@agora-sdk/secure-chat-crypto 0.3.0 → 0.5.0

package/dist/esm/ts-mls/crypto.js

@@ -0,0 +1,363 @@
+// TsMlsSecureChatCrypto — the real RFC 9420 implementation of the SecureChatCrypto seam, on ts-mls.
+//
+// Where it sits in the blind-server model: ALL MLS crypto is here, client-side. Only ciphertext,
+// public KeyPackages, and Welcomes/Commits ever cross the wire; group secrets and private keys never
+// leave this object. It mirrors MockSecureChatCrypto's shape — an in-memory Map<groupIdHex, ClientState>
+// keyed by GroupHandle.mlsGroupId — so the interface and all call sites are unchanged.
+//
+// Security (CLAUDE.md #1): randomness is the platform CSPRNG (crypto.getRandomValues) + ts-mls/@noble;
+// failed decode/decrypt/join fail closed (throw, drop); consumed key material is zeroized.
+import { generateKeyPackageWithKey, defaultCapabilities, defaultLifetime, createGroup, createCommit, joinGroup, createApplicationMessage, processMessage, encodeMlsMessage, decodeMlsMessage, encodeGroupState, decodeGroupState, zeroOutUint8Array, acceptAll, emptyPskIndex, defaultKeyRetentionConfig, } from "ts-mls";
+// makeKeyPackageRef + getGroupMembers + defaultClientConfig aren't re-exported from the package root;
+// ts-mls exposes every module via its "./*.js" export, so deep-import them.
+import { makeKeyPackageRef } from "ts-mls/keyPackage.js";
+import { getGroupMembers } from "ts-mls/clientState.js";
+import { defaultClientConfig } from "ts-mls/clientConfig.js";
+import { SecureChatDecryptError } from "../interface.js";
+import { DEFAULT_CIPHERSUITE_ID, loadCiphersuite } from "./ciphersuite.js";
+import { sealBackup, openBackup } from "./backup.js";
+import { toHex, fromHex } from "./hex.js";
+const utf8 = (s) => new TextEncoder().encode(s);
+const MLS_VERSION = "mls10";
+/**
+ * Map a ts-mls decrypt/process failure to a {@link SecureChatDecryptError} with a classified reason.
+ * Matches on ts-mls's error messages/names (its secret-tree ratchet is the actual enforcement). The
+ * returned message is generic-by-reason — we never echo internal bytes or plaintext into the error.
+ */
+function classifyDecryptError(err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    const name = err instanceof Error ? err.name : "";
+    let reason = "unknown";
+    if (/desired gen(?:eration)? in the past/i.test(msg))
+        reason = "replay";
+    else if (/too far in the future/i.test(msg))
+        reason = "gap-too-large";
+    else if (/epoch too old|former epoch/i.test(msg))
+        reason = "epoch-too-old";
+    else if (name === "CryptoVerificationError" || /signature|verif|auth/i.test(msg))
+        reason = "unauthenticated";
+    else if (name === "CodecError" || /decode|malformed/i.test(msg))
+        reason = "malformed";
+    return new SecureChatDecryptError(reason, `secure-chat: message decrypt rejected (${reason})`);
+}
+/**
+ * Real RFC 9420 MLS implementation of {@link SecureChatCrypto}, built on ts-mls. Construct via
+ * `createTsMlsSecureChatCrypto`; inject into `<SecureChatProvider crypto={…}>`.
