@angular-helpers/security 21.0.2 → 21.0.4

package/README.es.md

@@ -0,0 +1,171 @@
+[Read in English](./README.md)
+
+🌐 **Documentación y Demo**: https://gaspar1992.github.io/angular-helpers/
+
+# Angular Security Helpers
+
+Paquete de seguridad para aplicaciones Angular que previene ataques comunes como ReDoS (Regular Expression Denial of Service) usando Web Workers para ejecución segura.
+
+## 🛡️ Características
+
+### **Prevención de ReDoS**
+
+- **Ejecución en Web Worker**: Las expresiones regulares se ejecutan en un hilo separado.
+- **Timeout Configurable**: Previene ejecuciones infinitas.
+- **Análisis de Complejidad**: Detecta patrones peligrosos antes de la ejecución.
+- **Modo Seguro**: Solo permite patrones verificados como seguros.
+
+### **Web Crypto API**
+
+- **Cifrado/Descifrado**: Soporte AES-GCM para manejo seguro de datos
+- **Hashing**: SHA-256 y otros algoritmos
+- **Gestión de Claves**: Generar, importar y exportar claves criptográficas
+- **Aleatorio Seguro**: Valores aleatorios criptográficamente seguros
+
+### **Patrón Builder**
+
+- **API Fluida**: Construye expresiones regulares de forma intuitiva.
+- **Encadenamiento de Métodos**: `.pattern().group().quantifier()`
+- **Validación en Tiempo Real**: Análisis de seguridad durante la construcción.
+
+## 📦 Instalación
+
+```bash
+npm install @angular-helpers/security
+```
+
+## 🚀 Uso Básico
+
+### **Configuración**
+
+```typescript
+import { provideSecurity } from '@angular-helpers/security';
+
+bootstrapApplication(AppComponent, {
+  providers: [
+    provideSecurity({
+      enableRegexSecurity: true,
+      defaultTimeout: 5000,
+      safeMode: false,
+    }),
+  ],
+});
+```
+
+### **Inyección de Servicios**
+
+```typescript
+import { RegexSecurityService } from '@angular-helpers/security';
+
+export class MyComponent {
+  private securityService = inject(RegexSecurityService);
+
+  async validateInput() {
+    const pattern = '(.+)+'; // Patrón potencialmente peligroso
+    const text = 'texto de prueba';
+
+    try {
+      const result = await this.securityService.testRegex(pattern, text, {
+        timeout: 5000,
+        safeMode: true,
+      });
+
+      console.log('Coincidencia:', result.match);
+      console.log('Tiempo de ejecución:', result.executionTime);
+    } catch (error) {
+      console.error('Error de validación:', error);
+    }
+  }
+}
+```
+
+### **Uso del Builder**
+
+```typescript
+import { RegexSecurityService } from '@angular-helpers/security';
+
+const { pattern, security } = RegexSecurityService.builder()
+  .startOfLine()
+  .characterSet('0-9')
+  .quantifier('+')
+  .endOfLine()
+  .timeout(3000)
+  .safeMode()
+  .build();
+
+// Ejecutar usando el servicio
+const result = await RegexSecurityService.builder()
+  .pattern('\\d+')
+  .timeout(3000)
+  .execute('12345', this.securityService);
+```
+
+### **WebCryptoService**
+
+```typescript
+import { WebCryptoService } from '@angular-helpers/security';
+
+export class SecureStorageComponent {
+  private cryptoService = inject(WebCryptoService);
+
+  async hashPassword(password: string): Promise<string> {
+    return await this.cryptoService.hash(password, 'SHA-256');
+  }
+
+  async encryptData(
+    data: string,
+  ): Promise<{ ciphertext: ArrayBuffer; iv: Uint8Array; key: CryptoKey }> {
+    const key = await this.cryptoService.generateAesKey(256);
+    const { ciphertext, iv } = await this.cryptoService.encryptAes(key, data);
+    return { ciphertext, iv, key };
+  }
+
+  async decryptData(ciphertext: ArrayBuffer, iv: Uint8Array, key: CryptoKey): Promise<string> {
+    return await this.cryptoService.decryptAes(key, ciphertext, iv);
+  }
+
+  async exportKeyForStorage(key: CryptoKey): Promise<JsonWebKey> {
+    return await this.cryptoService.exportKey(key);
+  }
+
+  async importKeyFromStorage(jwk: JsonWebKey): Promise<CryptoKey> {
+    return await this.cryptoService.importAesKey(jwk);
+  }
+
+  generateSecureToken(length: number = 32): string {
+    const bytes = this.cryptoService.generateRandomBytes(length);
+    return Array.from(bytes)
+      .map((b) => b.toString(16).padStart(2, '0'))
+      .join('');
+  }
+
+  generateUUID(): string {
+    return this.cryptoService.randomUUID();
+  }
+}
+```
+
+## 📊 Niveles de Riesgo
+
+| Nivel          | Descripción          | Acción                                   |
+| -------------- | -------------------- | ---------------------------------------- |
+| 🟢 **Bajo**    | Patrones seguros     | Ejecución normal                         |
+| 🟡 **Medio**   | Posible riesgo       | Advertencia + timeout                    |
+| 🟠 **Alto**    | Riesgo significativo | Timeout estricto + safe mode recomendado |
+| 🔴 **Crítico** | Patrones peligrosos  | Bloqueo por defecto                      |
+
+## 🔧 Configuración Avanzada
+
+```typescript
+provideSecurity({
+  enableRegexSecurity: true,
+  defaultTimeout: 5000,
+  safeMode: false,
+  maxComplexity: 1000,
+  allowCatastrophicPatterns: false,
+});
+```
+
+## 📄 Licencia
+
+MIT

package/README.md

@@ -1,4 +1,6 @@
-[English](README.en.md) | [Español](README.md)
+[Leer en Español](./README.es.md)
+
+🌐 **Documentation & Demo**: https://gaspar1992.github.io/angular-helpers/
 
 # Angular Security Helpers
 
@@ -7,12 +9,21 @@ Security package for Angular applications that prevents common attacks like ReDo
 ## 🛡️ Features
 
 ### **ReDoS Prevention**
+
 - **Web Worker Execution**: Regular expressions are executed in a separate thread.
 - **Configurable Timeout**: Prevents infinite executions.
 - **Complexity Analysis**: Detects dangerous patterns before execution.
 - **Safe Mode**: Only allows patterns verified as safe.
 
