secure-hash-vault 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/crypto/decryptBuffer.ts","../src/core/constants.ts","../src/core/errors.ts","../src/core/encoding.ts","../src/core/kdf.ts","../src/core/validators.ts","../src/utils/safeJson.ts","../src/crypto/cryptoFormat.ts","../src/crypto/decryptFile.ts","../src/utils/metadata.ts","../src/crypto/decryptText.ts","../src/crypto/decryptJson.ts","../src/crypto/encryptBuffer.ts","../src/core/random.ts","../src/crypto/encryptFile.ts","../src/crypto/encryptText.ts","../src/crypto/encryptJson.ts","../src/password/passwordFormat.ts","../src/password/hashPassword.ts","../src/password/needsRehash.ts","../src/core/timingSafe.ts","../src/password/verifyPassword.ts","../src/utils/detectPayload.ts","../src/client/SecureHashVaultClient.ts","../src/client/createSecureHashVault.ts","../src/index.ts"],"sourcesContent":["import { createDecipheriv } from \"node:crypto\";\nimport { ENCRYPTION_ALGORITHM } from \"../core/constants\";\nimport { fromBase64Url } from \"../core/encoding\";\nimport { DecryptionError } from \"../core/errors\";\nimport { deriveScryptKey } from \"../core/kdf\";\nimport { assertSecret } from \"../core/validators\";\nimport { parseEncryptedPayload } from \"./cryptoFormat\";\nimport type { DecryptOptions, EncryptedPayload } from \"./cryptoTypes\";\n\nexport async function decryptBuffer(\n payload: string | EncryptedPayload,\n secret: string,\n options: DecryptOptions = {}\n): Promise<Buffer> {\n assertSecret(secret);\n\n try {\n const parsed = parseEncryptedPayload(payload);\n const key = await deriveScryptKey(secret, fromBase64Url(parsed.salt, \"salt\"), parsed.params);\n const decipher = createDecipheriv(ENCRYPTION_ALGORITHM, key, fromBase64Url(parsed.iv, \"iv\"));\n\n if (options.aad) {\n decipher.setAAD(Buffer.from(options.aad, \"utf8\"));\n }\n\n decipher.setAuthTag(fromBase64Url(parsed.tag, \"auth tag\"));\n return Buffer.concat([\n decipher.update(fromBase64Url(parsed.cipherText, \"cipherText\")),\n decipher.final()\n ]);\n } catch (error) {\n throw new DecryptionError(\"Decryption failed. Check the secret, payload, and authenticated data.\", {\n cause: error\n });\n }\n}\n","export const LIBRARY_NAME = \"CipherForge\";\nexport const PASSWORD_FORMAT_PREFIX = \"$cv$\";\nexport const PASSWORD_VERSION = \"v1\";\nexport const PASSWORD_ALGORITHM = \"scrypt\";\nexport const ENCRYPTION_FORMAT = \"cv.enc.v1\";\nexport const ENCRYPTION_COMPACT_PREFIX = \"$cvenc$\";\nexport const ENCRYPTION_VERSION = \"v1\";\nexport const ENCRYPTION_ALGORITHM = \"aes-256-gcm\";\nexport const ENCRYPTION_KDF = \"scrypt\";\n\nexport const DEFAULT_PASSWORD_PARAMS = {\n N: 16384,\n r: 8,\n p: 1,\n keyLen: 64\n} as const;\n\nexport const DEFAULT_ENCRYPTION_PARAMS = {\n N: 16384,\n r: 8,\n p: 1,\n keyLen: 32\n} as const;\n\nexport const DEFAULT_SALT_LENGTH = 16;\nexport const DEFAULT_IV_LENGTH = 12;\nexport const DEFAULT_TAG_LENGTH = 16;\nexport const MIN_SECRET_LENGTH = 1;\n","export class SecureHashVaultError extends Error {\n constructor(message: string, options?: ErrorOptions) {\n super(message, options);\n this.name = new.target.name;\n }\n}\n\nexport class CipherForgeError extends SecureHashVaultError {}\nexport class CipherVaultError extends CipherForgeError {}\nexport class InvalidPasswordHashError extends SecureHashVaultError {}\nexport class PasswordVerificationError extends SecureHashVaultError {}\nexport class EncryptionError extends SecureHashVaultError {}\nexport class DecryptionError extends SecureHashVaultError {}\nexport class InvalidPayloadError extends SecureHashVaultError {}\nexport class InvalidConfigError extends SecureHashVaultError {}\n","import { InvalidPayloadError } from \"./errors\";\n\nexport function toBase64Url(input: Buffer | string): string {\n const buffer = Buffer.isBuffer(input) ? input : Buffer.from(input, \"utf8\");\n return buffer.toString(\"base64url\");\n}\n\nexport function fromBase64Url(value: string, fieldName = \"value\"): Buffer {\n if (typeof value !== \"string\" || value.length === 0) {\n throw new InvalidPayloadError(`${fieldName} must be a non-empty base64url string.`);\n }\n\n try {\n return Buffer.from(value, \"base64url\");\n } catch (error) {\n throw new InvalidPayloadError(`${fieldName} is not valid base64url data.`, { cause: error });\n }\n}\n\nexport function toHex(input: Buffer | string): string {\n const buffer = Buffer.isBuffer(input) ? input : Buffer.from(input, \"utf8\");\n return buffer.toString(\"hex\");\n}\n\nexport function fromHex(value: string, fieldName = \"value\"): Buffer {\n if (typeof value !== \"string\" || value.length === 0 || !/^[\\da-f]+$/i.test(value)) {\n throw new InvalidPayloadError(`${fieldName} must be a non-empty hex string.`);\n }\n\n return Buffer.from(value, \"hex\");\n}\n","import { scrypt } from \"node:crypto\";\nimport type { ScryptParams } from \"./validators\";\n\nexport async function deriveScryptKey(\n secret: string | Buffer,\n salt: string | Buffer,\n params: ScryptParams\n): Promise<Buffer> {\n const maxmem = Math.max(32 * 1024 * 1024, 128 * params.N * params.r + 1024 * 1024);\n\n return new Promise((resolve, reject) => {\n scrypt(\n secret,\n salt,\n params.keyLen,\n {\n N: params.N,\n r: params.r,\n p: params.p,\n maxmem\n },\n (error, derivedKey) => {\n if (error) {\n reject(error);\n return;\n }\n resolve(derivedKey);\n }\n );\n });\n}\n\nexport function applyPepper(password: string, pepper?: string): Buffer {\n if (!pepper) {\n return Buffer.from(password, \"utf8\");\n }\n\n return Buffer.concat([Buffer.from(password, \"utf8\"), Buffer.from(\"\\0\", \"utf8\"), Buffer.from(pepper, \"utf8\")]);\n}\n","import { ENCRYPTION_ALGORITHM, PASSWORD_ALGORITHM } from \"./constants\";\nimport { InvalidConfigError } from \"./errors\";\n\nexport type ScryptParams = {\n N: number;\n r: number;\n p: number;\n keyLen: number;\n};\n\nexport function assertPassword(password: unknown): asserts password is string {\n if (typeof password !== \"string\") {\n throw new InvalidConfigError(\"Password must be a string.\");\n }\n\n if (password.length === 0) {\n throw new InvalidConfigError(\"Password cannot be empty.\");\n }\n}\n\nexport function assertSecret(secret: unknown): asserts secret is string {\n if (typeof secret !== \"string\") {\n throw new InvalidConfigError(\"Secret must be a string.\");\n }\n\n if (secret.length === 0) {\n throw new InvalidConfigError(\"Secret cannot be empty.\");\n }\n}\n\nexport function assertPasswordAlgorithm(algorithm: unknown): void {\n if (algorithm !== undefined && algorithm !== PASSWORD_ALGORITHM) {\n throw new InvalidConfigError(`Unsupported password algorithm: ${String(algorithm)}.`);\n }\n}\n\nexport function assertEncryptionAlgorithm(algorithm: unknown): void {\n if (algorithm !== undefined && algorithm !== ENCRYPTION_ALGORITHM) {\n throw new InvalidConfigError(`Unsupported encryption algorithm: ${String(algorithm)}.