@ajna-inc/vaults 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/VaultsApi.d.ts +66 -1
- package/build/VaultsApi.js +72 -0
- package/build/VaultsApi.js.map +1 -1
- package/build/VaultsModule.js +2 -0
- package/build/VaultsModule.js.map +1 -1
- package/build/handlers/StoreVaultHandler.js +7 -4
- package/build/handlers/StoreVaultHandler.js.map +1 -1
- package/build/index.d.ts +3 -0
- package/build/index.js +6 -1
- package/build/index.js.map +1 -1
- package/build/repository/KemKeypairRecord.d.ts +37 -0
- package/build/repository/KemKeypairRecord.js +35 -0
- package/build/repository/KemKeypairRecord.js.map +1 -0
- package/build/repository/KemKeypairRepository.d.ts +18 -0
- package/build/repository/KemKeypairRepository.js +50 -0
- package/build/repository/KemKeypairRepository.js.map +1 -0
- package/build/repository/index.d.ts +3 -0
- package/build/repository/index.js +6 -1
- package/build/repository/index.js.map +1 -1
- package/build/services/KemKeyExchangeService.d.ts +65 -1
- package/build/services/KemKeyExchangeService.js +122 -2
- package/build/services/KemKeyExchangeService.js.map +1 -1
- package/build/services/VaultSigningService.d.ts +27 -0
- package/build/services/VaultSigningService.js +62 -0
- package/build/services/VaultSigningService.js.map +1 -1
- package/package.json +1 -1
package/build/VaultsApi.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { VaultRecord } from './repository/VaultRecord';
|
|
2
|
+
import type { KemKeypairWithKid } from './services/KemKeyExchangeService';
|
|
2
3
|
import type { VaultInfo, CreateVaultOptions, OpenVaultOptions, UpdateVaultOptions } from './services/VaultService';
|
|
3
4
|
import type { CreateSigningVaultOptions, SigningVaultResult, OpenSigningVaultResult, ReturnSignedDocumentOptions } from './services/VaultSigningService';
|
|
4
5
|
import type { Logger } from '@credo-ts/core';
|
|
@@ -173,7 +174,7 @@ export declare class VaultsApi {
|
|
|
173
174
|
* console.log(`Generated KEM key: ${keypair.kid}`)
|
|
174
175
|
* ```
|
|
175
176
|
*/
|
|
176
|
-
generateKemKeypair():
|
|
177
|
+
generateKemKeypair(): KemKeypairWithKid;
|
|
177
178
|
/**
|
|
178
179
|
* Store peer's ML-KEM public key for vault encryption
|
|
179
180
|
*
|
|
@@ -215,6 +216,46 @@ export declare class VaultsApi {
|
|
|
215
216
|
* @returns True if peer has KEM key
|
|
216
217
|
*/
|
|
217
218
|
hasPeerKemKey(connectionId: string): Promise<boolean>;
|
|
219
|
+
/**
|
|
220
|
+
* Store a local KEM keypair for a connection
|
|
221
|
+
*
|
|
222
|
+
* Call this after generateKemKeypair() to persist the keypair locally
|
|
223
|
+
* for later vault decryption.
|
|
224
|
+
*
|
|
225
|
+
* @param connectionId - Connection to associate the keypair with
|
|
226
|
+
* @param keypair - Full keypair including secret key
|
|
227
|
+
*/
|
|
228
|
+
storeLocalKeypair(connectionId: string, keypair: KemKeypairWithKid): Promise<void>;
|
|
229
|
+
/**
|
|
230
|
+
* Get the local KEM keypair for a connection
|
|
231
|
+
*
|
|
232
|
+
* @param connectionId - Connection ID
|
|
233
|
+
* @returns Full keypair or null
|
|
234
|
+
*/
|
|
235
|
+
getLocalKeypair(connectionId: string): Promise<KemKeypairWithKid | null>;
|
|
236
|
+
/**
|
|
237
|
+
* Check if a local keypair exists for a connection
|
|
238
|
+
*
|
|
239
|
+
* @param connectionId - Connection ID
|
|
240
|
+
* @returns True if local keypair exists
|
|
241
|
+
*/
|
|
242
|
+
hasLocalKeypair(connectionId: string): Promise<boolean>;
|
|
243
|
+
/**
|
|
244
|
+
* Find a local keypair by key identifier (kid)
|
|
245
|
+
*
|
|
246
|
+
* @param kid - Key identifier to search for
|
|
247
|
+
* @returns Keypair and associated connectionId, or null
|
|
248
|
+
*/
|
|
249
|
+
findKeypairByKid(kid: string): Promise<{
|
|
250
|
+
keypair: KemKeypairWithKid;
|
|
251
|
+
connectionId: string;
|
|
252
|
+
} | null>;
|
|
253
|
+
/**
|
|
254
|
+
* Delete the local keypair for a connection
|
|
255
|
+
*
|
|
256
|
+
* @param connectionId - Connection ID
|
|
257
|
+
*/
|
|
258
|
+
deleteLocalKeypair(connectionId: string): Promise<void>;
|
|
218
259
|
/**
|
|
219
260
|
* Create a signing vault encrypted to a signer's ML-KEM key
|
|
220
261
|
*
|
|
@@ -295,4 +336,28 @@ export declare class VaultsApi {
|
|
|
295
336
|
* ```
|
|
296
337
|
*/
|
|
297
338
|
returnSignedDocument(options: ReturnSignedDocumentOptions): Promise<SigningVaultResult>;
|
|
339
|
+
/**
|
|
340
|
+
* Resolve the decryption key for a vault
|
|
341
|
+
*
|
|
342
|
+
* Automatically finds the correct local KEM keypair that can decrypt
|
|
343
|
+
* the specified vault by matching recipient kids in the vault header.
|
|
344
|
+
*
|
|
345
|
+
* @param vaultId - Vault to find decryption key for
|
|
346
|
+
* @returns Secret key, kid, and connectionId; or null if no matching key found
|
|
347
|
+
*
|
|
348
|
+
* @example
|
|
349
|
+
* ```typescript
|
|
350
|
+
* const key = await agent.modules.vaults.resolveVaultDecryptionKey(vaultId)
|
|
351
|
+
* if (key) {
|
|
352
|
+
* const { document } = await agent.modules.vaults.openSigningVault(
|
|
353
|
+
* vaultRecord, key.secretKey, key.kid
|
|
354
|
+
* )
|
|
355
|
+
* }
|
|
356
|
+
* ```
|
|
357
|
+
*/
|
|
358
|
+
resolveVaultDecryptionKey(vaultId: string): Promise<{
|
|
359
|
+
secretKey: Uint8Array;
|
|
360
|
+
kid: string;
|
|
361
|
+
connectionId: string;
|
|
362
|
+
} | null>;
|
|
298
363
|
}
|
package/build/VaultsApi.js
CHANGED
|
@@ -286,6 +286,56 @@ let VaultsApi = class VaultsApi {
|
|
|
286
286
|
return this.kemKeyExchangeService.hasPeerKemKey(this.agentContext, connectionId);
|
|
287
287
|
}
|
|
288
288
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
289
|
+
// Local KEM Keypair Storage
|
|
290
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
291
|
+
/**
|
|
292
|
+
* Store a local KEM keypair for a connection
|
|
293
|
+
*
|
|
294
|
+
* Call this after generateKemKeypair() to persist the keypair locally
|
|
295
|
+
* for later vault decryption.
|
|
296
|
+
*
|
|
297
|
+
* @param connectionId - Connection to associate the keypair with
|
|
298
|
+
* @param keypair - Full keypair including secret key
|
|
299
|
+
*/
|
|
300
|
+
async storeLocalKeypair(connectionId, keypair) {
|
|
301
|
+
return this.kemKeyExchangeService.storeLocalKeypair(this.agentContext, connectionId, keypair);
|
|
302
|
+
}
|
|
303
|
+
/**
|
|
304
|
+
* Get the local KEM keypair for a connection
|
|
305
|
+
*
|
|
306
|
+
* @param connectionId - Connection ID
|
|
307
|
+
* @returns Full keypair or null
|
|
308
|
+
*/
|
|
309
|
+
async getLocalKeypair(connectionId) {
|
|
310
|
+
return this.kemKeyExchangeService.getLocalKeypair(this.agentContext, connectionId);
|
|
311
|
+
}
|
|
312
|
+
/**
|
|
313
|
+
* Check if a local keypair exists for a connection
|
|
314
|
+
*
|
|
315
|
+
* @param connectionId - Connection ID
|
|
316
|
+
* @returns True if local keypair exists
|
|
317
|
+
*/
|
|
318
|
+
async hasLocalKeypair(connectionId) {
|
|
319
|
+
return this.kemKeyExchangeService.hasLocalKeypair(this.agentContext, connectionId);
|
|
320
|
+
}
|
|
321
|
+
/**
|
|
322
|
+
* Find a local keypair by key identifier (kid)
|
|
323
|
+
*
|
|
324
|
+
* @param kid - Key identifier to search for
|
|
325
|
+
* @returns Keypair and associated connectionId, or null
|
|
326
|
+
*/
|
|
327
|
+
async findKeypairByKid(kid) {
|
|
328
|
+
return this.kemKeyExchangeService.findKeypairByKid(this.agentContext, kid);
|
|
329
|
+
}
|
|
330
|
+
/**
|
|
331
|
+
* Delete the local keypair for a connection
|
|
332
|
+
*
|
|
333
|
+
* @param connectionId - Connection ID
|
|
334
|
+
*/
|
|
335
|
+
async deleteLocalKeypair(connectionId) {
|
|
336
|
+
return this.kemKeyExchangeService.deleteLocalKeypair(this.agentContext, connectionId);
|
|
337
|
+
}
|
|
338
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
289
339
|
// Signing Vault Operations (for document signing workflows)
|
|
290
340
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
291
341
|
/**
|
|
@@ -376,6 +426,28 @@ let VaultsApi = class VaultsApi {
|
|
|
376
426
|
async returnSignedDocument(options) {
|
|
377
427
|
return this.vaultSigningService.returnSignedDocument(this.agentContext, options);
|
|
378
428
|
}
|
|
429
|
+
/**
|
|
430
|
+
* Resolve the decryption key for a vault
|
|
431
|
+
*
|
|
432
|
+
* Automatically finds the correct local KEM keypair that can decrypt
|
|
433
|
+
* the specified vault by matching recipient kids in the vault header.
