@agentunion/fastaun 0.3.5 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/_packed_docs/AUN_SDK_/351/207/215/346/236/204/345/256/236/346/226/275/350/256/241/345/210/222.md +596 -0
- package/_packed_docs/AUN_SDK_/351/207/215/346/236/204/350/256/276/350/256/241/346/226/271/346/241/210_v3.md +1633 -0
- package/_packed_docs/CHANGELOG.md +18 -0
- package/_packed_docs/INDEX.md +17 -11
- package/_packed_docs/KITE_DOCS_GUIDE.md +11 -10
- package/_packed_docs/sdk/01-/345/277/253/351/200/237/345/274/200/345/247/213.md +134 -158
- package/_packed_docs/sdk/02-WebSocket/345/215/217/350/256/256.md +11 -7
- package/_packed_docs/sdk/03-/346/240/270/345/277/203/346/246/202/345/277/265.md +98 -119
- package/_packed_docs/sdk/04-/350/277/236/346/216/245/344/270/216/350/256/244/350/257/201.md +147 -374
- package/_packed_docs/sdk/05-E2EE/345/212/240/345/257/206/351/200/232/344/277/241.md +153 -153
- package/_packed_docs/sdk/06-API/346/211/213/345/206/214.md +163 -1364
- package/_packed_docs/sdk/07-/351/224/231/350/257/257/345/244/204/347/220/206.md +71 -91
- package/_packed_docs/sdk/08-/346/234/200/344/275/263/345/256/236/350/267/265.md +76 -63
- package/_packed_docs/sdk/09-custody-api-manual.md +7 -6
- package/_packed_docs/sdk/09-meta-rpc-manual.md +13 -14
- package/_packed_docs/sdk/09-storage-rpc-manual.md +89 -0
- package/_packed_docs/sdk/AUN_DOCS_GUIDE.md +37 -49
- package/_packed_docs/sdk/INDEX.md +72 -98
- package/_packed_docs/sdk/README.md +85 -266
- package/dist/aid-store.d.ts +66 -0
- package/dist/aid-store.js +539 -0
- package/dist/aid-store.js.map +1 -0
- package/dist/aid.d.ts +52 -0
- package/dist/aid.js +140 -0
- package/dist/aid.js.map +1 -0
- package/dist/auth.d.ts +18 -1
- package/dist/auth.js +28 -9
- package/dist/auth.js.map +1 -1
- package/dist/cert-utils.d.ts +29 -0
- package/dist/cert-utils.js +142 -0
- package/dist/cert-utils.js.map +1 -0
- package/dist/client.d.ts +102 -89
- package/dist/client.js +871 -253
- package/dist/client.js.map +1 -1
- package/dist/error-codes.d.ts +25 -0
- package/dist/error-codes.js +26 -0
- package/dist/error-codes.js.map +1 -0
- package/dist/errors.d.ts +4 -1
- package/dist/errors.js +4 -1
- package/dist/errors.js.map +1 -1
- package/dist/index.d.ts +6 -5
- package/dist/index.js +5 -4
- package/dist/index.js.map +1 -1
- package/dist/keystore/aid-db.js +33 -0
- package/dist/keystore/aid-db.js.map +1 -1
- package/dist/keystore/file.d.ts +17 -0
- package/dist/keystore/file.js +194 -0
- package/dist/keystore/file.js.map +1 -1
- package/dist/keystore/index.d.ts +2 -0
- package/dist/namespaces/auth.js +2 -0
- package/dist/namespaces/auth.js.map +1 -1
- package/dist/result.d.ts +17 -0
- package/dist/result.js +10 -0
- package/dist/result.js.map +1 -0
- package/dist/secret-store/file-store.d.ts +5 -0
- package/dist/secret-store/file-store.js +32 -13
- package/dist/secret-store/file-store.js.map +1 -1
- package/dist/tools/cross-sdk-agent.js +24 -12
- package/dist/tools/cross-sdk-agent.js.map +1 -1
- package/dist/transport.js +1 -1
- package/dist/transport.js.map +1 -1
- package/dist/types.d.ts +14 -0
- package/dist/types.js +30 -0
- package/dist/types.js.map +1 -1
- package/dist/v2/e2ee/encrypt-p2p.js +1 -1
- package/dist/v2/e2ee/encrypt-p2p.js.map +1 -1
- package/dist/version.d.ts +1 -0
- package/dist/version.js +5 -0
- package/dist/version.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,539 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AIDStore — AID 管理器,对齐 Python SDK aid_store.py
|
|
3
|
+
* 持有 keystore 配置,提供 AID 加载/注册/联网管理。
|
|
4
|
+
*/
|
|
5
|
+
import * as http from 'node:http';
|
|
6
|
+
import * as https from 'node:https';
|
|
7
|
+
import { X509Certificate, createPrivateKey, createPublicKey } from 'node:crypto';
|
|
8
|
+
import { join } from 'node:path';
|
|
9
|
+
import { homedir } from 'node:os';
|
|
10
|
+
import { AID } from './aid.js';
|
|
11
|
+
import * as codes from './error-codes.js';
|
|
12
|
+
import { certCommonName, certTimeError, signBytes, verifySignatureWithCert } from './cert-utils.js';
|
|
13
|
+
import { resultErr, resultOk } from './result.js';
|
|
14
|
+
import { FileKeyStore } from './keystore/file.js';
|
|
15
|
+
import { CryptoProvider } from './crypto.js';
|
|
16
|
+
import { AuthFlow } from './auth.js';
|
|
17
|
+
import { GatewayDiscovery } from './discovery.js';
|
|
18
|
+
import { DnsResilientNet } from './net.js';
|
|
19
|
+
import { AUNLogger } from './logger.js';
|
|
20
|
+
import { getDeviceId, normalizeInstanceId } from './config.js';
|
|
21
|
+
import { IdentityConflictError, ValidationError } from './errors.js';
|
|
22
|
+
function resultError(r) {
|
|
23
|
+
return r.ok ? null : r.error;
|
|
24
|
+
}
|
|
25
|
+
function normalizeSlotId(slotId) {
|
|
26
|
+
const v = String(slotId ?? 'default').trim();
|
|
27
|
+
return v || 'default';
|
|
28
|
+
}
|
|
29
|
+
/** 发起 HTTP HEAD 请求,返回 [status, headers] */
|
|
30
|
+
function httpHead(url, verifySsl, timeoutMs = 5000) {
|
|
31
|
+
return new Promise((resolve, reject) => {
|
|
32
|
+
const parsed = new URL(url);
|
|
33
|
+
const mod = parsed.protocol === 'https:' ? https : http;
|
|
34
|
+
const opts = { method: 'HEAD', timeout: timeoutMs };
|
|
35
|
+
if (!verifySsl)
|
|
36
|
+
opts.rejectUnauthorized = false;
|
|
37
|
+
const req = mod.request(url, opts, (res) => {
|
|
38
|
+
res.resume();
|
|
39
|
+
const headers = {};
|
|
40
|
+
for (const [k, v] of Object.entries(res.headers)) {
|
|
41
|
+
if (typeof v === 'string')
|
|
42
|
+
headers[k] = v;
|
|
43
|
+
else if (Array.isArray(v))
|
|
44
|
+
headers[k] = v[0] ?? '';
|
|
45
|
+
}
|
|
46
|
+
resolve([res.statusCode ?? 0, headers]);
|
|
47
|
+
});
|
|
48
|
+
req.on('error', reject);
|
|
49
|
+
req.on('timeout', () => { req.destroy(); reject(new Error(`timeout HEAD ${url}`)); });
|
|
50
|
+
req.end();
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
/** 发起 HTTP GET 请求,返回 [text, headers, status] */
|
|
54
|
+
function httpGetText(url, verifySsl, headers, timeoutMs = 30000) {
|
|
55
|
+
return new Promise((resolve, reject) => {
|
|
56
|
+
const parsed = new URL(url);
|
|
57
|
+
const mod = parsed.protocol === 'https:' ? https : http;
|
|
58
|
+
const opts = { timeout: timeoutMs, headers };
|
|
59
|
+
if (!verifySsl)
|
|
60
|
+
opts.rejectUnauthorized = false;
|
|
61
|
+
const req = mod.get(url, opts, (res) => {
|
|
62
|
+
const chunks = [];
|
|
63
|
+
res.on('data', (c) => chunks.push(c));
|
|
64
|
+
res.on('end', () => {
|
|
65
|
+
