@agentunion/fastaun 0.3.2 → 0.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +22 -0
- package/_packed_docs/CHANGELOG.md +22 -0
- package/_packed_docs/sdk/04-/350/277/236/346/216/245/344/270/216/350/256/244/350/257/201.md +48 -15
- package/_packed_docs/sdk/06-API/346/211/213/345/206/214.md +182 -28
- package/_packed_docs/sdk/AUN_DOCS_GUIDE.md +7 -5
- package/_packed_docs/sdk/INDEX.md +17 -12
- package/dist/auth.d.ts +3 -0
- package/dist/auth.js +18 -18
- package/dist/auth.js.map +1 -1
- package/dist/client.d.ts +71 -8
- package/dist/client.js +1811 -440
- package/dist/client.js.map +1 -1
- package/dist/discovery.d.ts +4 -0
- package/dist/discovery.js +28 -13
- package/dist/discovery.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/keystore/aid-db.d.ts +4 -0
- package/dist/keystore/aid-db.js +94 -0
- package/dist/keystore/aid-db.js.map +1 -1
- package/dist/keystore/file.d.ts +3 -1
- package/dist/keystore/file.js +18 -0
- package/dist/keystore/file.js.map +1 -1
- package/dist/keystore/index.d.ts +20 -0
- package/dist/logger.d.ts +2 -0
- package/dist/logger.js +7 -4
- package/dist/logger.js.map +1 -1
- package/dist/namespaces/auth.d.ts +1 -0
- package/dist/namespaces/auth.js +38 -0
- package/dist/namespaces/auth.js.map +1 -1
- package/dist/net.d.ts +43 -0
- package/dist/net.js +192 -0
- package/dist/net.js.map +1 -0
- package/dist/seq-tracker.d.ts +32 -3
- package/dist/seq-tracker.js +60 -3
- package/dist/seq-tracker.js.map +1 -1
- package/dist/tools/cross-sdk-agent.d.ts +2 -0
- package/dist/tools/cross-sdk-agent.js +695 -0
- package/dist/tools/cross-sdk-agent.js.map +1 -0
- package/dist/transport.d.ts +2 -0
- package/dist/transport.js +45 -0
- package/dist/transport.js.map +1 -1
- package/dist/v2/crypto/canonical.d.ts +1 -1
- package/dist/v2/crypto/canonical.js +42 -17
- package/dist/v2/crypto/canonical.js.map +1 -1
- package/dist/v2/e2ee/decrypt.js +56 -2
- package/dist/v2/e2ee/decrypt.js.map +1 -1
- package/dist/v2/e2ee/encrypt-group.js +16 -7
- package/dist/v2/e2ee/encrypt-group.js.map +1 -1
- package/dist/v2/e2ee/encrypt-p2p.js +41 -9
- package/dist/v2/e2ee/encrypt-p2p.js.map +1 -1
- package/dist/v2/e2ee/metadata-auth.d.ts +1 -0
- package/dist/v2/e2ee/metadata-auth.js +37 -1
- package/dist/v2/e2ee/metadata-auth.js.map +1 -1
- package/dist/v2/e2ee/types.d.ts +2 -2
- package/dist/v2/session/keystore.d.ts +10 -3
- package/dist/v2/session/keystore.js +158 -30
- package/dist/v2/session/keystore.js.map +1 -1
- package/dist/v2/session/session.d.ts +6 -3
- package/dist/v2/session/session.js +58 -12
- package/dist/v2/session/session.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encrypt-group.js","sourceRoot":"","sources":["../../../src/v2/e2ee/encrypt-group.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAKL,UAAU,GACX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC1G,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAE7D,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;AAE/B;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAc,EACd,OAAe,EACf,KAAa,EACb,OAAiB,EACjB,OAAgC,EAChC,OAAuB,EAAE,EACzB,eAA2C;IAE3C,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,KAAK,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IAE/C,oBAAoB;IACpB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,
|
|
1
|
+
{"version":3,"file":"encrypt-group.js","sourceRoot":"","sources":["../../../src/v2/e2ee/encrypt-group.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAKL,UAAU,GACX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAC1G,OAAO,EAAE,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AAE7D,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;AAE/B;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAc,EACd,OAAe,EACf,KAAa,EACb,OAAiB,EACjB,OAAgC,EAChC,OAAuB,EAAE,EACzB,eAA2C;IAE3C,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,KAAK,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IAE/C,oBAAoB;IACpB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,eAAe,GACnB,WAAW,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAErE,yBAAyB;IACzB,MAAM,EAAE,GAAG,eAAe,IAAI,EAAE,CAAC;IACjC,MAAM,kBAAkB,GAAG;QACzB,aAAa,EAAE,MAAM,CAAE,EAAiC,CAAC,aAAa,IAAI,CAAC,CAAC,IAAI,CAAC;QACjF,UAAU,EAAE,MAAM,CAAE,EAA8B,CAAC,UAAU,IAAI,EAAE,CAAC;QACpE,WAAW,EAAE,MAAM,CAAE,EAA+B,CAAC,WAAW,IAAI,EAAE,CAAC;KACxE,CAAC;IAEF,MAAM,GAAG,GAA4B;QACnC,IAAI,EAAE,MAAM,CAAC,GAAG;QAChB,WAAW,EAAE,MAAM,CAAC,QAAQ;QAC5B,QAAQ,EAAE,OAAO;QACjB,KAAK;QACL,UAAU,EAAE,SAAS;QACrB,SAAS;QACT,KAAK,EAAE,UAAU;QACjB,aAAa,EAAE,eAAe;QAC9B,gBAAgB,EAAE,kBAAkB;KACrC,CAAC;IAEF,MAAM,cAAc,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,CAAC;IAEzF,MAAM,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,GAAG,mBAAmB,EAAE,CAAC;IAEvE,2EAA2E;IAC3E,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;IAEhE,MAAM,cAAc,GAAe,EAAE,CAAC;IACtC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,cAAc,CAAC,IAAI,CACjB,gBAAgB,CAAC,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAChF,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,cAAc,CAAC,cAAc,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,uBAAuB,CAAC,UAAU,CAAC,CAAC;IAEtD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC;QACrB,WAAW;KACZ,CAAC,CAAC;IACH,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAEzE,MAAM,UAAU,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,UAAU,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAEvD,MAAM,QAAQ,GAA4B;QACxC,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,KAAK;QACL,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC/C,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACtD,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3D,uBAAuB,EAAE,MAAM;QAC/B,iBAAiB,EAAE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACtE,iBAAiB,EAAE,SAAS;QAC5B,UAAU,EAAE,UAAU;QACtB,GAAG;KACJ,CAAC;IACF,MAAM,WAAW,GAAG,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,IAAI,WAAW,EAAE,CAAC;QAChB,QAAQ,CAAC,YAAY,GAAG,WAAW,CAAC;IACtC,CAAC;IAED,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,iBAAiB,GAAG,yBAAyB,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;IACpF,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,QAAQ,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,iBAAiB,EAAE,SAAS,EAAE,wBAAwB,CAAC,CAAC;IACxG,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7H,QAAQ,CAAC,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,wBAAwB,CAAC,CAAC;IACzF,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CAAC,QAAoB,EAAE,mBAA+B;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAChC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,gBAAgB,CACvB,MAAc,EACd,SAAqB,EACrB,iBAA6B,EAC7B,gBAA4B,EAC5B,QAAoB;IAEpB,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACtF,MAAM,EAAE,GAAG,UAAU,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAE/C,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEpD,IAAI,OAAmB,CAAC;IACxB,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,GAAG,cAAc,CACtB,iBAAiB,EACjB,gBAAgB,EAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,QAAQ,EACf,QAAQ,CACT,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,cAAc,CAAC,iBAAiB,EAAE,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,aAAa,CAC9D,OAAO,EACP,SAAS,EACT,SAAS,EACT,IAAI,UAAU,CAAC,CAAC,CAAC,CAClB,CAAC;IACF,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAEpF,OAAO;QACL,MAAM,CAAC,GAAG;QACV,MAAM,CAAC,QAAQ;QACf,MAAM,CAAC,IAAI;QACX,YAAY;QACZ,EAAE;QACF,QAAQ;QACR,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACzC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;KAC9B,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAClB,MAAc;IAMd,OAAO,OAAO,CACZ,MAAM,CAAC,KAAK;QACV,MAAM,CAAC,QAAQ;QACf,CAAC,MAAM,CAAC,SAAS,KAAK,oBAAoB,IAAI,MAAM,CAAC,SAAS,KAAK,qBAAqB,CAAC,CAC5F,CAAC;AACJ,CAAC"}
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
* 11. 组装 envelope
|
|
20
20
|
*/
|
|
21
21
|
import { createHash, randomUUID, randomBytes } from 'node:crypto';
|
|
22
|
-
import { canonicalJson } from '../crypto/canonical.js';
|
|
22
|
+
import { canonicalJson, canonicalStringify } from '../crypto/canonical.js';
|
|
23
23
|
import { ecdsaSignRaw } from '../crypto/ecdsa.js';
|
|
24
24
|
import { aesGcmEncrypt } from '../crypto/aead.js';
|
|
25
25
|
import { generateP256Keypair } from '../crypto/ecdh.js';
|
|
@@ -29,6 +29,8 @@ import { ProtectedHeaders } from '../../protected-headers.js';
|
|
|
29
29
|
import { SUITE_NAME, } from './types.js';
|
|
30
30
|
import { withMetadataAuth, PROTECTED_HEADERS_DOMAIN, PROTECTED_CONTEXT_DOMAIN } from './metadata-auth.js';
|
|
31
31
|
const TEXT = new TextEncoder();
|
|
32
|
+
const E2EE_SDK_LANG = 'typescript';
|
|
33
|
+
const E2EE_SDK_VERSION = '0.3.2';
|
|
32
34
|
/**
|
|
33
35
|
* 构造完整的 V2 P2P 加密 envelope。
|
|
34
36
|
*/
|
|
@@ -54,9 +56,7 @@ export function encryptP2PMessage(sender, targetSet, payload, opts = {}) {
|
|
|
54
56
|
];
|
|
55
57
|
const protocolSet = new Set();
|
|
56
58
|
for (const t of allTargets) {
|
|
57
|
-
|
|
58
|
-
(t.keySource === 'peer_device_prekey' || t.keySource === 'group_device_prekey');
|
|
59
|
-
protocolSet.add(has3DH ? '3DH' : '1DH');
|
|
59
|
+
protocolSet.add(usesSPKWrap(t) ? '3DH' : '1DH');
|
|
60
60
|
}
|
|
61
61
|
const wrapProtocolStr = protocolSet.size === 0 ? '1DH' : [...protocolSet].sort().join('+');
|
|
62
62
|
// 5. AAD(顺序在 canonical_json 时由键名排序统一,这里只是构造对象)
|
|
@@ -115,6 +115,10 @@ export function encryptP2PMessage(sender, targetSet, payload, opts = {}) {
|
|
|
115
115
|
recipients: sortedRows,
|
|
116
116
|
aad,
|
|
117
117
|
};
|
|
118
|
+
const payloadType = payload?.type == null ? '' : String(payload.type);
|
|
119
|
+
if (payloadType) {
|
|
120
|
+
envelope.payload_type = payloadType;
|
|
121
|
+
}
|
|
118
122
|
// protected_headers / context:HMAC 签名,不进 AAD。
|
|
119
123
|
// payload_type 自动注入 + value 转 string(与 Python _normalize_headers 对齐)
|
|
120
124
|
const normalizedHeaders = normalizeProtectedHeaders(opts.protectedHeaders, payload);
|
|
@@ -137,15 +141,36 @@ export function normalizeProtectedHeaders(headers, payload) {
|
|
|
137
141
|
Object.assign(normalized, headers.toObject());
|
|
138
142
|
}
|
|
139
143
|
else if (isPlainObject(headers)) {
|
|
140
|
-
|
|
144
|
+
for (const [key, value] of Object.entries(headers)) {
|
|
145
|
+
normalized[normalizeProtectedHeaderKey(key)] = normalizeProtectedHeaderValue(value);
|
|
146
|
+
}
|
|
141
147
|
}
|
|
142
148
|
// payload_type 自动注入(与 Python 对齐:即使未显式传 protected_headers 也会注入)
|
|
143
149
|
const payloadType = typeof payload?.type === 'string' ? payload.type : '';
|
|
144
150
|
if (payloadType && !('payload_type' in normalized)) {
|
|
145
151
|
normalized['payload_type'] = payloadType;
|
|
146
152
|
}
|
|
153
|
+
normalized.sdk_lang = E2EE_SDK_LANG;
|
|
154
|
+
normalized.sdk_vesion = E2EE_SDK_VERSION;
|
|
147
155
|
return normalized;
|
|
148
156
|
}
|
|
157
|
+
function normalizeProtectedHeaderKey(key) {
|
|
158
|
+
const value = String(key ?? '').trim().toLowerCase();
|
|
159
|
+
if (!value || !/^[a-z0-9_-]+$/.test(value)) {
|
|
160
|
+
throw new Error('protected header key must match [a-z0-9_-]+');
|
|
161
|
+
}
|
|
162
|
+
if (value === '_auth') {
|
|
163
|
+
throw new Error('protected header key is reserved');
|
|
164
|
+
}
|
|
165
|
+
return value;
|
|
166
|
+
}
|
|
167
|
+
function normalizeProtectedHeaderValue(value) {
|
|
168
|
+
if (value == null)
|
|
169
|
+
return '';
|
|
170
|
+
if (typeof value === 'string')
|
|
171
|
+
return value;
|
|
172
|
+
return canonicalStringify(value);
|
|
173
|
+
}
|
|
149
174
|
function isPlainObject(value) {
|
|
150
175
|
if (!value || typeof value !== 'object' || Array.isArray(value)) {
|
|
151
176
|
return false;
|
|
@@ -165,9 +190,11 @@ function wrapForRecipient(target, masterKey, senderSessionPriv, senderMasterPriv
|
|
|
165
190
|
