Cover empty passphrase, invalid base64, wrong passphrase decryption failure, and invalid JSON content error paths. Coverage: 66.7% → 73.7%
Tests encryptWithPassphrase and decryptWithPassphrase: - Roundtrip encryption/decryption with various data types - Unique output verification (random salt/nonce) - Wrong passphrase rejection - Tampered ciphertext detection - Minimum size validation - Base64 roundtrip (matching export/import flow)