cipher-kit 3.0.0-beta.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +3 -1
  2. package/dist/{chunk-ZYX6MYHS.cjs → chunk-3A4RTUKO.cjs} +101 -101
  3. package/dist/chunk-3A4RTUKO.cjs.map +1 -0
  4. package/dist/{chunk-LC5HP75W.cjs → chunk-7254PEID.cjs} +102 -102
  5. package/dist/chunk-7254PEID.cjs.map +1 -0
  6. package/dist/{chunk-ZN7EFZ7Z.js → chunk-GL32EZRA.js} +5 -5
  7. package/dist/chunk-GL32EZRA.js.map +1 -0
  8. package/dist/{chunk-4YR2SBOH.js → chunk-IY6XGUYO.js} +8 -2
  9. package/dist/chunk-IY6XGUYO.js.map +1 -0
  10. package/dist/{chunk-X7IPAA7B.cjs → chunk-VCBHSRCS.cjs} +8 -2
  11. package/dist/chunk-VCBHSRCS.cjs.map +1 -0
  12. package/dist/{chunk-3NFJMV33.js → chunk-X6MX4NDE.js} +3 -3
  13. package/dist/chunk-X6MX4NDE.js.map +1 -0
  14. package/dist/{export-DAIDJRX3.d.ts → export-B-3CCZIO.d.cts} +2 -1
  15. package/dist/{export-BEp4DFEB.d.cts → export-BPo6yPV-.d.ts} +2 -1
  16. package/dist/{export-Cxfev8fi.d.ts → export-C0_UEEg8.d.ts} +2 -1
  17. package/dist/{export-e7IN_bU5.d.cts → export-DPuocAr3.d.cts} +2 -1
  18. package/dist/index.cjs +11 -11
  19. package/dist/index.d.cts +5 -5
  20. package/dist/index.d.ts +5 -5
  21. package/dist/index.js +3 -3
  22. package/dist/node.cjs +33 -33
  23. package/dist/node.d.cts +2 -2
  24. package/dist/node.d.ts +2 -2
  25. package/dist/node.js +2 -2
  26. package/dist/{validate-DN59A2-Y.d.cts → validate-vDTesb-X.d.cts} +4 -1
  27. package/dist/{validate-DN59A2-Y.d.ts → validate-vDTesb-X.d.ts} +4 -1
  28. package/dist/web-api.cjs +33 -33
  29. package/dist/web-api.d.cts +2 -2
  30. package/dist/web-api.d.ts +2 -2
  31. package/dist/web-api.js +2 -2
  32. package/package.json +2 -2
  33. package/dist/chunk-3NFJMV33.js.map +0 -1
  34. package/dist/chunk-4YR2SBOH.js.map +0 -1
  35. package/dist/chunk-LC5HP75W.cjs.map +0 -1
  36. package/dist/chunk-X7IPAA7B.cjs.map +0 -1
  37. package/dist/chunk-ZN7EFZ7Z.js.map +0 -1
  38. package/dist/chunk-ZYX6MYHS.cjs.map +0 -1
package/dist/chunk-X6MX4NDE.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/node/kit.ts","../src/node/node-encode.ts","../src/node/node-secret-key.ts","../src/node/node-encrypt.ts","../src/node/node-hash.ts"],"names":["Buffer","nodeCrypto","error","hash"],"mappings":";;;;;AAAA,IAAA,WAAA,GAAA;AAAA,QAAA,CAAA,WAAA,EAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,IAAA,EAAA,MAAA,IAAA;AAAA,EAAA,YAAA,EAAA,MAAA,YAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,oBAAA,EAAA,MAAA,oBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA,kBAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,UAAA,EAAA,MAAA,UAAA;AAAA,EAAA,aAAA,EAAA,MAAA,aAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,OAAA,EAAA,MAAA,OAAA;AAAA,EAAA,eAAA,EAAA,MAAA,eAAA;AAAA,EAAA,iBAAA,EAAA,MAAA,iBAAA;AAAA,EAAA,cAAA,EAAA,MAAA;AAAA,CAAA,CAAA;ACKO,SAAS,kBAAA,CAAmB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC7G,EAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAC5B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,wCAAA;AAAA,MACT,WAAA,EAAa,CAAA,kCAAA,EAAqC,OAAO,IAAI,CAAA;AAAA,KAC9D,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,aAAa,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,aAAa,CAAA,CAAA;AAAA,MAChE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,kBAAkB,KAAA,EAAO;AAC3B,IAAA,MAAM,KAAA,GAAQ,OAAO,IAAA,CAAK,IAAI,IAAI,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA;AAClD,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,KAAM,CAAA,IAAK,CAAC,gBAAA,CAAiB,IAAA,CAAK,KAAK,CAAA,EAAG;AAC3D,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,OAAA,EAAS,qCAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AACA,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQA,QAAAA,CAAO,KAAK,KAAA,EAAO,KAAK,GAAG,CAAA;AAAA,EAClD;AACA,EAAA,IAAI,kBAAkB,QAAA,EAAU;AAC9B,IAAA,IAAI,CAAC,oEAAA,CAAqE,IAAA,CAAK,IAAI,CAAA,EAAG;AACpF,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,OAAA,EAAS,wCAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AACA,EAAA,IAAI,kBAAkB,WAAA,EAAa;AACjC,IAAA,IAAI,CAAC,wBAAA,CAAyB,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,CAAE,MAAA,GAAS,CAAA,KAAM,CAAA,EAAG;AACpF,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,OAAA,EAAS,2CAAA;AAAA,QACT,WAAA,EAAa;AAAA,OACd,CAAA;AAAA,IACH;AAAA,EACF;AACA,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQA,QAAAA,CAAO,KAAK,IAAA,EAAM,aAAa,GAAG,CAAA;AAAA,EACzD,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG;AACF;AAEO,SAAS,kBAAA,CAAmB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AAClG,EAAA,IAAI,EAAE,gBAAgBA,QAAAA,CAAAA,EAAS;AAC7B,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,wCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAAC,QAAA,CAAS,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,0CAA0C,cAAc,CAAA,CAAA;AAAA,MACjE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AACA,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAI,IAAA,CAAK,QAAA,CAAS,cAAc,CAAC,CAAA;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,yCAAA,EAA2C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACnG;AACF;AAEO,SAAS,gBAAA,CAAiB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC3F,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,uDAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,SAAS,QAAA,CAAS,IAAI,KAAK,CAAC,QAAA,CAAS,QAAA,CAAS,EAAE,CAAA,EAAG;AACtD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,CAAA,iDAAA,EAAoD,IAAI,CAAA,IAAA,EAAO,EAAE,CAAA,CAAA;AAAA,MAC1E,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,IAAA,EAAM,IAAI,CAAA;AAC3C,EAAA,IAAI,KAAA,CAAM,KAAA,EAAO,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAExC,EAAA,MAAM,GAAA,GAAM,kBAAA,CAAmB,KAAA,CAAM,MAAA,EAAQ,EAAE,CAAA;AAC/C,EAAA,IAAI,GAAA,CAAI,KAAA,EAAO,OAAO,IAAA,CAAK,IAAI,KAAK,CAAA;AAEpC,EAAA,OAAO,GAAA,CAAI,IAAI,MAAM,CAAA;AACvB;AC7EO,SAAS,iBAAiB,CAAA,EAAkC;AACjE,EAAA,MAAM,IAAA,GAAO,sBAAA,CAAuB,CAAA,EAAG,MAAM,CAAA;AAC7C,EAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAElB,EAAA,IACE,EAAE,IAAA,CAAK,GAAA,CAAI,eAAeC,WAAA,CAAW,SAAA,CAAA,IACpC,OAAO,IAAA,CAAK,GAAA,CAAI,GAAA,CAAI,gBAAA,KAAqB,YAAY,IAAA,CAAK,GAAA,CAAI,IAAI,gBAAA,KAAqB,IAAA,CAAK,UAAU,QAAA,EACvG;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,CAAA;AACT;AAEO,SAAS,gBAAA,CAAiB,QAAgB,OAAA,EAAoE;AACnH,EAAA,MAAM,SAAA,GAAY,+BAAA,CAAgC,MAAA,EAAQ,OAAA,EAAS,MAAM,CAAA;AACzE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,WAAA,EAAa,YAAW,GAAI,SAAA;AAEnE,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,MAAA,CAAO,IAAA;AAAA,MACxBA,WAAA,CAAW,QAAA;AAAA,QACT,UAAA,CAAW,IAAA;AAAA,QACX,MAAA,CAAO,UAAU,MAAM,CAAA;AAAA,QACvB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,QACrB,IAAA,CAAK,UAAU,MAAM,CAAA;AAAA,QACrB,WAAA,CAAY;AAAA;AACd,KACF;AACA,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAMA,WAAA,CAAW,eAAA,CAAgB,UAAU,CAAA;AACjD,MAAA,MAAM,SAAA,GAAY,OAAO,MAAA,CAAO;AAAA,QAC9B,QAAA,EAAU,MAAA;AAAA,QACV,MAAA;AAAA,QACA,SAAA;AAAA,QACA,GAAA;AAAA,QACA,QAAA,EAAU;AAAA,OACX,CAAA;AAED,MAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAAA,IAClC,CAAA,SAAE;AACA,MAAA,UAAA,CAAW,KAAK,CAAC,CAAA;AAAA,IACnB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG;AACF;;;AC3CO,SAAS,QAAA,CAAS,IAAA,EAAc,SAAA,EAA0B,OAAA,EAAyC;AACxG,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,+CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAA8C,cAAc,CAAA,CAAA;AAAA,MACrE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,WAAA,GAAc,iBAAiB,SAAS,CAAA;AAC9C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAKA,WAAAA,CAAW,WAAA,CAAY,aAAa,CAAA;AAC/C,IAAA,MAAM,MAAA,GAASA,YAAW,cAAA,CAAe,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,KAAK,EAAE,CAAA;AACvF,IAAA,MAAM,SAAA,GAAYD,QAAAA,CAAO,MAAA,CAAO,CAAC,MAAA,CAAO,MAAA,CAAO,MAAM,CAAA,EAAG,MAAA,CAAO,KAAA,EAAO,CAAC,CAAA;AACvE,IAAA,MAAM,GAAA,GAAM,OAAO,UAAA,EAAW;AAE9B,IAAA,MAAM,KAAA,GAAQ,kBAAA,CAAmB,EAAA,EAAI,cAAc,CAAA;AACnD,IAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,SAAA,EAAW,cAAc,CAAA;AAC9D,IAAA,MAAM,MAAA,GAAS,kBAAA,CAAmB,GAAA,EAAK,cAAc,CAAA;AAErD,IAAA,IAAI,KAAA,CAAM,KAAA,IAAS,SAAA,CAAU,KAAA,IAAS,OAAO,KAAA,EAAO;AAClD,MAAA,OAAO,IAAA,CAAK;AAAA,QACV,OAAA,EAAS,uCAAA;AAAA,QACT,WAAA,EAAa,qBAAqB,aAAA,CAAc,KAAA,CAAM,SAAS,SAAA,CAAU,KAAA,IAAS,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,OAChG,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,GAAA,CAAI,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,CAAA,EAAI,UAAU,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,MAAM,CAAA,CAAA,CAAG,CAAA;AAAA,EACpE,SAASE,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,sCAAA,EAAwC,aAAa,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EAChG,CAAA,SAAE;AACA,IAAA,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACf;AACF;AAEO,SAAS,QAAA,CAAS,SAAA,EAAmB,SAAA,EAA0B,OAAA,EAAyC;AAC7G,EAAA,IAAI,CAAC,qBAAA,CAAsB,SAAS,CAAA,EAAG;AACrC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAA4B,OAAO,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,8CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,IAAiB,WAAA;AAC/C,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,6CAA6C,aAAa,CAAA,CAAA;AAAA,MACnE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,CAAC,IAAI,MAAA,EAAQ,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,KAAK,CAAC,CAAA;AAEhD,EAAA,MAAM,WAAA,GAAc,iBAAiB,SAAS,CAAA;AAC9C,EAAA,IAAI,CAAC,WAAA,EAAa;AAChB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,EAAA,EAAI,aAAa,CAAA;AACpD,EAAA,MAAM,WAAA,GAAc,kBAAA,CAAmB,MAAA,EAAQ,aAAa,CAAA;AAC5D,EAAA,MAAM,QAAA,GAAW,kBAAA,CAAmB,GAAA,EAAK,aAAa,CAAA;AAEtD,EAAA,IAAI,OAAA,CAAQ,KAAA,IAAS,WAAA,CAAY,KAAA,IAAS,SAAS,KAAA,EAAO;AACxD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,sCAAA;AAAA,MACT,WAAA,EAAa,qBAAqB,aAAA,CAAc,OAAA,CAAQ,SAAS,WAAA,CAAY,KAAA,IAAS,QAAA,CAAS,KAAK,CAAC,CAAA;AAAA,KACtG,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,MAAA,CAAO,UAAA,KAAe,aAAA,EAAe;AAC/C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,iCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAY,aAAa,CAAA,YAAA,EAAe,OAAA,CAAQ,OAAO,UAAU,CAAA;AAAA,KAC/E,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,QAAA,CAAS,MAAA,CAAO,UAAA,KAAe,aAAA,EAAe;AAChD,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,uCAAA;AAAA,MACT,aAAa,CAAA,SAAA,EAAY,aAAa,CAAA,YAAA,EAAe,QAAA,CAAS,OAAO,UAAU,CAAA;AAAA,KAChF,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAWD,YAAW,gBAAA,CAAiB,WAAA,CAAY,SAAS,IAAA,EAAM,WAAA,CAAY,GAAA,EAAK,OAAA,CAAQ,MAAM,CAAA;AACvG,IAAA,QAAA,CAAS,UAAA,CAAW,SAAS,MAAM,CAAA;AACnC,IAAA,SAAA,GAAYD,QAAAA,CAAO,MAAA,CAAO,CAAC,QAAA,CAAS,MAAA,CAAO,WAAA,CAAY,MAAM,CAAA,EAAG,QAAA,CAAS,KAAA,EAAO,CAAC,CAAA;AAEjF,IAAA,OAAO,kBAAA,CAAmB,WAAW,MAAM,CAAA;AAAA,EAC7C,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,sCAAA,EAAwC,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EAChG,CAAA,SAAE;AACA,IAAA,SAAA,EAAW,KAAK,CAAC,CAAA;AAAA,EACnB;AACF;AAEO,SAAS,WAAA,CACd,IAAA,EACA,SAAA,EACA,OAAA,EACgB;AAChB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,IAAI,CAAA;AAC5C,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,QAAA,CAAS,MAAA,EAAQ,SAAA,EAAW,OAAO,CAAA;AAC5C;AAEO,SAAS,WAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,EACuB;AACvB,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAC5B,EAAA,OAAO,YAAe,MAAM,CAAA;AAC9B;AChKO,SAAS,KAAA,CAAM,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC7E,EAAA,IAAI,CAAC,MAAA,CAAO,IAAI,CAAA,EAAG;AACjB,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,4CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,WAAA,CAAyB,OAAO,CAAA,EAAG;AACtC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAAA;AAAA,MACT,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,QAAQ,cAAA,IAAkB,WAAA;AACjD,EAAA,IAAI,CAAC,eAAA,CAAgB,QAAA,CAAS,cAAc,CAAA,EAAG;AAC7C,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,2CAA2C,cAAc,CAAA,CAAA;AAAA,MAClE,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,QAAA;AACjC,EAAA,IAAI,EAAE,UAAU,iBAAA,CAAA,EAAoB;AAClC,IAAA,OAAO,IAAA,CAAK;AAAA,MACV,OAAA,EAAS,kCAAkC,MAAM,CAAA,CAAA;AAAA,MACjD,WAAA,EAAa,0BAA0B,MAAA,CAAO,IAAA,CAAK,iBAAiB,CAAA,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACjF,CAAA;AAAA,EACH;AACA,EAAA,MAAM,UAAA,GAAa,kBAAkB,MAAM,CAAA;AAE3C,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,MAAM,CAAA;AACzD,EAAA,IAAI,KAAA,EAAO,OAAO,IAAA,CAAK,KAAK,CAAA;AAE5B,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAASC,YAAW,UAAA,CAAW,UAAA,CAAW,IAAI,CAAA,CAAE,MAAA,CAAO,MAAM,CAAA,CAAE,MAAA,EAAO;AAC5E,IAAA,OAAO,kBAAA,CAAmB,QAAQ,cAAc,CAAA;AAAA,EAClD,SAASC,MAAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,gCAAA,EAAkC,aAAa,SAAA,CAAUA,MAAK,GAAG,CAAA;AAAA,EAC1F;AACF;AAEO,SAAS,aAAA,CACd,UACA,OAAA,EAC0C;AAC1C,EAAA,MAAM,SAAA,GAAY,4BAAA,CAA6B,QAAA,EAAU,OAAA,EAAS,MAAM,CAAA;AACxE,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,cAAA,EAAgB,UAAA,EAAY,UAAA,EAAY,WAAU,GAAI,SAAA;AAE1E,EAAA,MAAM,IAAA,GAAOD,WAAAA,CAAW,WAAA,CAAY,UAAU,CAAA;AAC9C,EAAA,MAAME,KAAAA,GAAOF,WAAAA,CAAW,UAAA,CAAW,QAAA,CAAS,SAAA,CAAU,MAAM,CAAA,EAAG,IAAA,EAAM,UAAA,EAAY,SAAA,EAAW,UAAA,CAAW,IAAI,CAAA;AAE3G,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmB,IAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAO,IAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,MAAM,OAAA,GAAU,kBAAA,CAAmBE,KAAAA,EAAM,cAAc,CAAA;AACvD,IAAA,IAAI,OAAA,CAAQ,KAAA,EAAO,OAAO,IAAA,CAAK,QAAQ,KAAK,CAAA;AAE5C,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,OAAA,CAAQ,QAAQ,IAAA,EAAM,OAAA,CAAQ,QAAQ,CAAA;AAAA,EAC7D,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG,CAAA,SAAE;AACA,IAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,IAAAA,KAAAA,CAAK,KAAK,CAAC,CAAA;AAAA,EACb;AACF;AAEO,SAAS,eAAA,CACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,EACiB;AACjB,EAAA,MAAM,YAAY,8BAAA,CAA+B,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,SAAS,MAAM,CAAA;AAChG,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,EAAE,UAAA,EAAY,aAAA,EAAe,UAAA,EAAY,WAAU,GAAI,SAAA;AAE7D,EAAA,MAAM,SAAA,GAAY,kBAAA,CAAmB,IAAA,EAAM,aAAa,CAAA;AACxD,EAAA,IAAI,SAAA,CAAU,KAAA,EAAO,OAAO,IAAA,CAAK,UAAU,KAAK,CAAA;AAEhD,EAAA,MAAM,mBAAA,GAAsB,kBAAA,CAAmB,cAAA,EAAgB,aAAa,CAAA;AAC5E,EAAA,IAAI,mBAAA,CAAoB,KAAA,EAAO,OAAO,IAAA,CAAK,oBAAoB,KAAK,CAAA;AAEpE,EAAA,IAAI,oBAAoB,MAAA,CAAO,UAAA,KAAe,SAAA,EAAW,OAAO,IAAI,KAAK,CAAA;AAEzE,EAAA,IAAI;AACF,IAAA,MAAM,UAAUF,WAAAA,CAAW,UAAA;AAAA,MACzB,QAAA,CAAS,UAAU,MAAM,CAAA;AAAA,MACzB,SAAA,CAAU,MAAA;AAAA,MACV,UAAA;AAAA,MACA,SAAA;AAAA,MACA,UAAA,CAAW;AAAA,KACb;AAEA,IAAA,MAAM,WAAW,mBAAA,CAAoB,MAAA;AAErC,IAAA,MAAM,IAAA,GAAOD,QAAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AACnC,IAAA,MAAM,KAAA,GAAQA,QAAAA,CAAO,KAAA,CAAM,SAAS,CAAA;AACpC,IAAA,OAAA,CAAQ,KAAK,IAAI,CAAA;AACjB,IAAA,QAAA,CAAS,KAAK,KAAK,CAAA;AAEnB,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAUC,WAAAA,CAAW,eAAA,CAAgB,IAAA,EAAM,KAAK,CAAA;AACtD,MAAA,OAAO,IAAI,OAAO,CAAA;AAAA,IACpB,CAAA,SAAE;AACA,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,KAAA,CAAM,KAAK,CAAC,CAAA;AACZ,MAAA,OAAA,CAAQ,KAAK,CAAC,CAAA;AAAA,IAChB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,0CAAA,EAA4C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACpG,CAAA,SAAE;AACA,IAAA,SAAA,CAAU,MAAA,CAAO,KAAK,CAAC,CAAA;AACvB,IAAA,mBAAA,CAAoB,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACnC;AACF;;;AJnGO,SAAS,gBAAgB,CAAA,EAAgC;AAC9D,EAAA,OAAO,gBAAA,CAAiB,CAAC,CAAA,KAAM,IAAA;AACjC;AAQO,SAAS,eAAA,GAAkC;AAChD,EAAA,IAAI;AACF,IAAA,OAAO,GAAA,CAAIA,WAAAA,CAAW,UAAA,EAAY,CAAA;AAAA,EACpC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,OAAA,EAAS,4CAAA,EAA8C,aAAa,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACtG;AACF;AAeO,SAAS,YAAA,GAAuB;AACrC,EAAA,OAAOA,YAAW,UAAA,EAAW;AAC/B;AAQO,SAAS,kBAAA,CACd,MAAA,EACA,OAAA,GAAkC,EAAC,EACA;AACnC,EAAA,OAAO,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AACzC;AAoBO,SAAS,eAAA,CAAgB,MAAA,EAAgB,OAAA,GAAkC,EAAC,EAAkB;AACnG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,gBAAA,CAAiB,QAAQ,OAAO,CAAA;AAC1D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,UAAA,CAAW,IAAA,EAAc,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAmB;AAC/G,EAAA,OAAO,QAAA,CAAS,IAAA,EAAM,SAAA,EAAW,OAAO,CAAA;AAC1C;AAwBO,SAAS,OAAA,CAAQ,IAAA,EAAc,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAW;AACpG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,IAAA,EAAM,WAAW,OAAO,CAAA;AAC3D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,UAAA,CAAW,SAAA,EAAmB,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAmB;AACpH,EAAA,OAAO,QAAA,CAAS,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AAC/C;AAwBO,SAAS,OAAA,CAAQ,SAAA,EAAmB,SAAA,EAA0B,OAAA,GAA0B,EAAC,EAAW;AACzG,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,QAAA,CAAS,SAAA,EAAW,WAAW,OAAO,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,aAAA,CACd,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACX;AAChB,EAAA,OAAO,WAAA,CAAY,GAAA,EAAK,SAAA,EAAW,OAAO,CAAA;AAC5C;AAuBO,SAAS,UAAA,CACd,GAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACnB;AACR,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAY,GAAA,EAAK,WAAW,OAAO,CAAA;AAC7D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,aAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACJ;AACvB,EAAA,OAAO,WAAA,CAAe,SAAA,EAAW,SAAA,EAAW,OAAO,CAAA;AACrD;AAuBO,SAAS,UAAA,CACd,SAAA,EACA,SAAA,EACA,OAAA,GAA0B,EAAC,EACxB;AACH,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,WAAA,CAAe,SAAA,EAAW,WAAW,OAAO,CAAA;AACtE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,OAAA,CAAQ,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAmB;AAC/E,EAAA,OAAO,KAAA,CAAM,MAAM,OAAO,CAAA;AAC5B;AAiBO,SAAS,IAAA,CAAK,IAAA,EAAc,OAAA,GAAuB,EAAC,EAAW;AACpE,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,KAAA,CAAM,MAAM,OAAO,CAAA;AAC7C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,eAAA,CACd,QAAA,EACA,OAAA,GAA+B,EAAC,EACU;AAC1C,EAAA,OAAO,aAAA,CAAc,UAAU,OAAO,CAAA;AACxC;AAwBO,SAAS,YAAA,CAAa,QAAA,EAAkB,OAAA,GAA+B,EAAC,EAAqC;AAClH,EAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAM,GAAI,aAAA,CAAc,UAAU,OAAO,CAAA;AAC/D,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,EAAE,QAAQ,IAAA,EAAK;AACxB;AAQO,SAAS,kBACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACjB;AACjB,EAAA,OAAO,eAAA,CAAgB,QAAA,EAAU,cAAA,EAAgB,IAAA,EAAM,OAAO,CAAA;AAChE;AA8BO,SAAS,eACd,QAAA,EACA,cAAA,EACA,IAAA,EACA,OAAA,GAAiC,EAAC,EACzB;AACT,EAAA,MAAM,EAAE,QAAQ,KAAA,EAAM,GAAI,gBAAgB,QAAA,EAAU,cAAA,EAAgB,MAAM,OAAO,CAAA;AACjF,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CAAqB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAoC;AAC/G,EAAA,OAAO,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAC/C;AAiBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,aAAA,GAA0B,MAAA,EAAgB;AACxF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,aAAa,CAAA;AAChE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,oBAAA,CAAqB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAwB;AACpG,EAAA,OAAO,kBAAA,CAAmB,MAAM,cAAc,CAAA;AAChD;AAkBO,SAAS,iBAAA,CAAkB,IAAA,EAAc,cAAA,GAA2B,MAAA,EAAgB;AACzF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAA,CAAmB,MAAM,cAAc,CAAA;AACjE,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,kBAAA,CAAmB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAA8B;AAC7F,EAAA,OAAO,gBAAA,CAAiB,IAAA,EAAM,IAAA,EAAM,EAAE,CAAA;AACxC;AAkBO,SAAS,eAAA,CAAgB,IAAA,EAAc,IAAA,EAAgB,EAAA,EAAsB;AAClF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,KAAU,gBAAA,CAAiB,IAAA,EAAM,MAAM,EAAE,CAAA;AACzD,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-X6MX4NDE.js","sourcesContent":["import type { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $fmtResultErr, $ok, type Result } from \"@internal/helpers\";\nimport type {\n CreateSecretKeyOptions,\n DecryptOptions,\n Encoding,\n EncryptOptions,\n HashOptions,\n HashPasswordOptions,\n VerifyPasswordOptions,\n} from \"~/helpers/types.js\";\nimport { $convertBytesToStr, $convertEncoding, $convertStrToBytes } from \"./node-encode.js\";\nimport { $decrypt, $decryptObj, $encrypt, $encryptObj } from \"./node-encrypt.js\";\nimport { $hash, $hashPassword, $verifyPassword } from \"./node-hash.js\";\nimport { $createSecretKey, $isNodeSecretKey, type NodeSecretKey } from \"./node-secret-key.js\";\n\n/**\n * Checks whether a value is a `NodeSecretKey` for the Node.js platform.\n *\n * @param x - The value to check.\n * @returns `true` if `x` is a `NodeSecretKey`.\n *\n * @example\n * ```ts\n * isNodeSecretKey(nodeKey); // true\n * isNodeSecretKey({}); // false\n * ```\n */\nexport function isNodeSecretKey(x: unknown): x is NodeSecretKey {\n return $isNodeSecretKey(x) !== null;\n}\n\n/**\n * Generates a UUID (v4) (non-throwing).\n *\n * @returns `Result<string>` with the UUID or error.\n * @see {@link generateUuid} For full parameter/behavior docs.\n */\nexport function tryGenerateUuid(): Result<string> {\n try {\n return $ok(nodeCrypto.randomUUID());\n } catch (error) {\n return $err({ message: \"node generateUuid: Failed to generate UUID\", description: $fmtError(error) });\n }\n}\n\n/**\n * Generates a cryptographically random UUID (v4).\n *\n * @returns A UUID string.\n * @throws {Error} If UUID generation fails.\n *\n * @example\n * ```ts\n * const uuid = generateUuid();\n * ```\n *\n * @see {@link tryGenerateUuid} Non-throwing variant returning `Result<string>`.\n */\nexport function generateUuid(): string {\n return nodeCrypto.randomUUID();\n}\n\n/**\n * Derives a `NodeSecretKey` from a high-entropy secret (non-throwing).\n *\n * @returns `Result<{ result: NodeSecretKey }>` with the derived key or error.\n * @see {@link createSecretKey} For full parameter/behavior docs.\n */\nexport function tryCreateSecretKey(\n secret: string,\n options: CreateSecretKeyOptions = {},\n): Result<{ result: NodeSecretKey }> {\n return $createSecretKey(secret, options);\n}\n\n/**\n * Derives a `NodeSecretKey` from a high-entropy secret for encryption/decryption.\n *\n * @remarks\n * Uses HKDF to derive a symmetric key from the input string.\n *\n * @param secret - High-entropy secret (min 8 chars). For human-chosen passwords, use {@link hashPassword} instead.\n * @param options - Key derivation options.\n * @returns The derived `NodeSecretKey`.\n * @throws {Error} If key derivation fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-32-char-high-entropy-secret!!\");\n * ```\n *\n * @see {@link tryCreateSecretKey} Non-throwing variant returning `Result`.\n */\nexport function createSecretKey(secret: string, options: CreateSecretKeyOptions = {}): NodeSecretKey {\n const { result, error } = $createSecretKey(secret, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a UTF-8 string (non-throwing).\n *\n * @returns `Result<string>` with the ciphertext or error.\n * @see {@link encrypt} For full parameter/behavior docs.\n */\nexport function tryEncrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions = {}): Result<string> {\n return $encrypt(data, secretKey, options);\n}\n\n/**\n * Encrypts a UTF-8 string using the provided `NodeSecretKey`.\n *\n * @remarks\n * Output format: `\"iv.cipher.tag.\"` (three dot-separated base64url segments plus trailing dot).\n * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.\n * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.\n *\n * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).\n * @param secretKey - The `NodeSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encrypt(\"Hello, World!\", secretKey);\n * ```\n *\n * @see {@link tryEncrypt} Non-throwing variant returning `Result<string>`.\n */\nexport function encrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions = {}): string {\n const { result, error } = $encrypt(data, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts a ciphertext string (non-throwing).\n *\n * @returns `Result<string>` with the plaintext or error.\n * @see {@link decrypt} For full parameter/behavior docs.\n */\nexport function tryDecrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions = {}): Result<string> {\n return $decrypt(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts a ciphertext string using the provided `NodeSecretKey`.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.\n *\n * @param encrypted - The encrypted string to decrypt.\n * @param secretKey - The `NodeSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted UTF-8 string.\n * @throws {Error} If the input or key is invalid, or decryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encrypt(\"Hello, World!\", secretKey);\n * const decrypted = decrypt(encrypted, secretKey); // \"Hello, World!\"\n * ```\n *\n * @see {@link tryDecrypt} Non-throwing variant returning `Result<string>`.\n */\nexport function decrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions = {}): string {\n const { result, error } = $decrypt(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Encrypts a plain object (non-throwing).\n *\n * @returns `Result<string>` with the ciphertext or error.