+### **Web Crypto API**
+
+- **Encryption/Decryption**: AES-GCM support for secure data handling
+- **Hashing**: SHA-256 and other algorithms
+- **Key Management**: Generate, import, and export cryptographic keys
+- **Secure Random**: Cryptographically secure random values
+
 ### **Builder Pattern**
+
 - **Fluent API**: Intuitively build regular expressions.
 - **Method Chaining**: `.pattern().group().quantifier()`
 - **Real-time Validation**: Security analysis during construction.
@@ -35,20 +46,20 @@ bootstrapApplication(AppComponent, {
     provideSecurity({
       enableRegexSecurity: true,
       defaultTimeout: 5000,
-      safeMode: false
-    })
-  ]
+      safeMode: false,
+    }),
+  ],
 });
 ```
 
 ### **Service Injection**
 
 ```typescript
-import { RegexSecurityService } from '@angular-helpers/security';
+import { RegexSecurityService, inject } from '@angular-helpers/security';
 
 @Component({...})
 export class MyComponent {
-  constructor(private regexSecurity: RegexSecurityService) {}
+  private regexSecurity = inject(RegexSecurityService);
 }
 ```
 
@@ -63,7 +74,7 @@ async testEmail(email: string): Promise<boolean> {
     email,
     { timeout: 3000 }
   );
-  
+
   return result.match;
 }
 ```
@@ -71,11 +82,10 @@ async testEmail(email: string): Promise<boolean> {
 ### **2. Builder Pattern**
 
 ```typescript
-import { RegexSecurityBuilder } from '@angular-helpers/security';
+import { RegexSecurityService } from '@angular-helpers/security';
 
 // Fluent regular expression construction
-const emailRegex = RegexSecurityBuilder
-  .builder()
+const { pattern, security } = RegexSecurityService.builder()
   .startOfLine()
   .characterSet('a-zA-Z0-9._%+-')
   .quantifier('+')
@@ -91,8 +101,7 @@ const emailRegex = RegexSecurityBuilder
   .build();
 
 // Direct execution
-const result = await RegexSecurityBuilder
-  .builder()
+const result = await RegexSecurityService.builder()
   .pattern('^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$')
   .timeout(3000)
   .execute(email, this.regexSecurity);
@@ -103,16 +112,16 @@ const result = await RegexSecurityBuilder
 ```typescript
 async analyzePattern(pattern: string): Promise<void> {
   const analysis = await this.regexSecurity.analyzePatternSecurity(pattern);
-  
+
   if (!analysis.safe) {
     console.warn('⚠️ Pattern not safe:', analysis.warnings);
     console.info('💡 Recommendations:', analysis.recommendations);
-    
+
     if (analysis.risk === 'critical') {
       throw new Error('Pattern rejected due to critical security risk');
     }
   }
-  
+
   console.log(`✅ Pattern complexity: ${analysis.complexity}`);
   console.log(`🎯 Risk level: ${analysis.risk}`);
 }
@@ -124,29 +133,29 @@ async analyzePattern(pattern: string): Promise<void> {
 @Component({...})
 export class FormValidationComponent {
   constructor(private regexSecurity: RegexSecurityService) {}
-  
+
   async validateUsername(username: string): Promise<boolean> {
     const result = await this.regexSecurity.testRegex(
       '^[a-zA-Z0-9_]{3,20}$',
       username,
       { timeout: 1000, safeMode: true }
     );
-    
+
     if (result.timeout) {
       throw new Error('Username validation timeout - possible ReDoS attack');
     }
-    
+
     if (result.error) {
       console.error('Validation error:', result.error);
       return false;
     }
-    
+
     return result.match;
   }
-  
+
   async validateComplexInput(input: string): Promise<boolean> {
     // Builder pattern for complex validation
-    const result = await RegexSecurityBuilder
+    const result = await RegexSecurityService
       .builder()
       .startOfLine()
       .nonCapturingGroup('[a-zA-Z]') // First letter
@@ -155,22 +164,67 @@ export class FormValidationComponent {
       .endOfLine()
       .timeout(2000)
       .execute(input, this.regexSecurity);
-    
+
     return result.match;
   }
 }
 ```
 
+### **WebCryptoService**
+
+```typescript
+import { WebCryptoService } from '@angular-helpers/security';
+
+export class SecureStorageComponent {
+  private cryptoService = inject(WebCryptoService);
+
+  async hashPassword(password: string): Promise<string> {
+    return await this.cryptoService.hash(password, 'SHA-256');
+  }
+
+  async encryptData(
+    data: string,
+  ): Promise<{ ciphertext: ArrayBuffer; iv: Uint8Array; key: CryptoKey }> {
+    const key = await this.cryptoService.generateAesKey(256);
+    const { ciphertext, iv } = await this.cryptoService.encryptAes(key, data);
+    return { ciphertext, iv, key };
+  }
+
+  async decryptData(ciphertext: ArrayBuffer, iv: Uint8Array, key: CryptoKey): Promise<string> {
+    return await this.cryptoService.decryptAes(key, ciphertext, iv);
+  }
+
+  async exportKeyForStorage(key: CryptoKey): Promise<JsonWebKey> {
+    return await this.cryptoService.exportKey(key);
+  }
+
+  async importKeyFromStorage(jwk: JsonWebKey): Promise<CryptoKey> {
+    return await this.cryptoService.importAesKey(jwk);
+  }
+
+  generateSecureToken(length: number = 32): string {
+    const bytes = this.cryptoService.generateRandomBytes(length);
+    return Array.from(bytes)
+      .map((b) => b.toString(16).padStart(2, '0'))
+      .join('');
+  }
+
+  generateUUID(): string {
+    return this.cryptoService.randomUUID();
+  }
+}
+```
+
 ## 🔧 Advanced Configuration
 
 ### **Security Options**
 
 ```typescript
 interface RegexSecurityConfig {
-  timeout?: number;        // Timeout in ms (default: 5000)
-  maxComplexity?: number;  // Max complexity (default: 10)
+  timeout?: number; // Timeout in ms (default: 5000)
+  maxComplexity?: number; // Max complexity (default: 10)
   allowBacktracking?: boolean; // Allow backtracking (default: false)
-  safeMode?: boolean;      // Safe mode (default: false)
+  safeMode?: boolean; // Safe mode (default: false)
 }
 ```
 
@@ -178,12 +232,12 @@ interface RegexSecurityConfig {
 
 ```typescript
 interface RegexBuilderOptions {
-  global?: boolean;      // 'g' flag
-  ignoreCase?: boolean;  // 'i' flag
-  multiline?: boolean;   // 'm' flag
-  dotAll?: boolean;      // 's' flag
-  unicode?: boolean;     // 'u' flag
-  sticky?: boolean;      // 'y' flag
+  global?: boolean; // 'g' flag
+  ignoreCase?: boolean; // 'i' flag
+  multiline?: boolean; // 'm' flag
+  dotAll?: boolean; // 's' flag
+  unicode?: boolean; // 'u' flag
+  sticky?: boolean; // 'y' flag
 }
 ```
 
@@ -220,12 +274,12 @@ The service automatically detects:
 
 ```typescript
 interface RegexTestResult {
-  match: boolean;           // If there was a match
+  match: boolean; // If there was a match
   matches?: RegExpMatchArray[]; // All matches found
   groups?: { [key: string]: string }; // Captured groups
-  executionTime: number;    // Execution time in ms
-  timeout: boolean;         // If there was a timeout
-  error?: string;          // Error if one occurred
+  executionTime: number; // Execution time in ms
+  timeout: boolean; // If there was a timeout
+  error?: string; // Error if one occurred
 }
 ```
 
@@ -233,10 +287,10 @@ interface RegexTestResult {
 