const fpHash = createHash('sha256').update(Buffer.from(target.ikPkDer)).digest('hex');
|
|
166
191
|
const fp = `sha256:${fpHash.substring(0, 16)}`;
|
|
167
192
|
const wrapNonce = new Uint8Array(randomBytes(12));
|
|
193
|
+
const use3DH = usesSPKWrap(target);
|
|
194
|
+
const rowKeySource = use3DH ? target.keySource : 'aid_master';
|
|
195
|
+
const rowSpkId = use3DH ? (target.spkId ?? '') : '';
|
|
168
196
|
let wrapKey;
|
|
169
|
-
if (
|
|
170
|
-
(target.keySource === 'peer_device_prekey' || target.keySource === 'group_device_prekey')) {
|
|
197
|
+
if (use3DH) {
|
|
171
198
|
wrapKey = compute3DHWrap(senderSessionPriv, senderMasterPriv, target.ikPkDer, target.spkPkDer, wrapSalt);
|
|
172
199
|
}
|
|
173
200
|
else {
|
|
@@ -180,11 +207,16 @@ function wrapForRecipient(target, masterKey, senderSessionPriv, senderMasterPriv
|
|
|
180
207
|
target.aid,
|
|
181
208
|
target.deviceId,
|
|
182
209
|
target.role,
|
|
183
|
-
|
|
210
|
+
rowKeySource,
|
|
184
211
|
fp,
|
|
185
|
-
|
|
212
|
+
rowSpkId,
|
|
186
213
|
Buffer.from(wrapNonce).toString('base64'),
|
|
187
214
|
wrappedKey.toString('base64'),
|
|
188
215
|
];
|
|
189
216
|
}
|
|
217
|
+
function usesSPKWrap(target) {
|
|
218
|
+
return Boolean(target.spkId &&
|
|
219
|
+
target.spkPkDer &&
|
|
220
|
+
(target.keySource === 'peer_device_prekey' || target.keySource === 'group_device_prekey'));
|
|
221
|
+
}
|
|
190
222
|
//# sourceMappingURL=encrypt-p2p.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encrypt-p2p.js","sourceRoot":"","sources":["../../../src/v2/e2ee/encrypt-p2p.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"encrypt-p2p.js","sourceRoot":"","sources":["../../../src/v2/e2ee/encrypt-p2p.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,gBAAgB,EAA8B,MAAM,4BAA4B,CAAC;AAC1F,OAAO,EAKL,UAAU,GACX,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAE1G,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;AAC/B,MAAM,aAAa,GAAG,YAAY,CAAC;AACnC,MAAM,gBAAgB,GAAG,OAAO,CAAC;AAEjC;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAC/B,MAAc,EACd,SAAoB,EACpB,OAAgC,EAChC,OAAuB,EAAE;IAEzB,4BAA4B;IAC5B,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAEjD,4BAA4B;IAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,KAAK,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IAE/C,kDAAkD;IAClD,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,KAAK,MAAM,CAAC,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC;YAChB,MAAM;QACR,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,MAAM,UAAU,GAAa;QAC3B,GAAG,SAAS,CAAC,OAAO;QACpB,GAAG,CAAC,SAAS,CAAC,eAAe,IAAI,EAAE,CAAC;KACrC,CAAC;IACF,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,eAAe,GACnB,WAAW,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAErE,+CAA+C;IAC/C,MAAM,GAAG,GAA4B;QACnC,IAAI,EAAE,MAAM,CAAC,GAAG;QAChB,WAAW,EAAE,MAAM,CAAC,QAAQ;QAC5B,EAAE,EAAE,OAAO;QACX,UAAU,EAAE,SAAS;QACrB,SAAS;QACT,KAAK,EAAE,UAAU;QACjB,aAAa,EAAE,eAAe;KAC/B,CAAC;IAEF,kBAAkB;IAClB,MAAM,cAAc,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,aAAa,CAAC,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,CAAC,CAAC;IAEzF,4BAA4B;IAC5B,MAAM,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,GAAG,mBAAmB,EAAE,CAAC;IAEvE,8EAA8E;IAC9E,MAAM,QAAQ,GAAG,eAAe,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;IAEhE,qBAAqB;IACrB,MAAM,cAAc,GAAe,EAAE,CAAC;IACtC,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,cAAc,CAAC,IAAI,CACjB,gBAAgB,CAAC,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAChF,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,UAAU,GAAG,cAAc,CAAC,cAAc,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,uBAAuB,CAAC,UAAU,CAAC,CAAC;IAEtD,uBAAuB;IACvB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC;QACrB,WAAW;KACZ,CAAC,CAAC;IACH,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IAEzE,uBAAuB;IACvB,MAAM,UAAU,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,UAAU,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAEvD,MAAM,QAAQ,GAA4B;QACxC,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,SAAS;QACjB,YAAY,EAAE,IAAI;QAClB,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC/C,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACtD,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3D,uBAAuB,EAAE,MAAM;QAC/B,iBAAiB,EAAE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACtE,iBAAiB,EAAE,SAAS;QAC5B,UAAU,EAAE,UAAU;QACtB,GAAG;KACJ,CAAC;IACF,MAAM,WAAW,GAAG,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACtE,IAAI,WAAW,EAAE,CAAC;QAChB,QAAQ,CAAC,YAAY,GAAG,WAAW,CAAC;IACtC,CAAC;IAED,8CAA8C;IAC9C,qEAAqE;IACrE,MAAM,iBAAiB,GAAG,yBAAyB,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;IACpF,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,QAAQ,CAAC,iBAAiB,GAAG,gBAAgB,CAAC,iBAAiB,EAAE,SAAS,EAAE,wBAAwB,CAAC,CAAC;IACxG,CAAC;IACD,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxE,8CAA8C;QAC9C,QAAQ,CAAC,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,EAAE,wBAAwB,CAAC,CAAC;IACzF,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CACvC,OAA8B,EAC9B,OAAgC;IAEhC,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,IAAI,OAAO,YAAY,gBAAgB,EAAE,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAChD,CAAC;SAAM,IAAI,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACnD,UAAU,CAAC,2BAA2B,CAAC,GAAG,CAAC,CAAC,GAAG,6BAA6B,CAAC,KAAK,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IACD,+DAA+D;IAC/D,MAAM,WAAW,GAAG,OAAO,OAAO,EAAE,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1E,IAAI,WAAW,IAAI,CAAC,CAAC,cAAc,IAAI,UAAU,CAAC,EAAE,CAAC;QACnD,UAAU,CAAC,cAAc,CAAC,GAAG,WAAW,CAAC;IAC3C,CAAC;IACD,UAAU,CAAC,QAAQ,GAAG,aAAa,CAAC;IACpC,UAAU,CAAC,UAAU,GAAG,gBAAgB,CAAC;IACzC,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,2BAA2B,CAAC,GAAY;IAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrD,IAAI,CAAC,KAAK,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,6BAA6B,CAAC,KAAc;IACnD,