\n * @see {@link encryptObj} For full parameter/behavior docs.\n */\nexport function tryEncryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions = {},\n): Result<string> {\n return $encryptObj(obj, secretKey, options);\n}\n\n/**\n * Encrypts a plain object using the provided `NodeSecretKey`.\n *\n * @remarks\n * Only plain objects (POJOs) are accepted; class instances, Maps, Sets, etc. are rejected.\n * Output format: `\"iv.cipher.tag.\"`.\n *\n * @param obj - Plain object to encrypt.\n * @param secretKey - The `NodeSecretKey` used for encryption.\n * @param options - Encryption options.\n * @returns The encrypted string.\n * @throws {Error} If the input or key is invalid, or encryption fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encryptObj({ a: 1 }, secretKey);\n * ```\n *\n * @see {@link tryEncryptObj} Non-throwing variant returning `Result<string>`.\n */\nexport function encryptObj<T extends object = Record<string, unknown>>(\n obj: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions = {},\n): string {\n const { result, error } = $encryptObj(obj, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object (non-throwing).\n *\n * @returns `Result<{ result: T }>` with the object or error.\n * @see {@link decryptObj} For full parameter/behavior docs.\n */\nexport function tryDecryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions = {},\n): Result<{ result: T }> {\n return $decryptObj<T>(encrypted, secretKey, options);\n}\n\n/**\n * Decrypts an encrypted JSON string into a plain object.\n *\n * @remarks\n * Expects input in the format `\"iv.cipher.tag.\"`.\n *\n * @param encrypted - The encrypted string.\n * @param secretKey - The `NodeSecretKey` used for decryption.\n * @param options - Decryption options.\n * @returns The decrypted object.\n * @throws {Error} If decryption or JSON parsing fails.\n *\n * @example\n * ```ts\n * const secretKey = createSecretKey(\"my-secret\");\n * const encrypted = encryptObj({ a: 1 }, secretKey);\n * const obj = decryptObj<{ a: number }>(encrypted, secretKey); // obj.a === 1\n * ```\n *\n * @see {@link tryDecryptObj} Non-throwing variant returning `Result`.\n */\nexport function decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions = {},\n): T {\n const { result, error } = $decryptObj<T>(encrypted, secretKey, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a UTF-8 string (non-throwing).\n *\n * @returns `Result<string>` with the hash or error.\n * @see {@link hash} For full parameter/behavior docs.\n */\nexport function tryHash(data: string, options: HashOptions = {}): Result<string> {\n return $hash(data, options);\n}\n\n/**\n * Hashes a UTF-8 string using the specified digest algorithm.\n *\n * @param data - The input string to hash.\n * @param options - Hash options.\n * @returns The hashed string.\n * @throws {Error} If input is invalid or hashing fails.\n *\n * @example\n * ```ts\n * const hashed = hash(\"my data\");\n * ```\n *\n * @see {@link tryHash} Non-throwing variant returning `Result<string>`.\n */\nexport function hash(data: string, options: HashOptions = {}): string {\n const { result, error } = $hash(data, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Hashes a password using PBKDF2 (non-throwing).\n *\n * @returns `Result<{ result: string; salt: string }>` with the hash/salt or error.\n * @see {@link hashPassword} For full parameter/behavior docs.\n */\nexport function tryHashPassword(\n password: string,\n options: HashPasswordOptions = {},\n): Result<{ result: string; salt: string }> {\n return $hashPassword(password, options);\n}\n\n/**\n * Hashes a password using PBKDF2.\n *\n * @remarks\n * Defaults: `sha512`, 320 000 iterations, 64-byte key, 16-byte random salt.\n *\n * **Performance note:** Uses synchronous `pbkdf2Sync` which blocks the event loop\n * (~100-300 ms at default iterations). For server-side use under load, prefer the\n * Web Crypto API (async) via `webKit.hashPassword` instead.\n *\n * @param password - The password to hash.\n * @param options - Password hashing options.\n * @returns `{ result, salt }` for storage.\n * @throws {Error} If inputs are invalid or hashing fails.\n *\n * @example\n * ```ts\n * const { result, salt } = hashPassword(\"my-password\");\n * ```\n *\n * @see {@link tryHashPassword} Non-throwing variant returning `Result`.\n */\nexport function hashPassword(password: string, options: HashPasswordOptions = {}): { result: string; salt: string } {\n const { result, salt, error } = $hashPassword(password, options);\n if (error) throw new Error($fmtResultErr(error));\n return { result, salt };\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash (non-throwing).\n *\n * @returns `Result<boolean>` — `true` if the password matches, `false` if not, or an error for invalid inputs/options.\n * @see {@link verifyPassword} For full parameter/behavior docs.\n */\nexport function tryVerifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): Result<boolean> {\n return $verifyPassword(password, hashedPassword, salt, options);\n}\n\n/**\n * Verifies a password against a stored PBKDF2 hash.\n *\n * @remarks\n * Re-derives the key with the same parameters and compares in constant time to prevent timing attacks.\n * Throws for invalid inputs/options (bad encoding, wrong parameters, non-decodable salt/hash).\n * Returns `false` for password mismatch or length-mismatched hash.\n *\n * **Performance note:** Uses synchronous `pbkdf2Sync` which blocks the event loop\n * (~100-300 ms at default iterations). For server-side use under load, prefer the\n * Web Crypto API (async) via `webKit.verifyPassword` instead.\n *\n * @param password - The plain password to verify.\n * @param hashedPassword - The stored hash (encoded).\n * @param salt - The stored salt (encoded).\n * @param options - Verification options (must match the parameters used to hash).\n * @returns `true` if the password matches, otherwise `false`.\n * @throws {Error} If verification input/options are invalid.\n *\n * @example\n * ```ts\n * const { result, salt } = hashPassword(\"my-password\");\n * verifyPassword(\"my-password\", result, salt); // true\n * verifyPassword(\"wrong-password\", result, salt); // false\n * ```\n *\n * @see {@link tryVerifyPassword} Non-throwing variant returning `Result<boolean>`.\n */\nexport function verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions = {},\n): boolean {\n const { result, error } = $verifyPassword(password, hashedPassword, salt, options);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a string to a `Buffer` (non-throwing).\n *\n * @returns `Result<{ result: Buffer }>` with the buffer or error.\n * @see {@link convertStrToBytes} For full parameter/behavior docs.\n */\nexport function tryConvertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Result<{ result: Buffer }> {\n return $convertStrToBytes(data, inputEncoding);\n}\n\n/**\n * Converts a string to a Node.js `Buffer` using the specified encoding.\n *\n * @param data - The input string to convert.\n * @param inputEncoding - Source encoding (default: `'utf8'`).\n * @returns A `Buffer` containing the bytes.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * ```\n *\n * @see {@link tryConvertStrToBytes} Non-throwing variant returning `Result`.\n */\nexport function convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Buffer {\n const { result, error } = $convertStrToBytes(data, inputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts a `Buffer` to a string (non-throwing).\n *\n * @returns `Result<string>` with the encoded string or error.\n * @see {@link convertBytesToStr} For full parameter/behavior docs.\n */\nexport function tryConvertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n return $convertBytesToStr(data, outputEncoding);\n}\n\n/**\n * Converts a Node.js `Buffer` to a string using the specified encoding.\n *\n * @param data - The `Buffer` to convert.\n * @param outputEncoding - Target encoding (default: `'utf8'`).\n * @returns The encoded string.\n * @throws {Error} If input is invalid or conversion fails.\n *\n * @example\n * ```ts\n * const bytes = convertStrToBytes(\"Hello\", \"utf8\");\n * const str = convertBytesToStr(bytes, \"utf8\"); // \"Hello\"\n * ```\n *\n * @see {@link tryConvertBytesToStr} Non-throwing variant returning `Result<string>`.\n */\nexport function convertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): string {\n const { result, error } = $convertBytesToStr(data, outputEncoding);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n\n/**\n * Converts text between encodings (non-throwing).\n *\n * @returns `Result<string>` with the re-encoded string or error.\n * @see {@link convertEncoding} For full parameter/behavior docs.\n */\nexport function tryConvertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n return $convertEncoding(data, from, to);\n}\n\n/**\n * Converts text between encodings.\n *\n * @param data - The input string.\n * @param from - Current encoding of `data`.\n * @param to - Target encoding.\n * @returns The re-encoded string.\n * @throws {Error} If encodings are invalid or conversion fails.\n *\n * @example\n * ```ts\n * const encoded = convertEncoding(\"Hello\", \"utf8\", \"base64url\");\n * ```\n *\n * @see {@link tryConvertEncoding} Non-throwing variant returning `Result<string>`.\n */\nexport function convertEncoding(data: string, from: Encoding, to: Encoding): string {\n const { result, error } = $convertEncoding(data, from, to);\n if (error) throw new Error($fmtResultErr(error));\n return result;\n}\n","import { Buffer } from \"node:buffer\";\nimport { $err, $fmtError, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { ENCODING } from \"~/helpers/consts.js\";\nimport type { Encoding } from \"~/helpers/types.js\";\n\nexport function $convertStrToBytes(data: string, inputEncoding: Encoding = \"utf8\"): Result<{ result: Buffer }> {\n if (typeof data !== \"string\") {\n return $err({\n message: \"node strToBytes: Data must be a string\",\n description: `Expected a string value, received ${typeof data}`,\n });\n }\n if (!ENCODING.includes(inputEncoding)) {\n return $err({\n message: `node strToBytes: Unsupported encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n if (inputEncoding === \"hex\") {\n const clean = /^0x/i.test(data) ? data.slice(2) : data;\n if (clean.length % 2 !== 0 || !/^[0-9a-fA-F]*$/.test(clean)) {\n return $err({\n message: \"node strToBytes: Invalid hex string\",\n description: \"Hex string contains non-hex characters or has odd length\",\n });\n }\n return $ok({ result: Buffer.from(clean, \"hex\") });\n }\n if (inputEncoding === \"base64\") {\n if (!/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}={2}|[A-Za-z0-9+/]{3}=)?$/.test(data)) {\n return $err({\n message: \"node strToBytes: Invalid base64 string\",\n description: \"Base64 string contains invalid characters or has incorrect padding\",\n });\n }\n }\n if (inputEncoding === \"base64url\") {\n if (!/^[A-Za-z0-9_-]*={0,2}$/.test(data) || data.replace(/=+$/, \"\").length % 4 === 1) {\n return $err({\n message: \"node strToBytes: Invalid base64url string\",\n description: \"Base64url string contains invalid characters or has incorrect length\",\n });\n }\n }\n try {\n return $ok({ result: Buffer.from(data, inputEncoding) });\n } catch (error) {\n return $err({ message: \"node strToBytes: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertBytesToStr(data: Buffer, outputEncoding: Encoding = \"utf8\"): Result<string> {\n if (!(data instanceof Buffer)) {\n return $err({\n message: \"node bytesToStr: Data must be a Buffer\",\n description: \"Received a non-Buffer value\",\n });\n }\n if (!ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node bytesToStr: Unsupported encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n try {\n return $ok(data.toString(outputEncoding));\n } catch (error) {\n return $err({ message: \"node bytesToStr: Failed to convert data\", description: $fmtError(error) });\n }\n}\n\nexport function $convertEncoding(data: string, from: Encoding, to: Encoding): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node convertEncoding: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!ENCODING.includes(from) || !ENCODING.includes(to)) {\n return $err({\n message: `node convertEncoding: Unsupported encoding: from ${from} to ${to}`,\n description: \"Use base64, base64url, hex, utf8, or latin1\",\n });\n }\n\n const bytes = $convertStrToBytes(data, from);\n if (bytes.error) return $err(bytes.error);\n\n const str = $convertBytesToStr(bytes.result, to);\n if (str.error) return $err(str.error);\n\n return $ok(str.result);\n}\n","import nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $ok, type Result } from \"@internal/helpers\";\nimport type { CreateSecretKeyOptions } from \"~/export.js\";\nimport type { DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from \"~/helpers/consts.js\";\nimport { $validateCreateSecretKeyOptions, $validateSecretKeyBase } from \"~/helpers/validate.js\";\n\ndeclare const __brand: unique symbol;\n\nexport type NodeSecretKey = {\n readonly platform: \"node\";\n readonly digest: keyof typeof DIGEST_ALGORITHMS;\n readonly algorithm: keyof typeof ENCRYPTION_ALGORITHMS;\n readonly key: nodeCrypto.KeyObject;\n readonly injected: (typeof ENCRYPTION_ALGORITHMS)[keyof typeof ENCRYPTION_ALGORITHMS];\n} & { readonly [__brand]: \"secretKey-node\" };\n\nexport function $isNodeSecretKey(x: unknown): NodeSecretKey | null {\n const base = $validateSecretKeyBase(x, \"node\");\n if (!base) return null;\n\n if (\n !(base.obj.key instanceof nodeCrypto.KeyObject) ||\n (typeof base.obj.key.symmetricKeySize === \"number\" && base.obj.key.symmetricKeySize !== base.algorithm.keyBytes)\n ) {\n return null;\n }\n return x as NodeSecretKey;\n}\n\nexport function $createSecretKey(secret: string, options: CreateSecretKeyOptions): Result<{ result: NodeSecretKey }> {\n const validated = $validateCreateSecretKeyOptions(secret, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { algorithm, digest, salt, info, encryptAlgo, digestAlgo } = validated;\n\n try {\n const derivedKey = Buffer.from(\n nodeCrypto.hkdfSync(\n digestAlgo.node,\n secret.normalize(\"NFKC\"),\n salt.normalize(\"NFKC\"),\n info.normalize(\"NFKC\"),\n encryptAlgo.keyBytes,\n ),\n );\n try {\n const key = nodeCrypto.createSecretKey(derivedKey);\n const secretKey = Object.freeze({\n platform: \"node\",\n digest,\n algorithm,\n key,\n injected: encryptAlgo,\n }) as NodeSecretKey;\n\n return $ok({ result: secretKey });\n } finally {\n derivedKey.fill(0);\n }\n } catch (error) {\n return $err({ message: \"node createSecretKey: Failed to derive key\", description: $fmtError(error) });\n }\n}\n","import { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport {\n $err,\n $fmtError,\n $fmtResultErr,\n $isPlainObj,\n $isStr,\n $ok,\n $parseToObj,\n $stringifyObj,\n type Result,\n} from \"@internal/helpers\";\nimport { CIPHER_ENCODING, GCM_IV_LENGTH, GCM_TAG_BYTES } from \"~/helpers/consts.js\";\nimport type { DecryptOptions, EncryptOptions } from \"~/helpers/types.js\";\nimport { matchEncryptedPattern } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./node-encode.js\";\nimport { $isNodeSecretKey, type NodeSecretKey } from \"./node-secret-key.js\";\n\nexport function $encrypt(data: string, secretKey: NodeSecretKey, options: EncryptOptions): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node encrypt: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<EncryptOptions>(options)) {\n return $err({\n message: \"node encrypt: Options must be a plain object\",\n description: 'Pass an object like { outputEncoding: \"base64url\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node encrypt: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const injectedKey = $isNodeSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"node encrypt: Invalid secret key\",\n description: \"Expected a NodeSecretKey created by nodeKit.createSecretKey()\",\n });\n }\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const iv = nodeCrypto.randomBytes(GCM_IV_LENGTH);\n const cipher = nodeCrypto.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);\n const encrypted = Buffer.concat([cipher.update(result), cipher.final()]);\n const tag = cipher.getAuthTag();\n\n const ivStr = $convertBytesToStr(iv, outputEncoding);\n const cipherStr = $convertBytesToStr(encrypted, outputEncoding);\n const tagStr = $convertBytesToStr(tag, outputEncoding);\n\n if (ivStr.error || cipherStr.error || tagStr.error) {\n return $err({\n message: \"node encrypt: Failed to encode output\",\n description: `Conversion error: ${$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`,\n });\n }\n\n return $ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);\n } catch (error) {\n return $err({ message: \"node encrypt: Failed to encrypt data\", description: $fmtError(error) });\n } finally {\n result.fill(0);\n }\n}\n\nexport function $decrypt(encrypted: string, secretKey: NodeSecretKey, options: DecryptOptions): Result<string> {\n if (!matchEncryptedPattern(encrypted)) {\n return $err({\n message: \"node decrypt: Invalid encrypted data format\",\n description: 'Encrypted data must be in the format \"iv.cipher.tag.\"',\n });\n }\n\n if (!$isPlainObj<DecryptOptions>(options)) {\n return $err({\n message: \"node decrypt: Options must be a plain object\",\n description: 'Pass an object like { inputEncoding: \"base64url\" }',\n });\n }\n\n const inputEncoding = options.inputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(inputEncoding)) {\n return $err({\n message: `node decrypt: Unsupported input encoding: ${inputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const [iv, cipher, tag] = encrypted.split(\".\", 4) as [string, string, string];\n\n const injectedKey = $isNodeSecretKey(secretKey);\n if (!injectedKey) {\n return $err({\n message: \"node decrypt: Invalid secret key\",\n description: \"Expected a NodeSecretKey created by nodeKit.createSecretKey()\",\n });\n }\n\n const ivBytes = $convertStrToBytes(iv, inputEncoding);\n const cipherBytes = $convertStrToBytes(cipher, inputEncoding);\n const tagBytes = $convertStrToBytes(tag, inputEncoding);\n\n if (ivBytes.error || cipherBytes.error || tagBytes.error) {\n return $err({\n message: \"node decrypt: Failed to decode input\",\n description: `Conversion error: ${$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`,\n });\n }\n\n if (ivBytes.result.byteLength !== GCM_IV_LENGTH) {\n return $err({\n message: \"node decrypt: Invalid IV length\",\n description: `Expected ${GCM_IV_LENGTH} bytes, got ${ivBytes.result.byteLength}`,\n });\n }\n\n if (tagBytes.result.byteLength !== GCM_TAG_BYTES) {\n return $err({\n message: \"node decrypt: Invalid auth tag length\",\n description: `Expected ${GCM_TAG_BYTES} bytes, got ${tagBytes.result.byteLength}`,\n });\n }\n\n let decrypted: Buffer | undefined;\n try {\n const decipher = nodeCrypto.createDecipheriv(injectedKey.injected.node, injectedKey.key, ivBytes.result);\n decipher.setAuthTag(tagBytes.result);\n decrypted = Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);\n\n return $convertBytesToStr(decrypted, \"utf8\");\n } catch (error) {\n return $err({ message: \"node decrypt: Failed to decrypt data\", description: $fmtError(error) });\n } finally {\n decrypted?.fill(0);\n }\n}\n\nexport function $encryptObj<T extends object = Record<string, unknown>>(\n data: T,\n secretKey: NodeSecretKey,\n options: EncryptOptions,\n): Result<string> {\n const { result, error } = $stringifyObj(data);\n if (error) return $err(error);\n return $encrypt(result, secretKey, options);\n}\n\nexport function $decryptObj<T extends object = Record<string, unknown>>(\n encrypted: string,\n secretKey: NodeSecretKey,\n options: DecryptOptions,\n): Result<{ result: T }> {\n const { result, error } = $decrypt(encrypted, secretKey, options);\n if (error) return $err(error);\n return $parseToObj<T>(result);\n}\n","import { Buffer } from \"node:buffer\";\nimport nodeCrypto from \"node:crypto\";\nimport { $err, $fmtError, $isPlainObj, $isStr, $ok, type Result } from \"@internal/helpers\";\nimport { CIPHER_ENCODING, DIGEST_ALGORITHMS } from \"~/helpers/consts.js\";\nimport type { HashOptions, HashPasswordOptions, VerifyPasswordOptions } from \"~/helpers/types.js\";\nimport { $validateHashPasswordOptions, $validateVerifyPasswordOptions } from \"~/helpers/validate.js\";\nimport { $convertBytesToStr, $convertStrToBytes } from \"./node-encode.js\";\n\nexport function $hash(data: string, options: HashOptions = {}): Result<string> {\n if (!$isStr(data)) {\n return $err({\n message: \"node hash: Data must be a non-empty string\",\n description: \"Received empty or non-string value\",\n });\n }\n\n if (!$isPlainObj<HashOptions>(options)) {\n return $err({\n message: \"node hash: Options must be a plain object\",\n description: 'Pass an object like { digest: \"sha256\" }',\n });\n }\n\n const outputEncoding = options.outputEncoding ?? \"base64url\";\n if (!CIPHER_ENCODING.includes(outputEncoding)) {\n return $err({\n message: `node hash: Unsupported output encoding: ${outputEncoding}`,\n description: \"Use base64, base64url, or hex\",\n });\n }\n\n const digest = options.digest ?? \"sha256\";\n if (!(digest in DIGEST_ALGORITHMS)) {\n return $err({\n message: `node hash: Unsupported digest: ${digest}`,\n description: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(\", \")}`,\n });\n }\n const digestAlgo = DIGEST_ALGORITHMS[digest];\n\n const { result, error } = $convertStrToBytes(data, \"utf8\");\n if (error) return $err(error);\n\n try {\n const hashed = nodeCrypto.createHash(digestAlgo.node).update(result).digest();\n return $convertBytesToStr(hashed, outputEncoding);\n } catch (error) {\n return $err({ message: \"node hash: Failed to hash data\", description: $fmtError(error) });\n }\n}\n\nexport function $hashPassword(\n password: string,\n options: HashPasswordOptions,\n): Result<{ result: string; salt: string }> {\n const validated = $validateHashPasswordOptions(password, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, outputEncoding, saltLength, iterations, keyLength } = validated;\n\n const salt = nodeCrypto.randomBytes(saltLength);\n const hash = nodeCrypto.pbkdf2Sync(password.normalize(\"NFKC\"), salt, iterations, keyLength, digestAlgo.node);\n\n try {\n const saltStr = $convertBytesToStr(salt, outputEncoding);\n if (saltStr.error) return $err(saltStr.error);\n\n const hashStr = $convertBytesToStr(hash, outputEncoding);\n if (hashStr.error) return $err(hashStr.error);\n\n return $ok({ result: hashStr.result, salt: saltStr.result });\n } catch (error) {\n return $err({ message: \"node hashPassword: Failed to hash password\", description: $fmtError(error) });\n } finally {\n salt.fill(0);\n hash.fill(0);\n }\n}\n\nexport function $verifyPassword(\n password: string,\n hashedPassword: string,\n salt: string,\n options: VerifyPasswordOptions,\n): Result<boolean> {\n const validated = $validateVerifyPasswordOptions(password, hashedPassword, salt, options, \"node\");\n if (validated.error) return $err(validated.error);\n\n const { digestAlgo, inputEncoding, iterations, keyLength } = validated;\n\n const saltBytes = $convertStrToBytes(salt, inputEncoding);\n if (saltBytes.error) return $err(saltBytes.error);\n\n const hashedPasswordBytes = $convertStrToBytes(hashedPassword, inputEncoding);\n if (hashedPasswordBytes.error) return $err(hashedPasswordBytes.error);\n\n if (hashedPasswordBytes.result.byteLength !== keyLength) return $ok(false);\n\n try {\n const derived = nodeCrypto.pbkdf2Sync(\n password.normalize(\"NFKC\"),\n saltBytes.result,\n iterations,\n keyLength,\n digestAlgo.node,\n );\n\n const expected = hashedPasswordBytes.result;\n\n const left = Buffer.alloc(keyLength);\n const right = Buffer.alloc(keyLength);\n derived.copy(left);\n expected.copy(right);\n\n try {\n const matches = nodeCrypto.timingSafeEqual(left, right);\n return $ok(matches);\n } finally {\n left.fill(0);\n right.fill(0);\n derived.fill(0);\n }\n } catch (error) {\n return $err({ message: \"node verifyPassword: Verification failed\", description: $fmtError(error) });\n } finally {\n saltBytes.result.fill(0);\n hashedPasswordBytes.result.fill(0);\n }\n}\n"]}
package/dist/{export-DAIDJRX3.d.ts → export-B-3CCZIO.d.cts} RENAMED
@@ -1,4 +1,4 @@
1
- import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-DN59A2-Y.js';
1
+ import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-vDTesb-X.cjs';
2
2
 
