favalib 0.0.1

package/build/TwoFaLib.d.mts

@@ -0,0 +1,95 @@
+import { TypedEventTarget } from 'typescript-event-target';
+import type CryptoLib from './interfaces/CryptoLib.mjs';
+import type { EncryptedPrivateKey, EncryptedSymmetricKey, Passphrase, PrivateKey, PublicKey, Salt, SymmetricKey } from './interfaces/CryptoLib.mjs';
+import type { DeviceId, DeviceType } from './interfaces/SyncTypes.mjs';
+import type { TwoFaLibEventMapEvents } from './interfaces/Events.mjs';
+import type { PassphraseExtraDict } from './interfaces/PassphraseExtraDict.js';
+import type { Vault, VaultSyncState } from './interfaces/Vault.mjs';
+import SyncManager from './subclasses/SyncManager.mjs';
+import ExportImportManager from './subclasses/ExportImportManager.mjs';
+import VaultOperationsManager from './subclasses/VaultOperationsManager.mjs';
+/**
+ * The Two-Factor Library, this is the main entry point.
+ */
+declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
+    static readonly version = "0.0.1";
+    readonly deviceId: DeviceId;
+    readonly deviceType: DeviceType;
+    private mediator;
+    private readonly publicKey;
+    private readonly privateKey;
+    readonly ready: Promise<unknown>;
+    /**
+     * Constructs a new instance of TwoFaLib. If a serverUrl is provided, the library will use it for its sync operations.
+     * @param deviceType - A unique identifier for this device type (e.g. 2fa-cli).
+     * @param cryptoLib - An instance of CryptoLib that is compatible with the environment.
+     * @param passphraseExtraDict - Additional words to be used for passphrase strength evaluation.
+     * @param privateKey - The private key used for cryptographic operations.
+     * @param symmetricKey - The symmetric key used for cryptographic operations.
+     * @param encryptedPrivateKey - The encrypted private key
+     * @param encryptedSymmetricKey - The encrypted symmetric key
+     * @param salt - The salt used for key derivation.
+     * @param publicKey - The public key of the device.
+     * @param deviceId - A unique identifier for this device.
+     * @param vault - The vault data (entries)
+     * @param syncState - The state of the sync, includes the serverUrl
+     * @returns A promise that resolves when initialization is complete.
+     * @throws {InitializationError} If some parameter has an invalid value
+     * @throws {AuthenticationError} If the provided passphrase is incorrect.
+     */
+    constructor(deviceType: DeviceType, cryptoLib: CryptoLib, passphraseExtraDict: PassphraseExtraDict, privateKey: PrivateKey, symmetricKey: SymmetricKey, encryptedPrivateKey: EncryptedPrivateKey, encryptedSymmetricKey: EncryptedSymmetricKey, salt: Salt, publicKey: PublicKey, deviceId: DeviceId, vault?: Vault, syncState?: VaultSyncState);
+    /**
+     * Gives access to vault operations.
+     * @returns The vault manager instance which can be used to perform operations on the vault.
+     */
+    get vault(): VaultOperationsManager;
+    /**
+     * Gives access to export/import operations.
+     * @returns The export/import manager instance which can be used to export and import vaults.
+     */
+    get exportImport(): ExportImportManager;
+    /**
+     * Gives access to sync operations.
+     * @returns The sync manager instance which can be used to sync the vault with a server or null if none was initialized.
+     */
+    get sync(): SyncManager | null;
+    /**
+     * @returns The persistent storage manager instance which can be used to store data.
+     */
+    private get persistentStorage();
+    /**
+     * Forces a save of the persistent storage.
+     */
+    forceSave(): Promise<void>;
+    /**
+     * Changes the library's passphrase.
+     * @param oldPassphrase - The current passphrase.
+     * @param newPassphrase - The new passphrase to set.
+     * @returns A promise that resolves when the passphrase change is complete.
+     * @throws {AuthenticationError} If the provided old passphrase is incorrect.
+     */
+    changePassphrase(oldPassphrase: Passphrase, newPassphrase: Passphrase): Promise<void>;
+    /**
+     * Sets a server url, this will allow syncing with the server.
+     * @param serverUrl - The server url.
+     */
+    setSyncServerUrl(serverUrl: string): Promise<void>;
+    /**
+     * Sets the sync state, this will initiate the sync manager instance.
+     * @param syncState - The state of the sync.
+     */
+    private setSyncState;
+    /**
+     * Dispatches a library event.
+     * @param eventType - The type of the event to dispatch, uses the TwoFaLibEvent enum.
+     * @param data - Optional data to include with the event.
+     */
+    private dispatchLibEvent;
+    /**
+     * Log a message
+     * @param severity - The severity of the message, either 'info' or 'warning'.
+     * @param message - The message to log.
+     */
+    private log;
+}
+export default TwoFaLib;

