cipher-kit 3.0.0-beta.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +3 -1
  2. package/dist/{chunk-ZYX6MYHS.cjs → chunk-3A4RTUKO.cjs} +101 -101
  3. package/dist/chunk-3A4RTUKO.cjs.map +1 -0
  4. package/dist/{chunk-LC5HP75W.cjs → chunk-7254PEID.cjs} +102 -102
  5. package/dist/chunk-7254PEID.cjs.map +1 -0
  6. package/dist/{chunk-ZN7EFZ7Z.js → chunk-GL32EZRA.js} +5 -5
  7. package/dist/chunk-GL32EZRA.js.map +1 -0
  8. package/dist/{chunk-4YR2SBOH.js → chunk-IY6XGUYO.js} +8 -2
  9. package/dist/chunk-IY6XGUYO.js.map +1 -0
  10. package/dist/{chunk-X7IPAA7B.cjs → chunk-VCBHSRCS.cjs} +8 -2
  11. package/dist/chunk-VCBHSRCS.cjs.map +1 -0
  12. package/dist/{chunk-3NFJMV33.js → chunk-X6MX4NDE.js} +3 -3
  13. package/dist/chunk-X6MX4NDE.js.map +1 -0
  14. package/dist/{export-DAIDJRX3.d.ts → export-B-3CCZIO.d.cts} +2 -1
  15. package/dist/{export-BEp4DFEB.d.cts → export-BPo6yPV-.d.ts} +2 -1
  16. package/dist/{export-Cxfev8fi.d.ts → export-C0_UEEg8.d.ts} +2 -1
  17. package/dist/{export-e7IN_bU5.d.cts → export-DPuocAr3.d.cts} +2 -1
  18. package/dist/index.cjs +11 -11
  19. package/dist/index.d.cts +5 -5
  20. package/dist/index.d.ts +5 -5
  21. package/dist/index.js +3 -3
  22. package/dist/node.cjs +33 -33
  23. package/dist/node.d.cts +2 -2
  24. package/dist/node.d.ts +2 -2
  25. package/dist/node.js +2 -2
  26. package/dist/{validate-DN59A2-Y.d.cts → validate-vDTesb-X.d.cts} +4 -1
  27. package/dist/{validate-DN59A2-Y.d.ts → validate-vDTesb-X.d.ts} +4 -1
  28. package/dist/web-api.cjs +33 -33
  29. package/dist/web-api.d.cts +2 -2
  30. package/dist/web-api.d.ts +2 -2
  31. package/dist/web-api.js +2 -2
  32. package/package.json +2 -2
  33. package/dist/chunk-3NFJMV33.js.map +0 -1
  34. package/dist/chunk-4YR2SBOH.js.map +0 -1
  35. package/dist/chunk-LC5HP75W.cjs.map +0 -1
  36. package/dist/chunk-X7IPAA7B.cjs.map +0 -1
  37. package/dist/chunk-ZN7EFZ7Z.js.map +0 -1
  38. package/dist/chunk-ZYX6MYHS.cjs.map +0 -1
package/dist/chunk-7254PEID.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/web/kit.ts","../src/web/web-encode.ts","../src/web/web-secret-key.ts","../src/web/web-encrypt.ts","../src/web/web-hash.ts"],"names":["__export","$convertStrToBytes","$err","$convertBytesToStr","$isStr","ENCODING","$ok","$validateSecretKeyBase","$isObj","$validateCreateSecretKeyOptions","textEncoder","$fmtError","$isPlainObj","CIPHER_ENCODING","GCM_IV_LENGTH","GCM_TAG_BYTES","$fmtResultErr","error","matchEncryptedPattern","$stringifyObj","$parseToObj","DIGEST_ALGORITHMS","$validateHashPasswordOptions","$validateVerifyPasswordOptions"],"mappings":";;;;;AAAA,IAAA,WAAA,GAAA;AAAAA,0BAAA,CAAA,WAAA,EAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,IAAA,EAAA,MAAA,IAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA;AAAA,CAAA,CAAA;;;ACaO,SAASC,mBAAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,MAAM,MAAA,GAASA,oCAAA,CAAkB,IAAA,EAAM,aAAa,CAAA;AACpD,EAAA,IAAI,OAAO,KAAA,EAAO;AAChB,IAAA,OAAOC,sBAAA,CAAK;AAAA,MACV,SAAS,MAAA,CAAO,KAAA,CAAM,OAAA,CAAQ,OAAA,CAAQ,eAAe,iBAAiB,CAAA;AAAA,MACtE,WAAA,EAAa,OAAO,KAAA,CAAM;AAAA,KAC3B,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAASC,mBAAAA,CAAmB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAwB;AACpH,EAAA,MAAM,MAAA,GAASA,oCAAA,CAAkB,IAAA,EAAM,cAAc,CAAA;AACrD,EAAA,IAAI,OAAO,KAAA,EAAO;AAChB,IAAA,OAAOD,sBAAA,CAAK;AAAA,MACV,SAAS,MAAA,CAAO,KAAA,CAAM,OAAA,CAAQ,OAAA,CAAQ,eAAe,iBAAiB,CAAA;AAAA,MACtE,WAAA,EAAa,OAAO,KAAA,CAAM;AAAA,KAC3B,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC3F,EAAA,IAAI,CAACE,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOF,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,sDAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAACG,2BAAS,QAAA,CAAS,IAAI,KAAK,CAACA,0BAAA,CAAS,QAAA,CAAS,EAAE,CAAA,EAAG;AACtD,IAAA,OAAOH,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,gDAAA,EAAmD,IAAI,CAAA,IAAA,EAAO,EAAE,CAAA,CAAA;AAAA,MACzE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,KAAA,GAAQD,mBAAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAC3C,EAAA,IAAI,KAAA,CAAM,KAAA,EAAO,OAAOC,sBAAA,CAAK,MAAM,KAAK,CAAA;AAExC,EAAA,MAAM,GAAA,GAAMC,mBAAAA,CAAmB,KAAA,CAAM,MAAA,EAAQ,EAAE,CAAA;AAC/C,EAAA,IAAI,GAAA,CAAI,KAAA,EAAO,OAAOD,sBAAA,CAAK,IAAI,KAAK,CAAA;AAEpC,EAAA,OAAOI,qBAAA,CAAI,IAAI,MAAM,CAAA;AACvB;;;AC3CO,SAAS,gBAAgB,CAAA,EAAiC;AAC/D,EAAA,MAAM,IAAA,GAAOC,wCAAA,CAAuB,CAAA,EAAG,KAAK,CAAA;AAC5C,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,IAAI,OAAO,WAAW,SAAA,KAAc,WAAA,IAAe,EAAE,IAAA,CAAK,GAAA,CAAI,GAAA,YAAe,SAAA,CAAA,EAAY,OAAO,IAAA;AAEhG,EAAA,IACE,CAACC,wBAAA,CAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAS,CAAA,IAC9B,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAA,CAAU,IAAA,KAAS,KAAK,SAAA,CAAU,GAAA,IAC9C,OAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,UAAU,MAAA,KAAW,QAAA,IACxC,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAA,CAAU,WAAW,IAAA,CAAK,SAAA,CAAU,QAAA,GAAW,CAAA,IAC9D,CAAC,KAAA,CAAM,QAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,IAClC,EAAE,KAAK,GAAA,CAAI,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,IAAK,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EACnF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,CAAA;AACT;AAEA,eAAsB,gBAAA,CACpB,QACA,OAAA,EAC2C;AAC3C,EAAA,MAAM,SAAA,GAAYC,iDAAA,CAAgC,MAAA,EAAQ,OAAA,EAAS,KAAK,CAAA;AACxE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOP,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,WAAA,EAAa,YAAW,GAAI,SAAA;AAEnE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACzC,KAAA;AAAA,MACAQ,6BAAA,CAAY,MAAA,CAAO,MAAA,CAAO,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC3C,MAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,WAAW;AAAA,KACd;AACA,IAAA,MAAM,WAAA,GAAc,QAAQ,WAAA,IAAe,KAAA;AAC3C,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACzC;AAAA,QACE,IAAA,EAAM,MAAA;AAAA,QACN,MAAM,UAAA,CAAW,GAAA;AAAA,QACjB,MAAMA,6BAAA,CAAY,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,QAC/C,MAAMA,6BAAA,CAAY,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC;AAAA,OACjD;AAAA,MACA,GAAA;AAAA,MACA,EAAE,IAAA,EAAM,WAAA,CAAY,KAAK,MAAA,EAAQ,WAAA,CAAY,WAAW,CAAA,EAAE;AAAA,MAC1D,WAAA;AAAA,MACA,CAAC,WAAW,SAAS;AAAA,KACvB;AACA,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,SAAA,EAAW,GAAA,EAAK,QAAA,EAAU,WAAA,EAAa,CAAA;AAElG,IAAA,OAAOJ,qBAAA,CAAI,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAAA,EAClC,SAAS,KAAA,EAAO;AACd,IAAA,OAAOJ,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAaS,4BAAU,KAAK;AAAA,KAC7B,CAAA;AAAA,EACH;AACF;;;ACzDA,eAAsB,QAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,IAAI,CAACP,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOF,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACU,6BAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAACW,iCAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAOX,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAA6C,cAAc,CAAA,CAAA;AAAA,MACpE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,gBAAgB,SAAS,CAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAOA,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAID,mBAAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAOC,sBAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,CAAO,gBAAgB,IAAI,UAAA,CAAWY,+BAAa,CAAC,CAAA;AAC1E,IAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,MACnD,EAAE,IAAA,EAAM,WAAA,CAAY,QAAA,CAAS,KAAK,EAAA,EAAG;AAAA,MACrC,WAAA,CAAY,GAAA;AAAA,MACZ;AAAA,KACF;AAEA,IAAA,MAAM,aAAa,aAAA,CAAc,KAAA,CAAM,CAAA,EAAG,aAAA,CAAc,aAAaC,+BAAa,CAAA;AAClF,IAAA,MAAM,GAAA,GAAM,aAAA,CAAc,KAAA,CAAM,aAAA,CAAc,aAAaA,+BAAa,CAAA;AAExE,IAAA,MAAM,KAAA,GAAQZ,mBAAAA,CAAmB,EAAA,EAAI,cAAc,CAAA;AACnD,IAAA,MAAM,SAAA,GAAYA,mBAAAA,CAAmB,UAAA,EAAY,cAAc,CAAA;AAC/D,IAAA,MAAM,MAAA,GAASA,mBAAAA,CAAmB,GAAA,EAAK,cAAc,CAAA;AAErD,IAAA,IAAI,KAAA,CAAM,KAAA,IAAS,SAAA,CAAU,KAAA,IAAS,OAAO,KAAA,EAAO;AAClD,MAAA,OAAOD,sBAAA,CAAK;AAAA,QACV,OAAA,EAAS,sCAAA;AAAA,QACT,WAAA,EAAa,qBAAqBc,+BAAA,CAAc,KAAA,CAAM,SAAS,SAAA,CAAU,KAAA,IAAS,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,OAChG,CAAA;AAAA,IACH;AAEA,IAAA,OAAOV,qBAAA,CAAI,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,CAAA,EAAI,UAAU,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACpE,SAASW,MAAAA,EAAO;AACd,IAAA,OAAOf,sBAAA,CAAK,EAAE,OAAA,EAAS,qCAAA,EAAuC,aAAaS,2BAAA,CAAUM,MAAK,GAAG,CAAA;AAAA,EAC/F,CAAA,SAAE;AACA,IAAA,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACf;AACF;AAEA,eAAsB,QAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,IAAI,CAACC,uCAAA,CAAsB,SAAS,CAAA,EAAG;AACrC,IAAA,OAAOhB,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACU,6BAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAACW,iCAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAOX,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAA4C,aAAa,CAAA,CAAA;AAAA,MAClE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,CAAC,IAAI,MAAA,EAAQ,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,KAAK,CAAC,CAAA;AAEhD,EAAA,MAAM,WAAA,GAAc,gBAAgB,SAAS,CAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAOA,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAUD,mBAAAA,CAAmB,EAAA,EAAI,aAAa,CAAA;AACpD,EAAA,MAAM,WAAA,GAAcA,mBAAAA,CAAmB,MAAA,EAAQ,aAAa,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAWA,mBAAAA,CAAmB,GAAA,EAAK,aAAa,CAAA;AAEtD,EAAA,IAAI,OAAA,CAAQ,KAAA,IAAS,WAAA,CAAY,KAAA,IAAS,SAAS,KAAA,EAAO;AACxD,IAAA,OAAOC,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,qCAAA;AAAA,MACT,WAAA,EAAa,qBAAqBc,+BAAA,CAAc,OAAA,CAAQ,SAAS,WAAA,CAAY,KAAA,IAAS,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,KACtG,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,MAAA,CAAO,UAAA,KAAeF,+BAAA,EAAe;AAC/C,IAAA,OAAOZ,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,gCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAYY,+BAAa,CAAA,YAAA,EAAe,OAAA,CAAQ,OAAO,UAAU,CAAA;AAAA,KAC/E,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,MAAA,CAAO,UAAA,KAAeC,+BAAA,EAAe;AAChD,IAAA,OAAOb,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,sCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAYa,+BAAa,CAAA,YAAA,EAAe,QAAA,CAAS,OAAO,UAAU,CAAA;AAAA,KAChF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,IAAI,UAAA,CAAW,WAAA,CAAY,OAAO,UAAA,GAAa,QAAA,CAAS,OAAO,UAAU,CAAA;AAC/F,EAAA,aAAA,CAAc,IAAI,IAAI,UAAA,CAAW,WAAA,CAAY,MAAM,GAAG,CAAC,CAAA;AACvD,EAAA,aAAA,CAAc,GAAA,CAAI,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA,EAAG,WAAA,CAAY,OAAO,UAAU,CAAA;AAEhF,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,SAAA,GAAY,IAAI,UAAA;AAAA,MACd,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,QAC7B,EAAE,IAAA,EAAM,WAAA,CAAY,SAAS,GAAA,EAAK,EAAA,EAAI,QAAQ,MAAA,EAAO;AAAA,QACrD,WAAA,CAAY,GAAA;AAAA,QACZ;AAAA;AACF,KACF;AAEA,IAAA,OAAOZ,mBAAAA,CAAmB,WAAW,MAAM,CAAA;AAAA,EAC7C,SAAS,KAAA,EAAO;AACd,IAAA,OAAOD,sBAAA,CAAK,EAAE,OAAA,EAAS,qCAAA,EAAuC,aAAaS,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC/F,CAAA,SAAE;AACA,IAAA,SAAA,EAAW,KAAK,CAAC,CAAA;AAAA,EACnB;AACF;AAEA,eAAsB,WAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIQ,gCAAc,IAAI,CAAA;AAC5C,EAAA,IAAI,KAAA,EAAO,OAAOjB,sBAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,MAAM,QAAA,CAAS,MAAA,EAAQ,SAAA,EAAW,OAAO,CAAA;AAClD;AAEA,eAAsB,WAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,EACgC;AAChC,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,KAAA,EAAO,OAAOA,sBAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAOkB,8BAAe,MAAM,CAAA;AAC9B;;;ACrLA,eAAsB,KAAA,CAAM,IAAA,EAAc,OAAA,GAAuB,EAAC,EAA4B;AAC5F,EAAA,IAAI,CAAChB,wBAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAOF,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAACU,6BAAA,CAAyB,OAAO,CAAA,EAAG;AACtC,IAAA,OAAOV,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAACW,iCAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAOX,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,cAAc,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAUmB,mCAAA,CAAA,EAAoB;AAClC,IAAA,OAAOnB,sBAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAiC,MAAM,CAAA,CAAA;AAAA,MAChD,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAKmB,mCAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAaA,oCAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIpB,mBAAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAOC,sBAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,MAAA,CAAO,OAAO,MAAA,CAAO,UAAA,CAAW,KAAK,MAAM,CAAA;AAC3E,IAAA,OAAOC,mBAAAA,CAAmB,QAAQ,cAAc,CAAA;AAAA,EAClD,SAASc,MAAAA,EAAO;AACd,IAAA,OAAOf,sBAAA,CAAK,EAAE,OAAA,EAAS,+BAAA,EAAiC,aAAaS,2BAAA,CAAUM,MAAK,GAAG,CAAA;AAAA,EACzF;AACF;AAEA,eAAsB,aAAA,CACpB,UACA,OAAA,EACmD;AACnD,EAAA,MAAM,SAAA,GAAYK,8CAAA,CAA6B,QAAA,EAAU,OAAA,EAAS,KAAK,CAAA;AACvE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOpB,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,cAAA,EAAgB,UAAA,EAAY,UAAA,EAAY,WAAU,GAAI,SAAA;AAE1E,EAAA,MAAM,OAAO,UAAA,CAAW,MAAA,CAAO,gBAAgB,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACzE,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MAC7C,KAAA;AAAA,MACAQ,6BAAA,CAAY,MAAA,CAAO,QAAA,CAAS,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC7C,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AACA,IAAA,IAAA,GAAO,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,MACpC,EAAE,IAAA,EAAM,QAAA,EAAU,MAAM,UAAA,EAAY,IAAA,EAAM,WAAW,GAAA,EAAI;AAAA,MACzD,OAAA;AAAA,MACA,SAAA,GAAY;AAAA,KACd;AAEA,IAAA,MAAM,OAAA,GAAUP,mBAAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAOD,sBAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,MAAM,iBAAA,GAAoBC,mBAAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACjE,IAAA,IAAI,iBAAA,CAAkB,KAAA,EAAO,OAAOD,sBAAA,CAAK,kBAAkB,KAAK,CAAA;AAEhE,IAAA,OAAOI,qBAAA,CAAI,EAAE,MAAA,EAAQ,iBAAA,CAAkB,QAAQ,IAAA,EAAM,OAAA,CAAQ,QAAQ,CAAA;AAAA,EACvE,SAAS,KAAA,EAAO;AACd,IAAA,OAAOJ,sBAAA,CAAK,EAAE,OAAA,EAAS,2CAAA,EAA6C,aAAaS,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACrG,CAAA,SAAE;AACA,IAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,IAAA,IAAI,MAAM,IAAI,UAAA,CAAW,IAAI,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,EACvC;AACF;AAEA,eAAsB,eAAA,CACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,YAAYY,gDAAA,CAA+B,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,SAAS,KAAK,CAAA;AAC/F,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOrB,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,aAAA,EAAe,UAAA,EAAY,WAAU,GAAI,SAAA;AAE7D,EAAA,MAAM,SAAA,GAAYD,mBAAAA,CAAmB,IAAA,EAAM,aAAa,CAAA;AACxD,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAOC,sBAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,mBAAA,GAAsBD,mBAAAA,CAAmB,cAAA,EAAgB,aAAa,CAAA;AAC5E,EAAA,IAAI,mBAAA,CAAoB,KAAA,EAAO,OAAOC,sBAAA,CAAK,oBAAoB,KAAK,CAAA;AAEpE,EAAA,IAAI,oBAAoB,MAAA,CAAO,UAAA,KAAe,SAAA,EAAW,OAAOI,sBAAI,KAAK,CAAA;AAEzE,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MAC7C,KAAA;AAAA,MACAI,6BAAA,CAAY,MAAA,CAAO,QAAA,CAAS,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC7C,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AAEA,IAAA,MAAM,OAAO,IAAI,UAAA;AAAA,MACf,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,QAC7B,EAAE,MAAM,QAAA,EAAU,IAAA,EAAM,UAAU,MAAA,EAAQ,UAAA,EAAY,IAAA,EAAM,UAAA,CAAW,GAAA,EAAI;AAAA,QAC3E,OAAA;AAAA,QACA,SAAA,GAAY;AAAA;AACd,KACF;AAEA,IAAA,MAAM,WAAW,mBAAA,CAAoB,MAAA;AACrC,IAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,CAAA;AACrC,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,SAAS,CAAA;AACtC,IAAA,IAAA,CAAK,IAAI,IAAI,CAAA;AACb,IAAA,KAAA,CAAM,IAAI,QAAQ,CAAA;AAGlB,IAAA,IAAI,IAAA,GAAO,CAAA;AACX,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,EAAW,CAAA,EAAA,EAAK;AAClC,MAAA,IAAA,IAAS,IAAA,CAAK,CAAC,CAAA,GAAgB,KAAA,CAAM,CAAC,CAAA;AAAA,IACxC;AACA,IAAA,IAAI;AACF,MAAA,OAAOJ,qBAAA,CAAI,SAAS,CAAC,CAAA;AAAA,IACvB,CAAA,SAAE;AACA,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AACZ,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AAAA,IACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAOJ,sBAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAaS,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG,CAAA,SAAE;AACA,IAAA,SAAA,CAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AACvB,IAAA,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACnC;AACF;;;AJ1HO,SAAS,eAAe,CAAA,EAA+B;AAC5D,EAAA,OAAO,eAAA,CAAgB,CAAC,CAAA,KAAM,IAAA;AAChC;AAQO,SAAS,eAAA,GAAkC;AAChD,EAAA,IAAI;AACF,IAAA,OAAOL,qBAAA,CAAI,UAAA,CAAW,MAAA,CAAO,UAAA,EAAY,CAAA;AAAA,EAC3C,SAAS,KAAA,EAAO;AACd,IAAA,OAAOJ,sBAAA,CAAK,EAAE,OAAA,EAAS,2CAAA,EAA6C,aAAaS,2BAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACrG;AACF;AAeO,SAAS,YAAA,GAAuB;AACrC,EAAA,OAAO,UAAA,CAAW,OAAO,UAAA,EAAW;AACtC;AAQA,eAAsB,kBAAA,CACpB,MAAA,EACA,OAAA,GAAkC,EAAC,EACQ;AAC3C,EAAA,OAAO,MAAM,gBAAA,CAAiB,MAAA,EAAQ,OAAO,CAAA;AAC/C;AAoBA,eAAsB,eAAA,CAAgB,MAAA,EAAgB,OAAA,GAAkC,EAAC,EAA0B;AACjH,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,MAAM,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMK,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,UAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,QAAA,CAAS,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAChD;AAwBA,eAAsB,OAAA,CAAQ,IAAA,EAAc,SAAA,EAAyB,OAAA,GAA0B,EAAC,EAAoB;AAClH,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,IAAA,EAAM,WAAW,OAAO,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,UAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,QAAA,CAAS,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AACrD;AAwBA,eAAsB,OAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACV;AACjB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,aAAA,CACpB,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,WAAA,CAAY,GAAA,EAAK,SAAA,EAAW,OAAO,CAAA;AAClD;AAuBA,eAAsB,UAAA,CACpB,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACV;AACjB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,WAAA,CAAY,GAAA,EAAK,WAAW,OAAO,CAAA;AACnE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,aAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACK;AAChC,EAAA,OAAO,MAAM,WAAA,CAAe,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAC3D;AAuBA,eAAsB,UAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACf;AACZ,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,WAAA,CAAe,SAAA,EAAW,WAAW,OAAO,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,OAAA,CAAQ,IAAA,EAAc,OAAA,GAAuB,EAAC,EAA4B;AAC9F,EAAA,OAAO,MAAM,KAAA,CAAM,IAAA,EAAM,OAAO,CAAA;AAClC;AAiBA,eAAsB,IAAA,CAAK,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAoB;AACnF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,MAAM,KAAA,CAAM,MAAM,OAAO,CAAA;AACnD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,eAAA,CACpB,QAAA,EACA,OAAA,GAA+B,EAAC,EACmB;AACnD,EAAA,OAAO,MAAM,aAAA,CAAc,QAAA,EAAU,OAAO,CAAA;AAC9C;AAoBA,eAAsB,YAAA,CACpB,QAAA,EACA,OAAA,GAA+B,EAAC,EACW;AAC3C,EAAA,MAAM,EAAE,QAAQ,IAAA,EAAM,KAAA,KAAU,MAAM,aAAA,CAAc,UAAU,OAAO,CAAA;AACrE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,EAAE,QAAQ,IAAA,EAAK;AACxB;AAQA,eAAsB,kBACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACR;AAC1B,EAAA,OAAO,MAAM,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,MAAM,OAAO,CAAA;AACtE;AA6BA,eAAsB,eACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EAChB;AAClB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,OAAO,CAAA;AACvF,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,OAAOf,mBAAAA,CAAmB,MAAM,aAAa,CAAA;AAC/C;AAiBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAiC;AACzG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIA,mBAAAA,CAAmB,MAAM,aAAa,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMe,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CACd,IAAA,EACA,cAAA,GAA2B,MAAA,EACX;AAChB,EAAA,OAAOb,mBAAAA,CAAmB,MAAM,cAAc,CAAA;AAChD;AAkBO,SAAS,iBAAA,CAAkB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAgB;AAC3G,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIA,mBAAAA,CAAmB,MAAM,cAAc,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMa,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,kBAAA,CAAmB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC7F,EAAA,OAAO,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,EAAE,CAAA;AACxC;AAkBO,SAAS,eAAA,CAAgB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAAsB;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,gBAAA,CAAiB,IAAA,EAAM,MAAM,EAAE,CAAA;AACzD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAMA,+BAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-7254PEID.cjs","sourcesContent":["import { $err, $fmtError, $fmtResultErr, $ok, type Result } from \"@internal/helpers\";\nimport type {\n CreateSecretKeyOptions,\n DecryptOptions,\n Encoding,\n EncryptOptions,\n HashOptions,\n HashPasswordOptions,\n VerifyPasswordOptions,\n} from \"~/helpers/types.js\";\nimport { $convertBytesToStr, $convertEncoding, $convertStrToBytes } from \"./web-encode.js\";\nimport { $decrypt, $decryptObj, $encrypt, $encryptObj } from \"./web-encrypt.js\";\nimport { $hash, $hashPassword, $verifyPassword } from \"./web-hash.js\";\nimport { $createSecretKey, $isWebSecretKey, type WebSecretKey } from \"./web-secret-key.js\";\n\n/**\n * Checks whether a value is a `WebSecretKey` for the Web Crypto platform.\n *\n * @param x - The value to check.\n * @returns `true` if `x` is a `WebSecretKey`.\n *\n * @example\n * ```ts\n * isWebSecretKey(webKey); // true\n * isWebSecretKey({}); // false\n * ```\n */\nexport function isWebSecretKey(x: unknown): x is WebSecretKey {\n return $isWebSecretKey(x) !== null;\n}\n\n/**\n * Generates a UUID (v4) (non-throwing).\n *\n * @returns `Result<string>` with the UUID or error.\n * @see {@link generateUuid} For full parameter/behavior docs.\n */\nexport function tryGenerateUuid(): Result<string> {\n try {\n return $ok(globalThis.crypto.randomUUID());\n } catch (error) {\n return $err({ message: \"web generateUuid: Failed to generate UUID\", description: $fmtError(error) });\n }\n}\n\n/**\n * Generates a cryptographically random UUID (v4).