`);\n }\n}\n\nexport function normalizeScryptParams(\n defaults: ScryptParams,\n params?: Partial<ScryptParams>\n): ScryptParams {\n const normalized = { ...defaults, ...params };\n validateScryptParams(normalized);\n return normalized;\n}\n\nexport function validateScryptParams(params: ScryptParams): void {\n const { N, r, p, keyLen } = params;\n\n if (!Number.isInteger(N) || N < 4096 || N > 1048576 || (N & (N - 1)) !== 0) {\n throw new InvalidConfigError(\"scrypt N must be a power-of-two integer between 4096 and 1048576.\");\n }\n\n if (!Number.isInteger(r) || r < 1 || r > 32) {\n throw new InvalidConfigError(\"scrypt r must be an integer between 1 and 32.\");\n }\n\n if (!Number.isInteger(p) || p < 1 || p > 16) {\n throw new InvalidConfigError(\"scrypt p must be an integer between 1 and 16.\");\n }\n\n if (!Number.isInteger(keyLen) || keyLen < 32 || keyLen > 128) {\n throw new InvalidConfigError(\"scrypt keyLen must be an integer between 32 and 128.\");\n }\n}\n","import { InvalidPayloadError } from \"../core/errors\";\n\nexport function parseJson<T>(value: string, message = \"Invalid JSON payload.\"): T {\n try {\n return JSON.parse(value) as T;\n } catch (error) {\n throw new InvalidPayloadError(message, { cause: error });\n }\n}\n\nexport function stringifyJson(value: unknown): string {\n try {\n return JSON.stringify(value);\n } catch (error) {\n throw new InvalidPayloadError(\"Value cannot be serialized to JSON.\", { cause: error });\n }\n}\n","import { ENCRYPTION_ALGORITHM, ENCRYPTION_COMPACT_PREFIX, ENCRYPTION_FORMAT, ENCRYPTION_KDF, ENCRYPTION_VERSION } from \"../core/constants\";\nimport { InvalidPayloadError } from \"../core/errors\";\nimport type { ScryptParams } from \"../core/validators\";\nimport { validateScryptParams } from \"../core/validators\";\nimport { parseJson } from \"../utils/safeJson\";\nimport type { EncryptedPayload } from \"./cryptoTypes\";\n\nexport function serializeCryptoParams(params: ScryptParams): string {\n return `N=${params.N},r=${params.r},p=${params.p},keyLen=${params.keyLen}`;\n}\n\nexport function parseCryptoParams(value: string): ScryptParams {\n const record: Record<string, number> = {};\n for (const pair of value.split(\",\")) {\n const [key, rawValue] = pair.split(\"=\");\n if (!key || rawValue === undefined || ![\"N\", \"r\", \"p\", \"keyLen\"].includes(key)) {\n throw new InvalidPayloadError(\"Encrypted payload contains malformed KDF parameters.\");\n }\n record[key] = Number(rawValue);\n }\n\n const { N, r, p, keyLen } = record;\n\n if (!N || !r || !p || !keyLen) {\n throw new InvalidPayloadError(\"Encrypted payload is missing required KDF parameters.\");\n }\n\n const params: ScryptParams = { N, r, p, keyLen };\n validateScryptParams(params);\n return params;\n}\n\nexport function payloadToCompact(payload: EncryptedPayload): string {\n return `${ENCRYPTION_COMPACT_PREFIX}${ENCRYPTION_VERSION}$${payload.algorithm}$${payload.kdf}$${serializeCryptoParams(payload.params)}$${payload.salt}$${payload.iv}$${payload.tag}$${payload.cipherText}`;\n}\n\nexport function parseEncryptedPayload(payload: string | EncryptedPayload): EncryptedPayload {\n if (typeof payload === \"string\") {\n if (payload.startsWith(ENCRYPTION_COMPACT_PREFIX)) {\n return parseCompactPayload(payload);\n }\n return parseJson<EncryptedPayload>(payload, \"Encrypted payload string must be compact format or JSON.\");\n }\n\n if (!payload || typeof payload !== \"object\") {\n throw new InvalidPayloadError(\"Encrypted payload must be an object or string.\");\n }\n\n validatePayloadShape(payload);\n return payload;\n}\n\nexport function validatePayloadShape(payload: EncryptedPayload): void {\n if (payload.format !== ENCRYPTION_FORMAT) {\n throw new InvalidPayloadError(\"Unsupported encrypted payload format.\");\n }\n if (payload.algorithm !== ENCRYPTION_ALGORITHM) {\n throw new InvalidPayloadError(\"Unsupported encrypted payload algorithm.\");\n }\n if (payload.kdf !== ENCRYPTION_KDF) {\n throw new InvalidPayloadError(\"Unsupported encrypted payload KDF.\");\n }\n validateScryptParams(payload.params);\n for (const field of [\"salt\", \"iv\", \"tag\", \"cipherText\"] as const) {\n if (typeof payload[field] !== \"string\" || payload[field].length === 0) {\n throw new InvalidPayloadError(`Encrypted payload field ${field} must be a non-empty string.`);\n }\n }\n}\n\nfunction parseCompactPayload(compact: string): EncryptedPayload {\n const parts = compact.split(\"$\");\n const [, prefix, version, algorithm, kdf, rawParams, salt, iv, tag, cipherText] = parts;\n\n if (\n parts.length !== 10 ||\n prefix !== \"cvenc\" ||\n version !== ENCRYPTION_VERSION ||\n algorithm !== ENCRYPTION_ALGORITHM ||\n kdf !== ENCRYPTION_KDF ||\n !rawParams ||\n !salt ||\n !iv ||\n !tag ||\n !cipherText\n ) {\n throw new InvalidPayloadError(\"Malformed compact encrypted payload.\");\n }\n\n return {\n format: ENCRYPTION_FORMAT,\n algorithm,\n kdf,\n params: parseCryptoParams(rawParams),\n salt,\n iv,\n tag,\n cipherText\n };\n}\n","import { readFile, stat, writeFile } from \"node:fs/promises\";\nimport { createDecipheriv } from \"node:crypto\";\nimport { ENCRYPTION_ALGORITHM } from \"../core/constants\";\nimport { fromBase64Url } from \"../core/encoding\";\nimport { DecryptionError, InvalidPayloadError } from \"../core/errors\";\nimport { deriveScryptKey } from \"../core/kdf\";\nimport { assertSecret } from \"../core/validators\";\nimport { createdAt } from \"../utils/metadata\";\nimport { parseJson } from \"../utils/safeJson\";\nimport { parseCryptoParams } from \"./cryptoFormat\";\nimport type { DecryptFileOptions, FileCryptoResult } from \"./cryptoTypes\";\n\ntype FileHeader = {\n format: \"cv.file.v1\";\n algorithm: \"aes-256-gcm\";\n kdf: \"scrypt\";\n params: string;\n salt: string;\n iv: string;\n aad?: true;\n};\n\nexport async function decryptFile(\n inputPath: string,\n outputPath: string,\n secret: string,\n options: DecryptFileOptions = {}\n): Promise<FileCryptoResult> {\n assertSecret(secret);\n\n try {\n const file = await readFile(inputPath);\n const headerEnd = file.indexOf(0x0a);\n if (headerEnd <= 0) {\n throw new InvalidPayloadError(\"Encrypted file is missing CipherForge header.\");\n }\n\n const header = parseJson<FileHeader>(file.subarray(0, headerEnd).toString(\"utf8\"), \"Encrypted file header is invalid.\");\n if (header.format !== \"cv.file.v1\" || header.algorithm !== ENCRYPTION_ALGORITHM || header.kdf !== \"scrypt\") {\n throw new InvalidPayloadError(\"Unsupported encrypted file format.\");\n }\n\n const body = file.subarray(headerEnd + 1);\n if (body.length < 16) {\n throw new InvalidPayloadError(\"Encrypted file is missing authentication tag.