+ */
+export class TsMlsSecureChatCrypto {
+    constructor(options = {}) {
+        this.csImpl = null;
+        this.pending = new Map(); // hex(ref) → kp
+        this.groups = new Map(); // hex(groupId) → state
+        this.ciphersuiteId = options.ciphersuite ?? DEFAULT_CIPHERSUITE_ID;
+        this.clientConfig = {
+            ...defaultClientConfig,
+            keyRetentionConfig: { ...defaultKeyRetentionConfig, ...options.keyRetention },
+        };
+    }
+    /** Lazily load + memoize the ciphersuite primitives. */
+    async cs() {
+        if (!this.csImpl)
+            this.csImpl = await loadCiphersuite(this.ciphersuiteId);
+        return this.csImpl;
+    }
+    requireDevice() {
+        if (!this.device || !this.credential) {
+            throw new Error("secure-chat: no device identity (call generateDeviceIdentity or importDeviceState first)");
+        }
+        return this.device;
+    }
+    async generateDeviceIdentity(opts) {
+        const cs = await this.cs();
+        const { publicKey, signKey } = await cs.signature.keygen();
+        const credential = { credentialType: "basic", identity: utf8(opts.deviceId) };
+        this.device = { deviceId: opts.deviceId, ciphersuite: this.ciphersuiteId, signKey, publicKey };
+        this.credential = credential;
+        const identity = {
+            deviceId: opts.deviceId,
+            signaturePublicKey: publicKey,
+            credential: utf8(opts.deviceId), // opaque to the blind server; peers use the claimed KeyPackage
+            ciphersuite: this.ciphersuiteId,
+        };
+        return { identity, privateState: this.serializeDeviceState() };
+    }
+    async generateKeyPackages(count) {
+        const cs = await this.cs();
+        const dev = this.requireDevice();
+        const out = [];
+        for (let i = 0; i < count; i++) {
+            const { publicPackage, privatePackage } = await generateKeyPackageWithKey(this.credential, defaultCapabilities(), defaultLifetime, [], { signKey: dev.signKey, publicKey: dev.publicKey }, cs);
+            const ref = await makeKeyPackageRef(publicPackage, cs.hash);
+            const refHex = toHex(ref);
+            this.pending.set(refHex, { publicPackage, privatePackage });
+            out.push({
+                keyPackageRef: refHex,
+                keyPackage: encodeMlsMessage({ version: MLS_VERSION, wireformat: "mls_key_package", keyPackage: publicPackage }),
+                ciphersuite: dev.ciphersuite,
+            });
+        }
+        return out;
+    }
+    async createGroup(opts) {
+        const cs = await this.cs();
+        const dev = this.requireDevice();
+        const groupId = opts.mlsGroupId ?? crypto.getRandomValues(new Uint8Array(32));
+        // Seed the group with a fresh self KeyPackage (local-only; never published).
+        const self = await generateKeyPackageWithKey(this.credential, defaultCapabilities(), defaultLifetime, [], { signKey: dev.signKey, publicKey: dev.publicKey }, cs);
+        let state = await createGroup(groupId, self.publicPackage, self.privatePackage, [], cs, this.clientConfig);
+        const adds = opts.initialMembers.map((m) => ({
+            proposalType: "add", add: { keyPackage: this.decodeKeyPackage(m.keyPackage) },
+        }));
+        const commit = await createCommit({ state, cipherSuite: cs }, { extraProposals: adds, ratchetTreeExtension: true });
+        state = commit.newState;
+        this.zeroize(commit.consumed);
+        this.groups.set(toHex(groupId), state);
+        // ratchetTreeExtension:true → the tree rides inside the Welcome, so a recipient joins from it ALONE.
+        const welcomeBytes = encodeMlsMessage({ version: MLS_VERSION, wireformat: "mls_welcome", welcome: commit.welcome });
+        const welcomes = opts.initialMembers.map((m) => ({ targetDeviceId: m.deviceId, payload: welcomeBytes }));
+        return { group: { mlsGroupId: groupId, epoch: state.groupContext.epoch }, welcomes };
+    }
+    async addMember(group, newDevice) {
+        const cs = await this.cs();
+        const state = this.lookupGroup(group);
+        const commit = await createCommit({ state, cipherSuite: cs }, { extraProposals: [{ proposalType: "add", add: { keyPackage: this.decodeKeyPackage(newDevice.keyPackage) } }], ratchetTreeExtension: true });
+        this.zeroize(commit.consumed);
+        this.groups.set(toHex(group.mlsGroupId), commit.newState);
+        return {
+            commit: encodeMlsMessage(commit.commit),
+            welcomes: [{
+                    targetDeviceId: newDevice.deviceId,
+                    payload: encodeMlsMessage({ version: MLS_VERSION, wireformat: "mls_welcome", welcome: commit.welcome }),
+                }],
+            epoch: commit.newState.groupContext.epoch,
+        };
+    }
+    // Membership churn (remove/leave) is Phase 3 (multi-device). Fail closed rather than ship untested
+    // leaf-index handling: the DM happy path never calls this.
+    removeMember(_group, _leafDeviceId) {
+        throw new Error("secure-chat: removeMember is not implemented in the Phase 2 web core (Phase 3)");
+    }
+    async encryptMessage(group, plaintext) {
+        const cs = await this.cs();
+        const state = this.lookupGroup(group);
+        const res = await createApplicationMessage(state, plaintext, cs);
+        this.zeroize(res.consumed);
+        this.groups.set(toHex(group.mlsGroupId), res.newState);
+        return {
+            ciphertext: encodeMlsMessage({ version: MLS_VERSION, wireformat: "mls_private_message", privateMessage: res.privateMessage }),
+            epoch: res.newState.groupContext.epoch,
+        };
+    }
+    async decryptMessage(group, ciphertext) {
+        const cs = await this.cs();
+        const state = this.lookupGroup(group);
+        // ts-mls's secret-tree ratchet is the enforcement point: it throws on a replayed generation, an
+        // over-limit forward gap, a too-old epoch, or a failed authentication. We classify that throw (and
+        // decode failures) into a SecureChatDecryptError and re-raise it — and crucially we do NOT advance
+        // stored group state on failure (processMessage threw before returning newState), so a rejected
+        // message never ratchets us forward. Fail closed.