package/build/TwoFaLib.mjs

@@ -0,0 +1,180 @@
+import { TypedEventTarget } from 'typescript-event-target';
+import TwoFaLibMediator from './TwoFaLibMediator.mjs';
+import { TwoFaLibEvent } from './TwoFaLibEvent.mjs';
+import { InitializationError } from './TwoFALibError.mjs';
+import SyncManager from './subclasses/SyncManager.mjs';
+import LibraryLoader from './subclasses/LibraryLoader.mjs';
+import ExportImportManager from './subclasses/ExportImportManager.mjs';
+import PersistentStorageManager from './subclasses/PersistentStorageManager.mjs';
+import VaultDataManager from './subclasses/VaultDataManager.mjs';
+import VaultOperationsManager from './subclasses/VaultOperationsManager.mjs';
+import CommandManager from './subclasses/CommandManager.mjs';
+/**
+ * The Two-Factor Library, this is the main entry point.
+ */
+class TwoFaLib extends TypedEventTarget {
+    // TOOD: load this from package.json
+    static { this.version = '0.0.1'; }
+    /**
+     * Constructs a new instance of TwoFaLib. If a serverUrl is provided, the library will use it for its sync operations.
+     * @param deviceType - A unique identifier for this device type (e.g. 2fa-cli).
+     * @param cryptoLib - An instance of CryptoLib that is compatible with the environment.
+     * @param passphraseExtraDict - Additional words to be used for passphrase strength evaluation.
+     * @param privateKey - The private key used for cryptographic operations.
+     * @param symmetricKey - The symmetric key used for cryptographic operations.
+     * @param encryptedPrivateKey - The encrypted private key
+     * @param encryptedSymmetricKey - The encrypted symmetric key
+     * @param salt - The salt used for key derivation.
+     * @param publicKey - The public key of the device.
+     * @param deviceId - A unique identifier for this device.
+     * @param vault - The vault data (entries)
+     * @param syncState - The state of the sync, includes the serverUrl
+     * @returns A promise that resolves when initialization is complete.
+     * @throws {InitializationError} If some parameter has an invalid value
+     * @throws {AuthenticationError} If the provided passphrase is incorrect.
+     */
+    constructor(deviceType, cryptoLib, passphraseExtraDict, privateKey, symmetricKey, encryptedPrivateKey, encryptedSymmetricKey, salt, publicKey, deviceId, vault, syncState) {
+        super();
+        if (!deviceType) {
+            throw new InitializationError('Device type is required');
+        }
+        if (!deviceId) {
+            throw new InitializationError('Device id is required');
+        }
+        if (deviceType.length > 256) {
+            throw new InitializationError('Device type is too long, max 256 characters');
+        }
+        if (passphraseExtraDict?.length === 0) {
+            throw new InitializationError('Passphrase extra dictionary is required and must contain at least one element (eg phone)');
+        }
+        this.deviceType = deviceType;
+        this.deviceId = deviceId;
+        this.publicKey = publicKey;
+        this.privateKey = privateKey;
+        this.mediator = new TwoFaLibMediator();
+        this.mediator.registerComponents([
+            ['libraryLoader', new LibraryLoader(cryptoLib)],
+            [
+                'persistentStorageManager',
+                new PersistentStorageManager(this.mediator, passphraseExtraDict, deviceId, privateKey, symmetricKey, encryptedPrivateKey, encryptedSymmetricKey, salt),
+            ],
+            ['vaultDataManager', new VaultDataManager(this.mediator)],
+            ['commandManager', new CommandManager(this.mediator)],
+            ['vaultOperationsManager', new VaultOperationsManager(this.mediator)],
+            [
+                'exportImportManager',
+                new ExportImportManager(this.mediator, passphraseExtraDict),
+            ],
+            ['dispatchLibEvent', this.dispatchLibEvent.bind(this)],
+            ['log', this.log.bind(this)],
+        ]);
+        if (vault) {
+            this.mediator.getComponent('vaultDataManager').replaceVault(vault);