\");\n }\n\n const cipherText = body.subarray(0, body.length - 16);\n const tag = body.subarray(body.length - 16);\n const params = parseCryptoParams(header.params);\n const key = await deriveScryptKey(secret, fromBase64Url(header.salt, \"salt\"), params);\n const decipher = createDecipheriv(ENCRYPTION_ALGORITHM, key, fromBase64Url(header.iv, \"iv\"));\n\n if (options.aad) {\n decipher.setAAD(Buffer.from(options.aad, \"utf8\"));\n } else if (header.aad) {\n throw new InvalidPayloadError(\"Encrypted file requires authenticated data.\");\n }\n\n decipher.setAuthTag(tag);\n await writeFile(outputPath, Buffer.concat([decipher.update(cipherText), decipher.final()]));\n\n const inputStats = await stat(inputPath);\n const outputStats = await stat(outputPath);\n\n return {\n inputPath,\n outputPath,\n bytesRead: inputStats.size,\n bytesWritten: outputStats.size,\n algorithm: ENCRYPTION_ALGORITHM,\n createdAt: createdAt()\n };\n } catch (error) {\n throw new DecryptionError(\"File decryption failed. Check the secret, payload, and authenticated data.\", {\n cause: error\n });\n }\n}\n","export function createdAt(): string {\n return new Date().toISOString();\n}\n\nexport function withCreatedAt(metadata?: Record<string, unknown>): Record<string, unknown> {\n return {\n ...(metadata ?? {}),\n createdAt: typeof metadata?.createdAt === \"string\" ? metadata.createdAt : createdAt()\n };\n}\n","import type { DecryptOptions, EncryptedPayload } from \"./cryptoTypes\";\nimport { decryptBuffer } from \"./decryptBuffer\";\n\nexport async function decryptText(\n payload: string | EncryptedPayload,\n secret: string,\n options: DecryptOptions = {}\n): Promise<string> {\n const buffer = await decryptBuffer(payload, secret, options);\n return buffer.toString(\"utf8\");\n}\n","import { parseJson } from \"../utils/safeJson\";\nimport type { DecryptOptions, EncryptedPayload } from \"./cryptoTypes\";\nimport { decryptText } from \"./decryptText\";\n\nexport async function decryptJson<T>(\n payload: string | EncryptedPayload,\n secret: string,\n options: DecryptOptions = {}\n): Promise<T> {\n return parseJson<T>(await decryptText(payload, secret, options), \"Decrypted payload is not valid JSON.\");\n}\n","import { createCipheriv } from \"node:crypto\";\nimport { DEFAULT_ENCRYPTION_PARAMS, DEFAULT_IV_LENGTH, DEFAULT_SALT_LENGTH, ENCRYPTION_ALGORITHM, ENCRYPTION_FORMAT, ENCRYPTION_KDF } from \"../core/constants\";\nimport { toBase64Url } from \"../core/encoding\";\nimport { EncryptionError } from \"../core/errors\";\nimport { deriveScryptKey } from \"../core/kdf\";\nimport { randomBuffer } from \"../core/random\";\nimport { assertEncryptionAlgorithm, assertSecret, normalizeScryptParams } from \"../core/validators\";\nimport { withCreatedAt } from \"../utils/metadata\";\nimport { payloadToCompact } from \"./cryptoFormat\";\nimport type { EncryptedPayload, EncryptOptions } from \"./cryptoTypes\";\n\nexport async function encryptBuffer(\n buffer: Buffer,\n secret: string,\n options: EncryptOptions = {}\n): Promise<EncryptedPayload | string> {\n if (!Buffer.isBuffer(buffer)) {\n throw new EncryptionError(\"encryptBuffer input must be a Buffer.\");\n }\n assertSecret(secret);\n assertEncryptionAlgorithm(options.algorithm);\n\n try {\n const params = normalizeScryptParams(DEFAULT_ENCRYPTION_PARAMS, options.params);\n const salt = randomBuffer(DEFAULT_SALT_LENGTH);\n const iv = randomBuffer(DEFAULT_IV_LENGTH);\n const key = await deriveScryptKey(secret, salt, params);\n const cipher = createCipheriv(ENCRYPTION_ALGORITHM, key, iv);\n\n if (options.aad) {\n cipher.setAAD(Buffer.from(options.aad, \"utf8\"));\n }\n\n const cipherText = Buffer.concat([cipher.update(buffer), cipher.final()]);\n const tag = cipher.getAuthTag();\n const payload: EncryptedPayload = {\n format: ENCRYPTION_FORMAT,\n algorithm: ENCRYPTION_ALGORITHM,\n kdf: ENCRYPTION_KDF,\n params,\n iv: toBase64Url(iv),\n salt: toBase64Url(salt),\n tag: toBase64Url(tag),\n cipherText: toBase64Url(cipherText),\n metadata: withCreatedAt(options.metadata)\n };\n\n return options.output === \"compact\" ? payloadToCompact(payload) : payload;\n } catch (error) {\n throw new EncryptionError(\"Encryption failed.\", { cause: error });\n }\n}\n","import { randomBytes } from \"node:crypto\";\nimport { DEFAULT_SALT_LENGTH } from \"./constants\";\nimport { toBase64Url } from \"./encoding\";\nimport { InvalidConfigError } from \"./errors\";\n\nexport function randomBuffer(size = DEFAULT_SALT_LENGTH): Buffer {\n if (!Number.isInteger(size) || size < 8 || size > 1024) {\n throw new InvalidConfigError(\"Random byte size must be an integer between 8 and 1024.\");\n }\n\n return randomBytes(size);\n}\n\nexport function generateSalt(size = DEFAULT_SALT_LENGTH): string {\n return toBase64Url(randomBuffer(size));\n}\n\nexport function generatePepper(size = 32): string {\n return toBase64Url(randomBuffer(size));\n}\n","import { createReadStream, createWriteStream } from \"node:fs\";\nimport { stat } from \"node:fs/promises\";\nimport { createCipheriv } from \"node:crypto\";\nimport { pipeline } from \"node:stream/promises\";\nimport { DEFAULT_ENCRYPTION_PARAMS, DEFAULT_IV_LENGTH, DEFAULT_SALT_LENGTH, ENCRYPTION_ALGORITHM } from \"../core/constants\";\nimport { toBase64Url } from \"../core/encoding\";\nimport { EncryptionError } from \"../core/errors\";\nimport { deriveScryptKey } from \"../core/kdf\";\nimport { randomBuffer } from \"../core/random\";\nimport { assertSecret, normalizeScryptParams } from \"../core/validators\";\nimport { createdAt } from \"../utils/metadata\";\nimport { serializeCryptoParams } from \"./cryptoFormat\";\nimport type { EncryptFileOptions, FileCryptoResult } from \"./cryptoTypes\";\n\nexport async function encryptFile(\n inputPath: string,\n outputPath: string,\n secret: string,\n options: EncryptFileOptions = {}\n): Promise<FileCryptoResult> {\n assertSecret(secret);\n\n try {\n const params = normalizeScryptParams(DEFAULT_ENCRYPTION_PARAMS, options.params);\n const salt = randomBuffer(DEFAULT_SALT_LENGTH);\n const iv = randomBuffer(DEFAULT_IV_LENGTH);\n const key = await deriveScryptKey(secret, salt, params);\n const cipher = createCipheriv(ENCRYPTION_ALGORITHM, key, iv);\n\n if (options.aad) {\n cipher.setAAD(Buffer.from(options.aad, \"utf8\"));\n }\n\n const header = Buffer.from(\n JSON.stringify({\n format: \"cv.file.v1\",\n algorithm: ENCRYPTION_ALGORITHM,\n kdf: \"scrypt\",\n params: serializeCryptoParams(params),\n salt: toBase64Url(salt),\n iv: toBase64Url(iv),\n aad: options.aad ? true : undefined\n }) + \"\\n\",\n \"utf8\"\n );\n\n const output = createWriteStream(outputPath);\n output.write(header);\n await pipeline(createReadStream(inputPath), cipher, output, { end: false });\n output.write(cipher.getAuthTag());\n output.end();\n\n const inputStats = await stat(inputPath);\n const outputStats = await stat(outputPath);\n\n return {\n inputPath,\n outputPath,\n bytesRead: inputStats.size,\n bytesWritten: outputStats.size,\n algorithm: ENCRYPTION_ALGORITHM,\n createdAt: createdAt()\n };\n } catch (error) {\n throw new EncryptionError(\"File encryption failed.