}\n\n/**\n * Generates a UUID (v4) (non-throwing).\n *\n * @returns `Result<string>` with the UUID or error.\n * @see {@link generateUuid} For full parameter/behavior docs.\n */\nexport function tryGenerateUuid(): Result<string> {\n try {\n return $ok(nodeCrypto.randomUUID());\n } catch (error) {\n return $err({ message: \"node generateUuid: Failed to generate UUID\", description: $fmtError(error) });\n }\n}\n\n/**\n * Generates a cryptographically random UUID (v4).\n *\n * @returns A UUID string.\n * @throws {Error} If UUID generation fails.\n *\n * @example\n * ```ts\n * const uuid = generateUuid();\n * ```\n *\n * @see {@link tryGenerateUuid} Non-throwing variant returning `Result<string>`.\n */\nexport function generateUuid(): string {\n return nodeCrypto.randomUUID();\n}\n\n/**\n * Derives a `NodeSecretKey` from a high-entropy secret (non-throwing).\n *\n * @returns `Result<{ result: NodeSecretKey }>` with the derived key or error.\n * @see {@link createSecretKey} For full parameter/behavior docs.\n */\nexport function tryCreateSecretKey(\n secret: string,\n options: CreateSecretKeyOptions = {},\n): Result<{ result: NodeSecretKey }> {\n return $createSecretKey(secret, options);\n}\n\n/**\n * Derives a `NodeSecretKey` from a high-entropy secret for encryption/decryption.\n *\n * @remarks\n * Uses HKDF to derive a symmetric key from the input string.\n *\n * @param secret - High-entropy secret (min 8 chars). For human-chosen passwords, use {@link hashPassword} instead.\n * @param options - Key derivation options.\n * @returns The derived `NodeSecretKey`.\n * @throws {Error} If key derivation fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-32-char-high-entropy-secret!!\");\n * ```\n *\n * @see {@link tryCreateSecretKey} Non-throwing variant returning `Result`.\n */\nexport function createSecretKey(secret: string, options: CreateSecretKeyOptions = {}): NodeSecretKey {\n const { result, error } = $createSecretKey(secret, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a UTF-8 string (non-throwing).\n *\n * @returns `Result<string>` with the ciphertext or error.\n * @see {@link encrypt} For full parameter/behavior docs.\n */\nexport function tryEncrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions = {}): Result<string> {\n return $encrypt(data, secretKey, options);\n}\n\n/**\n * Encrypts a UTF-8 string using the provided `NodeSecretKey`.\n *\n * @remarks\n * Output format: `\"iv.cipher.tag.\"` (three dot-separated base64url segments plus trailing dot).\n * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.\n * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.\n *\n * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).\n * @param secretKey - The `NodeSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encrypt(\"Hello, World!\", secretKey);\n * ```\n *\n * @see {@link tryEncrypt} Non-throwing variant returning `Result<string>`.\n */\nexport function encrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions = {}): string {\n const { result, error } = $encrypt(data, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts a ciphertext string (non-throwing).\n *\n * @returns `Result<string>` with the plaintext or error.\n * @see {@link decrypt} For full parameter/behavior docs.\n */\nexport function tryDecrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions = {}): Result<string> {\n return $decrypt(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts a ciphertext string using the provided `NodeSecretKey`.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.\n *\n * @param encrypted - The encrypted string to decrypt.\n * @param secretKey - The `NodeSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted UTF-8 string.\n * @throws {Error} If the input or key is invalid, or decryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encrypt(\"Hello, World!\", secretKey);\n * const decrypted = decrypt(encrypted, secretKey); // \"Hello, World!\"\n * ```\n *\n * @see {@link tryDecrypt} Non-throwing variant returning `Result<string>`.\n */\nexport function decrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions = {}): string {\n const { result, error } = $decrypt(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a plain object (non-throwing).\n *\n * @returns `Result<string>` with the ciphertext or error.\n * @see {@link encryptObj} For full parameter/behavior docs.\n */\nexport function tryEncryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions = {},\n): Result<string> {\n return $encryptObj(obj, secretKey, options);\n}\n\n/**\n * Encrypts a plain object using the provided `NodeSecretKey`.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n * Output format: `\"iv.cipher.tag.\"`.\n *\n * @param obj - Plain object to encrypt.\n * @param secretKey - The `NodeSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encryptObj({ a: 1 }, secretKey);\n * ```\n *\n * @see {@link tryEncryptObj} Non-throwing variant returning `Result<string>`.\n */\nexport function encryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions = {},\n): string {\n const { result, error } = $encryptObj(obj, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object (non-throwing).\n *\n * @returns `Result<{ result: T }>` with the object or error.\n * @see {@link decryptObj} For full parameter/behavior docs.\n */\nexport function tryDecryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions = {},\n): Result<{ result: T }> {\n return $decryptObj<T>(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n *\n * @param encrypted - The encrypted string.\n * @param secretKey - The `NodeSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted object.\n * @throws {Error} If decryption or JSON parsing fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encryptObj({ a: 1 }, secretKey);\n * const obj = decryptObj<{ a: number }>(encrypted, secretKey); // obj.a === 1\n * ```\n *\n * @see {@link tryDecryptObj} Non-throwing variant returning `Result`.\n */\nexport function decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions = {},\n): T {\n const { result, error } = $decryptObj<T>(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a UTF-8 string (non-throwing).\n *\n * @returns `Result<string>` with the hash or error.\n * @see {@link hash} For full parameter/behavior docs.\n */\nexport function tryHash(data: string, options: HashOptions = {}): Result<string> {\n return $hash(data, options);\n}\n\n/**\n * Hashes a UTF-8 string using the specified digest algorithm.\n *\n * @param data - The input string to hash.\n * @param options - Hash options.\n * @returns The hashed string.\n * @throws {Error} If input is invalid or hashing fails.\n *\n * @example\n * ```ts\n * const hashed = hash(\"my data\");\n * ```\n *\n * @see {@link tryHash} Non-throwing variant returning `Result<string>`.\n */\nexport function hash(data: string, options: HashOptions = {}): string {\n const { result, error } = $hash(data, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a password using PBKDF2 (non-throwing).\n *\n * @returns `Result<{ result: string; salt: string }>` with the hash/salt or error.\n * @see {@link hashPassword} For full parameter/behavior docs.\n */\nexport function tryHashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Result<{ result: string; salt: string }> {\n return $hashPassword(password, options);\n}\n\n/**\n * Hashes a password using PBKDF2.