hd-wallet-wasm 0.2.0 → 0.2.8

package/README.md

@@ -7,9 +7,10 @@ A comprehensive HD (Hierarchical Deterministic) wallet implementation compiled t
 - **BIP-32/39/44/49/84** - Complete HD wallet derivation standards
 - **Multi-curve support** - secp256k1, Ed25519, P-256, P-384, X25519
 - **Multi-chain** - Bitcoin, Ethereum, Solana, Cosmos, Polkadot
+- **AES-256-GCM** - Authenticated encryption via WASM (Crypto++/OpenSSL)
 - **Hardware wallet ready** - Trezor, Ledger, KeepKey abstraction layer
 - **Secure** - Crypto++ backend, secure memory handling
-- **Fast** - WebAssembly performance
+- **Fast** - WebAssembly performance, synchronous cryptographic operations
 - **TypeScript** - Full type definitions included
 
 ## Installation
@@ -224,6 +225,40 @@ const pbkdf2 = wallet.utils.pbkdf2(password, salt, 100000, 32);
 wallet.utils.secureWipe(sensitiveData);
 ```
 
+### AES-GCM Encryption
+
+```javascript
+// Generate key and IV
+const key = wallet.utils.generateAesKey(256); // 32 bytes for AES-256
+const iv = wallet.utils.generateIv(); // 12 bytes
+
+// Encrypt
+const plaintext = new TextEncoder().encode('Secret data');
+const { ciphertext, tag } = wallet.utils.aesGcm.encrypt(key, plaintext, iv);
+
+// Decrypt
+const decrypted = wallet.utils.aesGcm.decrypt(key, ciphertext, tag, iv);
+
+// With additional authenticated data (AAD)
+const aad = new TextEncoder().encode('context');
+const enc = wallet.utils.aesGcm.encrypt(key, plaintext, iv, aad);
+const dec = wallet.utils.aesGcm.decrypt(key, enc.ciphertext, enc.tag, iv, aad);
+```
+
+### Random Number Generation
+
+```javascript
+// Generate cryptographically secure random bytes
+const randomBytes = wallet.utils.getRandomBytes(32);
+
+// Generate random IV for AES-GCM (12 bytes)
+const iv = wallet.utils.generateIv();
+
+// Generate random AES key (128, 192, or 256 bits)
+const aes128Key = wallet.utils.generateAesKey(128);
+const aes256Key = wallet.utils.generateAesKey(256);
+```
+
 ## Coin Types (SLIP-44)
 
 ```javascript

package/dist/index.d.ts

@@ -24,6 +24,14 @@ export interface HDWalletModule {
   getSupportedCoins(): string[];
   getSupportedCurves(): string[];
 
+  // OpenSSL FIPS support (when built with HD_WALLET_USE_OPENSSL)
+  /** Initialize OpenSSL in FIPS mode. Returns true if FIPS mode activated, false if using fallback. */
+  initFips(): boolean;
+  /** Check if OpenSSL backend is being used for FIPS algorithms */
+  isOpenSSL(): boolean;
+  /** Check if running in FIPS mode (OpenSSL FIPS provider active) */
+  isOpenSSLFips(): boolean;
+
   // WASI bridge
   wasiHasFeature(feature: WasiFeature): boolean;
   wasiGetWarning(feature: WasiFeature): WasiWarning;
@@ -579,28 +587,21 @@ export interface UtilsAPI {
   blake2b(data: Uint8Array, outputLength?: number): Uint8Array;
   blake2s(data: Uint8Array, outputLength?: number): Uint8Array;
 
-  // Key derivation (sync - Crypto++)
+  // Key derivation
   hkdf(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Uint8Array;
   pbkdf2(password: Uint8Array, salt: Uint8Array, iterations: number, length: number): Uint8Array;
   scrypt(password: Uint8Array, salt: Uint8Array, n: number, r: number, p: number, length: number): Uint8Array;
 