\", { cause: error });\n }\n}\n","import { encryptBuffer } from \"./encryptBuffer\";\nimport type { EncryptedPayload, EncryptOptions } from \"./cryptoTypes\";\n\nexport async function encryptText(\n plainText: string,\n secret: string,\n options: EncryptOptions = {}\n): Promise<EncryptedPayload | string> {\n if (typeof plainText !== \"string\") {\n throw new TypeError(\"plainText must be a string.\");\n }\n\n return encryptBuffer(Buffer.from(plainText, \"utf8\"), secret, options);\n}\n","import { stringifyJson } from \"../utils/safeJson\";\nimport type { EncryptedPayload, EncryptOptions } from \"./cryptoTypes\";\nimport { encryptText } from \"./encryptText\";\n\nexport async function encryptJson<T>(\n data: T,\n secret: string,\n options: EncryptOptions = {}\n): Promise<EncryptedPayload | string> {\n return encryptText(stringifyJson(data), secret, options);\n}\n","import { PASSWORD_ALGORITHM, PASSWORD_FORMAT_PREFIX, PASSWORD_VERSION } from \"../core/constants\";\nimport { InvalidPasswordHashError } from \"../core/errors\";\nimport type { ScryptParams } from \"../core/validators\";\nimport { validateScryptParams } from \"../core/validators\";\nimport type { ParsedPasswordHash } from \"./passwordTypes\";\n\nexport function serializePasswordParams(params: ScryptParams): string {\n return `N=${params.N},r=${params.r},p=${params.p},keyLen=${params.keyLen}`;\n}\n\nexport function parsePasswordParams(value: string): ScryptParams {\n const pairs = value.split(\",\");\n const record: Record<string, number> = {};\n\n for (const pair of pairs) {\n const [key, rawValue] = pair.split(\"=\");\n if (!key || rawValue === undefined || ![\"N\", \"r\", \"p\", \"keyLen\"].includes(key)) {\n throw new InvalidPasswordHashError(\"Password hash contains malformed scrypt parameters.\");\n }\n\n const numberValue = Number(rawValue);\n if (!Number.isInteger(numberValue)) {\n throw new InvalidPasswordHashError(\"Password hash contains non-integer scrypt parameters.\");\n }\n record[key] = numberValue;\n }\n\n const { N, r, p, keyLen } = record;\n\n if (!N || !r || !p || !keyLen) {\n throw new InvalidPasswordHashError(\"Password hash is missing required scrypt parameters.\");\n }\n\n const params: ScryptParams = { N, r, p, keyLen };\n validateScryptParams(params);\n return params;\n}\n\nexport function formatPasswordHash(params: ScryptParams, salt: string, hash: string): string {\n return `${PASSWORD_FORMAT_PREFIX}${PASSWORD_VERSION}$${PASSWORD_ALGORITHM}$${serializePasswordParams(params)}$${salt}$${hash}`;\n}\n\nexport function parsePasswordHash(storedHash: string): ParsedPasswordHash {\n if (typeof storedHash !== \"string\" || storedHash.length === 0) {\n throw new InvalidPasswordHashError(\"Stored password hash must be a non-empty string.\");\n }\n\n if (!storedHash.startsWith(PASSWORD_FORMAT_PREFIX)) {\n throw new InvalidPasswordHashError(\"Unsupported password hash format. Password hashes cannot be decrypted.\");\n }\n\n const parts = storedHash.split(\"$\");\n const [, prefix, version, algorithm, rawParams, salt, hash] = parts;\n\n if (parts.length !== 7 || prefix !== \"cv\" || version !== PASSWORD_VERSION || algorithm !== PASSWORD_ALGORITHM) {\n throw new InvalidPasswordHashError(\"Malformed CipherForge password hash.\");\n }\n\n if (!rawParams || !salt || !hash) {\n throw new InvalidPasswordHashError(\"Password hash is missing metadata, salt, or hash value.\");\n }\n\n return {\n prefix,\n version,\n algorithm,\n params: parsePasswordParams(rawParams),\n salt,\n hash\n };\n}\n","import { DEFAULT_PASSWORD_PARAMS, DEFAULT_SALT_LENGTH, PASSWORD_ALGORITHM, PASSWORD_VERSION } from \"../core/constants\";\nimport { fromBase64Url, toBase64Url } from \"../core/encoding\";\nimport { applyPepper, deriveScryptKey } from \"../core/kdf\";\nimport { generateSalt } from \"../core/random\";\nimport { assertPassword, assertPasswordAlgorithm, normalizeScryptParams } from \"../core/validators\";\nimport { createdAt } from \"../utils/metadata\";\nimport { formatPasswordHash } from \"./passwordFormat\";\nimport type { HashPasswordOptions, PasswordHashResult } from \"./passwordTypes\";\n\nexport async function hashPassword(\n password: string,\n options: HashPasswordOptions = {}\n): Promise<PasswordHashResult> {\n assertPassword(password);\n assertPasswordAlgorithm(options.algorithm);\n\n const params = normalizeScryptParams(DEFAULT_PASSWORD_PARAMS, options.params);\n const salt = options.salt ?? generateSalt(options.saltLength ?? DEFAULT_SALT_LENGTH);\n const saltBuffer = fromBase64Url(salt, \"salt\");\n const passwordBuffer = applyPepper(password, options.pepper);\n const derivedKey = await deriveScryptKey(passwordBuffer, saltBuffer, params);\n const hash = toBase64Url(derivedKey);\n\n return {\n algorithm: PASSWORD_ALGORITHM,\n version: PASSWORD_VERSION,\n hash: formatPasswordHash(params, salt, hash),\n salt,\n params,\n createdAt: createdAt()\n };\n}\n","import { DEFAULT_PASSWORD_PARAMS, PASSWORD_ALGORITHM, PASSWORD_VERSION } from \"../core/constants\";\nimport { InvalidPasswordHashError } from \"../core/errors\";\nimport { assertPasswordAlgorithm, normalizeScryptParams } from \"../core/validators\";\nimport { parsePasswordHash } from \"./passwordFormat\";\nimport type { HashPasswordOptions } from \"./passwordTypes\";\n\nexport function needsRehash(storedHash: string, currentOptions: HashPasswordOptions = {}): boolean {\n assertPasswordAlgorithm(currentOptions.algorithm);\n\n let parsed;\n try {\n parsed = parsePasswordHash(storedHash);\n } catch (error) {\n if (error instanceof InvalidPasswordHashError) {\n return true;\n }\n throw error;\n }\n\n const currentParams = normalizeScryptParams(DEFAULT_PASSWORD_PARAMS, currentOptions.params);\n\n return (\n parsed.version !== PASSWORD_VERSION ||\n parsed.algorithm !== PASSWORD_ALGORITHM ||\n parsed.params.N !== currentParams.N ||\n parsed.params.r !== currentParams.r ||\n parsed.params.p !== currentParams.p ||\n parsed.params.keyLen !== currentParams.keyLen\n );\n}\n","import { timingSafeEqual } from \"node:crypto\";\n\nexport function timingSafeCompare(left: Buffer, right: Buffer): boolean {\n if (left.length !