+        }
+        if (syncState?.serverUrl) {
+            this.setSyncState(syncState);
+        }
+        else {
+            // If no syncmanager we're ready now, otherwise the syncmanager is responsible for emitting the ready event
+            // We do this with a delay of 1, so that there is time to add event listeners
+            setTimeout(() => this.dispatchLibEvent(TwoFaLibEvent.Ready), 1);
+        }
+        // populate the ready property
+        let setReady;
+        this.ready = new Promise((resolve) => {
+            setReady = resolve;
+        });
+        const handleReadyEvent = () => {
+            setReady();
+            this.removeEventListener(TwoFaLibEvent.Ready, handleReadyEvent);
+        };
+        this.addEventListener(TwoFaLibEvent.Ready, handleReadyEvent);
+    }
+    /**
+     * Gives access to vault operations.
+     * @returns The vault manager instance which can be used to perform operations on the vault.
+     */
+    get vault() {
+        return this.mediator.getComponent('vaultOperationsManager');
+    }
+    /**
+     * Gives access to export/import operations.
+     * @returns The export/import manager instance which can be used to export and import vaults.
+     */
+    get exportImport() {
+        return this.mediator.getComponent('exportImportManager');
+    }
+    /**
+     * Gives access to sync operations.
+     * @returns The sync manager instance which can be used to sync the vault with a server or null if none was initialized.
+     */
+    get sync() {
+        if (!this.mediator.componentIsInitialised('syncManager')) {
+            return null;
+        }
+        return this.mediator.getComponent('syncManager');
+    }
+    /**
+     * @returns The persistent storage manager instance which can be used to store data.
+     */
+    get persistentStorage() {
+        return this.mediator.getComponent('persistentStorageManager');
+    }
+    /**
+     * Forces a save of the persistent storage.
+     */
+    async forceSave() {
+        await this.persistentStorage.save();
+    }
+    /**
+     * Changes the library's passphrase.
+     * @param oldPassphrase - The current passphrase.
+     * @param newPassphrase - The new passphrase to set.
+     * @returns A promise that resolves when the passphrase change is complete.
+     * @throws {AuthenticationError} If the provided old passphrase is incorrect.
+     */
+    async changePassphrase(oldPassphrase, newPassphrase) {
+        return this.persistentStorage.changePassphrase(oldPassphrase, newPassphrase);
+    }
+    /**
+     * Sets a server url, this will allow syncing with the server.
+     * @param serverUrl - The server url.
+     */
+    async setSyncServerUrl(serverUrl) {
+        if (this.sync) {
+            this.sync.closeServerConnection();
+            this.mediator.unRegisterComponent('syncManager');
+        }
+        const newSyncState = {
+            serverUrl,
+            devices: [],
+            commandSendQueue: [],
+        };
+        this.setSyncState(newSyncState);
+        await this.forceSave();
+    }
+    /**
+     * Sets the sync state, this will initiate the sync manager instance.
+     * @param syncState - The state of the sync.
+     */
+    setSyncState(syncState) {
+        this.mediator.registerComponent('syncManager', new SyncManager(this.mediator, this.deviceType, this.publicKey, this.privateKey, syncState, this.deviceId));
+    }
+    /**
+     * Dispatches a library event.
+     * @param eventType - The type of the event to dispatch, uses the TwoFaLibEvent enum.
+     * @param data - Optional data to include with the event.
+     */
+    dispatchLibEvent(eventType, data) {
+        this.dispatchTypedEvent(eventType, new CustomEvent(eventType, { detail: data }));
+    }
+    /**
+     * Log a message
+     * @param severity - The severity of the message, either 'info' or 'warning'.
+     * @param message - The message to log.
+     */
+    log(severity, message) {
+        this.dispatchLibEvent(TwoFaLibEvent.Log, { severity, message });
+    }
+}
+export default TwoFaLib;