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,EAAE,CAAC;IAC7B,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,OAAO,kBAAkB,CAAC,KAAK,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAC3C,OAAO,KAAK,KAAK,MAAM,CAAC,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AACtD,CAAC;AAED,SAAS,eAAe,CAAC,QAAoB,EAAE,mBAA+B;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAChC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,gBAAgB,CACvB,MAAc,EACd,SAAqB,EACrB,iBAA6B,EAC7B,gBAA4B,EAC5B,QAAoB;IAEpB,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACtF,MAAM,EAAE,GAAG,UAAU,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAE/C,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEpD,IAAI,OAAmB,CAAC;IACxB,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,GAAG,cAAc,CACtB,iBAAiB,EACjB,gBAAgB,EAChB,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,QAAQ,EACf,QAAQ,CACT,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,cAAc,CAAC,iBAAiB,EAAE,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACxE,CAAC;IAED,iCAAiC;IACjC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,aAAa,CAC9D,OAAO,EACP,SAAS,EACT,SAAS,EACT,IAAI,UAAU,CAAC,CAAC,CAAC,CAClB,CAAC;IACF,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAEpF,OAAO;QACL,MAAM,CAAC,GAAG;QACV,MAAM,CAAC,QAAQ;QACf,MAAM,CAAC,IAAI;QACX,YAAY;QACZ,EAAE;QACF,QAAQ;QACR,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACzC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;KAC9B,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAClB,MAAc;IAMd,OAAO,OAAO,CACZ,MAAM,CAAC,KAAK;QACV,MAAM,CAAC,QAAQ;QACf,CAAC,MAAM,CAAC,SAAS,KAAK,oBAAoB,IAAI,MAAM,CAAC,SAAS,KAAK,qBAAqB,CAAC,CAC5F,CAAC;AACJ,CAAC"}
|
|
@@ -13,3 +13,4 @@ export declare const PROTECTED_CONTEXT_DOMAIN: Buffer<ArrayBuffer>;
|
|
|
13
13
|
* 如果 body(去除 _auth 后)为空,返回空对象。
|
|
14
14
|
*/
|
|
15
15
|
export declare function withMetadataAuth(metadata: Record<string, unknown>, key: Uint8Array, domain: Buffer): Record<string, unknown>;
|
|
16
|
+
export declare function verifyMetadataAuth(metadata: unknown, key: Uint8Array, domain: Buffer, fieldName: string): void;
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* 与 Python `aun_core.v2.e2ee.encrypt_p2p._with_metadata_auth` 对齐。
|
|
5
5
|
* 用 master_key 派生 HMAC key,对 metadata body 做签名,生成 `_auth` 字段。
|
|
6
6
|
*/
|
|
7
|
-
import { createHmac } from 'node:crypto';
|
|
7
|
+
import { createHmac, timingSafeEqual } from 'node:crypto';
|
|
8
8
|
import { canonicalJson } from '../crypto/canonical.js';
|
|
9
9
|
export const METADATA_KEY_DOMAIN = Buffer.from('aun-envelope-metadata-key-v1', 'utf-8');
|
|
10
10
|
export const PROTECTED_HEADERS_DOMAIN = Buffer.from('aun-protected-headers-v1', 'utf-8');
|
|
@@ -47,4 +47,40 @@ export function withMetadataAuth(metadata, key, domain) {
|
|
|
47
47
|
},
|
|
48
48
|
};
|
|
49
49
|
}
|
|
50
|
+
export function verifyMetadataAuth(metadata, key, domain, fieldName) {
|
|
51
|
+
if (metadata == null)
|
|
52
|
+
return;
|
|
53
|
+
if (!isPlainObject(metadata)) {
|
|
54
|
+
throw new Error(`${fieldName} must be an object`);
|
|
55
|
+
}
|
|
56
|
+
const body = {};
|
|
57
|
+
for (const [k, v] of Object.entries(metadata)) {
|
|
58
|
+
if (k !== '_auth')
|
|
59
|
+
body[k] = v;
|
|
60
|
+
}
|
|
61
|
+
if (Object.keys(body).length === 0)
|
|
62
|
+
return;
|
|
63
|
+
const auth = metadata._auth;
|
|
64
|
+
if (!isPlainObject(auth)) {
|
|
65
|
+
throw new Error(`${fieldName} missing _auth`);
|
|
66
|
+
}
|
|
67
|
+
if (auth.alg !== 'HMAC-SHA256') {
|
|
68
|
+
throw new Error(`${fieldName} unsupported _auth alg`);
|
|
69
|
+
}
|
|
70
|
+
if (typeof auth.tag !== 'string' || auth.tag.length === 0) {
|
|
71
|
+
throw new Error(`${fieldName} missing _auth tag`);
|
|
72
|
+
}
|
|
73
|
+
const actual = Buffer.from(auth.tag, 'base64');
|
|
74
|
+
const expected = metadataAuthTag(key, domain, body);
|
|
75
|
+
if (actual.length !== expected.length || !timingSafeEqual(actual, expected)) {
|
|
76
|
+
throw new Error(`${fieldName} _auth verification failed`);
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
function isPlainObject(value) {
|
|
80
|
+
if (!value || typeof value !== 'object' || Array.isArray(value)) {
|
|
81
|
+
return false;
|
|
82
|
+
}
|
|
83
|
+
const proto = Object.getPrototypeOf(value);
|
|
84
|
+
return proto === Object.prototype || proto === null;
|
|
85
|
+
}
|
|
50
86
|
//# sourceMappingURL=metadata-auth.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metadata-auth.js","sourceRoot":"","sources":["../../../src/v2/e2ee/metadata-auth.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"metadata-auth.js","sourceRoot":"","sources":["../../../src/v2/e2ee/metadata-auth.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAEvD,MAAM,CAAC,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,OAAO,CAAC,CAAC;AACxF,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,OAAO,CAAC,CAAC;AACzF,MAAM,CAAC,MAAM,wBAAwB,GAAG,MAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,OAAO,CAAC,CAAC;AAEzF;;;;;;GAMG;AACH,SAAS,eAAe,CAAC,GAAe,EAAE,MAAc,EAAE,IAA6B;IACrF,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,MAAM,EAAE,CAAC;IACnF,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACtC,OAAO,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC;SACrC,MAAM,CAAC,MAAM,CAAC;SACd,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SACxB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;SAC9B,MAAM,EAAE,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAiC,EACjC,GAAe,EACf,MAAc;IAEd,MAAM,IAAI,GAA4B,EAAE,CAAC;IACzC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9C,IAAI,CAAC,KAAK,OAAO;YAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC9C,MAAM,GAAG,GAAG,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IAC/C,OAAO;QACL,GAAG,IAAI;QACP,KAAK,EAAE;YACL,GAAG,EAAE,aAAa;YAClB,GAAG,EAAE,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC;SAC5B;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