+        let res;
+        try {
+            const decoded = decodeMlsMessage(ciphertext, 0);
+            if (!decoded)
+                throw new SecureChatDecryptError("malformed", "secure-chat: malformed MLS message");
+            res = await processMessage(decoded[0], state, emptyPskIndex, acceptAll, cs);
+        }
+        catch (err) {
+            throw err instanceof SecureChatDecryptError ? err : classifyDecryptError(err);
+        }
+        this.zeroize(res.consumed);
+        this.groups.set(toHex(group.mlsGroupId), res.newState);
+        if (res.kind !== "applicationMessage") {
+            throw new SecureChatDecryptError("malformed", "secure-chat: expected an application message");
+        }
+        return { plaintext: res.message, senderDeviceId: this.peerDeviceId(res.newState), epoch: res.newState.groupContext.epoch };
+    }
+    async exportGroupIdentities(group) {
+        const state = this.lookupGroup(group);
+        const out = [];
+        // Read the roster from the MLS ratchet tree (same source peerDeviceId uses). Only basic-credential
+        // leaves carry a device-id identity; skip anything else rather than guess.
+        for (const leaf of getGroupMembers(state)) {
+            if (leaf.credential.credentialType !== "basic")
+                continue;
+            out.push({
+                deviceId: new TextDecoder().decode(leaf.credential.identity),
+                signaturePublicKey: leaf.signaturePublicKey,
+            });
+        }
+        return out;
+    }
+    async processWelcome(welcomePayload) {
+        const cs = await this.cs();
+        const decoded = decodeMlsMessage(welcomePayload, 0);
+        if (!decoded || decoded[0].wireformat !== "mls_welcome")
+            throw new Error("secure-chat: malformed Welcome");
+        const welcome = decoded[0].welcome;
+        // Match the Welcome to one of our pending KeyPackages by its MLS ref (welcome.secrets[].newMember).
+        let matchedRef;
+        let matched;
+        for (const s of welcome.secrets) {
+            const refHex = toHex(s.newMember);
+            const kp = this.pending.get(refHex);
+            if (kp) {
+                matchedRef = refHex;
+                matched = kp;
+                break;
+            }
+        }
+        if (!matched || !matchedRef)
+            throw new Error("secure-chat: no matching KeyPackage for this Welcome");
+        // ratchetTree omitted — it rode in via the creator's ratchetTreeExtension. Pass our clientConfig
+        // (positional args 6/7 — ratchetTree/resumingFromState — are unused here) so the joined group gets
+        // the configured key-retention window, not ts-mls's default.
+        const state = await joinGroup(welcome, matched.publicPackage, matched.privatePackage, emptyPskIndex, cs, undefined, undefined, this.clientConfig);
+        this.pending.delete(matchedRef); // one-time: consumed
+        this.groups.set(toHex(state.groupContext.groupId), state);
+        return { mlsGroupId: state.groupContext.groupId, epoch: state.groupContext.epoch };
+    }
+    async processCommit(group, commit) {
+        const cs = await this.cs();
+        const state = this.lookupGroup(group);
+        const decoded = decodeMlsMessage(commit, 0);
+        if (!decoded)
+            throw new Error("secure-chat: malformed commit");
+        const res = await processMessage(decoded[0], state, emptyPskIndex, acceptAll, cs);
+        this.zeroize(res.consumed);
+        if (res.kind !== "newState")
+            throw new Error("secure-chat: expected a commit/proposal, got an application message");
+        this.groups.set(toHex(group.mlsGroupId), res.newState);
+        return { mlsGroupId: group.mlsGroupId, epoch: res.newState.groupContext.epoch };
+    }
+    async processProposal(group, proposal) {
+        const cs = await this.cs();
+        const state = this.lookupGroup(group);
+        const decoded = decodeMlsMessage(proposal, 0);
+        if (!decoded)
+            throw new Error("secure-chat: malformed proposal");
+        const res = await processMessage(decoded[0], state, emptyPskIndex, acceptAll, cs);
+        this.zeroize(res.consumed);
+        if (res.kind === "newState")
+            this.groups.set(toHex(group.mlsGroupId), res.newState);
+    }
+    async exportGroupState(group) {
+        // ClientState = GroupState & { clientConfig }. encodeGroupState serializes the GroupState; the
+        // clientConfig (which holds non-serializable callbacks) is reattached from the default on import.