package/build/TwoFaLibEvent.d.mts

@@ -0,0 +1,8 @@
+export declare enum TwoFaLibEvent {
+    Changed = "changed",
+    LoadedFromLockedRepresentation = "loadedFromLockedRepresentation",
+    ConnectToExistingVaultFinished = "connectToExistingVaultFinished",
+    ConnectionToSyncServerStatusChanged = "connectionToSyncServerStatusChanged",
+    Log = "log",
+    Ready = "ready"
+}

package/build/TwoFaLibEvent.mjs

@@ -0,0 +1,9 @@
+export var TwoFaLibEvent;
+(function (TwoFaLibEvent) {
+    TwoFaLibEvent["Changed"] = "changed";
+    TwoFaLibEvent["LoadedFromLockedRepresentation"] = "loadedFromLockedRepresentation";
+    TwoFaLibEvent["ConnectToExistingVaultFinished"] = "connectToExistingVaultFinished";
+    TwoFaLibEvent["ConnectionToSyncServerStatusChanged"] = "connectionToSyncServerStatusChanged";
+    TwoFaLibEvent["Log"] = "log";
+    TwoFaLibEvent["Ready"] = "ready";
+})(TwoFaLibEvent || (TwoFaLibEvent = {}));

package/build/TwoFaLibMediator.d.mts

@@ -0,0 +1,37 @@
+/**
+ * Mediator class for managing and accessing various components of the TwoFaLib.
+ */
+declare class TwoFaLibMediator {
+    private components;
+    /**
+     * Unregister a component with the mediator. Is used in testing
+     * @param key - The key representing the component type.
+     */
+    unRegisterComponent<T extends keyof typeof this.components>(key: T): void;
+    /**
+     * Registers a single component with the mediator.
+     * @param key - The key representing the component type.
+     * @param component - The component instance to register.
+     * @throws {InitializationError} If the component is already registered.
+     */
+    registerComponent<T extends keyof typeof this.components>(key: T, component: NonNullable<(typeof this.components)[T]>): void;
+    /**
+     * Registers multiple components with the mediator.
+     * @param componentsArray - An array of key-component pairs to register.
+     */
+    registerComponents<T extends keyof typeof this.components>(componentsArray: [T, NonNullable<(typeof this.components)[T]>][]): void;
+    /**
+     * Retrieves a component by its key.
+     * @param key - The key representing the component type.
+     * @returns The component instance.
+     * @throws {InitializationError} If the component is not initialized.
+     */
+    getComponent<T extends keyof typeof this.components>(key: T): NonNullable<(typeof this.components)[T]>;
+    /**
+     * Checks if a component is initialized.
+     * @param key - The key representing the component type.
+     * @returns True if the component is initialized, false otherwise.
+     */
+    componentIsInitialised<T extends keyof typeof this.components>(key: T): boolean;
+}
+export default TwoFaLibMediator;

package/build/TwoFaLibMediator.mjs

@@ -0,0 +1,58 @@
+import { InitializationError } from './TwoFALibError.mjs';
+/**
+ * Mediator class for managing and accessing various components of the TwoFaLib.
+ */
+class TwoFaLibMediator {
+    constructor() {
+        this.components = {};
+    }
+    /**
+     * Unregister a component with the mediator. Is used in testing
+     * @param key - The key representing the component type.
+     */
+    unRegisterComponent(key) {
+        this.components[key] = undefined;
+    }
+    /**
+     * Registers a single component with the mediator.
+     * @param key - The key representing the component type.
+     * @param component - The component instance to register.
+     * @throws {InitializationError} If the component is already registered.
+     */
+    registerComponent(key, component) {
+        if (this.components[key]) {
+            throw new InitializationError(`Component ${key} already registered`);
+        }
+        this.components[key] = component;
+    }
+    /**
+     * Registers multiple components with the mediator.
+     * @param componentsArray - An array of key-component pairs to register.
+     */
+    registerComponents(componentsArray) {
+        for (const [key, component] of componentsArray) {
+            this.registerComponent(key, component);
+        }
+    }
+    /**
+     * Retrieves a component by its key.
+     * @param key - The key representing the component type.
+     * @returns The component instance.
+     * @throws {InitializationError} If the component is not initialized.
+     */
+    getComponent(key) {
+        if (!this.components[key]) {
+            throw new InitializationError(`${key} is not initialized`);
+        }
+        return this.components[key];
+    }
+    /**
+     * Checks if a component is initialized.
+     * @param key - The key representing the component type.
+     * @returns True if the component is initialized, false otherwise.
+     */
+    componentIsInitialised(key) {
+        return Boolean(this.components[key]);
+    }
+}
+export default TwoFaLibMediator;