const respHeaders = {};
|
|
66
|
+
for (const [k, v] of Object.entries(res.headers)) {
|
|
67
|
+
if (typeof v === 'string')
|
|
68
|
+
respHeaders[k] = v;
|
|
69
|
+
else if (Array.isArray(v))
|
|
70
|
+
respHeaders[k] = v[0] ?? '';
|
|
71
|
+
}
|
|
72
|
+
resolve([Buffer.concat(chunks).toString('utf-8'), respHeaders, res.statusCode ?? 0]);
|
|
73
|
+
});
|
|
74
|
+
res.on('error', reject);
|
|
75
|
+
});
|
|
76
|
+
req.on('error', reject);
|
|
77
|
+
req.on('timeout', () => { req.destroy(); reject(new Error(`timeout GET ${url}`)); });
|
|
78
|
+
});
|
|
79
|
+
}
|
|
80
|
+
function pkiCertUrl(gatewayUrl, aid) {
|
|
81
|
+
const parsed = new URL(gatewayUrl);
|
|
82
|
+
const scheme = parsed.protocol === 'wss:' ? 'https:' : 'http:';
|
|
83
|
+
return `${scheme}//${parsed.host}/pki/cert/${encodeURIComponent(aid)}`;
|
|
84
|
+
}
|
|
85
|
+
function agentMdUrl(aid, gatewayUrl, discoveryPort) {
|
|
86
|
+
const raw = String(gatewayUrl ?? '').trim().toLowerCase();
|
|
87
|
+
const scheme = raw.startsWith('ws://') ? 'http' : 'https';
|
|
88
|
+
let host = String(aid ?? '').trim();
|
|
89
|
+
if (discoveryPort && !host.includes(':'))
|
|
90
|
+
host = `${host}:${discoveryPort}`;
|
|
91
|
+
return `${scheme}://${host}/agent.md`;
|
|
92
|
+
}
|
|
93
|
+
export class AIDStore {
|
|
94
|
+
aunPath;
|
|
95
|
+
_encryptionSeed;
|
|
96
|
+
deviceId;
|
|
97
|
+
slotId;
|
|
98
|
+
_keystore;
|
|
99
|
+
_auth;
|
|
100
|
+
_discovery;
|
|
101
|
+
_net;
|
|
102
|
+
_log;
|
|
103
|
+
_verifySsl;
|
|
104
|
+
_discoveryPort;
|
|
105
|
+
_gatewayCache = new Map();
|
|
106
|
+
_agentMdCache = new Map();
|
|
107
|
+
constructor(opts) {
|
|
108
|
+
this.aunPath = String(opts.aunPath ?? join(homedir(), '.aun'));
|
|
109
|
+
this._encryptionSeed = String(opts.encryptionSeed ?? '');
|
|
110
|
+
this.deviceId = opts.deviceId ? normalizeInstanceId(opts.deviceId, 'deviceId', { allowEmpty: true }) : getDeviceId(this.aunPath);
|
|
111
|
+
this.slotId = normalizeSlotId(opts.slotId);
|
|
112
|
+
this._verifySsl = opts.verifySsl ?? false;
|
|
113
|
+
this._discoveryPort = opts.discoveryPort ?? null;
|
|
114
|
+
this._log = new AUNLogger({ debug: opts.debug ?? false, aunPath: this.aunPath });
|
|
115
|
+
this._log.bindDeviceId(this.deviceId);
|
|
116
|
+
this._keystore = new FileKeyStore(this.aunPath, {
|
|
117
|
+
encryptionSeed: this._encryptionSeed || undefined,
|
|
118
|
+
logger: this._log.for('aun_core.keystore'),
|
|
119
|
+
});
|
|
120
|
+
this._net = new DnsResilientNet({ verifySsl: this._verifySsl, logger: this._log.for('aun_core.net') });
|
|
121
|
+
this._discovery = new GatewayDiscovery({ verifySsl: this._verifySsl, logger: this._log.for('aun_core.discovery'), net: this._net });
|
|
122
|
+
this._auth = new AuthFlow({
|
|
123
|
+
keystore: this._keystore,
|
|
124
|
+
crypto: new CryptoProvider(),
|
|
125
|
+
deviceId: this.deviceId,
|
|
126
|
+
slotId: this.slotId,
|
|
127
|
+
rootCaPath: opts.rootCaPath ?? null,
|
|
128
|
+
verifySsl: this._verifySsl,
|
|
129
|
+
logger: this._log.for('aun_core.auth'),
|
|
130
|
+
net: this._net,
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
close() {
|
|
134
|
+
this._keystore.close();
|
|
135
|
+
const net = this._net;
|
|
136
|
+
if (typeof net.close === 'function')
|
|
137
|
+
net.close();
|
|
138
|
+
}
|
|
139
|
+
// ── 离线方法 ──────────────────────────────────────────────────
|
|
140
|
+
load(aid) {
|
|
141
|
+
const target = String(aid ?? '').trim();
|
|
142
|
+
const certPem = this._keystore.loadCert(target);
|
|
143
|
+
if (!certPem) {
|
|
144
|
+
return resultErr(codes.CERT_NOT_FOUND, `certificate not found for aid: ${target}`);
|
|
145
|
+
}
|
|
146
|
+
let cert;
|
|
147
|
+
try {
|
|
148
|
+
cert = new X509Certificate(certPem);
|
|
149
|
+
}
|
|
150
|
+
catch (exc) {
|
|
151
|
+
return resultErr(codes.CERT_PARSE_ERROR, `certificate parse failed for aid: ${target}`, exc);
|
|
152
|
+
}
|
|
153
|
+
const timeErr = certTimeError(certPem);
|
|
154
|
+
if (timeErr === 'expired')
|
|
155
|
+
return resultErr(codes.CERT_EXPIRED, `certificate expired for aid: ${target}`);
|
|
156
|
+
if (timeErr === 'not_yet_valid')
|
|
157
|
+
return resultErr(codes.CERT_NOT_YET_VALID, `certificate not yet valid for aid: ${target}`);
|
|
158
|
+
const cn = certCommonName(certPem);
|
|
159
|
+
if (cn && cn !== target) {
|
|
160
|
+
return resultErr(codes.CERT_CHAIN_BROKEN, `certificate CN mismatch: expected ${target}, got ${cn}`);
|
|
161
|
+
}
|
|
162
|
+
const kp = this._keystore.loadKeyPair(target);
|
|
163
|
+
if (!kp || !kp.private_key_pem) {
|
|
164
|
+
return resultOk({
|
|
165
|
+
aid: AID._create({ aid: target, aunPath: this.aunPath, certPem, privateKeyPem: null, certValid: true, privateKeyValid: false, deviceId: this.deviceId, slotId: this.slotId }),
|
|
166
|
+
});
|
|
167
|
+
}
|
|
168
|
+
const privPem = String(kp.private_key_pem);
|
|
169
|
+
let privKey;
|
|
170
|
+
try {
|
|
171
|
+
privKey = createPrivateKey(privPem);
|
|
172
|
+
}
|
|
173
|
+
catch (exc) {
|
|
174
|
+
return resultErr(codes.PRIVATE_KEY_PARSE_ERROR, `private key parse failed for aid: ${target}`, exc);
|
|
175
|
+
}
|
|
176
|
+
// 配对自检(对齐 Python aid_store.py:145-150):
|
|
177
|
+
// 1) 从私钥导出公钥 DER,与证书公钥 DER 直接比对(不依赖 key.json 的 public_key_der_b64 字段,
|
|
178
|
+
// 防止该字段缺失时错配私钥蒙混过关)
|
|
179
|
+
// 2) DER 比对通过后,再做 sign/verify 探针:私钥签名固定 payload,证书公钥验签
|
|
180
|
+
try {
|
|
181
|
+
const certPubDer = cert.publicKey.export({ type: 'spki', format: 'der' });
|
|
182
|
+
const privPubDer = createPublicKey(privKey).export({ type: 'spki', format: 'der' });
|
|
183
|
+
if (!privPubDer.equals(certPubDer)) {
|
|
184
|
+
return resultErr(codes.KEYPAIR_MISMATCH, `private key does not match certificate for aid: ${target}`);
|
|
185
|
+
}
|
|
186
|
+
const probe = Buffer.from('aun-aidstore-private-key-self-test', 'utf-8');
|
|
187
|
+
const signature = signBytes(privPem, probe);
|
|
188
|
+
if (!verifySignatureWithCert(certPem, signature, probe)) {
|
|
189
|
+
return resultErr(codes.KEYPAIR_MISMATCH, `keypair self-test failed for aid: ${target}`);
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
catch (exc) {
|
|
193
|
+
return resultErr(codes.KEYPAIR_MISMATCH, `keypair self-test failed for aid: ${target}`, exc);
|
|
194
|
+
}
|
|
195
|
+
return resultOk({
|
|
196
|
+
aid: AID._create({ aid: target, aunPath: this.aunPath, certPem, privateKeyPem: privPem, certValid: true, privateKeyValid: true, deviceId: this.deviceId, slotId: this.slotId }),