\n *\n * @remarks\n * Defaults: `sha512`, 320 000 iterations, 64-byte key, 16-byte random salt.\n *\n * **Performance note:** Uses synchronous `pbkdf2Sync` which blocks the event loop\n * (~100-300 ms at default iterations). For server-side use under load, prefer the\n * Web Crypto API (async) via `webKit.hashPassword` instead.\n *\n * @param password - The password to hash.\n * @param options - Password hashing options.\n * @returns `{ result, salt }` for storage.\n * @throws {Error} If inputs are invalid or hashing fails.\n *\n * @example\n * ```ts\n * const { result, salt } = hashPassword(\"my-password\");\n * ```\n *\n * @see {@link tryHashPassword} Non-throwing variant returning `Result`.\n */\nexport function hashPassword(password: string, options: HashPasswordOptions = {}): { result: string; salt: string } {\n const { result, salt, error } = $hashPassword(password, options);\n if (error) throw new Error($fmtResultErr(error));\n return { result, salt };\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash (non-throwing).\n *\n * @returns `Result<boolean>` — `true` if the password matches, `false` if not, or an error for invalid inputs/options.\n * @see {@link verifyPassword} For full parameter/behavior docs.\n */\nexport function tryVerifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Result<boolean> {\n return $verifyPassword(password, hashedPassword, salt, options);\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash.\n *\n * @remarks\n * Re-derives the key with the same parameters and compares in constant time to prevent timing attacks.\n * Throws for invalid inputs/options (bad encoding, wrong parameters, non-decodable salt/hash).\n * Returns `false` for password mismatch or length-mismatched hash.\n *\n * **Performance note:** Uses synchronous `pbkdf2Sync` which blocks the event loop\n * (~100-300 ms at default iterations). For server-side use under load, prefer the\n * Web Crypto API (async) via `webKit.verifyPassword` instead.\n *\n * @param password - The plain password to verify.\n * @param hashedPassword - The stored hash (encoded).\n * @param salt - The stored salt (encoded).\n * @param options - Verification options (must match the parameters used to hash).\n * @returns `true` if the password matches, otherwise `false`.\n * @throws {Error} If verification input/options are invalid.\n *\n * @example\n * ```ts\n * const { result, salt } = hashPassword(\"my-password\");\n * verifyPassword(\"my-password\", result, salt); // true\n * verifyPassword(\"wrong-password\", result, salt); // false\n * ```\n *\n * @see {@link tryVerifyPassword} Non-throwing variant returning `Result<boolean>`.\n */\nexport function verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): boolean {\n const { result, error } = $verifyPassword(password, hashedPassword, salt, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a string to a `Buffer` (non-throwing).\n *\n * @returns `Result<{ result: Buffer }>` with the buffer or error.\n * @see {@link convertStrToBytes} For full parameter/behavior docs.\n */\nexport function tryConvertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Result<{ result: Buffer }> {\n return $convertStrToBytes(data, inputEncoding);\n}\n\n/**\n * Converts a string to a Node.js `Buffer` using the specified encoding.\n *\n * @param data - The input string to convert.\n * @param inputEncoding - Source encoding (default: `'utf8'`).\n * @returns A `Buffer` containing the bytes.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * ```\n *\n * @see {@link tryConvertStrToBytes} Non-throwing variant returning `Result`.\n */\nexport function convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Buffer {\n const { result, error } = $convertStrToBytes(data, inputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a `Buffer` to a string (non-throwing).\n *\n * @returns `Result<string>` with the encoded string or error.\n * @see {@link convertBytesToStr} For full parameter/behavior docs.\n */\nexport function tryConvertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n return $convertBytesToStr(data, outputEncoding);\n}\n\n/**\n * Converts a Node.js `Buffer` to a string using the specified encoding.\n *\n * @param data - The `Buffer` to convert.\n * @param outputEncoding - Target encoding (default: `'utf8'`).\n * @returns The encoded string.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * const str = convertBytesToStr(bytes, \"utf8\"); // \"Hello\"\n * ```\n *\n * @see {@link tryConvertBytesToStr} Non-throwing variant returning `Result<string>`.\n */\nexport function convertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): string {\n const { result, error } = $convertBytesToStr(data, outputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts text between encodings (non-throwing).\n *\n * @returns `Result<string>` with the re-encoded string or error.\n * @see {@link convertEncoding} For full parameter/behavior docs.\n */\nexport function tryConvertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n return $convertEncoding(data, from, to);\n}\n\n/**\n * Converts text between encodings.\n *\n * @param data - The input string.\n * @param from - Current encoding of `data`.\n * @param to - Target encoding.\n * @returns The re-encoded string.\n * @throws {Error} If encodings are invalid or conversion fails.\n *\n * @example\n * ```ts\n * const encoded = convertEncoding(\"Hello\", \"utf8\", \"base64url\");\n * ```\n *\n * @see {@link tryConvertEncoding} Non-throwing variant returning `Result<string>`.\n */\nexport function convertEncoding(data: string, from: Encoding, to: Encoding): string {\n const { result, error } = $convertEncoding(data, from, to);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n","import { Buffer } from \"node:buffer\";\nimport { $err, $fmtError, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { ENCODING } from \"~/helpers/consts.js\";\nimport type { Encoding } from \"~/helpers/types.js\";\n\nexport function $convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Result<{ result: Buffer }> {\n if (typeof data !== \"string\") {\n return $err({\n message: \"node strToBytes: Data must be a string\",\n description: `Expected a string value, received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(inputEncoding)) {\n return $err({\n message: `node strToBytes: Unsupported encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n if (inputEncoding === \"hex\") {\n const clean = /^0x/i.test(data) ? data.slice(2) : data;\n if (clean.length % 2 !== 0 || !/^[0-9a-fA-F]*$/.test(clean)) {\n return $err({\n message: \"node strToBytes: Invalid hex string\",\n description: \"Hex string contains non-hex characters or has odd length\",\n });\n }\n return $ok({ result: Buffer.from(clean, \"hex\") });\n }\n if (inputEncoding === \"base64\") {\n if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/.test(data)) {\n return $err({\n message: \"node strToBytes: Invalid base64 string\",\n description: \"Base64 string contains invalid characters or has incorrect padding\",\n });\n }\n }\n if (inputEncoding === \"base64url\") {\n if (!