/**
 * @bytelyst/client-encrypt
 *
 * Client-side AES-256-GCM field encryption using Web Crypto API.
 * Works in browsers and React Native (with SubtleCrypto polyfill).
 * Wire-compatible with @bytelyst/field-encrypt (server) and
 * BLFieldEncrypt (Swift/Kotlin native SDKs).
 *
 * @example
 * ```typescript
 * import { generateKey, encryptField, decryptField } from '@bytelyst/client-encrypt';
 *
 * const key = await generateKey();
 * const encrypted = await encryptField('sensitive data', key, 'dek_user1_notes');
 * const plaintext = await decryptField(encrypted, key);
 * ```
 */

// ── Main API ────────────────────────────────────────
export {
  encryptField,
  decryptField,
  generateKey,
  keyFromHex,
  keyToHex,
  deriveKey,
} from './aes-gcm.js';

// ── Type guards ─────────────────────────────────────
export { isEncryptedField } from './guards.js';

// ── Hex utilities ───────────────────────────────────
export { toHex, fromHex } from './hex.js';

// ── Types ───────────────────────────────────────────
export type { EncryptedField, ClientEncryptContext } from './types.js';