 ```typescript
 interface RegexSecurityResult {
-  safe: boolean;           // If the pattern is safe
-  complexity: number;      // Complexity level (0-∞)
+  safe: boolean; // If the pattern is safe
+  complexity: number; // Complexity level (0-∞)
   risk: 'low' | 'medium' | 'high' | 'critical';
-  warnings: string[];      // Security warnings
+  warnings: string[]; // Security warnings
   recommendations: string[]; // Improvement recommendations
 }
 ```
@@ -250,27 +304,27 @@ import { AbstractControl, ValidationErrors } from '@angular/forms';
 
 export class SecurityValidators {
   constructor(private regexSecurity: RegexSecurityService) {}
-  
+
   async securePattern(pattern: string, config?: RegexSecurityConfig) {
     return async (control: AbstractControl): Promise<ValidationErrors | null> => {
       const value = control.value;
-      
+
       if (!value) return null;
-      
+
       try {
         const result = await this.regexSecurity.testRegex(pattern, value, config);
-        
+
         if (!result.match) {
           return { securePattern: { value, reason: 'Pattern does not match' } };
         }
-        
+
         if (result.timeout) {
           return { securePattern: { value, reason: 'Pattern execution timeout' } };
         }
-        
+
         return null;
       } catch (error) {
-        return { securePattern: { value, reason: error.message } };
+        return { securePattern: { value, reason: (error as Error).message } };
       }
     };
   }
@@ -282,11 +336,9 @@ export class SecurityValidators {
 ```typescript
 @Component({...})
 export class SecureFormComponent {
-  constructor(
-    private regexSecurity: RegexSecurityService,
-    private securityValidators: SecurityValidators
-  ) {}
-  
+  private regexSecurity = inject(RegexSecurityService);
+  private securityValidators = inject(SecurityValidators);
+
   emailValidator = this.securityValidators.securePattern(
     '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$',
     { timeout: 3000, safeMode: true }

package/fesm2022/angular-helpers-security.mjs

@@ -1,5 +1,6 @@
 import * as i0 from '@angular/core';
-import { inject, DestroyRef, Injectable } from '@angular/core';
+import { inject, DestroyRef, Injectable, PLATFORM_ID, makeEnvironmentProviders } from '@angular/core';
+import { isPlatformBrowser } from '@angular/common';
 
 /**
  * Security service for regular expressions that prevents ReDoS
@@ -28,14 +29,14 @@ class RegexSecurityService {
                     match: false,
                     executionTime: performance.now() - startTime,
                     timeout: false,
-                    error: `Pattern rejected: ${securityCheck.warnings.join(', ')}`
+                    error: `Pattern rejected: ${securityCheck.warnings.join(', ')}`,
                 };
             }
             // Execute in Web Worker with timeout
             const result = await this.executeInWorker(pattern, text, finalConfig);
             return {
                 ...result,
-                executionTime: performance.now() - startTime
+                executionTime: performance.now() - startTime,
             };
         }
         catch (error) {
@@ -43,7 +44,7 @@ class RegexSecurityService {
                 match: false,
                 executionTime: performance.now() - startTime,
                 timeout: false,
-                error: error instanceof Error ? error.message : 'Unknown error'
+                error: error instanceof Error ? error.message : 'Unknown error',
             };
         }
     }
@@ -57,7 +58,11 @@ class RegexSecurityService {
         let risk = 'low';
         // Analysis of dangerous patterns
         const dangerousPatterns = [
-            { pattern: /\*\*/, risk: 'high', message: 'Nested quantifiers (catastrophic backtracking)' },
+            {
+                pattern: /\*\*/,
+                risk: 'high',
+                message: 'Nested quantifiers (catastrophic backtracking)',
+            },
             { pattern: /\+\+/, risk: 'high', message: 'Nested plus quantifiers' },
             { pattern: /\(\?\=/, risk: 'medium', message: 'Lookahead assertions' },
             { pattern: /\(\?\!/, risk: 'medium', message: 'Negative lookahead' },
@@ -65,8 +70,16 @@ class RegexSecurityService {
             { pattern: /\(\?\</, risk: 'high', message: 'Lookbehind assertions' },
             { pattern: /\(\?\(\?\)/, risk: 'critical', message: 'Recursive patterns' },
             { pattern: /(\{(\d+,)?\d+\})/, risk: 'medium', message: 'Quantified repetition' },
-            { pattern: /(\.\*)|(\.+)|(\.\?)/, risk: 'medium', message: 'Greedy quantifiers with dot' },
-            { pattern: /(\[.*\*.*\])|(\[.*\+.*\])/, risk: 'medium', message: 'Character classes with quantifiers' }
+            {
+                pattern: /(\.\*)|(\.+)|(\.\?)/,
+                risk: 'medium',
+                message: 'Greedy quantifiers with dot',
+            },
+            {
+                pattern: /(\[.*\*.*\])|(\[.*\+.*\])/,
+                risk: 'medium',
+                message: 'Character classes with quantifiers',
+            },
         ];
         // Calculate complexity
         complexity = this.calculateComplexity(pattern);
@@ -96,7 +109,7 @@ class RegexSecurityService {
             complexity,
             risk,
             warnings,
-            recommendations
+            recommendations,
         };
     }
     /**
@@ -118,8 +131,8 @@ class RegexSecurityService {
                     data: {
                         pattern,
                         text,
-                        timeout: config.timeout || 5000
-                    }
+                        timeout: config.timeout || 5000,
+                    },
                 };
                 // Timeout for execution
                 const timeoutId = setTimeout(() => {
@@ -129,7 +142,7 @@ class RegexSecurityService {
                         match: false,
                         executionTime: 0,
                         timeout: true,
-                        error: 'Execution timeout'
+                        error: 'Execution timeout',
                     });
                 }, config.timeout || 5000);
                 worker.onmessage = (event) => {
@@ -148,7 +161,7 @@ class RegexSecurityService {
                         match: false,
                         executionTime: 0,
                         timeout: false,
-                        error: `Worker error: ${error.message || 'Unknown error'}`
+                        error: `Worker error: ${error.message || 'Unknown error'}`,
                     });
                 };
                 worker.postMessage(task);
@@ -158,7 +171,7 @@ class RegexSecurityService {
                     match: false,
                     executionTime: 0,
                     timeout: false,
-                    error: `Failed to create worker: ${error instanceof Error ? error.message : 'Unknown error'}`
+                    error: `Failed to create worker: ${error instanceof Error ? error.message : 'Unknown error'}`,
                 });
             }
         });
@@ -248,7 +261,7 @@ class RegexSecurityService {
      * Gets numeric risk level
      */
     getRiskLevel(risk) {
-        const levels = { 'low': 1, 'medium': 2, 'high': 3, 'critical': 4 };
+        const levels = { low: 1, medium: 2, high: 3, critical: 4 };
         return levels[risk] || 0;
     }
     /**
@@ -259,14 +272,14 @@ class RegexSecurityService {
             timeout: config.timeout || 5000,
             maxComplexity: config.maxComplexity || 10,
             allowBacktracking: config.allowBacktracking || false,
-            safeMode: config.safeMode || false
+            safeMode: config.safeMode || false,
         };
     }
     /**
      * Cleans up resources when the service is destroyed
      */
     ngOnDestroy() {
-        this.workers.forEach(worker => {
+        this.workers.forEach((worker) => {
             worker.terminate();
         });
         this.workers.clear();
@@ -387,7 +400,7 @@ class RegexSecurityBuilder {
         return {
             pattern: this.patternValue,
             options: this.optionsValue,
-            security: this.securityConfigValue
+            security: this.securityConfigValue,
         };
     }
     /**
@@ -399,9 +412,102 @@ class RegexSecurityBuilder {
     }
 }
 