-  // Key derivation (async - WebCrypto, hardware accelerated)
-  hkdfSha256Async(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Promise<Uint8Array>;
-  hkdfSha384Async(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Promise<Uint8Array>;
-
-  // AES-GCM encryption/decryption (async - WebCrypto, hardware accelerated)
+  // AES-GCM encryption/decryption (WASM/OpenSSL)
   aesGcm: {
-    encrypt(key: Uint8Array, plaintext: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Promise<{ ciphertext: Uint8Array; tag: Uint8Array }>;
-    decrypt(key: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Promise<Uint8Array>;
-    generateIv(): Uint8Array;
-    generateKey(bits?: number): Uint8Array;
+    encrypt(key: Uint8Array, plaintext: Uint8Array, iv: Uint8Array, aad?: Uint8Array): { ciphertext: Uint8Array; tag: Uint8Array };
+    decrypt(key: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Uint8Array;
   };
 
-  // WebCrypto availability
-  isWebCryptoAvailable(): boolean;
-
   // Random number generation
   getRandomBytes(length: number): Uint8Array;
+  generateIv(): Uint8Array;
+  generateAesKey(bits?: number): Uint8Array;
 
   // Encoding
   encodeBase58(data: Uint8Array): string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hd-wallet-wasm",
-  "version": "0.2.0",
+  "version": "0.2.8",
   "description": "Comprehensive HD Wallet implementation in WebAssembly - BIP-32/39/44, multi-curve, multi-chain support",
   "type": "module",
   "main": "src/index.mjs",
@@ -25,7 +25,6 @@
   "files": [
     "src/index.mjs",
     "src/index.d.ts",
-    "src/webcrypto.mjs",
     "src/aligned.mjs",
     "src/aligned.d.ts",
     "src/generated/",
@@ -43,7 +42,7 @@
     "test:bip32": "node test/test_bip32.mjs",
     "test:vectors": "node test/test_vectors.mjs",
     "test:aligned": "node test/test_aligned.mjs",
-    "prepublishOnly": "npm run build && npm test"
+    "prepublishOnly": "echo 'Build handled by CI'"
   },
   "repository": {
     "type": "git",

package/src/index.d.ts

@@ -24,6 +24,14 @@ export interface HDWalletModule {
   getSupportedCoins(): string[];
   getSupportedCurves(): string[];
 
+  // OpenSSL FIPS support (when built with HD_WALLET_USE_OPENSSL)
+  /** Initialize OpenSSL in FIPS mode. Returns true if FIPS mode activated, false if using fallback. */
+  initFips(): boolean;
+  /** Check if OpenSSL backend is being used for FIPS algorithms */
+  isOpenSSL(): boolean;
+  /** Check if running in FIPS mode (OpenSSL FIPS provider active) */
+  isOpenSSLFips(): boolean;
+
   // WASI bridge
   wasiHasFeature(feature: WasiFeature): boolean;
   wasiGetWarning(feature: WasiFeature): WasiWarning;
@@ -579,28 +587,21 @@ export interface UtilsAPI {
   blake2b(data: Uint8Array, outputLength?: number): Uint8Array;
   blake2s(data: Uint8Array, outputLength?: number): Uint8Array;
 
-  // Key derivation (sync - Crypto++)
+  // Key derivation
   hkdf(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Uint8Array;
   pbkdf2(password: Uint8Array, salt: Uint8Array, iterations: number, length: number): Uint8Array;
   scrypt(password: Uint8Array, salt: Uint8Array, n: number, r: number, p: number, length: number): Uint8Array;
 
-  // Key derivation (async - WebCrypto, hardware accelerated)
-  hkdfSha256Async(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Promise<Uint8Array>;
-  hkdfSha384Async(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Promise<Uint8Array>;
-
-  // AES-GCM encryption/decryption (async - WebCrypto, hardware accelerated)
+  // AES-GCM encryption/decryption (WASM/OpenSSL)
   aesGcm: {
-    encrypt(key: Uint8Array, plaintext: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Promise<{ ciphertext: Uint8Array; tag: Uint8Array }>;
-    decrypt(key: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Promise<Uint8Array>;
-    generateIv(): Uint8Array;
-    generateKey(bits?: number): Uint8Array;
+    encrypt(key: Uint8Array, plaintext: Uint8Array, iv: Uint8Array, aad?: Uint8Array): { ciphertext: Uint8Array; tag: Uint8Array };
+    decrypt(key: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, iv: Uint8Array, aad?: Uint8Array): Uint8Array;
   };
 