+        return encodeGroupState(this.lookupGroup(group));
+    }
+    async importGroupState(state) {
+        const decoded = decodeGroupState(state, 0);
+        if (!decoded)
+            throw new Error("secure-chat: corrupt group state");
+        // Reattach OUR clientConfig (not ts-mls's default) so the configured key-retention window survives
+        // the persistence round-trip — encodeGroupState drops the (callback-bearing) config.
+        const clientState = { ...decoded[0], clientConfig: this.clientConfig };
+        this.groups.set(toHex(clientState.groupContext.groupId), clientState);
+        return { mlsGroupId: clientState.groupContext.groupId, epoch: clientState.groupContext.epoch };
+    }
+    async exportDeviceState() {
+        return this.serializeDeviceState();
+    }
+    async importDeviceState(state) {
+        const p = JSON.parse(new TextDecoder().decode(state));
+        if (p.v !== 1)
+            throw new Error(`secure-chat: unsupported device-state version ${p.v}`);
+        this.device = {
+            deviceId: p.deviceId, ciphersuite: p.ciphersuite, signKey: fromHex(p.signKey), publicKey: fromHex(p.publicKey),
+        };
+        this.credential = { credentialType: "basic", identity: utf8(p.deviceId) };
+        this.pending.clear();
+        for (const e of p.pending) {
+            this.pending.set(e.ref, {
+                publicPackage: this.decodeKeyPackage(fromHex(e.publicPackage)),
+                privatePackage: {
+                    initPrivateKey: fromHex(e.initPrivateKey),
+                    hpkePrivateKey: fromHex(e.hpkePrivateKey),
+                    signaturePrivateKey: fromHex(e.signaturePrivateKey),
+                },
+            });
+        }
+        return { deviceId: p.deviceId, signaturePublicKey: this.device.publicKey, credential: utf8(p.deviceId), ciphersuite: p.ciphersuite };
+    }
+    // Passphrase backup of ALL local key material: the device identity (incl. the signature private
+    // key + pending KeyPackages, via serializeDeviceState) and every joined group's full MLS state.
+    // The argon2id KDF + AEAD live in ./backup.ts; here we just (de)serialize the payload. The blob is
+    // opaque to the blind server — only ciphertext crosses the wire.
+    async exportBackup(passphrase) {
+        const payload = {
+            v: 1,
+            device: toHex(this.serializeDeviceState()),
+            groups: [...this.groups.values()].map((st) => toHex(encodeGroupState(st))),
+        };
+        return sealBackup(utf8(JSON.stringify(payload)), passphrase);
+    }
+    async importBackup(passphrase, backup) {
+        const plain = await openBackup(backup, passphrase);
+        const payload = JSON.parse(new TextDecoder().decode(plain));
+        if (payload.v !== 1)
+            throw new Error(`secure-chat: unsupported backup payload version ${payload.v}`);
+        // Restore the device identity first (also clears + repopulates the pending KeyPackages).
+        const identity = await this.importDeviceState(fromHex(payload.device));
+        // Then every group's full state, keyed by its MLS group id (mirrors importGroupState).
+        for (const g of payload.groups) {
+            const decoded = decodeGroupState(fromHex(g), 0);
+            if (!decoded)
+                throw new Error("secure-chat: corrupt group state in backup");
+            const clientState = { ...decoded[0], clientConfig: this.clientConfig };
+            this.groups.set(toHex(clientState.groupContext.groupId), clientState);
+        }
+        return identity;
+    }
+    /** Serialize identity (incl. signature private key) + the pending KeyPackage store to an opaque blob. */
+    serializeDeviceState() {
+        const dev = this.requireDevice();
+        const payload = {
+            v: 1,
+            deviceId: dev.deviceId,
+            ciphersuite: dev.ciphersuite,
+            signKey: toHex(dev.signKey),
+            publicKey: toHex(dev.publicKey),
+            pending: [...this.pending.entries()].map(([ref, kp]) => ({
+                ref,
+                publicPackage: toHex(encodeMlsMessage({ version: MLS_VERSION, wireformat: "mls_key_package", keyPackage: kp.publicPackage })),
+                initPrivateKey: toHex(kp.privatePackage.initPrivateKey),
+                hpkePrivateKey: toHex(kp.privatePackage.hpkePrivateKey),
+                signaturePrivateKey: toHex(kp.privatePackage.signaturePrivateKey),
+            })),
+        };
+        return utf8(JSON.stringify(payload));
+    }
+    // Best-effort sender attribution for a DM: the one member that isn't us. Real per-message sender
+    // attribution for >2-member groups arrives with multi-device (Phase 3); the server also attests
+    // senderDeviceId on the message row independently, so a "" here degrades gracefully.