+class WebCryptoService {
+    platformId = inject(PLATFORM_ID);
+    isSupported() {
+        return isPlatformBrowser(this.platformId) && 'crypto' in window && 'subtle' in crypto;
+    }
+    get subtle() {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported in this environment');
+        }
+        return crypto.subtle;
+    }
+    ensureSecureContext() {
+        if (!window.isSecureContext) {
+            throw new Error('Web Crypto API requires a secure context (HTTPS)');
+        }
+    }
+    async hash(data, algorithm = 'SHA-256') {
+        this.ensureSecureContext();
+        const buffer = typeof data === 'string' ? new TextEncoder().encode(data) : data;
+        const hashBuffer = await this.subtle.digest(algorithm, buffer);
+        return this.bufferToHex(hashBuffer);
+    }
+    async generateAesKey(length = 256) {
+        this.ensureSecureContext();
+        return this.subtle.generateKey({ name: 'AES-GCM', length }, true, ['encrypt', 'decrypt']);
+    }
+    async encryptAes(key, data) {
+        this.ensureSecureContext();
+        const buffer = typeof data === 'string' ? new TextEncoder().encode(data) : data;
+        const iv = crypto.getRandomValues(new Uint8Array(12));
+        const ciphertext = await this.subtle.encrypt({ name: 'AES-GCM', iv }, key, buffer);
+        return { ciphertext, iv };
+    }
+    async decryptAes(key, ciphertext, iv) {
+        this.ensureSecureContext();
+        const decrypted = await this.subtle.decrypt({ name: 'AES-GCM', iv }, key, ciphertext);
+        return new TextDecoder().decode(decrypted);
+    }
+    async exportKey(key) {
+        this.ensureSecureContext();
+        return this.subtle.exportKey('jwk', key);
+    }
+    async importAesKey(jwk) {
+        this.ensureSecureContext();
+        return this.subtle.importKey('jwk', jwk, { name: 'AES-GCM' }, true, ['encrypt', 'decrypt']);
+    }
+    generateRandomBytes(length) {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported');
+        }
+        return crypto.getRandomValues(new Uint8Array(length));
+    }
+    randomUUID() {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported');
+        }
+        return crypto.randomUUID();
+    }
+    bufferToHex(buffer) {
+        return Array.from(new Uint8Array(buffer))
+            .map((b) => b.toString(16).padStart(2, '0'))
+            .join('');
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService, decorators: [{
+            type: Injectable
+        }] });
+
+const defaultSecurityConfig = {
+    enableRegexSecurity: true,
+    enableWebCrypto: true,
+    defaultTimeout: 5000,
+    safeMode: false,
+};
+function provideSecurity(config = {}) {
+    const mergedConfig = { ...defaultSecurityConfig, ...config };
+    const providers = [];
+    if (mergedConfig.enableRegexSecurity) {
+        providers.push(RegexSecurityService);
+    }
+    if (mergedConfig.enableWebCrypto) {
+        providers.push(WebCryptoService);
+    }
+    return makeEnvironmentProviders(providers);
+}
+function provideRegexSecurity() {
+    return makeEnvironmentProviders([RegexSecurityService]);
+}
+function provideWebCrypto() {
+    return makeEnvironmentProviders([WebCryptoService]);
+}
+
 /**
  * Generated bundle index. Do not edit.
  */
 
-export { RegexSecurityBuilder, RegexSecurityService };
-//# sourceMappingURL=angular-helpers-security.mjs.map
+export { RegexSecurityBuilder, RegexSecurityService, WebCryptoService, defaultSecurityConfig, provideRegexSecurity, provideSecurity, provideWebCrypto };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@angular-helpers/security",
-  "version": "21.0.2",
+  "version": "21.0.4",
   "description": "Angular security helpers for preventing ReDoS and other security vulnerabilities",
   "keywords": [
     "angular",
@@ -27,7 +27,6 @@
   "peerDependencies": {
     "@angular/common": "^21.0.0",
     "@angular/core": "^21.0.0",
-    "@angular-helpers/browser-web-apis": "21.0.2",
     "rxjs": "^7.0.0 || ^8.0.0"
   },
   "dependencies": {

package/types/angular-helpers-security.d.ts

@@ -1,4 +1,5 @@
 import * as i0 from '@angular/core';
+import { EnvironmentProviders } from '@angular/core';
 
 interface RegexSecurityConfig {
     timeout?: number;
@@ -150,5 +151,40 @@ declare class RegexSecurityBuilder {
     execute(text: string, service: RegexSecurityService): Promise<RegexTestResult>;
 }
 
-export { RegexSecurityBuilder, RegexSecurityService };
-export type { RegexBuilderOptions, RegexSecurityConfig, RegexSecurityResult, RegexTestResult };
+type HashAlgorithm = 'SHA-1' | 'SHA-256' | 'SHA-384' | 'SHA-512';
+type AesKeyLength = 128 | 192 | 256;
+interface AesEncryptResult {
+    ciphertext: ArrayBuffer;
+    iv: Uint8Array;
+}
+declare class WebCryptoService {
+    private readonly platformId;
+    isSupported(): boolean;
+    private get subtle();
+    private ensureSecureContext;
+    hash(data: string | ArrayBuffer, algorithm?: HashAlgorithm): Promise<string>;
+    generateAesKey(length?: AesKeyLength): Promise<CryptoKey>;
+    encryptAes(key: CryptoKey, data: string | ArrayBuffer): Promise<AesEncryptResult>;
+    decryptAes(key: CryptoKey, ciphertext: ArrayBuffer, iv: Uint8Array<ArrayBuffer>): Promise<string>;
+    exportKey(key: CryptoKey): Promise<JsonWebKey>;
+    importAesKey(jwk: JsonWebKey): Promise<CryptoKey>;
+    generateRandomBytes(length: number): Uint8Array;
+    randomUUID(): string;
+    private bufferToHex;
+    static ɵfac: i0.ɵɵFactoryDeclaration<WebCryptoService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<WebCryptoService>;
+}
+
+interface SecurityConfig {
+    enableRegexSecurity?: boolean;
+    enableWebCrypto?: boolean;
+    defaultTimeout?: number;
+    safeMode?: boolean;
+}
+declare const defaultSecurityConfig: SecurityConfig;
+declare function provideSecurity(config?: SecurityConfig): EnvironmentProviders;
+declare function provideRegexSecurity(): EnvironmentProviders;
+declare function provideWebCrypto(): EnvironmentProviders;
+
+export { RegexSecurityBuilder, RegexSecurityService, WebCryptoService, defaultSecurityConfig, provideRegexSecurity, provideSecurity, provideWebCrypto };
+export type { AesEncryptResult, AesKeyLength, HashAlgorithm, RegexBuilderOptions, RegexSecurityConfig, RegexSecurityResult, RegexTestResult, SecurityConfig };