\n *\n * @returns A UUID string.\n * @throws {Error} If UUID generation fails.\n *\n * @example\n * ```ts\n * const uuid = generateUuid();\n * ```\n *\n * @see {@link tryGenerateUuid} Non-throwing variant returning `Result<string>`.\n */\nexport function generateUuid(): string {\n return globalThis.crypto.randomUUID();\n}\n\n/**\n * Derives a `WebSecretKey` from a high-entropy secret (non-throwing).\n *\n * @returns `Promise<Result<{ result: WebSecretKey }>>` with the derived key or error.\n * @see {@link createSecretKey} For full parameter/behavior docs.\n */\nexport async function tryCreateSecretKey(\n secret: string,\n options: CreateSecretKeyOptions = {},\n): Promise<Result<{ result: WebSecretKey }>> {\n return await $createSecretKey(secret, options);\n}\n\n/**\n * Derives a `WebSecretKey` from a high-entropy secret for encryption/decryption.\n *\n * @remarks\n * Uses HKDF via the Web Crypto API to derive a symmetric key from the input string.\n *\n * @param secret - High-entropy secret (min 8 chars). For human-chosen passwords, use {@link hashPassword} instead.\n * @param options - Key derivation options.\n * @returns The derived `WebSecretKey`.\n * @throws {Error} If key derivation fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-32-char-high-entropy-secret!!\");\n * ```\n *\n * @see {@link tryCreateSecretKey} Non-throwing variant returning `Result`.\n */\nexport async function createSecretKey(secret: string, options: CreateSecretKeyOptions = {}): Promise<WebSecretKey> {\n const { result, error } = await $createSecretKey(secret, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a UTF-8 string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the ciphertext or error.\n * @see {@link encrypt} For full parameter/behavior docs.\n */\nexport async function tryEncrypt(\n data: string,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<Result<string>> {\n return await $encrypt(data, secretKey, options);\n}\n\n/**\n * Encrypts a UTF-8 string using the provided `WebSecretKey`.\n *\n * @remarks\n * Output format: `\"iv.cipher.tag.\"` (three dot-separated base64url segments plus trailing dot).\n * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.\n * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.\n *\n * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).\n * @param secretKey - The `WebSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encrypt(\"Hello, World!\", secretKey);\n * ```\n *\n * @see {@link tryEncrypt} Non-throwing variant returning `Result<string>`.\n */\nexport async function encrypt(data: string, secretKey: WebSecretKey, options: EncryptOptions = {}): Promise<string> {\n const { result, error } = await $encrypt(data, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts a ciphertext string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the plaintext or error.\n * @see {@link decrypt} For full parameter/behavior docs.\n */\nexport async function tryDecrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<Result<string>> {\n return await $decrypt(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts a ciphertext string using the provided `WebSecretKey`.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.\n *\n * @param encrypted - The encrypted string to decrypt.\n * @param secretKey - The `WebSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted UTF-8 string.\n * @throws {Error} If the input or key is invalid, or decryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encrypt(\"Hello, World!\", secretKey);\n * const decrypted = await decrypt(encrypted, secretKey); // \"Hello, World!\"\n * ```\n *\n * @see {@link tryDecrypt} Non-throwing variant returning `Result<string>`.\n */\nexport async function decrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<string> {\n const { result, error } = await $decrypt(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a plain object (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the ciphertext or error.\n * @see {@link encryptObj} For full parameter/behavior docs.\n */\nexport async function tryEncryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<Result<string>> {\n return await $encryptObj(obj, secretKey, options);\n}\n\n/**\n * Encrypts a plain object using the provided `WebSecretKey`.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n * Output format: `\"iv.cipher.tag.\"`.\n *\n * @param obj - Plain object to encrypt.\n * @param secretKey - The `WebSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encryptObj({ a: 1 }, secretKey);\n * ```\n *\n * @see {@link tryEncryptObj} Non-throwing variant returning `Result<string>`.\n */\nexport async function encryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<string> {\n const { result, error } = await $encryptObj(obj, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object (non-throwing).\n *\n * @returns `Promise<Result<{ result: T }>>` with the object or error.\n * @see {@link decryptObj} For full parameter/behavior docs.\n */\nexport async function tryDecryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<Result<{ result: T }>> {\n return await $decryptObj<T>(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n *\n * @param encrypted - The encrypted string.\n * @param secretKey - The `WebSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted object.\n * @throws {Error} If decryption or JSON parsing fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encryptObj({ a: 1 }, secretKey);\n * const obj = await decryptObj<{ a: number }>(encrypted, secretKey); // obj.a === 1\n * ```\n *\n * @see {@link tryDecryptObj} Non-throwing variant returning `Result`.\n */\nexport async function decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<T> {\n const { result, error } = await $decryptObj<T>(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a UTF-8 string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the hash or error.\n * @see {@link hash} For full parameter/behavior docs.\n */\nexport async function tryHash(data: string, options: HashOptions = {}): Promise<Result<string>> {\n return await $hash(data, options);\n}\n\n/**\n * Hashes a UTF-8 string using the specified digest algorithm.\n *\n * @param data - The input string to hash.\n * @param options - Hash options.\n * @returns The hashed string.\n * @throws {Error} If input is invalid or hashing fails.\n *\n * @example\n * ```ts\n * const hashed = await hash(\"my data\");\n * ```\n *\n * @see {@link tryHash} Non-throwing variant returning `Result<string>`.\n */\nexport async function hash(data: string, options: HashOptions = {}): Promise<string> {\n const { result, error } = await $hash(data, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a password using PBKDF2 (non-throwing).\n *\n * @returns `Promise<Result<{ result: string; salt: string }>>` with the hash/salt or error.\n * @see {@link hashPassword} For full parameter/behavior docs.\n */\nexport async function tryHashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Promise<Result<{ result: string; salt: string }>> {\n return await $hashPassword(password, options);\n}\n\n/**\n * Hashes a password using PBKDF2.\n *\n * @remarks\n * Defaults: `sha512`, 320 000 iterations, 64-byte key, 16-byte random salt.\n *\n * @param password - The password to hash.\n * @param options - Password hashing options.\n * @returns `{ result, salt }` for storage.\n * @throws {Error} If inputs are invalid or hashing fails.\n *\n * @example\n * ```ts\n * const { result, salt } = await hashPassword(\"my-password\");\n * ```\n *\n * @see {@link tryHashPassword} Non-throwing variant returning `Result`.\n */\nexport async function hashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Promise<{ result: string; salt: string }> {\n const { result, salt, error } = await $hashPassword(password, options);\n if (error) throw new Error($fmtResultErr(error));\n return { result, salt };\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash (non-throwing).\n *\n * @returns `Promise<Result<boolean>>` — `true` if the password matches, `false` if not, or an error for invalid inputs/options.\n * @see {@link verifyPassword} For full parameter/behavior docs.\n */\nexport async function tryVerifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Promise<Result<boolean>> {\n return await $verifyPassword(password, hashedPassword, salt, options);\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash.\n *\n * @remarks\n * Re-derives the key with the same parameters and compares using a full-loop XOR pattern.\n * This is best-effort constant-time; JS JIT optimization may introduce timing variation.\n * The Web Crypto API does not expose a `timingSafeEqual` equivalent.\n * For timing-critical deployments, prefer the Node implementation which uses `crypto.timingSafeEqual`.\n * Throws for invalid inputs/options (bad encoding, wrong parameters, non-decodable salt/hash).\n * Returns `false` for password mismatch or length-mismatched hash.\n *\n * @param password - The plain password to verify.\n * @param hashedPassword - The stored hash (encoded).\n * @param salt - The stored salt (encoded).\n * @param options - Verification options (must match the parameters used to hash).\n * @returns `true` if the password matches, otherwise `false`.\n * @throws {Error} If verification input/options are invalid.\n *\n * @example\n * ```ts\n * const { result, salt } = await hashPassword(\"my-password\");\n * await verifyPassword(\"my-password\", result, salt); // true\n * await verifyPassword(\"wrong-password\", result, salt); // false\n * ```\n *\n * @see {@link tryVerifyPassword} Non-throwing variant returning `Result<boolean>`.\n */\nexport async function verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Promise<boolean> {\n const { result, error } = await $verifyPassword(password, hashedPassword, salt, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a string to a `Uint8Array` (non-throwing).\n *\n * @returns `Result<{ result: Uint8Array<ArrayBuffer> }>` with the bytes or error.\n * @see {@link convertStrToBytes} For full parameter/behavior docs.\n */\nexport function tryConvertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n return $convertStrToBytes(data, inputEncoding);\n}\n\n/**\n * Converts a string to a `Uint8Array` using the specified encoding.\n *\n * @param data - The input string to convert.\n * @param inputEncoding - Source encoding (default: `'utf8'`).\n * @returns A `Uint8Array` containing the bytes.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * ```\n *\n * @see {@link tryConvertStrToBytes} Non-throwing variant returning `Result`.\n */\nexport function convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Uint8Array<ArrayBuffer> {\n const { result, error } = $convertStrToBytes(data, inputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a `Uint8Array` or `ArrayBuffer` to a string (non-throwing).\n *\n * @returns `Result<string>` with the encoded string or error.\n * @see {@link convertBytesToStr} For full parameter/behavior docs.\n */\nexport function tryConvertBytesToStr(\n data: Uint8Array | ArrayBuffer,\n outputEncoding: Encoding = \"utf8\",\n): Result<string> {\n return $convertBytesToStr(data, outputEncoding);\n}\n\n/**\n * Converts a `Uint8Array` or `ArrayBuffer` to a string using the specified encoding.\n *\n * @param data - The bytes to convert.\n * @param outputEncoding - Target encoding (default: `'utf8'`).\n * @returns The encoded string.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * const str = convertBytesToStr(bytes, \"utf8\"); // \"Hello\"\n * ```\n *\n * @see {@link tryConvertBytesToStr} Non-throwing variant returning `Result<string>`.\n */\nexport function convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): string {\n const { result, error } = $convertBytesToStr(data, outputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts text between encodings (non-throwing).\n *\n * @returns `Result<string>` with the re-encoded string or error.\n * @see {@link convertEncoding} For full parameter/behavior docs.\n */\nexport function tryConvertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n return $convertEncoding(data, from, to);\n}\n\n/**\n * Converts text between encodings.\n *\n * @param data - The input string.\n * @param from - Current encoding of `data`.\n * @param to - Target encoding.\n * @returns The re-encoded string.\n * @throws {Error} If encodings are invalid or conversion fails.\n *\n * @example\n * ```ts\n * const encoded = convertEncoding(\"Hello\", \"utf8\", \"base64url\");\n * ```\n *\n * @see {@link tryConvertEncoding} Non-throwing variant returning `Result<string>`.\n */\nexport function convertEncoding(data: string, from: Encoding, to: Encoding): string {\n const { result, error } = $convertEncoding(data, from, to);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n","import {\n $err,\n $isStr,\n $ok,\n $convertBytesToStr as $sharedBytesToStr,\n $convertStrToBytes as $sharedStrToBytes,\n type Result,\n} from \"@internal/helpers\";\nimport { ENCODING } from \"~/helpers/consts.js\";\nimport type { Encoding } from \"~/helpers/types.js\";\n\nexport { textDecoder, textEncoder } from \"@internal/helpers\";\n\nexport function $convertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n const result = $sharedStrToBytes(data, inputEncoding);\n if (result.error) {\n return $err({\n message: result.error.message.replace(\"strToBytes:\", \"web strToBytes:\"),\n description: result.error.description,\n });\n }\n return result;\n}\n\nexport function $convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n const result = $sharedBytesToStr(data, outputEncoding);\n if (result.error) {\n return $err({\n message: result.error.message.replace(\"bytesToStr:\", \"web bytesToStr:\"),\n description: result.error.description,\n });\n }\n return result;\n}\n\nexport function $convertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"web convertEncoding: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n if (!ENCODING.includes(from) || !ENCODING.includes(to)) {\n return $err({\n message: `web convertEncoding: Unsupported encoding: from ${from} to ${to}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n const bytes = $convertStrToBytes(data, from);\n if (bytes.error) return $err(bytes.error);\n\n const str = $convertBytesToStr(bytes.result, to);\n if (str.error) return $err(str.error);\n\n return $ok(str.result);\n}\n","import { $err, $fmtError, $ok, type Result } from \"@internal/helpers\";\nimport type { DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { CreateSecretKeyOptions } from \"~/helpers/types.js\";\nimport { $isObj, $validateCreateSecretKeyOptions, $validateSecretKeyBase } from \"~/helpers/validate.js\";\nimport { textEncoder } from \"./web-encode.js\";\n\ndeclare const __brand: unique symbol;\n\nexport type WebSecretKey = {\n readonly platform: \"web\";\n readonly digest: keyof typeof DIGEST_ALGORITHMS;\n readonly algorithm: keyof typeof ENCRYPTION_ALGORITHMS;\n readonly key: CryptoKey;\n readonly injected: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} & { readonly [__brand]: \"secretKey-web\" };\n\nexport function $isWebSecretKey(x: unknown): WebSecretKey | null {\n const base = $validateSecretKeyBase(x, \"web\");\n if (!base) return null;\n\n if (typeof globalThis.CryptoKey === \"undefined\" || !(base.obj.key instanceof CryptoKey)) return null;\n\n if (\n !$isObj(base.obj.key.algorithm) ||\n base.obj.key.algorithm.name !== base.algorithm.web ||\n (typeof base.obj.key.algorithm.length === \"number\" &&\n base.obj.key.algorithm.length !== base.algorithm.keyBytes * 8) ||\n !Array.isArray(base.obj.key.usages) ||\n !(base.obj.key.usages.includes(\"encrypt\") && base.obj.key.usages.includes(\"decrypt\"))\n ) {\n return null;\n }\n return x as WebSecretKey;\n}\n\nexport async function $createSecretKey(\n secret: string,\n options: CreateSecretKeyOptions,\n): Promise<Result<{ result: WebSecretKey }>> {\n const validated = $validateCreateSecretKeyOptions(secret, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { algorithm, digest, salt, info, encryptAlgo, digestAlgo } = validated;\n\n try {\n const ikm = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(secret.normalize(\"NFKC\")),\n \"HKDF\",\n false,\n [\"deriveKey\"],\n );\n const extractable = options.extractable ?? false;\n const key = await globalThis.crypto.subtle.deriveKey(\n {\n name: \"HKDF\",\n hash: digestAlgo.web,\n salt: textEncoder.encode(salt.normalize(\"NFKC\")),\n info: textEncoder.encode(info.normalize(\"NFKC\")),\n },\n ikm,\n { name: encryptAlgo.web, length: encryptAlgo.keyBytes * 8 },\n extractable,\n [\"encrypt\", \"decrypt\"],\n );\n const secretKey = Object.freeze({ platform: \"web\", digest, algorithm, key, injected: encryptAlgo }) as WebSecretKey;\n\n return $ok({ result: secretKey });\n } catch (error) {\n return $err({\n message: \"web createSecretKey: Failed to derive key\",\n description: $fmtError(error),\n });\n }\n}\n","import {\n $err,\n $fmtError,\n $fmtResultErr,\n $isPlainObj,\n $isStr,\n $ok,\n $parseToObj,\n $stringifyObj,\n type Result,\n} from \"@internal/helpers\";\nimport { CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES } from \"~/helpers/consts.js\";\nimport type { DecryptOptions, EncryptOptions } from \"~/helpers/types.js\";\nimport { matchEncryptedPattern } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./web-encode.js\";\nimport { $isWebSecretKey, type WebSecretKey } from \"./web-secret-key.js\";\n\nexport async function $encrypt(\n data: string,\n secretKey: WebSecretKey,\n options: EncryptOptions,\n): Promise<Result<string>> {\n if (!$isStr(data)) {\n return $err({\n message: \"web encrypt: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<EncryptOptions>(options)) {\n return $err({\n message: \"web encrypt: Options must be a plain object\",\n description: 'Pass an object like { outputEncoding: \"base64url\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `web encrypt: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const injectedKey = $isWebSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"web encrypt: Invalid secret key\",\n description: \"Expected a WebSecretKey created by webKit.createSecretKey()\",\n });\n }\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const iv = globalThis.crypto.getRandomValues(new Uint8Array(GCM_IV_LENGTH));\n const cipherWithTag = await globalThis.crypto.subtle.encrypt(\n { name: injectedKey.injected.web, iv },\n injectedKey.key,\n result,\n );\n\n const cipherOnly = cipherWithTag.slice(0, cipherWithTag.byteLength - GCM_TAG_BYTES);\n const tag = cipherWithTag.slice(cipherWithTag.byteLength - GCM_TAG_BYTES);\n\n const ivStr = $convertBytesToStr(iv, outputEncoding);\n const cipherStr = $convertBytesToStr(cipherOnly, outputEncoding);\n const tagStr = $convertBytesToStr(tag, outputEncoding);\n\n if (ivStr.error || cipherStr.error || tagStr.error) {\n return $err({\n message: \"web encrypt: Failed to encode output\",\n description: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`,\n });\n }\n\n return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);\n } catch (error) {\n return $err({ message: \"web encrypt: Failed to encrypt data\", description: $fmtError(error) });\n } finally {\n result.fill(0);\n }\n}\n\nexport async function $decrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions,\n): Promise<Result<string>> {\n if (!matchEncryptedPattern(encrypted)) {\n return $err({\n message: \"web decrypt: Invalid encrypted data format\",\n description: 'Encrypted data must be in the format \"iv.cipher.tag.\"',\n });\n }\n\n if (!$isPlainObj<DecryptOptions>(options)) {\n return $err({\n message: \"web decrypt: Options must be a plain object\",\n description: 'Pass an object like { inputEncoding: \"base64url\" }',\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `web decrypt: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const [iv, cipher, tag] = encrypted.split(\".\", 4) as [string, string, string];\n\n const injectedKey = $isWebSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"web decrypt: Invalid secret key\",\n description: \"Expected a WebSecretKey created by webKit.createSecretKey()\",\n });\n }\n\n const ivBytes = $convertStrToBytes(iv, inputEncoding);\n const cipherBytes = $convertStrToBytes(cipher, inputEncoding);\n const tagBytes = $convertStrToBytes(tag, inputEncoding);\n\n if (ivBytes.error || cipherBytes.error || tagBytes.error) {\n return $err({\n message: \"web decrypt: Failed to decode input\",\n description: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`,\n });\n }\n\n if (ivBytes.result.byteLength !== GCM_IV_LENGTH) {\n return $err({\n message: \"web decrypt: Invalid IV length\",\n description: `Expected ${GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`,\n });\n }\n\n if (tagBytes.result.byteLength !