== right.length) {\n const paddedLeft = Buffer.alloc(Math.max(left.length, right.length));\n const paddedRight = Buffer.alloc(Math.max(left.length, right.length));\n left.copy(paddedLeft);\n right.copy(paddedRight);\n timingSafeEqual(paddedLeft, paddedRight);\n return false;\n }\n\n return timingSafeEqual(left, right);\n}\n","import { fromBase64Url, toBase64Url } from \"../core/encoding\";\nimport { PasswordVerificationError } from \"../core/errors\";\nimport { applyPepper, deriveScryptKey } from \"../core/kdf\";\nimport { timingSafeCompare } from \"../core/timingSafe\";\nimport { assertPassword } from \"../core/validators\";\nimport { needsRehash as checkNeedsRehash } from \"./needsRehash\";\nimport { parsePasswordHash } from \"./passwordFormat\";\nimport type { PasswordVerifyResult, VerifyPasswordOptions } from \"./passwordTypes\";\n\nexport async function verifyPassword(\n password: string,\n storedHash: string,\n options: VerifyPasswordOptions = {}\n): Promise<PasswordVerifyResult> {\n assertPassword(password);\n\n try {\n const parsed = parsePasswordHash(storedHash);\n const saltBuffer = fromBase64Url(parsed.salt, \"salt\");\n const expected = fromBase64Url(parsed.hash, \"password hash\");\n const candidate = await deriveScryptKey(applyPepper(password, options.pepper), saltBuffer, parsed.params);\n const valid = timingSafeCompare(Buffer.from(toBase64Url(candidate)), Buffer.from(toBase64Url(expected)));\n\n return {\n valid,\n needsRehash: valid ? checkNeedsRehash(storedHash, options.currentOptions ?? {}) : false,\n algorithm: parsed.algorithm,\n version: parsed.version\n };\n } catch (error) {\n throw new PasswordVerificationError(\"Password verification failed. Password hashes cannot be decrypted.\", {\n cause: error\n });\n }\n}\n","import { ENCRYPTION_COMPACT_PREFIX, ENCRYPTION_FORMAT, PASSWORD_FORMAT_PREFIX } from \"../core/constants\";\nimport type { EncryptedPayload } from \"../crypto/cryptoTypes\";\n\nexport type DetectedPayload = \"password-hash\" | \"encrypted-payload\" | \"plain-text\" | \"json\" | \"buffer\" | \"unknown\";\n\nexport function detectPayload(value: unknown): DetectedPayload {\n if (Buffer.isBuffer(value)) {\n return \"buffer\";\n }\n\n if (typeof value === \"string\") {\n if (value.startsWith(PASSWORD_FORMAT_PREFIX)) {\n return \"password-hash\";\n }\n if (value.startsWith(ENCRYPTION_COMPACT_PREFIX)) {\n return \"encrypted-payload\";\n }\n try {\n const parsed = JSON.parse(value) as Partial<EncryptedPayload>;\n return parsed.format === ENCRYPTION_FORMAT ? \"encrypted-payload\" : \"json\";\n } catch {\n return \"plain-text\";\n }\n }\n\n if (value && typeof value === \"object\" && (value as Partial<EncryptedPayload>).format === ENCRYPTION_FORMAT) {\n return \"encrypted-payload\";\n }\n\n if (value && typeof value === \"object\") {\n return \"json\";\n }\n\n return \"unknown\";\n}\n","import { decryptBuffer } from \"../crypto/decryptBuffer\";\nimport { decryptFile } from \"../crypto/decryptFile\";\nimport { decryptJson } from \"../crypto/decryptJson\";\nimport { decryptText } from \"../crypto/decryptText\";\nimport { encryptBuffer } from \"../crypto/encryptBuffer\";\nimport { encryptFile } from \"../crypto/encryptFile\";\nimport { encryptJson } from \"../crypto/encryptJson\";\nimport { encryptText } from \"../crypto/encryptText\";\nimport type { DecryptFileOptions, DecryptOptions, EncryptedPayload, EncryptFileOptions, EncryptOptions, FileCryptoResult } from \"../crypto/cryptoTypes\";\nimport { InvalidPayloadError } from \"../core/errors\";\nimport { hashPassword } from \"../password/hashPassword\";\nimport { needsRehash } from \"../password/needsRehash\";\nimport type { HashPasswordOptions, PasswordHashResult, PasswordVerifyResult, VerifyPasswordOptions } from \"../password/passwordTypes\";\nimport { verifyPassword } from \"../password/verifyPassword\";\nimport { detectPayload } from \"../utils/detectPayload\";\n\nexport type CipherForgeClientOptions = {\n password?: HashPasswordOptions;\n encryption?: EncryptOptions;\n};\n\nexport class SecureHashVaultClient {\n readonly password: {\n hash: (password: string, options?: HashPasswordOptions) => Promise<PasswordHashResult>;\n verify: (password: string, storedHash: string, options?: VerifyPasswordOptions) => Promise<PasswordVerifyResult>;\n needsRehash: (storedHash: string, options?: HashPasswordOptions) => boolean;\n };\n\n readonly crypto: {\n encryptText: (plainText: string, secret: string, options?: EncryptOptions) => Promise<EncryptedPayload | string>;\n decryptText: (payload: string | EncryptedPayload, secret: string, options?: DecryptOptions) => Promise<string>;\n encryptJson: <T>(data: T, secret: string, options?: EncryptOptions) => Promise<EncryptedPayload | string>;\n decryptJson: <T>(payload: string | EncryptedPayload, secret: string, options?: DecryptOptions) => Promise<T>;\n encryptBuffer: (buffer: Buffer, secret: string, options?: EncryptOptions) => Promise<EncryptedPayload | string>;\n decryptBuffer: (payload: string | EncryptedPayload, secret: string, options?: DecryptOptions) => Promise<Buffer>;\n encryptFile: (inputPath: string, outputPath: string, secret: string, options?: EncryptFileOptions) => Promise<FileCryptoResult>;\n decryptFile: (inputPath: string, outputPath: string, secret: string, options?: DecryptFileOptions) => Promise<FileCryptoResult>;\n };\n\n constructor(private readonly options: CipherForgeClientOptions = {}) {\n this.password = {\n hash: (password, options) => hashPassword(password, { ...this.options.password, ...options }),\n verify: (password, storedHash, options) => {\n const currentOptions = options?.currentOptions ?? this.options.password;\n return verifyPassword(password, storedHash, {\n ...options,\n ...(currentOptions ? { currentOptions } : {})\n });\n },\n needsRehash: (storedHash, options) => needsRehash(storedHash, { ...this.options.password, ...options })\n };\n\n this.crypto = {\n encryptText: (plainText, secret, options) => encryptText(plainText, secret, { ...this.options.encryption, ...options }),\n decryptText,\n encryptJson: (data, secret, options) => encryptJson(data, secret, { ...this.options.encryption, ...options }),\n decryptJson,\n encryptBuffer: (buffer, secret, options) => encryptBuffer(buffer, secret, { ...this.options.encryption, ...options }),\n decryptBuffer,\n encryptFile: (inputPath, outputPath, secret, options) =>\n encryptFile(inputPath, outputPath, secret, { ...this.options.encryption, ...options }),\n decryptFile\n };\n }\n\n hash(password: string, options?: HashPasswordOptions): Promise<PasswordHashResult> {\n return this.password.hash(password, options);\n }\n\n verify(password: string, storedHash: string, options?: VerifyPasswordOptions): Promise<PasswordVerifyResult> {\n return this.password.verify(password, storedHash, options);\n }\n\n async encrypt(data: string | Buffer | Record<string, unknown> | unknown[], secret: string, options?: EncryptOptions): Promise<EncryptedPayload | string> {\n if (Buffer.isBuffer(data)) {\n return this.crypto.encryptBuffer(data, secret, options);\n }\n\n if (typeof data === \"string\") {\n return this.crypto.encryptText(data, secret, options);\n }\n\n if (data && typeof data === \"object\") {\n return this.crypto.encryptJson(data, secret, options);\n }\n\n throw new InvalidPayloadError(\"encrypt() supports strings, Buffers, objects, and arrays.