/^[A-Za-z0-9_-]*={0,2}$/.test(data) || data.replace(/=+$/, \"\").length % 4 === 1) {\n return $err({\n message: \"node strToBytes: Invalid base64url string\",\n description: \"Base64url string contains invalid characters or has incorrect length\",\n });\n }\n }\n try {\n return $ok({ result: Buffer.from(data, inputEncoding) });\n } catch (error) {\n return $err({ message: \"node strToBytes: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n if (!(data instanceof Buffer)) {\n return $err({\n message: \"node bytesToStr: Data must be a Buffer\",\n description: \"Received a non-Buffer value\",\n });\n }\n if (!ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node bytesToStr: Unsupported encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n try {\n return $ok(data.toString(outputEncoding));\n } catch (error) {\n return $err({ message: \"node bytesToStr: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node convertEncoding: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!ENCODING.includes(from) || !ENCODING.includes(to)) {\n return $err({\n message: `node convertEncoding: Unsupported encoding: from ${from} to ${to}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n const bytes = $convertStrToBytes(data, from);\n if (bytes.error) return $err(bytes.error);\n\n const str = $convertBytesToStr(bytes.result, to);\n if (str.error) return $err(str.error);\n\n return $ok(str.result);\n}\n","import nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $ok, type Result } from \"@internal/helpers\";\nimport type { CreateSecretKeyOptions } from \"~/export.js\";\nimport type { DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from \"~/helpers/consts.js\";\nimport { $validateCreateSecretKeyOptions, $validateSecretKeyBase } from \"~/helpers/validate.js\";\n\ndeclare const __brand: unique symbol;\n\nexport type NodeSecretKey = {\n readonly platform: \"node\";\n readonly digest: keyof typeof DIGEST_ALGORITHMS;\n readonly algorithm: keyof typeof ENCRYPTION_ALGORITHMS;\n readonly key: nodeCrypto.KeyObject;\n readonly injected: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} & { readonly [__brand]: \"secretKey-node\" };\n\nexport function $isNodeSecretKey(x: unknown): NodeSecretKey | null {\n const base = $validateSecretKeyBase(x, \"node\");\n if (!base) return null;\n\n if (\n !(base.obj.key instanceof nodeCrypto.KeyObject) ||\n (typeof base.obj.key.symmetricKeySize === \"number\" && base.obj.key.symmetricKeySize !== base.algorithm.keyBytes)\n ) {\n return null;\n }\n return x as NodeSecretKey;\n}\n\nexport function $createSecretKey(secret: string, options: CreateSecretKeyOptions): Result<{ result: NodeSecretKey }> {\n const validated = $validateCreateSecretKeyOptions(secret, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { algorithm, digest, salt, info, encryptAlgo, digestAlgo } = validated;\n\n try {\n const derivedKey = Buffer.from(\n nodeCrypto.hkdfSync(\n digestAlgo.node,\n secret.normalize(\"NFKC\"),\n salt.normalize(\"NFKC\"),\n info.normalize(\"NFKC\"),\n encryptAlgo.keyBytes,\n ),\n );\n try {\n const key = nodeCrypto.createSecretKey(derivedKey);\n const secretKey = Object.freeze({\n platform: \"node\",\n digest,\n algorithm,\n key,\n injected: encryptAlgo,\n }) as NodeSecretKey;\n\n return $ok({ result: secretKey });\n } finally {\n derivedKey.fill(0);\n }\n } catch (error) {\n return $err({ message: \"node createSecretKey: Failed to derive key\", description: $fmtError(error) });\n }\n}\n","import { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport {\n $err,\n $fmtError,\n $fmtResultErr,\n $isPlainObj,\n $isStr,\n $ok,\n $parseToObj,\n $stringifyObj,\n type Result,\n} from \"@internal/helpers\";\nimport { CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES } from \"~/helpers/consts.js\";\nimport type { DecryptOptions, EncryptOptions } from \"~/helpers/types.js\";\nimport { matchEncryptedPattern } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./node-encode.js\";\nimport { $isNodeSecretKey, type NodeSecretKey } from \"./node-secret-key.js\";\n\nexport function $encrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node encrypt: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<EncryptOptions>(options)) {\n return $err({\n message: \"node encrypt: Options must be a plain object\",\n description: 'Pass an object like { outputEncoding: \"base64url\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node encrypt: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const injectedKey = $isNodeSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"node encrypt: Invalid secret key\",\n description: \"Expected a NodeSecretKey created by nodeKit.createSecretKey()\",\n });\n }\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const iv = nodeCrypto.randomBytes(GCM_IV_LENGTH);\n const cipher = nodeCrypto.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);\n const encrypted = Buffer.concat([cipher.update(result), cipher.final()]);\n const tag = cipher.getAuthTag();\n\n const ivStr = $convertBytesToStr(iv, outputEncoding);\n const cipherStr = $convertBytesToStr(encrypted, outputEncoding);\n const tagStr = $convertBytesToStr(tag, outputEncoding);\n\n if (ivStr.error || cipherStr.error || tagStr.error) {\n return $err({\n message: \"node encrypt: Failed to encode output\",\n description: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`,\n });\n }\n\n return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);\n } catch (error) {\n return $err({ message: \"node encrypt: Failed to encrypt data\", description: $fmtError(error) });\n } finally {\n result.fill(0);\n }\n}\n\nexport function $decrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions): Result<string> {\n if (!matchEncryptedPattern(encrypted)) {\n return $err({\n message: \"node decrypt: Invalid encrypted data format\",\n description: 'Encrypted data must be in the format \"iv.cipher.tag.\"',\n });\n }\n\n if (!$isPlainObj<DecryptOptions>(options)) {\n return $err({\n message: \"node decrypt: Options must be a plain object\",\n description: 'Pass an object like { inputEncoding: \"base64url\" }',\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `node decrypt: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const [iv, cipher, tag] = encrypted.split(\".\", 4) as [string, string, string];\n\n const injectedKey = $isNodeSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"node decrypt: Invalid secret key\",\n description: \"Expected a NodeSecretKey created by nodeKit.createSecretKey()\",\n });\n }\n\n const ivBytes = $convertStrToBytes(iv, inputEncoding);\n const cipherBytes = $convertStrToBytes(cipher, inputEncoding);\n const tagBytes = $convertStrToBytes(tag, inputEncoding);\n\n if (ivBytes.error || cipherBytes.error || tagBytes.error) {\n return $err({\n message: \"node decrypt: Failed to decode input\",\n description: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`,\n });\n }\n\n if (ivBytes.result.byteLength !== GCM_IV_LENGTH) {\n return $err({\n message: \"node decrypt: Invalid IV length\",\n description: `Expected ${GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`,\n });\n }\n\n if (tagBytes.result.byteLength !