== GCM_TAG_BYTES) {\n return $err({\n message: \"web decrypt: Invalid auth tag length\",\n description: `Expected ${GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`,\n });\n }\n\n const cipherWithTag = new Uint8Array(cipherBytes.result.byteLength + tagBytes.result.byteLength);\n cipherWithTag.set(new Uint8Array(cipherBytes.result), 0);\n cipherWithTag.set(new Uint8Array(tagBytes.result), cipherBytes.result.byteLength);\n\n let decrypted: Uint8Array | undefined;\n try {\n decrypted = new Uint8Array(\n await globalThis.crypto.subtle.decrypt(\n { name: injectedKey.injected.web, iv: ivBytes.result },\n injectedKey.key,\n cipherWithTag,\n ),\n );\n\n return $convertBytesToStr(decrypted, \"utf8\");\n } catch (error) {\n return $err({ message: \"web decrypt: Failed to decrypt data\", description: $fmtError(error) });\n } finally {\n decrypted?.fill(0);\n }\n}\n\nexport async function $encryptObj<T extends object = Record<string, unknown>>(\n data: T,\n secretKey: WebSecretKey,\n options: EncryptOptions,\n): Promise<Result<string>> {\n const { result, error } = $stringifyObj(data);\n if (error) return $err(error);\n return await $encrypt(result, secretKey, options);\n}\n\nexport async function $decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions,\n): Promise<Result<{ result: T }>> {\n const { result, error } = await $decrypt(encrypted, secretKey, options);\n if (error) return $err(error);\n return $parseToObj<T>(result);\n}\n","import { $err, $fmtError, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { CIPHER_ENCODING, DIGEST_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { HashOptions, HashPasswordOptions, VerifyPasswordOptions } from \"~/helpers/types.js\";\nimport { $validateHashPasswordOptions, $validateVerifyPasswordOptions } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes, textEncoder } from \"./web-encode.js\";\n\nexport async function $hash(data: string, options: HashOptions = {}): Promise<Result<string>> {\n if (!$isStr(data)) {\n return $err({\n message: \"web hash: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashOptions>(options)) {\n return $err({\n message: \"web hash: Options must be a plain object\",\n description: 'Pass an object like { digest: \"sha256\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `web hash: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `web hash: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n const digestAlgo = DIGEST_ALGORITHMS[digest];\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const hashed = await globalThis.crypto.subtle.digest(digestAlgo.web, result);\n return $convertBytesToStr(hashed, outputEncoding);\n } catch (error) {\n return $err({ message: \"web hash: Failed to hash data\", description: $fmtError(error) });\n }\n}\n\nexport async function $hashPassword(\n password: string,\n options: HashPasswordOptions,\n): Promise<Result<{ result: string; salt: string }>> {\n const validated = $validateHashPasswordOptions(password, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, outputEncoding, saltLength, iterations, keyLength } = validated;\n\n const salt = globalThis.crypto.getRandomValues(new Uint8Array(saltLength));\n let bits: ArrayBuffer | undefined;\n try {\n const baseKey = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(password.normalize(\"NFKC\")),\n \"PBKDF2\",\n false,\n [\"deriveBits\"],\n );\n bits = await globalThis.crypto.subtle.deriveBits(\n { name: \"PBKDF2\", salt, iterations, hash: digestAlgo.web },\n baseKey,\n keyLength * 8,\n );\n\n const saltStr = $convertBytesToStr(salt, outputEncoding);\n if (saltStr.error) return $err(saltStr.error);\n\n const hashedPasswordStr = $convertBytesToStr(bits, outputEncoding);\n if (hashedPasswordStr.error) return $err(hashedPasswordStr.error);\n\n return $ok({ result: hashedPasswordStr.result, salt: saltStr.result });\n } catch (error) {\n return $err({ message: \"web hashPassword: Failed to hash password\", description: $fmtError(error) });\n } finally {\n salt.fill(0);\n if (bits) new Uint8Array(bits).fill(0);\n }\n}\n\nexport async function $verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n): Promise<Result<boolean>> {\n const validated = $validateVerifyPasswordOptions(password, hashedPassword, salt, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, inputEncoding, iterations, keyLength } = validated;\n\n const saltBytes = $convertStrToBytes(salt, inputEncoding);\n if (saltBytes.error) return $err(saltBytes.error);\n\n const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);\n if (hashedPasswordBytes.error) return $err(hashedPasswordBytes.error);\n\n if (hashedPasswordBytes.result.byteLength !== keyLength) return $ok(false);\n\n try {\n const baseKey = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(password.normalize(\"NFKC\")),\n \"PBKDF2\",\n false,\n [\"deriveBits\"],\n );\n\n const bits = new Uint8Array(\n await globalThis.crypto.subtle.deriveBits(\n { name: \"PBKDF2\", salt: saltBytes.result, iterations, hash: digestAlgo.web },\n baseKey,\n keyLength * 8,\n ),\n );\n\n const expected = hashedPasswordBytes.result;\n const left = new Uint8Array(keyLength);\n const right = new Uint8Array(keyLength);\n left.set(bits);\n right.set(expected);\n\n // Best-effort constant-time comparison; JS JIT may introduce timing variation\n let diff = 0;\n for (let i = 0; i < keyLength; i++) {\n diff |= (left[i] as number) ^ (right[i] as number);\n }\n try {\n return $ok(diff === 0);\n } finally {\n left.fill(0);\n right.fill(0);\n bits.fill(0);\n }\n } catch (error) {\n return $err({ message: \"web verifyPassword: Verification failed\", description: $fmtError(error) });\n } finally {\n saltBytes.result.fill(0);\n hashedPasswordBytes.result.fill(0);\n }\n}\n"]}
package/dist/{chunk-ZN7EFZ7Z.js → chunk-GL32EZRA.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { __export, $ok, $err, $fmtError, $fmtResultErr, $validateSecretKeyBase, $isObj, $validateCreateSecretKeyOptions, textEncoder, $isStr, $isPlainObj, CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES, matchEncryptedPattern, $stringifyObj, $parseToObj, DIGEST_ALGORITHMS, $validateHashPasswordOptions, $validateVerifyPasswordOptions, $convertStrToBytes, $convertBytesToStr, ENCODING } from './chunk-4YR2SBOH.js';
1
+ import { __export, $ok, $err, $fmtError, $fmtResultErr, $validateSecretKeyBase, $isObj, $validateCreateSecretKeyOptions, textEncoder, $isStr, $isPlainObj, CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES, matchEncryptedPattern, $stringifyObj, $parseToObj, DIGEST_ALGORITHMS, $validateHashPasswordOptions, $validateVerifyPasswordOptions, $convertStrToBytes, $convertBytesToStr, ENCODING } from './chunk-IY6XGUYO.js';
2
2
 
3
3
  // src/web/kit.ts
4
4
  var kit_exports = {};
@@ -362,8 +362,8 @@ async function $verifyPassword(password, hashedPassword, salt, options) {
362
362
  } catch (error) {
363
363
  return $err({ message: "web verifyPassword: Verification failed", description: $fmtError(error) });
364
364
  } finally {
365
- saltBytes.result?.fill(0);
366
- hashedPasswordBytes.result?.fill(0);
365
+ saltBytes.result.fill(0);
366
+ hashedPasswordBytes.result.fill(0);
367
367
  }
368
368
  }
369
369
 
@@ -471,5 +471,5 @@ function convertEncoding(data, from, to) {
471
471
  }
472
472
 
473
473
  export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, isWebSecretKey, kit_exports, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, tryVerifyPassword, verifyPassword };
474
- //# sourceMappingURL=chunk-ZN7EFZ7Z.js.map
475
- //# sourceMappingURL=chunk-ZN7EFZ7Z.js.map
474
+ //# sourceMappingURL=chunk-GL32EZRA.js.map
475
+ //# sourceMappingURL=chunk-GL32EZRA.js.map
package/dist/chunk-GL32EZRA.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/web/kit.ts","../src/web/web-encode.ts","../src/web/web-secret-key.ts","../src/web/web-encrypt.ts","../src/web/web-hash.ts"],"names":["$convertStrToBytes","$convertBytesToStr","error"],"mappings":";;;AAAA,IAAA,WAAA,GAAA;AAAA,QAAA,CAAA,WAAA,EAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,IAAA,EAAA,MAAA,IAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,cAAA,EAAA,MAAA,cAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA;AAAA,CAAA,CAAA;;;ACaO,SAASA,mBAAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,MAAM,MAAA,GAAS,kBAAA,CAAkB,IAAA,EAAM,aAAa,CAAA;AACpD,EAAA,IAAI,OAAO,KAAA,EAAO;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,SAAS,MAAA,CAAO,KAAA,CAAM,OAAA,CAAQ,OAAA,CAAQ,eAAe,iBAAiB,CAAA;AAAA,MACtE,WAAA,EAAa,OAAO,KAAA,CAAM;AAAA,KAC3B,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAASC,mBAAAA,CAAmB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAwB;AACpH,EAAA,MAAM,MAAA,GAAS,kBAAA,CAAkB,IAAA,EAAM,cAAc,CAAA;AACrD,EAAA,IAAI,OAAO,KAAA,EAAO;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,SAAS,MAAA,CAAO,KAAA,CAAM,OAAA,CAAQ,OAAA,CAAQ,eAAe,iBAAiB,CAAA;AAAA,MACtE,WAAA,EAAa,OAAO,KAAA,CAAM;AAAA,KAC3B,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC3F,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,sDAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAAC,SAAS,QAAA,CAAS,IAAI,KAAK,CAAC,QAAA,CAAS,QAAA,CAAS,EAAE,CAAA,EAAG;AACtD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,gDAAA,EAAmD,IAAI,CAAA,IAAA,EAAO,EAAE,CAAA,CAAA;AAAA,MACzE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,KAAA,GAAQD,mBAAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAC3C,EAAA,IAAI,KAAA,CAAM,KAAA,EAAO,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAExC,EAAA,MAAM,GAAA,GAAMC,mBAAAA,CAAmB,KAAA,CAAM,MAAA,EAAQ,EAAE,CAAA;AAC/C,EAAA,IAAI,GAAA,CAAI,KAAA,EAAO,OAAO,IAAA,CAAK,IAAI,KAAK,CAAA;AAEpC,EAAA,OAAO,GAAA,CAAI,IAAI,MAAM,CAAA;AACvB;;;AC3CO,SAAS,gBAAgB,CAAA,EAAiC;AAC/D,EAAA,MAAM,IAAA,GAAO,sBAAA,CAAuB,CAAA,EAAG,KAAK,CAAA;AAC5C,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,IAAI,OAAO,WAAW,SAAA,KAAc,WAAA,IAAe,EAAE,IAAA,CAAK,GAAA,CAAI,GAAA,YAAe,SAAA,CAAA,EAAY,OAAO,IAAA;AAEhG,EAAA,IACE,CAAC,MAAA,CAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAS,CAAA,IAC9B,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAA,CAAU,IAAA,KAAS,KAAK,SAAA,CAAU,GAAA,IAC9C,OAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,UAAU,MAAA,KAAW,QAAA,IACxC,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,SAAA,CAAU,WAAW,IAAA,CAAK,SAAA,CAAU,QAAA,GAAW,CAAA,IAC9D,CAAC,KAAA,CAAM,QAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,IAClC,EAAE,KAAK,GAAA,CAAI,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,IAAK,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EACnF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,CAAA;AACT;AAEA,eAAsB,gBAAA,CACpB,QACA,OAAA,EAC2C;AAC3C,EAAA,MAAM,SAAA,GAAY,+BAAA,CAAgC,MAAA,EAAQ,OAAA,EAAS,KAAK,CAAA;AACxE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,WAAA,EAAa,YAAW,GAAI,SAAA;AAEnE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACzC,KAAA;AAAA,MACA,WAAA,CAAY,MAAA,CAAO,MAAA,CAAO,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC3C,MAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,WAAW;AAAA,KACd;AACA,IAAA,MAAM,WAAA,GAAc,QAAQ,WAAA,IAAe,KAAA;AAC3C,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACzC;AAAA,QACE,IAAA,EAAM,MAAA;AAAA,QACN,MAAM,UAAA,CAAW,GAAA;AAAA,QACjB,MAAM,WAAA,CAAY,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,QAC/C,MAAM,WAAA,CAAY,MAAA,CAAO,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC;AAAA,OACjD;AAAA,MACA,GAAA;AAAA,MACA,EAAE,IAAA,EAAM,WAAA,CAAY,KAAK,MAAA,EAAQ,WAAA,CAAY,WAAW,CAAA,EAAE;AAAA,MAC1D,WAAA;AAAA,MACA,CAAC,WAAW,SAAS;AAAA,KACvB;AACA,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,EAAE,QAAA,EAAU,KAAA,EAAO,MAAA,EAAQ,SAAA,EAAW,GAAA,EAAK,QAAA,EAAU,WAAA,EAAa,CAAA;AAElG,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAAA,EAClC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAa,UAAU,KAAK;AAAA,KAC7B,CAAA;AAAA,EACH;AACF;;;ACzDA,eAAsB,QAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAA6C,cAAc,CAAA,CAAA;AAAA,MACpE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,gBAAgB,SAAS,CAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAID,mBAAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,KAAK,UAAA,CAAW,MAAA,CAAO,gBAAgB,IAAI,UAAA,CAAW,aAAa,CAAC,CAAA;AAC1E,IAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,MACnD,EAAE,IAAA,EAAM,WAAA,CAAY,QAAA,CAAS,KAAK,EAAA,EAAG;AAAA,MACrC,WAAA,CAAY,GAAA;AAAA,MACZ;AAAA,KACF;AAEA,IAAA,MAAM,aAAa,aAAA,CAAc,KAAA,CAAM,CAAA,EAAG,aAAA,CAAc,aAAa,aAAa,CAAA;AAClF,IAAA,MAAM,GAAA,GAAM,aAAA,CAAc,KAAA,CAAM,aAAA,CAAc,aAAa,aAAa,CAAA;AAExE,IAAA,MAAM,KAAA,GAAQC,mBAAAA,CAAmB,EAAA,EAAI,cAAc,CAAA;AACnD,IAAA,MAAM,SAAA,GAAYA,mBAAAA,CAAmB,UAAA,EAAY,cAAc,CAAA;AAC/D,IAAA,MAAM,MAAA,GAASA,mBAAAA,CAAmB,GAAA,EAAK,cAAc,CAAA;AAErD,IAAA,IAAI,KAAA,CAAM,KAAA,IAAS,SAAA,CAAU,KAAA,IAAS,OAAO,KAAA,EAAO;AAClD,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,OAAA,EAAS,sCAAA;AAAA,QACT,WAAA,EAAa,qBAAqB,aAAA,CAAc,KAAA,CAAM,SAAS,SAAA,CAAU,KAAA,IAAS,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,OAChG,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,GAAA,CAAI,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,CAAA,EAAI,UAAU,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACpE,SAASC,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,qCAAA,EAAuC,aAAa,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EAC/F,CAAA,SAAE;AACA,IAAA,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACf;AACF;AAEA,eAAsB,QAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,IAAI,CAAC,qBAAA,CAAsB,SAAS,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAA4C,aAAa,CAAA,CAAA;AAAA,MAClE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,CAAC,IAAI,MAAA,EAAQ,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,KAAK,CAAC,CAAA;AAEhD,EAAA,MAAM,WAAA,GAAc,gBAAgB,SAAS,CAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAUF,mBAAAA,CAAmB,EAAA,EAAI,aAAa,CAAA;AACpD,EAAA,MAAM,WAAA,GAAcA,mBAAAA,CAAmB,MAAA,EAAQ,aAAa,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAWA,mBAAAA,CAAmB,GAAA,EAAK,aAAa,CAAA;AAEtD,EAAA,IAAI,OAAA,CAAQ,KAAA,IAAS,WAAA,CAAY,KAAA,IAAS,SAAS,KAAA,EAAO;AACxD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,qCAAA;AAAA,MACT,WAAA,EAAa,qBAAqB,aAAA,CAAc,OAAA,CAAQ,SAAS,WAAA,CAAY,KAAA,IAAS,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,KACtG,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,MAAA,CAAO,UAAA,KAAe,aAAA,EAAe;AAC/C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,gCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAY,aAAa,CAAA,YAAA,EAAe,OAAA,CAAQ,OAAO,UAAU,CAAA;AAAA,KAC/E,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,MAAA,CAAO,UAAA,KAAe,aAAA,EAAe;AAChD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,sCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAY,aAAa,CAAA,YAAA,EAAe,QAAA,CAAS,OAAO,UAAU,CAAA;AAAA,KAChF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,IAAI,UAAA,CAAW,WAAA,CAAY,OAAO,UAAA,GAAa,QAAA,CAAS,OAAO,UAAU,CAAA;AAC/F,EAAA,aAAA,CAAc,IAAI,IAAI,UAAA,CAAW,WAAA,CAAY,MAAM,GAAG,CAAC,CAAA;AACvD,EAAA,aAAA,CAAc,GAAA,CAAI,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA,EAAG,WAAA,CAAY,OAAO,UAAU,CAAA;AAEhF,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,SAAA,GAAY,IAAI,UAAA;AAAA,MACd,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,QAC7B,EAAE,IAAA,EAAM,WAAA,CAAY,SAAS,GAAA,EAAK,EAAA,EAAI,QAAQ,MAAA,EAAO;AAAA,QACrD,WAAA,CAAY,GAAA;AAAA,QACZ;AAAA;AACF,KACF;AAEA,IAAA,OAAOC,mBAAAA,CAAmB,WAAW,MAAM,CAAA;AAAA,EAC7C,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,qCAAA,EAAuC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAC/F,CAAA,SAAE;AACA,IAAA,SAAA,EAAW,KAAK,CAAC,CAAA;AAAA,EACnB;AACF;AAEA,eAAsB,WAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,EACyB;AACzB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,IAAI,CAAA;AAC5C,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,MAAM,QAAA,CAAS,MAAA,EAAQ,SAAA,EAAW,OAAO,CAAA;AAClD;AAEA,eAAsB,WAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,EACgC;AAChC,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,YAAe,MAAM,CAAA;AAC9B;;;ACrLA,eAAsB,KAAA,CAAM,IAAA,EAAc,OAAA,GAAuB,EAAC,EAA4B;AAC5F,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAyB,OAAO,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,cAAc,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAiC,MAAM,CAAA,CAAA;AAAA,MAChD,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAID,mBAAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,MAAA,CAAO,OAAO,MAAA,CAAO,UAAA,CAAW,KAAK,MAAM,CAAA;AAC3E,IAAA,OAAOC,mBAAAA,CAAmB,QAAQ,cAAc,CAAA;AAAA,EAClD,SAASC,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,+BAAA,EAAiC,aAAa,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EACzF;AACF;AAEA,eAAsB,aAAA,CACpB,UACA,OAAA,EACmD;AACnD,EAAA,MAAM,SAAA,GAAY,4BAAA,CAA6B,QAAA,EAAU,OAAA,EAAS,KAAK,CAAA;AACvE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,cAAA,EAAgB,UAAA,EAAY,UAAA,EAAY,WAAU,GAAI,SAAA;AAE1E,EAAA,MAAM,OAAO,UAAA,CAAW,MAAA,CAAO,gBAAgB,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACzE,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MAC7C,KAAA;AAAA,MACA,WAAA,CAAY,MAAA,CAAO,QAAA,CAAS,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC7C,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AACA,IAAA,IAAA,GAAO,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,MACpC,EAAE,IAAA,EAAM,QAAA,EAAU,MAAM,UAAA,EAAY,IAAA,EAAM,WAAW,GAAA,EAAI;AAAA,MACzD,OAAA;AAAA,MACA,SAAA,GAAY;AAAA,KACd;AAEA,IAAA,MAAM,OAAA,GAAUD,mBAAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAO,IAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,MAAM,iBAAA,GAAoBA,mBAAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACjE,IAAA,IAAI,iBAAA,CAAkB,KAAA,EAAO,OAAO,IAAA,CAAK,kBAAkB,KAAK,CAAA;AAEhE,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,iBAAA,CAAkB,QAAQ,IAAA,EAAM,OAAA,CAAQ,QAAQ,CAAA;AAAA,EACvE,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,2CAAA,EAA6C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACrG,CAAA,SAAE;AACA,IAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,IAAA,IAAI,MAAM,IAAI,UAAA,CAAW,IAAI,CAAA,CAAE,KAAK,CAAC,CAAA;AAAA,EACvC;AACF;AAEA,eAAsB,eAAA,CACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,EAC0B;AAC1B,EAAA,MAAM,YAAY,8BAAA,CAA+B,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,SAAS,KAAK,CAAA;AAC/F,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,aAAA,EAAe,UAAA,EAAY,WAAU,GAAI,SAAA;AAE7D,EAAA,MAAM,SAAA,GAAYD,mBAAAA,CAAmB,IAAA,EAAM,aAAa,CAAA;AACxD,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,mBAAA,GAAsBA,mBAAAA,CAAmB,cAAA,EAAgB,aAAa,CAAA;AAC5E,EAAA,IAAI,mBAAA,CAAoB,KAAA,EAAO,OAAO,IAAA,CAAK,oBAAoB,KAAK,CAAA;AAEpE,EAAA,IAAI,oBAAoB,MAAA,CAAO,UAAA,KAAe,SAAA,EAAW,OAAO,IAAI,KAAK,CAAA;AAEzE,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MAC7C,KAAA;AAAA,MACA,WAAA,CAAY,MAAA,CAAO,QAAA,CAAS,SAAA,CAAU,MAAM,CAAC,CAAA;AAAA,MAC7C,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AAEA,IAAA,MAAM,OAAO,IAAI,UAAA;AAAA,MACf,MAAM,UAAA,CAAW,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,QAC7B,EAAE,MAAM,QAAA,EAAU,IAAA,EAAM,UAAU,MAAA,EAAQ,UAAA,EAAY,IAAA,EAAM,UAAA,CAAW,GAAA,EAAI;AAAA,QAC3E,OAAA;AAAA,QACA,SAAA,GAAY;AAAA;AACd,KACF;AAEA,IAAA,MAAM,WAAW,mBAAA,CAAoB,MAAA;AACrC,IAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,CAAA;AACrC,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,SAAS,CAAA;AACtC,IAAA,IAAA,CAAK,IAAI,IAAI,CAAA;AACb,IAAA,KAAA,CAAM,IAAI,QAAQ,CAAA;AAGlB,IAAA,IAAI,IAAA,GAAO,CAAA;AACX,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,EAAW,CAAA,EAAA,EAAK;AAClC,MAAA,IAAA,IAAS,IAAA,CAAK,CAAC,CAAA,GAAgB,KAAA,CAAM,CAAC,CAAA;AAAA,IACxC;AACA,IAAA,IAAI;AACF,MAAA,OAAO,GAAA,CAAI,SAAS,CAAC,CAAA;AAAA,IACvB,CAAA,SAAE;AACA,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AACZ,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AAAA,IACb;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG,CAAA,SAAE;AACA,IAAA,SAAA,CAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AACvB,IAAA,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACnC;AACF;;;AJ1HO,SAAS,eAAe,CAAA,EAA+B;AAC5D,EAAA,OAAO,eAAA,CAAgB,CAAC,CAAA,KAAM,IAAA;AAChC;AAQO,SAAS,eAAA,GAAkC;AAChD,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,UAAA,CAAW,MAAA,CAAO,UAAA,EAAY,CAAA;AAAA,EAC3C,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,2CAAA,EAA6C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACrG;AACF;AAeO,SAAS,YAAA,GAAuB;AACrC,EAAA,OAAO,UAAA,CAAW,OAAO,UAAA,EAAW;AACtC;AAQA,eAAsB,kBAAA,CACpB,MAAA,EACA,OAAA,GAAkC,EAAC,EACQ;AAC3C,EAAA,OAAO,MAAM,gBAAA,CAAiB,MAAA,EAAQ,OAAO,CAAA;AAC/C;AAoBA,eAAsB,eAAA,CAAgB,MAAA,EAAgB,OAAA,GAAkC,EAAC,EAA0B;AACjH,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,MAAM,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,UAAA,CACpB,IAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,QAAA,CAAS,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAChD;AAwBA,eAAsB,OAAA,CAAQ,IAAA,EAAc,SAAA,EAAyB,OAAA,GAA0B,EAAC,EAAoB;AAClH,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,IAAA,EAAM,WAAW,OAAO,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,UAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,QAAA,CAAS,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AACrD;AAwBA,eAAsB,OAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACV;AACjB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,aAAA,CACpB,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACF;AACzB,EAAA,OAAO,MAAM,WAAA,CAAY,GAAA,EAAK,SAAA,EAAW,OAAO,CAAA;AAClD;AAuBA,eAAsB,UAAA,CACpB,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACV;AACjB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,WAAA,CAAY,GAAA,EAAK,WAAW,OAAO,CAAA;AACnE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,aAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACK;AAChC,EAAA,OAAO,MAAM,WAAA,CAAe,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAC3D;AAuBA,eAAsB,UAAA,CACpB,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACf;AACZ,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,WAAA,CAAe,SAAA,EAAW,WAAW,OAAO,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,OAAA,CAAQ,IAAA,EAAc,OAAA,GAAuB,EAAC,EAA4B;AAC9F,EAAA,OAAO,MAAM,KAAA,CAAM,IAAA,EAAM,OAAO,CAAA;AAClC;AAiBA,eAAsB,IAAA,CAAK,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAoB;AACnF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,MAAM,KAAA,CAAM,MAAM,OAAO,CAAA;AACnD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQA,eAAsB,eAAA,CACpB,QAAA,EACA,OAAA,GAA+B,EAAC,EACmB;AACnD,EAAA,OAAO,MAAM,aAAA,CAAc,QAAA,EAAU,OAAO,CAAA;AAC9C;AAoBA,eAAsB,YAAA,CACpB,QAAA,EACA,OAAA,GAA+B,EAAC,EACW;AAC3C,EAAA,MAAM,EAAE,QAAQ,IAAA,EAAM,KAAA,KAAU,MAAM,aAAA,CAAc,UAAU,OAAO,CAAA;AACrE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,EAAE,QAAQ,IAAA,EAAK;AACxB;AAQA,eAAsB,kBACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACR;AAC1B,EAAA,OAAO,MAAM,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,MAAM,OAAO,CAAA;AACtE;AA6BA,eAAsB,eACpB,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EAChB;AAClB,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,MAAM,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,OAAO,CAAA;AACvF,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,OAAOA,mBAAAA,CAAmB,MAAM,aAAa,CAAA;AAC/C;AAiBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAiC;AACzG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIA,mBAAAA,CAAmB,MAAM,aAAa,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CACd,IAAA,EACA,cAAA,GAA2B,MAAA,EACX;AAChB,EAAA,OAAOC,mBAAAA,CAAmB,MAAM,cAAc,CAAA;AAChD;AAkBO,SAAS,iBAAA,CAAkB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAgB;AAC3G,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAIA,mBAAAA,CAAmB,MAAM,cAAc,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,kBAAA,CAAmB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC7F,EAAA,OAAO,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,EAAE,CAAA;AACxC;AAkBO,SAAS,eAAA,CAAgB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAAsB;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,gBAAA,CAAiB,IAAA,EAAM,MAAM,EAAE,CAAA;AACzD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-GL32EZRA.js","sourcesContent":["import { $err, $fmtError, $fmtResultErr, $ok, type Result } from \"@internal/helpers\";\nimport type {\n CreateSecretKeyOptions,\n DecryptOptions,\n Encoding,\n EncryptOptions,\n HashOptions,\n HashPasswordOptions,\n VerifyPasswordOptions,\n} from \"~/helpers/types.js\";\nimport { $convertBytesToStr, $convertEncoding, $convertStrToBytes } from \"./web-encode.js\";\nimport { $decrypt, $decryptObj, $encrypt, $encryptObj } from \"./web-encrypt.js\";\nimport { $hash, $hashPassword, $verifyPassword } from \"./web-hash.js\";\nimport { $createSecretKey, $isWebSecretKey, type WebSecretKey } from \"./web-secret-key.js\";\n\n/**\n * Checks whether a value is a `WebSecretKey` for the Web Crypto platform.