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
list() {
|
|
200
|
+
try {
|
|
201
|
+
const aids = this._keystore.listIdentities?.() ?? [];
|
|
202
|
+
const identities = [];
|
|
203
|
+
for (const aid of [...aids].sort()) {
|
|
204
|
+
const loaded = this.load(aid);
|
|
205
|
+
if (!loaded.ok || !loaded.data)
|
|
206
|
+
continue;
|
|
207
|
+
const item = loaded.data.aid;
|
|
208
|
+
if (!item.isPrivateKeyValid())
|
|
209
|
+
continue;
|
|
210
|
+
identities.push({
|
|
211
|
+
aid: item.aid,
|
|
212
|
+
certNotAfter: item.certNotAfter,
|
|
213
|
+
certIssuer: item.certIssuer,
|
|
214
|
+
certFingerprint: item.certFingerprint,
|
|
215
|
+
});
|
|
216
|
+
}
|
|
217
|
+
return resultOk({ identities });
|
|
218
|
+
}
|
|
219
|
+
catch (exc) {
|
|
220
|
+
return resultErr('LIST_IDENTITIES_FAILED', String(exc), exc);
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
changeSeed(oldSeed, newSeed) {
|
|
224
|
+
if (!oldSeed.trim())
|
|
225
|
+
return resultErr(codes.PRIVATE_KEY_PARSE_ERROR, 'changeSeed requires a non-empty oldSeed');
|
|
226
|
+
if (!newSeed.trim())
|
|
227
|
+
return resultErr(codes.PRIVATE_KEY_PARSE_ERROR, 'changeSeed requires a non-empty newSeed');
|
|
228
|
+
if (oldSeed === newSeed)
|
|
229
|
+
return resultErr(codes.PRIVATE_KEY_PARSE_ERROR, 'newSeed must differ from oldSeed');
|
|
230
|
+
try {
|
|
231
|
+
const result = this._keystore.changeSeed(oldSeed, newSeed);
|
|
232
|
+
this._encryptionSeed = newSeed;
|
|
233
|
+
return resultOk({ changed: true, count: result.migrated ?? 0 });
|
|
234
|
+
}
|
|
235
|
+
catch (exc) {
|
|
236
|
+
return resultErr(codes.PRIVATE_KEY_PARSE_ERROR, String(exc), exc);
|
|
237
|
+
}
|
|
238
|
+
}
|
|
239
|
+
// ── 联网方法 ──────────────────────────────────────────────────
|
|
240
|
+
async register(aid) {
|
|
241
|
+
const target = String(aid ?? '').trim();
|
|
242
|
+
this._log.for('aun_core.aid_store').debug(`register enter: aid=${target || '-'}`);
|
|
243
|
+
try {
|
|
244
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
245
|
+
await this._auth.registerAid(gatewayUrl, target);
|
|
246
|
+
return resultOk({ registered: true });
|
|
247
|
+
}
|
|
248
|
+
catch (exc) {
|
|
249
|
+
if (exc instanceof IdentityConflictError) {
|
|
250
|
+
return resultErr(codes.IDENTITY_CONFLICT, String(exc), exc);
|
|
251
|
+
}
|
|
252
|
+
if (exc instanceof ValidationError) {
|
|
253
|
+
return resultErr(codes.INVALID_AID_FORMAT, String(exc), exc);
|
|
254
|
+
}
|
|
255
|
+
const msg = exc instanceof Error ? exc.message : String(exc);
|
|
256
|
+
if (msg.includes('network') || msg.includes('connect') || msg.includes('timeout')) {
|
|
257
|
+
return resultErr(codes.NETWORK_ERROR, msg, exc);
|
|
258
|
+
}
|
|
259
|
+
return resultErr(codes.SERVER_ERROR, msg, exc);
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
async exists(aid) {
|
|
263
|
+
const target = String(aid ?? '').trim();
|
|
264
|
+
try {
|
|
265
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
266
|
+
const url = pkiCertUrl(gatewayUrl, target);
|
|
267
|
+
const [status] = await httpHead(url, this._verifySsl, 5000);
|
|
268
|
+
if (status === 200)
|
|
269
|
+
return resultOk({ exists: true });
|
|
270
|
+
if (status === 404)
|
|
271
|
+
return resultOk({ exists: false });
|
|
272
|
+
return resultErr(codes.NETWORK_ERROR, `unexpected PKI HEAD status ${status}`);
|
|
273
|
+
}
|
|
274
|
+
catch (exc) {
|
|
275
|
+
return resultErr(codes.NETWORK_ERROR, String(exc), exc);
|
|
276
|
+
}
|
|
277
|
+
}
|
|
278
|
+
async resolve(aid, opts) {
|
|
279
|
+
const target = String(aid ?? '').trim();
|
|
280
|
+
const forceRefresh = !!(opts?.forceRefresh);
|
|
281
|
+
const skipAgentMd = !!(opts?.skipAgentMd);
|
|
282
|
+
try {
|
|
283
|
+
let peer;
|
|
284
|
+
let certFromCache = false;
|
|
285
|
+
const loaded = this.load(target);
|
|
286
|
+
if (loaded.ok && loaded.data && !forceRefresh) {
|
|
287
|
+
peer = loaded.data.aid;
|
|
288
|
+
certFromCache = true;
|
|
289
|
+
}
|
|
290
|
+
else {
|
|
291
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
292
|
+
const certPem = await this._auth.fetchPeerCert(gatewayUrl, target);
|
|
293
|
+
if (!certPem)
|
|
294
|
+
return resultErr(codes.CERT_NOT_FOUND, `certificate not found for aid: ${target}`);
|
|
295
|
+
this._keystore.saveCert(target, certPem);
|
|
296
|
+
const reloaded = this.load(target);
|
|
297
|
+
if (!reloaded.ok || !reloaded.data)
|
|
298
|
+
return reloaded;
|
|
299
|
+
peer = reloaded.data.aid;
|
|
300
|
+
}
|
|
301
|
+
const source = { cert_from_cache: certFromCache, agent_md_fetched: false };
|
|
302
|
+
if (skipAgentMd)
|
|
303
|
+
return resultOk({ aid: peer, source });
|
|
304
|
+
const agentMd = await this.fetchAgentMd(target);
|
|
305
|
+
if (!agentMd.ok)
|
|
306
|
+
return agentMd;
|
|
307
|
+
source.agent_md_fetched = true;
|
|
308
|
+
return resultOk({ aid: peer, agent_md: agentMd.data, source });
|
|
309
|
+
}
|
|
310
|
+
catch (exc) {
|
|
311
|
+
return resultErr(codes.NETWORK_ERROR, String(exc), exc);
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
async fetchAgentMd(aid) {
|
|
315
|
+
const target = String(aid ?? '').trim();
|
|
316
|
+
try {
|
|
317
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
318
|
+
const url = agentMdUrl(target, gatewayUrl, this._discoveryPort);
|
|
319
|
+
const cached = (this._agentMdCache.get(target) ?? {});
|
|
320
|
+
const reqHeaders = { Accept: 'text/markdown' };
|
|
321
|
+
if (cached.etag)
|
|
322
|
+
reqHeaders['If-None-Match'] = cached.etag;
|
|
323
|
+
if (cached.last_modified)
|
|
324
|
+
reqHeaders['If-Modified-Since'] = cached.last_modified;
|
|
325
|
+
let [content, respHeaders, status] = await httpGetText(url, this._verifySsl, reqHeaders, 30000);
|
|
326
|
+
if (status === 304 && cached.content) {
|
|
327
|
+
content = String(cached.content);
|
|
328
|
+
}
|
|
329
|
+
else if (status === 404) {
|
|
330
|
+
return resultErr(codes.AGENTMD_NOT_FOUND, `agent.md not found for aid: ${target}`);
|
|
331
|
+
}
|
|
332
|
+
else if (status < 200 || status >= 300) {
|
|
333
|
+
return resultErr(codes.NETWORK_ERROR, `download agent.md failed: HTTP ${status}`);
|
|
334
|
+
}
|
|
335
|
+
// 加载对端证书用于验签
|
|
336
|
+
let peer;
|
|
337
|
+
const loaded = this.load(target);
|
|
338
|
+
if (loaded.ok && loaded.data) {
|
|
339
|
+
peer = loaded.data.aid;
|
|
340
|
+
}
|
|
341
|
+
else {
|
|
342
|
+
const resolved = await this.resolve(target, { skipAgentMd: true });
|
|
343
|
+
if (!resolved.ok || !resolved.data)