+    peerDeviceId(state) {
+        try {
+            const me = toHex(this.device.publicKey);
+            for (const leaf of getGroupMembers(state)) {
+                if (leaf.credential.credentialType === "basic" && toHex(leaf.signaturePublicKey) !== me) {
+                    return new TextDecoder().decode(leaf.credential.identity);
+                }
+            }
+        }
+        catch {
+            /* fall through to unknown */
+        }
+        return "";
+    }
+    // Helpers used across tasks 4–5.
+    /** @internal */ zeroize(consumed) { for (const c of consumed)
+        zeroOutUint8Array(c); }
+    /** @internal */ lookupGroup(group) {
+        const state = this.groups.get(toHex(group.mlsGroupId));
+        if (!state)
+            throw new Error("secure-chat: unknown group (not joined or evicted)");
+        return state;
+    }
+    /** @internal */ decodeKeyPackage(bytes) {
+        const d = decodeMlsMessage(bytes, 0);
+        if (!d || d[0].wireformat !== "mls_key_package")
+            throw new Error("secure-chat: malformed KeyPackage");
+        return d[0].keyPackage;
+    }
+}
+//# sourceMappingURL=crypto.js.map

package/dist/esm/ts-mls/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../src/ts-mls/crypto.ts"],"names":[],"mappings":"AAAA,oGAAoG;AACpG,EAAE;AACF,iGAAiG;AACjG,qGAAqG;AACrG,yGAAyG;AACzG,uFAAuF;AACvF,EAAE;AACF,uGAAuG;AACvG,2FAA2F;AAC3F,OAAO,EACL,yBAAyB,EAAE,mBAAmB,EAAE,eAAe,EAC/D,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,wBAAwB,EAAE,cAAc,EAC9E,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,SAAS,EAAE,aAAa,EACnH,yBAAyB,GAE1B,MAAM,QAAQ,CAAC;AAChB,sGAAsG;AACtG,4EAA4E;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAK7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC3E,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AAE1C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AACxD,MAAM,WAAW,GAAG,OAAgB,CAAC;AAErC;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,GAAY;IACxC,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAClD,IAAI,MAAM,GAA+B,SAAS,CAAC;IACnD,IAAI,sCAAsC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,GAAG,QAAQ,CAAC;SACnE,IAAI,wBAAwB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,GAAG,eAAe,CAAC;SACjE,IAAI,6BAA6B,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,GAAG,eAAe,CAAC;SACtE,IAAI,IAAI,KAAK,yBAAyB,IAAI,uBAAuB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,GAAG,iBAAiB,CAAC;SACxG,IAAI,IAAI,KAAK,YAAY,IAAI,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,GAAG,WAAW,CAAC;IACtF,OAAO,IAAI,sBAAsB,CAAC,MAAM,EAAE,0CAA0C,MAAM,GAAG,CAAC,CAAC;AACjG,CAAC;AAyCD;;;GAGG;AACH,MAAM,OAAO,qBAAqB;IAahC,YAAY,UAAwC,EAAE;QAX9C,WAAM,GAA2B,IAAI,CAAC;QAG3B,YAAO,GAAG,IAAI,GAAG,EAA6B,CAAC,CAAC,gBAAgB;QAChE,WAAM,GAAG,IAAI,GAAG,EAAuB,CAAC,CAAQ,uBAAuB;QAQxF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,WAAW,IAAI,sBAAsB,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG;YAClB,GAAG,mBAAmB;YACtB,kBAAkB,EAAE,EAAE,GAAG,yBAAyB,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE;SAC9E,CAAC;IACJ,CAAC;IAED,wDAAwD;IAC9C,KAAK,CAAC,EAAE;QAChB,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,IAAI,CAAC,MAAM,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1E,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAES,aAAa;QACrB,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAC;QAC9G,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,IAAgD;QAG3E,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;QAC3D,MAAM,UAAU,GAAe,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1F,IAAI,CAAC,MAAM,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC/F,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,MAAM,QAAQ,GAAmB;YAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,kBAAkB,EAAE,SAAS;YAC7B,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,+DAA+D;YAChG,WAAW,EAAE,IAAI,CAAC,aAAa;SAChC,CAAC;QACF,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;IACjE,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,KAAa;QACrC,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,GAAG,GAAuB,EAAE,CAAC;QACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;YAC/B,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GAAG,MAAM,yBAAyB,CACvE,IAAI,CAAC,UAAW,EAAE,mBAAmB,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,CACrH,CAAC;YACF,MAAM,GAAG,GAAG,MAAM,iBAAiB,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YAC5D,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;YAC1B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,aAAa,EAAE,cAAc,EAAE,CAAC,CAAC;YAC5D,GAAG,CAAC,IAAI,CAAC;gBACP,aAAa,EAAE,MAAM;gBACrB,UAAU,EAAE,gBAAgB,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,iBAAiB,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC;gBAChH,WAAW,EAAE,GAAG,CAAC,WAAW;aAC7B,CAAC,CAAC;QACL,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,IAGjB;QACC,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QAE9E,6EAA6E;QAC7E,MAAM,IAAI,GAAG,MAAM,yBAAyB,CAC1C,IAAI,CAAC,UAAW,EAAE,mBAAmB,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,CACrH,CAAC;QACF,IAAI,KAAK,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,cAAc,EAAE,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAE3G,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3C,YAAY,EAAE,KAAc,EAAE,GAAG,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE;SACvF,CAAC,CAAC,CAAC;QACJ,