|
|
434
|
+
*
|
|
435
|
+
* @param vaultId - Vault to find decryption key for
|
|
436
|
+
* @returns Secret key, kid, and connectionId; or null if no matching key found
|
|
437
|
+
*
|
|
438
|
+
* @example
|
|
439
|
+
* ```typescript
|
|
440
|
+
* const key = await agent.modules.vaults.resolveVaultDecryptionKey(vaultId)
|
|
441
|
+
* if (key) {
|
|
442
|
+
* const { document } = await agent.modules.vaults.openSigningVault(
|
|
443
|
+
* vaultRecord, key.secretKey, key.kid
|
|
444
|
+
* )
|
|
445
|
+
* }
|
|
446
|
+
* ```
|
|
447
|
+
*/
|
|
448
|
+
async resolveVaultDecryptionKey(vaultId) {
|
|
449
|
+
return this.vaultSigningService.resolveVaultDecryptionKey(this.agentContext, vaultId);
|
|
450
|
+
}
|
|
379
451
|
};
|
|
380
452
|
exports.VaultsApi = VaultsApi;
|
|
381
453
|
exports.VaultsApi = VaultsApi = __decorate([
|
package/build/VaultsApi.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"VaultsApi.js","sourceRoot":"","sources":["../src/VaultsApi.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"VaultsApi.js","sourceRoot":"","sources":["../src/VaultsApi.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAYA,yCAAyH;AACzH,0DAAsD;AACtD,4EAAwE;AACxE,wEAAoE;AACpE,uEAAmE;AACnE,kEAA8D;AAC9D,wFAAoF;AAEpF,yCAwBmB;AAEnB;;;;;;;GAOG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAOpB,YACE,YAA0B,EAC1B,sBAA8C,EAC9C,YAA0B,EACO,MAAc,EACvC,YAA0B,EAClC,qBAA4C,EAC5C,mBAAwC,EACxC,cAAmC,EACnC,eAAgC,EAChC,0BAAsD;QAL9C,iBAAY,GAAZ,YAAY,CAAc;QAOlC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,qBAAqB,GAAG,qBAAqB,CAAA;QAClD,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;QAC9C,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QAEpC,4BAA4B;QAC5B,IAAI,CAAC,uBAAuB,CAC1B,sBAAsB,EACtB,YAAY,EACZ,MAAM,EACN,eAAe,EACf,0BAA0B,EAC1B,cAAc,CACf,CAAA;IACH,CAAC;IAEO,uBAAuB,CAC7B,sBAA8C,EAC9C,YAA0B,EAC1B,MAAc,EACd,eAAgC,EAChC,iBAA6C,EAC7C,cAAmC;QAEnC,sCAAsC;QACtC,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,4BAAiB,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QACnG,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,gCAAqB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9F,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,+BAAoB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAA;QAC1F,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,2BAAgB,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAElG,gDAAgD;QAChD,sBAAsB,CAAC,sBAAsB,CAC3C,IAAI,gCAAqB,CAAC,MAAM,EAAE,eAAe,EAAE,cAAc,EAAE,YAAY,CAAC,CACjF,CAAA;QACD,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,gCAAqB,CAAC,MAAM,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC,CAAA;QAE9G,qBAAqB;QACrB,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,6BAAkB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAC5G,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,iCAAsB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/F,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,6BAAkB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAC5G,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,6BAAkB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAE5G,0BAA0B;QAC1B,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,+BAAoB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAC9G,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,6BAAkB,CAAC,MAAM,EAAE,eAAe,EAAE,YAAY,CAAC,CAAC,CAAA;QAC5G,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,4BAAiB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAA;QAE1F,qBAAqB;QACrB,sBAAsB,CAAC,sBAAsB,CAC3C,IAAI,8BAAmB,CAAC,MAAM,EAAE,eAAe,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAClF,CAAA;QACD,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,8BAAmB,CAAC,MAAM,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/G,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,2BAAgB,CAAC,MAAM,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC,CAAA;QAE5G,gBAAgB;QAChB,sBAAsB,CAAC,sBAAsB,CAAC,IAAI,oCAAyB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,8EAA8E;IAC9E,wBAAwB;IACxB,8EAA8E;IAE9E;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,gBAAgB,CAAC,MAAuB;QACnD,MAAM,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QAC3C,oEAAoE;QACpE,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC/D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,MAAM,CAAC,MAAM,YAAY,MAAM,CAAC,MAAM,EAAE,CAAC,CAAA;IAC1F,CAAC;IAED;;OAEG;IACI,mBAAmB;QACxB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAA;IAC3C,CAAC;IAED;;OAEG;IACI,iBAAiB;QACtB,OAAO,IAAI,CAAC,cAAc,CAAA;IAC5B,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,MAAM,CACjB,IAAgB,EAChB,OAA2B;QAE3B,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,IAAI,CAAC,OAAe,EAAE,OAAyB;QAC1D,OAAO,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;IACzE,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,IAAgB,EAAE,OAA2B;QAChF,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;IACjF,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,MAAM,CAAC,OAAe;QACjC,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IAClE,CAAC;IAED;;;;;;;;;;OAUG;IACI,KAAK,CAAC,IAAI;QACf,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IACxD,CAAC;IAED;;;;;;;;;;;OAWG;IACI,KAAK,CAAC,OAAO,CAAC,OAAe;QAClC,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IACnE,CAAC;IAED;;;;;;;;;;;;OAYG;IACI,KAAK,CAAC,MAAM,CAAC,OAAe;QACjC,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IAClE,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,SAAS,CAAC,OAAe;QACpC,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IACrE,CAAC;IAED,8EAA8E;IAC9E,2CAA2C;IAC3C,8EAA8E;IAE9E;;;;;;;;;;OAUG;IACI,kBAAkB;QACvB,OAAO,IAAI,CAAC,qBAAqB,CAAC,kBAAkB,EAAE,CAAA;IACxD,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,eAAe,CAC1B,YAAoB,EACpB,OAA+C;QAE/C,OAAO,IAAI,CAAC,qBAAqB,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAC7F,CAAC;IAED;;;;;;;;;;;;;OAaG;IACI,KAAK,CAAC,aAAa,CAAC,YAAoB;QAC7C,OAAO,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IAClF,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,aAAa,CAAC,YAAoB;QAC7C,OAAO,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IAClF,CAAC;IAED,8EAA8E;IAC9E,4BAA4B;IAC5B,8EAA8E;IAE9E;;;;;;;;OAQG;IACI,KAAK,CAAC,iBAAiB,CAC5B,YAAoB,EACpB,OAA0B;QAE1B,OAAO,IAAI,CAAC,qBAAqB,CAAC,iBAAiB,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAC/F,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,eAAe,CAC1B,YAAoB;QAEpB,OAAO,IAAI,CAAC,qBAAqB,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IACpF,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,eAAe,CAAC,YAAoB;QAC/C,OAAO,IAAI,CAAC,qBAAqB,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IACpF,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,gBAAgB,CAAC,GAAW;QAIvC,OAAO,IAAI,CAAC,qBAAqB,CAAC,gBAAgB,CAAC,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;IAC5E,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,kBAAkB,CAAC,YAAoB;QAClD,OAAO,IAAI,CAAC,qBAAqB,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IACvF,CAAC;IAED,8EAA8E;IAC9E,4DAA4D;IAC5D,8EAA8E;IAE9E;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACI,KAAK,CAAC,kBAAkB,CAAC,OAAkC;QAChE,OAAO,IAAI,CAAC,mBAAmB,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IAChF,CAAC;IAED;;;;;;;;;;;;;;;;;;;;OAoBG;IACI,KAAK,CAAC,gBAAgB,CAC3B,SAAyC,EACzC,SAAqB,EACrB,GAAW;QAEX,OAAO,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;IAChG,CAAC;IAED;;;;;;;;;;;;OAYG;IACI,KAAK,CAAC,iBAAiB,CAAC,OAAe,EAAE,YAAoB;QAClE,OAAO,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,YAAY,CAAC,CAAA;IAC7F,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACI,KAAK,CAAC,oBAAoB,CAAC,OAAoC;QACpE,OAAO,IAAI,CAAC,mBAAmB,CAAC,oBAAoB,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IAClF,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACI,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAKpD,OAAO,IAAI,CAAC,mBAAmB,CAAC,yBAAyB,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;IACvF,CAAC;CACF,CAAA;AA/fY,8BAAS;oBAAT,SAAS;IADrB,IAAA,iBAAU,GAAE;IAYR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,MAAM,CAAC,CAAA;qCAHlB,mBAAY;QACF,6BAAsB;QAChC,mBAAY,UAEJ,2BAAY;QACX,6CAAqB;QACvB,yCAAmB;QACxB,yCAAmB;QAClB,iCAAe;QACJ,uDAA0B;GAjB7C,SAAS,CA+frB"}
|
package/build/VaultsModule.js
CHANGED
|
@@ -11,6 +11,7 @@ const VaultSigningService_1 = require("./services/VaultSigningService");
|
|
|
11
11
|
const VaultStorageService_1 = require("./storage/VaultStorageService");
|
|
12
12
|
const VaultRepository_1 = require("./repository/VaultRepository");
|
|
13
13
|
const ThresholdSessionRepository_1 = require("./repository/ThresholdSessionRepository");
|
|
14
|
+
const KemKeypairRepository_1 = require("./repository/KemKeypairRepository");
|
|
14
15
|
/**
|
|
15
16
|
* Vaults Module
|
|
16
17
|
*
|
|
@@ -66,6 +67,7 @@ class VaultsModule {
|
|
|
66
67
|
// Register repositories
|
|
67
68
|
dependencyManager.registerSingleton(VaultRepository_1.VaultRepository);
|
|
68
69
|
dependencyManager.registerSingleton(ThresholdSessionRepository_1.ThresholdSessionRepository);
|
|
70
|
+
dependencyManager.registerSingleton(KemKeypairRepository_1.KemKeypairRepository);
|
|
69
71
|
// Register services
|
|
70
72
|
dependencyManager.registerSingleton(VaultEncryptionService_1.VaultEncryptionService);
|
|
71
73
|
dependencyManager.registerSingleton(VaultService_1.VaultService);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"VaultsModule.js","sourceRoot":"","sources":["../src/VaultsModule.ts"],"names":[],"mappings":";;;AAGA,yCAAyC;AAEzC,2CAAuC;AACvC,0DAAsD;AACtD,8EAA0E;AAC1E,wDAAoD;AACpD,4EAAwE;AACxE,wEAAoE;AACpE,uEAAmE;AACnE,kEAA8D;AAC9D,wFAAoF;
|
|
1
|
+
{"version":3,"file":"VaultsModule.js","sourceRoot":"","sources":["../src/VaultsModule.ts"],"names":[],"mappings":";;;AAGA,yCAAyC;AAEzC,2CAAuC;AACvC,0DAAsD;AACtD,8EAA0E;AAC1E,wDAAoD;AACpD,4EAAwE;AACxE,wEAAoE;AACpE,uEAAmE;AACnE,kEAA8D;AAC9D,wFAAoF;AACpF,4EAAwE;AAcxE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,YAAY;IAIvB,YAAmB,MAA2B;QAH9B,QAAG,GAAG,qBAAS,CAAA;QAI7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;OAEG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAA;IACpB,CAAC;IAED;;OAEG;IACI,QAAQ,CAAC,iBAAoC,EAAE,eAAgC;QACpF,wBAAwB;QACxB,iBAAiB,CAAC,iBAAiB,CAAC,iCAAe,CAAC,CAAA;QACpD,iBAAiB,CAAC,iBAAiB,CAAC,uDAA0B,CAAC,CAAA;QAC/D,iBAAiB,CAAC,iBAAiB,CAAC,2CAAoB,CAAC,CAAA;QAEzD,oBAAoB;QACpB,iBAAiB,CAAC,iBAAiB,CAAC,+CAAsB,CAAC,CAAA;QAC3D,iBAAiB,CAAC,iBAAiB,CAAC,2BAAY,CAAC,CAAA;QACjD,iBAAiB,CAAC,iBAAiB,CAAC,yBAAW,CAAC,CAAA;QAChD,iBAAiB,CAAC,iBAAiB,CAAC,6CAAqB,CAAC,CAAA;QAC1D,iBAAiB,CAAC,iBAAiB,CAAC,yCAAmB,CAAC,CAAA;QACxD,iBAAiB,CAAC,iBAAiB,CAAC,yCAAmB,CAAC,CAAA;QAExD,uEAAuE;QACvE,MAAM,KAAK,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACtC,IAAI,IAAI,CAAC,MAAM,EAAE,YAAY,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QACxB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA,CAAC,6BAA6B;QAEnD,eAAe,CAAC,QAAQ,CACtB,IAAI,eAAQ,CAAC;YACX,EAAE,EAAE,gCAAgC;YACpC,KAAK;SACN,CAAC,CACH,CAAA;QAED,iEAAiE;QACjE,6DAA6D;QAC7D,uEAAuE;QAEvE,iEAAiE;QACjE,kCAAkC;IACpC,CAAC;CACF;AArDD,oCAqDC"}
|
|
@@ -22,11 +22,14 @@ class StoreVaultHandler {
|
|
|
22
22
|
// Check if vault already exists
|
|
23
23
|
const existing = await this.vaultRepository.findByVaultId(agentContext, message.vaultId);
|
|
24
24
|
if (existing) {
|
|
25
|
-
//
|
|
26
|
-
|
|
27
|
-
|
|
25
|
+
// Vault already exists locally — this is a sync/echo from our own share.
|
|
26
|
+
// Only update ciphertext if it was empty (e.g. external storage placeholder),
|
|
27
|
+
// and track the update without overwriting local metadata.