== GCM_TAG_BYTES) {\n return $err({\n message: \"node decrypt: Invalid auth tag length\",\n description: `Expected ${GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`,\n });\n }\n\n let decrypted: Buffer | undefined;\n try {\n const decipher = nodeCrypto.createDecipheriv(injectedKey.injected.node, injectedKey.key, ivBytes.result);\n decipher.setAuthTag(tagBytes.result);\n decrypted = Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);\n\n return $convertBytesToStr(decrypted, \"utf8\");\n } catch (error) {\n return $err({ message: \"node decrypt: Failed to decrypt data\", description: $fmtError(error) });\n } finally {\n decrypted?.fill(0);\n }\n}\n\nexport function $encryptObj<T extends object = Record<string, unknown>>(\n data: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions,\n): Result<string> {\n const { result, error } = $stringifyObj(data);\n if (error) return $err(error);\n return $encrypt(result, secretKey, options);\n}\n\nexport function $decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions,\n): Result<{ result: T }> {\n const { result, error } = $decrypt(encrypted, secretKey, options);\n if (error) return $err(error);\n return $parseToObj<T>(result);\n}\n","import { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { CIPHER_ENCODING, DIGEST_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { HashOptions, HashPasswordOptions, VerifyPasswordOptions } from \"~/helpers/types.js\";\nimport { $validateHashPasswordOptions, $validateVerifyPasswordOptions } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./node-encode.js\";\n\nexport function $hash(data: string, options: HashOptions = {}): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node hash: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashOptions>(options)) {\n return $err({\n message: \"node hash: Options must be a plain object\",\n description: 'Pass an object like { digest: \"sha256\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node hash: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `node hash: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n const digestAlgo = DIGEST_ALGORITHMS[digest];\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const hashed = nodeCrypto.createHash(digestAlgo.node).update(result).digest();\n return $convertBytesToStr(hashed, outputEncoding);\n } catch (error) {\n return $err({ message: \"node hash: Failed to hash data\", description: $fmtError(error) });\n }\n}\n\nexport function $hashPassword(\n password: string,\n options: HashPasswordOptions,\n): Result<{ result: string; salt: string }> {\n const validated = $validateHashPasswordOptions(password, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, outputEncoding, saltLength, iterations, keyLength } = validated;\n\n const salt = nodeCrypto.randomBytes(saltLength);\n const hash = nodeCrypto.pbkdf2Sync(password.normalize(\"NFKC\"), salt, iterations, keyLength, digestAlgo.node);\n\n try {\n const saltStr = $convertBytesToStr(salt, outputEncoding);\n if (saltStr.error) return $err(saltStr.error);\n\n const hashStr = $convertBytesToStr(hash, outputEncoding);\n if (hashStr.error) return $err(hashStr.error);\n\n return $ok({ result: hashStr.result, salt: saltStr.result });\n } catch (error) {\n return $err({ message: \"node hashPassword: Failed to hash password\", description: $fmtError(error) });\n } finally {\n salt.fill(0);\n hash.fill(0);\n }\n}\n\nexport function $verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n): Result<boolean> {\n const validated = $validateVerifyPasswordOptions(password, hashedPassword, salt, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, inputEncoding, iterations, keyLength } = validated;\n\n const saltBytes = $convertStrToBytes(salt, inputEncoding);\n if (saltBytes.error) return $err(saltBytes.error);\n\n const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);\n if (hashedPasswordBytes.error) return $err(hashedPasswordBytes.error);\n\n if (hashedPasswordBytes.result.byteLength !== keyLength) return $ok(false);\n\n try {\n const derived = nodeCrypto.pbkdf2Sync(\n password.normalize(\"NFKC\"),\n saltBytes.result,\n iterations,\n keyLength,\n digestAlgo.node,\n );\n\n const expected = hashedPasswordBytes.result;\n\n const left = Buffer.alloc(keyLength);\n const right = Buffer.alloc(keyLength);\n derived.copy(left);\n expected.copy(right);\n\n try {\n const matches = nodeCrypto.timingSafeEqual(left, right);\n return $ok(matches);\n } finally {\n left.fill(0);\n right.fill(0);\n derived.fill(0);\n }\n } catch (error) {\n return $err({ message: \"node verifyPassword: Verification failed\", description: $fmtError(error) });\n } finally {\n saltBytes.result.fill(0);\n hashedPasswordBytes.result.fill(0);\n }\n}\n"]}
package/dist/{chunk-LC5HP75W.cjs → chunk-7254PEID.cjs} RENAMED
@@ -1,10 +1,10 @@
1
1
  'use strict';
2
2
 
3
- var chunkX7IPAA7B_cjs = require('./chunk-X7IPAA7B.cjs');
3
+ var chunkVCBHSRCS_cjs = require('./chunk-VCBHSRCS.cjs');
4
4
 
5
5
  // src/web/kit.ts
6
6
  var kit_exports = {};
7
- chunkX7IPAA7B_cjs.__export(kit_exports, {
7
+ chunkVCBHSRCS_cjs.__export(kit_exports, {
8
8
  convertBytesToStr: () => convertBytesToStr,
9
9
  convertEncoding: () => convertEncoding,
10
10
  convertStrToBytes: () => convertStrToBytes,
@@ -34,9 +34,9 @@ chunkX7IPAA7B_cjs.__export(kit_exports, {
34
34
 
35
35
  // src/web/web-encode.ts
36
36
  function $convertStrToBytes2(data, inputEncoding = "utf8") {
37
- const result = chunkX7IPAA7B_cjs.$convertStrToBytes(data, inputEncoding);
37
+ const result = chunkVCBHSRCS_cjs.$convertStrToBytes(data, inputEncoding);
38
38
  if (result.error) {
39
- return chunkX7IPAA7B_cjs.$err({
39
+ return chunkVCBHSRCS_cjs.$err({
40
40
  message: result.error.message.replace("strToBytes:", "web strToBytes:"),
41
41
  description: result.error.description
42
42
  });
@@ -44,9 +44,9 @@ function $convertStrToBytes2(data, inputEncoding = "utf8") {
44
44
  return result;
45
45
  }
46
46
  function $convertBytesToStr2(data, outputEncoding = "utf8") {
47
- const result = chunkX7IPAA7B_cjs.$convertBytesToStr(data, outputEncoding);
47
+ const result = chunkVCBHSRCS_cjs.$convertBytesToStr(data, outputEncoding);
48
48
  if (result.error) {
49
- return chunkX7IPAA7B_cjs.$err({
49
+ return chunkVCBHSRCS_cjs.$err({
50
50
  message: result.error.message.replace("bytesToStr:", "web bytesToStr:"),
51
51
  description: result.error.description
52
52
  });
@@ -54,43 +54,43 @@ function $convertBytesToStr2(data, outputEncoding = "utf8") {
54
54
  return result;
55
55
  }
56
56
  function $convertEncoding(data, from, to) {
57
- if (!chunkX7IPAA7B_cjs.$isStr(data)) {
58
- return chunkX7IPAA7B_cjs.$err({
57
+ if (!chunkVCBHSRCS_cjs.$isStr(data)) {
58
+ return chunkVCBHSRCS_cjs.$err({
59
59
  message: "web convertEncoding: Data must be a non-empty string",
60
60
  description: "Received empty or non-string value"
61
61
  });
62
62
  }
63
- if (!chunkX7IPAA7B_cjs.ENCODING.includes(from) || !chunkX7IPAA7B_cjs.ENCODING.includes(to)) {
64
- return chunkX7IPAA7B_cjs.$err({
63
+ if (!chunkVCBHSRCS_cjs.ENCODING.includes(from) || !chunkVCBHSRCS_cjs.ENCODING.includes(to)) {
64
+ return chunkVCBHSRCS_cjs.$err({
65
65
  message: `web convertEncoding: Unsupported encoding: from ${from} to ${to}`,
66
66
  description: "Use base64, base64url, hex, utf8, or latin1"
67
67
  });
68
68
  }
69
69
  const bytes = $convertStrToBytes2(data, from);
70
- if (bytes.error) return chunkX7IPAA7B_cjs.$err(bytes.error);
70
+ if (bytes.error) return chunkVCBHSRCS_cjs.$err(bytes.error);
71
71
  const str = $convertBytesToStr2(bytes.result, to);
72
- if (str.error) return chunkX7IPAA7B_cjs.$err(str.error);
73
- return chunkX7IPAA7B_cjs.$ok(str.result);
72
+ if (str.error) return chunkVCBHSRCS_cjs.$err(str.error);
73