-  // WebCrypto availability
-  isWebCryptoAvailable(): boolean;
-
   // Random number generation
   getRandomBytes(length: number): Uint8Array;
+  generateIv(): Uint8Array;
+  generateAesKey(bits?: number): Uint8Array;
 
   // Encoding
   encodeBase58(data: Uint8Array): string;

package/src/index.mjs

@@ -9,15 +9,12 @@
  * - Transaction building and signing
  *
  * @module hd-wallet-wasm
- * @version 0.1.0
+ * @version 0.2.0
  */
 
 // Import aligned API for batch operations
 import { AlignedAPI } from './aligned.mjs';
 
-// Import WebCrypto bridge for hardware-accelerated async operations
-import * as WebCrypto from './webcrypto.mjs';
-
 // =============================================================================
 // Enums (matching TypeScript definitions)
 // =============================================================================
@@ -2241,45 +2238,125 @@ function createModule(wasm) {
       }
     },
 
-    // Key derivation (async - uses WebCrypto for hardware acceleration)
-    hkdfSha256Async: WebCrypto.hkdfSha256,
-    hkdfSha384Async: WebCrypto.hkdfSha384,
-
-    // AES-GCM encryption/decryption (async - uses WebCrypto)
+    // AES-GCM encryption/decryption (uses WASM/Crypto++ or OpenSSL)
     aesGcm: {
       /**
-       * Encrypt data with AES-GCM (WebCrypto)
-       * @param {Uint8Array} key - AES key (16, 24, or 32 bytes)
+       * Encrypt data with AES-GCM (synchronous WASM)
+       * @param {Uint8Array} key - AES-256 key (32 bytes)
        * @param {Uint8Array} plaintext - Data to encrypt
-       * @param {Uint8Array} iv - Initialization vector (12 bytes recommended)
+       * @param {Uint8Array} iv - Initialization vector (12 bytes)
        * @param {Uint8Array} [aad] - Additional authenticated data
-       * @returns {Promise<{ciphertext: Uint8Array, tag: Uint8Array}>}
+       * @returns {{ciphertext: Uint8Array, tag: Uint8Array}}
        */
-      encrypt: WebCrypto.aesGcmEncrypt,
+      encrypt(key, plaintext, iv, aad = new Uint8Array(0)) {
+        if (key.length !== 32) throw new HDWalletError(ErrorCode.INVALID_ARGUMENT, 'Key must be 32 bytes');
+        if (iv.length !== 12) throw new HDWalletError(ErrorCode.INVALID_ARGUMENT, 'IV must be 12 bytes');
+
+        const keyPtr = allocAndCopy(wasm, key);
+        const ptPtr = allocAndCopy(wasm, plaintext);
+        const ivPtr = allocAndCopy(wasm, iv);
+        const aadPtr = aad.length > 0 ? allocAndCopy(wasm, aad) : 0;
+        const ctPtr = wasm._hd_alloc(plaintext.length);
+        const tagPtr = wasm._hd_alloc(16);
+
+        try {
+          const result = wasm._hd_aes_gcm_encrypt(
+            keyPtr, key.length,
+            ptPtr, plaintext.length,
+            ivPtr, iv.length,
+            aadPtr, aad.length,
+            ctPtr, tagPtr
+          );
+          if (result < 0) throw new HDWalletError(-result);
+
+          return {
+            ciphertext: readBytes(wasm, ctPtr, plaintext.length),
+            tag: readBytes(wasm, tagPtr, 16)
+          };
+        } finally {
+          wasm._hd_secure_wipe(keyPtr, key.length);
+          wasm._hd_dealloc(keyPtr);
+          wasm._hd_dealloc(ptPtr);
+          wasm._hd_dealloc(ivPtr);
+          if (aadPtr) wasm._hd_dealloc(aadPtr);
+          wasm._hd_dealloc(ctPtr);
+          wasm._hd_dealloc(tagPtr);
+        }
+      },
 