,QAAiB,EACjB,GAAe,EACf,MAAc,EACd,SAAiB;IAEjB,IAAI,QAAQ,IAAI,IAAI;QAAE,OAAO;IAC7B,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,oBAAoB,CAAC,CAAC;IACpD,CAAC;IACD,MAAM,IAAI,GAA4B,EAAE,CAAC;IACzC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9C,IAAI,CAAC,KAAK,OAAO;YAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE3C,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC;IAC5B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,gBAAgB,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,IAAI,CAAC,GAAG,KAAK,aAAa,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,wBAAwB,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,oBAAoB,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IACpD,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,4BAA4B,CAAC,CAAC;IAC5D,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAC3C,OAAO,KAAK,KAAK,MAAM,CAAC,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AACtD,CAAC"}
|
package/dist/v2/e2ee/types.d.ts
CHANGED
|
@@ -26,9 +26,9 @@ export interface Target {
|
|
|
26
26
|
keySource: string;
|
|
27
27
|
/** 接收方 IK 公钥(DER SPKI)。 */
|
|
28
28
|
ikPkDer: Uint8Array;
|
|
29
|
-
/** 接收方 SPK 公钥(DER SPKI
|
|
29
|
+
/** 接收方 SPK 公钥(DER SPKI);必须和 spkId 同时存在才走 3DH。 */
|
|
30
30
|
spkPkDer?: Uint8Array;
|
|
31
|
-
/** SPK
|
|
31
|
+
/** SPK 标识;非空表示 3DH/SPK,空串/未定义表示 1DH/IK。 */
|
|
32
32
|
spkId?: string;
|
|
33
33
|
}
|
|
34
34
|
/** 接收方集合(P2P)。 */
|
|
@@ -18,15 +18,20 @@ export interface SqliteLike {
|
|
|
18
18
|
exec(sql: string): unknown;
|
|
19
19
|
prepare(sql: string): SqliteStatement;
|
|
20
20
|
}
|
|
21
|
-
export declare const V2_DEVICE_KEYS_DDL = "\nCREATE TABLE IF NOT EXISTS v2_device_keys (\n device_id TEXT NOT NULL,\n key_type TEXT NOT NULL,\n key_id TEXT NOT NULL DEFAULT '',\n private_key BLOB NOT NULL,\n public_key BLOB NOT NULL,\n created_at INTEGER NOT NULL,\n PRIMARY KEY (device_id, key_type, key_id)\n)";
|
|
21
|
+
export declare const V2_DEVICE_KEYS_DDL = "\nCREATE TABLE IF NOT EXISTS v2_device_keys (\n device_id TEXT NOT NULL,\n key_type TEXT NOT NULL,\n group_id TEXT NOT NULL DEFAULT '',\n key_id TEXT NOT NULL DEFAULT '',\n private_key BLOB NOT NULL,\n public_key BLOB NOT NULL,\n created_at INTEGER NOT NULL,\n PRIMARY KEY (device_id, key_type, group_id, key_id)\n)";
|
|
22
22
|
export declare class V2KeyStore {
|
|
23
23
|
private db;
|
|
24
24
|
constructor(db: SqliteLike);
|
|
25
|
+
private _migrateSchema;
|
|
25
26
|
saveIK(deviceId: string, priv: Uint8Array, pubDer: Uint8Array): void;
|
|
26
27
|
loadIK(deviceId: string): {
|
|
27
28
|
priv: Uint8Array;
|
|
28
29
|
pubDer: Uint8Array;
|
|
29
30
|
} | null;
|
|
31
|
+
loadIKSPK(deviceId: string, spkId: string): {
|
|
32
|
+
priv: Uint8Array;
|
|
33
|
+
pubDer: Uint8Array;
|
|
34
|
+
} | null;
|
|
30
35
|
saveSPK(deviceId: string, spkId: string, priv: Uint8Array, pubDer: Uint8Array): void;
|
|
31
36
|
loadSPK(deviceId: string, spkId: string): Uint8Array | null;
|
|
32
37
|
loadCurrentSPK(deviceId: string): {
|
|
@@ -35,10 +40,10 @@ export declare class V2KeyStore {
|
|
|
35
40
|
pubDer: Uint8Array;
|
|
36
41
|
} | null;
|
|
37
42
|
deleteSPK(deviceId: string, spkId: string): void;
|
|
43
|
+
markSPKUploaded(deviceId: string, spkId: string): void;
|
|
44
|
+
loadLatestUploadedSPKId(deviceId: string): string | null;
|
|
38
45
|
listRecentSPKIds(deviceId: string, n: number): string[];
|
|
39
46
|
listExpiredSPKIds(deviceId: string, maxAgeMs: number): string[];
|
|
40
|
-
/** 复合 key_id: `${groupId}\0${spkId}` */
|
|
41
|
-
private _groupSPKKeyId;
|
|
42
47
|
saveGroupSPK(deviceId: string, groupId: string, spkId: string, priv: Uint8Array, pubDer: Uint8Array): void;
|
|
43
48
|
loadGroupSPK(deviceId: string, groupId: string, spkId: string): Uint8Array | null;
|
|
44
49
|
loadCurrentGroupSPK(deviceId: string, groupId: string): {
|
|
@@ -46,5 +51,7 @@ export declare class V2KeyStore {
|
|
|
46
51
|
priv: Uint8Array;
|
|
47
52
|
pubDer: Uint8Array;
|
|
48
53
|
} | null;
|
|
54
|
+
markGroupSPKUploaded(deviceId: string, groupId: string, spkId: string): void;
|
|
55
|
+
loadLatestUploadedGroupSPKId(deviceId: string, groupId: string): string | null;
|
|
49
56
|
}
|
|
50
57
|
export {};
|
|
@@ -9,15 +9,17 @@
|
|
|
9
9
|
* - 接受任意 sqlite-like 句柄(exec / prepare),便于复用 AIDDatabase 的连接
|
|
10
10
|
* - BLOB 字段返回 Uint8Array(node:sqlite 默认行为)
|
|
11
11
|
*/
|
|
12
|
+
import { createHash } from 'node:crypto';
|
|
12
13
|
export const V2_DEVICE_KEYS_DDL = `
|
|
13
14
|
CREATE TABLE IF NOT EXISTS v2_device_keys (
|
|
14
15
|
device_id TEXT NOT NULL,
|
|
15
16
|
key_type TEXT NOT NULL,
|
|
17
|
+
group_id TEXT NOT NULL DEFAULT '',
|
|
16
18
|
key_id TEXT NOT NULL DEFAULT '',
|
|
17
19
|
private_key BLOB NOT NULL,
|
|
18
20
|
public_key BLOB NOT NULL,
|
|
19
21
|
created_at INTEGER NOT NULL,
|
|
20
|
-
PRIMARY KEY (device_id, key_type, key_id)
|
|
22
|
+
PRIMARY KEY (device_id, key_type, group_id, key_id)
|
|
21
23
|
)`;
|
|
22
24
|
function asBuffer(value) {
|
|
23
25
|
if (value instanceof Uint8Array)
|
|
@@ -32,42 +34,136 @@ function asBuffer(value) {
|
|
|
32
34
|
function toSqliteBlob(value) {
|
|
33
35
|
return Buffer.isBuffer(value) ? value : Buffer.from(value.buffer, value.byteOffset, value.byteLength);
|
|
34
36
|
}
|
|
37
|
+
function ikSpkId(pubDer) {
|
|
38
|
+
const hashHex = createHash('sha256').update(pubDer).digest('hex');
|
|
39
|
+
return `sha256:${hashHex.substring(0, 16)}`;
|
|
40
|
+
}
|
|
41
|
+
function isUploadedMarkerKeyType(keyType) {
|
|
42
|
+
return keyType === 'spk_uploaded' || keyType === 'group_spk_uploaded';
|
|
43
|
+
}
|
|
44
|
+
const UPLOADED_MARKER_BLOB = Buffer.from([0]);
|
|
45
|
+
function decodeLegacyTextHex(value) {
|
|
46
|
+
const hex = String(value ?? '');
|
|
47
|
+
return Buffer.from(hex, 'hex').toString('utf8');
|
|
48
|
+
}
|
|
49
|
+
function normalizeLegacyBlob(value, keyType) {