+ return chunkVCBHSRCS_cjs.$ok(str.result);
74
74
  }
75
75
 
76
76
  // src/web/web-secret-key.ts
77
77
  function $isWebSecretKey(x) {
78
- const base = chunkX7IPAA7B_cjs.$validateSecretKeyBase(x, "web");
78
+ const base = chunkVCBHSRCS_cjs.$validateSecretKeyBase(x, "web");
79
79
  if (!base) return null;
80
80
  if (typeof globalThis.CryptoKey === "undefined" || !(base.obj.key instanceof CryptoKey)) return null;
81
- if (!chunkX7IPAA7B_cjs.$isObj(base.obj.key.algorithm) || base.obj.key.algorithm.name !== base.algorithm.web || typeof base.obj.key.algorithm.length === "number" && base.obj.key.algorithm.length !== base.algorithm.keyBytes * 8 || !Array.isArray(base.obj.key.usages) || !(base.obj.key.usages.includes("encrypt") && base.obj.key.usages.includes("decrypt"))) {
81
+ if (!chunkVCBHSRCS_cjs.$isObj(base.obj.key.algorithm) || base.obj.key.algorithm.name !== base.algorithm.web || typeof base.obj.key.algorithm.length === "number" && base.obj.key.algorithm.length !== base.algorithm.keyBytes * 8 || !Array.isArray(base.obj.key.usages) || !(base.obj.key.usages.includes("encrypt") && base.obj.key.usages.includes("decrypt"))) {
82
82
  return null;
83
83
  }
84
84
  return x;
85
85
  }
86
86
  async function $createSecretKey(secret, options) {
87
- const validated = chunkX7IPAA7B_cjs.$validateCreateSecretKeyOptions(secret, options, "web");
88
- if (validated.error) return chunkX7IPAA7B_cjs.$err(validated.error);
87
+ const validated = chunkVCBHSRCS_cjs.$validateCreateSecretKeyOptions(secret, options, "web");
88
+ if (validated.error) return chunkVCBHSRCS_cjs.$err(validated.error);
89
89
  const { algorithm, digest, salt, info, encryptAlgo, digestAlgo } = validated;
90
90
  try {
91
91
  const ikm = await globalThis.crypto.subtle.importKey(
92
92
  "raw",
93
- chunkX7IPAA7B_cjs.textEncoder.encode(secret.normalize("NFKC")),
93
+ chunkVCBHSRCS_cjs.textEncoder.encode(secret.normalize("NFKC")),
94
94
  "HKDF",
95
95
  false,
96
96
  ["deriveKey"]
@@ -100,8 +100,8 @@ async function $createSecretKey(secret, options) {
100
100
  {
101
101
  name: "HKDF",
102
102
  hash: digestAlgo.web,
103
- salt: chunkX7IPAA7B_cjs.textEncoder.encode(salt.normalize("NFKC")),
104
- info: chunkX7IPAA7B_cjs.textEncoder.encode(info.normalize("NFKC"))
103
+ salt: chunkVCBHSRCS_cjs.textEncoder.encode(salt.normalize("NFKC")),
104
+ info: chunkVCBHSRCS_cjs.textEncoder.encode(info.normalize("NFKC"))
105
105
  },
106
106
  ikm,
107
107
  { name: encryptAlgo.web, length: encryptAlgo.keyBytes * 8 },
@@ -109,86 +109,86 @@ async function $createSecretKey(secret, options) {
109
109
  ["encrypt", "decrypt"]
110
110
  );
111
111
  const secretKey = Object.freeze({ platform: "web", digest, algorithm, key, injected: encryptAlgo });
112
- return chunkX7IPAA7B_cjs.$ok({ result: secretKey });
112
+ return chunkVCBHSRCS_cjs.$ok({ result: secretKey });
113
113
  } catch (error) {
114
- return chunkX7IPAA7B_cjs.$err({
114
+ return chunkVCBHSRCS_cjs.$err({
115
115
  message: "web createSecretKey: Failed to derive key",
116
- description: chunkX7IPAA7B_cjs.$fmtError(error)
116
+ description: chunkVCBHSRCS_cjs.$fmtError(error)
117
117
  });
118
118
  }
119
119
  }
120
120
 
121
121
  // src/web/web-encrypt.ts
122
122
  async function $encrypt(data, secretKey, options) {
123
- if (!chunkX7IPAA7B_cjs.$isStr(data)) {
124
- return chunkX7IPAA7B_cjs.$err({
123
+ if (!chunkVCBHSRCS_cjs.$isStr(data)) {
124
+ return chunkVCBHSRCS_cjs.$err({
125
125
  message: "web encrypt: Data must be a non-empty string",
126
126
  description: "Received empty or non-string value"
127
127
  });
128
128
  }
129
- if (!chunkX7IPAA7B_cjs.$isPlainObj(options)) {
130
- return chunkX7IPAA7B_cjs.$err({
129
+ if (!chunkVCBHSRCS_cjs.$isPlainObj(options)) {
130
+ return chunkVCBHSRCS_cjs.$err({
131
131
  message: "web encrypt: Options must be a plain object",
132
132
  description: 'Pass an object like { outputEncoding: "base64url" }'
133
133
  });
134
134
  }
135
135
  const outputEncoding = options.outputEncoding ?? "base64url";
136
- if (!chunkX7IPAA7B_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
137
- return chunkX7IPAA7B_cjs.$err({
136
+ if (!chunkVCBHSRCS_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
137
+ return chunkVCBHSRCS_cjs.$err({
138
138
  message: `web encrypt: Unsupported output encoding: ${outputEncoding}`,
139
139
  description: "Use base64, base64url, or hex"
140
140
  });
141
141
  }
142
142
  const injectedKey = $isWebSecretKey(secretKey);
143
143
  if (!injectedKey) {
144
- return chunkX7IPAA7B_cjs.$err({
144
+ return chunkVCBHSRCS_cjs.$err({
145
145
  message: "web encrypt: Invalid secret key",
146
146
  description: "Expected a WebSecretKey created by webKit.createSecretKey()"
147
147
  });
148
148
  }
149
149
  const { result, error } = $convertStrToBytes2(data, "utf8");
150
- if (error) return chunkX7IPAA7B_cjs.$err(error);
150
+ if (error) return chunkVCBHSRCS_cjs.$err(error);
151
151
  try {
152
- const iv = globalThis.crypto.getRandomValues(new Uint8Array(chunkX7IPAA7B_cjs.GCM_IV_LENGTH));
152
+ const iv = globalThis.crypto.getRandomValues(new Uint8Array(chunkVCBHSRCS_cjs.GCM_IV_LENGTH));
153
153
  const cipherWithTag = await globalThis.crypto.subtle.encrypt(
154
154
  { name: injectedKey.injected.web, iv },
155
155
  injectedKey.key,
156
156
  result
157
157
  );
158
- const cipherOnly = cipherWithTag.slice(0, cipherWithTag.byteLength - chunkX7IPAA7B_cjs.GCM_TAG_BYTES);
159
- const tag = cipherWithTag.slice(cipherWithTag.byteLength - chunkX7IPAA7B_cjs.GCM_TAG_BYTES);
158
+ const cipherOnly = cipherWithTag.slice(0, cipherWithTag.byteLength - chunkVCBHSRCS_cjs.GCM_TAG_BYTES);
159
+ const tag = cipherWithTag.slice(cipherWithTag.byteLength - chunkVCBHSRCS_cjs.GCM_TAG_BYTES);
160
160
  const ivStr = $convertBytesToStr2(iv, outputEncoding);
161
161
  const cipherStr = $convertBytesToStr2(cipherOnly, outputEncoding);
162
162
  const tagStr = $convertBytesToStr2(tag, outputEncoding);
163
163
  if (ivStr.error || cipherStr.error || tagStr.error) {
164
- return chunkX7IPAA7B_cjs.$err({
164
+ return chunkVCBHSRCS_cjs.$err({
165
165
  message: "web encrypt: Failed to encode output",
166
- description: `Conversion error: ${chunkX7IPAA7B_cjs.$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
166
+ description: `Conversion error: ${chunkVCBHSRCS_cjs.$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
167
167
  });
168
168
  }
169
- return chunkX7IPAA7B_cjs.$ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
169
+ return chunkVCBHSRCS_cjs.$ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
170
170
  } catch (error2) {
171
- return chunkX7IPAA7B_cjs.$err({ message: "web encrypt: Failed to encrypt data", description: chunkX7IPAA7B_cjs.$fmtError(error2) });
171
+ return chunkVCBHSRCS_cjs.$err({ message: "web encrypt: Failed to encrypt data", description: chunkVCBHSRCS_cjs.$fmtError(error2) });
172
172
  } finally {
173
173
  result.fill(0);
174
174
  }
175
175
  }
176
176
  async function $decrypt(encrypted, secretKey, options) {
177
- if (!chunkX7IPAA7B_cjs.matchEncryptedPattern(encrypted)) {
178
- return chunkX7IPAA7B_cjs.$err({
177
+ if (!chunkVCBHSRCS_cjs.matchEncryptedPattern(encrypted)) {
178
+ return chunkVCBHSRCS_cjs.$err({
179
179
  message: "web decrypt: Invalid encrypted data format",
180
180
  description: 'Encrypted data must be in the format "iv.cipher.tag."'