|
|
28
|
+
if (!existing.ciphertext && message.ciphertext) {
|
|
29
|
+
existing.ciphertext = message.ciphertext;
|
|
30
|
+
}
|
|
28
31
|
existing.updatedAt = new Date();
|
|
29
|
-
// Track
|
|
32
|
+
// Track receipt without clobbering local metadata
|
|
30
33
|
existing.header.metadata = {
|
|
31
34
|
...existing.header.metadata,
|
|
32
35
|
lastReceivedFrom: connection?.id,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StoreVaultHandler.js","sourceRoot":"","sources":["../../src/handlers/StoreVaultHandler.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAIH,yCAAqE;AAErE,0CAAsE;AAEtE,2DAAuD;AACvD,kDAAiD;AAEjD,MAAa,iBAAiB;IAK5B,YAAmB,eAAgC,EAAE,YAA0B;QAFxE,sBAAiB,GAAG,CAAC,4BAAiB,CAAC,CAAA;QAG5C,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,cAA+D;QACjF,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,cAAc,CAAA;QAE5D,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;QAExF,IAAI,QAAQ,EAAE,CAAC;YACb,
|
|
1
|
+
{"version":3,"file":"StoreVaultHandler.js","sourceRoot":"","sources":["../../src/handlers/StoreVaultHandler.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAIH,yCAAqE;AAErE,0CAAsE;AAEtE,2DAAuD;AACvD,kDAAiD;AAEjD,MAAa,iBAAiB;IAK5B,YAAmB,eAAgC,EAAE,YAA0B;QAFxE,sBAAiB,GAAG,CAAC,4BAAiB,CAAC,CAAA;QAG5C,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,cAA+D;QACjF,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,cAAc,CAAA;QAE5D,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;QAExF,IAAI,QAAQ,EAAE,CAAC;YACb,yEAAyE;YACzE,8EAA8E;YAC9E,2DAA2D;YAC3D,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBAC/C,QAAQ,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;YAC1C,CAAC;YACD,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAA;YAE/B,kDAAkD;YAClD,QAAQ,CAAC,MAAM,CAAC,QAAQ,GAAG;gBACzB,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ;gBAC3B,gBAAgB,EAAE,UAAU,EAAE,EAAE;gBAChC,cAAc,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACzC,CAAA;YAED,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;QAC3D,CAAC;aAAM,CAAC;YACN,0BAA0B;YAC1B,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;gBAC7B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,QAAQ,EAAE,YAAY,CAAC,oBAAoB;aAC5C,CAAC,CAAA;YAEF,2BAA2B;YAC3B,MAAM,CAAC,MAAM,CAAC,QAAQ,GAAG;gBACvB,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ;gBACzB,YAAY,EAAE,UAAU,EAAE,EAAE;gBAC5B,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACrC,CAAA;YAED,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QACvD,CAAC;QAED,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,QAAQ,EAAE,UAAU,EAAE,EAAE;aACzB;SACF,CAAC,CAAA;QAEF,wBAAwB;QACxB,MAAM,UAAU,GAAG,IAAI,gCAAqB,CAAC;YAC3C,QAAQ,EAAE,OAAO,CAAC,EAAE;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,eAAe,EAAE,OAAO;YACxB,eAAe,EAAE;gBACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC,CAAA;QAEF,OAAO,IAAI,6BAAsB,CAAC,UAAU,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAA;IAC7E,CAAC;CACF;AA5ED,8CA4EC"}
|
package/build/index.d.ts
CHANGED
|
@@ -35,5 +35,8 @@ export { VaultRepository } from './repository/VaultRepository';
|
|
|
35
35
|
export { ThresholdSessionRecord } from './repository/ThresholdSessionRecord';
|
|
36
36
|
export type { ThresholdSessionRecordProps, ThresholdSessionTags, ThresholdSessionStatus, CollectedShare, } from './repository/ThresholdSessionRecord';
|
|
37
37
|
export { ThresholdSessionRepository } from './repository/ThresholdSessionRepository';
|
|
38
|
+
export { KemKeypairRecord } from './repository/KemKeypairRecord';
|
|
39
|
+
export type { KemKeypairRecordProps, KemKeypairTags, DefaultKemKeypairTags, CustomKemKeypairTags, } from './repository/KemKeypairRecord';
|
|
40
|
+
export { KemKeypairRepository } from './repository/KemKeypairRepository';
|
|
38
41
|
export { initVaultCrypto, aesGcmEncrypt, aesGcmDecrypt, xchachaEncrypt, xchachaDecrypt, kemGenerateKeypair, kemEncapsulate, kemDecapsulate, kemWrapCek, kemUnwrapCek, hkdfExpand, hkdfJoin, deriveCek, deriveKid, deriveSymmetricKid, shamirSplit, shamirReconstruct, shamirSplitAndWrap, shamirUnwrapAndReconstruct, SecretShare, randomBytes, generateCek, generateNonceAesGcm, generateNonceXchacha, keyCommitment, verifyKeyCommitment, sha256, blake2s256, computeSummary, constantTimeEq, toBase64Url, fromBase64Url, toHex, fromHex, generateUuid, canonicalAad, buildContext, } from './crypto/wasm/VaultCrypto';
|
|
39
42
|
export type { AeadResult, KemKeypair, KemEncapResult, SecretShareType } from './crypto/wasm/VaultCrypto';
|
package/build/index.js
CHANGED
|
@@ -29,7 +29,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
29
29
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
30
30
|
};
|
|
31
31
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
32
|
-
exports.
|
|
32
|
+
exports.canonicalAad = exports.generateUuid = exports.fromHex = exports.toHex = exports.fromBase64Url = exports.toBase64Url = exports.constantTimeEq = exports.computeSummary = exports.blake2s256 = exports.sha256 = exports.verifyKeyCommitment = exports.keyCommitment = exports.generateNonceXchacha = exports.generateNonceAesGcm = exports.generateCek = exports.randomBytes = exports.SecretShare = exports.shamirUnwrapAndReconstruct = exports.shamirSplitAndWrap = exports.shamirReconstruct = exports.shamirSplit = exports.deriveSymmetricKid = exports.deriveKid = exports.deriveCek = exports.hkdfJoin = exports.hkdfExpand = exports.kemUnwrapCek = exports.kemWrapCek = exports.kemDecapsulate = exports.kemEncapsulate = exports.kemGenerateKeypair = exports.xchachaDecrypt = exports.xchachaEncrypt = exports.aesGcmDecrypt = exports.aesGcmEncrypt = exports.initVaultCrypto = exports.KemKeypairRepository = exports.KemKeypairRecord = exports.ThresholdSessionRepository = exports.ThresholdSessionRecord = exports.VaultRepository = exports.VaultRecord = exports.VaultSigningService = exports.KEM_KEY_METADATA_KEY = exports.KemKeyExchangeService = exports.VaultEncryptionService = exports.VaultService = exports.VaultEventTypes = exports.VaultsApi = exports.VaultsModule = void 0;
|
|
33
|
+
exports.buildContext = void 0;
|
|
33
34
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
34
35
|
// Module & API
|
|
35
36
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
@@ -77,6 +78,10 @@ var ThresholdSessionRecord_1 = require("./repository/ThresholdSessionRecord");
|
|
|
77
78
|
Object.defineProperty(exports, "ThresholdSessionRecord", { enumerable: true, get: function () { return ThresholdSessionRecord_1.ThresholdSessionRecord; } });
|
|
78
79
|
var ThresholdSessionRepository_1 = require("./repository/ThresholdSessionRepository");
|
|
79
80
|
Object.defineProperty(exports, "ThresholdSessionRepository", { enumerable: true, get: function () { return ThresholdSessionRepository_1.ThresholdSessionRepository; } });
|
|
81
|
+
var KemKeypairRecord_1 = require("./repository/KemKeypairRecord");
|
|
82
|
+
Object.defineProperty(exports, "KemKeypairRecord", { enumerable: true, get: function () { return KemKeypairRecord_1.KemKeypairRecord; } });
|
|
83
|
+
var KemKeypairRepository_1 = require("./repository/KemKeypairRepository");
|
|
84
|
+
Object.defineProperty(exports, "KemKeypairRepository", { enumerable: true, get: function () { return KemKeypairRepository_1.KemKeypairRepository; } });
|
|
80
85
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
81
86
|
// Crypto (for advanced usage)
|
|
82
87
|
// ═══════════════════════════════════════════════════════════════════════════
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;AAEH,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E,+CAA6C;AAApC,4GAAA,YAAY,OAAA;AAErB,yCAAuC;AAA9B,sGAAA,SAAS,OAAA;AAElB,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,+CAAgD;AAAvC,+GAAA,eAAe,OAAA;AAkBxB,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,2CAAwB;AAExB,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E,6CAA0B;AAE1B,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,2CAAwB;AAExB,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,wDAAsD;AAA7C,4GAAA,YAAY,OAAA;AAGrB,4EAA0E;AAAjE,gIAAA,sBAAsB,OAAA;AAG/B,0EAA8F;AAArF,8HAAA,qBAAqB,OAAA;AAAE,6HAAA,oBAAoB,OAAA;AAQpD,sEAAoE;AAA3D,0HAAA,mBAAmB,OAAA;AAQ5B,8EAA8E;AAC9E,kCAAkC;AAClC,8EAA8E;AAE9E,wDAAsD;AAA7C,0GAAA,WAAW,OAAA;AAEpB,gEAA8D;AAArD,kHAAA,eAAe,OAAA;AAExB,8EAA4E;AAAnE,gIAAA,sBAAsB,OAAA;AAO/B,sFAAoF;AAA3E,wIAAA,0BAA0B,OAAA;AAEnC,kEAAgE;AAAvD,oHAAA,gBAAgB,OAAA;AAOzB,0EAAwE;AAA/D,4HAAA,oBAAoB,OAAA;AAE7B,8EAA8E;AAC9E,8BAA8B;AAC9B,8EAA8E;AAE9E,yDA2CkC;AA1ChC,8GAAA,eAAe,OAAA;AACf,OAAO;AACP,4GAAA,aAAa,OAAA;AACb,4GAAA,aAAa,OAAA;AACb,6GAAA,cAAc,OAAA;AACd,6GAAA,cAAc,OAAA;AACd,MAAM;AACN,iHAAA,kBAAkB,OAAA;AAClB,6GAAA,cAAc,OAAA;AACd,6GAAA,cAAc,OAAA;AACd,yGAAA,UAAU,OAAA;AACV,2GAAA,YAAY,OAAA;AACZ,MAAM;AACN,yGAAA,UAAU,OAAA;AACV,uGAAA,QAAQ,OAAA;AACR,wGAAA,SAAS,OAAA;AACT,wGAAA,SAAS,OAAA;AACT,iHAAA,kBAAkB,OAAA;AAClB,SAAS;AACT,0GAAA,WAAW,OAAA;AACX,gHAAA,iBAAiB,OAAA;AACjB,iHAAA,kBAAkB,OAAA;AAClB,yHAAA,0BAA0B,OAAA;AAC1B,0GAAA,WAAW,OAAA;AACX,YAAY;AACZ,0GAAA,WAAW,OAAA;AACX,0GAAA,WAAW,OAAA;AACX,kHAAA,mBAAmB,OAAA;AACnB,mHAAA,oBAAoB,OAAA;AACpB,4GAAA,aAAa,OAAA;AACb,kHAAA,mBAAmB,OAAA;AACnB,qGAAA,MAAM,OAAA;AACN,yGAAA,UAAU,OAAA;AACV,6GAAA,cAAc,OAAA;AACd,6GAAA,cAAc,OAAA;AACd,0GAAA,WAAW,OAAA;AACX,4GAAA,aAAa,OAAA;AACb,oGAAA,KAAK,OAAA;AACL,sGAAA,OAAO,OAAA;AACP,2GAAA,YAAY,OAAA;AACZ,2GAAA,YAAY,OAAA;AACZ,2GAAA,YAAY,OAAA"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import type { TagsBase, RecordTags } from '@credo-ts/core';
|
|
2
|
+
import { BaseRecord } from '@credo-ts/core';
|
|
3
|
+
export type CustomKemKeypairTags = TagsBase;
|
|
4
|
+
export type DefaultKemKeypairTags = {
|
|
5
|
+
connectionId: string;
|
|
6
|
+
kid: string;
|
|
7
|
+
};
|
|
8
|
+
export type KemKeypairTags = RecordTags<KemKeypairRecord>;
|
|
9
|
+
export interface KemKeypairRecordProps {
|
|
10
|
+
id?: string;
|
|
11
|
+
createdAt?: Date;
|
|
12
|
+
tags?: CustomKemKeypairTags;
|
|
13
|
+
connectionId: string;
|
|
14
|
+
kid: string;
|
|
15
|
+
publicKey: string;
|
|
16
|
+
secretKey: string;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Database record for a local ML-KEM keypair
|
|
20
|
+
*
|
|
21
|
+
* Stores the full keypair (including secret key) for vault decryption.
|
|
22
|
+
* Indexed by connectionId and kid for efficient lookups.
|
|
23
|
+
*/
|
|
24
|
+
export declare class KemKeypairRecord extends BaseRecord<DefaultKemKeypairTags, CustomKemKeypairTags> {
|
|
25
|
+
/** Connection this keypair is associated with */
|
|
26
|
+
connectionId: string;
|
|
27
|
+
/** Key identifier (derived from public key hash) */
|
|
28
|
+
kid: string;
|
|
29
|
+
/** Base64url-encoded ML-KEM public key (1184 bytes for ML-KEM-768) */
|
|
30
|
+
publicKey: string;
|
|
31
|
+
/** Base64url-encoded ML-KEM secret key (2400 bytes for ML-KEM-768) */
|
|
32
|
+
secretKey: string;
|
|
33
|
+
static readonly type = "KemKeypairRecord";
|
|
34
|
+
readonly type = "KemKeypairRecord";
|
|
35
|
+
constructor(props: KemKeypairRecordProps);
|
|
36
|
+
getTags(): DefaultKemKeypairTags & CustomKemKeypairTags;
|
|
37
|
+
}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.KemKeypairRecord = void 0;
|
|
4
|
+
const core_1 = require("@credo-ts/core");
|
|
5
|
+
/**
|
|
6
|
+
* Database record for a local ML-KEM keypair
|
|
7
|
+
*
|
|
8
|
+
* Stores the full keypair (including secret key) for vault decryption.