3
3
  declare const __brand: unique symbol;
4
4
  type WebSecretKey = {
@@ -86,6 +86,7 @@ declare function tryEncrypt(data: string, secretKey: WebSecretKey, options?: Enc
86
86
  * @remarks
87
87
  * Output format: `"iv.cipher.tag."` (three dot-separated base64url segments plus trailing dot).
88
88
  * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.
89
+ * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.
89
90
  *
90
91
  * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).
91
92
  * @param secretKey - The `WebSecretKey` used for encryption.
package/dist/{export-BEp4DFEB.d.cts → export-BPo6yPV-.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-DN59A2-Y.cjs';
1
+ import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-vDTesb-X.js';
2
2
 
3
3
  declare const __brand: unique symbol;
4
4
  type WebSecretKey = {
@@ -86,6 +86,7 @@ declare function tryEncrypt(data: string, secretKey: WebSecretKey, options?: Enc
86
86
  * @remarks
87
87
  * Output format: `"iv.cipher.tag."` (three dot-separated base64url segments plus trailing dot).
88
88
  * Cross-platform compatible — data encrypted on Web can be decrypted on Node and vice versa.
89
+ * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.
89
90
  *
90
91
  * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).
91
92
  * @param secretKey - The `WebSecretKey` used for encryption.
package/dist/{export-Cxfev8fi.d.ts → export-C0_UEEg8.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-DN59A2-Y.js';
1
+ import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-vDTesb-X.js';
2
2
  import { Buffer } from 'node:buffer';
3
3
  import nodeCrypto from 'node:crypto';
4
4
 