181
181
  });
182
182
  }
183
- if (!chunkX7IPAA7B_cjs.$isPlainObj(options)) {
184
- return chunkX7IPAA7B_cjs.$err({
183
+ if (!chunkVCBHSRCS_cjs.$isPlainObj(options)) {
184
+ return chunkVCBHSRCS_cjs.$err({
185
185
  message: "web decrypt: Options must be a plain object",
186
186
  description: 'Pass an object like { inputEncoding: "base64url" }'
187
187
  });
188
188
  }
189
189
  const inputEncoding = options.inputEncoding ?? "base64url";
190
- if (!chunkX7IPAA7B_cjs.CIPHER_ENCODING.includes(inputEncoding)) {
191
- return chunkX7IPAA7B_cjs.$err({
190
+ if (!chunkVCBHSRCS_cjs.CIPHER_ENCODING.includes(inputEncoding)) {
191
+ return chunkVCBHSRCS_cjs.$err({
192
192
  message: `web decrypt: Unsupported input encoding: ${inputEncoding}`,
193
193
  description: "Use base64, base64url, or hex"
194
194
  });
@@ -196,7 +196,7 @@ async function $decrypt(encrypted, secretKey, options) {
196
196
  const [iv, cipher, tag] = encrypted.split(".", 4);
197
197
  const injectedKey = $isWebSecretKey(secretKey);
198
198
  if (!injectedKey) {
199
- return chunkX7IPAA7B_cjs.$err({
199
+ return chunkVCBHSRCS_cjs.$err({
200
200
  message: "web decrypt: Invalid secret key",
201
201
  description: "Expected a WebSecretKey created by webKit.createSecretKey()"
202
202
  });
@@ -205,21 +205,21 @@ async function $decrypt(encrypted, secretKey, options) {
205
205
  const cipherBytes = $convertStrToBytes2(cipher, inputEncoding);
206
206
  const tagBytes = $convertStrToBytes2(tag, inputEncoding);
207
207
  if (ivBytes.error || cipherBytes.error || tagBytes.error) {
208
- return chunkX7IPAA7B_cjs.$err({
208
+ return chunkVCBHSRCS_cjs.$err({
209
209
  message: "web decrypt: Failed to decode input",
210
- description: `Conversion error: ${chunkX7IPAA7B_cjs.$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
210
+ description: `Conversion error: ${chunkVCBHSRCS_cjs.$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
211
211
  });
212
212
  }
213
- if (ivBytes.result.byteLength !== chunkX7IPAA7B_cjs.GCM_IV_LENGTH) {
214
- return chunkX7IPAA7B_cjs.$err({
213
+ if (ivBytes.result.byteLength !== chunkVCBHSRCS_cjs.GCM_IV_LENGTH) {
214
+ return chunkVCBHSRCS_cjs.$err({
215
215
  message: "web decrypt: Invalid IV length",
216
- description: `Expected ${chunkX7IPAA7B_cjs.GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`
216
+ description: `Expected ${chunkVCBHSRCS_cjs.GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`
217
217
  });
218
218
  }
219
- if (tagBytes.result.byteLength !== chunkX7IPAA7B_cjs.GCM_TAG_BYTES) {
220
- return chunkX7IPAA7B_cjs.$err({
219
+ if (tagBytes.result.byteLength !== chunkVCBHSRCS_cjs.GCM_TAG_BYTES) {
220
+ return chunkVCBHSRCS_cjs.$err({
221
221
  message: "web decrypt: Invalid auth tag length",
222
- description: `Expected ${chunkX7IPAA7B_cjs.GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`
222
+ description: `Expected ${chunkVCBHSRCS_cjs.GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`
223
223
  });
224
224
  }
225
225
  const cipherWithTag = new Uint8Array(cipherBytes.result.byteLength + tagBytes.result.byteLength);
@@ -236,70 +236,70 @@ async function $decrypt(encrypted, secretKey, options) {
236
236
  );
237
237
  return $convertBytesToStr2(decrypted, "utf8");
238
238
  } catch (error) {
239
- return chunkX7IPAA7B_cjs.$err({ message: "web decrypt: Failed to decrypt data", description: chunkX7IPAA7B_cjs.$fmtError(error) });
239
+ return chunkVCBHSRCS_cjs.$err({ message: "web decrypt: Failed to decrypt data", description: chunkVCBHSRCS_cjs.$fmtError(error) });
240
240
  } finally {
241
241
  decrypted?.fill(0);
242
242
  }
243
243
  }
244
244
  async function $encryptObj(data, secretKey, options) {
245
- const { result, error } = chunkX7IPAA7B_cjs.$stringifyObj(data);
246
- if (error) return chunkX7IPAA7B_cjs.$err(error);
245
+ const { result, error } = chunkVCBHSRCS_cjs.$stringifyObj(data);
246
+ if (error) return chunkVCBHSRCS_cjs.$err(error);
247
247
  return await $encrypt(result, secretKey, options);
248
248
  }
249
249
  async function $decryptObj(encrypted, secretKey, options) {
250
250
  const { result, error } = await $decrypt(encrypted, secretKey, options);
251
- if (error) return chunkX7IPAA7B_cjs.$err(error);
252
- return chunkX7IPAA7B_cjs.$parseToObj(result);
251
+ if (error) return chunkVCBHSRCS_cjs.$err(error);
252
+ return chunkVCBHSRCS_cjs.$parseToObj(result);
253
253
  }
254
254
 
255
255
  // src/web/web-hash.ts
256
256
  async function $hash(data, options = {}) {
257
- if (!chunkX7IPAA7B_cjs.$isStr(data)) {
258
- return chunkX7IPAA7B_cjs.$err({
257
+ if (!chunkVCBHSRCS_cjs.$isStr(data)) {
258
+ return chunkVCBHSRCS_cjs.$err({
259
259
  message: "web hash: Data must be a non-empty string",
260
260
  description: "Received empty or non-string value"
261
261
  });
262
262
  }
263
- if (!chunkX7IPAA7B_cjs.$isPlainObj(options)) {
264
- return chunkX7IPAA7B_cjs.$err({
263
+ if (!chunkVCBHSRCS_cjs.$isPlainObj(options)) {
264
+ return chunkVCBHSRCS_cjs.$err({
265
265
  message: "web hash: Options must be a plain object",
266
266
  description: 'Pass an object like { digest: "sha256" }'
267
267
  });
268
268
  }
269
269
  const outputEncoding = options.outputEncoding ?? "base64url";
270
- if (!chunkX7IPAA7B_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
271
- return chunkX7IPAA7B_cjs.$err({
270
+ if (!chunkVCBHSRCS_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
271
+ return chunkVCBHSRCS_cjs.$err({
272
272
  message: `web hash: Unsupported output encoding: ${outputEncoding}`,
273
273
  description: "Use base64, base64url, or hex"
274
274
  });
275
275
  }
276
276
  const digest = options.digest ?? "sha256";
277
- if (!(digest in chunkX7IPAA7B_cjs.DIGEST_ALGORITHMS)) {
278
- return chunkX7IPAA7B_cjs.$err({
277
+ if (!(digest in chunkVCBHSRCS_cjs.DIGEST_ALGORITHMS)) {
278
+ return chunkVCBHSRCS_cjs.$err({
279
279