       /**
-       * Decrypt data with AES-GCM (WebCrypto)
-       * @param {Uint8Array} key - AES key
+       * Decrypt data with AES-GCM (synchronous WASM)
+       * @param {Uint8Array} key - AES-256 key (32 bytes)
        * @param {Uint8Array} ciphertext - Encrypted data
        * @param {Uint8Array} tag - Authentication tag (16 bytes)
-       * @param {Uint8Array} iv - Initialization vector
+       * @param {Uint8Array} iv - Initialization vector (12 bytes)
        * @param {Uint8Array} [aad] - Additional authenticated data
-       * @returns {Promise<Uint8Array>} Decrypted plaintext
+       * @returns {Uint8Array} Decrypted plaintext
+       * @throws {HDWalletError} If authentication fails
        */
-      decrypt: WebCrypto.aesGcmDecrypt,
+      decrypt(key, ciphertext, tag, iv, aad = new Uint8Array(0)) {
+        if (key.length !== 32) throw new HDWalletError(ErrorCode.INVALID_ARGUMENT, 'Key must be 32 bytes');
+        if (iv.length !== 12) throw new HDWalletError(ErrorCode.INVALID_ARGUMENT, 'IV must be 12 bytes');
+        if (tag.length !== 16) throw new HDWalletError(ErrorCode.INVALID_ARGUMENT, 'Tag must be 16 bytes');
+
+        const keyPtr = allocAndCopy(wasm, key);
+        const ctPtr = allocAndCopy(wasm, ciphertext);
+        const ivPtr = allocAndCopy(wasm, iv);
+        const tagPtr = allocAndCopy(wasm, tag);
+        const aadPtr = aad.length > 0 ? allocAndCopy(wasm, aad) : 0;
+        const ptPtr = wasm._hd_alloc(ciphertext.length);
 
-      /** Generate a random IV (12 bytes) */
-      generateIv: WebCrypto.generateIv,
+        try {
+          const result = wasm._hd_aes_gcm_decrypt(
+            keyPtr, key.length,
+            ctPtr, ciphertext.length,
+            ivPtr, iv.length,
+            aadPtr, aad.length,
+            tagPtr, ptPtr
+          );
+          if (result < 0) {
+            throw new HDWalletError(
+              result === -2 ? ErrorCode.VERIFICATION_FAILED : -result,
+              result === -2 ? 'AES-GCM authentication failed' : undefined
+            );
+          }
 
-      /** Generate a random AES key (default 256 bits) */
-      generateKey: WebCrypto.generateAesKey
+          return readBytes(wasm, ptPtr, ciphertext.length);
+        } finally {
+          wasm._hd_secure_wipe(keyPtr, key.length);
+          wasm._hd_dealloc(keyPtr);
+          wasm._hd_dealloc(ctPtr);
+          wasm._hd_dealloc(ivPtr);
+          wasm._hd_dealloc(tagPtr);
+          if (aadPtr) wasm._hd_dealloc(aadPtr);
+          wasm._hd_dealloc(ptPtr);
+        }
+      }
     },
 
-    /** Check if WebCrypto is available */
-    isWebCryptoAvailable: WebCrypto.isWebCryptoAvailable,
-
     /** Generate cryptographically secure random bytes */
-    getRandomBytes: WebCrypto.getRandomBytes,
+    getRandomBytes(length) {
+      const bytes = new Uint8Array(length);
+      if (typeof globalThis.crypto !== 'undefined' && globalThis.crypto.getRandomValues) {
+        globalThis.crypto.getRandomValues(bytes);
+      } else {
+        throw new Error('No cryptographic random source available');
+      }
+      return bytes;
+    },
+
+    /** Generate a random IV for AES-GCM (12 bytes) */
+    generateIv() {
+      return this.getRandomBytes(12);
+    },
+
+    /** Generate a random AES key (default 256 bits) */
+    generateAesKey(bits = 256) {
+      if (![128, 192, 256].includes(bits)) {
+        throw new Error('AES key size must be 128, 192, or 256 bits');
+      }
+      return this.getRandomBytes(bits / 8);
+    },
 
     pbkdf2(password, salt, iterations, length) {
       const pwdPtr = allocAndCopy(wasm, password);
@@ -2525,6 +2602,50 @@ function createModule(wasm) {
       return wasm._hd_get_entropy_status();
     },
 