|
|
344
|
+
return resolved;
|
|
345
|
+
peer = resolved.data.aid;
|
|
346
|
+
}
|
|
347
|
+
const verified = peer.verifyAgentMd(content);
|
|
348
|
+
if (!verified.ok || !verified.data)
|
|
349
|
+
return verified;
|
|
350
|
+
const sig = verified.data;
|
|
351
|
+
const statusText = sig.status ?? 'invalid';
|
|
352
|
+
const verification = { status: statusText };
|
|
353
|
+
if (sig.reason)
|
|
354
|
+
verification.reason = sig.reason;
|
|
355
|
+
const etag = String(respHeaders['etag'] ?? respHeaders['ETag'] ?? '').trim();
|
|
356
|
+
const lastModified = String(respHeaders['last-modified'] ?? respHeaders['Last-Modified'] ?? '').trim();
|
|
357
|
+
this._agentMdCache.set(target, { content, etag, last_modified: lastModified, updated_at: String(Date.now()) });
|
|
358
|
+
return resultOk({ aid: target, content, verification, signature: sig, cert_pem: peer.certPem, certPem: peer.certPem, etag, last_modified: lastModified, status });
|
|
359
|
+
}
|
|
360
|
+
catch (exc) {
|
|
361
|
+
return resultErr(codes.NETWORK_ERROR, String(exc), exc);
|
|
362
|
+
}
|
|
363
|
+
}
|
|
364
|
+
async headAgentMd(aid) {
|
|
365
|
+
const target = String(aid ?? '').trim();
|
|
366
|
+
try {
|
|
367
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
368
|
+
const url = agentMdUrl(target, gatewayUrl, this._discoveryPort);
|
|
369
|
+
const [status, headers] = await httpHead(url, this._verifySsl, 15000);
|
|
370
|
+
if (status === 404)
|
|
371
|
+
return resultErr(codes.AGENTMD_NOT_FOUND, `agent.md not found for aid: ${target}`);
|
|
372
|
+
if (status < 200 || status >= 300)
|
|
373
|
+
return resultErr(codes.NETWORK_ERROR, `head agent.md failed: HTTP ${status}`);
|
|
374
|
+
const etag = String(headers['etag'] ?? headers['ETag'] ?? '').trim();
|
|
375
|
+
const lastModified = String(headers['last-modified'] ?? headers['Last-Modified'] ?? '').trim();
|
|
376
|
+
const contentLength = parseInt(String(headers['content-length'] ?? '0'), 10) || 0;
|
|
377
|
+
const cached = (this._agentMdCache.get(target) ?? {});
|
|
378
|
+
this._agentMdCache.set(target, { ...cached, etag, last_modified: lastModified, remote_checked_at: Date.now() });
|
|
379
|
+
return resultOk({ aid: target, found: true, etag, last_modified: lastModified, content_length: contentLength, status });
|
|
380
|
+
}
|
|
381
|
+
catch (exc) {
|
|
382
|
+
return resultErr(codes.NETWORK_ERROR, String(exc), exc);
|
|
383
|
+
}
|
|
384
|
+
}
|
|
385
|
+
async checkAgentMd(aid, ttlDays = 1) {
|
|
386
|
+
const target = String(aid ?? '').trim();
|
|
387
|
+
const cached = (this._agentMdCache.get(target) ?? {});
|
|
388
|
+
const head = await this.headAgentMd(target);
|
|
389
|
+
let remote;
|
|
390
|
+
if (!head.ok || !head.data) {
|
|
391
|
+
if (resultError(head)?.code === codes.AGENTMD_NOT_FOUND) {
|
|
392
|
+
remote = { aid: target, found: false, etag: '', last_modified: '', content_length: 0, status: 404 };
|
|
393
|
+
}
|
|
394
|
+
else {
|
|
395
|
+
return head;
|
|
396
|
+
}
|
|
397
|
+
}
|
|
398
|
+
else {
|
|
399
|
+
remote = head.data;
|
|
400
|
+
}
|
|
401
|
+
const localEtag = String(cached.etag ?? '').trim();
|
|
402
|
+
const localFound = !!(cached.content);
|
|
403
|
+
const remoteFound = !!(remote.found);
|
|
404
|
+
const remoteEtag = String(remote.etag ?? '').trim();
|
|
405
|
+
const needsUpdate = remoteFound && (!localFound || (!!remoteEtag && remoteEtag !== localEtag));
|
|
406
|
+
return resultOk({ aid: target, local_found: localFound, remote_found: remoteFound, local_etag: localEtag, remote_etag: remoteEtag, needs_update: needsUpdate, ttl_days: ttlDays });
|
|
407
|
+
}
|
|
408
|
+
async diagnose(aid) {
|
|
409
|
+
const target = String(aid ?? '').trim();
|
|
410
|
+
const loaded = this.load(target);
|
|
411
|
+
const existsResult = await this.exists(target);
|
|
412
|
+
const remoteError = resultError(existsResult);
|
|
413
|
+
const remoteRegistered = !!(existsResult.ok && existsResult.data?.exists);
|
|
414
|
+
const remoteChecked = !!(existsResult.ok && existsResult.data != null);
|
|
415
|
+
let localCert = false;
|
|
416
|
+
let localPrivateKey = false;
|
|
417
|
+
let localError = null;
|
|
418
|
+
let localAid = null;
|
|
419
|
+
if (loaded.ok && loaded.data) {
|
|
420
|
+
localAid = loaded.data.aid;
|
|
421
|
+
localCert = localAid.isCertValid();
|
|
422
|
+
localPrivateKey = localAid.isPrivateKeyValid();
|
|
423
|
+
}
|
|
424
|
+
else {
|
|
425
|
+
localError = resultError(loaded);
|
|
426
|
+
}
|
|
427
|
+
const localValid = localCert && localPrivateKey;
|
|
428
|
+
const suggestions = [];
|
|
429
|
+
if (!localValid)
|
|
430
|
+
suggestions.push('load or register a local identity with a valid private key');
|
|
431
|
+
if (!remoteRegistered)
|
|
432
|
+
suggestions.push('register the AID before using it on the network');
|
|
433
|
+
if (remoteError)
|
|
434
|
+
suggestions.push(`remote registration check failed: ${remoteError.message}`);
|
|
435
|
+
let status;
|
|
436
|
+
if (localPrivateKey && remoteRegistered)
|
|
437
|
+
status = 'ready';
|
|
438
|
+
else if (!localPrivateKey && remoteChecked && !remoteRegistered)
|
|
439
|
+
status = 'available';
|
|
440
|
+
else if (remoteRegistered)
|
|
441
|
+
status = 'registered_remote';
|
|
442
|
+
else
|
|
443
|
+
status = 'unknown';
|
|
444
|
+
return resultOk({
|
|
445
|
+
aid: target, status, local_valid: localValid, localValid: localValid,
|
|
446
|
+
remote_registered: remoteRegistered, remoteRegistered,
|
|
447
|
+
suggestions,
|
|
448
|
+
local: { cert: localCert, private_key: localPrivateKey, error: localError },
|
|
449
|
+
remote: { checked: remoteChecked, exists: remoteChecked ? remoteRegistered : null, error: remoteError },
|
|
450
|
+
});
|
|
451
|
+
}
|
|
452
|
+
async renewCert(aid) {
|
|
453
|
+
const target = String(aid ?? '').trim();
|
|
454
|
+
const loaded = this.load(target);
|
|
455
|
+
if (!loaded.ok || !loaded.data || !loaded.data.aid.isPrivateKeyValid()) {
|
|
456
|
+
return resultErr(codes.PRIVATE_KEY_REQUIRED, `private key required for aid: ${target}`);
|
|
457
|
+
}
|
|
458
|
+
try {
|
|
459
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
460
|
+
// 通过 AuthFlow 短连接 RPC 完成续签
|
|
461
|
+
const aidObj = loaded.data.aid;
|
|
462
|
+
const clientNonce = new CryptoProvider().newClientNonce();
|
|
463
|
+
const phase1 = await this._auth._shortRpc(gatewayUrl, 'auth.aid_login1', {
|
|
464
|
+
aid: target, cert: aidObj.certPem, client_nonce: clientNonce,
|
|
465
|
+
});
|