package/fesm2022/angular-helpers-security.mjs.map

@@ -1 +0,0 @@
-{"version":3,"file":"angular-helpers-security.mjs","sources":["../../../packages/security/src/services/regex-security.service.ts","../../../packages/security/src/angular-helpers-security.ts"],"sourcesContent":["import { Injectable, inject, DestroyRef } from '@angular/core';\nimport { Observable, Subject } from 'rxjs';\nimport { map, catchError, timeout } from 'rxjs/operators';\nimport { takeUntilDestroyed } from '@angular/core/rxjs-interop';\n\nexport interface RegexSecurityConfig {\n  timeout?: number; // Timeout in milliseconds (default: 5000)\n  maxComplexity?: number; // Maximum complexity allowed\n  allowBacktracking?: boolean; // Allow catastrophic backtracking\n  safeMode?: boolean; // Safe mode with secure patterns only\n}\n\nexport interface RegexTestResult {\n  match: boolean;\n  matches?: RegExpMatchArray[];\n  groups?: { [key: string]: string };\n  executionTime: number;\n  timeout: boolean;\n  error?: string;\n}\n\nexport interface RegexSecurityResult {\n  safe: boolean;\n  complexity: number;\n  risk: 'low' | 'medium' | 'high' | 'critical';\n  warnings: string[];\n  recommendations: string[];\n}\n\nexport interface RegexBuilderOptions {\n  global?: boolean;\n  ignoreCase?: boolean;\n  multiline?: boolean;\n  dotAll?: boolean;\n  unicode?: boolean;\n  sticky?: boolean;\n}\n\n/**\n * Security service for regular expressions that prevents ReDoS\n * using Web Workers for safe execution with timeout\n */\n@Injectable()\nexport class RegexSecurityService {\n  private destroyRef = inject(DestroyRef);\n  private workers = new Map<string, Worker>();\n\n  /**\n   * Builder pattern to construct safe regular expressions\n   */\n  static builder(): RegexSecurityBuilder {\n    return new RegexSecurityBuilder();\n  }\n\n  /**\n   * Executes a regular expression safely with a timeout\n   */\n  async testRegex(\n    pattern: string,\n    text: string,\n    config: RegexSecurityConfig = {}\n  ): Promise<RegexTestResult> {\n    const startTime = performance.now();\n    const finalConfig = this.mergeConfig(config);\n\n    try {\n      // First, analyze pattern security\n      const securityCheck = await this.analyzePatternSecurity(pattern);\n      \n      if (!securityCheck.safe && !finalConfig.safeMode) {\n        return {\n          match: false,\n          executionTime: performance.now() - startTime,\n          timeout: false,\n          error: `Pattern rejected: ${securityCheck.warnings.join(', ')}`\n        };\n      }\n\n      // Execute in Web Worker with timeout\n      const result = await this.executeInWorker(pattern, text, finalConfig);\n      \n      return {\n        ...result,\n        executionTime: performance.now() - startTime\n      };\n    } catch (error) {\n      return {\n        match: false,\n        executionTime: performance.now() - startTime,\n        timeout: false,\n        error: error instanceof Error ? error.message : 'Unknown error'\n      };\n    }\n  }\n\n  /**\n   * Analyzes the security of a regular expression pattern\n   */\n  async analyzePatternSecurity(pattern: string): Promise<RegexSecurityResult> {\n    const warnings: string[] = [];\n    const recommendations: string[] = [];\n    let complexity = 0;\n    let risk: 'low' | 'medium' | 'high' | 'critical' = 'low';\n\n    // Analysis of dangerous patterns\n    const dangerousPatterns = [\n      { pattern: /\\*\\*/, risk: 'high' as const, message: 'Nested quantifiers (catastrophic backtracking)' },\n      { pattern: /\\+\\+/, risk: 'high' as const, message: 'Nested plus quantifiers' },\n      { pattern: /\\(\\?\\=/, risk: 'medium' as const, message: 'Lookahead assertions' },\n      { pattern: /\\(\\?\\!/, risk: 'medium' as const, message: 'Negative lookahead' },\n      { pattern: /\\(\\?\\:/, risk: 'low' as const, message: 'Non-capturing groups' },\n      { pattern: /\\(\\?\\</, risk: 'high' as const, message: 'Lookbehind assertions' },\n      { pattern: /\\(\\?\\(\\?\\)/, risk: 'critical' as const, message: 'Recursive patterns' },\n      { pattern: /(\\{(\\d+,)?\\d+\\})/, risk: 'medium' as const, message: 'Quantified repetition' },\n      { pattern: /(\\.\\*)|(\\.+)|(\\.\\?)/, risk: 'medium' as const, message: 'Greedy quantifiers with dot' },\n      { pattern: /(\\[.*\\*.*\\])|(\\[.*\\+.*\\])/, risk: 'medium' as const, message: 'Character classes with quantifiers' }\n    ];\n\n    // Calculate complexity\n    complexity = this.calculateComplexity(pattern);\n\n    // Evaluate dangerous patterns\n    for (const dangerous of dangerousPatterns) {\n      if (dangerous.pattern.test(pattern)) {\n        warnings.push(dangerous.message);\n        if (this.getRiskLevel(dangerous.risk) > this.getRiskLevel(risk)) {\n          risk = dangerous.risk;\n        }\n      }\n    }\n\n    // Recommendations based on the analysis\n    if (complexity > 10) {\n      recommendations.push('Consider simplifying the pattern');\n      risk = this.getRiskLevel(risk) > this.getRiskLevel('high') ? risk : 'high';\n    }\n\n    if (pattern.includes('**') || pattern.includes('++')) {\n      recommendations.push('Avoid nested quantifiers to prevent catastrophic backtracking');\n    }\n\n    if (pattern.length > 100) {\n      recommendations.push('Long patterns are harder to maintain and may impact performance');\n    }\n\n    const safe = risk !