|
|
9
|
+
* Indexed by connectionId and kid for efficient lookups.
|
|
10
|
+
*/
|
|
11
|
+
class KemKeypairRecord extends core_1.BaseRecord {
|
|
12
|
+
constructor(props) {
|
|
13
|
+
super();
|
|
14
|
+
this.type = KemKeypairRecord.type;
|
|
15
|
+
if (props) {
|
|
16
|
+
this.id = props.id ?? core_1.utils.uuid();
|
|
17
|
+
this.createdAt = props.createdAt ?? new Date();
|
|
18
|
+
this.connectionId = props.connectionId;
|
|
19
|
+
this.kid = props.kid;
|
|
20
|
+
this.publicKey = props.publicKey;
|
|
21
|
+
this.secretKey = props.secretKey;
|
|
22
|
+
this._tags = props.tags ?? {};
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
getTags() {
|
|
26
|
+
return {
|
|
27
|
+
...this._tags,
|
|
28
|
+
connectionId: this.connectionId,
|
|
29
|
+
kid: this.kid,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
exports.KemKeypairRecord = KemKeypairRecord;
|
|
34
|
+
KemKeypairRecord.type = 'KemKeypairRecord';
|
|
35
|
+
//# sourceMappingURL=KemKeypairRecord.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"KemKeypairRecord.js","sourceRoot":"","sources":["../../src/repository/KemKeypairRecord.ts"],"names":[],"mappings":";;;AAEA,yCAAkD;AAsBlD;;;;;GAKG;AACH,MAAa,gBAAiB,SAAQ,iBAAuD;IAgB3F,YAAmB,KAA4B;QAC7C,KAAK,EAAE,CAAA;QAHO,SAAI,GAAG,gBAAgB,CAAC,IAAI,CAAA;QAK1C,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,EAAE,IAAI,YAAK,CAAC,IAAI,EAAE,CAAA;YAClC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAA;YAC9C,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,CAAA;YACtC,IAAI,CAAC,GAAG,GAAG,KAAK,CAAC,GAAG,CAAA;YACpB,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAA;YAChC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAA;YAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,IAAI,EAAE,CAAA;QAC/B,CAAC;IACH,CAAC;IAEM,OAAO;QACZ,OAAO;YACL,GAAG,IAAI,CAAC,KAAK;YACb,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,GAAG,EAAE,IAAI,CAAC,GAAG;SACd,CAAA;IACH,CAAC;;AApCH,4CAqCC;AAxBwB,qBAAI,GAAG,kBAAkB,AAArB,CAAqB"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { AgentContext } from '@credo-ts/core';
|
|
2
|
+
import { EventEmitter, Repository, StorageService } from '@credo-ts/core';
|
|
3
|
+
import { KemKeypairRecord } from './KemKeypairRecord';
|
|
4
|
+
export declare class KemKeypairRepository extends Repository<KemKeypairRecord> {
|
|
5
|
+
constructor(storageService: StorageService<KemKeypairRecord>, eventEmitter: EventEmitter);
|
|
6
|
+
/**
|
|
7
|
+
* Find keypair by connection ID (returns first match)
|
|
8
|
+
*/
|
|
9
|
+
findByConnectionId(agentContext: AgentContext, connectionId: string): Promise<KemKeypairRecord | null>;
|
|
10
|
+
/**
|
|
11
|
+
* Find keypair by key identifier (kid)
|
|
12
|
+
*/
|
|
13
|
+
findByKid(agentContext: AgentContext, kid: string): Promise<KemKeypairRecord | null>;
|
|
14
|
+
/**
|
|
15
|
+
* Delete all keypairs for a connection
|
|
16
|
+
*/
|
|
17
|
+
deleteByConnectionId(agentContext: AgentContext, connectionId: string): Promise<void>;
|
|
18
|
+
}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
+
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.KemKeypairRepository = void 0;
|
|
16
|
+
const core_1 = require("@credo-ts/core");
|
|
17
|
+
const KemKeypairRecord_1 = require("./KemKeypairRecord");
|
|
18
|
+
let KemKeypairRepository = class KemKeypairRepository extends core_1.Repository {
|
|
19
|
+
constructor(storageService, eventEmitter) {
|
|
20
|
+
super(KemKeypairRecord_1.KemKeypairRecord, storageService, eventEmitter);
|
|
21
|
+
}
|
|
22
|
+
/**
|
|
23
|
+
* Find keypair by connection ID (returns first match)
|
|
24
|
+
*/
|
|
25
|
+
async findByConnectionId(agentContext, connectionId) {
|
|
26
|
+
return this.findSingleByQuery(agentContext, { connectionId });
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Find keypair by key identifier (kid)
|
|
30
|
+
*/
|
|
31
|
+
async findByKid(agentContext, kid) {
|
|
32
|
+
return this.findSingleByQuery(agentContext, { kid });
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Delete all keypairs for a connection
|
|
36
|
+
*/
|
|
37
|
+
async deleteByConnectionId(agentContext, connectionId) {
|
|
38
|
+
const records = await this.findByQuery(agentContext, { connectionId });
|
|
39
|
+
for (const record of records) {
|
|
40
|
+
await this.delete(agentContext, record);
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
};
|
|
44
|
+
exports.KemKeypairRepository = KemKeypairRepository;
|
|
45
|
+
exports.KemKeypairRepository = KemKeypairRepository = __decorate([
|
|
46
|
+
(0, core_1.injectable)(),
|
|
47
|
+
__param(0, (0, core_1.inject)(core_1.InjectionSymbols.StorageService)),
|
|
48
|
+
__metadata("design:paramtypes", [Object, core_1.EventEmitter])
|
|
49
|
+
], KemKeypairRepository);
|
|
50
|
+
//# sourceMappingURL=KemKeypairRepository.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"KemKeypairRepository.js","sourceRoot":"","sources":["../../src/repository/KemKeypairRepository.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAEA,yCAA+G;AAE/G,yDAAqD;AAG9C,IAAM,oBAAoB,GAA1B,MAAM,oBAAqB,SAAQ,iBAA4B;IACpE,YAC2C,cAAgD,EACzF,YAA0B;QAE1B,KAAK,CAAC,mCAAgB,EAAE,cAAc,EAAE,YAAY,CAAC,CAAA;IACvD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,kBAAkB,CAC7B,YAA0B,EAC1B,YAAoB;QAEpB,OAAO,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,EAAE,YAAY,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,YAA0B,EAAE,GAAW;QAC5D,OAAO,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;IACtD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,oBAAoB,CAAC,YAA0B,EAAE,YAAoB;QAChF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,YAAY,EAAE,CAAC,CAAA;QACtE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;CACF,CAAA;AAlCY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,iBAAU,GAAE;IAGR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,cAAc,CAAC,CAAA;6CAC1B,mBAAY;GAHjB,oBAAoB,CAkChC"}
|
|
@@ -4,3 +4,6 @@ export { VaultRepository } from './VaultRepository';
|
|
|
4
4
|
export { ThresholdSessionRecord } from './ThresholdSessionRecord';
|
|
5
5
|
export type { ThresholdSessionRecordProps, ThresholdSessionTags, DefaultThresholdSessionTags, CustomThresholdSessionTags, ThresholdSessionStatus, CollectedShare, } from './ThresholdSessionRecord';
|
|
6
6
|
export { ThresholdSessionRepository } from './ThresholdSessionRepository';
|
|
7
|
+
export { KemKeypairRecord } from './KemKeypairRecord';
|
|
8
|
+
export type { KemKeypairRecordProps, KemKeypairTags, DefaultKemKeypairTags, CustomKemKeypairTags, } from './KemKeypairRecord';
|
|
9
|
+
export { KemKeypairRepository } from './KemKeypairRepository';
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.ThresholdSessionRepository = exports.ThresholdSessionRecord = exports.VaultRepository = exports.VaultRecord = void 0;
|
|
3
|
+
exports.KemKeypairRepository = exports.KemKeypairRecord = exports.ThresholdSessionRepository = exports.ThresholdSessionRecord = exports.VaultRepository = exports.VaultRecord = void 0;
|
|
4
4
|
// Vault storage
|
|
5
5
|
var VaultRecord_1 = require("./VaultRecord");
|
|
6
6
|
Object.defineProperty(exports, "VaultRecord", { enumerable: true, get: function () { return VaultRecord_1.VaultRecord; } });
|
|
@@ -11,4 +11,9 @@ var ThresholdSessionRecord_1 = require("./ThresholdSessionRecord");
|
|
|
11
11
|
Object.defineProperty(exports, "ThresholdSessionRecord", { enumerable: true, get: function () { return ThresholdSessionRecord_1.ThresholdSessionRecord; } });
|
|
12
12
|
var ThresholdSessionRepository_1 = require("./ThresholdSessionRepository");
|
|
13
13
|
Object.defineProperty(exports, "ThresholdSessionRepository", { enumerable: true, get: function () { return ThresholdSessionRepository_1.ThresholdSessionRepository; } });
|
|
14
|
+
// KEM keypair storage
|
|
15
|
+
var KemKeypairRecord_1 = require("./KemKeypairRecord");
|
|
16
|
+
Object.defineProperty(exports, "KemKeypairRecord", { enumerable: true, get: function () { return KemKeypairRecord_1.KemKeypairRecord; } });
|
|
17
|
+
var KemKeypairRepository_1 = require("./KemKeypairRepository");
|
|
18
|
+
Object.defineProperty(exports, "KemKeypairRepository", { enumerable: true, get: function () { return KemKeypairRepository_1.KemKeypairRepository; } });
|
|
14
19
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/repository/index.ts"],"names":[],"mappings":";;;AAAA,gBAAgB;AAChB,6CAA2C;AAAlC,0GAAA,WAAW,OAAA;AAEpB,qDAAmD;AAA1C,kHAAA,eAAe,OAAA;AAExB,4BAA4B;AAC5B,mEAAiE;AAAxD,gIAAA,sBAAsB,OAAA;AAS/B,2EAAyE;AAAhE,wIAAA,0BAA0B,OAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/repository/index.ts"],"names":[],"mappings":";;;AAAA,gBAAgB;AAChB,6CAA2C;AAAlC,0GAAA,WAAW,OAAA;AAEpB,qDAAmD;AAA1C,kHAAA,eAAe,OAAA;AAExB,4BAA4B;AAC5B,mEAAiE;AAAxD,gIAAA,sBAAsB,OAAA;AAS/B,2EAAyE;AAAhE,wIAAA,0BAA0B,OAAA;AAEnC,sBAAsB;AACtB,uDAAqD;AAA5C,oHAAA,gBAAgB,OAAA;AAOzB,+DAA6D;AAApD,4HAAA,oBAAoB,OAAA"}
|
|
@@ -20,6 +20,7 @@
|
|
|
20
20
|
import type { AgentContext, Logger } from '@credo-ts/core';
|
|
21
21
|
import { ConnectionRepository } from '@credo-ts/core';
|
|
22
22
|
import { HPKEService } from './HPKEService';
|
|
23
|
+
import { KemKeypairRepository } from '../repository/KemKeypairRepository';
|
|
23
24
|
/**
|
|
24
25
|
* ML-KEM keypair with derived key ID
|
|
25
26
|
*/
|
|
@@ -79,7 +80,8 @@ export declare class KemKeyExchangeService {
|
|
|
79
80
|
private logger;
|
|
80
81
|
private connectionRepository;
|
|
81
82
|
private hpkeService;
|
|
82
|
-
|
|
83
|
+
private kemKeypairRepository;
|
|
84
|
+
constructor(logger: Logger, connectionRepository: ConnectionRepository, hpkeService: HPKEService, kemKeypairRepository: KemKeypairRepository);
|
|
83
85
|
/**
|
|
84
86
|
* Generate a new ML-KEM-768 keypair
|
|
85
87
|
*
|
|
@@ -140,4 +142,66 @@ export declare class KemKeyExchangeService {
|
|
|
140
142
|
* @returns True if peer has KEM key stored
|
|
141
143
|
*/
|
|
142
144
|
hasPeerKemKey(agentContext: AgentContext, connectionId: string): Promise<boolean>;
|
|
145
|
+
/**
|
|
146
|
+
* Store a local KEM keypair (including secret key) for a connection
|
|
147
|
+
*
|
|
148
|
+
* Call this after generateKemKeypair() to persist the keypair so it can
|
|
149
|
+
* be retrieved later for vault decryption.