\");\n }\n\n async decrypt<T = unknown>(\n payload: string | EncryptedPayload,\n secret: string,\n options?: DecryptOptions & { as?: \"text\" | \"json\" | \"buffer\" }\n ): Promise<string | T | Buffer> {\n if (options?.as === \"buffer\") {\n return this.crypto.decryptBuffer(payload, secret, options);\n }\n\n const decryptedText = await this.crypto.decryptText(payload, secret, options);\n\n if (options?.as === \"json\") {\n return JSON.parse(decryptedText) as T;\n }\n\n const detected = detectPayload(decryptedText);\n if (detected === \"json\") {\n try {\n return JSON.parse(decryptedText) as T;\n } catch {\n return decryptedText;\n }\n }\n\n return decryptedText;\n }\n\n decryptPasswordHash(): never {\n throw new InvalidPayloadError(\"Password hashes cannot be decrypted. Use verifyPassword() or vault.password.verify().\");\n }\n}\n\nexport type CipherForgeClient = SecureHashVaultClient;\nexport type CipherVaultClientOptions = CipherForgeClientOptions;\nexport type CipherVaultClient = SecureHashVaultClient;\n","import { SecureHashVaultClient, type CipherForgeClientOptions } from \"./SecureHashVaultClient\";\n\nexport function createCipherForge(options: CipherForgeClientOptions = {}): SecureHashVaultClient {\n return new SecureHashVaultClient(options);\n}\n\nexport const createCipherVault = createCipherForge;\nexport const createSecureHashVault = createCipherVault;\n","export { createCipherForge, createCipherVault, createSecureHashVault } from \"./client/createSecureHashVault\";\nexport {\n SecureHashVaultClient,\n type CipherForgeClient,\n type CipherForgeClientOptions,\n type CipherVaultClient,\n type CipherVaultClientOptions\n} from \"./client/SecureHashVaultClient\";\n\nexport { hashPassword } from \"./password/hashPassword\";\nexport { verifyPassword } from \"./password/verifyPassword\";\nexport { needsRehash } from \"./password/needsRehash\";\nexport { generateSalt, generatePepper, randomBuffer } from \"./core/random\";\nexport type {\n HashPasswordOptions,\n PasswordHashResult,\n PasswordVerifyResult,\n VerifyPasswordOptions\n} from \"./password/passwordTypes\";\n\nexport { encryptText } from \"./crypto/encryptText\";\nexport { decryptText } from \"./crypto/decryptText\";\nexport { encryptJson } from \"./crypto/encryptJson\";\nexport { decryptJson } from \"./crypto/decryptJson\";\nexport { encryptBuffer } from \"./crypto/encryptBuffer\";\nexport { decryptBuffer } from \"./crypto/decryptBuffer\";\nexport { encryptFile } from \"./crypto/encryptFile\";\nexport { decryptFile } from \"./crypto/decryptFile\";\nexport type {\n DecryptFileOptions,\n DecryptOptions,\n EncryptedPayload,\n EncryptFileOptions,\n EncryptOptions,\n FileCryptoResult\n} from \"./crypto/cryptoTypes\";\n\nexport {\n CipherForgeError,\n CipherVaultError,\n DecryptionError,\n EncryptionError,\n InvalidConfigError,\n InvalidPasswordHashError,\n InvalidPayloadError,\n PasswordVerificationError,\n SecureHashVaultError\n} from \"./core/errors\";\n\nexport { toBase64Url, fromBase64Url, toHex, fromHex } from \"./core/encoding\";\nexport { detectPayload } from \"./utils/detectPayload\";\n\nimport { createCipherForge } from \"./client/createSecureHashVault\";\n\nexport const cipherForge = createCipherForge();\nexport const CipherForge = cipherForge;\nexport const cipherVault = cipherForge;\nexport const secureVault = cipherForge;\nexport default cipherForge;\n"],"mappings":";AAAA,SAAS,wBAAwB;;;ACC1B,IAAM,yBAAyB;AAC/B,IAAM,mBAAmB;AACzB,IAAM,qBAAqB;AAC3B,IAAM,oBAAoB;AAC1B,IAAM,4BAA4B;AAClC,IAAM,qBAAqB;AAC3B,IAAM,uBAAuB;AAC7B,IAAM,iBAAiB;AAEvB,IAAM,0BAA0B;AAAA,EACrC,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,QAAQ;AACV;AAEO,IAAM,4BAA4B;AAAA,EACvC,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,QAAQ;AACV;AAEO,IAAM,sBAAsB;AAC5B,IAAM,oBAAoB;;;ACzB1B,IAAM,uBAAN,cAAmC,MAAM;AAAA,EAC9C,YAAY,SAAiB,SAAwB;AACnD,UAAM,SAAS,OAAO;AACtB,SAAK,OAAO,WAAW;AAAA,EACzB;AACF;AAEO,IAAM,mBAAN,cAA+B,qBAAqB;AAAC;AACrD,IAAM,mBAAN,cAA+B,iBAAiB;AAAC;AACjD,IAAM,2BAAN,cAAuC,qBAAqB;AAAC;AAC7D,IAAM,4BAAN,cAAwC,qBAAqB;AAAC;AAC9D,IAAM,kBAAN,cAA8B,qBAAqB;AAAC;AACpD,IAAM,kBAAN,cAA8B,qBAAqB;AAAC;AACpD,IAAM,sBAAN,cAAkC,qBAAqB;AAAC;AACxD,IAAM,qBAAN,cAAiC,qBAAqB;AAAC;;;ACZvD,SAAS,YAAY,OAAgC;AAC1D,QAAM,SAAS,OAAO,SAAS,KAAK,IAAI,QAAQ,OAAO,KAAK,OAAO,MAAM;AACzE,SAAO,OAAO,SAAS,WAAW;AACpC;AAEO,SAAS,cAAc,OAAe,YAAY,SAAiB;AACxE,MAAI,OAAO,UAAU,YAAY,MAAM,WAAW,GAAG;AACnD,UAAM,IAAI,oBAAoB,GAAG,SAAS,wCAAwC;AAAA,EACpF;AAEA,MAAI;AACF,WAAO,OAAO,KAAK,OAAO,WAAW;AAAA,EACvC,SAAS,OAAO;AACd,UAAM,IAAI,oBAAoB,GAAG,SAAS,iCAAiC,EAAE,OAAO,MAAM,CAAC;AAAA,EAC7F;AACF;AAEO,SAAS,MAAM,OAAgC;AACpD,QAAM,SAAS,OAAO,SAAS,KAAK,IAAI,QAAQ,OAAO,KAAK,OAAO,MAAM;AACzE,SAAO,OAAO,SAAS,KAAK;AAC9B;AAEO,SAAS,QAAQ,OAAe,YAAY,SAAiB;AAClE,MAAI,OAAO,UAAU,YAAY,MAAM,WAAW,KAAK,CAAC,cAAc,KAAK,KAAK,GAAG;AACjF,UAAM,IAAI,oBAAoB,GAAG,SAAS,kCAAkC;AAAA,EAC9E;AAEA,SAAO,OAAO,KAAK,OAAO,KAAK;AACjC;;;AC9BA,SAAS,cAAc;AAGvB,eAAsB,gBACpB,QACA,MACA,QACiB;AACjB,QAAM,SAAS,KAAK,IAAI,KAAK,OAAO,MAAM,MAAM,OAAO,IAAI,OAAO,IAAI,OAAO,IAAI;AAEjF,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC;AAAA,MACE;AAAA,MACA;AAAA,MACA,OAAO;AAAA,MACP;AAAA,QACE,GAAG,OAAO;AAAA,QACV,GAAG,OAAO;AAAA,QACV,GAAG,OAAO;AAAA,QACV;AAAA,MACF;AAAA,MACA,CAAC,OAAO,eAAe;AACrB,YAAI,OAAO;AACT,iBAAO,KAAK;AACZ;AAAA,QACF;AACA,gBAAQ,UAAU;AAAA,MACpB;AAAA,IACF;AAAA,EACF,CAAC;AACH;AAEO,SAAS,YAAY,UAAkB,QAAyB;AACrE,MAAI,CAAC,QAAQ;AACX,WAAO,OAAO,KAAK,UAAU,MAAM;AAAA,EACrC;AAEA,SAAO,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU,MAAM,GAAG,OAAO,KAAK,MAAM,MAAM,GAAG,OAAO,KAAK,QAAQ,MAAM,CAAC,CAAC;AAC9G;;;AC5BO,SAAS,eAAe,UAA+C;AAC5E,MAAI,OAAO,aAAa,UAAU;AAChC,UAAM,IAAI,mBAAmB,4BAA4B;AAAA,EAC3D;AAEA,MAAI,SAAS,WAAW,GAAG;AACzB,UAAM,IAAI,mBAAmB,2BAA2B;AAAA,EAC1D;AACF;AAEO,SAAS,aAAa,QAA2C;AACtE,MAAI,OAAO,WAAW,UAAU;AAC9B,UAAM,IAAI,mBAAmB,0BAA0B;AAAA,EACzD;AAEA,MAAI,OAAO,WAAW,GAAG;AACvB,UAAM,IAAI,mBAAmB,yBAAyB;AAAA,EACxD;AACF;AAEO,SAAS,wBAAwB,WAA0B;AAChE,MAAI,cAAc,UAAa,cAAc,oBAAoB;AAC/D,UAAM,IAAI,mBAAmB,mCAAmC,OAAO,SAAS,CAAC,GAAG;AAAA,EACtF;AACF;AAEO,SAAS,0BAA0B,WAA0B;AAClE,MAAI,cAAc,UAAa,cAAc,sBAAsB;AACjE,UAAM,IAAI,mBAAmB,qCAAqC,OAAO,SAAS,CAAC,GAAG;AAAA,EACxF;AACF;AAEO,SAAS,sBACd,UACA,QACc;AACd,QAAM,aAAa,EAAE,GAAG,UAAU,GAAG,OAAO;AAC5C,uBAAqB,UAAU;AAC/B,SAAO;AACT;AAEO,SAAS,qBAAqB,QAA4B;AAC/D,QAAM,EAAE,GAAG,GAAG,GAAG,OAAO,IAAI;AAE5B,MAAI,CAAC,OAAO,UAAU,CAAC,KAAK,IAAI,QAAQ,IAAI,YAAY,IAAK,IAAI,OAAQ,GAAG;AAC1E,UAAM,IAAI,mBAAmB,mEAAmE;AAAA,EAClG;AAEA,MAAI,CAAC,OAAO,UAAU,CAAC,KAAK,IAAI,KAAK,IAAI,IAAI;AAC3C,UAAM,IAAI,mBAAmB,+CAA+C;AAAA,EAC9E;AAEA,MAAI,CAAC,OAAO,UAAU,CAAC,KAAK,IAAI,KAAK,IAAI,IAAI;AAC3C,UAAM,IAAI,mBAAmB,+CAA+C;AAAA,EAC9E;AAEA,MAAI,CAAC,OAAO,UAAU,MAAM,KAAK,SAAS,MAAM,SAAS,KAAK;AAC5D,UAAM,IAAI,mBAAmB,sDAAsD;AAAA,EACrF;AACF;;;ACnEO,SAAS,UAAa,OAAe,UAAU,yBAA4B;AAChF,MAAI;AACF,WAAO,KAAK,MAAM,KAAK;AAAA,EACzB,SAAS,OAAO;AACd,UAAM,IAAI,oBAAoB,SAAS,EAAE,OAAO,MAAM,CAAC;AAAA,EACzD;AACF;AAEO,SAAS,cAAc,OAAwB;AACpD,MAAI;AACF,WAAO,KAAK,UAAU,KAAK;AAAA,EAC7B,SAAS,OAAO;AACd,UAAM,IAAI,oBAAoB,uCAAuC,EAAE,OAAO,MAAM,CAAC;AAAA,EACvF;AACF;;;ACTO,SAAS,sBAAsB,QAA8B;AAClE,SAAO,KAAK,OAAO,CAAC,MAAM,OAAO,CAAC,MAAM,OAAO,CAAC,WAAW,OAAO,MAAM;AAC1E;AAEO,SAAS,kBAAkB,OAA6B;AAC7D,QAAM,SAAiC,CAAC;AACxC,aAAW,QAAQ,MAAM,MAAM,GAAG,GAAG;AACnC,UAAM,CAAC,KAAK,QAAQ,IAAI,KAAK,MAAM,GAAG;AACtC,QAAI,CAAC,OAAO,aAAa