  message: `web hash: Unsupported digest: ${digest}`,
280
- description: `Supported digests are: ${Object.keys(chunkX7IPAA7B_cjs.DIGEST_ALGORITHMS).join(", ")}`
280
+ description: `Supported digests are: ${Object.keys(chunkVCBHSRCS_cjs.DIGEST_ALGORITHMS).join(", ")}`
281
281
  });
282
282
  }
283
- const digestAlgo = chunkX7IPAA7B_cjs.DIGEST_ALGORITHMS[digest];
283
+ const digestAlgo = chunkVCBHSRCS_cjs.DIGEST_ALGORITHMS[digest];
284
284
  const { result, error } = $convertStrToBytes2(data, "utf8");
285
- if (error) return chunkX7IPAA7B_cjs.$err(error);
285
+ if (error) return chunkVCBHSRCS_cjs.$err(error);
286
286
  try {
287
287
  const hashed = await globalThis.crypto.subtle.digest(digestAlgo.web, result);
288
288
  return $convertBytesToStr2(hashed, outputEncoding);
289
289
  } catch (error2) {
290
- return chunkX7IPAA7B_cjs.$err({ message: "web hash: Failed to hash data", description: chunkX7IPAA7B_cjs.$fmtError(error2) });
290
+ return chunkVCBHSRCS_cjs.$err({ message: "web hash: Failed to hash data", description: chunkVCBHSRCS_cjs.$fmtError(error2) });
291
291
  }
292
292
  }
293
293
  async function $hashPassword(password, options) {
294
- const validated = chunkX7IPAA7B_cjs.$validateHashPasswordOptions(password, options, "web");
295
- if (validated.error) return chunkX7IPAA7B_cjs.$err(validated.error);
294
+ const validated = chunkVCBHSRCS_cjs.$validateHashPasswordOptions(password, options, "web");
295
+ if (validated.error) return chunkVCBHSRCS_cjs.$err(validated.error);
296
296
  const { digestAlgo, outputEncoding, saltLength, iterations, keyLength } = validated;
297
297
  const salt = globalThis.crypto.getRandomValues(new Uint8Array(saltLength));
298
298
  let bits;
299
299
  try {
300
300
  const baseKey = await globalThis.crypto.subtle.importKey(
301
301
  "raw",
302
- chunkX7IPAA7B_cjs.textEncoder.encode(password.normalize("NFKC")),
302
+ chunkVCBHSRCS_cjs.textEncoder.encode(password.normalize("NFKC")),
303
303
  "PBKDF2",
304
304
  false,
305
305
  ["deriveBits"]
@@ -310,30 +310,30 @@ async function $hashPassword(password, options) {
310
310
  keyLength * 8
311
311
  );
312
312
  const saltStr = $convertBytesToStr2(salt, outputEncoding);
313
- if (saltStr.error) return chunkX7IPAA7B_cjs.$err(saltStr.error);
313
+ if (saltStr.error) return chunkVCBHSRCS_cjs.$err(saltStr.error);
314
314
  const hashedPasswordStr = $convertBytesToStr2(bits, outputEncoding);
315
- if (hashedPasswordStr.error) return chunkX7IPAA7B_cjs.$err(hashedPasswordStr.error);
316
- return chunkX7IPAA7B_cjs.$ok({ result: hashedPasswordStr.result, salt: saltStr.result });
315
+ if (hashedPasswordStr.error) return chunkVCBHSRCS_cjs.$err(hashedPasswordStr.error);
316
+ return chunkVCBHSRCS_cjs.$ok({ result: hashedPasswordStr.result, salt: saltStr.result });
317
317
  } catch (error) {
318
- return chunkX7IPAA7B_cjs.$err({ message: "web hashPassword: Failed to hash password", description: chunkX7IPAA7B_cjs.$fmtError(error) });
318
+ return chunkVCBHSRCS_cjs.$err({ message: "web hashPassword: Failed to hash password", description: chunkVCBHSRCS_cjs.$fmtError(error) });
319
319
  } finally {
320
320
  salt.fill(0);
321
321
  if (bits) new Uint8Array(bits).fill(0);
322
322
  }
323
323
  }
324
324
  async function $verifyPassword(password, hashedPassword, salt, options) {
325
- const validated = chunkX7IPAA7B_cjs.$validateVerifyPasswordOptions(password, hashedPassword, salt, options, "web");
326
- if (validated.error) return chunkX7IPAA7B_cjs.$err(validated.error);
325
+ const validated = chunkVCBHSRCS_cjs.$validateVerifyPasswordOptions(password, hashedPassword, salt, options, "web");
326
+ if (validated.error) return chunkVCBHSRCS_cjs.$err(validated.error);
327
327
  const { digestAlgo, inputEncoding, iterations, keyLength } = validated;
328
328
  const saltBytes = $convertStrToBytes2(salt, inputEncoding);
329
- if (saltBytes.error) return chunkX7IPAA7B_cjs.$err(saltBytes.error);
329
+ if (saltBytes.error) return chunkVCBHSRCS_cjs.$err(saltBytes.error);
330
330
  const hashedPasswordBytes = $convertStrToBytes2(hashedPassword, inputEncoding);
331
- if (hashedPasswordBytes.error) return chunkX7IPAA7B_cjs.$err(hashedPasswordBytes.error);
332
- if (hashedPasswordBytes.result.byteLength !== keyLength) return chunkX7IPAA7B_cjs.$ok(false);
331
+ if (hashedPasswordBytes.error) return chunkVCBHSRCS_cjs.$err(hashedPasswordBytes.error);
332
+ if (hashedPasswordBytes.result.byteLength !== keyLength) return chunkVCBHSRCS_cjs.$ok(false);
333
333
  try {
334
334
  const baseKey = await globalThis.crypto.subtle.importKey(
335
335
  "raw",
336
- chunkX7IPAA7B_cjs.textEncoder.encode(password.normalize("NFKC")),
336
+ chunkVCBHSRCS_cjs.textEncoder.encode(password.normalize("NFKC")),
337
337
  "PBKDF2",
338
338
  false,
339
339
  ["deriveBits"]
@@ -355,17 +355,17 @@ async function $verifyPassword(password, hashedPassword, salt, options) {
355
355
  diff |= left[i] ^ right[i];
356
356
  }
357
357
  try {
358
- return chunkX7IPAA7B_cjs.$ok(diff === 0);
358
+ return chunkVCBHSRCS_cjs.$ok(diff === 0);
359
359
  } finally {
360
360
  left.fill(0);
361
361
  right.fill(0);
362
362
  bits.fill(0);
363
363
  }
364
364
  } catch (error) {
365
- return chunkX7IPAA7B_cjs.$err({ message: "web verifyPassword: Verification failed", description: chunkX7IPAA7B_cjs.$fmtError(error) });
365
+ return chunkVCBHSRCS_cjs.$err({ message: "web verifyPassword: Verification failed", description: chunkVCBHSRCS_cjs.$fmtError(error) });
366
366
  } finally {
367
- saltBytes.result?.fill(0);
368
- hashedPasswordBytes.result?.fill(0);
367
+ saltBytes.result.fill(0);
368
+ hashedPasswordBytes.result.fill(0);
369
369
  }
370
370
  }
371
371
 
@@ -375,9 +375,9 @@ function isWebSecretKey(x) {
375
375
  }
376
376
  function tryGenerateUuid() {
377
377
  try {
378
- return chunkX7IPAA7B_cjs.$ok(globalThis.crypto.randomUUID());
378
+ return chunkVCBHSRCS_cjs.$ok(globalThis.crypto.randomUUID());