|
|
150
|
+
*
|
|
151
|
+
* @param agentContext - Agent context
|
|
152
|
+
* @param connectionId - Connection to associate the keypair with
|
|
153
|
+
* @param keypair - Full ML-KEM keypair
|
|
154
|
+
*/
|
|
155
|
+
storeLocalKeypair(agentContext: AgentContext, connectionId: string, keypair: KemKeypairWithKid): Promise<void>;
|
|
156
|
+
/**
|
|
157
|
+
* Get the local KEM keypair for a connection
|
|
158
|
+
*
|
|
159
|
+
* @param agentContext - Agent context
|
|
160
|
+
* @param connectionId - Connection record ID
|
|
161
|
+
* @returns Full keypair including secret key, or null if not found
|
|
162
|
+
*/
|
|
163
|
+
getLocalKeypair(agentContext: AgentContext, connectionId: string): Promise<KemKeypairWithKid | null>;
|
|
164
|
+
/**
|
|
165
|
+
* Find a local keypair by its key identifier (kid)
|
|
166
|
+
*
|
|
167
|
+
* This is the primary lookup used during vault decryption: extract recipient
|
|
168
|
+
* kids from vault header, then find which local keypair matches.
|
|
169
|
+
*
|
|
170
|
+
* @param agentContext - Agent context
|
|
171
|
+
* @param kid - Key identifier to search for
|
|
172
|
+
* @returns Keypair and associated connectionId, or null
|
|
173
|
+
*/
|
|
174
|
+
findKeypairByKid(agentContext: AgentContext, kid: string): Promise<{
|
|
175
|
+
keypair: KemKeypairWithKid;
|
|
176
|
+
connectionId: string;
|
|
177
|
+
} | null>;
|
|
178
|
+
/**
|
|
179
|
+
* Find a local keypair matching any of the given recipient kids
|
|
180
|
+
*
|
|
181
|
+
* Used to find which local key can decrypt a vault when the vault header
|
|
182
|
+
* lists multiple possible recipients.
|
|
183
|
+
*
|
|
184
|
+
* @param agentContext - Agent context
|
|
185
|
+
* @param kids - Set of key identifiers from vault recipients
|
|
186
|
+
* @returns Matching keypair and connectionId, or null
|
|
187
|
+
*/
|
|
188
|
+
findKeypairByRecipientKids(agentContext: AgentContext, kids: Set<string>): Promise<{
|
|
189
|
+
keypair: KemKeypairWithKid;
|
|
190
|
+
connectionId: string;
|
|
191
|
+
} | null>;
|
|
192
|
+
/**
|
|
193
|
+
* Check if a local keypair exists for a connection
|
|
194
|
+
*
|
|
195
|
+
* @param agentContext - Agent context
|
|
196
|
+
* @param connectionId - Connection record ID
|
|
197
|
+
* @returns True if local keypair exists
|
|
198
|
+
*/
|
|
199
|
+
hasLocalKeypair(agentContext: AgentContext, connectionId: string): Promise<boolean>;
|
|
200
|
+
/**
|
|
201
|
+
* Delete the local keypair for a connection
|
|
202
|
+
*
|
|
203
|
+
* @param agentContext - Agent context
|
|
204
|
+
* @param connectionId - Connection record ID
|
|
205
|
+
*/
|
|
206
|
+
deleteLocalKeypair(agentContext: AgentContext, connectionId: string): Promise<void>;
|
|
143
207
|
}
|
|
@@ -35,6 +35,8 @@ exports.KemKeyExchangeService = exports.KEM_KEY_METADATA_KEY = void 0;
|
|
|
35
35
|
const core_1 = require("@credo-ts/core");
|
|
36
36
|
const VaultCrypto_1 = require("../crypto/wasm/VaultCrypto");
|
|
37
37
|
const HPKEService_1 = require("./HPKEService");
|
|
38
|
+
const KemKeypairRepository_1 = require("../repository/KemKeypairRepository");
|
|
39
|
+
const KemKeypairRecord_1 = require("../repository/KemKeypairRecord");
|
|
38
40
|
/**
|
|
39
41
|
* Connection metadata key for ML-KEM keys
|
|
40
42
|
*/
|
|
@@ -43,10 +45,11 @@ exports.KEM_KEY_METADATA_KEY = 'vaults/kem-key';
|
|
|
43
45
|
// Service
|
|
44
46
|
// ═══════════════════════════════════════════════════════════════════════════
|
|
45
47
|
let KemKeyExchangeService = class KemKeyExchangeService {
|
|
46
|
-
constructor(logger, connectionRepository, hpkeService) {
|
|
48
|
+
constructor(logger, connectionRepository, hpkeService, kemKeypairRepository) {
|
|
47
49
|
this.logger = logger;
|
|
48
50
|
this.connectionRepository = connectionRepository;
|
|
49
51
|
this.hpkeService = hpkeService;
|
|
52
|
+
this.kemKeypairRepository = kemKeypairRepository;
|
|
50
53
|
}
|
|
51
54
|
/**
|
|
52
55
|
* Generate a new ML-KEM-768 keypair
|
|
@@ -192,12 +195,129 @@ let KemKeyExchangeService = class KemKeyExchangeService {
|
|
|
192
195
|
const keyInfo = await this.getPeerKemKey(agentContext, connectionId);
|
|
193
196
|
return keyInfo !== null;
|
|
194
197
|
}
|
|
198
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
199
|
+
// Local Keypair Storage
|
|
200
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
201
|
+
/**
|
|
202
|
+
* Store a local KEM keypair (including secret key) for a connection
|
|
203
|
+
*
|
|
204
|
+
* Call this after generateKemKeypair() to persist the keypair so it can
|
|
205
|
+
* be retrieved later for vault decryption.
|
|
206
|
+
*
|
|
207
|
+
* @param agentContext - Agent context
|
|
208
|
+
* @param connectionId - Connection to associate the keypair with
|
|
209
|
+
* @param keypair - Full ML-KEM keypair
|
|
210
|
+
*/
|
|
211
|
+
async storeLocalKeypair(agentContext, connectionId, keypair) {
|
|
212
|
+
this.logger.debug(`Storing local KEM keypair for connection ${connectionId}: kid=${keypair.kid.substring(0, 20)}...`);
|
|
213
|
+
// Check for existing keypair on this connection
|
|
214
|
+
const existing = await this.kemKeypairRepository.findByConnectionId(agentContext, connectionId);
|
|
215
|
+
if (existing) {
|
|
216
|
+
this.logger.debug(`Updating existing keypair for connection ${connectionId}`);
|
|
217
|
+
existing.kid = keypair.kid;
|
|
218
|
+
existing.publicKey = (0, VaultCrypto_1.toBase64Url)(keypair.publicKey);
|
|
219
|
+
existing.secretKey = (0, VaultCrypto_1.toBase64Url)(keypair.secretKey);
|
|
220
|
+
await this.kemKeypairRepository.update(agentContext, existing);
|
|
221
|
+
return;
|
|
222
|
+
}
|
|
223
|
+
const record = new KemKeypairRecord_1.KemKeypairRecord({
|
|
224
|
+
connectionId,
|
|
225
|
+
kid: keypair.kid,
|
|
226
|
+
publicKey: (0, VaultCrypto_1.toBase64Url)(keypair.publicKey),
|
|
227
|
+
secretKey: (0, VaultCrypto_1.toBase64Url)(keypair.secretKey),
|
|
228
|
+
});
|
|
229
|
+
await this.kemKeypairRepository.save(agentContext, record);
|
|
230
|
+
this.logger.info(`Stored local KEM keypair for connection ${connectionId}`);
|
|
231
|
+
}
|
|
232
|
+
/**
|
|
233
|
+
* Get the local KEM keypair for a connection
|
|
234
|
+
*
|
|
235
|
+
* @param agentContext - Agent context
|
|
236
|
+
* @param connectionId - Connection record ID
|
|
237
|
+
* @returns Full keypair including secret key, or null if not found
|
|
238
|
+
*/
|
|
239
|
+
async getLocalKeypair(agentContext, connectionId) {
|
|
240
|
+
const record = await this.kemKeypairRepository.findByConnectionId(agentContext, connectionId);
|
|
241
|
+
if (!record) {
|
|
242
|
+
return null;
|
|
243
|
+
}
|
|
244
|
+
return {
|
|
245
|
+
kid: record.kid,
|
|
246
|
+
publicKey: (0, VaultCrypto_1.fromBase64Url)(record.publicKey),
|
|
247
|
+
secretKey: (0, VaultCrypto_1.fromBase64Url)(record.secretKey),
|
|
248
|
+
};
|
|
249
|
+
}
|
|
250
|
+
/**
|
|
251
|
+
* Find a local keypair by its key identifier (kid)
|
|
252
|
+
*
|
|
253
|
+
* This is the primary lookup used during vault decryption: extract recipient
|
|
254
|
+
* kids from vault header, then find which local keypair matches.
|
|
255
|
+
*
|
|
256
|
+
* @param agentContext - Agent context
|
|
257
|
+
* @param kid - Key identifier to search for
|
|
258
|
+
* @returns Keypair and associated connectionId, or null
|
|
259
|
+
*/
|
|
260
|
+
async findKeypairByKid(agentContext, kid) {
|
|
261
|
+
const record = await this.kemKeypairRepository.findByKid(agentContext, kid);
|
|
262
|
+
if (!record) {
|
|
263
|
+
return null;
|
|
264
|
+
}
|
|
265
|
+
return {
|
|
266
|
+
keypair: {
|
|
267
|
+
kid: record.kid,
|
|
268
|
+
publicKey: (0, VaultCrypto_1.fromBase64Url)(record.publicKey),
|
|
269
|
+
secretKey: (0, VaultCrypto_1.fromBase64Url)(record.secretKey),
|
|
270
|
+
},
|
|
271
|
+
connectionId: record.connectionId,
|
|
272
|
+
};
|
|
273
|
+
}
|
|
274
|
+
/**
|
|
275
|
+
* Find a local keypair matching any of the given recipient kids
|
|
276
|
+
*
|
|
277
|
+
* Used to find which local key can decrypt a vault when the vault header
|
|
278
|
+
* lists multiple possible recipients.