|
466
|
+
const signResult = aidObj.sign(String(phase1.nonce));
|
|
467
|
+
if (!signResult.ok || !signResult.data) {
|
|
468
|
+
return resultErr(codes.CERT_RENEWAL_FAILED, resultError(signResult)?.message ?? 'sign failed');
|
|
469
|
+
}
|
|
470
|
+
const response = await this._auth._shortRpc(gatewayUrl, 'auth.renew_cert', {
|
|
471
|
+
aid: target, request_id: String(phase1.request_id), nonce: String(phase1.nonce), signature: signResult.data.signature,
|
|
472
|
+
});
|
|
473
|
+
const certPem = String(response.cert ?? response.cert_pem ?? '').trim();
|
|
474
|
+
if (!certPem)
|
|
475
|
+
return resultErr(codes.CERT_RENEWAL_FAILED, 'server response missing certificate');
|
|
476
|
+
this._keystore.saveCert(target, certPem);
|
|
477
|
+
const refreshed = this.load(target);
|
|
478
|
+
if (!refreshed.ok || !refreshed.data)
|
|
479
|
+
return resultErr(codes.CERT_RENEWAL_FAILED, 'renewed certificate reload failed');
|
|
480
|
+
const refreshedAid = refreshed.data.aid;
|
|
481
|
+
return resultOk({ renewed: true, new_cert_not_after: refreshedAid.certNotAfter, new_fingerprint: refreshedAid.certFingerprint });
|
|
482
|
+
}
|
|
483
|
+
catch (exc) {
|
|
484
|
+
return resultErr(codes.CERT_RENEWAL_FAILED, String(exc), exc);
|
|
485
|
+
}
|
|
486
|
+
}
|
|
487
|
+
async rekey(aid) {
|
|
488
|
+
const target = String(aid ?? '').trim();
|
|
489
|
+
const loaded = this.load(target);
|
|
490
|
+
if (!loaded.ok || !loaded.data || !loaded.data.aid.isPrivateKeyValid()) {
|
|
491
|
+
return resultErr(codes.PRIVATE_KEY_REQUIRED, `private key required for aid: ${target}`);
|
|
492
|
+
}
|
|
493
|
+
try {
|
|
494
|
+
const oldAid = loaded.data.aid;
|
|
495
|
+
const crypto = new CryptoProvider();
|
|
496
|
+
const newIdentity = crypto.generateIdentity();
|
|
497
|
+
const gatewayUrl = await this._resolveGateway(target);
|
|
498
|
+
const clientNonce = crypto.newClientNonce();
|
|
499
|
+
const phase1 = await this._auth._shortRpc(gatewayUrl, 'auth.aid_login1', {
|
|
500
|
+
aid: target, cert: oldAid.certPem, client_nonce: clientNonce,
|
|
501
|
+
});
|
|
502
|
+
const signPayload = Buffer.from(`${phase1.nonce}${newIdentity.public_key_der_b64}`, 'utf-8');
|
|
503
|
+
const signResult = oldAid.sign(signPayload);
|
|
504
|
+
if (!signResult.ok || !signResult.data) {
|
|
505
|
+
return resultErr(codes.REKEY_FAILED, resultError(signResult)?.message ?? 'sign failed');
|
|
506
|
+
}
|
|
507
|
+
const response = await this._auth._shortRpc(gatewayUrl, 'auth.rekey', {
|
|
508
|
+
aid: target, request_id: String(phase1.request_id), nonce: String(phase1.nonce),
|
|
509
|
+
new_public_key: newIdentity.public_key_der_b64, signature: signResult.data.signature,
|
|
510
|
+
});
|
|
511
|
+
const certPem = String(response.cert ?? response.cert_pem ?? '').trim();
|
|
512
|
+
if (!certPem)
|
|
513
|
+
return resultErr(codes.REKEY_FAILED, 'server response missing certificate');
|
|
514
|
+
this._keystore.saveIdentity(target, { aid: target, ...newIdentity, cert: certPem });
|
|
515
|
+
const refreshed = this.load(target);
|
|
516
|
+
if (!refreshed.ok || !refreshed.data)
|
|
517
|
+
return resultErr(codes.REKEY_FAILED, 'rekeyed identity reload failed');
|
|
518
|
+
const refreshedAid = refreshed.data.aid;
|
|
519
|
+
return resultOk({ rekeyed: true, new_fingerprint: refreshedAid.certFingerprint, new_cert_not_after: refreshedAid.certNotAfter });
|
|
520
|
+
}
|
|
521
|
+
catch (exc) {
|
|
522
|
+
return resultErr(codes.REKEY_FAILED, String(exc), exc);
|
|
523
|
+
}
|
|
524
|
+
}
|
|
525
|
+
// ── 内部辅助 ──────────────────────────────────────────────────
|
|
526
|
+
async _resolveGateway(aid) {
|
|
527
|
+
const dotIdx = aid.indexOf('.');
|
|
528
|
+
const issuerDomain = dotIdx >= 0 ? aid.slice(dotIdx + 1) : aid;
|
|
529
|
+
const cached = this._gatewayCache.get(issuerDomain);
|
|
530
|
+
if (cached)
|
|
531
|
+
return cached;
|
|
532
|
+
const port = this._discoveryPort ? `:${this._discoveryPort}` : '';
|
|
533
|
+
const gatewayUrl = `https://gateway.${issuerDomain}${port}/.well-known/aun-gateway`;
|
|
534
|
+
const discovered = await this._discovery.discover(gatewayUrl);
|
|
535
|
+
this._gatewayCache.set(issuerDomain, discovered);
|
|
536
|
+
return discovered;
|
|
537
|
+
}
|
|
538
|
+
}
|
|
539
|
+
//# sourceMappingURL=aid-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"aid-store.js","sourceRoot":"","sources":["../src/aid-store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,KAAK,MAAM,YAAY,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,SAAS,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAEpG,OAAO,EAAe,SAAS,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AACrC,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAC/D,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAcrE,SAAS,WAAW,CAAI,CAAY;IAClC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AAC/B,CAAC;AAED,SAAS,eAAe,CAAC,MAAe;IACtC,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,IAAI,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;IAC7C,OAAO,CAAC,IAAI,SAAS,CAAC;AACxB,CAAC;AAED,2CAA2C;AAC3C,SAAS,QAAQ,CAAC,GAAW,EAAE,SAAkB,EAAE,SAAS,GAAG,IAAI;IACjE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QACxD,MAAM,IAAI,GAAyB,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC1E,IAAI,CAAC,SAAS;YAAE,IAAI,CAAC,kBAAkB,GAAG,KAAK,CAAC;QAChD,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;YACzC,GAAG,CAAC,MAAM,EAAE,CAAC;YACb,MAAM,OAAO,GAA2B,EAAE,CAAC;YAC3C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjD,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;qBACrC,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;oBAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACrD,CAAC;YACD,OAAO,CAAC,CAAC,GAAG,CAAC,UAAU,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACtF,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,gDAAgD;AAChD,SAAS,WAAW,CAAC,GAAW,EAAE,SAAkB,EAAE,OAAgC,EAAE,SAAS,GAAG,KAAK;IACvG,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QACxD,MAAM,IAAI,GAAyB,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;QACnE,IAAI,CAAC,SAAS;YAAE,IAAI,CAAC,kBAAkB,GAAG,KAAK,CAAC;QAChD,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9C,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACjB,MAAM,WAAW,GAA2B,EAAE,CAAC;gBAC/C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjD,IAAI,OAAO,CAAC,KAAK,QAAQ;wBAAE,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;yBACzC,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;wBAAE,