+    // OpenSSL FIPS support
+    /**
+     * Initialize OpenSSL in FIPS mode
+     * @returns {boolean} True if FIPS mode activated, false if using default provider
+     */
+    initFips() {
+      // Check if the function exists (only when built with HD_WALLET_USE_OPENSSL)
+      if (typeof wasm._hd_openssl_init_fips !== 'function') {
+        console.warn('[HD Wallet] OpenSSL not compiled in, skipping FIPS init');
+        return false;
+      }
+      const result = wasm._hd_openssl_init_fips();
+      if (result === 1) {
+        console.log('[HD Wallet] OpenSSL FIPS mode activated');
+        return true;
+      } else if (result === -1) {
+        console.warn('[HD Wallet] FIPS provider not available, using default OpenSSL');
+        wasm._hd_openssl_init_default();
+        return false;
+      } else {
+        console.error('[HD Wallet] Failed to initialize OpenSSL');
+        return false;
+      }
+    },
+
+    /**
+     * Check if OpenSSL backend is being used
+     * @returns {boolean}
+     */
+    isOpenSSL() {
+      return typeof wasm._hd_openssl_init_fips === 'function';
+    },
+
+    /**
+     * Check if running in FIPS mode (OpenSSL FIPS provider active)
+     * @returns {boolean}
+     */
+    isOpenSSLFips() {
+      if (typeof wasm._hd_openssl_is_fips !== 'function') {
+        return false;
+      }
+      return wasm._hd_openssl_is_fips() !== 0;
+    },
+
     // APIs
     mnemonic,
     hdkey,