\n *\n * @param x - The value to check.\n * @returns `true` if `x` is a `WebSecretKey`.\n *\n * @example\n * ```ts\n * isWebSecretKey(webKey); // true\n * isWebSecretKey({}); // false\n * ```\n */\nexport function isWebSecretKey(x: unknown): x is WebSecretKey {\n return $isWebSecretKey(x) !== null;\n}\n\n/**\n * Generates a UUID (v4) (non-throwing).\n *\n * @returns `Result<string>` with the UUID or error.\n * @see {@link generateUuid} For full parameter/behavior docs.\n */\nexport function tryGenerateUuid(): Result<string> {\n try {\n return $ok(globalThis.crypto.randomUUID());\n } catch (error) {\n return $err({ message: \"web generateUuid: Failed to generate UUID\", description: $fmtError(error) });\n }\n}\n\n/**\n * Generates a cryptographically random UUID (v4).\n *\n * @returns A UUID string.\n * @throws {Error} If UUID generation fails.\n *\n * @example\n * ```ts\n * const uuid = generateUuid();\n * ```\n *\n * @see {@link tryGenerateUuid} Non-throwing variant returning `Result<string>`.\n */\nexport function generateUuid(): string {\n return globalThis.crypto.randomUUID();\n}\n\n/**\n * Derives a `WebSecretKey` from a high-entropy secret (non-throwing).\n *\n * @returns `Promise<Result<{ result: WebSecretKey }>>` with the derived key or error.\n * @see {@link createSecretKey} For full parameter/behavior docs.\n */\nexport async function tryCreateSecretKey(\n secret: string,\n options: CreateSecretKeyOptions = {},\n): Promise<Result<{ result: WebSecretKey }>> {\n return await $createSecretKey(secret, options);\n}\n\n/**\n * Derives a `WebSecretKey` from a high-entropy secret for encryption/decryption.\n *\n * @remarks\n * Uses HKDF via the Web Crypto API to derive a symmetric key from the input string.\n *\n * @param secret - High-entropy secret (min 8 chars). For human-chosen passwords, use {@link hashPassword} instead.\n * @param options - Key derivation options.\n * @returns The derived `WebSecretKey`.\n * @throws {Error} If key derivation fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-32-char-high-entropy-secret!!\");\n * ```\n *\n * @see {@link tryCreateSecretKey} Non-throwing variant returning `Result`.\n */\nexport async function createSecretKey(secret: string, options: CreateSecretKeyOptions = {}): Promise<WebSecretKey> {\n const { result, error } = await $createSecretKey(secret, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a UTF-8 string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the ciphertext or error.\n * @see {@link encrypt} For full parameter/behavior docs.\n */\nexport async function tryEncrypt(\n data: string,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<Result<string>> {\n return await $encrypt(data, secretKey, options);\n}\n\n/**\n * Encrypts a UTF-8 string using the provided `WebSecretKey`.\n *\n * @remarks\n * Output format: `\"iv.cipher.tag.\"` (three dot-separated base64url segments plus trailing dot).\n * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.\n * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.\n *\n * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).\n * @param secretKey - The `WebSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encrypt(\"Hello, World!\", secretKey);\n * ```\n *\n * @see {@link tryEncrypt} Non-throwing variant returning `Result<string>`.\n */\nexport async function encrypt(data: string, secretKey: WebSecretKey, options: EncryptOptions = {}): Promise<string> {\n const { result, error } = await $encrypt(data, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts a ciphertext string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the plaintext or error.\n * @see {@link decrypt} For full parameter/behavior docs.\n */\nexport async function tryDecrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<Result<string>> {\n return await $decrypt(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts a ciphertext string using the provided `WebSecretKey`.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.\n *\n * @param encrypted - The encrypted string to decrypt.\n * @param secretKey - The `WebSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted UTF-8 string.\n * @throws {Error} If the input or key is invalid, or decryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encrypt(\"Hello, World!\", secretKey);\n * const decrypted = await decrypt(encrypted, secretKey); // \"Hello, World!\"\n * ```\n *\n * @see {@link tryDecrypt} Non-throwing variant returning `Result<string>`.\n */\nexport async function decrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<string> {\n const { result, error } = await $decrypt(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a plain object (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the ciphertext or error.\n * @see {@link encryptObj} For full parameter/behavior docs.\n */\nexport async function tryEncryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<Result<string>> {\n return await $encryptObj(obj, secretKey, options);\n}\n\n/**\n * Encrypts a plain object using the provided `WebSecretKey`.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n * Output format: `\"iv.cipher.tag.\"`.\n *\n * @param obj - Plain object to encrypt.\n * @param secretKey - The `WebSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encryptObj({ a: 1 }, secretKey);\n * ```\n *\n * @see {@link tryEncryptObj} Non-throwing variant returning `Result<string>`.\n */\nexport async function encryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: WebSecretKey,\n options: EncryptOptions = {},\n): Promise<string> {\n const { result, error } = await $encryptObj(obj, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object (non-throwing).\n *\n * @returns `Promise<Result<{ result: T }>>` with the object or error.\n * @see {@link decryptObj} For full parameter/behavior docs.\n */\nexport async function tryDecryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<Result<{ result: T }>> {\n return await $decryptObj<T>(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n *\n * @param encrypted - The encrypted string.\n * @param secretKey - The `WebSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted object.\n * @throws {Error} If decryption or JSON parsing fails.\n *\n * @example\n * ```ts\n * const secretKey = await createSecretKey(\"my-secret\");\n * const encrypted = await encryptObj({ a: 1 }, secretKey);\n * const obj = await decryptObj<{ a: number }>(encrypted, secretKey); // obj.a === 1\n * ```\n *\n * @see {@link tryDecryptObj} Non-throwing variant returning `Result`.\n */\nexport async function decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions = {},\n): Promise<T> {\n const { result, error } = await $decryptObj<T>(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a UTF-8 string (non-throwing).\n *\n * @returns `Promise<Result<string>>` with the hash or error.\n * @see {@link hash} For full parameter/behavior docs.\n */\nexport async function tryHash(data: string, options: HashOptions = {}): Promise<Result<string>> {\n return await $hash(data, options);\n}\n\n/**\n * Hashes a UTF-8 string using the specified digest algorithm.\n *\n * @param data - The input string to hash.\n * @param options - Hash options.\n * @returns The hashed string.\n * @throws {Error} If input is invalid or hashing fails.\n *\n * @example\n * ```ts\n * const hashed = await hash(\"my data\");\n * ```\n *\n * @see {@link tryHash} Non-throwing variant returning `Result<string>`.\n */\nexport async function hash(data: string, options: HashOptions = {}): Promise<string> {\n const { result, error } = await $hash(data, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a password using PBKDF2 (non-throwing).\n *\n * @returns `Promise<Result<{ result: string; salt: string }>>` with the hash/salt or error.\n * @see {@link hashPassword} For full parameter/behavior docs.\n */\nexport async function tryHashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Promise<Result<{ result: string; salt: string }>> {\n return await $hashPassword(password, options);\n}\n\n/**\n * Hashes a password using PBKDF2.\n *\n * @remarks\n * Defaults: `sha512`, 320 000 iterations, 64-byte key, 16-byte random salt.\n *\n * @param password - The password to hash.\n * @param options - Password hashing options.\n * @returns `{ result, salt }` for storage.\n * @throws {Error} If inputs are invalid or hashing fails.\n *\n * @example\n * ```ts\n * const { result, salt } = await hashPassword(\"my-password\");\n * ```\n *\n * @see {@link tryHashPassword} Non-throwing variant returning `Result`.\n */\nexport async function hashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Promise<{ result: string; salt: string }> {\n const { result, salt, error } = await $hashPassword(password, options);\n if (error) throw new Error($fmtResultErr(error));\n return { result, salt };\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash (non-throwing).\n *\n * @returns `Promise<Result<boolean>>` — `true` if the password matches, `false` if not, or an error for invalid inputs/options.\n * @see {@link verifyPassword} For full parameter/behavior docs.\n */\nexport async function tryVerifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Promise<Result<boolean>> {\n return await $verifyPassword(password, hashedPassword, salt, options);\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash.\n *\n * @remarks\n * Re-derives the key with the same parameters and compares using a full-loop XOR pattern.\n * This is best-effort constant-time; JS JIT optimization may introduce timing variation.\n * The Web Crypto API does not expose a `timingSafeEqual` equivalent.\n * For timing-critical deployments, prefer the Node implementation which uses `crypto.timingSafeEqual`.\n * Throws for invalid inputs/options (bad encoding, wrong parameters, non-decodable salt/hash).\n * Returns `false` for password mismatch or length-mismatched hash.\n *\n * @param password - The plain password to verify.\n * @param hashedPassword - The stored hash (encoded).\n * @param salt - The stored salt (encoded).\n * @param options - Verification options (must match the parameters used to hash).\n * @returns `true` if the password matches, otherwise `false`.\n * @throws {Error} If verification input/options are invalid.\n *\n * @example\n * ```ts\n * const { result, salt } = await hashPassword(\"my-password\");\n * await verifyPassword(\"my-password\", result, salt); // true\n * await verifyPassword(\"wrong-password\", result, salt); // false\n * ```\n *\n * @see {@link tryVerifyPassword} Non-throwing variant returning `Result<boolean>`.\n */\nexport async function verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Promise<boolean> {\n const { result, error } = await $verifyPassword(password, hashedPassword, salt, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a string to a `Uint8Array` (non-throwing).\n *\n * @returns `Result<{ result: Uint8Array<ArrayBuffer> }>` with the bytes or error.\n * @see {@link convertStrToBytes} For full parameter/behavior docs.\n */\nexport function tryConvertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n return $convertStrToBytes(data, inputEncoding);\n}\n\n/**\n * Converts a string to a `Uint8Array` using the specified encoding.\n *\n * @param data - The input string to convert.\n * @param inputEncoding - Source encoding (default: `'utf8'`).\n * @returns A `Uint8Array` containing the bytes.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * ```\n *\n * @see {@link tryConvertStrToBytes} Non-throwing variant returning `Result`.\n */\nexport function convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Uint8Array<ArrayBuffer> {\n const { result, error } = $convertStrToBytes(data, inputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a `Uint8Array` or `ArrayBuffer` to a string (non-throwing).\n *\n * @returns `Result<string>` with the encoded string or error.\n * @see {@link convertBytesToStr} For full parameter/behavior docs.\n */\nexport function tryConvertBytesToStr(\n data: Uint8Array | ArrayBuffer,\n outputEncoding: Encoding = \"utf8\",\n): Result<string> {\n return $convertBytesToStr(data, outputEncoding);\n}\n\n/**\n * Converts a `Uint8Array` or `ArrayBuffer` to a string using the specified encoding.\n *\n * @param data - The bytes to convert.\n * @param outputEncoding - Target encoding (default: `'utf8'`).\n * @returns The encoded string.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * const str = convertBytesToStr(bytes, \"utf8\"); // \"Hello\"\n * ```\n *\n * @see {@link tryConvertBytesToStr} Non-throwing variant returning `Result<string>`.\n */\nexport function convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): string {\n const { result, error } = $convertBytesToStr(data, outputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts text between encodings (non-throwing).\n *\n * @returns `Result<string>` with the re-encoded string or error.\n * @see {@link convertEncoding} For full parameter/behavior docs.\n */\nexport function tryConvertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n return $convertEncoding(data, from, to);\n}\n\n/**\n * Converts text between encodings.\n *\n * @param data - The input string.\n * @param from - Current encoding of `data`.\n * @param to - Target encoding.\n * @returns The re-encoded string.\n * @throws {Error} If encodings are invalid or conversion fails.\n *\n * @example\n * ```ts\n * const encoded = convertEncoding(\"Hello\", \"utf8\", \"base64url\");\n * ```\n *\n * @see {@link tryConvertEncoding} Non-throwing variant returning `Result<string>`.\n */\nexport function convertEncoding(data: string, from: Encoding, to: Encoding): string {\n const { result, error } = $convertEncoding(data, from, to);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n","import {\n $err,\n $isStr,\n $ok,\n $convertBytesToStr as $sharedBytesToStr,\n $convertStrToBytes as $sharedStrToBytes,\n type Result,\n} from \"@internal/helpers\";\nimport { ENCODING } from \"~/helpers/consts.js\";\nimport type { Encoding } from \"~/helpers/types.js\";\n\nexport { textDecoder, textEncoder } from \"@internal/helpers\";\n\nexport function $convertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n const result = $sharedStrToBytes(data, inputEncoding);\n if (result.error) {\n return $err({\n message: result.error.message.replace(\"strToBytes:\", \"web strToBytes:\"),\n description: result.error.description,\n });\n }\n return result;\n}\n\nexport function $convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n const result = $sharedBytesToStr(data, outputEncoding);\n if (result.error) {\n return $err({\n message: result.error.message.replace(\"bytesToStr:\", \"web bytesToStr:\"),\n description: result.error.description,\n });\n }\n return result;\n}\n\nexport function $convertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"web convertEncoding: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n if (!ENCODING.includes(from) || !ENCODING.includes(to)) {\n return $err({\n message: `web convertEncoding: Unsupported encoding: from ${from} to ${to}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n const bytes = $convertStrToBytes(data, from);\n if (bytes.error) return $err(bytes.error);\n\n const str = $convertBytesToStr(bytes.result, to);\n if (str.error) return $err(str.error);\n\n return $ok(str.result);\n}\n","import { $err, $fmtError, $ok, type Result } from \"@internal/helpers\";\nimport type { DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { CreateSecretKeyOptions } from \"~/helpers/types.js\";\nimport { $isObj, $validateCreateSecretKeyOptions, $validateSecretKeyBase } from \"~/helpers/validate.js\";\nimport { textEncoder } from \"./web-encode.js\";\n\ndeclare const __brand: unique symbol;\n\nexport type WebSecretKey = {\n readonly platform: \"web\";\n readonly digest: keyof typeof DIGEST_ALGORITHMS;\n readonly algorithm: keyof typeof ENCRYPTION_ALGORITHMS;\n readonly key: CryptoKey;\n readonly injected: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} & { readonly [__brand]: \"secretKey-web\" };\n\nexport function $isWebSecretKey(x: unknown): WebSecretKey | null {\n const base = $validateSecretKeyBase(x, \"web\");\n if (!base) return null;\n\n if (typeof globalThis.CryptoKey === \"undefined\" || !(base.obj.key instanceof CryptoKey)) return null;\n\n if (\n !$isObj(base.obj.key.algorithm) ||\n base.obj.key.algorithm.name !== base.algorithm.web ||\n (typeof base.obj.key.algorithm.length === \"number\" &&\n base.obj.key.algorithm.length !== base.algorithm.keyBytes * 8) ||\n !Array.isArray(base.obj.key.usages) ||\n !(base.obj.key.usages.includes(\"encrypt\") && base.obj.key.usages.includes(\"decrypt\"))\n ) {\n return null;\n }\n return x as WebSecretKey;\n}\n\nexport async function $createSecretKey(\n secret: string,\n options: CreateSecretKeyOptions,\n): Promise<Result<{ result: WebSecretKey }>> {\n const validated = $validateCreateSecretKeyOptions(secret, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { algorithm, digest, salt, info, encryptAlgo, digestAlgo } = validated;\n\n try {\n const ikm = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(secret.normalize(\"NFKC\")),\n \"HKDF\",\n false,\n [\"deriveKey\"],\n );\n const extractable = options.extractable ?? false;\n const key = await globalThis.crypto.subtle.deriveKey(\n {\n name: \"HKDF\",\n hash: digestAlgo.web,\n salt: textEncoder.encode(salt.normalize(\"NFKC\")),\n info: textEncoder.encode(info.normalize(\"NFKC\")),\n },\n ikm,\n { name: encryptAlgo.web, length: encryptAlgo.keyBytes * 8 },\n extractable,\n [\"encrypt\", \"decrypt\"],\n );\n const secretKey = Object.freeze({ platform: \"web\", digest, algorithm, key, injected: encryptAlgo }) as WebSecretKey;\n\n return $ok({ result: secretKey });\n } catch (error) {\n return $err({\n message: \"web createSecretKey: Failed to derive key\",\n description: $fmtError(error),\n });\n }\n}\n","import {\n $err,\n $fmtError,\n $fmtResultErr,\n $isPlainObj,\n $isStr,\n $ok,\n $parseToObj,\n $stringifyObj,\n type Result,\n} from \"@internal/helpers\";\nimport { CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES } from \"~/helpers/consts.js\";\nimport type { DecryptOptions, EncryptOptions } from \"~/helpers/types.js\";\nimport { matchEncryptedPattern } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./web-encode.js\";\nimport { $isWebSecretKey, type WebSecretKey } from \"./web-secret-key.js\";\n\nexport async function $encrypt(\n data: string,\n secretKey: WebSecretKey,\n options: EncryptOptions,\n): Promise<Result<string>> {\n if (!