|
|
50
|
+
if (value === null || value === undefined) {
|
|
51
|
+
if (isUploadedMarkerKeyType(keyType))
|
|
52
|
+
return UPLOADED_MARKER_BLOB;
|
|
53
|
+
throw new Error(`missing v2 key blob for key_type=${keyType}`);
|
|
54
|
+
}
|
|
55
|
+
const blob = toSqliteBlob(asBuffer(value));
|
|
56
|
+
if (blob.length === 0 && isUploadedMarkerKeyType(keyType))
|
|
57
|
+
return UPLOADED_MARKER_BLOB;
|
|
58
|
+
return blob;
|
|
59
|
+
}
|
|
35
60
|
export class V2KeyStore {
|
|
36
61
|
db;
|
|
37
62
|
constructor(db) {
|
|
38
63
|
this.db = db;
|
|
39
64
|
this.db.exec(V2_DEVICE_KEYS_DDL);
|
|
65
|
+
this._migrateSchema();
|
|
66
|
+
}
|
|
67
|
+
_migrateSchema() {
|
|
68
|
+
const rows = this.db.prepare('PRAGMA table_info(v2_device_keys)').all();
|
|
69
|
+
const hasGroupId = rows.some((r) => r.name === 'group_id');
|
|
70
|
+
const pkCols = rows.filter((r) => Number(r.pk) > 0).sort((a, b) => Number(a.pk) - Number(b.pk)).map((r) => r.name);
|
|
71
|
+
const pkOk = JSON.stringify(pkCols) === JSON.stringify(['device_id', 'key_type', 'group_id', 'key_id']);
|
|
72
|
+
if (hasGroupId && pkOk) {
|
|
73
|
+
this.db.exec('CREATE INDEX IF NOT EXISTS idx_v2_device_keys_scope_created ON v2_device_keys(device_id, key_type, group_id, created_at)');
|
|
74
|
+
return;
|
|
75
|
+
}
|
|
76
|
+
this.db.exec('BEGIN');
|
|
77
|
+
try {
|
|
78
|
+
this.db.exec('ALTER TABLE v2_device_keys RENAME TO v2_device_keys_legacy');
|
|
79
|
+
this.db.exec(`
|
|
80
|
+
CREATE TABLE v2_device_keys (
|
|
81
|
+
device_id TEXT NOT NULL,
|
|
82
|
+
key_type TEXT NOT NULL,
|
|
83
|
+
group_id TEXT NOT NULL DEFAULT '',
|
|
84
|
+
key_id TEXT NOT NULL DEFAULT '',
|
|
85
|
+
private_key BLOB NOT NULL,
|
|
86
|
+
public_key BLOB NOT NULL,
|
|
87
|
+
created_at INTEGER NOT NULL,
|
|
88
|
+
PRIMARY KEY (device_id, key_type, group_id, key_id)
|
|
89
|
+
)`);
|
|
90
|
+
const selectSql = hasGroupId
|
|
91
|
+
? 'SELECT device_id, key_type, group_id, hex(key_id) AS key_id_hex, private_key, public_key, created_at FROM v2_device_keys_legacy'
|
|
92
|
+
: "SELECT device_id, key_type, '' AS group_id, hex(key_id) AS key_id_hex, private_key, public_key, created_at FROM v2_device_keys_legacy";
|
|
93
|
+
const legacyRows = this.db.prepare(selectSql).all();
|
|
94
|
+
const insert = this.db.prepare(`INSERT OR REPLACE INTO v2_device_keys
|
|
95
|
+
(device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
96
|
+
VALUES (?, ?, ?, ?, ?, ?, ?)`);
|
|
97
|
+
for (const row of legacyRows) {
|
|
98
|
+
let groupId = String(row.group_id ?? '');
|
|
99
|
+
let keyId = decodeLegacyTextHex(row.key_id_hex);
|
|
100
|
+
if (row.key_type === 'group_spk' || row.key_type === 'group_spk_uploaded') {
|
|
101
|
+
const keyIdBytes = Buffer.from(String(row.key_id_hex ?? ''), 'hex');
|
|
102
|
+
const sep = keyIdBytes.indexOf(0);
|
|
103
|
+
if (sep >= 0) {
|
|
104
|
+
groupId = keyIdBytes.subarray(0, sep).toString('utf8');
|
|
105
|
+
keyId = keyIdBytes.subarray(sep + 1).toString('utf8');
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
let privateKey;
|
|
109
|
+
let publicKey;
|
|
110
|
+
try {
|
|
111
|
+
privateKey = normalizeLegacyBlob(row.private_key, row.key_type);
|
|
112
|
+
publicKey = normalizeLegacyBlob(row.public_key, row.key_type);
|
|
113
|
+
}
|
|
114
|
+
catch {
|
|
115
|
+
continue;
|
|
116
|
+
}
|
|
117
|
+
insert.run(row.device_id, row.key_type, groupId, keyId, privateKey, publicKey, row.created_at);
|
|
118
|
+
}
|
|
119
|
+
this.db.exec('DROP TABLE v2_device_keys_legacy');
|
|
120
|
+
this.db.exec('CREATE INDEX IF NOT EXISTS idx_v2_device_keys_scope_created ON v2_device_keys(device_id, key_type, group_id, created_at)');
|
|
121
|
+
this.db.exec('COMMIT');
|
|
122
|
+
}
|
|
123
|
+
catch (err) {
|
|
124
|
+
this.db.exec('ROLLBACK');
|
|
125
|
+
throw err;
|
|
126
|
+
}
|
|
40
127
|
}
|
|
41
128
|
saveIK(deviceId, priv, pubDer) {
|
|
42
|
-
this.db
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
129
|
+
const stmt = this.db.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
130
|
+
VALUES (?, 'ik', '', ?, ?, ?, ?)`);
|
|
131
|
+
const now = Date.now();
|
|
132
|
+
stmt.run(deviceId, '', toSqliteBlob(priv), toSqliteBlob(pubDer), now);
|
|
133
|
+
stmt.run(deviceId, ikSpkId(pubDer), toSqliteBlob(priv), toSqliteBlob(pubDer), now);
|
|
46
134
|
}
|
|
47
135
|
loadIK(deviceId) {
|
|
48
136
|
const row = this.db
|
|
49
|
-
.prepare(`SELECT private_key, public_key FROM v2_device_keys WHERE device_id=? AND key_type='ik' AND key_id=''`)
|
|
137
|
+
.prepare(`SELECT private_key, public_key FROM v2_device_keys WHERE device_id=? AND key_type='ik' AND group_id='' AND key_id=''`)
|
|
50
138
|
.get(deviceId);
|
|
51
139
|
if (!row)
|
|
52
140
|
return null;
|
|
53
141
|
return { priv: asBuffer(row.private_key), pubDer: asBuffer(row.public_key) };
|
|
54
142
|
}
|
|
143
|
+
loadIKSPK(deviceId, spkId) {
|
|
144
|
+
const row = this.db
|
|
145
|
+
.prepare(`SELECT private_key, public_key FROM v2_device_keys WHERE device_id=? AND key_type='ik' AND group_id='' AND key_id=?`)
|
|
146
|
+
.get(deviceId, spkId);
|
|
147
|
+
if (!row)
|
|
148
|
+
return null;
|
|
149
|
+
return { priv: asBuffer(row.private_key), pubDer: asBuffer(row.public_key) };
|
|
150
|
+
}
|
|
55
151
|
saveSPK(deviceId, spkId, priv, pubDer) {
|
|
56
152
|
this.db
|
|
57
|
-
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, key_id, private_key, public_key, created_at)
|
|
58
|
-
VALUES (?, 'spk', ?, ?, ?, ?)`)
|
|
153
|
+
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
154
|
+
VALUES (?, 'spk', '', ?, ?, ?, ?)`)
|
|
59
155
|
.run(deviceId, spkId, toSqliteBlob(priv), toSqliteBlob(pubDer), Date.now());
|
|
60
156
|
}
|
|
61
157
|
loadSPK(deviceId, spkId) {
|
|
62
158
|
const row = this.db
|
|
63
|
-
.prepare(`SELECT private_key FROM v2_device_keys WHERE device_id=? AND key_type='spk' AND key_id=?`)
|
|
159
|
+