package/src/webcrypto.mjs

@@ -1,216 +0,0 @@
-/**
- * WebCrypto Bridge - Hardware-accelerated cryptographic operations
- *
- * These functions use the browser's native WebCrypto API for
- * hardware-accelerated, constant-time cryptographic operations.
- *
- * All functions are async because WebCrypto is Promise-based.
- */
-
-/**
- * Check if WebCrypto is available
- * @returns {boolean}
- */
-export function isWebCryptoAvailable() {
-  return typeof globalThis.crypto !== 'undefined' &&
-         typeof globalThis.crypto.subtle !== 'undefined';
-}
-
-/**
- * AES-GCM Encryption using WebCrypto
- * @param {Uint8Array} key - AES key (128, 192, or 256 bits = 16, 24, or 32 bytes)
- * @param {Uint8Array} plaintext - Data to encrypt
- * @param {Uint8Array} iv - Initialization vector (12 bytes recommended for GCM)
- * @param {Uint8Array} [aad] - Additional authenticated data (optional)
- * @returns {Promise<{ciphertext: Uint8Array, tag: Uint8Array}>}
- */
-export async function aesGcmEncrypt(key, plaintext, iv, aad = null) {
-  if (!isWebCryptoAvailable()) {
-    throw new Error('WebCrypto not available');
-  }
-
-  const cryptoKey = await crypto.subtle.importKey(
-    'raw',
-    key,
-    { name: 'AES-GCM' },
-    false,
-    ['encrypt']
-  );
-
-  const algorithmParams = {
-    name: 'AES-GCM',
-    iv: iv,
-    tagLength: 128 // 16 bytes
-  };
-
-  if (aad && aad.length > 0) {
-    algorithmParams.additionalData = aad;
-  }
-
-  const encrypted = await crypto.subtle.encrypt(
-    algorithmParams,
-    cryptoKey,
-    plaintext
-  );
-
-  // WebCrypto returns ciphertext + tag combined
-  const fullResult = new Uint8Array(encrypted);
-  const ciphertext = fullResult.slice(0, fullResult.length - 16);
-  const tag = fullResult.slice(fullResult.length - 16);
-
-  return { ciphertext, tag };
-}
-
-/**
- * AES-GCM Decryption using WebCrypto
- * @param {Uint8Array} key - AES key (128, 192, or 256 bits)
- * @param {Uint8Array} ciphertext - Encrypted data
- * @param {Uint8Array} tag - Authentication tag (16 bytes)
- * @param {Uint8Array} iv - Initialization vector used during encryption
- * @param {Uint8Array} [aad] - Additional authenticated data (must match encryption)
- * @returns {Promise<Uint8Array>} Decrypted plaintext
- * @throws {Error} If decryption fails (invalid tag, wrong key, etc.)
- */
-export async function aesGcmDecrypt(key, ciphertext, tag, iv, aad = null) {
-  if (!isWebCryptoAvailable()) {
-    throw new Error('WebCrypto not available');
-  }
-
-  const cryptoKey = await crypto.subtle.importKey(
-    'raw',
-    key,
-    { name: 'AES-GCM' },
-    false,
-    ['decrypt']
-  );
-
-  // Reconstruct the full ciphertext + tag format WebCrypto expects
-  const encrypted = new Uint8Array(ciphertext.length + tag.length);
-  encrypted.set(ciphertext, 0);
-  encrypted.set(tag, ciphertext.length);
-
-  const algorithmParams = {
-    name: 'AES-GCM',
-    iv: iv,
-    tagLength: 128
-  };
-
-  if (aad && aad.length > 0) {
-    algorithmParams.additionalData = aad;
-  }
-
-  try {
-    const decrypted = await crypto.subtle.decrypt(
-      algorithmParams,
-      cryptoKey,
-      encrypted
-    );
-    return new Uint8Array(decrypted);
-  } catch (err) {
-    throw new Error('AES-GCM decryption failed: authentication tag mismatch or invalid data');
-  }
-}
-
-/**
- * HKDF using WebCrypto (SHA-256)
- * @param {Uint8Array} ikm - Input keying material
- * @param {Uint8Array} salt - Salt value (can be empty Uint8Array)
- * @param {Uint8Array} info - Context/application-specific info (can be empty)
- * @param {number} length - Desired output length in bytes
- * @returns {Promise<Uint8Array>} Derived key material
- */
-export async function hkdfSha256(ikm, salt, info, length) {
-  if (!isWebCryptoAvailable()) {
-    throw new Error('WebCrypto not available');
-  }
-
-  const keyMaterial = await crypto.subtle.importKey(
-    'raw',
-    ikm,
-    { name: 'HKDF' },
-    false,
-    ['deriveBits']
-  );
-
-  const derivedBits = await crypto.subtle.deriveBits(
-    {
-      name: 'HKDF',
-      hash: 'SHA-256',
-      salt: salt.length > 0 ? salt : new Uint8Array(32), // WebCrypto requires non-empty salt
-      info: info
-    },
-    keyMaterial,
-    length * 8
-  );
-
-  return new Uint8Array(derivedBits);
-}
-
-/**
- * HKDF using WebCrypto (SHA-384)
- * @param {Uint8Array} ikm - Input keying material
- * @param {Uint8Array} salt - Salt value
- * @param {Uint8Array} info - Context/application-specific info
- * @param {number} length - Desired output length in bytes
- * @returns {Promise<Uint8Array>} Derived key material
- */
-export async function hkdfSha384(ikm, salt, info, length) {
-  if (!isWebCryptoAvailable()) {
-    throw new Error('WebCrypto not available');
-  }
-
-  const keyMaterial = await crypto.subtle.importKey(
-    'raw',
-    ikm,
-    { name: 'HKDF' },
-    false,
-    ['deriveBits']
-  );
-
-  const derivedBits = await crypto.subtle.deriveBits(
-    {
-      name: 'HKDF',
-      hash: 'SHA-384',
-      salt: salt.length > 0 ? salt : new Uint8Array(48),
-      info: info
-    },
-    keyMaterial,
-    length * 8
-  );
-
-  return new Uint8Array(derivedBits);
-}
-
-/**
- * Generate cryptographically secure random bytes
- * @param {number} length - Number of random bytes to generate
- * @returns {Uint8Array} Random bytes
- */
-export function getRandomBytes(length) {
-  if (!isWebCryptoAvailable()) {
-    throw new Error('WebCrypto not available');
-  }
-  const bytes = new Uint8Array(length);
-  crypto.getRandomValues(bytes);
-  return bytes;
-}
-
-/**
- * Generate a random AES-GCM IV (12 bytes recommended)
- * @returns {Uint8Array} 12-byte IV
- */
-export function generateIv() {
-  return getRandomBytes(12);
-}
-
-/**
- * Generate a random AES key
- * @param {number} [bits=256] - Key size in bits (128, 192, or 256)
- * @returns {Uint8Array} Random key
- */
-export function generateAesKey(bits = 256) {
-  if (![128, 192, 256].includes(bits)) {
-    throw new Error('AES key size must be 128, 192, or 256 bits');
-  }
-  return getRandomBytes(bits / 8);
-}