379
379
  } catch (error) {
380
- return chunkX7IPAA7B_cjs.$err({ message: "web generateUuid: Failed to generate UUID", description: chunkX7IPAA7B_cjs.$fmtError(error) });
380
+ return chunkVCBHSRCS_cjs.$err({ message: "web generateUuid: Failed to generate UUID", description: chunkVCBHSRCS_cjs.$fmtError(error) });
381
381
  }
382
382
  }
383
383
  function generateUuid() {
@@ -388,7 +388,7 @@ async function tryCreateSecretKey(secret, options = {}) {
388
388
  }
389
389
  async function createSecretKey(secret, options = {}) {
390
390
  const { result, error } = await $createSecretKey(secret, options);
391
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
391
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
392
392
  return result;
393
393
  }
394
394
  async function tryEncrypt(data, secretKey, options = {}) {
@@ -396,7 +396,7 @@ async function tryEncrypt(data, secretKey, options = {}) {
396
396
  }
397
397
  async function encrypt(data, secretKey, options = {}) {
398
398
  const { result, error } = await $encrypt(data, secretKey, options);
399
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
399
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
400
400
  return result;
401
401
  }
402
402
  async function tryDecrypt(encrypted, secretKey, options = {}) {
@@ -404,7 +404,7 @@ async function tryDecrypt(encrypted, secretKey, options = {}) {
404
404
  }
405
405
  async function decrypt(encrypted, secretKey, options = {}) {
406
406
  const { result, error } = await $decrypt(encrypted, secretKey, options);
407
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
407
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
408
408
  return result;
409
409
  }
410
410
  async function tryEncryptObj(obj, secretKey, options = {}) {
@@ -412,7 +412,7 @@ async function tryEncryptObj(obj, secretKey, options = {}) {
412
412
  }
413
413
  async function encryptObj(obj, secretKey, options = {}) {
414
414
  const { result, error } = await $encryptObj(obj, secretKey, options);
415
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
415
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
416
416
  return result;
417
417
  }
418
418
  async function tryDecryptObj(encrypted, secretKey, options = {}) {
@@ -420,7 +420,7 @@ async function tryDecryptObj(encrypted, secretKey, options = {}) {
420
420
  }
421
421
  async function decryptObj(encrypted, secretKey, options = {}) {
422
422
  const { result, error } = await $decryptObj(encrypted, secretKey, options);
423
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
423
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
424
424
  return result;
425
425
  }
426
426
  async function tryHash(data, options = {}) {
@@ -428,7 +428,7 @@ async function tryHash(data, options = {}) {
428
428
  }
429
429
  async function hash(data, options = {}) {
430
430
  const { result, error } = await $hash(data, options);
431
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
431
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
432
432
  return result;
433
433
  }
434
434
  async function tryHashPassword(password, options = {}) {
@@ -436,7 +436,7 @@ async function tryHashPassword(password, options = {}) {
436
436
  }
437
437
  async function hashPassword(password, options = {}) {
438
438
  const { result, salt, error } = await $hashPassword(password, options);
439
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
439
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
440
440
  return { result, salt };
441
441
  }
442
442
  async function tryVerifyPassword(password, hashedPassword, salt, options = {}) {
@@ -444,7 +444,7 @@ async function tryVerifyPassword(password, hashedPassword, salt, options = {}) {
444
444
  }
445
445
  async function verifyPassword(password, hashedPassword, salt, options = {}) {
446
446
  const { result, error } = await $verifyPassword(password, hashedPassword, salt, options);
447
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
447
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
448
448
  return result;
449
449
  }
450
450
  function tryConvertStrToBytes(data, inputEncoding = "utf8") {
@@ -452,7 +452,7 @@ function tryConvertStrToBytes(data, inputEncoding = "utf8") {
452
452
  }
453
453
  function convertStrToBytes(data, inputEncoding = "utf8") {
454
454
  const { result, error } = $convertStrToBytes2(data, inputEncoding);
455
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
455
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
456
456
  return result;
457
457
  }
458
458
  function tryConvertBytesToStr(data, outputEncoding = "utf8") {
@@ -460,7 +460,7 @@ function tryConvertBytesToStr(data, outputEncoding = "utf8") {
460
460
  }
461
461
  function convertBytesToStr(data, outputEncoding = "utf8") {
462
462
  const { result, error } = $convertBytesToStr2(data, outputEncoding);
463
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
463
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
464
464
  return result;
465
465
  }
466
466
  function tryConvertEncoding(data, from, to) {
@@ -468,7 +468,7 @@ function tryConvertEncoding(data, from, to) {
468
468
  }
469
469
  function convertEncoding(data, from, to) {
470
470
  const { result, error } = $convertEncoding(data, from, to);
471
- if (error) throw new Error(chunkX7IPAA7B_cjs.$fmtResultErr(error));
471
+ if (error) throw new Error(chunkVCBHSRCS_cjs.$fmtResultErr(error));
472
472
  return result;
473
473
  }
474
474
 
@@ -498,5 +498,5 @@ exports.tryHash = tryHash;
498
498
  exports.tryHashPassword = tryHashPassword;
499
499
  exports.tryVerifyPassword = tryVerifyPassword;
500
500
  exports.verifyPassword = verifyPassword;
501
- //# sourceMappingURL=chunk-LC5HP75W.cjs.map
502
- //# sourceMappingURL=chunk-LC5HP75W.cjs.map
501
+ //# sourceMappingURL=chunk-7254PEID.cjs.map
502
+ //# sourceMappingURL=chunk-7254PEID.cjs.map