== 'critical' && warnings.length === 0;\n\n    return {\n      safe,\n      complexity,\n      risk,\n      warnings,\n      recommendations\n    };\n  }\n\n  /**\n   * Executes the regular expression in a Web Worker\n   */\n  private async executeInWorker(\n    pattern: string,\n    text: string,\n    config: RegexSecurityConfig\n  ): Promise<RegexTestResult> {\n    return new Promise((resolve) => {\n      const workerName = `regex-worker-${Date.now()}`;\n      \n      try {\n        // Create temporary worker\n        const workerCode = this.generateWorkerCode();\n        const blob = new Blob([workerCode], { type: 'application/javascript' });\n        const worker = new Worker(URL.createObjectURL(blob));\n        \n        this.workers.set(workerName, worker);\n\n        const taskId = `regex_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;\n        \n        const task = {\n          id: taskId,\n          type: 'regex-test',\n          data: {\n            pattern,\n            text,\n            timeout: config.timeout || 5000\n          }\n        };\n\n        // Timeout for execution\n        const timeoutId = setTimeout(() => {\n          worker.terminate();\n          this.workers.delete(workerName);\n          resolve({\n            match: false,\n            executionTime: 0,\n            timeout: true,\n            error: 'Execution timeout'\n          });\n        }, config.timeout || 5000);\n\n        worker.onmessage = (event) => {\n          clearTimeout(timeoutId);\n          worker.terminate();\n          this.workers.delete(workerName);\n          \n          if (event.data.id === taskId) {\n            resolve(event.data.data as RegexTestResult);\n          }\n        };\n\n        worker.onerror = (error) => {\n          clearTimeout(timeoutId);\n          worker.terminate();\n          this.workers.delete(workerName);\n          resolve({\n            match: false,\n            executionTime: 0,\n            timeout: false,\n            error: `Worker error: ${error.message || 'Unknown error'}`\n          });\n        };\n\n        worker.postMessage(task);\n      } catch (error) {\n        resolve({\n          match: false,\n          executionTime: 0,\n          timeout: false,\n          error: `Failed to create worker: ${error instanceof Error ? error.message : 'Unknown error'}`\n        });\n      }\n    });\n  }\n\n  /**\n   * Generates the Web Worker code\n   */\n  private generateWorkerCode(): string {\n    return `\n      self.addEventListener('message', function(event) {\n        const task = event.data;\n        \n        if (task.type === 'regex-test') {\n          const { pattern, text, timeout } = task.data;\n          const startTime = performance.now();\n          \n          try {\n            const regex = new RegExp(pattern, 'g');\n            const matches = [];\n            let match;\n            \n            while ((match = regex.exec(text)) !== null) {\n              matches.push([...match]);\n              \n              // Prevention of infinite loops\n              if (matches.length > 1000) {\n                throw new Error('Too many matches - possible infinite loop');\n              }\n            }\n            \n            const groups = {};\n            if (matches.length > 0) {\n              const firstMatch = matches[0];\n              for (let i = 1; i < firstMatch.length; i++) {\n                groups[\\`group\\${i}\\`] = firstMatch[i];\n              }\n            }\n            \n            self.postMessage({\n              id: task.id,\n              type: 'regex-result',\n              data: {\n                match: matches.length > 0,\n                matches,\n                groups,\n                executionTime: performance.now() - startTime,\n                timeout: false\n              }\n            });\n          } catch (error) {\n            self.postMessage({\n              id: task.id,\n              type: 'regex-result',\n              data: {\n                match: false,\n                executionTime: performance.now() - startTime,\n                timeout: false,\n                error: error.message || 'Execution error'\n              }\n            });\n          }\n        }\n      });\n    `;\n  }\n\n  /**\n   * Calculates the complexity of a pattern\n   */\n  private calculateComplexity(pattern: string): number {\n    let complexity = 0;\n    \n    // Nested quantifiers increase complexity\n    complexity += (pattern.match(/\\*\\*/g) || []).length * 5;\n    complexity += (pattern.match(/\\+\\+/g) || []).length * 5;\n    complexity += (pattern.match(/\\?\\?/g) || []).length * 3;\n    \n    // Lookaheads/lookbehinds\n    complexity += (pattern.match(/\\(\\?\\=/g) || []).length * 2;\n    complexity += (pattern.match(/\\(\\?\\!/g) || []).length * 2;\n    complexity += (pattern.match(/\\(\\?\\</g) || []).length * 3;\n    \n    // Nested groups\n    const openParens = (pattern.match(/\\(/g) || []).length;\n    complexity += openParens * 0.5;\n    \n    // Pattern length\n    complexity += pattern.length * 0.01;\n    \n    return Math.round(complexity * 100) / 100;\n  }\n\n  /**\n   * Gets numeric risk level\n   */\n  private getRiskLevel(risk: 'low' | 'medium' | 'high' | 'critical'): number {\n    const levels = { 'low': 1, 'medium': 2, 'high': 3, 'critical': 4 };\n    return levels[risk] || 0;\n  }\n\n  /**\n   * Merges configuration with default values\n   */\n  private mergeConfig(config: RegexSecurityConfig): Required<RegexSecurityConfig> {\n    return {\n      timeout: config.timeout || 5000,\n      maxComplexity: config.maxComplexity || 10,\n      allowBacktracking: config.allowBacktracking || false,\n      safeMode: config.safeMode || false\n    };\n  }\n\n  /**\n   * Cleans up resources when the service is destroyed\n   */\n  ngOnDestroy(): void {\n    this.workers.forEach(worker => {\n      worker.terminate();\n    });\n    this.workers.clear();\n  }\n}\n\n/**\n * Builder pattern to construct safe regular expressions\n */\nexport class RegexSecurityBuilder {\n  private patternValue: string = '';\n  private optionsValue: RegexBuilderOptions = {};\n  private securityConfigValue: RegexSecurityConfig = {};\n\n  /**\n   * Defines the base pattern\n   */\n  pattern(pattern: string): RegexSecurityBuilder {\n    this.patternValue = pattern;\n    return this;\n  }\n\n  /**\n   * Appends text to the current pattern\n   */\n  append(text: string): RegexSecurityBuilder {\n    this.patternValue += text;\n    return this;\n  }\n\n  /**\n   * Adds a capturing group\n   */\n  group(content: string, name?: string): RegexSecurityBuilder {\n    if (name) {\n      this.patternValue += `(?