|
|
279
|
+
*
|
|
280
|
+
* @param agentContext - Agent context
|
|
281
|
+
* @param kids - Set of key identifiers from vault recipients
|
|
282
|
+
* @returns Matching keypair and connectionId, or null
|
|
283
|
+
*/
|
|
284
|
+
async findKeypairByRecipientKids(agentContext, kids) {
|
|
285
|
+
for (const kid of kids) {
|
|
286
|
+
const result = await this.findKeypairByKid(agentContext, kid);
|
|
287
|
+
if (result) {
|
|
288
|
+
return result;
|
|
289
|
+
}
|
|
290
|
+
}
|
|
291
|
+
return null;
|
|
292
|
+
}
|
|
293
|
+
/**
|
|
294
|
+
* Check if a local keypair exists for a connection
|
|
295
|
+
*
|
|
296
|
+
* @param agentContext - Agent context
|
|
297
|
+
* @param connectionId - Connection record ID
|
|
298
|
+
* @returns True if local keypair exists
|
|
299
|
+
*/
|
|
300
|
+
async hasLocalKeypair(agentContext, connectionId) {
|
|
301
|
+
const record = await this.kemKeypairRepository.findByConnectionId(agentContext, connectionId);
|
|
302
|
+
return record !== null;
|
|
303
|
+
}
|
|
304
|
+
/**
|
|
305
|
+
* Delete the local keypair for a connection
|
|
306
|
+
*
|
|
307
|
+
* @param agentContext - Agent context
|
|
308
|
+
* @param connectionId - Connection record ID
|
|
309
|
+
*/
|
|
310
|
+
async deleteLocalKeypair(agentContext, connectionId) {
|
|
311
|
+
await this.kemKeypairRepository.deleteByConnectionId(agentContext, connectionId);
|
|
312
|
+
this.logger.info(`Deleted local KEM keypair for connection ${connectionId}`);
|
|
313
|
+
}
|
|
195
314
|
};
|
|
196
315
|
exports.KemKeyExchangeService = KemKeyExchangeService;
|
|
197
316
|
exports.KemKeyExchangeService = KemKeyExchangeService = __decorate([
|
|
198
317
|
(0, core_1.injectable)(),
|
|
199
318
|
__param(0, (0, core_1.inject)(core_1.InjectionSymbols.Logger)),
|
|
200
319
|
__metadata("design:paramtypes", [Object, core_1.ConnectionRepository,
|
|
201
|
-
HPKEService_1.HPKEService
|
|
320
|
+
HPKEService_1.HPKEService,
|
|
321
|
+
KemKeypairRepository_1.KemKeypairRepository])
|
|
202
322
|
], KemKeyExchangeService);
|
|
203
323
|
//# sourceMappingURL=KemKeyExchangeService.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"KemKeyExchangeService.js","sourceRoot":"","sources":["../../src/services/KemKeyExchangeService.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;AAIH,yCAA2F;AAE3F,4DAKmC;AACnC,+CAA2C;AA+
|
|
1
|
+
{"version":3,"file":"KemKeyExchangeService.js","sourceRoot":"","sources":["../../src/services/KemKeyExchangeService.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;AAIH,yCAA2F;AAE3F,4DAKmC;AACnC,+CAA2C;AAC3C,6EAAyE;AACzE,qEAAiE;AA+CjE;;GAEG;AACU,QAAA,oBAAoB,GAAG,gBAAgB,CAAA;AAgBpD,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAGvE,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAMhC,YACmC,MAAc,EAC/C,oBAA0C,EAC1C,WAAwB,EACxB,oBAA0C;QAE1C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAA;QAChD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAA;QAC9B,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACI,kBAAkB;QACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAA;QAElD,MAAM,OAAO,GAAG,IAAA,gCAAkB,GAAE,CAAA;QACpC,MAAM,GAAG,GAAG,IAAA,uBAAS,EAAC,OAAO,CAAC,SAAS,CAAC,CAAA;QAExC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;QAElF,OAAO;YACL,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAA;IACH,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,oBAAoB,CAC/B,OAA0B,EAC1B,kBAA8B;QAE9B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;QAEjG,sCAAsC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC;YAC7B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC;SAC1C,CAAC,CAAA;QACF,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QAEtD,gDAAgD;QAChD,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,qBAAqB,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QAExE,qBAAqB;QACrB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,kBAAkB,EAAE,YAAY,EAAE,GAAG,CAAC,CAAA;QAEpF,OAAO;YACL,IAAI,EAAE,qBAAqB;YAC3B,QAAQ,EAAE,iBAAiB;YAC3B,UAAU,EAAE,IAAA,yBAAW,EAAC,MAAM,CAAC,UAAU,CAAC;YAC1C,kBAAkB,EAAE,IAAA,yBAAW,EAAC,MAAM,CAAC,kBAAkB,CAAC;YAC1D,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAA;IACH,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,oBAAoB,CAC/B,QAA8B,EAC9B,kBAA8B;QAE9B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;QAErF,MAAM,UAAU,GAAG,IAAA,2BAAa,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;QACrD,MAAM,kBAAkB,GAAG,IAAA,2BAAa,EAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAA;QAErE,qCAAqC;QACrC,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,qBAAqB,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAA;QAEzE,qBAAqB;QACrB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,kBAAkB,EAAE,UAAU,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;QAEtG,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAGpE,CAAA;QAED,OAAO;YACL,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,IAAA,2BAAa,EAAC,OAAO,CAAC,SAAS,CAAC;YAC3C,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACnC,CAAA;IACH,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,eAAe,CAC1B,YAA0B,EAC1B,YAAoB,EACpB,OAAyB;QAEzB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,YAAY,KAAK,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;QAE5G,wBAAwB;QACxB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAEtF,4BAA4B;QAC5B,MAAM,QAAQ,GAAmB;YAC/B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC;YACzC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvD,CAAA;QAED,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,4BAAoB,EAAE,QAAQ,CAAC,CAAA;QAEvD,kBAAkB;QAClB,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,YAAY,EAAE,UAAU,CAAC,CAAA;QAEhE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,YAAY,EAAE,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,aAAa,CAAC,YAA0B,EAAE,YAAoB;QACzE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0CAA0C,YAAY,EAAE,CAAC,CAAA;QAE3E,wBAAwB;QACxB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAEtF,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,4BAAoB,CAA0B,CAAA;QAEvF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,YAAY,EAAE,CAAC,CAAA;YACzE,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO;YACL,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,SAAS,EAAE,IAAA,2BAAa,EAAC,QAAQ,CAAC,SAAS,CAAC;YAC5C,QAAQ,EAAE,QAAQ,CAAC,QAAQ;SAC5B,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,gBAAgB,CAAC,YAA0B,EAAE,YAAoB;QAC5E,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,YAAY,EAAE,CAAC,CAAA;QAEzE,wBAAwB;QACxB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAEtF,+BAA+B;QAC/B,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,4BAAoB,CAAC,CAAA;QAEhD,kBAAkB;QAClB,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,YAAY,EAAE,UAAU,CAAC,CAAA;QAEhE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uCAAuC,YAAY,EAAE,CAAC,CAAA;IACzE,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,aAAa,CAAC,YAA0B,EAAE,YAAoB;QACzE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QACpE,OAAO,OAAO,KAAK,IAAI,CAAA;IACzB,CAAC;IAED,8EAA8E;IAC9E,wBAAwB;IACxB,8EAA8E;IAE9E;;;;;;;;;OASG;IACI,KAAK,CAAC,iBAAiB,CAC5B,YAA0B,EAC1B,YAAoB,EACpB,OAA0B;QAE1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,YAAY,SAAS,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;QAErH,gDAAgD;QAChD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAC/F,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,YAAY,EAAE,CAAC,CAAA;YAC7E,QAAQ,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;YAC1B,QAAQ,CAAC,SAAS,GAAG,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACnD,QAAQ,CAAC,SAAS,GAAG,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC,CAAA;YACnD,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;YAC9D,OAAM;QACR,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,mCAAgB,CAAC;YAClC,YAAY;YACZ,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC;YACzC,SAAS,EAAE,IAAA,yBAAW,EAAC,OAAO,CAAC,SAAS,CAAC;SAC1C,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAC1D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2CAA2C,YAAY,EAAE,CAAC,CAAA;IAC7E,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,eAAe,CAC1B,YAA0B,EAC1B,YAAoB;QAEpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAC7F,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAA;QACb,CAAC;QACD,OAAO;YACL,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,SAAS,EAAE,IAAA,2BAAa,EAAC,MAAM,CAAC,SAAS,CAAC;YAC1C,SAAS,EAAE,IAAA,2BAAa,EAAC,MAAM,CAAC,SAAS,CAAC;SAC3C,CAAA;IACH,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,gBAAgB,CAC3B,YAA0B,EAC1B,GAAW;QAEX,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;QAC3E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAA;QACb,CAAC;QACD,OAAO;YACL,OAAO,EAAE;gBACP,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,SAAS,EAAE,IAAA,2BAAa,EAAC,MAAM,CAAC,SAAS,CAAC;gBAC1C,SAAS,EAAE,IAAA,2BAAa,EAAC,MAAM,CAAC,SAAS,CAAC;aAC3C;YACD,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAA;IACH,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,0BAA0B,CACrC,YAA0B,EAC1B,IAAiB;QAEjB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;YAC7D,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,MAAM,CAAA;YACf,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,eAAe,CAAC,YAA0B,EAAE,YAAoB;QAC3E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAC7F,OAAO,MAAM,KAAK,IAAI,CAAA;IACxB,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,kBAAkB,CAAC,YAA0B,EAAE,YAAoB;QAC9E,MAAM,IAAI,CAAC,oBAAoB,CAAC,oBAAoB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QAChF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,YAAY,EAAE,CAAC,CAAA;IAC9E,CAAC;CACF,CAAA;AAzVY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,iBAAU,GAAE;IAQR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,MAAM,CAAC,CAAA;6CACV,2BAAoB;QAC7B,yBAAW;QACF,2CAAoB;GAVjC,qBAAqB,CAyVjC"}
|
|
@@ -186,4 +186,31 @@ export declare class VaultSigningService {
|
|
|
186
186
|
* @returns Stored vault record
|
|
187
187
|
*/
|
|
188
188
|
storeReceivedSigningVault(agentContext: AgentContext, message: StoreVaultMessage | VaultDataMessage, senderConnectionId: string): Promise<VaultRecord>;
|
|
189
|
+
/**
|
|
190
|
+
* Resolve the decryption key for a vault
|
|
191
|
+
*
|
|
192
|
+
* Implements the unified KEM key resolution strategy:
|
|
193
|
+
* 1. Extract recipient kids from vault header
|
|
194
|
+
* 2. Search local KEM keypairs for a matching kid (works for both received and owned vaults)
|
|
195
|
+
* 3. Fall back to connection-based lookup via signerConnectionId metadata
|
|
196
|
+
*
|
|
197
|
+
* @param agentContext - Agent context
|
|
198
|
+
* @param vaultId - Vault to find decryption key for
|
|
199
|
+
* @returns Secret key, kid, and connectionId; or null if no matching key found
|
|
200
|
+
*
|
|
201
|
+
* @example
|
|
202
|
+
* ```typescript
|
|
203
|
+
* const key = await vaultSigningService.resolveVaultDecryptionKey(agentContext, vaultId)
|
|
204
|
+
* if (key) {
|
|
205
|
+
* const { document } = await vaultSigningService.openSigningVault(
|
|
206
|
+
* agentContext, vaultRecord, key.secretKey, key.kid
|
|
207
|
+
* )
|
|
208
|
+
* }
|
|
209
|
+
* ```
|
|
210
|
+
*/
|
|
211
|
+
resolveVaultDecryptionKey(agentContext: AgentContext, vaultId: string): Promise<{
|
|
212
|
+
secretKey: Uint8Array;
|
|
213
|
+
kid: string;
|
|
214
|
+
connectionId: string;
|
|
215
|
+
} | null>;
|
|
189
216
|
}
|
|
@@ -421,6 +421,68 @@ let VaultSigningService = class VaultSigningService {
|
|
|
421
421
|
this.logger.info(`Stored received signing vault ${message.vaultId} from ${senderConnectionId}`);
|
|
422
422
|
return record;
|
|
423
423
|
}
|
|
424
|
+
/**
|
|
425
|
+
* Resolve the decryption key for a vault
|
|
426
|
+
*
|
|
427
|
+
* Implements the unified KEM key resolution strategy:
|
|
428
|
+
* 1. Extract recipient kids from vault header
|
|
429
|
+
* 2. Search local KEM keypairs for a matching kid (works for both received and owned vaults)
|
|
430
|
+
* 3. Fall back to connection-based lookup via signerConnectionId metadata
|
|
431
|
+
*
|
|
432
|
+
* @param agentContext - Agent context
|
|
433
|
+
* @param vaultId - Vault to find decryption key for
|
|