@@ -88,6 +88,7 @@ declare function tryEncrypt(data: string, secretKey: NodeSecretKey, options?: En
88
88
  * @remarks
89
89
  * Output format: `"iv.cipher.tag."` (three dot-separated base64url segments plus trailing dot).
90
90
  * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.
91
+ * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.
91
92
  *
92
93
  * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).
93
94
  * @param secretKey - The `NodeSecretKey` used for encryption.
package/dist/{export-e7IN_bU5.d.cts → export-DPuocAr3.d.cts} RENAMED
@@ -1,4 +1,4 @@
1
- import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-DN59A2-Y.cjs';
1
+ import { i as DIGEST_ALGORITHMS, j as ENCRYPTION_ALGORITHMS, c as Encoding, a as CreateSecretKeyOptions, D as DecryptOptions, d as EncryptOptions, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions } from './validate-vDTesb-X.cjs';
2
2
  import { Buffer } from 'node:buffer';
3
3
  import nodeCrypto from 'node:crypto';
4
4
 
@@ -88,6 +88,7 @@ declare function tryEncrypt(data: string, secretKey: NodeSecretKey, options?: En
88
88
  * @remarks
89
89
  * Output format: `"iv.cipher.tag."` (three dot-separated base64url segments plus trailing dot).
90
90
  * Cross-platform compatible — data encrypted on Node can be decrypted on Web and vice versa.
91
+ * AES-GCM uses random 96-bit IVs. Rotate keys before ~2^32 encryptions with the same key to avoid nonce collision.
91
92
  *
92
93
  * @param data - UTF-8 string to encrypt. Must be a non-empty string (whitespace-only strings are rejected).
93
94
  * @param secretKey - The `NodeSecretKey` used for encryption.
package/dist/index.cjs CHANGED
@@ -1,36 +1,36 @@
1
1
  'use strict';
2
2
 