<${name}>${content})`;\n    } else {\n      this.patternValue += `(${content})`;\n    }\n    return this;\n  }\n\n  /**\n   * Adds a non-capturing group\n   */\n  nonCapturingGroup(content: string): RegexSecurityBuilder {\n    this.patternValue += `(?:${content})`;\n    return this;\n  }\n\n  /**\n   * Adds an alternative\n   */\n  or(alternative: string): RegexSecurityBuilder {\n    this.patternValue += `|${alternative}`;\n    return this;\n  }\n\n  /**\n   * Adds a quantifier\n   */\n  quantifier(quantifier: '*' | '+' | '?' | '{n}' | '{n,}' | '{n,m}'): RegexSecurityBuilder {\n    this.patternValue += quantifier;\n    return this;\n  }\n\n  /**\n   * Adds a character set\n   */\n  characterSet(chars: string, negate = false): RegexSecurityBuilder {\n    this.patternValue += `[${negate ? '^' : ''}${chars}]`;\n    return this;\n  }\n\n  /**\n   * Adds a start of line anchor\n   */\n  startOfLine(): RegexSecurityBuilder {\n    this.patternValue += '^';\n    return this;\n  }\n\n  /**\n   * Adds an end of line anchor\n   */\n  endOfLine(): RegexSecurityBuilder {\n    this.patternValue += '$';\n    return this;\n  }\n\n  /**\n   * Configures regular expression options\n   */\n  options(options: RegexBuilderOptions): RegexSecurityBuilder {\n    this.optionsValue = { ...this.optionsValue, ...options };\n    return this;\n  }\n\n  /**\n   * Configures security options\n   */\n  security(config: RegexSecurityConfig): RegexSecurityBuilder {\n    this.securityConfigValue = { ...this.securityConfigValue, ...config };\n    return this;\n  }\n\n  /**\n   * Configures timeout\n   */\n  timeout(ms: number): RegexSecurityBuilder {\n    this.securityConfigValue.timeout = ms;\n    return this;\n  }\n\n  /**\n   * Activates safe mode\n   */\n  safeMode(): RegexSecurityBuilder {\n    this.securityConfigValue.safeMode = true;\n    return this;\n  }\n\n  /**\n   * Builds the final regular expression\n   */\n  build(): { pattern: string; options: RegexBuilderOptions; security: RegexSecurityConfig } {\n    return {\n      pattern: this.patternValue,\n      options: this.optionsValue,\n      security: this.securityConfigValue\n    };\n  }\n\n  /**\n   * Builds and executes the regular expression\n   */\n  async execute(text: string, service: RegexSecurityService): Promise<RegexTestResult> {\n    const { pattern, security } = this.build();\n    return service.testRegex(pattern, text, security);\n  }\n}\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":[],"mappings":";;;AAsCA;;;AAGG;MAEU,oBAAoB,CAAA;AACvB,IAAA,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;AAC/B,IAAA,OAAO,GAAG,IAAI,GAAG,EAAkB;AAE3C;;AAEG;AACH,IAAA,OAAO,OAAO,GAAA;QACZ,OAAO,IAAI,oBAAoB,EAAE;IACnC;AAEA;;AAEG;IACH,MAAM,SAAS,CACb,OAAe,EACf,IAAY,EACZ,SAA8B,EAAE,EAAA;AAEhC,QAAA,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE;QACnC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;AAE5C,QAAA,IAAI;;YAEF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC;YAEhE,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE;gBAChD,OAAO;AACL,oBAAA,KAAK,EAAE,KAAK;AACZ,oBAAA,aAAa,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;AAC5C,oBAAA,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,CAAA,kBAAA,EAAqB,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;iBAC9D;YACH;;AAGA,YAAA,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE,WAAW,CAAC;YAErE,OAAO;AACL,gBAAA,GAAG,MAAM;AACT,gBAAA,aAAa,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG;aACpC;QACH;QAAE,OAAO,KAAK,EAAE;YACd,OAAO;AACL,gBAAA,KAAK,EAAE,KAAK;AACZ,gBAAA,aAAa,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;AAC5C,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,KAAK,EAAE,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG;aACjD;QACH;IACF;AAEA;;AAEG;IACH,MAAM,sBAAsB,CAAC,OAAe,EAAA;QAC1C,MAAM,QAAQ,GAAa,EAAE;QAC7B,MAAM,eAAe,GAAa,EAAE;QACpC,IAAI,UAAU,GAAG,CAAC;QAClB,IAAI,IAAI,GAA2C,KAAK;;AAGxD,QAAA,MAAM,iBAAiB,GAAG;YACxB,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,gDAAgD,EAAE;YACrG,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,yBAAyB,EAAE;YAC9E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,sBAAsB,EAAE;YAC/E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,oBAAoB,EAAE;YAC7E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAc,EAAE,OAAO,EAAE,sBAAsB,EAAE;YAC5E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,uBAAuB,EAAE;YAC9E,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,UAAmB,EAAE,OAAO,EAAE,oBAAoB,EAAE;YACnF,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,uBAAuB,EAAE;YAC1F,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,6BAA6B,EAAE;YACnG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,oCAAoC;SAC/G;;AAGD,QAAA,UAAU,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;;AAG9C,QAAA,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE;YACzC,IAAI,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;AACnC,gBAAA,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;AAChC,gBAAA,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE;AAC/D,oBAAA,IAAI,GAAG,SAAS,CAAC,IAAI;gBACvB;YACF;QACF;;AAGA,QAAA,IAAI,UAAU,GAAG,EAAE,EAAE;AACnB,YAAA,eAAe,CAAC,IAAI,CAAC,kCAAkC,CAAC;YACxD,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,IAAI,GAAG,MAAM;QAC5E;AAEA,QAAA,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;AACpD,YAAA,eAAe,CAAC,IAAI,CAAC,+DAA+D,CAAC;QACvF;AAEA,QAAA,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE;AACxB,YAAA,eAAe,CAAC,IAAI,CAAC,iEAAiE,CAAC;QACzF;QAEA,MAAM,IAAI,GAAG,IAAI,KAAK,UAAU,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAEzD,OAAO;YACL,IAAI;YACJ,UAAU;YACV,IAAI;YACJ,QAAQ;YACR;SACD;IACH;AAEA;;AAEG;AACK,IAAA,MAAM,eAAe,CAC3B,OAAe,EACf,IAAY,EACZ,MAA2B,EAAA;AAE3B,QAAA,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,KAAI;YAC7B,MAAM,UAAU,GAAG,CAAA,aAAA,EAAgB,IAAI,CAAC,GAAG,EAAE,EAAE;AAE/C,YAAA,IAAI;;AAEF,gBAAA,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,EAAE;AAC5C,gBAAA,