package/build/interfaces/CommandTypes.d.mts

@@ -0,0 +1,20 @@
+import type { AddEntryData } from '../Command/commands/AddEntryCommand.mjs';
+import type { DeleteEntryData } from '../Command/commands/DeleteEntryCommand.mjs';
+import type { UpdateEntryData } from '../Command/commands/UpdateEntryCommand.mjs';
+import type { AddSyncDeviceData } from '../Command/commands/AddSyncDeviceCommand.mjs';
+export type SyncCommand = ({
+    type: 'AddEntry';
+    data: AddEntryData;
+} | {
+    type: 'DeleteEntry';
+    data: DeleteEntryData;
+} | {
+    type: 'UpdateEntry';
+    data: UpdateEntryData;
+} | {
+    type: 'AddSyncDevice';
+    data: AddSyncDeviceData;
+}) & {
+    id: string;
+};
+export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData;

package/build/interfaces/CommandTypes.mjs

@@ -0,0 +1 @@
+export {};

package/build/interfaces/CryptoLib.d.mts

@@ -0,0 +1,113 @@
+import type { Tagged } from 'type-fest';
+export type Encrypted<T extends string> = Tagged<T, 'Encrypted'>;
+/** Represents a passphrase  */
+export type Passphrase = Tagged<string, 'Passphrase'>;
+/** Represents a passphraseHash  */
+export type PassphraseHash = Tagged<string, 'PassphraseHash'>;
+/** Represents a salt (base64 encoded) */
+export type Salt = Tagged<string, 'Salt'>;
+/** Represents a private key */
+export type PrivateKey = Tagged<string, 'PrivateKey'>;
+/** Represents a public key */
+export type PublicKey = Tagged<string, 'PublicKey'>;
+/** Represents an symmetric key */
+export type SymmetricKey = Tagged<string, 'SymmetricKey'>;
+/** Represents a sync (symmetric) key (base64 encoded) */
+export type SyncKey = Tagged<SymmetricKey, 'SyncKey'>;
+/** Represents an encrypted private key (base64 encoded) */
+export type EncryptedPrivateKey = Encrypted<PrivateKey>;
+/** Represents an encrypted symmetric key (base64 encoded) */
+export type EncryptedSymmetricKey = Encrypted<SymmetricKey>;
+/** Represents an encrypted public key (base64 encoded) */
+export type EncryptedPublicKey = Encrypted<PublicKey>;
+/**
+ * Interface for cryptographic operations.
+ * The implementation in CryptoProviders/node is the reference implementation
+ */
+interface CryptoLib {
+    /**
+     * Get a number of cryptographically securely generated random bytes
+     * @param count - The amount of bytes to generate
+     * @returns A promise that resolves to the generated random bytes
+     */
+    getRandomBytes: (count: number) => Promise<Uint8Array>;
+    /**
+     * Creates the keys required for further operations.
+     * It first creates a public/private key pair, with the private key being encrypted using the passphrase.
+     * It then generates a symmetricKey. It will then encrypt this symmetricKey using the generated public key.
+     * @param passphrase - The passphrase to encrypt the private key with
+     * @returns A promise that resolves to an object containing the encrypted private key, encrypted symmetric key and public key
+     */
+    createKeys: (passphrase: Passphrase) => Promise<{
+        privateKey: PrivateKey;
+        symmetricKey: SymmetricKey;
+        encryptedPrivateKey: EncryptedPrivateKey;
+        encryptedSymmetricKey: EncryptedSymmetricKey;
+        publicKey: PublicKey;
+        salt: Salt;
+    }>;
+    /**
+     * Decrypts the keys required for further operations
+     * @param encryptedPrivateKey - The encrypted private key
+     * @param encryptedSymmetricKey - The encrypted symmetric key
+     * @param passphrase - The passphrase to decrypt the private key with
+     * @returns A promise that resolves to an object containing the decrypted private, symmetric and public key
+     */
+    decryptKeys: (encryptedPrivateKey: EncryptedPrivateKey, encryptedSymmetricKey: EncryptedSymmetricKey, salt: Salt, passphrase: Passphrase) => Promise<{
+        privateKey: PrivateKey;