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzD,CAAC;gBACD,OAAO,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC;YACvF,CAAC,CAAC,CAAC;YACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,eAAe,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU,CAAC,UAAkB,EAAE,GAAW;IACjD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;IAC/D,OAAO,GAAG,MAAM,KAAK,MAAM,CAAC,IAAI,aAAa,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC;AACzE,CAAC;AAED,SAAS,UAAU,CAAC,GAAW,EAAE,UAAkB,EAAE,aAA6B;IAChF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1D,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IAC1D,IAAI,IAAI,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACpC,IAAI,aAAa,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,IAAI,GAAG,GAAG,IAAI,IAAI,aAAa,EAAE,CAAC;IAC5E,OAAO,GAAG,MAAM,MAAM,IAAI,WAAW,CAAC;AACxC,CAAC;AAED,MAAM,OAAO,QAAQ;IACV,OAAO,CAAS;IACjB,eAAe,CAAS;IACvB,QAAQ,CAAS;IACjB,MAAM,CAAS;IAEhB,SAAS,CAAe;IACxB,KAAK,CAAW;IAChB,UAAU,CAAmB;IAC7B,IAAI,CAAkB;IACtB,IAAI,CAAY;IAChB,UAAU,CAAU;IACpB,cAAc,CAAgB;IAC9B,aAAa,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC/C,aAAa,GAAyC,IAAI,GAAG,EAAE,CAAC;IAExE,YAAY,IASX;QACC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjI,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,SAAS,IAAI,KAAK,CAAC;QAC1C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC;QAEjD,IAAI,CAAC,IAAI,GAAG,IAAI,SAAS,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;QACjF,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEtC,IAAI,CAAC,SAAS,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE;YAC9C,cAAc,EAAE,IAAI,CAAC,eAAe,IAAI,SAAS;YACjD,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC;SAC3C,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,GAAG,IAAI,eAAe,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;QACvG,IAAI,CAAC,UAAU,GAAG,IAAI,gBAAgB,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAEpI,IAAI,CAAC,KAAK,GAAG,IAAI,QAAQ,CAAC;YACxB,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,MAAM,EAAE,IAAI,cAAc,EAAE;YAC5B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,IAAI;YACnC,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC;YACtC,GAAG,EAAE,IAAI,CAAC,IAAI;SACf,CAAC,CAAC;IACL,CAAC;IAED,KAAK;QACH,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAyC,CAAC;QAC3D,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,UAAU;YAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACnD,CAAC;IAED,6DAA6D;IAE7D,IAAI,CAAC,GAAW;QACd,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,cAAc,EAAE,kCAAkC,MAAM,EAAE,CAAC,CAAC;QACrF,CAAC;QACD,IAAI,IAAqB,CAAC;QAC1B,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,gBAAgB,EAAE,qCAAqC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;QAC/F,CAAC;QAED,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACvC,IAAI,OAAO,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,gCAAgC,MAAM,EAAE,CAAC,CAAC;QAC1G,IAAI,OAAO,KAAK,eAAe;YAAE,OAAO,SAAS,CAAC,KAAK,CAAC,kBAAkB,EAAE,sCAAsC,MAAM,EAAE,CAAC,CAAC;QAE5H,MAAM,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;QACnC,IAAI,EAAE,IAAI,EAAE,KAAK,MAAM,EAAE,CAAC;YACxB,OAAO,SAAS,CAAC,KAAK,CAAC,iBAAiB,EAAE,qCAAqC,MAAM,SAAS,EAAE,EAAE,CAAC,CAAC;QACtG,CAAC;QAED,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC;YAC/B,OAAO,QAAQ,CAAC;gBACd,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;aAC9K,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC;QAC3C,IAAI,OAA4C,CAAC;QACjD,IAAI,CAAC;YACH,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,uBAAuB,EAAE,qCAAqC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;QACtG,CAAC;QAED,wCAAwC;QACxC,sEAAsE;QACtE,uBAAuB;QACvB,uDAAuD;QACvD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;YACpF,MAAM,UAAU,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;YAC9F,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnC,OAAO,SAAS,CAAC,KAAK,CAAC,gBAAgB,EAAE,mDAAmD,MAAM,EAAE,CAAC,CAAC;YACxG,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE,OAAO,CAAC,CAAC;YACzE,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC5C,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;gBACxD,OAAO,SAAS,CAAC,KAAK,CAAC,gBAAgB,EAAE,qCAAqC,MAAM,EAAE,CAAC,CAAC;YAC1F,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,gBAAgB,EAAE,qCAAqC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;QAC/F,CAAC;QAED,OAAO,QAAQ,CAAC;YACd,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SAChL,CAAC,CAAC;IACL,CAAC;IAED,IAAI;QACF,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,EAAE,IAAI,EAAE,CAAC;YACrD,MAAM,UAAU,GAAc,EAAE,CAAC;YACjC,KAAK,MAAM,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;gBACnC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;oBAAE,SAAS;gBACzC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;gBAC7B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;oBAAE,SAAS;gBACxC,UAAU,CAAC,IAAI,CAAC;oBACd,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,YAAY,EAAE,IAAI,CAAC,YAAY;oBAC/B,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;iBACtC,CAAC,CAAC;YACL,CAAC;YACD,OAAO,QAAQ,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC;QAClC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,wBAAwB,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,UAAU,CAAC,OAAe,EAAE,OAAe;QACzC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;YAAE,OAAO,SAAS,CAAC,KAAK,CAAC,uBAAuB,EAAE,yCAAyC,CAAC,CAAC;QAChH,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE;YAAE,OAAO,SAAS,CAAC,KAAK,CAAC,uBAAuB,EAAE,yCAAyC,CAAC,CAAC;QAChH,IAAI,OAAO,KAAK,OAAO;YAAE,OAAO,SAAS,CAAC,KAAK,CAAC,uBAAuB,EAAE,kCAAkC,CAAC,CAAC;QAC7G,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC3D,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC;YAC/B,OAAO,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,uBAAuB,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED,6DAA6D;IAE7D,KAAK,CAAC,QAAQ,CAAC,GAAW;QACxB,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,KAAK,CAAC,uBAAuB,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACjD,OAAO,QAAQ,CAAC,EAAE,UAAU,EAAE,IAAa,EAAE,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,qBAAqB,EAAE,CAAC;gBACzC,OAAO,SAAS,CAAC,KAAK,CAAC,iBAAiB,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;YAC9D,CAAC;YACD,IAAI,GAAG,YAAY,eAAe,EAAE,CAAC;gBACnC,OAAO,SAAS,CAAC,KAAK,CAAC,kBAAkB,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;YAC/D,CAAC;YACD,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClF,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAClD,CAAC;YACD,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