3
- var chunkZYX6MYHS_cjs = require('./chunk-ZYX6MYHS.cjs');
4
- var chunkLC5HP75W_cjs = require('./chunk-LC5HP75W.cjs');
5
- var chunkX7IPAA7B_cjs = require('./chunk-X7IPAA7B.cjs');
3
+ var chunk3A4RTUKO_cjs = require('./chunk-3A4RTUKO.cjs');
4
+ var chunk7254PEID_cjs = require('./chunk-7254PEID.cjs');
5
+ var chunkVCBHSRCS_cjs = require('./chunk-VCBHSRCS.cjs');
6
6
 
7
7
  // src/export.ts
8
- var nodeKit = chunkZYX6MYHS_cjs.kit_exports;
9
- var webKit = chunkLC5HP75W_cjs.kit_exports;
8
+ var nodeKit = chunk3A4RTUKO_cjs.kit_exports;
9
+ var webKit = chunk7254PEID_cjs.kit_exports;
10
10
 
11
11
  Object.defineProperty(exports, "ENCRYPTED_REGEX", {
12
12
  enumerable: true,
13
- get: function () { return chunkX7IPAA7B_cjs.ENCRYPTED_REGEX; }
13
+ get: function () { return chunkVCBHSRCS_cjs.ENCRYPTED_REGEX; }
14
14
  });
15
15
  Object.defineProperty(exports, "matchEncryptedPattern", {
16
16
  enumerable: true,
17
- get: function () { return chunkX7IPAA7B_cjs.matchEncryptedPattern; }
17
+ get: function () { return chunkVCBHSRCS_cjs.matchEncryptedPattern; }
18
18
  });
19
19
  Object.defineProperty(exports, "parseToObj", {
20
20
  enumerable: true,
21
- get: function () { return chunkX7IPAA7B_cjs.parseToObj; }
21
+ get: function () { return chunkVCBHSRCS_cjs.parseToObj; }
22
22
  });
23
23
  Object.defineProperty(exports, "stringifyObj", {
24
24
  enumerable: true,
25
- get: function () { return chunkX7IPAA7B_cjs.stringifyObj; }
25
+ get: function () { return chunkVCBHSRCS_cjs.stringifyObj; }
26
26
  });
27
27
  Object.defineProperty(exports, "tryParseToObj", {
28
28
  enumerable: true,
29
- get: function () { return chunkX7IPAA7B_cjs.tryParseToObj; }
29
+ get: function () { return chunkVCBHSRCS_cjs.tryParseToObj; }
30
30
  });
31
31
  Object.defineProperty(exports, "tryStringifyObj", {
32
32
  enumerable: true,
33
- get: function () { return chunkX7IPAA7B_cjs.tryStringifyObj; }
33
+ get: function () { return chunkVCBHSRCS_cjs.tryStringifyObj; }
34
34
  });
35
35
  exports.nodeKit = nodeKit;
36
36
  exports.webKit = webKit;
package/dist/index.d.cts CHANGED
@@ -1,8 +1,8 @@
1
- import { n as nodeCryptoKit } from './export-e7IN_bU5.cjs';
2
- export { N as NodeSecretKey } from './export-e7IN_bU5.cjs';
3
- import { w as webCryptoKit } from './export-BEp4DFEB.cjs';
4
- export { W as WebSecretKey } from './export-BEp4DFEB.cjs';
5
- export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-DN59A2-Y.cjs';
1
+ import { n as nodeCryptoKit } from './export-DPuocAr3.cjs';
2
+ export { N as NodeSecretKey } from './export-DPuocAr3.cjs';
3
+ import { w as webCryptoKit } from './export-B-3CCZIO.cjs';
4
+ export { W as WebSecretKey } from './export-B-3CCZIO.cjs';
5
+ export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-vDTesb-X.cjs';
6
6
  import 'node:buffer';
7
7
  import 'node:crypto';
8
8
 
package/dist/index.d.ts CHANGED
@@ -1,8 +1,8 @@
1
- import { n as nodeCryptoKit } from './export-Cxfev8fi.js';
2
- export { N as NodeSecretKey } from './export-Cxfev8fi.js';
3
- import { w as webCryptoKit } from './export-DAIDJRX3.js';
4
- export { W as WebSecretKey } from './export-DAIDJRX3.js';
5
- export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-DN59A2-Y.js';
1
+ import { n as nodeCryptoKit } from './export-C0_UEEg8.js';
2
+ export { N as NodeSecretKey } from './export-C0_UEEg8.js';
3
+ import { w as webCryptoKit } from './export-BPo6yPV-.js';
4
+ export { W as WebSecretKey } from './export-BPo6yPV-.js';
5
+ export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-vDTesb-X.js';
6
6
  import 'node:buffer';
7
7
  import 'node:crypto';
8
8
 
package/dist/index.js CHANGED
@@ -1,6 +1,6 @@
1
- import { kit_exports } from './chunk-3NFJMV33.js';
2
- import { kit_exports as kit_exports$1 } from './chunk-ZN7EFZ7Z.js';
3
- export { ENCRYPTED_REGEX, matchEncryptedPattern, parseToObj, stringifyObj, tryParseToObj, tryStringifyObj } from './chunk-4YR2SBOH.js';
1
+ import { kit_exports } from './chunk-X6MX4NDE.js';
2
+ import { kit_exports as kit_exports$1 } from './chunk-GL32EZRA.js';
3
+ export { ENCRYPTED_REGEX, matchEncryptedPattern, parseToObj, stringifyObj, tryParseToObj, tryStringifyObj } from './chunk-IY6XGUYO.js';
4
4
 
5
5
  // src/export.ts
6
6
  var nodeKit = kit_exports;
package/dist/node.cjs CHANGED
@@ -1,133 +1,133 @@
1
1
  'use strict';
2
2
 
3
- var chunkZYX6MYHS_cjs = require('./chunk-ZYX6MYHS.cjs');
4
- var chunkX7IPAA7B_cjs = require('./chunk-X7IPAA7B.cjs');
3
+ var chunk3A4RTUKO_cjs = require('./chunk-3A4RTUKO.cjs');
4
+ var chunkVCBHSRCS_cjs = require('./chunk-VCBHSRCS.cjs');
5
5
 