$isStr(data)) {\n return $err({\n message: \"web encrypt: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<EncryptOptions>(options)) {\n return $err({\n message: \"web encrypt: Options must be a plain object\",\n description: 'Pass an object like { outputEncoding: \"base64url\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `web encrypt: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const injectedKey = $isWebSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"web encrypt: Invalid secret key\",\n description: \"Expected a WebSecretKey created by webKit.createSecretKey()\",\n });\n }\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const iv = globalThis.crypto.getRandomValues(new Uint8Array(GCM_IV_LENGTH));\n const cipherWithTag = await globalThis.crypto.subtle.encrypt(\n { name: injectedKey.injected.web, iv },\n injectedKey.key,\n result,\n );\n\n const cipherOnly = cipherWithTag.slice(0, cipherWithTag.byteLength - GCM_TAG_BYTES);\n const tag = cipherWithTag.slice(cipherWithTag.byteLength - GCM_TAG_BYTES);\n\n const ivStr = $convertBytesToStr(iv, outputEncoding);\n const cipherStr = $convertBytesToStr(cipherOnly, outputEncoding);\n const tagStr = $convertBytesToStr(tag, outputEncoding);\n\n if (ivStr.error || cipherStr.error || tagStr.error) {\n return $err({\n message: \"web encrypt: Failed to encode output\",\n description: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`,\n });\n }\n\n return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);\n } catch (error) {\n return $err({ message: \"web encrypt: Failed to encrypt data\", description: $fmtError(error) });\n } finally {\n result.fill(0);\n }\n}\n\nexport async function $decrypt(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions,\n): Promise<Result<string>> {\n if (!matchEncryptedPattern(encrypted)) {\n return $err({\n message: \"web decrypt: Invalid encrypted data format\",\n description: 'Encrypted data must be in the format \"iv.cipher.tag.\"',\n });\n }\n\n if (!$isPlainObj<DecryptOptions>(options)) {\n return $err({\n message: \"web decrypt: Options must be a plain object\",\n description: 'Pass an object like { inputEncoding: \"base64url\" }',\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `web decrypt: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const [iv, cipher, tag] = encrypted.split(\".\", 4) as [string, string, string];\n\n const injectedKey = $isWebSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"web decrypt: Invalid secret key\",\n description: \"Expected a WebSecretKey created by webKit.createSecretKey()\",\n });\n }\n\n const ivBytes = $convertStrToBytes(iv, inputEncoding);\n const cipherBytes = $convertStrToBytes(cipher, inputEncoding);\n const tagBytes = $convertStrToBytes(tag, inputEncoding);\n\n if (ivBytes.error || cipherBytes.error || tagBytes.error) {\n return $err({\n message: \"web decrypt: Failed to decode input\",\n description: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`,\n });\n }\n\n if (ivBytes.result.byteLength !== GCM_IV_LENGTH) {\n return $err({\n message: \"web decrypt: Invalid IV length\",\n description: `Expected ${GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`,\n });\n }\n\n if (tagBytes.result.byteLength !== GCM_TAG_BYTES) {\n return $err({\n message: \"web decrypt: Invalid auth tag length\",\n description: `Expected ${GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`,\n });\n }\n\n const cipherWithTag = new Uint8Array(cipherBytes.result.byteLength + tagBytes.result.byteLength);\n cipherWithTag.set(new Uint8Array(cipherBytes.result), 0);\n cipherWithTag.set(new Uint8Array(tagBytes.result), cipherBytes.result.byteLength);\n\n let decrypted: Uint8Array | undefined;\n try {\n decrypted = new Uint8Array(\n await globalThis.crypto.subtle.decrypt(\n { name: injectedKey.injected.web, iv: ivBytes.result },\n injectedKey.key,\n cipherWithTag,\n ),\n );\n\n return $convertBytesToStr(decrypted, \"utf8\");\n } catch (error) {\n return $err({ message: \"web decrypt: Failed to decrypt data\", description: $fmtError(error) });\n } finally {\n decrypted?.fill(0);\n }\n}\n\nexport async function $encryptObj<T extends object = Record<string, unknown>>(\n data: T,\n secretKey: WebSecretKey,\n options: EncryptOptions,\n): Promise<Result<string>> {\n const { result, error } = $stringifyObj(data);\n if (error) return $err(error);\n return await $encrypt(result, secretKey, options);\n}\n\nexport async function $decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: WebSecretKey,\n options: DecryptOptions,\n): Promise<Result<{ result: T }>> {\n const { result, error } = await $decrypt(encrypted, secretKey, options);\n if (error) return $err(error);\n return $parseToObj<T>(result);\n}\n","import { $err, $fmtError, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { CIPHER_ENCODING, DIGEST_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { HashOptions, HashPasswordOptions, VerifyPasswordOptions } from \"~/helpers/types.js\";\nimport { $validateHashPasswordOptions, $validateVerifyPasswordOptions } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes, textEncoder } from \"./web-encode.js\";\n\nexport async function $hash(data: string, options: HashOptions = {}): Promise<Result<string>> {\n if (!$isStr(data)) {\n return $err({\n message: \"web hash: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashOptions>(options)) {\n return $err({\n message: \"web hash: Options must be a plain object\",\n description: 'Pass an object like { digest: \"sha256\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `web hash: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `web hash: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n const digestAlgo = DIGEST_ALGORITHMS[digest];\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const hashed = await globalThis.crypto.subtle.digest(digestAlgo.web, result);\n return $convertBytesToStr(hashed, outputEncoding);\n } catch (error) {\n return $err({ message: \"web hash: Failed to hash data\", description: $fmtError(error) });\n }\n}\n\nexport async function $hashPassword(\n password: string,\n options: HashPasswordOptions,\n): Promise<Result<{ result: string; salt: string }>> {\n const validated = $validateHashPasswordOptions(password, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, outputEncoding, saltLength, iterations, keyLength } = validated;\n\n const salt = globalThis.crypto.getRandomValues(new Uint8Array(saltLength));\n let bits: ArrayBuffer | undefined;\n try {\n const baseKey = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(password.normalize(\"NFKC\")),\n \"PBKDF2\",\n false,\n [\"deriveBits\"],\n );\n bits = await globalThis.crypto.subtle.deriveBits(\n { name: \"PBKDF2\", salt, iterations, hash: digestAlgo.web },\n baseKey,\n keyLength * 8,\n );\n\n const saltStr = $convertBytesToStr(salt, outputEncoding);\n if (saltStr.error) return $err(saltStr.error);\n\n const hashedPasswordStr = $convertBytesToStr(bits, outputEncoding);\n if (hashedPasswordStr.error) return $err(hashedPasswordStr.error);\n\n return $ok({ result: hashedPasswordStr.result, salt: saltStr.result });\n } catch (error) {\n return $err({ message: \"web hashPassword: Failed to hash password\", description: $fmtError(error) });\n } finally {\n salt.fill(0);\n if (bits) new Uint8Array(bits).fill(0);\n }\n}\n\nexport async function $verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n): Promise<Result<boolean>> {\n const validated = $validateVerifyPasswordOptions(password, hashedPassword, salt, options, \"web\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, inputEncoding, iterations, keyLength } = validated;\n\n const saltBytes = $convertStrToBytes(salt, inputEncoding);\n if (saltBytes.error) return $err(saltBytes.error);\n\n const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);\n if (hashedPasswordBytes.error) return $err(hashedPasswordBytes.error);\n\n if (hashedPasswordBytes.result.byteLength !== keyLength) return $ok(false);\n\n try {\n const baseKey = await globalThis.crypto.subtle.importKey(\n \"raw\",\n textEncoder.encode(password.normalize(\"NFKC\")),\n \"PBKDF2\",\n false,\n [\"deriveBits\"],\n );\n\n const bits = new Uint8Array(\n await globalThis.crypto.subtle.deriveBits(\n { name: \"PBKDF2\", salt: saltBytes.result, iterations, hash: digestAlgo.web },\n baseKey,\n keyLength * 8,\n ),\n );\n\n const expected = hashedPasswordBytes.result;\n const left = new Uint8Array(keyLength);\n const right = new Uint8Array(keyLength);\n left.set(bits);\n right.set(expected);\n\n // Best-effort constant-time comparison; JS JIT may introduce timing variation\n let diff = 0;\n for (let i = 0; i < keyLength; i++) {\n diff |= (left[i] as number) ^ (right[i] as number);\n }\n try {\n return $ok(diff === 0);\n } finally {\n left.fill(0);\n right.fill(0);\n bits.fill(0);\n }\n } catch (error) {\n return $err({ message: \"web verifyPassword: Verification failed\", description: $fmtError(error) });\n } finally {\n saltBytes.result.fill(0);\n hashedPasswordBytes.result.fill(0);\n }\n}\n"]}
package/dist/{chunk-4YR2SBOH.js → chunk-IY6XGUYO.js} RENAMED
@@ -121,13 +121,19 @@ function $fromLatin1(data) {
121
121
  function $toBase64(bytes) {
122
122
  return btoa($toLatin1(bytes));
123
123
  }
124
+ var BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;
124
125
  function $fromBase64(data) {
126
+ if (!BASE64_REGEX.test(data)) throw new Error("Invalid base64 string");
125
127
  return $fromLatin1(atob(data));
126
128
  }
127
129
  function $toBase64Url(bytes) {
128
130
  return $toBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
129
131
  }
132
+ var BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;
130
133
  function $fromBase64Url(data) {
134
+ if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, "").length % 4 === 1) {
135
+ throw new Error("Invalid base64url string");
136
+ }
131
137
  let base64 = data.replace(/-/g, "+").replace(/_/g, "/");
132
138
  const padLen = (4 - base64.length % 4) % 4;
133
139
  base64 += "=".repeat(padLen);
@@ -484,5 +490,5 @@ function parseToObj(str) {
484
490
  }
485
491
 
486
492
  export { $convertBytesToStr, $convertStrToBytes, $err, $fmtError, $fmtResultErr, $isObj, $isPlainObj, $isStr, $ok, $parseToObj, $stringifyObj, $validateCreateSecretKeyOptions, $validateHashPasswordOptions, $validateSecretKeyBase, $validateVerifyPasswordOptions, CIPHER_ENCODING, DIGEST_ALGORITHMS, ENCODING, ENCRYPTED_REGEX, GCM_IV_LENGTH, GCM_TAG_BYTES, __export, matchEncryptedPattern, parseToObj, stringifyObj, textEncoder, tryParseToObj, tryStringifyObj };
487
- //# sourceMappingURL=chunk-4YR2SBOH.js.map
488
- //# sourceMappingURL=chunk-4YR2SBOH.js.map
493
+ //# sourceMappingURL=chunk-IY6XGUYO.js.map
494
+ //# sourceMappingURL=chunk-IY6XGUYO.js.map
package/dist/chunk-IY6XGUYO.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../internal-helpers/src/validate.ts","../../internal-helpers/src/error.ts","../../internal-helpers/src/encode.ts","../../internal-helpers/src/object.ts","../src/helpers/consts.ts","../src/helpers/validate.ts","../src/helpers/object.ts"],"names":[],"mappings":";;;;;;;AAAO,SAAS,MAAA,CAAO,CAAA,EAAY,GAAA,GAAM,CAAA,EAAgB;AACvD,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,CAAE,IAAA,GAAO,MAAA,IAAU,GAAA;AACrD;AAEO,SAAS,QAAA,CAA2B,CAAA,EAAY,GAAA,EAAa,GAAA,EAAqB;AACvF,EAAA,OAAO,OAAO,MAAM,QAAA,IAAY,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,CAAA,IAAK,GAAA,IAAO,CAAA,IAAK,GAAA;AAC1E;AAEO,SAAS,YAAwD,CAAA,EAAoB;AAC1F,EAAA,IAAI,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,MAAM,OAAO,KAAA;AAChD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,CAAC,CAAA;AACrC,EAAA,OAAO,KAAA,KAAU,MAAA,CAAO,SAAA,IAAa,KAAA,KAAU,IAAA;AACjD;ACmBO,SAAS,IAAO,MAAA,EAAsB;AAC3C,EAAA,IAAI,WAAA,CAAY,MAAM,CAAA,EAAG;AACvB,IAAA,MAAM,GAAA,GAAM,MAAA;AACZ,IAAA,IAAI,MAAA,CAAO,OAAO,GAAA,EAAK,SAAS,KAAK,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,OAAO,CAAA,EAAG;AAChE,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B,IAAA;AACA,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,GAAG,GAAA,EAAA;AAC7B,EAAA;AACA,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B;AAEO,SAAS,KAAK,GAAA,EAAiC;AACpD,EAAA,OAAO;IACL,OAAA,EAAS,KAAA;AACT,IAAA,KAAA,EAAO,EAAE,OAAA,EAAS,GAAA,CAAI,OAAA,EAAS,WAAA,EAAa,IAAI,WAAA;AAAY,GAAA;AAEhE;AAEO,SAAS,UAAU,KAAA,EAAwB;AAChD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,EAAA,OAAO,OAAO,KAAK,CAAA;AACrB;AAEO,SAAS,cAAc,GAAA,EAAsC;AAClE,EAAA,IAAI,CAAC,KAAK,OAAO,eAAA;AACjB,EAAA,OAAO,CAAA,EAAG,GAAA,CAAI,OAAO,CAAA,GAAA,EAAM,IAAI,WAAW,CAAA,CAAA;AAC5C;ACxDO,IAAM,WAAA,GAAc,IAAI,WAAA;AACJ,IAAI,WAAA;AAC/B,IAAM,oBAAoB,IAAI,WAAA,CAAY,SAAS,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3D,IAAM,QAAA,GAAW,OAAO,MAAA,CAAO,CAAC,UAAU,WAAA,EAAa,KAAA,EAAO,MAAA,EAAQ,QAAQ,CAAU;AACxF,IAAM,kBAAkB,MAAA,CAAO,MAAA,CAAO,CAAC,QAAA,EAAU,WAAA,EAAa,KAAK,CAAU;AAK7E,SAAS,kBAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAC5B,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,mCAAA;MACT,WAAA,EAAa,CAAA,kCAAA,EAAqC,OAAO,IAAI,CAAA;KAC9D,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,aAAa,CAAA,CAAA;MAC3D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,aAAa,CAAA,CAAE,IAAI,CAAA;AAC5C,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA;AAC9B,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAwB;AACpH,EAAA,IAAI,EAAE,IAAA,YAAgB,WAAA,IAAe,IAAA,YAAgB,UAAA,CAAA,EAAa;AAChE,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,uDAAA;MACT,WAAA,EAAa,CAAA,2DAAA,EAA8D,OAAO,IAAI,CAAA;KACvF,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,cAAc,CAAA,CAAA;MAC5D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AACA,EAAA,IAAI;AACF,IAAA,MAAM,QAAQ,IAAA,YAAgB,UAAA,GAAa,IAAA,GAAO,IAAI,WAAW,IAAI,CAAA;AACrE,IAAA,MAAM,GAAA,GAAM,UAAA,CAAW,cAAc,CAAA,CAAE,KAAK,CAAA;AAC5C,IAAA,OAAO,IAAI,GAAG,CAAA;AAChB,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,WAAA;EACR,SAAA,EAAW,cAAA;EACX,GAAA,EAAK,QAAA;EACL,MAAA,EAAQ,WAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAiB,WAAA,CAAY,MAAA,CAAO,IAAI;AACjD,CAAA;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,SAAA;EACR,SAAA,EAAW,YAAA;EACX,GAAA,EAAK,MAAA;EACL,MAAA,EAAQ,SAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAqB,iBAAA,CAAkB,MAAA,CAAO,IAAI;AAC3D,CAAA;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,IAAI,GAAA,GAAM,EAAA;AACV,EAAA,MAAM,QAAQ,CAAA,IAAK,EAAA;AACnB,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,KAAK,KAAA,EAAO;AAC5C,IAAA,GAAA,IAAO,MAAA,CAAO,aAAa,GAAG,KAAA,CAAM,SAAS,CAAA,EAAG,CAAA,GAAI,KAAK,CAAC,CAAA;AAC5D,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,CAAA;AACtC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,QAAQ,CAAA,EAAA,EAAK;AACpC,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA;AAClC,IAAA,IAAI,QAAA,GAAW,GAAA,EAAK,MAAM,IAAI,MAAM,uBAAuB,CAAA;AAC3D,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,QAAA;AACX,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAK,CAAC,CAAA;AAC9B;AAEA,IAAM,YAAA,GAAe,oEAAA;AAEd,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,IAAI,CAAC,aAAa,IAAA,CAAK,IAAI,GAAG,MAAM,IAAI,MAAM,uBAAuB,CAAA;AACrE,EAAA,OAAO,WAAA,CAAY,IAAA,CAAK,IAAI,CAAC,CAAA;AAC/B;AAEO,SAAS,aAAa,KAAA,EAA2B;AACtD,EAAA,OAAO,SAAA,CAAU,KAAK,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AACnF;AAEA,IAAM,eAAA,GAAkB,wBAAA;AAEjB,SAAS,eAAe,IAAA,EAAuC;AACpE,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,MAAA,GAAS,CAAA,KAAM,CAAA,EAAG;AAC3E,IAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAC5C,EAAA;AACA,EAAA,IAAI,MAAA,GAAS,KAAK,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACtD,EAAA,MAAM,MAAA,GAAA,CAAU,CAAA,GAAK,MAAA,CAAO,MAAA,GAAS,CAAA,IAAM,CAAA;AAC3C,EAAA,MAAA,IAAU,GAAA,CAAI,OAAO,MAAM,CAAA;AAC3B,EAAA,OAAO,YAAY,MAAM,CAAA;AAC3B;AAEA,IAAM,YAAY,KAAA,CAAM,IAAA,CAAK,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAC,CAAA,EAAG,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEvF,IAAM,aAAa,IAAI,UAAA,CAAW,GAAG,CAAA,CAAE,KAAK,GAAG,CAAA;AAC/C,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,GAAA,EAAK,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AAE7C,SAAS,OAAO,KAAA,EAA2B;AAChD,EAAA,MAAM,GAAA,GAAM,IAAI,KAAA,CAAc,KAAA,CAAM,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,SAAA,CAAU,KAAA,CAAM,CAAC,CAAW,CAAA;AACvC,EAAA;AACA,EAAA,OAAO,GAAA,CAAI,KAAK,EAAE,CAAA;AACpB;AAEO,SAAS,SAAS,IAAA,EAAuC;AAC9D,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,IAAK,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,GAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC/E,EAAA,IAAI,MAAM,MAAA,GAAS,CAAA,KAAM,GAAG,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAEhE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,KAAA,CAAM,SAAS,CAAC,CAAA;AAC3C,EAAA,KAAA,IAAS,CAAA,GAAI,GAAG,CAAA,GAAI,CAAA,EAAG,IAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,IAAK,CAAA,EAAG,CAAA,EAAA,EAAK;AACpD,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAC,CAAA;AACjC,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAA,GAAI,CAAC,CAAA;AACrC,IAAA,IAAI,SAAS,GAAA,IAAO,MAAA,GAAS,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AACtE,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,IAAI,OAAO,GAAA,IAAO,EAAA,KAAO,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAClE,IAAA,GAAA,CAAI,CAAC,CAAA,GAAK,EAAA,IAAM,CAAA,GAAK,EAAA;AACvB,EAAA;AACA,EAAA,OAAO,GAAA;AACT;ACpJA,IAAM,wBAAA,GAAN,cAAuC,KAAA,CAAM;AAC3C,EAAA,WAAA,CAAY,KAAA,EAAe;AACzB,IAAA,KAAA,CAAM,CAAA,4CAAA,EAA+C,KAAK,CAAA,OAAA,CAAS,CAAA;AACnE,IAAA,IAAA,CAAK,IAAA,GAAO,0BAAA;AACd,EAAA;AACF,CAAA;AAEA,IAAM,oBAAA,GAAuB,GAAA;AAE7B,SAAS,aAAa,GAAA,EAAuB;AAC3C,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,MAAM,OAAO,KAAA;AAEpD,EAAA,MAAM,IAAA,uBAAW,OAAA,EAAA;AACjB,EAAA,MAAM,KAAA,GAAmB,CAAC,GAAG,CAAA;AAC7B,EAAA,IAAI,YAAA,GAAe,CAAA;AAEnB,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,EAAG;AACvB,IAAA,MAAM,OAAA,GAAU,MAAM,GAAA,EAAA;AACtB,IAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,KAAY,IAAA,EAAM;AACrD,IAAA,IAAI,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA,EAAG;AAEvB,IAAA,IAAA,CAAK,IAAI,OAAO,CAAA;AAChB,IAAA,YAAA,EAAA;AACA,IAAA,IAAI,eAAe,oBAAA,EAAsB;AACvC,MAAA,MAAM,IAAI,yBAAyB,oBAAoB,CAAA;AACzD,IAAA;AAEA,IAAA,IAAI,MAAA,CAAO,MAAA,CAAO,OAAA,EAAS,WAAW,GAAG,OAAO,IAAA;AAEhD,IAAA,MAAM,UAAA,GAAa,OAAA;AACnB,IAAA,IACE,MAAA,CAAO,MAAA,CAAO,UAAA,EAAY,aAAa,CAAA,IACvC,OAAO,UAAA,CAAW,WAAA,KAAgB,QAAA,IAClC,UAAA,CAAW,WAAA,KAAgB,IAAA,IAC3B,MAAA,CAAO,OAAO,UAAA,CAAW,WAAA,EAAuB,WAAW,CAAA,IAC3D,OAAQ,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,QAAA,IACxE,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,IAAA,EAClE;AACA,MAAA,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,MAAA,CAAO,UAAU,CAAA,EAAG;AAC3C,MAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,IAAA,EAAM;AAC3C,QAAA,KAAA,CAAM,KAAK,GAAG,CAAA;AAChB,MAAA;AACF,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAA0D,GAAA,EAAwB;AAChG,EAAA,IAAI,CAAC,YAAY,GAAG,CAAA;AAClB,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,4CAAA;MACT,WAAA,EAAa;KACd,CAAA;AACH,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAChC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,0CAAA,EAA4C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AACpG,EAAA;AACF;AAEO,SAAS,YAAwD,GAAA,EAAoC;AAC1G,EAAA,IAAI,CAAC,OAAO,GAAG,CAAA;AACb,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,8CAAA;MACT,WAAA,EAAa;KACd,CAAA;AAEH,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAE1B,IAAA,IAAI,CAAC,WAAA,CAAY,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,+CAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,IAAI,YAAA,CAAa,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,yDAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,GAAA,EAAU,CAAA;AACjC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,wBAAA,EAA0B;AAC7C,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,kEAAA;AACT,QAAA,WAAA,EAAa,KAAA,CAAM;OACpB,CAAA;AACH,IAAA;AACA,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,kCAAA,EAAoC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC5F,EAAA;AACF;;;ACnGO,IAAM,aAAA,GAAgB;AACtB,IAAM,aAAA,GAAgB;AAEtB,IAAM,qBAAA,GAAwB,GAAA;AAC9B,IAAM,qBAAA,GAAwB,IAAA;AAC9B,IAAM,sBAAA,GAAyB,IAAA;AAE/B,IAAM,iBAAA,GAAoB,OAAO,MAAA,CAAO;AAAA,EAC7C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA;AACjC,CAAU;AAEH,IAAM,qBAAA,GAAwB,OAAO,MAAA,CAAO;AAAA,EACjD,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA;AACvD,CAAU,CAAA;;;ACDH,SAAS,OAAO,CAAA,EAA0C;AAC/D,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,IAAA;AACxC;AAEA,IAAM,YAAA,uBAAmB,GAAA,CAAI,CAAC,YAAY,QAAA,EAAU,WAAA,EAAa,KAAA,EAAO,UAAU,CAAC,CAAA;AAE5E,SAAS,sBAAA,CACd,GACA,QAAA,EAIO;AACP,EAAA,IAAI,CAAC,MAAA,CAAO,CAAC,CAAA,IAAM,QAAA,KAAa,MAAA,IAAU,QAAA,KAAa,KAAA,IAAU,CAAA,CAAE,QAAA,KAAa,QAAA,EAAU,OAAO,IAAA;AAEjG,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA;AAC1B,EAAA,IAAI,IAAA,CAAK,MAAA,KAAW,YAAA,CAAa,IAAA,EAAM,OAAO,IAAA;AAC9C,EAAA,KAAA,MAAW,GAAA,IAAO,MAAM,IAAI,CAAC,aAAa,GAAA,CAAI,GAAG,GAAG,OAAO,IAAA;AAE3D,EAAA,IACE,OAAO,CAAA,CAAE,MAAA,KAAW,QAAA,IACpB,EAAE,EAAE,MAAA,IAAU,iBAAA,CAAA,IACd,OAAO,CAAA,CAAE,SAAA,KAAc,QAAA,IACvB,EAAE,CAAA,CAAE,SAAA,IAAa,qBAAA,CAAA,IACjB,CAAC,MAAA,CAAO,CAAA,CAAE,GAAG,CAAA,IACb,CAAA,CAAE,GAAA,CAAI,IAAA,KAAS,QAAA,EACf;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,qBAAA,CAAsB,CAAA,CAAE,SAA+C,CAAA;AAEzF,EAAA,IACE,CAAC,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA,IAClB,CAAA,CAAE,SAAS,QAAA,KAAa,SAAA,CAAU,YAClC,CAAA,CAAE,QAAA,CAAS,SAAS,SAAA,CAAU,IAAA,IAC9B,EAAE,QAAA,CAAS,GAAA,KAAQ,UAAU,GAAA,EAC7B;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,CAAA,EAAG,SAAA,EAAU;AAC7B;AAGO,IAAM,eAAA,GACX;AAMK,SAAS,sBAAsB,IAAA,EAAuB;AAC3D,EAAA,OAAO,OAAO,IAAA,KAAS,QAAA,IAAY,eAAA,CAAgB,KAAK,IAAI,CAAA;AAC9D;AAEO,SAAS,+BAAA,CACd,MAAA,EACA,OAAA,EACA,MAAA,EAC6B;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,EAAQ,CAAC,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,sDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAoC,OAAO,CAAA,EAAG;AACjD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,WAAA;AACvC,EAAA,IAAI,EAAE,aAAa,qBAAA,CAAA,EAAwB;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,yCAAA,EAA4C,SAAS,CAAA,CAAA;AAAA,MACvE,WAAA,EAAa,6BAA6B,MAAA,CAAO,IAAA,CAAK,qBAAqB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACxF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,sCAAA,EAAyC,MAAM,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA,EAAG;AACpB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,iDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,SAAA;AAAA,IACA,MAAA;AAAA,IACA,IAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA,EAAa,sBAAsB,SAAS,CAAA;AAAA,IAC5C,UAAA,EAAY,kBAAkB,MAAM;AAAA,GACrC,CAAA;AACH;AAEO,SAAS,4BAAA,CACd,QAAA,EACA,OAAA,EACA,MAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAiC,OAAO,CAAA,EAAG;AAC9C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,6CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,mCAAA,EAAsC,MAAM,CAAA,CAAA;AAAA,MAC9D,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,4CAAA,EAA+C,cAAc,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,EAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,CAAA,EAAG,sBAAsB,CAAA,EAAG;AACpD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,oCAAoC,sBAAsB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA,8BAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,cAAA;AAAA,IACA,UAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;AAEA,SAAS,iBAAA,CAAkB,YAAoB,QAAA,EAAoD;AACjG,EAAA,IAAI,QAAA,KAAa,KAAA,EAAO,OAAO,UAAA,GAAa,CAAA;AAC5C,EAAA,OAAO,IAAA,CAAK,IAAA,CAAK,UAAA,GAAa,CAAC,CAAA,GAAI,CAAA;AACrC;AAEO,SAAS,8BAAA,CACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,SACA,MAAA,EACgC;AAChC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,cAAc,CAAA,EAAG;AAC3B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,2DAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAmC,OAAO,CAAA,EAAG;AAChD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,qCAAA,EAAwC,MAAM,CAAA,CAAA;AAAA,MAChE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,6CAAA,EAAgD,aAAa,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,qDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,SAAA,EAAW,aAAa,CAAA;AAC7D,EAAA,IAAI,cAAA,CAAe,SAAS,UAAA,EAAY;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+DAAA,CAAA;AAAA,MAClB,aAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,SAAS,kBAAkB,aAAa,CAAA,SAAA;AAAA,KACvG,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,sBAAA,EAAwB,aAAa,CAAA;AAC1E,EAAA,IAAI,IAAA,CAAK,SAAS,UAAA,EAAY;AAC5B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,aAAa,CAAA,SAAA;AAAA,KAC5E,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,aAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;;;ACnSO,SAAS,gBAA4D,GAAA,EAAwB;AAClG,EAAA,OAAO,cAAc,GAAG,CAAA;AAC1B;AAmBO,SAAS,aAAyD,GAAA,EAAgB;AACvF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,GAAG,CAAA;AAC3C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,cAA0D,GAAA,EAAoC;AAC5G,EAAA,OAAO,YAAe,GAAG,CAAA;AAC3B;AAgBO,SAAS,WAAuD,GAAA,EAAgB;AACrF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,YAAe,GAAG,CAAA;AAC5C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-IY6XGUYO.js","sourcesContent":["export