.prepare(`SELECT private_key FROM v2_device_keys WHERE device_id=? AND key_type='spk' AND group_id='' AND key_id=?`)
|
|
64
160
|
.get(deviceId, spkId);
|
|
65
161
|
return row ? asBuffer(row.private_key) : null;
|
|
66
162
|
}
|
|
67
163
|
loadCurrentSPK(deviceId) {
|
|
68
164
|
const row = this.db
|
|
69
165
|
.prepare(`SELECT key_id, private_key, public_key FROM v2_device_keys
|
|
70
|
-
WHERE device_id=? AND key_type='spk' ORDER BY created_at DESC, key_id DESC LIMIT 1`)
|
|
166
|
+
WHERE device_id=? AND key_type='spk' AND group_id='' ORDER BY created_at DESC, key_id DESC LIMIT 1`)
|
|
71
167
|
.get(deviceId);
|
|
72
168
|
if (!row)
|
|
73
169
|
return null;
|
|
@@ -79,15 +175,36 @@ export class V2KeyStore {
|
|
|
79
175
|
}
|
|
80
176
|
deleteSPK(deviceId, spkId) {
|
|
81
177
|
this.db
|
|
82
|
-
.prepare(`DELETE FROM v2_device_keys WHERE device_id=? AND key_type='spk' AND key_id=?`)
|
|
178
|
+
.prepare(`DELETE FROM v2_device_keys WHERE device_id=? AND key_type='spk' AND group_id='' AND key_id=?`)
|
|
83
179
|
.run(deviceId, spkId);
|
|
180
|
+
this.db
|
|
181
|
+
.prepare(`DELETE FROM v2_device_keys WHERE device_id=? AND key_type='spk_uploaded' AND group_id='' AND key_id=?`)
|
|
182
|
+
.run(deviceId, spkId);
|
|
183
|
+
}
|
|
184
|
+
markSPKUploaded(deviceId, spkId) {
|
|
185
|
+
this.db
|
|
186
|
+
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
187
|
+
VALUES (?, 'spk_uploaded', '', ?, ?, ?, ?)`)
|
|
188
|
+
.run(deviceId, spkId, UPLOADED_MARKER_BLOB, UPLOADED_MARKER_BLOB, Date.now());
|
|
189
|
+
}
|
|
190
|
+
loadLatestUploadedSPKId(deviceId) {
|
|
191
|
+
const row = this.db
|
|
192
|
+
.prepare(`SELECT marker.key_id FROM v2_device_keys AS marker
|
|
193
|
+
WHERE marker.device_id=? AND marker.key_type='spk_uploaded' AND marker.group_id=''
|
|
194
|
+
AND EXISTS (
|
|
195
|
+
SELECT 1 FROM v2_device_keys AS key
|
|
196
|
+
WHERE key.device_id=marker.device_id AND key.key_type='spk' AND key.group_id='' AND key.key_id=marker.key_id
|
|
197
|
+
)
|
|
198
|
+
ORDER BY marker.created_at DESC LIMIT 1`)
|
|
199
|
+
.get(deviceId);
|
|
200
|
+
return row ? row.key_id : null;
|
|
84
201
|
}
|
|
85
202
|
listRecentSPKIds(deviceId, n) {
|
|
86
203
|
if (n <= 0)
|
|
87
204
|
return [];
|
|
88
205
|
const rows = this.db
|
|
89
206
|
.prepare(`SELECT key_id FROM v2_device_keys
|
|
90
|
-
WHERE device_id=? AND key_type='spk' ORDER BY created_at DESC, key_id DESC LIMIT ?`)
|
|
207
|
+
WHERE device_id=? AND key_type='spk' AND group_id='' ORDER BY created_at DESC, key_id DESC LIMIT ?`)
|
|
91
208
|
.all(deviceId, n);
|
|
92
209
|
return rows.map((r) => r.key_id);
|
|
93
210
|
}
|
|
@@ -95,44 +212,55 @@ export class V2KeyStore {
|
|
|
95
212
|
const cutoff = Date.now() / 1000 - maxAgeMs / 1000;
|
|
96
213
|
const rows = this.db
|
|
97
214
|
.prepare(`SELECT key_id FROM v2_device_keys
|
|
98
|
-
WHERE device_id=? AND key_type='spk' AND created_at < ?`)
|
|
215
|
+
WHERE device_id=? AND key_type='spk' AND group_id='' AND created_at < ?`)
|
|
99
216
|
.all(deviceId, cutoff);
|
|
100
217
|
return rows.map((r) => r.key_id);
|
|
101
218
|
}
|
|
102
219
|
// ── Group SPK ──────────────────────────────────────────────────
|
|
103
|
-
/** 复合 key_id: `${groupId}\0${spkId}` */
|
|
104
|
-
_groupSPKKeyId(groupId, spkId) {
|
|
105
|
-
return `${groupId}\0${spkId}`;
|
|
106
|
-
}
|
|
107
220
|
saveGroupSPK(deviceId, groupId, spkId, priv, pubDer) {
|
|
108
221
|
this.db
|
|
109
|
-
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, key_id, private_key, public_key, created_at)
|
|
110
|
-
VALUES (?, 'group_spk', ?, ?, ?, ?)`)
|
|
111
|
-
.run(deviceId,
|
|
222
|
+
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
223
|
+
VALUES (?, 'group_spk', ?, ?, ?, ?, ?)`)
|
|
224
|
+
.run(deviceId, groupId, spkId, toSqliteBlob(priv), toSqliteBlob(pubDer), Date.now());
|
|
112
225
|
}
|
|
113
226
|
loadGroupSPK(deviceId, groupId, spkId) {
|
|
114
227
|
const row = this.db
|
|
115
|
-
.prepare(`SELECT private_key FROM v2_device_keys
|
|
116
|
-
|
|
228
|
+
.prepare(`SELECT private_key FROM v2_device_keys
|
|
229
|
+
WHERE device_id=? AND key_type='group_spk' AND group_id=? AND key_id=?`)
|
|
230
|
+
.get(deviceId, groupId, spkId);
|
|
117
231
|
return row ? asBuffer(row.private_key) : null;
|
|
118
232
|
}
|
|
119
233
|
loadCurrentGroupSPK(deviceId, groupId) {
|
|
120
|
-
const prefix = `${groupId}\0%`;
|
|
121
234
|
const row = this.db
|
|
122
235
|
.prepare(`SELECT key_id, private_key, public_key FROM v2_device_keys
|
|
123
|
-
WHERE device_id=? AND key_type='group_spk' AND
|
|
124
|
-
ORDER BY created_at DESC LIMIT 1`)
|
|
125
|
-
.get(deviceId,
|
|
236
|
+
WHERE device_id=? AND key_type='group_spk' AND group_id=?
|
|
237
|
+
ORDER BY created_at DESC, key_id DESC LIMIT 1`)
|
|
238
|
+
.get(deviceId, groupId);
|
|
126
239
|
if (!row)
|
|
127
240
|
return null;
|
|
128
|
-
// key_id = "{groupId}\0{spkId}",提取 spkId
|
|
129
|
-
const parts = row.key_id.split('\0');
|
|
130
|
-
const spkId = parts.length > 1 ? parts[1] : row.key_id;
|
|
131
241
|
return {
|
|
132
|
-
spkId,
|
|
242
|
+
spkId: row.key_id,
|
|
133
243
|
priv: asBuffer(row.private_key),
|
|
134
244
|
pubDer: asBuffer(row.public_key),
|
|
135
245
|
};
|
|
136
246
|
}
|
|
247
|
+
markGroupSPKUploaded(deviceId, groupId, spkId) {
|
|
248
|
+
this.db
|
|
249
|
+
.prepare(`INSERT OR REPLACE INTO v2_device_keys (device_id, key_type, group_id, key_id, private_key, public_key, created_at)
|
|
250
|
+
VALUES (?, 'group_spk_uploaded', ?, ?, ?, ?, ?)`)
|
|
251
|
+
.run(deviceId, groupId, spkId, UPLOADED_MARKER_BLOB, UPLOADED_MARKER_BLOB, Date.now());
|
|
252
|
+
}
|
|
253
|
+
loadLatestUploadedGroupSPKId(deviceId, groupId) {
|
|
254
|
+
const row = this.db
|
|
255
|
+
.prepare(`SELECT marker.key_id FROM v2_device_keys AS marker
|
|
256
|
+
WHERE marker.device_id=? AND marker.key_type='group_spk_uploaded' AND marker.group_id=?