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,CAAC,UAAU,CAAC,EAAE,EAAE,IAAI,EAAE,wBAAwB,EAAE,CAAC;AACvE,gBAAA,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;gBAEpD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC;gBAEpC,MAAM,MAAM,GAAG,CAAA,MAAA,EAAS,IAAI,CAAC,GAAG,EAAE,CAAA,CAAA,EAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA,CAAE;AAE/E,gBAAA,MAAM,IAAI,GAAG;AACX,oBAAA,EAAE,EAAE,MAAM;AACV,oBAAA,IAAI,EAAE,YAAY;AAClB,oBAAA,IAAI,EAAE;wBACJ,OAAO;wBACP,IAAI;AACJ,wBAAA,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI;AAC5B;iBACF;;AAGD,gBAAA,MAAM,SAAS,GAAG,UAAU,CAAC,MAAK;oBAChC,MAAM,CAAC,SAAS,EAAE;AAClB,oBAAA,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;AAC/B,oBAAA,OAAO,CAAC;AACN,wBAAA,KAAK,EAAE,KAAK;AACZ,wBAAA,aAAa,EAAE,CAAC;AAChB,wBAAA,OAAO,EAAE,IAAI;AACb,wBAAA,KAAK,EAAE;AACR,qBAAA,CAAC;AACJ,gBAAA,CAAC,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI,CAAC;AAE1B,gBAAA,MAAM,CAAC,SAAS,GAAG,CAAC,KAAK,KAAI;oBAC3B,YAAY,CAAC,SAAS,CAAC;oBACvB,MAAM,CAAC,SAAS,EAAE;AAClB,oBAAA,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;oBAE/B,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,MAAM,EAAE;AAC5B,wBAAA,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAuB,CAAC;oBAC7C;AACF,gBAAA,CAAC;AAED,gBAAA,MAAM,CAAC,OAAO,GAAG,CAAC,KAAK,KAAI;oBACzB,YAAY,CAAC,SAAS,CAAC;oBACvB,MAAM,CAAC,SAAS,EAAE;AAClB,oBAAA,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;AAC/B,oBAAA,OAAO,CAAC;AACN,wBAAA,KAAK,EAAE,KAAK;AACZ,wBAAA,aAAa,EAAE,CAAC;AAChB,wBAAA,OAAO,EAAE,KAAK;AACd,wBAAA,KAAK,EAAE,CAAA,cAAA,EAAiB,KAAK,CAAC,OAAO,IAAI,eAAe,CAAA;AACzD,qBAAA,CAAC;AACJ,gBAAA,CAAC;AAED,gBAAA,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC;YAC1B;YAAE,OAAO,KAAK,EAAE;AACd,gBAAA,OAAO,CAAC;AACN,oBAAA,KAAK,EAAE,KAAK;AACZ,oBAAA,aAAa,EAAE,CAAC;AAChB,oBAAA,OAAO,EAAE,KAAK;AACd,oBAAA,KAAK,EAAE,CAAA,yBAAA,EAA4B,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,eAAe,CAAA;AAC5F,iBAAA,CAAC;YACJ;AACF,QAAA,CAAC,CAAC;IACJ;AAEA;;AAEG;IACK,kBAAkB,GAAA;QACxB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAuDN;IACH;AAEA;;AAEG;AACK,IAAA,mBAAmB,CAAC,OAAe,EAAA;QACzC,IAAI,UAAU,GAAG,CAAC;;AAGlB,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;AACvD,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;AACvD,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;;AAGvD,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;AACzD,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;AACzD,QAAA,UAAU,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,MAAM,GAAG,CAAC;;AAGzD,QAAA,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,MAAM;AACtD,QAAA,UAAU,IAAI,UAAU,GAAG,GAAG;;AAG9B,QAAA,UAAU,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI;QAEnC,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG;IAC3C;AAEA;;AAEG;AACK,IAAA,YAAY,CAAC,IAA4C,EAAA;AAC/D,QAAA,MAAM,MAAM,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE;AAClE,QAAA,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;IAC1B;AAEA;;AAEG;AACK,IAAA,WAAW,CAAC,MAA2B,EAAA;QAC7C,OAAO;AACL,YAAA,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;AAC/B,YAAA,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE;AACzC,YAAA,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,KAAK;AACpD,YAAA,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI;SAC9B;IACH;AAEA;;AAEG;IACH,WAAW,GAAA;AACT,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,IAAG;YAC5B,MAAM,CAAC,SAAS,EAAE;AACpB,QAAA,CAAC,CAAC;AACF,QAAA,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE;IACtB;uGAlTW,oBAAoB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAApB,oBAAoB,EAAA,CAAA;;2FAApB,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBADhC;;AAsTD;;AAEG;MACU,oBAAoB,CAAA;IACvB,YAAY,GAAW,EAAE;IACzB,YAAY,GAAwB,EAAE;IACtC,mBAAmB,GAAwB,EAAE;AAErD;;AAEG;AACH,IAAA,OAAO,CAAC,OAAe,EAAA;AACrB,QAAA,IAAI,CAAC,YAAY,GAAG,OAAO;AAC3B,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,MAAM,CAAC,IAAY,EAAA;AACjB,QAAA,IAAI,CAAC,YAAY,IAAI,IAAI;AACzB,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;IACH,KAAK,CAAC,OAAe,EAAE,IAAa,EAAA;QAClC,IAAI,IAAI,EAAE;YACR,IAAI,CAAC,YAAY,IAAI,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA,EAAI,OAAO,GAAG;QAC/C;aAAO;AACL,YAAA,IAAI,CAAC,YAAY,IAAI,CAAA,CAAA,EAAI,OAAO,GAAG;QACrC;AACA,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,iBAAiB,CAAC,OAAe,EAAA;AAC/B,QAAA,IAAI,CAAC,YAAY,IAAI,CAAA,GAAA,EAAM,OAAO,GAAG;AACrC,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,EAAE,CAAC,WAAmB,EAAA;AACpB,QAAA,IAAI,CAAC,YAAY,IAAI,CAAA,CAAA,EAAI,WAAW,EAAE;AACtC,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,UAAU,CAAC,UAAsD,EAAA;AAC/D,QAAA,IAAI,CAAC,YAAY,IAAI,UAAU;AAC/B,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,YAAY,CAAC,KAAa,EAAE,MAAM,GAAG,KAAK,EAAA;AACxC,QAAA,IAAI,CAAC,YAAY,IAAI,CAAA,CAAA,EAAI,MAAM,GAAG,GAAG,GAAG,EAAE,CAAA,EAAG,KAAK,GAAG;AACrD,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;IACH,WAAW,GAAA;AACT,QAAA,IAAI,CAAC,YAAY,IAAI,GAAG;AACxB,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;IACH,SAAS,GAAA;AACP,QAAA,IAAI,CAAC,YAAY,IAAI,GAAG;AACxB,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,OAAO,CAAC,OAA4B,EAAA;AAClC,QAAA,IAAI,CAAC,YAAY,GAAG,EAAE,GAAG,IAAI,CAAC,YAAY,EAAE,GAAG,OAAO,EAAE;AACxD,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,QAAQ,CAAC,MAA2B,EAAA;AAClC,QAAA,IAAI,CAAC,mBAAmB,GAAG,EAAE,GAAG,IAAI,CAAC,mBAAmB,EAAE,GAAG,MAAM,EAAE;AACrE,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;AACH,IAAA,OAAO,CAAC,EAAU,EAAA;AAChB,QAAA,IAAI,CAAC,mBAAmB,CAAC,OAAO,GAAG,EAAE;AACrC,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;IACH,QAAQ,GAAA;AACN,QAAA,IAAI,CAAC,mBAAmB,CAAC,QAAQ,GAAG,IAAI;AACxC,QAAA,OAAO,IAAI;IACb;AAEA;;AAEG;IACH,KAAK,GAAA;QACH,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,YAAY;YAC1B,OAAO,EAAE,IAAI,CAAC,YAAY;YAC1B,QAAQ,EAAE,IAAI,CAAC;SAChB;IACH;AAEA;;AAEG;AACH,IAAA,MAAM,OAAO,CAAC,IAAY,EAAE,OAA6B,EAAA;QACvD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE;QAC1C,OAAO,OAAO,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC;IACnD;AACD;;ACteD;;AAEG;;;;"}