,UAAa,CAAC,CAAC,KAAK,KAAK,KAAK,QAAQ,EAAE,SAAS,GAAG,GAAG;AAC9E,YAAM,IAAI,oBAAoB,sDAAsD;AAAA,IACtF;AACA,WAAO,GAAG,IAAI,OAAO,QAAQ;AAAA,EAC/B;AAEA,QAAM,EAAE,GAAG,GAAG,GAAG,OAAO,IAAI;AAE5B,MAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ;AAC7B,UAAM,IAAI,oBAAoB,uDAAuD;AAAA,EACvF;AAEA,QAAM,SAAuB,EAAE,GAAG,GAAG,GAAG,OAAO;AAC/C,uBAAqB,MAAM;AAC3B,SAAO;AACT;AAEO,SAAS,iBAAiB,SAAmC;AAClE,SAAO,GAAG,yBAAyB,GAAG,kBAAkB,IAAI,QAAQ,SAAS,IAAI,QAAQ,GAAG,IAAI,sBAAsB,QAAQ,MAAM,CAAC,IAAI,QAAQ,IAAI,IAAI,QAAQ,EAAE,IAAI,QAAQ,GAAG,IAAI,QAAQ,UAAU;AAC1M;AAEO,SAAS,sBAAsB,SAAsD;AAC1F,MAAI,OAAO,YAAY,UAAU;AAC/B,QAAI,QAAQ,WAAW,yBAAyB,GAAG;AACjD,aAAO,oBAAoB,OAAO;AAAA,IACpC;AACA,WAAO,UAA4B,SAAS,0DAA0D;AAAA,EACxG;AAEA,MAAI,CAAC,WAAW,OAAO,YAAY,UAAU;AAC3C,UAAM,IAAI,oBAAoB,gDAAgD;AAAA,EAChF;AAEA,uBAAqB,OAAO;AAC5B,SAAO;AACT;AAEO,SAAS,qBAAqB,SAAiC;AACpE,MAAI,QAAQ,WAAW,mBAAmB;AACxC,UAAM,IAAI,oBAAoB,uCAAuC;AAAA,EACvE;AACA,MAAI,QAAQ,cAAc,sBAAsB;AAC9C,UAAM,IAAI,oBAAoB,0CAA0C;AAAA,EAC1E;AACA,MAAI,QAAQ,QAAQ,gBAAgB;AAClC,UAAM,IAAI,oBAAoB,oCAAoC;AAAA,EACpE;AACA,uBAAqB,QAAQ,MAAM;AACnC,aAAW,SAAS,CAAC,QAAQ,MAAM,OAAO,YAAY,GAAY;AAChE,QAAI,OAAO,QAAQ,KAAK,MAAM,YAAY,QAAQ,KAAK,EAAE,WAAW,GAAG;AACrE,YAAM,IAAI,oBAAoB,2BAA2B,KAAK,8BAA8B;AAAA,IAC9F;AAAA,EACF;AACF;AAEA,SAAS,oBAAoB,SAAmC;AAC9D,QAAM,QAAQ,QAAQ,MAAM,GAAG;AAC/B,QAAM,CAAC,EAAE,QAAQ,SAAS,WAAW,KAAK,WAAW,MAAM,IAAI,KAAK,UAAU,IAAI;AAElF,MACE,MAAM,WAAW,MACjB,WAAW,WACX,YAAY,sBACZ,cAAc,wBACd,QAAQ,kBACR,CAAC,aACD,CAAC,QACD,CAAC,MACD,CAAC,OACD,CAAC,YACD;AACA,UAAM,IAAI,oBAAoB,sCAAsC;AAAA,EACtE;AAEA,SAAO;AAAA,IACL,QAAQ;AAAA,IACR;AAAA,IACA;AAAA,IACA,QAAQ,kBAAkB,SAAS;AAAA,IACnC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACF;;;AP1FA,eAAsB,cACpB,SACA,QACA,UAA0B,CAAC,GACV;AACjB,eAAa,MAAM;AAEnB,MAAI;AACF,UAAM,SAAS,sBAAsB,OAAO;AAC5C,UAAM,MAAM,MAAM,gBAAgB,QAAQ,cAAc,OAAO,MAAM,MAAM,GAAG,OAAO,MAAM;AAC3F,UAAM,WAAW,iBAAiB,sBAAsB,KAAK,cAAc,OAAO,IAAI,IAAI,CAAC;AAE3F,QAAI,QAAQ,KAAK;AACf,eAAS,OAAO,OAAO,KAAK,QAAQ,KAAK,MAAM,CAAC;AAAA,IAClD;AAEA,aAAS,WAAW,cAAc,OAAO,KAAK,UAAU,CAAC;AACzD,WAAO,OAAO,OAAO;AAAA,MACnB,SAAS,OAAO,cAAc,OAAO,YAAY,YAAY,CAAC;AAAA,MAC9D,SAAS,MAAM;AAAA,IACjB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,yEAAyE;AAAA,MACjG,OAAO;AAAA,IACT,CAAC;AAAA,EACH;AACF;;;AQnCA,SAAS,UAAU,MAAM,iBAAiB;AAC1C,SAAS,oBAAAA,yBAAwB;;;ACD1B,SAAS,YAAoB;AAClC,UAAO,oBAAI,KAAK,GAAE,YAAY;AAChC;AAEO,SAAS,cAAc,UAA6D;AACzF,SAAO;AAAA,IACL,GAAI,YAAY,CAAC;AAAA,IACjB,WAAW,OAAO,UAAU,cAAc,WAAW,SAAS,YAAY,UAAU;AAAA,EACtF;AACF;;;ADaA,eAAsB,YACpB,WACA,YACA,QACA,UAA8B,CAAC,GACJ;AAC3B,eAAa,MAAM;AAEnB,MAAI;AACF,UAAM,OAAO,MAAM,SAAS,SAAS;AACrC,UAAM,YAAY,KAAK,QAAQ,EAAI;AACnC,QAAI,aAAa,GAAG;AAClB,YAAM,IAAI,oBAAoB,+CAA+C;AAAA,IAC/E;AAEA,UAAM,SAAS,UAAsB,KAAK,SAAS,GAAG,SAAS,EAAE,SAAS,MAAM,GAAG,mCAAmC;AACtH,QAAI,OAAO,WAAW,gBAAgB,OAAO,cAAc,wBAAwB,OAAO,QAAQ,UAAU;AAC1G,YAAM,IAAI,oBAAoB,oCAAoC;AAAA,IACpE;AAEA,UAAM,OAAO,KAAK,SAAS,YAAY,CAAC;AACxC,QAAI,KAAK,SAAS,IAAI;AACpB,YAAM,IAAI,oBAAoB,+CAA+C;AAAA,IAC/E;AAEA,UAAM,aAAa,KAAK,SAAS,GAAG,KAAK,SAAS,EAAE;AACpD,UAAM,MAAM,KAAK,SAAS,KAAK,SAAS,EAAE;AAC1C,UAAM,SAAS,kBAAkB,OAAO,MAAM;AAC9C,UAAM,MAAM,MAAM,gBAAgB,QAAQ,cAAc,OAAO,MAAM,MAAM,GAAG,MAAM;AACpF,UAAM,WAAWC,kBAAiB,sBAAsB,KAAK,cAAc,OAAO,IAAI,IAAI,CAAC;AAE3F,QAAI,QAAQ,KAAK;AACf,eAAS,OAAO,OAAO,KAAK,QAAQ,KAAK,MAAM,CAAC;AAAA,IAClD,WAAW,OAAO,KAAK;AACrB,YAAM,IAAI,oBAAoB,6CAA6C;AAAA,IAC7E;AAEA,aAAS,WAAW,GAAG;AACvB,UAAM,UAAU,YAAY,OAAO,OAAO,CAAC,SAAS,OAAO,UAAU,GAAG,SAAS,MAAM,CAAC,CAAC,CAAC;AAE1F,UAAM,aAAa,MAAM,KAAK,SAAS;AACvC,UAAM,cAAc,MAAM,KAAK,UAAU;AAEzC,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,WAAW,WAAW;AAAA,MACtB,cAAc,YAAY;AAAA,MAC1B,WAAW;AAAA,MACX,WAAW,UAAU;AAAA,IACvB;AAAA,EACF,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,8EAA8E;AAAA,MACtG,OAAO;AAAA,IACT,CAAC;AAAA,EACH;AACF;;;AE3EA,eAAsB,YACpB,SACA,QACA,UAA0B,CAAC,GACV;AACjB,QAAM,SAAS,MAAM,cAAc,SAAS,QAAQ,OAAO;AAC3D,SAAO,OAAO,SAAS,MAAM;AAC/B;;;ACNA,eAAsB,YACpB,SACA,QACA,UAA0B,CAAC,GACf;AACZ,SAAO,UAAa,MAAM,YAAY,SAAS,QAAQ,OAAO,GAAG,sCAAsC;AACzG;;;ACVA,SAAS,sBAAsB;;;ACA/B,SAAS,mBAAmB;AAKrB,SAAS,aAAa,OAAO,qBAA6B;AAC/D,MAAI,CAAC,OAAO,UAAU,IAAI,KAAK,OAAO,KAAK,OAAO,MAAM;AACtD,UAAM,IAAI,mBAAmB,yDAAyD;AAAA,EACxF;AAEA,SAAO,YAAY,IAAI;AACzB;AAEO,SAAS,aAAa,OAAO,qBAA6B;AAC/D,SAAO,YAAY,aAAa,IAAI,CAAC;AACvC;AAEO,SAAS,eAAe,OAAO,IAAY;AAChD,SAAO,YAAY,aAAa,IAAI,CAAC;AACvC;;;ADRA,eAAsB,cACpB,QACA,QACA,UAA0B,CAAC,GACS;AACpC,MAAI,CAAC,OAAO,SAAS,MAAM,GAAG;AAC5B,UAAM,IAAI,gBAAgB,uCAAuC;AAAA,EACnE;AACA,eAAa,MAAM;AACnB,4BAA0B,QAAQ,SAAS;AAE3C,MAAI;AACF,UAAM,SAAS,sBAAsB,2BAA2B,QAAQ,MAAM;AAC9E,UAAM,OAAO,aAAa,mBAAmB;AAC7C,UAAM,KAAK,aAAa,iBAAiB;AACzC,UAAM,MAAM,MAAM,gBAAgB,QAAQ,MAAM,MAAM;AACtD,UAAM,SAAS,eAAe,sBAAsB,KAAK,EAAE;AAE3D,QAAI,QAAQ,KAAK;AACf,aAAO,OAAO,OAAO,KAAK,QAAQ,KAAK,MAAM,CAAC;AAAA,IAChD;AAEA,UAAM,aAAa,OAAO,OAAO,CAAC,OAAO,OAAO,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;AACxE,UAAM,MAAM,OAAO,WAAW;AAC9B,UAAM,UAA4B;AAAA,MAChC,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,KAAK;AAAA,MACL;AAAA,MACA,IAAI,YAAY,EAAE;AAAA,MAClB,MAAM,YAAY,IAAI;AAAA,MACtB,KAAK,YAAY,GAAG;AAAA,MACpB,YAAY,YAAY,UAAU;AAAA,MAClC,UAAU,cAAc,QAAQ,QAAQ;AAAA,IAC1C;AAEA,WAAO,QAAQ,WAAW,YAAY,iBAAiB,OAAO,IAAI;AAAA,EACpE,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,sBAAsB,EAAE,OAAO,MAAM,CAAC;AAAA,EAClE;AACF;;;AEnDA,SAAS,kBAAkB,yBAAyB;AACpD,SAAS,QAAAC,aAAY;AACrB,SAAS,kBAAAC,uBAAsB;AAC/B,SAAS,gBAAgB;AAWzB,eAAsB,YACpB,WACA,YACA,QACA,UAA8B,CAAC,GACJ;AAC3B,eAAa,MAAM;AAEnB,MAAI;AACF,UAAM,SAAS,sBAAsB,2BAA2B,QAAQ,MAAM;AAC9E,UAAM,OAAO,aAAa,mBAAmB;AAC7C,UAAM,KAAK,aAAa,iBAAiB;AACzC,UAAM,MAAM,MAAM,gBAAgB,QAAQ,MAAM,MAAM;AACtD,UAAM,SAASC,gBAAe,sBAAsB,KAAK,EAAE;AAE3D,QAAI,QAAQ,KAAK;AACf,aAAO,OAAO,OAAO,KAAK,QAAQ,KAAK,MAAM,CAAC;AAAA,IAChD;AAEA,UAAM,SAAS,OAAO;AAAA,MACpB,KAAK,UAAU;AAAA,QACb,QAAQ;AAAA,QACR,WAAW;AAAA,QACX,KAAK;AAAA,QACL,QAAQ,sBAAsB,MAAM;AAAA,QACpC,MAAM,YAAY,IAAI;AAAA,QACtB,IAAI,YAAY,EAAE;AAAA,QAClB,KAAK,QAAQ,MAAM,OAAO;AAAA,MAC5B,CAAC,IAAI;AAAA,MACL;AAAA,IACF;AAEA,UAAM,SAAS,kBAAkB,UAAU;AAC3C,WAAO,MAAM,MAAM;AACnB,UAAM,SAAS,iBAAiB,SAAS,GAAG,QAAQ,QAAQ,EAAE,KAAK,MAAM,CAAC;AAC1E,WAAO,MAAM,OAAO,WAAW,CAAC;AAChC,WAAO,IAAI;AAEX,UAAM,aAAa,MAAMC,MAAK,SAAS;AACvC,UAAM,cAAc,MAAMA,MAAK,UAAU;AAEzC,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,WAAW,WAAW;AAAA,MACtB,cAAc,YAAY;AAAA,MAC1B,WAAW;AAAA,MACX,WAAW,UAAU;AAAA,IACvB;AAAA,EACF,SAAS,OAAO;AACd,UAAM,IAAI,gBAAgB,2BAA2B,EAAE,OAAO,MAAM,CAAC;AAAA,EACvE;AACF;;;AC/DA,eAAsB,YACpB,WACA,QACA,UAA0B,CAAC,GACS;AACpC,MAAI,OAAO,cAAc,UAAU;AACjC,UAAM,IAAI,UAAU,6BAA6B;AAAA,EACnD;AAEA,SAAO,cAAc,OAAO,KAAK,WAAW,MAAM,GAAG,QAAQ,OAAO;AACtE;;;ACTA,eAAsB,YACpB,MACA,QACA,UAA0B,CAAC,GACS;AACpC,SAAO,YAAY,cAAc,IAAI,GAAG,QAAQ,OAAO;AACzD;;;ACJO,SAAS,wBAAwB,QAA8B;AACpE,SAAO,KAAK,OAAO,CAAC,MAAM,OAAO,CAAC,MAAM,OAAO,CAAC,WAAW,OAAO,MAAM;AAC1E;AAEO,SAAS,oBAAoB,OAA6B;AAC/D,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,QAAM,SAAiC,CAAC;AAExC,aAAW,QAAQ,OAAO;AACxB,UAAM,CAAC,KAAK,QAAQ,IAAI,KAAK,MAAM,GAAG;AACtC,QAAI,CAAC,OAAO,aAAa,UAAa,CAAC,CAAC,KAAK,KAAK,KAAK,QAAQ,EAAE,SAAS,GAAG,GAAG;AAC9E,YAAM,IAAI,yBAAyB,qDAAqD;AAAA,IAC1F;AAEA,UAAM,cAAc,OAAO,QAAQ;AACnC,QAAI,CAAC,OAAO,UAAU,WAAW,GAAG;AAClC,YAAM,IAAI,yBAAyB,uDAAuD;AAAA,IAC5F;AACA,WAAO,GAAG,IAAI;AAAA,EAChB;AAEA,QAAM,EAAE,GAAG,GAAG,GAAG,OAAO,IAAI;AAE5B,MAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ;AAC7B,UAAM,IAAI,yBAAyB,sDAAsD;AAAA,EAC3F;AAEA,QAAM,SAAuB,EAAE,GAAG,GAAG,GAAG,OAAO;AAC/C,uBAAqB,MAAM;AAC3B,SAAO;AACT;AAEO,SAAS,mBAAmB,QAAsB,MAAc,MAAsB;AAC3F,SAAO,GAAG,sBAAsB,GAAG,gBAAgB,IAAI,kBAAkB,IAAI,wBAAwB,MAAM,CAAC,IAAI,IAAI,IAAI,IAAI;AAC9H;AAEO,SAAS,kBAAkB,YAAwC;AACxE,MAAI,OAAO,eAAe,YAAY,WAAW,WAAW,GAAG;AAC7D,UAAM,IAAI,yBAAyB,kDAAkD;AAAA,EACvF;AAEA,MAAI,CAAC,WAAW,WAAW,sBAAsB,GAAG;AAClD,UAAM,IAAI,yBAAyB,wEAAwE;AAAA,EAC7G;AAEA,QAAM,QAAQ,WAAW,MAAM,GAAG;AAClC,QAAM,CAAC,EAAE,QAAQ,SAAS,WAAW,WAAW,MAAM,IAAI,IAAI;AAE9D,MAAI,MAAM,WAAW,KAAK,WAAW,QAAQ,YAAY,oBAAoB,cAAc,oBAAoB;AAC7G,UAAM,IAAI,yBAAyB,sCAAsC;AAAA,EAC3E;AAEA,MAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM;AAChC,UAAM,IAAI,yBAAyB,yDAAyD;AAAA,EAC9F;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,QAAQ,oBAAoB,SAAS;AAAA,IACrC;AAAA,IACA;AAAA,EACF;AACF;;;AC7DA,eAAsB,aACpB,UACA,UAA+B,CAAC,GACH;AAC7B,iBAAe,QAAQ;AACvB,0BAAwB,QAAQ,SAAS;AAEzC,QAAM,SAAS,sBAAsB,yBAAyB,QAAQ,MAAM;AAC5E,QAAM,OAAO,QAAQ,QAAQ,aAAa,QAAQ,cAAc,mBAAmB;AACnF,QAAM,aAAa,cAAc,MAAM,MAAM;AAC7C,QAAM,iBAAiB,YAAY,UAAU,QAAQ,MAAM;AAC3D,QAAM,aAAa,MAAM,gBAAgB,gBAAgB,YAAY,MAAM;AAC3E,QAAM,OAAO,YAAY,UAAU;AAEnC,SAAO;AAAA,IACL,WAAW;AAAA,IACX,SAAS;AAAA,IACT,MAAM,mBAAmB,QAAQ,MAAM,IAAI;AAAA,IAC3C;AAAA,IACA;AAAA,IACA,WAAW,UAAU;AAAA,EACvB;AACF;;;ACzBO,SAAS,YAAY,YAAoB,iBAAsC,CAAC,GAAY;AACjG,0BAAwB,eAAe,SAAS;AAEhD,MAAI;AACJ,MAAI;AACF,aAAS,kBAAkB,UAAU;AAAA,EACvC,SAAS,OAAO;AACd,QAAI,iBAAiB,0BAA0B;AAC7C,aAAO;AAAA,IACT;AACA,UAAM;AAAA,EACR;AAEA,QAAM,gBAAgB,sBAAsB,yBAAyB,eAAe,MAAM;AAE1F,SACE,OAAO,YAAY,oBACnB,OAAO,cAAc,sBACrB,OAAO,OAAO,MAAM,cAAc,KAClC,OAAO,OAAO,MAAM,cAAc,KAClC,OAAO,OAAO,MAAM,cAAc,KAClC,OAAO,OAAO,WAAW,cAAc;AAE3C;;;AC7BA,SAAS,uBAAuB;AAEzB,SAAS,kBAAkB,MAAc,OAAwB;AACtE,MAAI,KAAK,WAAW,MAAM,QAAQ;AAChC,UAAM,aAAa,OAAO,MAAM,KAAK,IAAI,KAAK,QAAQ,MAAM,MAAM,CAAC;AACnE,UAAM,cAAc,OAAO,MAAM,KAAK,IAAI,KAAK,QAAQ,MAAM,MAAM,CAAC;AACpE,SAAK,KAAK,UAAU;AACpB,UAAM,KAAK,WAAW;AACtB,oBAAgB,YAAY,WAAW;AACvC,WAAO;AAAA,EACT;AAEA,SAAO,gBAAgB,MAAM,KAAK;AACpC;;;ACJA,eAAsB,eACpB,UACA,YACA,UAAiC,CAAC,GACH;AAC/B,iBAAe,QAAQ;AAEvB,MAAI;AACF,UAAM,SAAS,kBAAkB,UAAU;AAC3C,UAAM,aAAa,cAAc,OAAO,MAAM,MAAM;AACpD,UAAM,WAAW,cAAc,OAAO,MAAM,eAAe;AAC3D,UAAM,YAAY,MAAM,gBAAgB,YAAY,UAAU,QAAQ,MAAM,GAAG,YAAY,OAAO,MAAM;AACxG,UAAM,QAAQ,kBAAkB,OAAO,KAAK,YAAY,SAAS,CAAC,GAAG,OAAO,KAAK,YAAY,QAAQ,CAAC,CAAC;AAEvG,WAAO;AAAA,MACL;AAAA,MACA,aAAa,QAAQ,YAAiB,YAAY,QAAQ,kBAAkB,CAAC,CAAC,IAAI;AAAA,MAClF,WAAW,OAAO;AAAA,MAClB,SAAS,OAAO;AAAA,IAClB;AAAA,EACF,SAAS,OAAO;AACd,UAAM,IAAI,0BAA0B,sEAAsE;AAAA,MACxG,OAAO;AAAA,IACT,CAAC;AAAA,EACH;AACF;;;AC7BO,SAAS,cAAc,OAAiC;AAC7D,MAAI,OAAO,SAAS,KAAK,GAAG;AAC1B,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,UAAU,UAAU;AAC7B,QAAI,MAAM,WAAW,sBAAsB,GAAG;AAC5C,aAAO;AAAA,IACT;AACA,QAAI,MAAM,WAAW,yBAAyB,GAAG;AAC/C,aAAO;AAAA,IACT;AACA,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK;AAC/B,aAAO,OAAO,WAAW,oBAAoB,sBAAsB;AAAA,IACrE,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAEA,MAAI,SAAS,OAAO,UAAU,YAAa,MAAoC,WAAW,mBAAmB;AAC3G,WAAO;AAAA,EACT;AAEA,MAAI,SAAS,OAAO,UAAU,UAAU;AACtC,WAAO;AAAA,EACT;AAEA,SAAO;AACT;;;ACbO,IAAM,wBAAN,MAA4B;AAAA,EAkBjC,YAA6B,UAAoC,CAAC,GAAG;AAAxC;AAC3B,SAAK,WAAW;AAAA,MACd,MAAM,CAAC,UAAUC,aAAY,aAAa,UAAU,EAAE,GAAG,KAAK,QAAQ,UAAU,GAAGA,SAAQ,CAAC;AAAA,MAC5F,QAAQ,CAAC,UAAU,YAAYA,aAAY;AACzC,cAAM,iBAAiBA,UAAS,kBAAkB,KAAK,QAAQ;AAC/D,eAAO,eAAe,UAAU,YAAY;AAAA,UAC1C,GAAGA;AAAA,UACH,GAAI,iBAAiB,EAAE,eAAe,IAAI,CAAC;AAAA,QAC7C,CAAC;AAAA,MACH;AAAA,MACA,aAAa,CAAC,YAAYA,aAAY,YAAY,YAAY,EAAE,GAAG,KAAK,QAAQ,UAAU,GAAGA,SAAQ,CAAC;AAAA,IACxG;AAEA,SAAK,SAAS;AAAA,MACZ,aAAa,CAAC,WAAW,QAAQA,aAAY,YAAY,WAAW,QAAQ,EAAE,GAAG,KAAK,QAAQ,YAAY,GAAGA,SAAQ,CAAC;AAAA,MACtH;AAAA,MACA,aAAa,CAAC,MAAM,QAAQA,aAAY,YAAY,MAAM,QAAQ,EAAE,GAAG,KAAK,QAAQ,YAAY,GAAGA,SAAQ,CAAC;AAAA,MAC5G;AAAA,MACA,eAAe,CAAC,QAAQ,QAAQA,aAAY,cAAc,QAAQ,QAAQ,EAAE,GAAG,KAAK,QAAQ,YAAY,GAAGA,SAAQ,CAAC;AAAA,MACpH;AAAA,MACA,aAAa,CAAC,WAAW,YAAY,QAAQA,aAC3C,YAAY,WAAW,YAAY,QAAQ,EAAE,GAAG,KAAK,QAAQ,YAAY,GAAGA,SAAQ,CAAC;AAAA,MACvF;AAAA,IACF;AAAA,EACF;AAAA,EAxB6B;AAAA,EAjBpB;AAAA,EAMA;AAAA,EAqCT,KAAK,UAAkB,SAA4D;AACjF,WAAO,KAAK,SAAS,KAAK,UAAU,OAAO;AAAA,EAC7C;AAAA,EAEA,OAAO,UAAkB,YAAoB,SAAgE;AAC3G,WAAO,KAAK,SAAS,OAAO,UAAU,YAAY,OAAO;AAAA,EAC3D;AAAA,EAEA,MAAM,QAAQ,MAA6D,QAAgB,SAA8D;AACvJ,QAAI,OAAO,SAAS,IAAI,GAAG;AACzB,aAAO,KAAK,OAAO,cAAc,MAAM,QAAQ,OAAO;AAAA,IACxD;AAEA,QAAI,OAAO,SAAS,UAAU;AAC5B,aAAO,KAAK,OAAO,YAAY,MAAM,QAAQ,OAAO;AAAA,IACtD;AAEA,QAAI,QAAQ,OAAO,SAAS,UAAU;AACpC,aAAO,KAAK,OAAO,YAAY,MAAM,QAAQ,OAAO;AAAA,IACtD;AAEA,UAAM,IAAI,oBAAoB,2DAA2D;AAAA,EAC3F;AAAA,EAEA,MAAM,QACJ,SACA,QACA,SAC8B;AAC9B,QAAI,SAAS,OAAO,UAAU;AAC5B,aAAO,KAAK,OAAO,cAAc,SAAS,QAAQ,OAAO;AAAA,IAC3D;AAEA,UAAM,gBAAgB,MAAM,KAAK,OAAO,YAAY,SAAS,QAAQ,OAAO;AAE5E,QAAI,SAAS,OAAO,QAAQ;AAC1B,aAAO,KAAK,MAAM,aAAa;AAAA,IACjC;AAEA,UAAM,WAAW,cAAc,aAAa;AAC5C,QAAI,aAAa,QAAQ;AACvB,UAAI;AACF,eAAO,KAAK,MAAM,aAAa;AAAA,MACjC,QAAQ;AACN,eAAO;AAAA,MACT;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,sBAA6B;AAC3B,UAAM,IAAI,oBAAoB,uFAAuF;AAAA,EACvH;AACF;;;ACrHO,SAAS,kBAAkB,UAAoC,CAAC,GAA0B;AAC/F,SAAO,IAAI,sBAAsB,OAAO;AAC1C;AAEO,IAAM,oBAAoB;AAC1B,IAAM,wBAAwB;;;AC+C9B,IAAM,cAAc,kBAAkB;AACtC,IAAM,cAAc;AACpB,IAAM,cAAc;AACpB,IAAM,cAAc;AAC3B,IAAO,gBAAQ;","names":["createDecipheriv","createDecipheriv","stat","createCipheriv","createCipheriv","stat","options"]}
package/package.json ADDED
@@ -0,0 +1,56 @@
1
+ {
2
+ "name": "secure-hash-vault",
3
+ "version": "1.0.0",
4
+ "description": "A fast, safe, and easy TypeScript toolkit for password hashing, verification, and authenticated data encryption using Node.js crypto.",
5
+ "main": "dist/index.cjs",
6
+ "module": "dist/index.js",
7
+ "types": "dist/index.d.ts",
8
+ "exports": {
9
+ ".": {
10
+ "types": "./dist/index.d.ts",
11
+ "import": "./dist/index.js",
12
+ "require": "./dist/index.cjs"
13
+ }
14
+ },
15
+ "files": [
16
+ "dist",
17
+ "README.md",
18
+ "LICENSE"
19
+ ],
20
+ "sideEffects": false,
21
+ "engines": {
22
+ "node": ">=18"
23
+ },
24
+ "scripts": {
25
+ "typecheck": "tsc --noEmit",
26
+ "build": "tsup src/index.ts --format esm,cjs --dts --sourcemap --clean",
27
+ "test": "tsx --test test/*.test.ts",
28
+ "pack:dry": "npm pack --dry-run"
29
+ },
30
+ "keywords": [
31
+ "secure-hash-vault",
32
+ "securehashvault",
33
+ "password-hashing",
34
+ "password-verification",
35
+ "scrypt",
36
+ "aes-256-gcm",
37
+ "encryption",
38
+ "decryption",
39
+ "node-crypto",
40
+ "typescript",
41
+ "security",
42
+ "hashing",
43
+ "kdf",
44
+ "salt",
45
+ "pepper",
46
+ "authenticated-encryption",
47
+ "bsg-technologies",
48
+ "pradeep-kumar-sheoran"
49
+ ],
50
+ "devDependencies": {
51
+ "@types/node": "^20.19.0",
52
+ "tsup": "^8.5.0",
53
+ "tsx": "^4.20.0",
54
+ "typescript": "^5.8.0"
55
+ }
56
+ }