|
|
257
|
+
AND EXISTS (
|
|
258
|
+
SELECT 1 FROM v2_device_keys AS key
|
|
259
|
+
WHERE key.device_id=marker.device_id AND key.key_type='group_spk' AND key.group_id=marker.group_id AND key.key_id=marker.key_id
|
|
260
|
+
)
|
|
261
|
+
ORDER BY marker.created_at DESC, marker.key_id DESC LIMIT 1`)
|
|
262
|
+
.get(deviceId, groupId);
|
|
263
|
+
return row ? row.key_id : null;
|
|
264
|
+
}
|
|
137
265
|
}
|
|
138
266
|
//# sourceMappingURL=keystore.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keystore.js","sourceRoot":"","sources":["../../../src/v2/session/keystore.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"keystore.js","sourceRoot":"","sources":["../../../src/v2/session/keystore.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAazC,MAAM,CAAC,MAAM,kBAAkB,GAAG;;;;;;;;;;EAUhC,CAAC;AAEH,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,YAAY,UAAU;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;IACpG,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,UAAU,CAAC,KAAiB,CAAC,CAAC;IACnE,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,KAAK,EAAE,CAAC,CAAC;AAC3D,CAAC;AAED,0DAA0D;AAC1D,SAAS,YAAY,CAAC,KAAiB;IACrC,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;AACxG,CAAC;AACD,SAAS,OAAO,CAAC,MAAkB;IACjC,MAAM,OAAO,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClE,OAAO,UAAU,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AAC9C,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAe;IAC9C,OAAO,OAAO,KAAK,cAAc,IAAI,OAAO,KAAK,oBAAoB,CAAC;AACxE,CAAC;AAED,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9C,SAAS,mBAAmB,CAAC,KAAc;IACzC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;IAChC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAc,EAAE,OAAe;IAC1D,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QAC1C,IAAI,uBAAuB,CAAC,OAAO,CAAC;YAAE,OAAO,oBAAoB,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,EAAE,CAAC,CAAC;IACjE,CAAC;IACD,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,uBAAuB,CAAC,OAAO,CAAC;QAAE,OAAO,oBAAoB,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,OAAO,UAAU;IACb,EAAE,CAAa;IAEvB,YAAY,EAAc;QACxB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACjC,IAAI,CAAC,cAAc,EAAE,CAAC;IACxB,CAAC;IAEO,cAAc;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,GAAG,EAAyC,CAAC;QAC/G,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACnH,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;QACxG,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,CAAC,EAAE,CAAC,IAAI,CACV,0HAA0H,CAC3H,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;YAC3E,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;UAUT,CAAC,CAAC;YACN,MAAM,SAAS,GAAG,UAAU;gBAC1B,CAAC,CAAC,iIAAiI;gBACnI,CAAC,CAAC,uIAAuI,CAAC;YAC5I,MAAM,UAAU,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,EAQ/C,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC5B;;sCAE8B,CAC/B,CAAC;YACF,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;gBACzC,IAAI,KAAK,GAAG,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;gBAChD,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,oBAAoB,EAAE,CAAC;oBAC1E,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;oBACpE,MAAM,GAAG,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;oBAClC,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;wBACb,OAAO,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;wBACvD,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACxD,CAAC;gBACH,CAAC;gBACD,IAAI,UAAkB,CAAC;gBACvB,IAAI,SAAiB,CAAC;gBACtB,IAAI,CAAC;oBACH,UAAU,GAAG,mBAAmB,CAAC,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAChE,SAAS,GAAG,mBAAmB,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAChE,CAAC;gBAAC,MAAM,CAAC;oBACP,SAAS;gBACX,CAAC;gBACD,MAAM,CAAC,GAAG,CACR,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,QAAQ,EACZ,OAAO,EACP,KAAK,EACL,UAAU,EACV,SAAS,EACT,GAAG,CAAC,UAAU,CACf,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACjD,IAAI,CAAC,EAAE,CAAC,IAAI,CACV,0HAA0H,CAC3H,CAAC;YACF,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACzB,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,QAAgB,EAAE,IAAgB,EAAE,MAAkB;QAC3D,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC1B;wCACkC,CACnC,CAAC;QACF,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC;QACtE,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC;IACrF,CAAC;IAED,MAAM,CAAC,QAAgB;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN,sHAAsH,CACvH;aACA,GAAG,CAAC,QAAQ,CAA8D,CAAC;QAC9E,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;IAC/E,CAAC;IAED,SAAS,CAAC,QAAgB,EAAE,KAAa;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN,qHAAqH,CACtH;aACA,GAAG,CAAC,QAAQ,EAAE,KAAK,CAA8D,CAAC;QACrF,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;IAC/E,CAAC;IAED,OAAO,CAAC,QAAgB,EAAE,KAAa,EAAE,IAAgB,EAAE,MAAkB;QAC3E,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;2CACmC,CACpC;aACA,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAChF,CAAC;IAED,OAAO,CAAC,QAAgB,EAAE,KAAa;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN,0GAA0G,CAC3G;aACA,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAyC,CAAC;QAChE,OAAO,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAChD,CAAC;IAED,cAAc,CAAC,QAAgB;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN;4GACoG,CACrG;aACA,GAAG,CAAC,QAAQ,CAA8E,CAAC;QAC9F,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,OAAO;YACL,KAAK,EAAE,GAAG,CAAC,MAAM;YACjB,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC;YAC/B,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;SACjC,CAAC;IACJ,CAAC;IAED,SAAS,CAAC,QAAgB,EAAE,KAAa;QACvC,IAAI,CAAC,EAAE;aACJ,OAAO,CAAC,8FAA8F,CAAC;aACvG,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,EAAE;aACJ,OAAO,CAAC,uGAAuG,CAAC;aAChH,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED,eAAe,CAAC,QAAgB,EAAE,KAAa;QAC7C,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;oDAC4C,CAC7C;aACA,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,uBAAuB,CAAC,QAAgB;QACtC,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN;;;;;;iDAMyC,CAC1C;aACA,GAAG,CAAC,QAAQ,CAAmC,CAAC;QACnD,OAAO,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;IAED,gBAAgB,CAAC,QAAgB,EAAE,CAAS;QAC1C,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CACN;4GACoG,CACrG;aACA,GAAG,CAAC,QAAQ,EAAE,CAAC,CAA8B,CAAC;QACjD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,iBAAiB,CAAC,QAAgB,EAAE,QAAgB;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,QAAQ,GAAG,IAAI,CAAC;QACnD,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CACN;iFACyE,CAC1E;aACA,GAAG,CAAC,QAAQ,EAAE,MAAM,CAA8B,CAAC;QACtD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,kEAAkE;IAElE,YAAY,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAa,EAAE,IAAgB,EAAE,MAAkB;QACjG,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;gDACwC,CACzC;aACA,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IACzF,CAAC;IAED,YAAY,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAa;QAC3D,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN;gFACwE,CACzE;aACA,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,CAAyC,CAAC;QACzE,OAAO,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAChD,CAAC;IAED,mBAAmB,CAAC,QAAgB,EAAE,OAAe;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN;;uDAE+C,CAChD;aACA,GAAG,CAAC,QAAQ,EAAE,OAAO,CAA8E,CAAC;QACvG,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,OAAO;YACL,KAAK,EAAE,GAAG,CAAC,MAAM;YACjB,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC;YAC/B,MAAM,EAAE,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC;SACjC,CAAC;IACJ,CAAC;IAED,oBAAoB,CAAC,QAAgB,EAAE,OAAe,EAAE,KAAa;QACnE,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;yDACiD,CAClD;aACA,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3F,CAAC;IAED,4BAA4B,CAAC,QAAgB,EAAE,OAAe;QAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE;aAChB,OAAO,CACN;;;;;;qEAM6D,CAC9D;aACA,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAmC,CAAC;QAC5D,OAAO,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;CACF"}
|