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,CAAC;QACpH,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC;QACxB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,CAAC;QAEvC,qGAAqG;QACrG,MAAM,YAAY,GAAG,gBAAgB,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,CAAC,OAAQ,EAAE,CAAC,CAAC;QACrH,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QACzG,OAAO,EAAE,KAAK,EAAE,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,CAAC;IACvF,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,KAAkB,EAAE,SAAuD;QACzF,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,YAAY,CAC/B,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,EAC1B,EAAE,cAAc,EAAE,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAC5I,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1D,OAAO;YACL,MAAM,EAAE,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC;YACvC,QAAQ,EAAE,CAAC;oBACT,cAAc,EAAE,SAAS,CAAC,QAAQ;oBAClC,OAAO,EAAE,gBAAgB,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,CAAC,OAAQ,EAAE,CAAC;iBACzG,CAAC;YACF,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK;SAC1C,CAAC;IACJ,CAAC;IAED,mGAAmG;IACnG,2DAA2D;IAC3D,YAAY,CAAC,MAAmB,EAAE,aAAqB;QACrD,MAAM,IAAI,KAAK,CAAC,gFAAgF,CAAC,CAAC;IACpG,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,KAAkB,EAAE,SAAqB;QAC5D,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,GAAG,GAAG,MAAM,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QACjE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvD,OAAO;YACL,UAAU,EAAE,gBAAgB,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,qBAAqB,EAAE,cAAc,EAAE,GAAG,CAAC,cAAc,EAAE,CAAC;YAC7H,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK;SACvC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,KAAkB,EAAE,UAAsB;QAG7D,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,gGAAgG;QAChG,mGAAmG;QACnG,mGAAmG;QACnG,gGAAgG;QAChG,kDAAkD;QAClD,IAAI,GAA+C,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,sBAAsB,CAAC,WAAW,EAAE,oCAAoC,CAAC,CAAC;YAClG,GAAG,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC,CAAU,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QACvF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,YAAY,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAChF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,GAAG,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;YACtC,MAAM,IAAI,sBAAsB,CAAC,WAAW,EAAE,8CAA8C,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAC7H,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAkB;QAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,GAAG,GAA0B,EAAE,CAAC;QACtC,mGAAmG;QACnG,2EAA2E;QAC3E,KAAK,MAAM,IAAI,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,KAAK,OAAO;gBAAE,SAAS;YACzD,GAAG,CAAC,IAAI,CAAC;gBACP,QAAQ,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAC5D,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;aAC5C,CAAC,CAAC;QACL,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,cAA0B;QAC7C,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,gBAAgB,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,aAAa;YAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAC3G,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;QACnC,oGAAoG;QACpG,IAAI,UAA8B,CAAC;QACnC,IAAI,OAAsC,CAAC;QAC3C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YAChC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;YAClC,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,EAAE,EAAE,CAAC;gBAAC,UAAU,GAAG,MAAM,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;gBAAC,MAAM;YAAC,CAAC;QACvD,CAAC;QACD,IAAI,CAAC,OAAO,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACrG,iGAAiG;QACjG,mGAAmG;QACnG,6DAA6D;QAC7D,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,cAAc,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAClJ,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,qBAAqB;QACtD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,CAAC;QAC1D,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACrF,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAAkB,EAAE,MAAkB;QACxD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC5C,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC,CAAU,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QAC3F,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACpH,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvD,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IAClF,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,KAAkB,EAAE,QAAoB;QAC5D,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACjE,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC,CAAU,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QAC3F,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU;YAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtF,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAAkB;QACvC,+FAA+F;QAC/F,kGAAkG;QAClG,OAAO,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,KAAiB;QACtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QAClE,mGAAmG;QACnG,qFAAqF;QACrF,MAAM,WAAW,GAAgB,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;QACpF,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,WAAW,CAAC,CAAC;QACtE,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,WAAW,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACjG,CAAC;IAED,KAAK,CAAC,iBAAiB;QACrB,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,KAAiB;QACvC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAGnD,CAAC;QACF,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvF,IAAI,CAAC,MAAM,GAAG;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/G,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1E,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE;gBACtB,aAAa,EAAE,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;gBAC9D,cAAc,EAAE;oBACd,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC;oBACzC,cAAc,EAAE,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC;oBACzC,mBAAmB,EAAE,OAAO,CAAC,CAAC,CAAC,mBAAmB,CAAC;iBACpD;aACF,CAAC,CAAC;QACL,CAAC;QACD,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACvI,CAAC;IAED,gGAAgG;IAChG,gGAAgG;IAChG,mGAAmG;IACnG,iEAAiE;IACjE,KAAK,CAAC,YAAY,CAAC,UAAkB;QACnC,MAAM,OAAO,GAAG;YACd,CAAC,EAAE,CAAC;YACJ,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC1C,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC;SAC3E,CAAC;QACF,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,UAAkB,EAAE,MAAwB;QAC7D,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAEzD,CAAC;QACF,IAAI,OAAO,CAAC,CAAC,KAAK,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,mDAAmD,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC;QACrG,yFAAyF;QACzF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACvE,uFAAuF;QACvF,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAChD,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAC5E,MAAM,WAAW,GAAgB,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;YACpF,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,WAAW,CAAC,CAAC;QACxE,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,yGAAyG;IAC/F,oBAAoB;QAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG;YACd,CAAC,EAAE,CAAC;YACJ,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC;YAC3B,SAAS,EAAE,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC;YAC/B,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;gBACvD,GAAG;gBACH,aAAa,EAAE,KAAK,CAAC,gBAAgB,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,iBAAiB,EAAE,UAAU,EAAE,EAAE,CAAC,aAAa,EAAE,CAAC,CAAC;gBAC7H,cAAc,EAAE,KAAK,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC;gBACvD,cAAc,EAAE,KAAK,CAAC,EAAE,CAAC,cAAc,CAAC,cAAc,CAAC;gBACvD,mBAAmB,EAAE,KAAK,CAAC,EAAE,CAAC,cAAc,CAAC,mBAAmB,CAAC;aAClE,CAAC,CAAC;SACJ,CAAC;QACF,OAAO,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;IACvC,CAAC;IAED,iGAAiG;IACjG,gGAAgG;IAChG,qFAAqF;IAC7E,YAAY,CAAC,KAAkB;QACrC,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,MAAO,CAAC,SAAS,CAAC,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,KAAK,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,EAAE,CAAC;oBACxF,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,6BAA6B;QAC/B,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,iCAAiC;IACjC,gBAAgB,CAAW,OAAO,CAAC,QAAsB,IAAU,KAAK,MAAM,CAAC,IAAI,QAAQ;QAAE,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACpH,gBAAgB,CAAW,WAAW,CAAC,KAAkB;QACvD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC;QACvD,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QAClF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,gBAAgB,CAAW,gBAAgB,CAAC,KAAiB;QAC3D,MAAM,CAAC,GAAG,gBAAgB,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACrC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,iBAAiB;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACtG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IACzB,CAAC;CACF"}

package/dist/esm/ts-mls/hex.d.ts

@@ -0,0 +1,4 @@
+/** Encode bytes as a lowercase hex string. */
+export declare function toHex(b: Uint8Array): string;
+/** Decode a lowercase/uppercase hex string back to bytes. */
+export declare function fromHex(s: string): Uint8Array;

package/dist/esm/ts-mls/hex.js

@@ -0,0 +1,18 @@
+// Local hex helpers so this package stays free of the core's base64 (the seam works in Uint8Array;
+// the network layer base64-encodes at the wire boundary). Used to key in-memory maps and to serialize
+// raw key bytes in device-state JSON.
+/** Encode bytes as a lowercase hex string. */
+export function toHex(b) {
+    let s = "";
+    for (const x of b)
+        s += x.toString(16).padStart(2, "0");
+    return s;
+}
+/** Decode a lowercase/uppercase hex string back to bytes. */
+export function fromHex(s) {
+    const out = new Uint8Array(s.length / 2);
+    for (let i = 0; i < out.length; i++)
+        out[i] = parseInt(s.slice(i * 2, i * 2 + 2), 16);
+    return out;
+}
+//# sourceMappingURL=hex.js.map

package/dist/esm/ts-mls/hex.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hex.js","sourceRoot":"","sources":["../../../src/ts-mls/hex.ts"],"names":[],"mappings":"AAAA,mGAAmG;AACnG,sGAAsG;AACtG,sCAAsC;AAEtC,8CAA8C;AAC9C,MAAM,UAAU,KAAK,CAAC,CAAa;IACjC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,MAAM,CAAC,IAAI,CAAC;QAAE,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACxD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,OAAO,CAAC,CAAS;IAC/B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACtF,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/esm/ts-mls/index.d.ts

@@ -0,0 +1,15 @@
+import { type TsMlsSecureChatCryptoOptions } from "./crypto.js";
+import type { SecureChatCrypto } from "../interface.js";
+export { TsMlsSecureChatCrypto, type TsMlsSecureChatCryptoOptions } from "./crypto.js";
+/**
+ * Create the real ts-mls {@link SecureChatCrypto} for injection into `<SecureChatProvider crypto={…}>`.