6
6
 
7
7
 
8
8
  Object.defineProperty(exports, "convertBytesToStr", {
9
9
  enumerable: true,
10
- get: function () { return chunkZYX6MYHS_cjs.convertBytesToStr; }
10
+ get: function () { return chunk3A4RTUKO_cjs.convertBytesToStr; }
11
11
  });
12
12
  Object.defineProperty(exports, "convertEncoding", {
13
13
  enumerable: true,
14
- get: function () { return chunkZYX6MYHS_cjs.convertEncoding; }
14
+ get: function () { return chunk3A4RTUKO_cjs.convertEncoding; }
15
15
  });
16
16
  Object.defineProperty(exports, "convertStrToBytes", {
17
17
  enumerable: true,
18
- get: function () { return chunkZYX6MYHS_cjs.convertStrToBytes; }
18
+ get: function () { return chunk3A4RTUKO_cjs.convertStrToBytes; }
19
19
  });
20
20
  Object.defineProperty(exports, "createSecretKey", {
21
21
  enumerable: true,
22
- get: function () { return chunkZYX6MYHS_cjs.createSecretKey; }
22
+ get: function () { return chunk3A4RTUKO_cjs.createSecretKey; }
23
23
  });
24
24
  Object.defineProperty(exports, "decrypt", {
25
25
  enumerable: true,
26
- get: function () { return chunkZYX6MYHS_cjs.decrypt; }
26
+ get: function () { return chunk3A4RTUKO_cjs.decrypt; }
27
27
  });
28
28
  Object.defineProperty(exports, "decryptObj", {
29
29
  enumerable: true,
30
- get: function () { return chunkZYX6MYHS_cjs.decryptObj; }
30
+ get: function () { return chunk3A4RTUKO_cjs.decryptObj; }
31
31
  });
32
32
  Object.defineProperty(exports, "encrypt", {
33
33
  enumerable: true,
34
- get: function () { return chunkZYX6MYHS_cjs.encrypt; }
34
+ get: function () { return chunk3A4RTUKO_cjs.encrypt; }
35
35
  });
36
36
  Object.defineProperty(exports, "encryptObj", {
37
37
  enumerable: true,
38
- get: function () { return chunkZYX6MYHS_cjs.encryptObj; }
38
+ get: function () { return chunk3A4RTUKO_cjs.encryptObj; }
39
39
  });
40
40
  Object.defineProperty(exports, "generateUuid", {
41
41
  enumerable: true,
42
- get: function () { return chunkZYX6MYHS_cjs.generateUuid; }
42
+ get: function () { return chunk3A4RTUKO_cjs.generateUuid; }
43
43
  });
44
44
  Object.defineProperty(exports, "hash", {
45
45
  enumerable: true,
46
- get: function () { return chunkZYX6MYHS_cjs.hash; }
46
+ get: function () { return chunk3A4RTUKO_cjs.hash; }
47
47
  });
48
48
  Object.defineProperty(exports, "hashPassword", {
49
49
  enumerable: true,
50
- get: function () { return chunkZYX6MYHS_cjs.hashPassword; }
50
+ get: function () { return chunk3A4RTUKO_cjs.hashPassword; }
51
51
  });
52
52
  Object.defineProperty(exports, "isNodeSecretKey", {
53
53
  enumerable: true,
54
- get: function () { return chunkZYX6MYHS_cjs.isNodeSecretKey; }
54
+ get: function () { return chunk3A4RTUKO_cjs.isNodeSecretKey; }
55
55
  });
56
56
  Object.defineProperty(exports, "tryConvertBytesToStr", {
57
57
  enumerable: true,
58
- get: function () { return chunkZYX6MYHS_cjs.tryConvertBytesToStr; }
58
+ get: function () { return chunk3A4RTUKO_cjs.tryConvertBytesToStr; }
59
59
  });
60
60
  Object.defineProperty(exports, "tryConvertEncoding", {
61
61
  enumerable: true,
62
- get: function () { return chunkZYX6MYHS_cjs.tryConvertEncoding; }
62
+ get: function () { return chunk3A4RTUKO_cjs.tryConvertEncoding; }
63
63
  });
64
64
  Object.defineProperty(exports, "tryConvertStrToBytes", {
65
65
  enumerable: true,
66
- get: function () { return chunkZYX6MYHS_cjs.tryConvertStrToBytes; }
66
+ get: function () { return chunk3A4RTUKO_cjs.tryConvertStrToBytes; }
67
67
  });
68
68
  Object.defineProperty(exports, "tryCreateSecretKey", {
69
69
  enumerable: true,
70
- get: function () { return chunkZYX6MYHS_cjs.tryCreateSecretKey; }
70
+ get: function () { return chunk3A4RTUKO_cjs.tryCreateSecretKey; }
71
71
  });
72
72
  Object.defineProperty(exports, "tryDecrypt", {
73
73
  enumerable: true,
74
- get: function () { return chunkZYX6MYHS_cjs.tryDecrypt; }
74
+ get: function () { return chunk3A4RTUKO_cjs.tryDecrypt; }
75
75
  });
76
76
  Object.defineProperty(exports, "tryDecryptObj", {
77
77
  enumerable: true,
78
- get: function () { return chunkZYX6MYHS_cjs.tryDecryptObj; }
78
+ get: function () { return chunk3A4RTUKO_cjs.tryDecryptObj; }
79
79
  });
80
80
  Object.defineProperty(exports, "tryEncrypt", {
81
81
  enumerable: true,
82
- get: function () { return chunkZYX6MYHS_cjs.tryEncrypt; }
82
+ get: function () { return chunk3A4RTUKO_cjs.tryEncrypt; }
83
83
  });
84
84
  Object.defineProperty(exports, "tryEncryptObj", {
85
85
  enumerable: true,
86
- get: function () { return chunkZYX6MYHS_cjs.tryEncryptObj; }
86
+ get: function () { return chunk3A4RTUKO_cjs.tryEncryptObj; }
87
87
  });
88
88
  Object.defineProperty(exports, "tryGenerateUuid", {
89
89
  enumerable: true,
90
- get: function () { return chunkZYX6MYHS_cjs.tryGenerateUuid; }
90
+ get: function () { return chunk3A4RTUKO_cjs.tryGenerateUuid; }
91
91
  });
92
92
  Object.defineProperty(exports, "tryHash", {
93
93
  enumerable: true,
94
- get: function () { return chunkZYX6MYHS_cjs.tryHash; }
94
+ get: function () { return chunk3A4RTUKO_cjs.tryHash; }
95
95
  });
96
96
  Object.defineProperty(exports, "tryHashPassword", {
97
97
  enumerable: true,
98
- get: function () { return chunkZYX6MYHS_cjs.tryHashPassword; }
98
+ get: function () { return chunk3A4RTUKO_cjs.tryHashPassword; }
99
99
  });
100
100
  Object.defineProperty(exports, "tryVerifyPassword", {
101
101
  enumerable: true,
102
- get: function () { return chunkZYX6MYHS_cjs.tryVerifyPassword; }
102
+ get: function () { return chunk3A4RTUKO_cjs.tryVerifyPassword; }
103
103
  });
104
104
  Object.defineProperty(exports, "verifyPassword", {
105
105
  enumerable: true,
106
- get: function () { return chunkZYX6MYHS_cjs.verifyPassword; }
106
+ get: function () { return chunk3A4RTUKO_cjs.verifyPassword; }
107
107
  });
108
108
  Object.defineProperty(exports, "ENCRYPTED_REGEX", {
109
109
  enumerable: true,
110
- get: function () { return chunkX7IPAA7B_cjs.ENCRYPTED_REGEX; }
110
+ get: function () { return chunkVCBHSRCS_cjs.ENCRYPTED_REGEX; }
111
111
  });
112
112
  Object.defineProperty(exports, "matchEncryptedPattern", {
113
113
  enumerable: true,
114
- get: function () { return chunkX7IPAA7B_cjs.matchEncryptedPattern; }
114
+ get: function () { return chunkVCBHSRCS_cjs.matchEncryptedPattern; }
115
115
  });
116
116
  Object.defineProperty(exports, "parseToObj", {
117
117
  enumerable: true,
118
- get: function () { return chunkX7IPAA7B_cjs.parseToObj; }
118
+ get: function () { return chunkVCBHSRCS_cjs.parseToObj; }
119
119
  });
120
120
  Object.defineProperty(exports, "stringifyObj", {
121
121
  enumerable: true,
122
- get: function () { return chunkX7IPAA7B_cjs.stringifyObj; }
122
+ get: function () { return chunkVCBHSRCS_cjs.stringifyObj; }
123
123
  });
124
124
  Object.defineProperty(exports, "tryParseToObj", {
125
125
  enumerable: true,
126
- get: function () { return chunkX7IPAA7B_cjs.tryParseToObj; }
126
+ get: function () { return chunkVCBHSRCS_cjs.tryParseToObj; }
127
127
  });
128
128
  Object.defineProperty(exports, "tryStringifyObj", {
129
129
  enumerable: true,
130
- get: function () { return chunkX7IPAA7B_cjs.tryStringifyObj; }
130
+ get: function () { return chunkVCBHSRCS_cjs.tryStringifyObj; }
131
131
  });
132
132
  //# sourceMappingURL=node.cjs.map
133
133
  //# sourceMappingURL=node.cjs.map
package/dist/node.d.cts CHANGED
@@ -1,4 +1,4 @@
1
- export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-DN59A2-Y.cjs';
2
- export { N as NodeSecretKey, c as convertBytesToStr, a as convertEncoding, b as convertStrToBytes, d as createSecretKey, e as decrypt, f as decryptObj, g as encrypt, h as encryptObj, i as generateUuid, j as hash, k as hashPassword, l as isNodeSecretKey, t as tryConvertBytesToStr, m as tryConvertEncoding, o as tryConvertStrToBytes, p as tryCreateSecretKey, q as tryDecrypt, r as tryDecryptObj, s as tryEncrypt, u as tryEncryptObj, v as tryGenerateUuid, w as tryHash, x as tryHashPassword, y as tryVerifyPassword, z as verifyPassword } from './export-e7IN_bU5.cjs';
1
+ export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-vDTesb-X.cjs';
2
+ export { N as NodeSecretKey, c as convertBytesToStr, a as convertEncoding, b as convertStrToBytes, d as createSecretKey, e as decrypt, f as decryptObj, g as encrypt, h as encryptObj, i as generateUuid, j as hash, k as hashPassword, l as isNodeSecretKey, t as tryConvertBytesToStr, m as tryConvertEncoding, o as tryConvertStrToBytes, p as tryCreateSecretKey, q as tryDecrypt, r as tryDecryptObj, s as tryEncrypt, u as tryEncryptObj, v as tryGenerateUuid, w as tryHash, x as tryHashPassword, y as tryVerifyPassword, z as verifyPassword } from './export-DPuocAr3.cjs';
3
3
  import 'node:buffer';
4
4
  import 'node:crypto';
package/dist/node.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-DN59A2-Y.js';
2
- export { N as NodeSecretKey, c as convertBytesToStr, a as convertEncoding, b as convertStrToBytes, d as createSecretKey, e as decrypt, f as decryptObj, g as encrypt, h as encryptObj, i as generateUuid, j as hash, k as hashPassword, l as isNodeSecretKey, t as tryConvertBytesToStr, m as tryConvertEncoding, o as tryConvertStrToBytes, p as tryCreateSecretKey, q as tryDecrypt, r as tryDecryptObj, s as tryEncrypt, u as tryEncryptObj, v as tryGenerateUuid, w as tryHash, x as tryHashPassword, y as tryVerifyPassword, z as verifyPassword } from './export-Cxfev8fi.js';
1
+ export { C as CipherEncoding, a as CreateSecretKeyOptions, D as DecryptOptions, b as DigestAlgorithm, E as ENCRYPTED_REGEX, c as Encoding, d as EncryptOptions, e as EncryptionAlgorithm, f as ErrorStruct, H as HashOptions, g as HashPasswordOptions, R as Result, V as VerifyPasswordOptions, m as matchEncryptedPattern, p as parseToObj, s as stringifyObj, t as tryParseToObj, h as tryStringifyObj } from './validate-vDTesb-X.js';
2
+ export { N as NodeSecretKey, c as convertBytesToStr, a as convertEncoding, b as convertStrToBytes, d as createSecretKey, e as decrypt, f as decryptObj, g as encrypt, h as encryptObj, i as generateUuid, j as hash, k as hashPassword, l as isNodeSecretKey, t as tryConvertBytesToStr, m as tryConvertEncoding, o as tryConvertStrToBytes, p as tryCreateSecretKey, q as tryDecrypt, r as tryDecryptObj, s as tryEncrypt, u as tryEncryptObj, v as tryGenerateUuid, w as tryHash, x as tryHashPassword, y as tryVerifyPassword, z as verifyPassword } from './export-C0_UEEg8.js';
3
3
  import 'node:buffer';
4
4
  import 'node:crypto';
package/dist/node.js CHANGED
@@ -1,4 +1,4 @@
1
- export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, isNodeSecretKey, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, tryVerifyPassword, verifyPassword } from './chunk-3NFJMV33.js';
2
- export { ENCRYPTED_REGEX, matchEncryptedPattern, parseToObj, stringifyObj, tryParseToObj, tryStringifyObj } from './chunk-4YR2SBOH.js';
1
+ export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, isNodeSecretKey, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, tryVerifyPassword, verifyPassword } from './chunk-X6MX4NDE.js';
2
+ export { ENCRYPTED_REGEX, matchEncryptedPattern, parseToObj, stringifyObj, tryParseToObj, tryStringifyObj } from './chunk-IY6XGUYO.js';
3
3
  //# sourceMappingURL=node.js.map
4
4
  //# sourceMappingURL=node.js.map
package/dist/{validate-DN59A2-Y.d.cts → validate-vDTesb-X.d.cts} RENAMED
@@ -186,7 +186,10 @@ declare function parseToObj<T extends object = Record<string, unknown>>(str: str
186
186
 
187
187
  /** Matches the `"iv.cipher.tag."` encrypted payload format. */
188
188
  declare const ENCRYPTED_REGEX: RegExp;
189
- /** Validates structural shape only, not whether content is valid base64/hex. */
189
+ /**
190
+ * Structural check only — validates the dot-separated `"iv.cipher.tag."` format
191
+ * but does NOT verify that individual segments contain valid base64, base64url, or hex encoding.
192
+ */
190
193
  declare function matchEncryptedPattern(data: string): boolean;
191
194
 
192
195
  export { type CipherEncoding as C, type DecryptOptions as D, ENCRYPTED_REGEX as E, type HashOptions as H, type Result as R, type VerifyPasswordOptions as V, type CreateSecretKeyOptions as a, type DigestAlgorithm as b, type Encoding as c, type EncryptOptions as d, type EncryptionAlgorithm as e, type ErrorStruct as f, type HashPasswordOptions as g, tryStringifyObj as h, DIGEST_ALGORITHMS as i, ENCRYPTION_ALGORITHMS as j, matchEncryptedPattern as m, parseToObj as p, stringifyObj as s, tryParseToObj as t };
package/dist/{validate-DN59A2-Y.d.ts → validate-vDTesb-X.d.ts} RENAMED
@@ -186,7 +186,10 @@ declare function parseToObj<T extends object = Record<string, unknown>>(str: str
186
186
 
187
187
  /** Matches the `"iv.cipher.tag."` encrypted payload format. */
188
188
  declare const ENCRYPTED_REGEX: RegExp;
189
- /** Validates structural shape only, not whether content is valid base64/hex. */
189
+ /**
190
+ * Structural check only — validates the dot-separated `"iv.cipher.tag."` format
191
+ * but does NOT verify that individual segments contain valid base64, base64url, or hex encoding.
192
+ */
190
193
  declare function matchEncryptedPattern(data: string): boolean;
191
194
 
192
195
  export { type CipherEncoding as C, type DecryptOptions as D, ENCRYPTED_REGEX as E, type HashOptions as H, type Result as R, type VerifyPasswordOptions as V, type CreateSecretKeyOptions as a, type DigestAlgorithm as b, type Encoding as c, type EncryptOptions as d, type EncryptionAlgorithm as e, type ErrorStruct as f, type HashPasswordOptions as g, tryStringifyObj as h, DIGEST_ALGORITHMS as i, ENCRYPTION_ALGORITHMS as j, matchEncryptedPattern as m, parseToObj as p, stringifyObj as s, tryParseToObj as t };