434
|
+
* @returns Secret key, kid, and connectionId; or null if no matching key found
|
|
435
|
+
*
|
|
436
|
+
* @example
|
|
437
|
+
* ```typescript
|
|
438
|
+
* const key = await vaultSigningService.resolveVaultDecryptionKey(agentContext, vaultId)
|
|
439
|
+
* if (key) {
|
|
440
|
+
* const { document } = await vaultSigningService.openSigningVault(
|
|
441
|
+
* agentContext, vaultRecord, key.secretKey, key.kid
|
|
442
|
+
* )
|
|
443
|
+
* }
|
|
444
|
+
* ```
|
|
445
|
+
*/
|
|
446
|
+
async resolveVaultDecryptionKey(agentContext, vaultId) {
|
|
447
|
+
this.logger.debug(`Resolving decryption key for vault ${vaultId}`);
|
|
448
|
+
// 1. Get vault record
|
|
449
|
+
const record = await this.vaultRepository.findByVaultId(agentContext, vaultId);
|
|
450
|
+
if (!record) {
|
|
451
|
+
this.logger.debug(`Vault ${vaultId} not found`);
|
|
452
|
+
return null;
|
|
453
|
+
}
|
|
454
|
+
const header = record.header;
|
|
455
|
+
// 2. Try matching by vault recipient kids (primary strategy)
|
|
456
|
+
const recipients = header.recipients || [];
|
|
457
|
+
if (recipients.length > 0) {
|
|
458
|
+
const recipientKids = new Set(recipients.map((r) => r.kid));
|
|
459
|
+
this.logger.debug(`Vault ${vaultId} has ${recipientKids.size} recipient(s), searching local keypairs`);
|
|
460
|
+
const match = await this.kemKeyExchangeService.findKeypairByRecipientKids(agentContext, recipientKids);
|
|
461
|
+
if (match) {
|
|
462
|
+
this.logger.debug(`Found matching local keypair: kid=${match.keypair.kid.substring(0, 20)}...`);
|
|
463
|
+
return {
|
|
464
|
+
secretKey: match.keypair.secretKey,
|
|
465
|
+
kid: match.keypair.kid,
|
|
466
|
+
connectionId: match.connectionId,
|
|
467
|
+
};
|
|
468
|
+
}
|
|
469
|
+
}
|
|
470
|
+
// 3. Fall back to connection-based lookup (for locally-created vaults)
|
|
471
|
+
const signerConnectionId = header.metadata?.signerConnectionId;
|
|
472
|
+
if (signerConnectionId) {
|
|
473
|
+
this.logger.debug(`Trying connection-based lookup for signerConnectionId: ${signerConnectionId}`);
|
|
474
|
+
const keypair = await this.kemKeyExchangeService.getLocalKeypair(agentContext, signerConnectionId);
|
|
475
|
+
if (keypair) {
|
|
476
|
+
return {
|
|
477
|
+
secretKey: keypair.secretKey,
|
|
478
|
+
kid: keypair.kid,
|
|
479
|
+
connectionId: signerConnectionId,
|
|
480
|
+
};
|
|
481
|
+
}
|
|
482
|
+
}
|
|
483
|
+
this.logger.debug(`No decryption key found for vault ${vaultId}`);
|
|
484
|
+
return null;
|
|
485
|
+
}
|
|
424
486
|
};
|
|
425
487
|
exports.VaultSigningService = VaultSigningService;
|
|
426
488
|
exports.VaultSigningService = VaultSigningService = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"VaultSigningService.js","sourceRoot":"","sources":["../../src/services/VaultSigningService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAKA,yCAQuB;AAGvB,qEAAiE;AACjE,mEAA+D;AAE/D,mEAA+D;AAC/D,2DAAuD;AACvD,sCAAsD;AACtD,4DAAgG;AAChG,kDAAiD;AACjD,0CAAwF;AACxF,sEAAsE;AAgEtE,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;;;;;;;;;;;;;GAeG;AAEI,IAAM,mBAAmB,GAAzB,MAAM,mBAAmB;IAI9B,YACmC,MAAc,EACvC,iBAAyC,EACzC,qBAA4C,EAC5C,eAAgC,EAChC,oBAA0C,EAC1C,YAA0B,EAC1B,aAA4B;QAL5B,sBAAiB,GAAjB,iBAAiB,CAAwB;QACzC,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,oBAAe,GAAf,eAAe,CAAiB;QAChC,yBAAoB,GAApB,oBAAoB,CAAsB;QAC1C,iBAAY,GAAZ,YAAY,CAAc;QAC1B,kBAAa,GAAb,aAAa,CAAe;QAEpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;OAEG;IACI,iBAAiB,CAAC,cAAmC;QAC1D,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;IACtC,CAAC;IAED;;OAEG;IACI,kBAAkB;QACvB,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,CAAA;IAC9C,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACI,KAAK,CAAC,kBAAkB,CAC7B,YAA0B,EAC1B,OAAkC;QAElC,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;QAExE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,kBAAkB,EAAE,CAAC,CAAA;QAEhF,oCAAoC;QACpC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAA;QAClG,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,mBAAU,CAClB,uBAAc,CAAC,WAAW,EAC1B,sCAAsC,kBAAkB,4BAA4B,CACrF,CAAA;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAiB;YAC9B,GAAG,EAAE,SAAS,CAAC,GAAG;YAClB,SAAS,EAAE,SAAS,CAAC,SAAS;SAC/B,CAAA;QAED,gCAAgC;QAChC,MAAM,KAAK,GAAG,IAAA,0BAAY,GAAE,CAAA;QAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,KAAK,CAAA;QAExC,4EAA4E;QAC5E,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,SAAS,CAAC,EAAE;YAC7E,KAAK;YACL,OAAO;SACR,CAAC,CAAA;QAEF,mCAAmC;QACnC,KAAK,CAAC,MAAM,CAAC,QAAQ,GAAG;YACtB,GAAG,QAAQ;YACX,YAAY;YACZ,kBAAkB;YAClB,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAA;QAED,iDAAiD;QACjD,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,2CAAsB,CAAC,gBAAgB,CAAA;QAC1F,MAAM,kBAAkB,GACtB,OAAO,CAAC,oBAAoB,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,GAAG,eAAe,CAAC,CAAA;QAE1G,IAAI,gBAAmD,CAAA;QAEvD,IAAI,kBAAkB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,6BAA6B;YAC7B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,OAAO,KAAK,KAAK,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,CAAA;YAEnG,gBAAgB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE;gBAC7E,KAAK;gBACL,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE;oBACR,YAAY;oBACZ,OAAO,EAAE,SAAS;iBACnB;aACF,CAAC,CAAA;YAEF,qBAAqB;YACrB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;gBACnC,IAAI,EAAE,8BAAe,CAAC,eAAe;gBACrC,OAAO,EAAE;oBACP,OAAO;oBACP,KAAK;oBACL,UAAU,EAAE,gBAAgB,CAAC,GAAG;oBAChC,IAAI,EAAE,gBAAgB,CAAC,IAAI;oBAC3B,QAAQ,EAAE,gBAAgB,CAAC,QAAQ;iBACpC;aACF,CAAC,CAAA;YAEF,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,GAAG,gBAAgB,CAAC,IAAI,CAAA;YACzD,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,GAAG,gBAAgB,CAAC,GAAG,CAAA;QACzD,CAAC;QAED,4BAA4B;QAC5B,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO;YACP,KAAK;YACL,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,wDAAwD;YACxD,UAAU,EAAE,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAA,yBAAW,EAAC,KAAK,CAAC,UAAU,CAAC;YACnE,QAAQ,EAAE,YAAY,CAAC,oBAAoB;YAC3C,gBAAgB;SACjB,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,gBAAgB;QAChB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,YAAY;YAClC,OAAO,EAAE;gBACP,OAAO;gBACP,KAAK;gBACL,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,SAAS;gBAClB,kBAAkB;aACnB;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yBAAyB,OAAO,eAAe,kBAAkB,uBAAuB,kBAAkB,GAAG,CAC9G,CAAA;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,CAAA;IAC9F,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACI,KAAK,CAAC,gBAAgB,CAC3B,YAA0B,EAC1B,SAAyC,EACzC,SAAqB,EACrB,GAAW;QAEX,IAAI,MAAmB,CAAA;QACvB,IAAI,UAAsB,CAAA;QAE1B,IAAI,SAAS,YAAY,2BAAgB,EAAE,CAAC;YAC1C,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;YACzB,UAAU,GAAG,IAAA,2BAAa,EAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAClD,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;YACzB,UAAU,GAAG,IAAA,2BAAa,EAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAClD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAA;QAE5D,8BAA8B;QAC9B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;QAElG,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,OAAO,EAAE,SAAS;aACnB;SACF,CAAC,CAAA;QAEF,OAAO;YACL,QAAQ;YACR,MAAM;YACN,YAAY,EAAE,MAAM,CAAC,QAAQ,EAAE,YAAY;SAC5C,CAAA;IACH,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,iBAAiB,CAC5B,YAA0B,EAC1B,OAAe,EACf,YAAoB,EACpB,OAKC;QAED,mBAAmB;QACnB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;QAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,mBAAU,CAAC,uBAAc,CAAC,SAAS,EAAE,oBAAoB,OAAO,EAAE,CAAC,CAAA;QAC/E,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QACvF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,mBAAU,CAAC,uBAAc,CAAC,SAAS,EAAE,yBAAyB,YAAY,EAAE,CAAC,CAAA;QACzF,CAAC;QAED,IAAI,OAAkD,CAAA;QAEtD,0DAA0D;QAC1D,IAAI,MAAM,CAAC,kBAAkB,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,OAAO,iDAAiD,CAAC,CAAA;YAE5F,IAAI,WAA+B,CAAA;YACnC,IAAI,oBAAwC,CAAA;YAE5C,iFAAiF;YACjF,IAAI,OAAO,EAAE,kBAAkB,IAAI,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,EAAE,CAAC;gBACvE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAC3D,MAAM,CAAC,gBAAgB,EACvB,OAAO,CAAC,iBAAiB,IAAI,IAAI,CAClC,CAAA;gBACD,WAAW,GAAG,OAAO,CAAC,WAAW,CAAA;gBACjC,oBAAoB,GAAG,OAAO,CAAC,SAAS,CAAA;YAC1C,CAAC;YAED,OAAO,GAAG,IAAI,gCAAqB,CAAC;gBAClC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO,EAAE;oBACP,IAAI,EAAE,MAAM,CAAC,gBAAgB,CAAC,IAAI;oBAClC,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,GAAG;oBAChC,QAAQ,EAAE,MAAM,CAAC,gBAAgB,CAAC,QAAQ;oBAC1C,IAAI,EAAE,MAAM,CAAC,gBAAgB,CAAC,IAAI;oBAClC,WAAW,EAAE,MAAM,CAAC,gBAAgB,CAAC,WAAW;oBAChD,WAAW;oBACX,oBAAoB;iBACrB;aACF,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,OAAO,mCAAmC,CAAC,CAAA;YAE9E,OAAO,GAAG,IAAI,4BAAiB,CAAC;gBAC9B,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAA;QACJ,CAAC;QAED,mBAAmB;QACnB,MAAM,eAAe,GAAG,IAAI,6BAAsB,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAA;QACzF,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QAErD,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,UAAU,EAAE,YAAY;gBACxB,WAAW,EAAE,MAAM,CAAC,gBAAgB,EAAE,IAAI;aAC3C;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,wBAAwB,OAAO,oBAAoB,YAAY,eAAe,MAAM,CAAC,kBAAkB,GAAG,CAC3G,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAA0B,EAC1B,OAAoC;QAEpC,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,iBAAiB,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;QAE9F,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,eAAe,EAAE,CAAC,CAAA;QAE3E,mCAAmC;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;QAChG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,mBAAU,CAClB,uBAAc,CAAC,WAAW,EAC1B,sCAAsC,iBAAiB,4BAA4B,CACpF,CAAA;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAiB;YAC9B,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B,CAAA;QAED,gCAAgC;QAChC,MAAM,KAAK,GAAG,IAAA,0BAAY,GAAE,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAA,0BAAY,GAAE,CAAA;QAE9B,4CAA4C;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC,SAAS,CAAC,EAAE;YACnF,KAAK;YACL,OAAO;SACR,CAAC,CAAA;QAEF,mCAAmC;QACnC,KAAK,CAAC,MAAM,CAAC,QAAQ,GAAG;YACtB,GAAG,QAAQ;YACX,YAAY;YACZ,eAAe;YACf,OAAO,EAAE,iBAAiB;YAC1B,QAAQ,EAAE,QAAQ,EAAE,QAAQ,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACzD,CAAA;QAED,4BAA4B;QAC5B,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO;YACP,KAAK;YACL,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,UAAU,EAAE,IAAA,yBAAW,EAAC,KAAK,CAAC,UAAU,CAAC;YACzC,QAAQ,EAAE,YAAY,CAAC,oBAAoB;SAC5C,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,mBAAmB;QACnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;QAC5F,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,IAAI,4BAAiB,CAAC;gBACpC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAA;YAEF,MAAM,eAAe,GAAG,IAAI,6BAAsB,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAA;YACzF,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;QAED,gBAAgB;QAChB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,YAAY;YAClC,OAAO,EAAE;gBACP,OAAO;gBACP,KAAK;gBACL,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,iBAAiB;gBAC1B,eAAe;aAChB;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,OAAO,kBAAkB,iBAAiB,EAAE,CAAC,CAAA;QAEnG,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,yBAAyB,CACpC,YAA0B,EAC1B,OAA6C,EAC7C,kBAA0B;QAE1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;QAEtE,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;QACxF,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,OAAO,CAAC,OAAO,2BAA2B,CAAC,CAAA;YACtE,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;YAChC,QAAQ,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;YACxC,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAA;YAC/B,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;YACzD,OAAO,QAAQ,CAAA;QACjB,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,YAAY,CAAC,oBAAoB;SAC5C,CAAC,CAAA;QAEF,6BAA6B;QAC7B,MAAM,CAAC,MAAM,CAAC,QAAQ,GAAG;YACvB,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,kBAAkB;YAChC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAA;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,QAAQ,EAAE,kBAAkB;aAC7B;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,OAAO,CAAC,OAAO,SAAS,kBAAkB,EAAE,CAAC,CAAA;QAE/F,OAAO,MAAM,CAAA;IACf,CAAC;CACF,CAAA;AAheY,kDAAmB;8BAAnB,mBAAmB;IAD/B,IAAA,iBAAU,GAAE;IAMR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,MAAM,CAAC,CAAA;6CACL,+CAAsB;QAClB,6CAAqB;QAC3B,iCAAe;QACV,2BAAoB;QAC5B,mBAAY;QACX,oBAAa;GAX3B,mBAAmB,CAge/B"}