,GAAG,GAAG,UAAU,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;YAC5D,IAAI,MAAM,KAAK,GAAG;gBAAE,OAAO,QAAQ,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;YACtD,IAAI,MAAM,KAAK,GAAG;gBAAE,OAAO,QAAQ,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YACvD,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,8BAA8B,MAAM,EAAE,CAAC,CAAC;QAChF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,IAAkB;QAC3C,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QAC5C,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC1C,IAAI,CAAC;YACH,IAAI,IAAS,CAAC;YACd,IAAI,aAAa,GAAG,KAAK,CAAC;YAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACjC,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC9C,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;gBACvB,aAAa,GAAG,IAAI,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;gBACtD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;gBACnE,IAAI,CAAC,OAAO;oBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,cAAc,EAAE,kCAAkC,MAAM,EAAE,CAAC,CAAC;gBACjG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACnC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;oBAAE,OAAO,QAAyB,CAAC;gBACrE,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC;YAC3B,CAAC;YACD,MAAM,MAAM,GAAG,EAAE,eAAe,EAAE,aAAa,EAAE,gBAAgB,EAAE,KAAK,EAAE,CAAC;YAC3E,IAAI,WAAW;gBAAE,OAAO,QAAQ,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;YACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAChD,IAAI,CAAC,OAAO,CAAC,EAAE;gBAAE,OAAO,OAAwB,CAAC;YACjD,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;YAC/B,OAAO,QAAQ,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QACjE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAW;QAC5B,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAA2B,CAAC;YAChF,MAAM,UAAU,GAA2B,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;YACvE,IAAI,MAAM,CAAC,IAAI;gBAAE,UAAU,CAAC,eAAe,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC;YAC3D,IAAI,MAAM,CAAC,aAAa;gBAAE,UAAU,CAAC,mBAAmB,CAAC,GAAG,MAAM,CAAC,aAAa,CAAC;YAEjF,IAAI,CAAC,OAAO,EAAE,WAAW,EAAE,MAAM,CAAC,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;YAChG,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACrC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACnC,CAAC;iBAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC1B,OAAO,SAAS,CAAC,KAAK,CAAC,iBAAiB,EAAE,+BAA+B,MAAM,EAAE,CAAC,CAAC;YACrF,CAAC;iBAAM,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;gBACzC,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,kCAAkC,MAAM,EAAE,CAAC,CAAC;YACpF,CAAC;YAED,aAAa;YACb,IAAI,IAAS,CAAC;YACd,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACjC,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAC7B,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YACzB,CAAC;iBAAM,CAAC;gBACN,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;gBACnE,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;oBAAE,OAAO,QAAyB,CAAC;gBACrE,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAU,CAAC;YAClC,CAAC;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YAC7C,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;gBAAE,OAAO,QAAyB,CAAC;YACrE,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,IAAI,SAAS,CAAC;YAC3C,MAAM,YAAY,GAA2B,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YACpE,IAAI,GAAG,CAAC,MAAM;gBAAE,YAAY,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC;YAEjD,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7E,MAAM,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,WAAW,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACvG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAE/G,OAAO,QAAQ,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,CAAC;QACpK,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,GAAW;QAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YAChE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;YACtE,IAAI,MAAM,KAAK,GAAG;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,iBAAiB,EAAE,+BAA+B,MAAM,EAAE,CAAC,CAAC;YACvG,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,IAAI,GAAG;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,8BAA8B,MAAM,EAAE,CAAC,CAAC;YACjH,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACrE,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,IAAI,OAAO,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/F,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YAClF,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAA4B,CAAC;YACjF,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,iBAAiB,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAChH,OAAO,QAAQ,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1H,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,aAAa,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,OAAO,GAAG,CAAC;QACzC,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAA4B,CAAC;QACjF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,MAA+B,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YAC3B,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,KAAK,KAAK,CAAC,iBAAiB,EAAE,CAAC;gBACxD,MAAM,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,cAAc,EAAE,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;YACtG,CAAC;iBAAM,CAAC;gBACN,OAAO,IAAqB,CAAC;YAC/B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC;QACrB,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACnD,MAAM,UAAU,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,WAAW,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,WAAW,IAAI,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,UAAU,IAAI,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC;QAC/F,OAAO,QAAQ,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;IACrL,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,GAAW;QACxB,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;QAC9C,MAAM,gBAAgB,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,IAAI,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC1E,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,IAAI,YAAY,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC;QAEvE,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,UAAU,GAAY,IAAI,CAAC;QAC/B,IAAI,QAAQ,GAAe,IAAI,CAAC;QAChC,IAAI,MAAM,CAAC,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAC7B,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YAC3B,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YACnC,eAAe,GAAG,QAAQ,CAAC,iBAAiB,EAAE,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;QAED,MAAM,UAAU,GAAG,SAAS,