+        symmetricKey: SymmetricKey;
+        publicKey: PublicKey;
+    }>;
+    /**
+     * Encrypts the keys required for further operation
+     * @param privateKey - The private key to encrypt
+     * @param symmetricKey - The symmetric key to encrypt
+     * @param passphrase - The passphrase to encrypt the private key with
+     * @returns A promise that resolves to an object containing the encrypted private and symmetricKey key
+     */
+    encryptKeys: (privateKey: PrivateKey, symmetricKey: SymmetricKey, salt: Salt, passphrase: Passphrase) => Promise<{
+        encryptedPrivateKey: EncryptedPrivateKey;
+        encryptedSymmetricKey: EncryptedSymmetricKey;
+    }>;
+    /**
+     * Encrypts a plain text message using a public key
+     * @param publicKey - The public key to use for encryption
+     * @param plainText - The text to encrypt
+     * @returns A promise that resolves to the encrypted text (base64 encoded)
+     */
+    encrypt: <T extends string>(publicKey: PublicKey, plainText: T) => Promise<Encrypted<T>>;
+    /**
+     * Decrypts an encrypted message using a private key
+     * @param privateKey - The (unencrypted!) private key to use for decryption
+     * @param encryptedText - The text to decrypt
+     * @returns A promise that resolves to the decrypted text
+     */
+    decrypt: <T extends string>(privateKey: PrivateKey, encryptedText: Encrypted<T>) => Promise<T>;
+    /**
+     * Decrypts an encrypted message using a symmetric key
+     * @param symmetricKey - The symmetric key to use for decryption
+     * @param encryptedText - The text to decrypt
+     * @returns A promise that resolves to the decrypted text
+     */
+    decryptSymmetric: <T extends string>(symmetricKey: SymmetricKey, encryptedText: Encrypted<T>) => Promise<T>;
+    /**
+     * Encrypts a plain text message using a symmetric key
+     * @param symmetricKey - The symmetric key to use for encryption
+     * @param plainText - The text to encrypt
+     * @returns A promise that resolves to the encrypted text (base64 encoded)
+     */
+    encryptSymmetric: <T extends string>(symmetricKey: SymmetricKey, plainText: T) => Promise<Encrypted<T>>;
+    /**
+     * Creates a random symmetric key
+     * @returns A promise that resolves to the newly created symmetric key
+     */
+    createSymmetricKey: () => Promise<SymmetricKey>;
+    /**
+     * Creates a sync key from a shared key (that was created from a JPAKE exchange)
+     * @param sharedKey - The shared key to derive from
+     * @param salt - A salt to derive the key with
+     * @returns A promise that resolves to the derived key
+     */
+    createSyncKey: (sharedKey: Uint8Array, salt: Salt) => Promise<SyncKey>;
+}
+export default CryptoLib;

package/build/interfaces/CryptoLib.mjs

@@ -0,0 +1 @@
+export {};

package/build/interfaces/Entry.d.mts

@@ -0,0 +1,33 @@
+import type { LiteralUnion } from 'type-fest';
+import type { Tagged } from 'type-fest';
+export type EntryId = Tagged<string, 'TotpId'>;
+export type EntryType = LiteralUnion<'TOTP', string>;
+export interface EntryMeta {
+    id: EntryId;
+    name: string;
+    issuer: string;
+    type: EntryType;
+    addedAt: number;
+    updatedAt: number | null;
+}
+export interface TotpPayload {
+    secret: string;
+    period: LiteralUnion<30 | 60, number>;
+    algorithm: LiteralUnion<'SHA-1' | 'SHA-256' | 'SHA-512', string>;
+    digits: LiteralUnion<6 | 8, number>;
+}
+interface TotpEntry extends EntryMeta {
+    type: 'TOTP';
+    payload: TotpPayload;
+}
+type Entry = TotpEntry;
+export type NewEntry = Omit<Entry, 'id' | 'addedAt' | 'updatedAt'>;
+export default Entry;
+export interface Token {
+    validFrom: number;
+    validTill: number;
+    otp: string;
+}
+export type EntryMetaWithToken = EntryMeta & {
+    token: Token;
+};