|
|
1
|
+
{"version":3,"file":"VaultSigningService.js","sourceRoot":"","sources":["../../src/services/VaultSigningService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAKA,yCAQuB;AAGvB,qEAAiE;AACjE,mEAA+D;AAE/D,mEAA+D;AAC/D,2DAAuD;AACvD,sCAAsD;AACtD,4DAAgG;AAChG,kDAAiD;AACjD,0CAAwF;AACxF,sEAAsE;AAgEtE,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;;;;;;;;;;;;;GAeG;AAEI,IAAM,mBAAmB,GAAzB,MAAM,mBAAmB;IAI9B,YACmC,MAAc,EACvC,iBAAyC,EACzC,qBAA4C,EAC5C,eAAgC,EAChC,oBAA0C,EAC1C,YAA0B,EAC1B,aAA4B;QAL5B,sBAAiB,GAAjB,iBAAiB,CAAwB;QACzC,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,oBAAe,GAAf,eAAe,CAAiB;QAChC,yBAAoB,GAApB,oBAAoB,CAAsB;QAC1C,iBAAY,GAAZ,YAAY,CAAc;QAC1B,kBAAa,GAAb,aAAa,CAAe;QAEpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;OAEG;IACI,iBAAiB,CAAC,cAAmC;QAC1D,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;IACtC,CAAC;IAED;;OAEG;IACI,kBAAkB;QACvB,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,CAAA;IAC9C,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACI,KAAK,CAAC,kBAAkB,CAC7B,YAA0B,EAC1B,OAAkC;QAElC,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;QAExE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,kBAAkB,EAAE,CAAC,CAAA;QAEhF,oCAAoC;QACpC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAA;QAClG,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,mBAAU,CAClB,uBAAc,CAAC,WAAW,EAC1B,sCAAsC,kBAAkB,4BAA4B,CACrF,CAAA;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAiB;YAC9B,GAAG,EAAE,SAAS,CAAC,GAAG;YAClB,SAAS,EAAE,SAAS,CAAC,SAAS;SAC/B,CAAA;QAED,gCAAgC;QAChC,MAAM,KAAK,GAAG,IAAA,0BAAY,GAAE,CAAA;QAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,KAAK,CAAA;QAExC,4EAA4E;QAC5E,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,SAAS,CAAC,EAAE;YAC7E,KAAK;YACL,OAAO;SACR,CAAC,CAAA;QAEF,mCAAmC;QACnC,KAAK,CAAC,MAAM,CAAC,QAAQ,GAAG;YACtB,GAAG,QAAQ;YACX,YAAY;YACZ,kBAAkB;YAClB,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAA;QAED,iDAAiD;QACjD,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,2CAAsB,CAAC,gBAAgB,CAAA;QAC1F,MAAM,kBAAkB,GACtB,OAAO,CAAC,oBAAoB,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,GAAG,eAAe,CAAC,CAAA;QAE1G,IAAI,gBAAmD,CAAA;QAEvD,IAAI,kBAAkB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9C,6BAA6B;YAC7B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,OAAO,KAAK,KAAK,CAAC,UAAU,CAAC,MAAM,SAAS,CAAC,CAAA;YAEnG,gBAAgB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,EAAE;gBAC7E,KAAK;gBACL,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE;oBACR,YAAY;oBACZ,OAAO,EAAE,SAAS;iBACnB;aACF,CAAC,CAAA;YAEF,qBAAqB;YACrB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;gBACnC,IAAI,EAAE,8BAAe,CAAC,eAAe;gBACrC,OAAO,EAAE;oBACP,OAAO;oBACP,KAAK;oBACL,UAAU,EAAE,gBAAgB,CAAC,GAAG;oBAChC,IAAI,EAAE,gBAAgB,CAAC,IAAI;oBAC3B,QAAQ,EAAE,gBAAgB,CAAC,QAAQ;iBACpC;aACF,CAAC,CAAA;YAEF,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,GAAG,gBAAgB,CAAC,IAAI,CAAA;YACzD,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,GAAG,gBAAgB,CAAC,GAAG,CAAA;QACzD,CAAC;QAED,4BAA4B;QAC5B,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO;YACP,KAAK;YACL,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,wDAAwD;YACxD,UAAU,EAAE,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAA,yBAAW,EAAC,KAAK,CAAC,UAAU,CAAC;YACnE,QAAQ,EAAE,YAAY,CAAC,oBAAoB;YAC3C,gBAAgB;SACjB,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,gBAAgB;QAChB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,YAAY;YAClC,OAAO,EAAE;gBACP,OAAO;gBACP,KAAK;gBACL,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,SAAS;gBAClB,kBAAkB;aACnB;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yBAAyB,OAAO,eAAe,kBAAkB,uBAAuB,kBAAkB,GAAG,CAC9G,CAAA;QAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,CAAA;IAC9F,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACI,KAAK,CAAC,gBAAgB,CAC3B,YAA0B,EAC1B,SAAyC,EACzC,SAAqB,EACrB,GAAW;QAEX,IAAI,MAAmB,CAAA;QACvB,IAAI,UAAsB,CAAA;QAE1B,IAAI,SAAS,YAAY,2BAAgB,EAAE,CAAC;YAC1C,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;YACzB,UAAU,GAAG,IAAA,2BAAa,EAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAClD,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;YACzB,UAAU,GAAG,IAAA,2BAAa,EAAC,SAAS,CAAC,UAAU,CAAC,CAAA;QAClD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAA;QAE5D,8BAA8B;QAC9B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;QAElG,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,OAAO,EAAE,SAAS;aACnB;SACF,CAAC,CAAA;QAEF,OAAO;YACL,QAAQ;YACR,MAAM;YACN,YAAY,EAAE,MAAM,CAAC,QAAQ,EAAE,YAAY;SAC5C,CAAA;IACH,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,iBAAiB,CAC5B,YAA0B,EAC1B,OAAe,EACf,YAAoB,EACpB,OAKC;QAED,mBAAmB;QACnB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;QAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,mBAAU,CAAC,uBAAc,CAAC,SAAS,EAAE,oBAAoB,OAAO,EAAE,CAAC,CAAA;QAC/E,CAAC;QAED,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;QACvF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,mBAAU,CAAC,uBAAc,CAAC,SAAS,EAAE,yBAAyB,YAAY,EAAE,CAAC,CAAA;QACzF,CAAC;QAED,IAAI,OAAkD,CAAA;QAEtD,0DAA0D;QAC1D,IAAI,MAAM,CAAC,kBAAkB,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;YACzD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,OAAO,iDAAiD,CAAC,CAAA;YAE5F,IAAI,WAA+B,CAAA;YACnC,IAAI,oBAAwC,CAAA;YAE5C,iFAAiF;YACjF,IAAI,OAAO,EAAE,kBAAkB,IAAI,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,EAAE,CAAC;gBACvE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAC3D,MAAM,CAAC,gBAAgB,EACvB,OAAO,CAAC,iBAAiB,IAAI,IAAI,CAClC,CAAA;gBACD,WAAW,GAAG,OAAO,CAAC,WAAW,CAAA;gBACjC,oBAAoB,GAAG,OAAO,CAAC,SAAS,CAAA;YAC1C,CAAC;YAED,OAAO,GAAG,IAAI,gCAAqB,CAAC;gBAClC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO,EAAE;oBACP,IAAI,EAAE,MAAM,CAAC,gBAAgB,CAAC,IAAI;oBAClC,GAAG,EAAE,MAAM,CAAC,gBAAgB,CAAC,GAAG;oBAChC,QAAQ,EAAE,MAAM,CAAC,gBAAgB,CAAC,QAAQ;oBAC1C,IAAI,EAAE,MAAM,CAAC,gBAAgB,CAAC,IAAI;oBAClC,WAAW,EAAE,MAAM,CAAC,gBAAgB,CAAC,WAAW;oBAChD,WAAW;oBACX,oBAAoB;iBACrB;aACF,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,8CAA8C;YAC9C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,OAAO,mCAAmC,CAAC,CAAA;YAE9E,OAAO,GAAG,IAAI,4BAAiB,CAAC;gBAC9B,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAA;QACJ,CAAC;QAED,mBAAmB;QACnB,MAAM,eAAe,GAAG,IAAI,6BAAsB,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAA;QACzF,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QAErD,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,UAAU,EAAE,YAAY;gBACxB,WAAW,EAAE,MAAM,CAAC,gBAAgB,EAAE,IAAI;aAC3C;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,wBAAwB,OAAO,oBAAoB,YAAY,eAAe,MAAM,CAAC,kBAAkB,GAAG,CAC3G,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACI,KAAK,CAAC,oBAAoB,CAC/B,YAA0B,EAC1B,OAAoC;QAEpC,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,iBAAiB,EAAE,YAAY,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAA;QAE9F,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,eAAe,EAAE,CAAC,CAAA;QAE3E,mCAAmC;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;QAChG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,mBAAU,CAClB,uBAAc,CAAC,WAAW,EAC1B,sCAAsC,iBAAiB,4BAA4B,CACpF,CAAA;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAiB;YAC9B,GAAG,EAAE,QAAQ,CAAC,GAAG;YACjB,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B,CAAA;QAED,gCAAgC;QAChC,MAAM,KAAK,GAAG,IAAA,0BAAY,GAAE,CAAA;QAC5B,MAAM,OAAO,GAAG,IAAA,0BAAY,GAAE,CAAA;QAE9B,4CAA4C;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC,SAAS,CAAC,EAAE;YACnF,KAAK;YACL,OAAO;SACR,CAAC,CAAA;QAEF,mCAAmC;QACnC,KAAK,CAAC,MAAM,CAAC,QAAQ,GAAG;YACtB,GAAG,QAAQ;YACX,YAAY;YACZ,eAAe;YACf,OAAO,EAAE,iBAAiB;YAC1B,QAAQ,EAAE,QAAQ,EAAE,QAAQ,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACzD,CAAA;QAED,4BAA4B;QAC5B,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO;YACP,KAAK;YACL,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,UAAU,EAAE,IAAA,yBAAW,EAAC,KAAK,CAAC,UAAU,CAAC;YACzC,QAAQ,EAAE,YAAY,CAAC,oBAAoB;SAC5C,CAAC,CAAA;QAEF,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,mBAAmB;QACnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;QAC5F,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,IAAI,4BAAiB,CAAC;gBACpC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAA;YAEF,MAAM,eAAe,GAAG,IAAI,6BAAsB,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAA;YACzF,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;QAED,gBAAgB;QAChB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,YAAY;YAClC,OAAO,EAAE;gBACP,OAAO;gBACP,KAAK;gBACL,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,iBAAiB;gBAC1B,eAAe;aAChB;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,OAAO,kBAAkB,iBAAiB,EAAE,CAAC,CAAA;QAEnG,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,KAAK,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,yBAAyB,CACpC,YAA0B,EAC1B,OAA6C,EAC7C,kBAA0B;QAE1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAA;QAEtE,gCAAgC;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;QACxF,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,OAAO,CAAC,OAAO,2BAA2B,CAAC,CAAA;YACtE,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;YAChC,QAAQ,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;YACxC,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAA;YAC/B,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;YACzD,OAAO,QAAQ,CAAA;QACjB,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,IAAI,yBAAW,CAAC;YAC7B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,YAAY,CAAC,oBAAoB;SAC5C,CAAC,CAAA;QAEF,6BAA6B;QAC7B,MAAM,CAAC,MAAM,CAAC,QAAQ,GAAG;YACvB,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,kBAAkB;YAChC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAA;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;QAErD,aAAa;QACb,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE;YACnC,IAAI,EAAE,8BAAe,CAAC,WAAW;YACjC,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,QAAQ,EAAE,kBAAkB;aAC7B;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,OAAO,CAAC,OAAO,SAAS,kBAAkB,EAAE,CAAC,CAAA;QAE/F,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACI,KAAK,CAAC,yBAAyB,CACpC,YAA0B,EAC1B,OAAe;QAEf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,OAAO,EAAE,CAAC,CAAA;QAElE,sBAAsB;QACtB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,YAAY,EAAE,OAAO,CAAC,CAAA;QAC9E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,OAAO,YAAY,CAAC,CAAA;YAC/C,OAAO,IAAI,CAAA;QACb,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;QAE5B,6DAA6D;QAC7D,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,EAAE,CAAA;QAC1C,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,GAAa,CAAC,CAAC,CAAA;YAC1E,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,OAAO,QAAQ,aAAa,CAAC,IAAI,yCAAyC,CAAC,CAAA;YAEtG,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,0BAA0B,CAAC,YAAY,EAAE,aAAa,CAAC,CAAA;YACtG,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAA;gBAC/F,OAAO;oBACL,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,SAAS;oBAClC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG;oBACtB,YAAY,EAAE,KAAK,CAAC,YAAY;iBACjC,CAAA;YACH,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,EAAE,kBAAwC,CAAA;QACpF,IAAI,kBAAkB,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0DAA0D,kBAAkB,EAAE,CAAC,CAAA;YACjG,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,eAAe,CAAC,YAAY,EAAE,kBAAkB,CAAC,CAAA;YAClG,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO;oBACL,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,YAAY,EAAE,kBAAkB;iBACjC,CAAA;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,OAAO,EAAE,CAAC,CAAA;QACjE,OAAO,IAAI,CAAA;IACb,CAAC;CACF,CAAA;AAxiBY,kDAAmB;8BAAnB,mBAAmB;IAD/B,IAAA,iBAAU,GAAE;IAMR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,MAAM,CAAC,CAAA;6CACL,+CAAsB;QAClB,6CAAqB;QAC3B,iCAAe;QACV,2BAAoB;QAC5B,mBAAY;QACX,oBAAa;GAX3B,mBAAmB,CAwiB/B"}
|