function $isStr(x: unknown, min = 1): x is string {\n return typeof x === \"string\" && x.trim().length >= min;\n}\n\nexport function $isIntIn<T extends number>(x: unknown, min: number, max: number): x is T {\n return typeof x === \"number\" && Number.isInteger(x) && x >= min && x <= max;\n}\n\nexport function $isPlainObj<T extends object = Record<string, unknown>>(x: unknown): x is T {\n if (typeof x !== \"object\" || x === null) return false;\n const proto = Object.getPrototypeOf(x);\n return proto === Object.prototype || proto === null;\n}\n","import { $isPlainObj } from \"./validate.js\";\n\nexport interface ErrorStruct {\n readonly message: string;\n readonly description: string;\n}\n\ntype ReservedResultKeys = \"success\" | \"error\";\n\ntype ShouldWrapObject<T extends object> = Extract<keyof T, ReservedResultKeys> extends never ? false : true;\n\ntype OkType<T> = {\n readonly success: true;\n readonly error?: undefined;\n} & (T extends object\n ? ShouldWrapObject<T> extends true\n ? { readonly result: T }\n : { readonly [K in keyof T]: T[K] }\n : { readonly result: T });\n\ntype ErrType<T> = {\n readonly success: false;\n readonly error: ErrorStruct;\n} & (T extends object\n ? ShouldWrapObject<T> extends true\n ? { readonly result?: undefined }\n : { readonly [K in keyof T]?: undefined }\n : { readonly result?: undefined });\n\nexport type Result<T> = OkType<T> | ErrType<T>;\n\nexport function $ok<T>(result: T): Result<T> {\n if ($isPlainObj(result)) {\n const obj = result as Record<string, unknown>;\n if (Object.hasOwn(obj, \"success\") || Object.hasOwn(obj, \"error\")) {\n return { success: true, result } as Result<T>;\n }\n return { success: true, ...obj } as Result<T>;\n }\n return { success: true, result } as Result<T>;\n}\n\nexport function $err(err: ErrorStruct): Result<never> {\n return {\n success: false,\n error: { message: err.message, description: err.description },\n } as Result<never>;\n}\n\nexport function $fmtError(error: unknown): string {\n if (typeof error === \"string\") return error;\n if (error instanceof Error) return error.message;\n return String(error);\n}\n\nexport function $fmtResultErr(err: ErrorStruct | undefined): string {\n if (!err) return \"Unknown error\";\n return `${err.message} - ${err.description}`;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\n\nexport const textEncoder = new TextEncoder();\nexport const textDecoder = new TextDecoder();\nconst strictUtf8Decoder = new TextDecoder(\"utf-8\", { fatal: true });\n\nexport const ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\", \"utf8\", \"latin1\"] as const);\nexport const CIPHER_ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\"] as const);\n\nexport type Encoding = (typeof ENCODING)[number];\nexport type CipherEncoding = (typeof CIPHER_ENCODING)[number];\n\nexport function $convertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n if (typeof data !== \"string\") {\n return $err({\n message: \"strToBytes: Data must be a string\",\n description: `Expected a string value, received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(inputEncoding)) {\n return $err({\n message: `strToBytes: Unsupported encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n try {\n const bytes = strToBytes[inputEncoding](data);\n return $ok({ result: bytes });\n } catch (error) {\n return $err({ message: \"strToBytes: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {\n return $err({\n message: \"bytesToStr: Data must be an ArrayBuffer or Uint8Array\",\n description: `Expected binary data (ArrayBuffer or Uint8Array), received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(outputEncoding)) {\n return $err({\n message: `bytesToStr: Unsupported encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n try {\n const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);\n const str = bytesToStr[outputEncoding](bytes);\n return $ok(str);\n } catch (error) {\n return $err({ message: \"bytesToStr: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport const strToBytes = {\n base64: $fromBase64,\n base64url: $fromBase64Url,\n hex: $fromHex,\n latin1: $fromLatin1,\n utf8: (data: string) => textEncoder.encode(data),\n} as const satisfies Record<Encoding, (data: string) => Uint8Array<ArrayBuffer>>;\n\nexport const bytesToStr = {\n base64: $toBase64,\n base64url: $toBase64Url,\n hex: $toHex,\n latin1: $toLatin1,\n utf8: (data: Uint8Array) => strictUtf8Decoder.decode(data),\n} as const satisfies Record<Encoding, (data: Uint8Array) => string>;\n\nexport function $toLatin1(bytes: Uint8Array): string {\n let out = \"\";\n const chunk = 1 << 15;\n for (let i = 0; i < bytes.length; i += chunk) {\n out += String.fromCharCode(...bytes.subarray(i, i + chunk));\n }\n return out;\n}\n\nexport function $fromLatin1(data: string): Uint8Array<ArrayBuffer> {\n const out = new Uint8Array(data.length);\n for (let i = 0; i < data.length; i++) {\n const charCode = data.charCodeAt(i);\n if (charCode > 255) throw new Error(\"Invalid latin1 string\");\n out[i] = charCode;\n }\n return out;\n}\n\nexport function $toBase64(bytes: Uint8Array): string {\n return btoa($toLatin1(bytes));\n}\n\nconst BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;\n\nexport function $fromBase64(data: string): Uint8Array<ArrayBuffer> {\n if (!BASE64_REGEX.test(data)) throw new Error(\"Invalid base64 string\");\n return $fromLatin1(atob(data));\n}\n\nexport function $toBase64Url(bytes: Uint8Array): string {\n return $toBase64(bytes).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\nconst BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;\n\nexport function $fromBase64Url(data: string): Uint8Array<ArrayBuffer> {\n if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, \"\").length % 4 === 1) {\n throw new Error(\"Invalid base64url string\");\n }\n let base64 = data.replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padLen = (4 - (base64.length % 4)) % 4;\n base64 += \"=\".repeat(padLen);\n return $fromBase64(base64);\n}\n\nconst HEX_TABLE = Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, \"0\"));\n\nconst HEX_NIBBLE = new Uint8Array(256).fill(255);\nfor (let i = 48; i <= 57; i++) HEX_NIBBLE[i] = i - 48; // 0-9\nfor (let i = 65; i <= 70; i++) HEX_NIBBLE[i] = i - 55; // A-F\nfor (let i = 97; i <= 102; i++) HEX_NIBBLE[i] = i - 87; // a-f\n\nexport function $toHex(bytes: Uint8Array): string {\n const hex = new Array<string>(bytes.length);\n for (let i = 0; i < bytes.length; i++) {\n hex[i] = HEX_TABLE[bytes[i] as number] as string;\n }\n return hex.join(\"\");\n}\n\nexport function $fromHex(data: string): Uint8Array<ArrayBuffer> {\n const clean = data.startsWith(\"0x\") || data.startsWith(\"0X\") ? data.slice(2) : data;\n if (clean.length % 2 !== 0) throw new Error(\"Invalid hex string\");\n\n const out = new Uint8Array(clean.length / 2);\n for (let i = 0, j = 0; i < clean.length; i += 2, j++) {\n const hiCode = clean.charCodeAt(i);\n const loCode = clean.charCodeAt(i + 1);\n if (hiCode > 255 || loCode > 255) throw new Error(\"Invalid hex string\");\n const hi = HEX_NIBBLE[hiCode] as number;\n const lo = HEX_NIBBLE[loCode] as number;\n if (hi === 255 || lo === 255) throw new Error(\"Invalid hex string\");\n out[j] = (hi << 4) | lo;\n }\n return out;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\nimport { $isPlainObj, $isStr } from \"./validate.js\";\n\nclass ProtoTraversalLimitError extends Error {\n constructor(limit: number) {\n super(`Object graph exceeded prototype-scan limit (${limit} nodes)`);\n this.name = \"ProtoTraversalLimitError\";\n }\n}\n\nconst MAX_PROTO_SCAN_NODES = 100_000;\n\nfunction $hasProtoKey(obj: unknown): boolean {\n if (typeof obj !== \"object\" || obj === null) return false;\n\n const seen = new WeakSet<object>();\n const stack: unknown[] = [obj];\n let scannedNodes = 0;\n\n while (stack.length > 0) {\n const current = stack.pop();\n if (typeof current !== \"object\" || current === null) continue;\n if (seen.has(current)) continue;\n\n seen.add(current);\n scannedNodes++;\n if (scannedNodes > MAX_PROTO_SCAN_NODES) {\n throw new ProtoTraversalLimitError(MAX_PROTO_SCAN_NODES);\n }\n\n if (Object.hasOwn(current, \"__proto__\")) return true;\n\n const currentObj = current as Record<string, unknown>;\n if (\n Object.hasOwn(currentObj, \"constructor\") &&\n typeof currentObj.constructor === \"object\" &&\n currentObj.constructor !== null &&\n Object.hasOwn(currentObj.constructor as object, \"prototype\") &&\n typeof (currentObj.constructor as Record<string, unknown>).prototype === \"object\" &&\n (currentObj.constructor as Record<string, unknown>).prototype !== null\n ) {\n return true;\n }\n\n for (const val of Object.values(currentObj)) {\n if (typeof val === \"object\" && val !== null) {\n stack.push(val);\n }\n }\n }\n\n return false;\n}\n\nexport function $stringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n if (!$isPlainObj(obj))\n return $err({\n message: \"stringifyObj: Input must be a plain object\",\n description: \"Only plain objects ({...}) are accepted, not arrays, class instances, or built-ins\",\n });\n try {\n return $ok(JSON.stringify(obj));\n } catch (error) {\n return $err({ message: \"stringifyObj: Failed to stringify object\", description: $fmtError(error) });\n }\n}\n\nexport function $parseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n if (!$isStr(str))\n return $err({\n message: \"parseToObj: Input must be a non-empty string\",\n description: \"Expected a non-empty JSON string to parse\",\n });\n\n try {\n const obj = JSON.parse(str);\n\n if (!$isPlainObj(obj)) {\n return $err({\n message: \"parseToObj: Parsed data is not a plain object\",\n description: \"JSON parsed successfully but the result is not a plain object (e.g. array, string, number)\",\n });\n }\n\n if ($hasProtoKey(obj)) {\n return $err({\n message: \"parseToObj: Input contains a prototype pollution vector\",\n description: \"Objects with __proto__ or constructor.prototype keys are rejected\",\n });\n }\n\n return $ok({ result: obj as T });\n } catch (error) {\n if (error instanceof ProtoTraversalLimitError) {\n return $err({\n message: \"parseToObj: Input object is too deeply nested to validate safely\",\n description: error.message,\n });\n }\n return $err({ message: \"parseToObj: Failed to parse JSON\", description: $fmtError(error) });\n }\n}\n","export { CIPHER_ENCODING, ENCODING } from \"@internal/helpers\";\n\nexport const GCM_TAG_BYTES = 16;\nexport const GCM_IV_LENGTH = 12;\n\nexport const MAX_PBKDF2_ITERATIONS = 10_000_000;\nexport const MAX_PBKDF2_KEY_LENGTH = 1024;\nexport const MAX_PBKDF2_SALT_LENGTH = 1024;\n\nexport const DIGEST_ALGORITHMS = Object.freeze({\n sha256: { node: \"sha256\", web: \"SHA-256\" },\n sha384: { node: \"sha384\", web: \"SHA-384\" },\n sha512: { node: \"sha512\", web: \"SHA-512\" },\n} as const);\n\nexport const ENCRYPTION_ALGORITHMS = Object.freeze({\n aes256gcm: { keyBytes: 32, node: \"aes-256-gcm\", web: \"AES-GCM\" },\n aes192gcm: { keyBytes: 24, node: \"aes-192-gcm\", web: \"AES-GCM\" },\n aes128gcm: { keyBytes: 16, node: \"aes-128-gcm\", web: \"AES-GCM\" },\n} as const);\n","import { $err, $isIntIn, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport {\n CIPHER_ENCODING,\n DIGEST_ALGORITHMS,\n ENCRYPTION_ALGORITHMS,\n MAX_PBKDF2_ITERATIONS,\n MAX_PBKDF2_KEY_LENGTH,\n MAX_PBKDF2_SALT_LENGTH,\n} from \"./consts.js\";\nimport type {\n CreateSecretKeyOptions,\n HashPasswordOptions,\n ValidatedHashOptions,\n ValidatedKdfOptions,\n ValidatedVerifyOptions,\n VerifyPasswordOptions,\n} from \"./types.js\";\n\nexport function $isObj(x: unknown): x is Record<string, unknown> {\n return typeof x === \"object\" && x !== null;\n}\n\nconst expectedKeys = new Set([\"platform\", \"digest\", \"algorithm\", \"key\", \"injected\"]);\n\nexport function $validateSecretKeyBase(\n x: unknown,\n platform: \"node\" | \"web\",\n): {\n obj: Record<string, unknown>;\n algorithm: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} | null {\n if (!$isObj(x) || (platform !== \"node\" && platform !== \"web\") || x.platform !== platform) return null;\n\n const keys = Object.keys(x);\n if (keys.length !== expectedKeys.size) return null;\n for (const key of keys) if (!expectedKeys.has(key)) return null;\n\n if (\n typeof x.digest !== \"string\" ||\n !(x.digest in DIGEST_ALGORITHMS) ||\n typeof x.algorithm !== \"string\" ||\n !(x.algorithm in ENCRYPTION_ALGORITHMS) ||\n !$isObj(x.key) ||\n x.key.type !== \"secret\"\n ) {\n return null;\n }\n\n const algorithm = ENCRYPTION_ALGORITHMS[x.algorithm as keyof typeof ENCRYPTION_ALGORITHMS];\n\n if (\n !$isObj(x.injected) ||\n x.injected.keyBytes !== algorithm.keyBytes ||\n x.injected.node !== algorithm.node ||\n x.injected.web !== algorithm.web\n ) {\n return null;\n }\n\n return { obj: x, algorithm };\n}\n\n/** Matches the `\"iv.cipher.tag.\"` encrypted payload format. */\nexport const ENCRYPTED_REGEX =\n /^([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.$/;\n\n/**\n * Structural check only — validates the dot-separated `\"iv.cipher.tag.\"` format\n * but does NOT verify that individual segments contain valid base64, base64url, or hex encoding.\n */\nexport function matchEncryptedPattern(data: string): boolean {\n return typeof data === \"string\" && ENCRYPTED_REGEX.test(data);\n}\n\nexport function $validateCreateSecretKeyOptions(\n secret: string,\n options: CreateSecretKeyOptions,\n prefix: string,\n): Result<ValidatedKdfOptions> {\n if (!$isStr(secret, 8)) {\n return $err({\n message: `${prefix} createSecretKey: Secret must be at least 8 characters`,\n description: \"Use a high-entropy string of at least 8 characters\",\n });\n }\n\n if (!$isPlainObj<CreateSecretKeyOptions>(options)) {\n return $err({\n message: `${prefix} createSecretKey: Options must be a plain object`,\n description: 'Pass an object like { algorithm: \"aes256gcm\" }',\n });\n }\n\n const algorithm = options.algorithm ?? \"aes256gcm\";\n if (!(algorithm in ENCRYPTION_ALGORITHMS)) {\n return $err({\n message: `${prefix} createSecretKey: Unsupported algorithm: ${algorithm}`,\n description: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} createSecretKey: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const salt = options.salt ?? \"cipher-kit\";\n if (!$isStr(salt, 8)) {\n return $err({\n message: `${prefix} createSecretKey: Salt must be at least 8 characters`,\n description: \"Provide a salt string with at least 8 characters\",\n });\n }\n\n const info = options.info ?? \"cipher-kit\";\n if (!$isStr(info)) {\n return $err({\n message: `${prefix} createSecretKey: Info must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n return $ok({\n algorithm,\n digest,\n salt,\n info,\n encryptAlgo: ENCRYPTION_ALGORITHMS[algorithm],\n digestAlgo: DIGEST_ALGORITHMS[digest],\n });\n}\n\nexport function $validateHashPasswordOptions(\n password: string,\n options: HashPasswordOptions,\n prefix: string,\n): Result<ValidatedHashOptions> {\n if (!$isStr(password)) {\n return $err({\n message: `${prefix} hashPassword: Password must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashPasswordOptions>(options)) {\n return $err({\n message: `${prefix} hashPassword: Options must be a plain object`,\n description: \"Pass an object like { iterations: 320000 }\",\n });\n }\n\n const digest = options.digest ?? \"sha512\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} hashPassword: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `${prefix} hashPassword: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const saltLength = options.saltLength ?? 16;\n if (!$isIntIn(saltLength, 8, MAX_PBKDF2_SALT_LENGTH)) {\n return $err({\n message: `${prefix} hashPassword: Salt length must be at least 8 bytes`,\n description: `Must be an integer between 8 and ${MAX_PBKDF2_SALT_LENGTH} (recommended 16 or more)`,\n });\n }\n\n const iterations = options.iterations ?? 320_000;\n if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n return $err({\n message: `${prefix} hashPassword: Iterations must be at least 100,000`,\n description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS} (recommended 320,000 or more)`,\n });\n }\n\n const keyLength = options.keyLength ?? 64;\n if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n return $err({\n message: `${prefix} hashPassword: Key length must be at least 16 bytes`,\n description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH} (recommended 64 or more)`,\n });\n }\n\n return $ok({\n digest,\n digestAlgo: DIGEST_ALGORITHMS[digest],\n outputEncoding,\n saltLength,\n iterations,\n keyLength,\n });\n}\n\nfunction $maxEncodedLength(byteLength: number, encoding: (typeof CIPHER_ENCODING)[number]): number {\n if (encoding === \"hex\") return byteLength * 2;\n return Math.ceil(byteLength / 3) * 4;\n}\n\nexport function $validateVerifyPasswordOptions(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n prefix: string,\n): Result<ValidatedVerifyOptions> {\n if (!$isStr(password)) {\n return $err({\n message: `${prefix} verifyPassword: Password must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isStr(hashedPassword)) {\n return $err({\n message: `${prefix} verifyPassword: Hashed password must be a non-empty string`,\n description: \"Pass the hash string returned by hashPassword()\",\n });\n }\n\n if (!$isStr(salt)) {\n return $err({\n message: `${prefix} verifyPassword: Salt must be a non-empty string`,\n description: \"Pass the salt string returned by hashPassword()\",\n });\n }\n\n if (!$isPlainObj<VerifyPasswordOptions>(options)) {\n return $err({\n message: `${prefix} verifyPassword: Options must be a plain object`,\n description: \"Pass an object matching the options used for hashPassword()\",\n });\n }\n\n const digest = options.digest ?? \"sha512\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} verifyPassword: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `${prefix} verifyPassword: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const iterations = options.iterations ?? 320_000;\n if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n return $err({\n message: `${prefix} verifyPassword: Iterations must be at least 100,000`,\n description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS}`,\n });\n }\n\n const keyLength = options.keyLength ?? 64;\n if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n return $err({\n message: `${prefix} verifyPassword: Key length must be at least 16 bytes`,\n description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH}`,\n });\n }\n\n const maxHashLen = $maxEncodedLength(keyLength, inputEncoding);\n if (hashedPassword.length > maxHashLen) {\n return $err({\n message: `${prefix} verifyPassword: Hashed password exceeds maximum encoded length`,\n description: `Expected at most ${maxHashLen} characters for ${keyLength}-byte key with ${inputEncoding} encoding`,\n });\n }\n\n const maxSaltLen = $maxEncodedLength(MAX_PBKDF2_SALT_LENGTH, inputEncoding);\n if (salt.length > maxSaltLen) {\n return $err({\n message: `${prefix} verifyPassword: Salt exceeds maximum encoded length`,\n description: `Expected at most ${maxSaltLen} characters for ${inputEncoding} encoding`,\n });\n }\n\n return $ok({\n digest,\n digestAlgo: DIGEST_ALGORITHMS[digest],\n inputEncoding,\n iterations,\n keyLength,\n });\n}\n","import { $fmtResultErr, $parseToObj, $stringifyObj, type Result } from \"@internal/helpers\";\n\n/**\n * Serializes a plain object to JSON (non-throwing).\n *\n * @returns `Result<string>` with the JSON string or error.\n * @see {@link stringifyObj} For full parameter/behavior docs.\n */\nexport function tryStringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n return $stringifyObj(obj);\n}\n\n/**\n * Serializes a plain object to JSON.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n *\n * @param obj - The object to stringify.\n * @returns JSON string representation of the object.\n * @throws {Error} If `obj` is not a plain object or serialization fails.\n *\n * @example\n * ```ts\n * const json = stringifyObj({ a: 1 }); // '{\"a\":1}'\n * ```\n *\n * @see {@link tryStringifyObj} Non-throwing variant returning `Result<string>`.\n */\nexport function stringifyObj<T extends object = Record<string, unknown>>(obj: T): string {\n const { result, error } = $stringifyObj(obj);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Parses a JSON string to a plain object (non-throwing).\n *\n * @returns `Result<{ result: T }>` with the parsed object or error.\n * @see {@link parseToObj} For full parameter/behavior docs.\n */\nexport function tryParseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n return $parseToObj<T>(str);\n}\n\n/**\n * Parses a JSON string to a plain object.\n *\n * @param str - The JSON string to parse.\n * @returns The parsed plain object.\n * @throws {Error} If the string can't be parsed or doesn't represent a plain object.\n *\n * @example\n * ```ts\n * const obj = parseToObj<{ a: number }>('{\"a\":1}'); // obj.a === 1\n * ```\n *\n * @see {@link tryParseToObj} Non-throwing variant returning `Result<{ result: T }>`.\n */\nexport function parseToObj<T extends object = Record<string, unknown>>(str: string): T {\n const { result, error } = $parseToObj<T>(str);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n"]}