package/build/interfaces/Entry.mjs

@@ -0,0 +1 @@
+export {};

package/build/interfaces/Events.d.mts

@@ -0,0 +1,22 @@
+import type { EmptyObject } from 'type-fest';
+import type { TwoFaLibEvent } from '../TwoFaLibEvent.mjs';
+import type { LockedRepresentationString } from './Vault.mjs';
+export interface ChangedEvent {
+    newLockedRepresentationString: LockedRepresentationString;
+}
+export interface TwoFaLibEventMap {
+    [TwoFaLibEvent.Changed]: ChangedEvent;
+    [TwoFaLibEvent.LoadedFromLockedRepresentation]: EmptyObject;
+    [TwoFaLibEvent.ConnectToExistingVaultFinished]: EmptyObject;
+    [TwoFaLibEvent.ConnectionToSyncServerStatusChanged]: {
+        connected: boolean;
+    };
+    [TwoFaLibEvent.Log]: {
+        severity: 'info' | 'warning';
+        message: string;
+    };
+    [TwoFaLibEvent.Ready]: EmptyObject;
+}
+export type TwoFaLibEventMapEvents = {
+    [K in keyof TwoFaLibEventMap]: CustomEvent<TwoFaLibEventMap[K]>;
+};

package/build/interfaces/Events.mjs

@@ -0,0 +1 @@
+export {};

package/build/interfaces/PassphraseExtraDict.d.ts

@@ -0,0 +1,2 @@
+import type { NonEmptyTuple } from 'type-fest';
+export type PassphraseExtraDict = NonEmptyTuple<string>;

package/build/interfaces/PassphraseExtraDict.js

@@ -0,0 +1 @@
+export {};

package/build/interfaces/SyncTypes.d.mts

@@ -0,0 +1,45 @@
+import type { Tagged } from 'type-fest';
+import type { JPakeThreePass, Round1Result } from 'jpake-ts';
+import { PublicKey, SyncKey } from './CryptoLib.mjs';
+export type DeviceId = Tagged<string, 'DeviceId'>;
+export type DeviceType = Tagged<string, 'DeviceType'>;
+export interface SyncDevice {
+    deviceId: DeviceId;
+    deviceType: DeviceType;
+    publicKey: PublicKey;
+}
+export interface BaseAddDeviceFlow {
+    jpak: JPakeThreePass;
+    addDevicePassword: Uint8Array;
+    timestamp: number;
+}
+export interface AddDeviceFlowInitiator_Initiated extends BaseAddDeviceFlow {
+    state: 'initiator:initiated';
+    resolveContinuePromise: (value: unknown) => void;
+    initiatorDeviceId: DeviceId;
+    timeout: NodeJS.Timeout;
+}
+export interface AddDeviceFlowInitiator_SyncKeyCreated extends Omit<AddDeviceFlowInitiator_Initiated, 'state' | 'resolveContinuePromise'> {
+    state: 'initiator:syncKeyCreated';
+    responderDeviceId: DeviceId;
+    responderDeviceType: DeviceType;
+    syncKey: SyncKey;
+}
+export interface AddDeviceFlowResponder_Initiated extends BaseAddDeviceFlow {
+    state: 'responder:initated';
+    initiatorDeviceId: DeviceId;
+    responderDeviceId: DeviceId;
+    initiatorDeviceType: DeviceType;
+}
+export interface AddDeviceFlowResponder_SyncKeyCreated extends Omit<AddDeviceFlowResponder_Initiated, 'state'> {
+    state: 'responder:syncKeyCreated';
+    syncKey: SyncKey;
+}
+export type ActiveAddDeviceFlow = AddDeviceFlowInitiator_Initiated | AddDeviceFlowInitiator_SyncKeyCreated | AddDeviceFlowResponder_Initiated | AddDeviceFlowResponder_SyncKeyCreated;
+export interface InitiateAddDeviceFlowResult {
+    addDevicePassword: string;
+    initiatorDeviceId: DeviceId;
+    initiatorDeviceType: DeviceType;
+    timestamp: number;
+    pass1Result: Record<keyof Round1Result, string>;
+}

package/build/interfaces/SyncTypes.mjs

@@ -0,0 +1 @@
+export {};