+ *
+ * @param options - {@link TsMlsSecureChatCryptoOptions}; defaults to ciphersuite 1.
+ * @returns A ready `SecureChatCrypto` backed by ts-mls.
+ * @example
+ * ```ts
+ * import { createTsMlsSecureChatCrypto } from "@agora-sdk/secure-chat-crypto/ts-mls";
+ * const crypto = createTsMlsSecureChatCrypto();
+ * ```
+ */
+export declare function createTsMlsSecureChatCrypto(options?: TsMlsSecureChatCryptoOptions): SecureChatCrypto;

package/dist/esm/ts-mls/index.js

@@ -0,0 +1,21 @@
+// @agora-sdk/secure-chat-crypto/ts-mls — the real RFC 9420 MLS core (ESM-only; pulls in ts-mls).
+//
+// Opt-in subpath so the heavy core is loaded ONLY by consumers that import it; the bare entry
+// (interface) and ./testing (mock) stay dependency-free. ESM-only because ts-mls is ESM-only.
+import { TsMlsSecureChatCrypto } from "./crypto.js";
+export { TsMlsSecureChatCrypto } from "./crypto.js";
+/**
+ * Create the real ts-mls {@link SecureChatCrypto} for injection into `<SecureChatProvider crypto={…}>`.
+ *
+ * @param options - {@link TsMlsSecureChatCryptoOptions}; defaults to ciphersuite 1.
+ * @returns A ready `SecureChatCrypto` backed by ts-mls.
+ * @example
+ * ```ts
+ * import { createTsMlsSecureChatCrypto } from "@agora-sdk/secure-chat-crypto/ts-mls";
+ * const crypto = createTsMlsSecureChatCrypto();
+ * ```
+ */
+export function createTsMlsSecureChatCrypto(options) {
+    return new TsMlsSecureChatCrypto(options);
+}
+//# sourceMappingURL=index.js.map

package/dist/esm/ts-mls/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/ts-mls/index.ts"],"names":[],"mappings":"AAAA,iGAAiG;AACjG,EAAE;AACF,8FAA8F;AAC9F,8FAA8F;AAC9F,OAAO,EAAE,qBAAqB,EAAqC,MAAM,aAAa,CAAC;AAGvF,OAAO,EAAE,qBAAqB,EAAqC,MAAM,aAAa,CAAC;AAEvF;;;;;;;;;;GAUG;AACH,MAAM,UAAU,2BAA2B,CAAC,OAAsC;IAChF,OAAO,IAAI,qBAAqB,CAAC,OAAO,CAAC,CAAC;AAC5C,CAAC"}

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@agora-sdk/secure-chat-crypto",
-  "version": "0.3.0",
+  "version": "0.5.0",
   "private": false,
   "license": "Apache-2.0",
   "author": "Agora SDK Plus, maintained by Jenova Marie",
-  "description": "The SecureChatCrypto seam for Agora end-to-end-encrypted chat (MLS / RFC 9420): the client crypto interface + a deterministic mock. Dependency-free; the real ts-mls/OpenMLS cores plug in behind the interface.",
+  "description": "The SecureChatCrypto seam for Agora end-to-end-encrypted chat (MLS / RFC 9420): the client crypto interface + a deterministic mock (./testing) + the real ts-mls core (./ts-mls, ESM-only). The bare entry and ./testing are dependency-free.",
   "keywords": [
     "agora",
     "secure-chat",
@@ -37,6 +37,10 @@
       "types": "./dist/esm/testing.d.ts",
       "import": "./dist/esm/testing.js",
       "require": "./dist/cjs/testing.js"
+    },
+    "./ts-mls": {
+      "types": "./dist/esm/ts-mls/index.d.ts",
+      "import": "./dist/esm/ts-mls/index.js"
     }
   },
   "publishConfig": {
@@ -45,6 +49,12 @@
   "files": [
     "dist"
   ],
+  "dependencies": {
+    "@noble/ciphers": "2.1.1",
+    "@noble/curves": "2.0.1",
+    "@noble/hashes": "2.0.1",
+    "ts-mls": "1.6.2"
+  },
   "scripts": {
     "build:esm": "tsc -p tsconfig.esm.json",
     "build:cjs": "tsc -p tsconfig.cjs.json && echo '{\"type\":\"commonjs\"}' > dist/cjs/package.json",