SQLite

     A map of sqlite3_vfs pointers to SQL code or a callback function
     to run when the DB constructor opens a database with the given
     VFS. In the latter case, the call signature is (theDbObject,sqlite3Namespace)
     and the callback is expected to throw on error.
  */
  const __vfsPostOpenSql = Object.create(null);

//#if enable-see
  /**
     Converts ArrayBuffer or Uint8Array ba into a string of hex
     digits.
  */
  const byteArrayToHex = function(ba){
    if( ba instanceof ArrayBuffer ){
      ba = new Uint8Array(ba);
    }
    const li = [];
    const digits = "0123456789abcdef";
    for( const d of ba ){
      li.push( digits[(d & 0xf0) >> 4], digits[d & 0x0f] );
    }
    return li.join('');
  };


  /**
     Internal helper to apply an SEE key to a just-opened
     database. Requires that db be-a DB object which has just been
     opened, opt be the options object processed by its ctor, and opt
     must have either the key, hexkey, or textkey properties, either
     as a string, an ArrayBuffer, or a Uint8Array.

      keytype = 'hexkey';
      key = opt.hexkey;
      if((key instanceof ArrayBuffer) || (key instanceof Uint8Array)){
        key = byteArrayToHex(key);
      }else if('string'!==typeof key){
        toss3("Invalid value for the 'hexkey' option. Expecting a string, ArrayBuffer, or Uint8Array.");
      }
      /* else assume it's valid hex codes */
    }else{
      return;
    }
    let stmt;
    try{
      stmt = db.prepare("PRAGMA "+keytype+"="+util.sqlite3__wasm_qfmt_token(key, 1));
      stmt.step();

     - `vfs`: the VFS fname

//#if enable-see
     And, for SEE-capable builds, optionally ONE of the following:

     - `key`, `hexkey`, or `textkey`: encryption key as a string,
       ArrayBuffer, or Uint8Array. These flags function as documented
       for the SEE pragmas of the same names. Using a byte array for
       `hexkey` is equivalent to the same series of hex codes in
       string form, so '666f6f' is equivalent to
       Uint8Array([0x66,0x6f,0x6f]). A `textkey` byte array is assumed
       to be UTF-8. A `key` string is transformed into a UTF-8 byte
       array, and a `key` byte array is transformed into a `hexkey`
       with the same bytes.

     In non-SEE builds, these options are ignored. In SEE builds,
     `PRAGMA key/textkey/hexkey=X` is executed immediately after
     opening the db. If more than one of the options is provided,
     or any option has an invalid argument type, an exception is
     thrown.
//#endif enable-see

    .t({
      name: 'kvvfs with SEE encryption',
      predicate: ()=>(isUIThread()
                      || "Only available in main thread."),
      test: function(sqlite3){
        this.kvvfsUnlink();
        let db;
        const encOpt1 = 1
              ? {textkey: 'foo'}
              : {key: 'foo'};
        const encOpt2 = encOpt1.textkey
              ? encOpt1
              : {hexkey: new Uint8Array([0x66,0x6f,0x6f]/*==>"foo"*/)}
        try{
          db = new this.JDb({
            filename: this.kvvfsDbFile,
            ...encOpt1
          });
          db.exec([
            "create table t(a,b);",
            "insert into t(a,b) values(1,2),(3,4)"
          ]);
          db.close();
          let err;

          }
          T.assert(err,"Expecting an exception")
            .assert(sqlite3.capi.SQLITE_NOTADB==err.resultCode,
                    "Expecting NOTADB");
          db = new sqlite3.oo1.DB({
            filename: this.kvvfsDbFile,
            vfs: 'kvvfs',
            ...encOpt2
          });
          T.assert( 4===db.selectValue('select sum(a) from t') );
        }finally{
          if( db ) db.close();
          this.kvvfsUnlink();
        }
      }