package/dist/{chunk-X7IPAA7B.cjs → chunk-VCBHSRCS.cjs} RENAMED
@@ -123,13 +123,19 @@ function $fromLatin1(data) {
123
123
  function $toBase64(bytes) {
124
124
  return btoa($toLatin1(bytes));
125
125
  }
126
+ var BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;
126
127
  function $fromBase64(data) {
128
+ if (!BASE64_REGEX.test(data)) throw new Error("Invalid base64 string");
127
129
  return $fromLatin1(atob(data));
128
130
  }
129
131
  function $toBase64Url(bytes) {
130
132
  return $toBase64(bytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
131
133
  }
134
+ var BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;
132
135
  function $fromBase64Url(data) {
136
+ if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, "").length % 4 === 1) {
137
+ throw new Error("Invalid base64url string");
138
+ }
133
139
  let base64 = data.replace(/-/g, "+").replace(/_/g, "/");
134
140
  const padLen = (4 - base64.length % 4) % 4;
135
141
  base64 += "=".repeat(padLen);
@@ -513,5 +519,5 @@ exports.stringifyObj = stringifyObj;
513
519
  exports.textEncoder = textEncoder;
514
520
  exports.tryParseToObj = tryParseToObj;
515
521
  exports.tryStringifyObj = tryStringifyObj;
516
- //# sourceMappingURL=chunk-X7IPAA7B.cjs.map
517
- //# sourceMappingURL=chunk-X7IPAA7B.cjs.map
522
+ //# sourceMappingURL=chunk-VCBHSRCS.cjs.map
523
+ //# sourceMappingURL=chunk-VCBHSRCS.cjs.map
package/dist/chunk-VCBHSRCS.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../internal-helpers/src/validate.ts","../../internal-helpers/src/error.ts","../../internal-helpers/src/encode.ts","../../internal-helpers/src/object.ts","../src/helpers/consts.ts","../src/helpers/validate.ts","../src/helpers/object.ts"],"names":[],"mappings":";;;;;;;;;AAAO,SAAS,MAAA,CAAO,CAAA,EAAY,GAAA,GAAM,CAAA,EAAgB;AACvD,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,CAAE,IAAA,GAAO,MAAA,IAAU,GAAA;AACrD;AAEO,SAAS,QAAA,CAA2B,CAAA,EAAY,GAAA,EAAa,GAAA,EAAqB;AACvF,EAAA,OAAO,OAAO,MAAM,QAAA,IAAY,MAAA,CAAO,UAAU,CAAC,CAAA,IAAK,CAAA,IAAK,GAAA,IAAO,CAAA,IAAK,GAAA;AAC1E;AAEO,SAAS,YAAwD,CAAA,EAAoB;AAC1F,EAAA,IAAI,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,MAAM,OAAO,KAAA;AAChD,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,CAAC,CAAA;AACrC,EAAA,OAAO,KAAA,KAAU,MAAA,CAAO,SAAA,IAAa,KAAA,KAAU,IAAA;AACjD;ACmBO,SAAS,IAAO,MAAA,EAAsB;AAC3C,EAAA,IAAI,WAAA,CAAY,MAAM,CAAA,EAAG;AACvB,IAAA,MAAM,GAAA,GAAM,MAAA;AACZ,IAAA,IAAI,MAAA,CAAO,OAAO,GAAA,EAAK,SAAS,KAAK,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,OAAO,CAAA,EAAG;AAChE,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B,IAAA;AACA,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,GAAG,GAAA,EAAA;AAC7B,EAAA;AACA,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAA;AAC1B;AAEO,SAAS,KAAK,GAAA,EAAiC;AACpD,EAAA,OAAO;IACL,OAAA,EAAS,KAAA;AACT,IAAA,KAAA,EAAO,EAAE,OAAA,EAAS,GAAA,CAAI,OAAA,EAAS,WAAA,EAAa,IAAI,WAAA;AAAY,GAAA;AAEhE;AAEO,SAAS,UAAU,KAAA,EAAwB;AAChD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,EAAA,OAAO,OAAO,KAAK,CAAA;AACrB;AAEO,SAAS,cAAc,GAAA,EAAsC;AAClE,EAAA,IAAI,CAAC,KAAK,OAAO,eAAA;AACjB,EAAA,OAAO,CAAA,EAAG,GAAA,CAAI,OAAO,CAAA,GAAA,EAAM,IAAI,WAAW,CAAA,CAAA;AAC5C;ACxDO,IAAM,WAAA,GAAc,IAAI,WAAA;AACJ,IAAI,WAAA;AAC/B,IAAM,oBAAoB,IAAI,WAAA,CAAY,SAAS,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3D,IAAM,QAAA,GAAW,OAAO,MAAA,CAAO,CAAC,UAAU,WAAA,EAAa,KAAA,EAAO,MAAA,EAAQ,QAAQ,CAAU;AACxF,IAAM,kBAAkB,MAAA,CAAO,MAAA,CAAO,CAAC,QAAA,EAAU,WAAA,EAAa,KAAK,CAAU;AAK7E,SAAS,kBAAA,CACd,IAAA,EACA,aAAA,GAA0B,MAAA,EACmB;AAC7C,EAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAC5B,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,mCAAA;MACT,WAAA,EAAa,CAAA,kCAAA,EAAqC,OAAO,IAAI,CAAA;KAC9D,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,aAAa,CAAA,CAAA;MAC3D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,aAAa,CAAA,CAAE,IAAI,CAAA;AAC5C,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAA;AAC9B,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAgC,cAAA,GAA2B,MAAA,EAAwB;AACpH,EAAA,IAAI,EAAE,IAAA,YAAgB,WAAA,IAAe,IAAA,YAAgB,UAAA,CAAA,EAAa;AAChE,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,uDAAA;MACT,WAAA,EAAa,CAAA,2DAAA,EAA8D,OAAO,IAAI,CAAA;KACvF,CAAA;AACH,EAAA;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AACV,MAAA,OAAA,EAAS,qCAAqC,cAAc,CAAA,CAAA;MAC5D,WAAA,EAAa;KACd,CAAA;AACH,EAAA;AACA,EAAA,IAAI;AACF,IAAA,MAAM,QAAQ,IAAA,YAAgB,UAAA,GAAa,IAAA,GAAO,IAAI,WAAW,IAAI,CAAA;AACrE,IAAA,MAAM,GAAA,GAAM,UAAA,CAAW,cAAc,CAAA,CAAE,KAAK,CAAA;AAC5C,IAAA,OAAO,IAAI,GAAG,CAAA;AAChB,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,oCAAA,EAAsC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC9F,EAAA;AACF;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,WAAA;EACR,SAAA,EAAW,cAAA;EACX,GAAA,EAAK,QAAA;EACL,MAAA,EAAQ,WAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAiB,WAAA,CAAY,MAAA,CAAO,IAAI;AACjD,CAAA;AAEO,IAAM,UAAA,GAAa;EACxB,MAAA,EAAQ,SAAA;EACR,SAAA,EAAW,YAAA;EACX,GAAA,EAAK,MAAA;EACL,MAAA,EAAQ,SAAA;AACR,EAAA,IAAA,EAAM,CAAC,IAAA,KAAqB,iBAAA,CAAkB,MAAA,CAAO,IAAI;AAC3D,CAAA;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,IAAI,GAAA,GAAM,EAAA;AACV,EAAA,MAAM,QAAQ,CAAA,IAAK,EAAA;AACnB,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,KAAK,KAAA,EAAO;AAC5C,IAAA,GAAA,IAAO,MAAA,CAAO,aAAa,GAAG,KAAA,CAAM,SAAS,CAAA,EAAG,CAAA,GAAI,KAAK,CAAC,CAAA;AAC5D,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,CAAA;AACtC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,QAAQ,CAAA,EAAA,EAAK;AACpC,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA;AAClC,IAAA,IAAI,QAAA,GAAW,GAAA,EAAK,MAAM,IAAI,MAAM,uBAAuB,CAAA;AAC3D,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,QAAA;AACX,EAAA;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,UAAU,KAAA,EAA2B;AACnD,EAAA,OAAO,IAAA,CAAK,SAAA,CAAU,KAAK,CAAC,CAAA;AAC9B;AAEA,IAAM,YAAA,GAAe,oEAAA;AAEd,SAAS,YAAY,IAAA,EAAuC;AACjE,EAAA,IAAI,CAAC,aAAa,IAAA,CAAK,IAAI,GAAG,MAAM,IAAI,MAAM,uBAAuB,CAAA;AACrE,EAAA,OAAO,WAAA,CAAY,IAAA,CAAK,IAAI,CAAC,CAAA;AAC/B;AAEO,SAAS,aAAa,KAAA,EAA2B;AACtD,EAAA,OAAO,SAAA,CAAU,KAAK,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AACnF;AAEA,IAAM,eAAA,GAAkB,wBAAA;AAEjB,SAAS,eAAe,IAAA,EAAuC;AACpE,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,MAAA,GAAS,CAAA,KAAM,CAAA,EAAG;AAC3E,IAAA,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAC5C,EAAA;AACA,EAAA,IAAI,MAAA,GAAS,KAAK,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACtD,EAAA,MAAM,MAAA,GAAA,CAAU,CAAA,GAAK,MAAA,CAAO,MAAA,GAAS,CAAA,IAAM,CAAA;AAC3C,EAAA,MAAA,IAAU,GAAA,CAAI,OAAO,MAAM,CAAA;AAC3B,EAAA,OAAO,YAAY,MAAM,CAAA;AAC3B;AAEA,IAAM,YAAY,KAAA,CAAM,IAAA,CAAK,EAAE,MAAA,EAAQ,KAAA,EAAO,CAAC,CAAA,EAAG,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAEvF,IAAM,aAAa,IAAI,UAAA,CAAW,GAAG,CAAA,CAAE,KAAK,GAAG,CAAA;AAC/C,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,EAAA,EAAI,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AACnD,KAAA,IAAS,CAAA,GAAI,IAAI,CAAA,IAAK,GAAA,EAAK,KAAK,UAAA,CAAW,CAAC,IAAI,CAAA,GAAI,EAAA;AAE7C,SAAS,OAAO,KAAA,EAA2B;AAChD,EAAA,MAAM,GAAA,GAAM,IAAI,KAAA,CAAc,KAAA,CAAM,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,SAAA,CAAU,KAAA,CAAM,CAAC,CAAW,CAAA;AACvC,EAAA;AACA,EAAA,OAAO,GAAA,CAAI,KAAK,EAAE,CAAA;AACpB;AAEO,SAAS,SAAS,IAAA,EAAuC;AAC9D,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,IAAK,IAAA,CAAK,UAAA,CAAW,IAAI,CAAA,GAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAC/E,EAAA,IAAI,MAAM,MAAA,GAAS,CAAA,KAAM,GAAG,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAEhE,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,KAAA,CAAM,SAAS,CAAC,CAAA;AAC3C,EAAA,KAAA,IAAS,CAAA,GAAI,GAAG,CAAA,GAAI,CAAA,EAAG,IAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,IAAK,CAAA,EAAG,CAAA,EAAA,EAAK;AACpD,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAC,CAAA;AACjC,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,UAAA,CAAW,CAAA,GAAI,CAAC,CAAA;AACrC,IAAA,IAAI,SAAS,GAAA,IAAO,MAAA,GAAS,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AACtE,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,MAAM,EAAA,GAAK,WAAW,MAAM,CAAA;AAC5B,IAAA,IAAI,OAAO,GAAA,IAAO,EAAA,KAAO,KAAK,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAClE,IAAA,GAAA,CAAI,CAAC,CAAA,GAAK,EAAA,IAAM,CAAA,GAAK,EAAA;AACvB,EAAA;AACA,EAAA,OAAO,GAAA;AACT;ACpJA,IAAM,wBAAA,GAAN,cAAuC,KAAA,CAAM;AAC3C,EAAA,WAAA,CAAY,KAAA,EAAe;AACzB,IAAA,KAAA,CAAM,CAAA,4CAAA,EAA+C,KAAK,CAAA,OAAA,CAAS,CAAA;AACnE,IAAA,IAAA,CAAK,IAAA,GAAO,0BAAA;AACd,EAAA;AACF,CAAA;AAEA,IAAM,oBAAA,GAAuB,GAAA;AAE7B,SAAS,aAAa,GAAA,EAAuB;AAC3C,EAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,MAAM,OAAO,KAAA;AAEpD,EAAA,MAAM,IAAA,uBAAW,OAAA,EAAA;AACjB,EAAA,MAAM,KAAA,GAAmB,CAAC,GAAG,CAAA;AAC7B,EAAA,IAAI,YAAA,GAAe,CAAA;AAEnB,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,EAAG;AACvB,IAAA,MAAM,OAAA,GAAU,MAAM,GAAA,EAAA;AACtB,IAAA,IAAI,OAAO,OAAA,KAAY,QAAA,IAAY,OAAA,KAAY,IAAA,EAAM;AACrD,IAAA,IAAI,IAAA,CAAK,GAAA,CAAI,OAAO,CAAA,EAAG;AAEvB,IAAA,IAAA,CAAK,IAAI,OAAO,CAAA;AAChB,IAAA,YAAA,EAAA;AACA,IAAA,IAAI,eAAe,oBAAA,EAAsB;AACvC,MAAA,MAAM,IAAI,yBAAyB,oBAAoB,CAAA;AACzD,IAAA;AAEA,IAAA,IAAI,MAAA,CAAO,MAAA,CAAO,OAAA,EAAS,WAAW,GAAG,OAAO,IAAA;AAEhD,IAAA,MAAM,UAAA,GAAa,OAAA;AACnB,IAAA,IACE,MAAA,CAAO,MAAA,CAAO,UAAA,EAAY,aAAa,CAAA,IACvC,OAAO,UAAA,CAAW,WAAA,KAAgB,QAAA,IAClC,UAAA,CAAW,WAAA,KAAgB,IAAA,IAC3B,MAAA,CAAO,OAAO,UAAA,CAAW,WAAA,EAAuB,WAAW,CAAA,IAC3D,OAAQ,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,QAAA,IACxE,UAAA,CAAW,WAAA,CAAwC,SAAA,KAAc,IAAA,EAClE;AACA,MAAA,OAAO,IAAA;AACT,IAAA;AAEA,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,MAAA,CAAO,UAAU,CAAA,EAAG;AAC3C,MAAA,IAAI,OAAO,GAAA,KAAQ,QAAA,IAAY,GAAA,KAAQ,IAAA,EAAM;AAC3C,QAAA,KAAA,CAAM,KAAK,GAAG,CAAA;AAChB,MAAA;AACF,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,cAA0D,GAAA,EAAwB;AAChG,EAAA,IAAI,CAAC,YAAY,GAAG,CAAA;AAClB,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,4CAAA;MACT,WAAA,EAAa;KACd,CAAA;AACH,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAChC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,0CAAA,EAA4C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AACpG,EAAA;AACF;AAEO,SAAS,YAAwD,GAAA,EAAoC;AAC1G,EAAA,IAAI,CAAC,OAAO,GAAG,CAAA;AACb,IAAA,OAAO,IAAA,CAAK;MACV,OAAA,EAAS,8CAAA;MACT,WAAA,EAAa;KACd,CAAA;AAEH,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAE1B,IAAA,IAAI,CAAC,WAAA,CAAY,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,+CAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,IAAI,YAAA,CAAa,GAAG,CAAA,EAAG;AACrB,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,yDAAA;QACT,WAAA,EAAa;OACd,CAAA;AACH,IAAA;AAEA,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,GAAA,EAAU,CAAA;AACjC,EAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,wBAAA,EAA0B;AAC7C,MAAA,OAAO,IAAA,CAAK;QACV,OAAA,EAAS,kEAAA;AACT,QAAA,WAAA,EAAa,KAAA,CAAM;OACpB,CAAA;AACH,IAAA;AACA,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,kCAAA,EAAoC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAC5F,EAAA;AACF;;;ACnGO,IAAM,aAAA,GAAgB;AACtB,IAAM,aAAA,GAAgB;AAEtB,IAAM,qBAAA,GAAwB,GAAA;AAC9B,IAAM,qBAAA,GAAwB,IAAA;AAC9B,IAAM,sBAAA,GAAyB,IAAA;AAE/B,IAAM,iBAAA,GAAoB,OAAO,MAAA,CAAO;AAAA,EAC7C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA;AACjC,CAAU;AAEH,IAAM,qBAAA,GAAwB,OAAO,MAAA,CAAO;AAAA,EACjD,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA,EAAU;AAAA,EAC/D,WAAW,EAAE,QAAA,EAAU,IAAI,IAAA,EAAM,aAAA,EAAe,KAAK,SAAA;AACvD,CAAU,CAAA;;;ACDH,SAAS,OAAO,CAAA,EAA0C;AAC/D,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,IAAA;AACxC;AAEA,IAAM,YAAA,uBAAmB,GAAA,CAAI,CAAC,YAAY,QAAA,EAAU,WAAA,EAAa,KAAA,EAAO,UAAU,CAAC,CAAA;AAE5E,SAAS,sBAAA,CACd,GACA,QAAA,EAIO;AACP,EAAA,IAAI,CAAC,MAAA,CAAO,CAAC,CAAA,IAAM,QAAA,KAAa,MAAA,IAAU,QAAA,KAAa,KAAA,IAAU,CAAA,CAAE,QAAA,KAAa,QAAA,EAAU,OAAO,IAAA;AAEjG,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA;AAC1B,EAAA,IAAI,IAAA,CAAK,MAAA,KAAW,YAAA,CAAa,IAAA,EAAM,OAAO,IAAA;AAC9C,EAAA,KAAA,MAAW,GAAA,IAAO,MAAM,IAAI,CAAC,aAAa,GAAA,CAAI,GAAG,GAAG,OAAO,IAAA;AAE3D,EAAA,IACE,OAAO,CAAA,CAAE,MAAA,KAAW,QAAA,IACpB,EAAE,EAAE,MAAA,IAAU,iBAAA,CAAA,IACd,OAAO,CAAA,CAAE,SAAA,KAAc,QAAA,IACvB,EAAE,CAAA,CAAE,SAAA,IAAa,qBAAA,CAAA,IACjB,CAAC,MAAA,CAAO,CAAA,CAAE,GAAG,CAAA,IACb,CAAA,CAAE,GAAA,CAAI,IAAA,KAAS,QAAA,EACf;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,qBAAA,CAAsB,CAAA,CAAE,SAA+C,CAAA;AAEzF,EAAA,IACE,CAAC,MAAA,CAAO,CAAA,CAAE,QAAQ,CAAA,IAClB,CAAA,CAAE,SAAS,QAAA,KAAa,SAAA,CAAU,YAClC,CAAA,CAAE,QAAA,CAAS,SAAS,SAAA,CAAU,IAAA,IAC9B,EAAE,QAAA,CAAS,GAAA,KAAQ,UAAU,GAAA,EAC7B;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,CAAA,EAAG,SAAA,EAAU;AAC7B;AAGO,IAAM,eAAA,GACX;AAMK,SAAS,sBAAsB,IAAA,EAAuB;AAC3D,EAAA,OAAO,OAAO,IAAA,KAAS,QAAA,IAAY,eAAA,CAAgB,KAAK,IAAI,CAAA;AAC9D;AAEO,SAAS,+BAAA,CACd,MAAA,EACA,OAAA,EACA,MAAA,EAC6B;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,MAAA,EAAQ,CAAC,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,sDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAoC,OAAO,CAAA,EAAG;AACjD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,WAAA;AACvC,EAAA,IAAI,EAAE,aAAa,qBAAA,CAAA,EAAwB;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,yCAAA,EAA4C,SAAS,CAAA,CAAA;AAAA,MACvE,WAAA,EAAa,6BAA6B,MAAA,CAAO,IAAA,CAAK,qBAAqB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACxF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,sCAAA,EAAyC,MAAM,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA,EAAG;AACpB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,IAAA,GAAO,QAAQ,IAAA,IAAQ,YAAA;AAC7B,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,iDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,SAAA;AAAA,IACA,MAAA;AAAA,IACA,IAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA,EAAa,sBAAsB,SAAS,CAAA;AAAA,IAC5C,UAAA,EAAY,kBAAkB,MAAM;AAAA,GACrC,CAAA;AACH;AAEO,SAAS,4BAAA,CACd,QAAA,EACA,OAAA,EACA,MAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAiC,OAAO,CAAA,EAAG;AAC9C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,6CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,mCAAA,EAAsC,MAAM,CAAA,CAAA;AAAA,MAC9D,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,4CAAA,EAA+C,cAAc,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,EAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,CAAA,EAAG,sBAAsB,CAAA,EAAG;AACpD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,oCAAoC,sBAAsB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,kDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA,8BAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,mDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA,yBAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,cAAA;AAAA,IACA,UAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;AAEA,SAAS,iBAAA,CAAkB,YAAoB,QAAA,EAAoD;AACjG,EAAA,IAAI,QAAA,KAAa,KAAA,EAAO,OAAO,UAAA,GAAa,CAAA;AAC5C,EAAA,OAAO,IAAA,CAAK,IAAA,CAAK,UAAA,GAAa,CAAC,CAAA,GAAI,CAAA;AACrC;AAEO,SAAS,8BAAA,CACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,SACA,MAAA,EACgC;AAChC,EAAA,IAAI,CAAC,MAAA,CAAO,QAAQ,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,cAAc,CAAA,EAAG;AAC3B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,2DAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,gDAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAmC,OAAO,CAAA,EAAG;AAChD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+CAAA,CAAA;AAAA,MAClB,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,qCAAA,EAAwC,MAAM,CAAA,CAAA;AAAA,MAChE,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,EAAG,MAAM,CAAA,6CAAA,EAAgD,aAAa,CAAA,CAAA;AAAA,MAC/E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,UAAA,IAAc,IAAA;AACzC,EAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,GAAA,EAAS,qBAAqB,CAAA,EAAG;AACzD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,0CAA0C,qBAAqB,CAAA;AAAA,KAC7E,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,EAAA;AACvC,EAAA,IAAI,CAAC,QAAA,CAAS,SAAA,EAAW,EAAA,EAAI,qBAAqB,CAAA,EAAG;AACnD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,qDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,qCAAqC,qBAAqB,CAAA;AAAA,KACxE,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,SAAA,EAAW,aAAa,CAAA;AAC7D,EAAA,IAAI,cAAA,CAAe,SAAS,UAAA,EAAY;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,+DAAA,CAAA;AAAA,MAClB,aAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,SAAS,kBAAkB,aAAa,CAAA,SAAA;AAAA,KACvG,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,UAAA,GAAa,iBAAA,CAAkB,sBAAA,EAAwB,aAAa,CAAA;AAC1E,EAAA,IAAI,IAAA,CAAK,SAAS,UAAA,EAAY;AAC5B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,GAAG,MAAM,CAAA,oDAAA,CAAA;AAAA,MAClB,WAAA,EAAa,CAAA,iBAAA,EAAoB,UAAU,CAAA,gBAAA,EAAmB,aAAa,CAAA,SAAA;AAAA,KAC5E,CAAA;AAAA,EACH;AAEA,EAAA,OAAO,GAAA,CAAI;AAAA,IACT,MAAA;AAAA,IACA,UAAA,EAAY,kBAAkB,MAAM,CAAA;AAAA,IACpC,aAAA;AAAA,IACA,UAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;;;ACnSO,SAAS,gBAA4D,GAAA,EAAwB;AAClG,EAAA,OAAO,cAAc,GAAG,CAAA;AAC1B;AAmBO,SAAS,aAAyD,GAAA,EAAgB;AACvF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,GAAG,CAAA;AAC3C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,cAA0D,GAAA,EAAoC;AAC5G,EAAA,OAAO,YAAe,GAAG,CAAA;AAC3B;AAgBO,SAAS,WAAuD,GAAA,EAAgB;AACrF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,YAAe,GAAG,CAAA;AAC5C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-VCBHSRCS.cjs","sourcesContent":["export function $isStr(x: unknown, min = 1): x is string {\n return typeof x === \"string\" && x.trim().length >= min;\n}\n\nexport function $isIntIn<T extends number>(x: unknown, min: number, max: number): x is T {\n return typeof x === \"number\" && Number.isInteger(x) && x >= min && x <= max;\n}\n\nexport function $isPlainObj<T extends object = Record<string, unknown>>(x: unknown): x is T {\n if (typeof x !