IAAI,eAAe,CAAC;QAChD,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU;YAAE,WAAW,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;QAChG,IAAI,CAAC,gBAAgB;YAAE,WAAW,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAC3F,IAAI,WAAW;YAAE,WAAW,CAAC,IAAI,CAAC,qCAAqC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;QAE9F,IAAI,MAAc,CAAC;QACnB,IAAI,eAAe,IAAI,gBAAgB;YAAE,MAAM,GAAG,OAAO,CAAC;aACrD,IAAI,CAAC,eAAe,IAAI,aAAa,IAAI,CAAC,gBAAgB;YAAE,MAAM,GAAG,WAAW,CAAC;aACjF,IAAI,gBAAgB;YAAE,MAAM,GAAG,mBAAmB,CAAC;;YACnD,MAAM,GAAG,SAAS,CAAC;QAExB,OAAO,QAAQ,CAAC;YACd,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU;YACpE,iBAAiB,EAAE,gBAAgB,EAAE,gBAAgB;YACrD,WAAW;YACX,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,EAAE;YAC3E,MAAM,EAAE,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;SACxG,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAW;QACzB,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,EAAE,CAAC;YACvE,OAAO,SAAS,CAAC,KAAK,CAAC,oBAAoB,EAAE,iCAAiC,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;QACD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,2BAA2B;YAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YAC/B,MAAM,WAAW,GAAG,IAAI,cAAc,EAAE,CAAC,cAAc,EAAE,CAAC;YAC1D,MAAM,MAAM,GAAG,MAAO,IAAI,CAAC,KAAa,CAAC,SAAS,CAAC,UAAU,EAAE,iBAAiB,EAAE;gBAChF,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE,WAAW;aAC7D,CAAC,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YACrD,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;gBACvC,OAAO,SAAS,CAAC,KAAK,CAAC,mBAAmB,EAAE,WAAW,CAAC,UAAU,CAAC,EAAE,OAAO,IAAI,aAAa,CAAC,CAAC;YACjG,CAAC;YACD,MAAM,QAAQ,GAAG,MAAO,IAAI,CAAC,KAAa,CAAC,SAAS,CAAC,UAAU,EAAE,iBAAiB,EAAE;gBAClF,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;aACtH,CAAC,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACxE,IAAI,CAAC,OAAO;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,mBAAmB,EAAE,qCAAqC,CAAC,CAAC;YACjG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACzC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,mBAAmB,EAAE,mCAAmC,CAAC,CAAC;YACvH,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC;YACxC,OAAO,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,YAAY,CAAC,YAAY,EAAE,eAAe,EAAE,YAAY,CAAC,eAAe,EAAE,CAAC,CAAC;QACnI,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,mBAAmB,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,GAAW;QACrB,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,EAAE,CAAC;YACvE,OAAO,SAAS,CAAC,KAAK,CAAC,oBAAoB,EAAE,iCAAiC,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;YAC/B,MAAM,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;YACpC,MAAM,WAAW,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAC9C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC;YAC5C,MAAM,MAAM,GAAG,MAAO,IAAI,CAAC,KAAa,CAAC,SAAS,CAAC,UAAU,EAAE,iBAAiB,EAAE;gBAChF,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE,WAAW;aAC7D,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,GAAG,WAAW,CAAC,kBAAkB,EAAE,EAAE,OAAO,CAAC,CAAC;YAC7F,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC5C,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;gBACvC,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,WAAW,CAAC,UAAU,CAAC,EAAE,OAAO,IAAI,aAAa,CAAC,CAAC;YAC1F,CAAC;YACD,MAAM,QAAQ,GAAG,MAAO,IAAI,CAAC,KAAa,CAAC,SAAS,CAAC,UAAU,EAAE,YAAY,EAAE;gBAC7E,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC/E,cAAc,EAAE,WAAW,CAAC,kBAAkB,EAAE,SAAS,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS;aACrF,CAAC,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACxE,IAAI,CAAC,OAAO;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,qCAAqC,CAAC,CAAC;YAC1F,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;YACpF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI;gBAAE,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,gCAAgC,CAAC,CAAC;YAC7G,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC;YACxC,OAAO,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,YAAY,CAAC,eAAe,EAAE,kBAAkB,EAAE,YAAY,CAAC,YAAY,EAAE,CAAC,CAAC;QACnI,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,SAAS,CAAC,KAAK,CAAC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,6DAA6D;IAErD,KAAK,CAAC,eAAe,CAAC,GAAW;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAChC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/D,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACpD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAClE,MAAM,UAAU,GAAG,mBAAmB,YAAY,GAAG,IAAI,0BAA0B,CAAC;QACpF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAC9D,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QACjD,OAAO,UAAU,CAAC;IACpB,CAAC;CACF"}
|
package/dist/aid.d.ts
ADDED
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* AID 值对象 — 对齐 Python SDK aid.py
|
|
3
|
+
* 不可变,持有证书 + 可选私钥,提供密码学操作。
|
|
4
|
+
*/
|
|
5
|
+
import { type Result } from './result.js';
|
|
6
|
+
export interface VerifyResult {
|
|
7
|
+
status: 'verified' | 'invalid' | 'unsigned';
|
|
8
|
+
payload: string;
|
|
9
|
+
aid?: string;
|
|
10
|
+
cert_fingerprint?: string;
|
|
11
|
+
timestamp?: number;
|
|
12
|
+
reason?: string;
|
|
13
|
+
}
|
|
14
|
+
export declare class AID {
|
|
15
|
+
readonly aid: string;
|
|
16
|
+
readonly aunPath: string;
|
|
17
|
+
readonly certPem: string;
|
|
18
|
+
readonly deviceId: string;
|
|
19
|
+
readonly slotId: string;
|
|
20
|
+
private readonly _privateKeyPem;
|
|
21
|
+
private readonly _certValid;
|
|
22
|
+
private readonly _privateKeyValid;
|
|
23
|
+
private constructor();
|
|
24
|
+
static _create(params: {
|
|
25
|
+
aid: string;
|
|
26
|
+
aunPath: string;
|
|
27
|
+
certPem: string;
|
|
28
|
+
privateKeyPem: string | null;
|
|
29
|
+
certValid: boolean;
|
|
30
|
+
privateKeyValid: boolean;
|
|
31
|
+
deviceId?: string;
|
|
32
|
+
slotId?: string;
|
|
33
|
+
}): AID;
|
|
34
|
+
get publicKey(): string;
|
|
35
|
+
get certSubject(): string;
|
|
36
|
+
get certNotBefore(): Date;
|
|
37
|
+
get certNotAfter(): Date;
|
|
38
|
+
get certIssuer(): string;
|
|
39
|
+
get certFingerprint(): string;
|
|
40
|
+
isCertValid(): boolean;
|
|
41
|
+
isPrivateKeyValid(): boolean;
|
|
42
|
+
sign(payload: Buffer | string): Result<{
|
|
43
|
+
signature: string;
|
|
44
|
+
}>;
|
|
45
|
+
verify(payload: Buffer | string, signature: string): Result<{
|
|
46
|
+
valid: boolean;
|
|
47
|
+
}>;
|
|
48
|
+
signAgentMd(content: string): Result<{
|
|
49
|
+
signed: string;
|
|
50
|
+
}>;
|
|
51
|
+
verifyAgentMd(content: string): Result<VerifyResult>;
|
|
52
|
+
}
|