== \"object\" || x === null) return false;\n const proto = Object.getPrototypeOf(x);\n return proto === Object.prototype || proto === null;\n}\n","import { $isPlainObj } from \"./validate.js\";\n\nexport interface ErrorStruct {\n readonly message: string;\n readonly description: string;\n}\n\ntype ReservedResultKeys = \"success\" | \"error\";\n\ntype ShouldWrapObject<T extends object> = Extract<keyof T, ReservedResultKeys> extends never ? false : true;\n\ntype OkType<T> = {\n readonly success: true;\n readonly error?: undefined;\n} & (T extends object\n ? ShouldWrapObject<T> extends true\n ? { readonly result: T }\n : { readonly [K in keyof T]: T[K] }\n : { readonly result: T });\n\ntype ErrType<T> = {\n readonly success: false;\n readonly error: ErrorStruct;\n} & (T extends object\n ? ShouldWrapObject<T> extends true\n ? { readonly result?: undefined }\n : { readonly [K in keyof T]?: undefined }\n : { readonly result?: undefined });\n\nexport type Result<T> = OkType<T> | ErrType<T>;\n\nexport function $ok<T>(result: T): Result<T> {\n if ($isPlainObj(result)) {\n const obj = result as Record<string, unknown>;\n if (Object.hasOwn(obj, \"success\") || Object.hasOwn(obj, \"error\")) {\n return { success: true, result } as Result<T>;\n }\n return { success: true, ...obj } as Result<T>;\n }\n return { success: true, result } as Result<T>;\n}\n\nexport function $err(err: ErrorStruct): Result<never> {\n return {\n success: false,\n error: { message: err.message, description: err.description },\n } as Result<never>;\n}\n\nexport function $fmtError(error: unknown): string {\n if (typeof error === \"string\") return error;\n if (error instanceof Error) return error.message;\n return String(error);\n}\n\nexport function $fmtResultErr(err: ErrorStruct | undefined): string {\n if (!err) return \"Unknown error\";\n return `${err.message} - ${err.description}`;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\n\nexport const textEncoder = new TextEncoder();\nexport const textDecoder = new TextDecoder();\nconst strictUtf8Decoder = new TextDecoder(\"utf-8\", { fatal: true });\n\nexport const ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\", \"utf8\", \"latin1\"] as const);\nexport const CIPHER_ENCODING = Object.freeze([\"base64\", \"base64url\", \"hex\"] as const);\n\nexport type Encoding = (typeof ENCODING)[number];\nexport type CipherEncoding = (typeof CIPHER_ENCODING)[number];\n\nexport function $convertStrToBytes(\n data: string,\n inputEncoding: Encoding = \"utf8\",\n): Result<{ result: Uint8Array<ArrayBuffer> }> {\n if (typeof data !== \"string\") {\n return $err({\n message: \"strToBytes: Data must be a string\",\n description: `Expected a string value, received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(inputEncoding)) {\n return $err({\n message: `strToBytes: Unsupported encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n try {\n const bytes = strToBytes[inputEncoding](data);\n return $ok({ result: bytes });\n } catch (error) {\n return $err({ message: \"strToBytes: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertBytesToStr(data: Uint8Array | ArrayBuffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {\n return $err({\n message: \"bytesToStr: Data must be an ArrayBuffer or Uint8Array\",\n description: `Expected binary data (ArrayBuffer or Uint8Array), received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(outputEncoding)) {\n return $err({\n message: `bytesToStr: Unsupported encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n try {\n const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);\n const str = bytesToStr[outputEncoding](bytes);\n return $ok(str);\n } catch (error) {\n return $err({ message: \"bytesToStr: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport const strToBytes = {\n base64: $fromBase64,\n base64url: $fromBase64Url,\n hex: $fromHex,\n latin1: $fromLatin1,\n utf8: (data: string) => textEncoder.encode(data),\n} as const satisfies Record<Encoding, (data: string) => Uint8Array<ArrayBuffer>>;\n\nexport const bytesToStr = {\n base64: $toBase64,\n base64url: $toBase64Url,\n hex: $toHex,\n latin1: $toLatin1,\n utf8: (data: Uint8Array) => strictUtf8Decoder.decode(data),\n} as const satisfies Record<Encoding, (data: Uint8Array) => string>;\n\nexport function $toLatin1(bytes: Uint8Array): string {\n let out = \"\";\n const chunk = 1 << 15;\n for (let i = 0; i < bytes.length; i += chunk) {\n out += String.fromCharCode(...bytes.subarray(i, i + chunk));\n }\n return out;\n}\n\nexport function $fromLatin1(data: string): Uint8Array<ArrayBuffer> {\n const out = new Uint8Array(data.length);\n for (let i = 0; i < data.length; i++) {\n const charCode = data.charCodeAt(i);\n if (charCode > 255) throw new Error(\"Invalid latin1 string\");\n out[i] = charCode;\n }\n return out;\n}\n\nexport function $toBase64(bytes: Uint8Array): string {\n return btoa($toLatin1(bytes));\n}\n\nconst BASE64_REGEX = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/;\n\nexport function $fromBase64(data: string): Uint8Array<ArrayBuffer> {\n if (!BASE64_REGEX.test(data)) throw new Error(\"Invalid base64 string\");\n return $fromLatin1(atob(data));\n}\n\nexport function $toBase64Url(bytes: Uint8Array): string {\n return $toBase64(bytes).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\nconst BASE64URL_REGEX = /^[A-Za-z0-9_-]*={0,2}$/;\n\nexport function $fromBase64Url(data: string): Uint8Array<ArrayBuffer> {\n if (!BASE64URL_REGEX.test(data) || data.replace(/=+$/, \"\").length % 4 === 1) {\n throw new Error(\"Invalid base64url string\");\n }\n let base64 = data.replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padLen = (4 - (base64.length % 4)) % 4;\n base64 += \"=\".repeat(padLen);\n return $fromBase64(base64);\n}\n\nconst HEX_TABLE = Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, \"0\"));\n\nconst HEX_NIBBLE = new Uint8Array(256).fill(255);\nfor (let i = 48; i <= 57; i++) HEX_NIBBLE[i] = i - 48; // 0-9\nfor (let i = 65; i <= 70; i++) HEX_NIBBLE[i] = i - 55; // A-F\nfor (let i = 97; i <= 102; i++) HEX_NIBBLE[i] = i - 87; // a-f\n\nexport function $toHex(bytes: Uint8Array): string {\n const hex = new Array<string>(bytes.length);\n for (let i = 0; i < bytes.length; i++) {\n hex[i] = HEX_TABLE[bytes[i] as number] as string;\n }\n return hex.join(\"\");\n}\n\nexport function $fromHex(data: string): Uint8Array<ArrayBuffer> {\n const clean = data.startsWith(\"0x\") || data.startsWith(\"0X\") ? data.slice(2) : data;\n if (clean.length % 2 !== 0) throw new Error(\"Invalid hex string\");\n\n const out = new Uint8Array(clean.length / 2);\n for (let i = 0, j = 0; i < clean.length; i += 2, j++) {\n const hiCode = clean.charCodeAt(i);\n const loCode = clean.charCodeAt(i + 1);\n if (hiCode > 255 || loCode > 255) throw new Error(\"Invalid hex string\");\n const hi = HEX_NIBBLE[hiCode] as number;\n const lo = HEX_NIBBLE[loCode] as number;\n if (hi === 255 || lo === 255) throw new Error(\"Invalid hex string\");\n out[j] = (hi << 4) | lo;\n }\n return out;\n}\n","import { $err, $fmtError, $ok, type Result } from \"./error.js\";\nimport { $isPlainObj, $isStr } from \"./validate.js\";\n\nclass ProtoTraversalLimitError extends Error {\n constructor(limit: number) {\n super(`Object graph exceeded prototype-scan limit (${limit} nodes)`);\n this.name = \"ProtoTraversalLimitError\";\n }\n}\n\nconst MAX_PROTO_SCAN_NODES = 100_000;\n\nfunction $hasProtoKey(obj: unknown): boolean {\n if (typeof obj !== \"object\" || obj === null) return false;\n\n const seen = new WeakSet<object>();\n const stack: unknown[] = [obj];\n let scannedNodes = 0;\n\n while (stack.length > 0) {\n const current = stack.pop();\n if (typeof current !== \"object\" || current === null) continue;\n if (seen.has(current)) continue;\n\n seen.add(current);\n scannedNodes++;\n if (scannedNodes > MAX_PROTO_SCAN_NODES) {\n throw new ProtoTraversalLimitError(MAX_PROTO_SCAN_NODES);\n }\n\n if (Object.hasOwn(current, \"__proto__\")) return true;\n\n const currentObj = current as Record<string, unknown>;\n if (\n Object.hasOwn(currentObj, \"constructor\") &&\n typeof currentObj.constructor === \"object\" &&\n currentObj.constructor !== null &&\n Object.hasOwn(currentObj.constructor as object, \"prototype\") &&\n typeof (currentObj.constructor as Record<string, unknown>).prototype === \"object\" &&\n (currentObj.constructor as Record<string, unknown>).prototype !== null\n ) {\n return true;\n }\n\n for (const val of Object.values(currentObj)) {\n if (typeof val === \"object\" && val !== null) {\n stack.push(val);\n }\n }\n }\n\n return false;\n}\n\nexport function $stringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n if (!$isPlainObj(obj))\n return $err({\n message: \"stringifyObj: Input must be a plain object\",\n description: \"Only plain objects ({...}) are accepted, not arrays, class instances, or built-ins\",\n });\n try {\n return $ok(JSON.stringify(obj));\n } catch (error) {\n return $err({ message: \"stringifyObj: Failed to stringify object\", description: $fmtError(error) });\n }\n}\n\nexport function $parseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n if (!$isStr(str))\n return $err({\n message: \"parseToObj: Input must be a non-empty string\",\n description: \"Expected a non-empty JSON string to parse\",\n });\n\n try {\n const obj = JSON.parse(str);\n\n if (!$isPlainObj(obj)) {\n return $err({\n message: \"parseToObj: Parsed data is not a plain object\",\n description: \"JSON parsed successfully but the result is not a plain object (e.g. array, string, number)\",\n });\n }\n\n if ($hasProtoKey(obj)) {\n return $err({\n message: \"parseToObj: Input contains a prototype pollution vector\",\n description: \"Objects with __proto__ or constructor.prototype keys are rejected\",\n });\n }\n\n return $ok({ result: obj as T });\n } catch (error) {\n if (error instanceof ProtoTraversalLimitError) {\n return $err({\n message: \"parseToObj: Input object is too deeply nested to validate safely\",\n description: error.message,\n });\n }\n return $err({ message: \"parseToObj: Failed to parse JSON\", description: $fmtError(error) });\n }\n}\n","export { CIPHER_ENCODING, ENCODING } from \"@internal/helpers\";\n\nexport const GCM_TAG_BYTES = 16;\nexport const GCM_IV_LENGTH = 12;\n\nexport const MAX_PBKDF2_ITERATIONS = 10_000_000;\nexport const MAX_PBKDF2_KEY_LENGTH = 1024;\nexport const MAX_PBKDF2_SALT_LENGTH = 1024;\n\nexport const DIGEST_ALGORITHMS = Object.freeze({\n sha256: { node: \"sha256\", web: \"SHA-256\" },\n sha384: { node: \"sha384\", web: \"SHA-384\" },\n sha512: { node: \"sha512\", web: \"SHA-512\" },\n} as const);\n\nexport const ENCRYPTION_ALGORITHMS = Object.freeze({\n aes256gcm: { keyBytes: 32, node: \"aes-256-gcm\", web: \"AES-GCM\" },\n aes192gcm: { keyBytes: 24, node: \"aes-192-gcm\", web: \"AES-GCM\" },\n aes128gcm: { keyBytes: 16, node: \"aes-128-gcm\", web: \"AES-GCM\" },\n} as const);\n","import { $err, $isIntIn, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport {\n CIPHER_ENCODING,\n DIGEST_ALGORITHMS,\n ENCRYPTION_ALGORITHMS,\n MAX_PBKDF2_ITERATIONS,\n MAX_PBKDF2_KEY_LENGTH,\n MAX_PBKDF2_SALT_LENGTH,\n} from \"./consts.js\";\nimport type {\n CreateSecretKeyOptions,\n HashPasswordOptions,\n ValidatedHashOptions,\n ValidatedKdfOptions,\n ValidatedVerifyOptions,\n VerifyPasswordOptions,\n} from \"./types.js\";\n\nexport function $isObj(x: unknown): x is Record<string, unknown> {\n return typeof x === \"object\" && x !== null;\n}\n\nconst expectedKeys = new Set([\"platform\", \"digest\", \"algorithm\", \"key\", \"injected\"]);\n\nexport function $validateSecretKeyBase(\n x: unknown,\n platform: \"node\" | \"web\",\n): {\n obj: Record<string, unknown>;\n algorithm: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} | null {\n if (!$isObj(x) || (platform !== \"node\" && platform !== \"web\") || x.platform !== platform) return null;\n\n const keys = Object.keys(x);\n if (keys.length !== expectedKeys.size) return null;\n for (const key of keys) if (!expectedKeys.has(key)) return null;\n\n if (\n typeof x.digest !== \"string\" ||\n !(x.digest in DIGEST_ALGORITHMS) ||\n typeof x.algorithm !== \"string\" ||\n !(x.algorithm in ENCRYPTION_ALGORITHMS) ||\n !$isObj(x.key) ||\n x.key.type !== \"secret\"\n ) {\n return null;\n }\n\n const algorithm = ENCRYPTION_ALGORITHMS[x.algorithm as keyof typeof ENCRYPTION_ALGORITHMS];\n\n if (\n !$isObj(x.injected) ||\n x.injected.keyBytes !== algorithm.keyBytes ||\n x.injected.node !== algorithm.node ||\n x.injected.web !== algorithm.web\n ) {\n return null;\n }\n\n return { obj: x, algorithm };\n}\n\n/** Matches the `\"iv.cipher.tag.\"` encrypted payload format. */\nexport const ENCRYPTED_REGEX =\n /^([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.([A-Za-z0-9+/_-][A-Za-z0-9+/=_-]*)\\.$/;\n\n/**\n * Structural check only — validates the dot-separated `\"iv.cipher.tag.\"` format\n * but does NOT verify that individual segments contain valid base64, base64url, or hex encoding.\n */\nexport function matchEncryptedPattern(data: string): boolean {\n return typeof data === \"string\" && ENCRYPTED_REGEX.test(data);\n}\n\nexport function $validateCreateSecretKeyOptions(\n secret: string,\n options: CreateSecretKeyOptions,\n prefix: string,\n): Result<ValidatedKdfOptions> {\n if (!$isStr(secret, 8)) {\n return $err({\n message: `${prefix} createSecretKey: Secret must be at least 8 characters`,\n description: \"Use a high-entropy string of at least 8 characters\",\n });\n }\n\n if (!$isPlainObj<CreateSecretKeyOptions>(options)) {\n return $err({\n message: `${prefix} createSecretKey: Options must be a plain object`,\n description: 'Pass an object like { algorithm: \"aes256gcm\" }',\n });\n }\n\n const algorithm = options.algorithm ?? \"aes256gcm\";\n if (!(algorithm in ENCRYPTION_ALGORITHMS)) {\n return $err({\n message: `${prefix} createSecretKey: Unsupported algorithm: ${algorithm}`,\n description: `Supported algorithms are: ${Object.keys(ENCRYPTION_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} createSecretKey: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const salt = options.salt ?? \"cipher-kit\";\n if (!$isStr(salt, 8)) {\n return $err({\n message: `${prefix} createSecretKey: Salt must be at least 8 characters`,\n description: \"Provide a salt string with at least 8 characters\",\n });\n }\n\n const info = options.info ?? \"cipher-kit\";\n if (!$isStr(info)) {\n return $err({\n message: `${prefix} createSecretKey: Info must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n return $ok({\n algorithm,\n digest,\n salt,\n info,\n encryptAlgo: ENCRYPTION_ALGORITHMS[algorithm],\n digestAlgo: DIGEST_ALGORITHMS[digest],\n });\n}\n\nexport function $validateHashPasswordOptions(\n password: string,\n options: HashPasswordOptions,\n prefix: string,\n): Result<ValidatedHashOptions> {\n if (!$isStr(password)) {\n return $err({\n message: `${prefix} hashPassword: Password must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashPasswordOptions>(options)) {\n return $err({\n message: `${prefix} hashPassword: Options must be a plain object`,\n description: \"Pass an object like { iterations: 320000 }\",\n });\n }\n\n const digest = options.digest ?? \"sha512\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} hashPassword: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `${prefix} hashPassword: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const saltLength = options.saltLength ?? 16;\n if (!$isIntIn(saltLength, 8, MAX_PBKDF2_SALT_LENGTH)) {\n return $err({\n message: `${prefix} hashPassword: Salt length must be at least 8 bytes`,\n description: `Must be an integer between 8 and ${MAX_PBKDF2_SALT_LENGTH} (recommended 16 or more)`,\n });\n }\n\n const iterations = options.iterations ?? 320_000;\n if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n return $err({\n message: `${prefix} hashPassword: Iterations must be at least 100,000`,\n description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS} (recommended 320,000 or more)`,\n });\n }\n\n const keyLength = options.keyLength ?? 64;\n if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n return $err({\n message: `${prefix} hashPassword: Key length must be at least 16 bytes`,\n description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH} (recommended 64 or more)`,\n });\n }\n\n return $ok({\n digest,\n digestAlgo: DIGEST_ALGORITHMS[digest],\n outputEncoding,\n saltLength,\n iterations,\n keyLength,\n });\n}\n\nfunction $maxEncodedLength(byteLength: number, encoding: (typeof CIPHER_ENCODING)[number]): number {\n if (encoding === \"hex\") return byteLength * 2;\n return Math.ceil(byteLength / 3) * 4;\n}\n\nexport function $validateVerifyPasswordOptions(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n prefix: string,\n): Result<ValidatedVerifyOptions> {\n if (!$isStr(password)) {\n return $err({\n message: `${prefix} verifyPassword: Password must be a non-empty string`,\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isStr(hashedPassword)) {\n return $err({\n message: `${prefix} verifyPassword: Hashed password must be a non-empty string`,\n description: \"Pass the hash string returned by hashPassword()\",\n });\n }\n\n if (!$isStr(salt)) {\n return $err({\n message: `${prefix} verifyPassword: Salt must be a non-empty string`,\n description: \"Pass the salt string returned by hashPassword()\",\n });\n }\n\n if (!$isPlainObj<VerifyPasswordOptions>(options)) {\n return $err({\n message: `${prefix} verifyPassword: Options must be a plain object`,\n description: \"Pass an object matching the options used for hashPassword()\",\n });\n }\n\n const digest = options.digest ?? \"sha512\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `${prefix} verifyPassword: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `${prefix} verifyPassword: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const iterations = options.iterations ?? 320_000;\n if (!$isIntIn(iterations, 100_000, MAX_PBKDF2_ITERATIONS)) {\n return $err({\n message: `${prefix} verifyPassword: Iterations must be at least 100,000`,\n description: `Must be an integer between 100,000 and ${MAX_PBKDF2_ITERATIONS}`,\n });\n }\n\n const keyLength = options.keyLength ?? 64;\n if (!$isIntIn(keyLength, 16, MAX_PBKDF2_KEY_LENGTH)) {\n return $err({\n message: `${prefix} verifyPassword: Key length must be at least 16 bytes`,\n description: `Must be an integer between 16 and ${MAX_PBKDF2_KEY_LENGTH}`,\n });\n }\n\n const maxHashLen = $maxEncodedLength(keyLength, inputEncoding);\n if (hashedPassword.length > maxHashLen) {\n return $err({\n message: `${prefix} verifyPassword: Hashed password exceeds maximum encoded length`,\n description: `Expected at most ${maxHashLen} characters for ${keyLength}-byte key with ${inputEncoding} encoding`,\n });\n }\n\n const maxSaltLen = $maxEncodedLength(MAX_PBKDF2_SALT_LENGTH, inputEncoding);\n if (salt.length > maxSaltLen) {\n return $err({\n message: `${prefix} verifyPassword: Salt exceeds maximum encoded length`,\n description: `Expected at most ${maxSaltLen} characters for ${inputEncoding} encoding`,\n });\n }\n\n return $ok({\n digest,\n digestAlgo: DIGEST_ALGORITHMS[digest],\n inputEncoding,\n iterations,\n keyLength,\n });\n}\n","import { $fmtResultErr, $parseToObj, $stringifyObj, type Result } from \"@internal/helpers\";\n\n/**\n * Serializes a plain object to JSON (non-throwing).\n *\n * @returns `Result<string>` with the JSON string or error.\n * @see {@link stringifyObj} For full parameter/behavior docs.\n */\nexport function tryStringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\n return $stringifyObj(obj);\n}\n\n/**\n * Serializes a plain object to JSON.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n *\n * @param obj - The object to stringify.\n * @returns JSON string representation of the object.\n * @throws {Error} If `obj` is not a plain object or serialization fails.\n *\n * @example\n * ```ts\n * const json = stringifyObj({ a: 1 }); // '{\"a\":1}'\n * ```\n *\n * @see {@link tryStringifyObj} Non-throwing variant returning `Result<string>`.\n */\nexport function stringifyObj<T extends object = Record<string, unknown>>(obj: T): string {\n const { result, error } = $stringifyObj(obj);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Parses a JSON string to a plain object (non-throwing).\n *\n * @returns `Result<{ result: T }>` with the parsed object or error.\n * @see {@link parseToObj} For full parameter/behavior docs.\n */\nexport function tryParseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\n return $parseToObj<T>(str);\n}\n\n/**\n * Parses a JSON string to a plain object.\n *\n * @param str - The JSON string to parse.\n * @returns The parsed plain object.\n * @throws {Error} If the string can't be parsed or doesn't represent a plain object.\n *\n * @example\n * ```ts\n * const obj = parseToObj<{ a: number }>('{\"a\":1}'); // obj.a === 1\n * ```\n *\n * @see {@link tryParseToObj} Non-throwing variant returning `Result<{ result: T }>`.\n */\nexport function parseToObj<T extends object = Record<string, unknown>>(str: string): T {\n const { result, error } = $parseToObj<T>(str);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n"]}
package/dist/{chunk-3NFJMV33.js → chunk-X6MX4NDE.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { __export, $ok, $err, $fmtError, $fmtResultErr, $validateSecretKeyBase, $validateCreateSecretKeyOptions, $isStr, $isPlainObj, CIPHER_ENCODING, GCM_IV_LENGTH, matchEncryptedPattern, GCM_TAG_BYTES, $stringifyObj, $parseToObj, DIGEST_ALGORITHMS, $validateHashPasswordOptions, $validateVerifyPasswordOptions, ENCODING } from './chunk-4YR2SBOH.js';
1
+ import { __export, $ok, $err, $fmtError, $fmtResultErr, $validateSecretKeyBase, $validateCreateSecretKeyOptions, $isStr, $isPlainObj, CIPHER_ENCODING, GCM_IV_LENGTH, matchEncryptedPattern, GCM_TAG_BYTES, $stringifyObj, $parseToObj, DIGEST_ALGORITHMS, $validateHashPasswordOptions, $validateVerifyPasswordOptions, ENCODING } from './chunk-IY6XGUYO.js';
2
2
  import nodeCrypto3 from 'crypto';
3
3
  import { Buffer as Buffer$1 } from 'buffer';
4
4
 
@@ -474,5 +474,5 @@ function convertEncoding(data, from, to) {
474
474
  }
475
475
 
476
476
  export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, isNodeSecretKey, kit_exports, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, tryVerifyPassword, verifyPassword };
477
- //# sourceMappingURL=chunk-3NFJMV33.js.map
478
- //# sourceMappingURL=chunk-3NFJMV33.js.map
477
+ //# sourceMappingURL=chunk-X6MX4NDE.js.map
478
+ //# sourceMappingURL=chunk-X6MX4NDE.js.map