@de-otio/chaoskb-client 0.3.6 → 0.3.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/bootstrap.d.ts +11 -3
- package/dist/cli/bootstrap.d.ts.map +1 -1
- package/dist/cli/bootstrap.js +181 -126
- package/dist/cli/bootstrap.js.map +1 -1
- package/dist/cli/commands/config.d.ts +7 -4
- package/dist/cli/commands/config.d.ts.map +1 -1
- package/dist/cli/commands/config.js +161 -134
- package/dist/cli/commands/config.js.map +1 -1
- package/dist/cli/commands/devices.d.ts.map +1 -1
- package/dist/cli/commands/devices.js +58 -33
- package/dist/cli/commands/devices.js.map +1 -1
- package/dist/cli/commands/export.d.ts.map +1 -1
- package/dist/cli/commands/export.js +6 -9
- package/dist/cli/commands/export.js.map +1 -1
- package/dist/cli/commands/import.js +1 -1
- package/dist/cli/commands/import.js.map +1 -1
- package/dist/cli/commands/projects.d.ts.map +1 -1
- package/dist/cli/commands/projects.js +33 -10
- package/dist/cli/commands/projects.js.map +1 -1
- package/dist/cli/commands/rotate-key.d.ts +3 -3
- package/dist/cli/commands/rotate-key.d.ts.map +1 -1
- package/dist/cli/commands/rotate-key.js +88 -35
- package/dist/cli/commands/rotate-key.js.map +1 -1
- package/dist/cli/commands/setup-sync.d.ts.map +1 -1
- package/dist/cli/commands/setup-sync.js +22 -4
- package/dist/cli/commands/setup-sync.js.map +1 -1
- package/dist/cli/mcp-server.d.ts.map +1 -1
- package/dist/cli/mcp-server.js +90 -42
- package/dist/cli/mcp-server.js.map +1 -1
- package/dist/crypto/aad.d.ts +2 -5
- package/dist/crypto/aad.d.ts.map +1 -1
- package/dist/crypto/aad.js +2 -8
- package/dist/crypto/aad.js.map +1 -1
- package/dist/crypto/aead.d.ts +8 -16
- package/dist/crypto/aead.d.ts.map +1 -1
- package/dist/crypto/aead.js +10 -36
- package/dist/crypto/aead.js.map +1 -1
- package/dist/crypto/blob-id.d.ts +2 -3
- package/dist/crypto/blob-id.d.ts.map +1 -1
- package/dist/crypto/blob-id.js +2 -30
- package/dist/crypto/blob-id.js.map +1 -1
- package/dist/crypto/canonical-json.d.ts +5 -3
- package/dist/crypto/canonical-json.d.ts.map +1 -1
- package/dist/crypto/canonical-json.js +5 -85
- package/dist/crypto/canonical-json.js.map +1 -1
- package/dist/crypto/commitment.d.ts +3 -9
- package/dist/crypto/commitment.d.ts.map +1 -1
- package/dist/crypto/commitment.js +3 -27
- package/dist/crypto/commitment.js.map +1 -1
- package/dist/crypto/encryption-service.d.ts +3 -0
- package/dist/crypto/encryption-service.d.ts.map +1 -1
- package/dist/crypto/encryption-service.js +10 -6
- package/dist/crypto/encryption-service.js.map +1 -1
- package/dist/crypto/envelope-cbor.d.ts +4 -34
- package/dist/crypto/envelope-cbor.d.ts.map +1 -1
- package/dist/crypto/envelope-cbor.js +4 -121
- package/dist/crypto/envelope-cbor.js.map +1 -1
- package/dist/crypto/envelope.d.ts +1 -31
- package/dist/crypto/envelope.d.ts.map +1 -1
- package/dist/crypto/envelope.js +31 -137
- package/dist/crypto/envelope.js.map +1 -1
- package/dist/crypto/hkdf.d.ts +7 -11
- package/dist/crypto/hkdf.d.ts.map +1 -1
- package/dist/crypto/hkdf.js +9 -18
- package/dist/crypto/hkdf.js.map +1 -1
- package/dist/crypto/index.d.ts +9 -4
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +9 -4
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/ssh-keys.d.ts +17 -10
- package/dist/crypto/ssh-keys.d.ts.map +1 -1
- package/dist/crypto/ssh-keys.js +28 -108
- package/dist/crypto/ssh-keys.js.map +1 -1
- package/dist/crypto/types.d.ts +18 -88
- package/dist/crypto/types.d.ts.map +1 -1
- package/dist/crypto/types.js +3 -0
- package/dist/crypto/types.js.map +1 -1
- package/dist/pipeline/content-pipeline.d.ts.map +1 -1
- package/dist/pipeline/content-pipeline.js +19 -3
- package/dist/pipeline/content-pipeline.js.map +1 -1
- package/dist/pipeline/extract.d.ts +8 -0
- package/dist/pipeline/extract.d.ts.map +1 -1
- package/dist/pipeline/extract.js +15 -4
- package/dist/pipeline/extract.js.map +1 -1
- package/dist/pipeline/fetch-browser.d.ts +29 -0
- package/dist/pipeline/fetch-browser.d.ts.map +1 -0
- package/dist/pipeline/fetch-browser.js +98 -0
- package/dist/pipeline/fetch-browser.js.map +1 -0
- package/package.json +4 -1
- package/dist/crypto/argon2.d.ts +0 -11
- package/dist/crypto/argon2.d.ts.map +0 -1
- package/dist/crypto/argon2.js +0 -33
- package/dist/crypto/argon2.js.map +0 -1
- package/dist/crypto/invite.d.ts +0 -31
- package/dist/crypto/invite.d.ts.map +0 -1
- package/dist/crypto/invite.js +0 -139
- package/dist/crypto/invite.js.map +0 -1
- package/dist/crypto/keyring.d.ts +0 -37
- package/dist/crypto/keyring.d.ts.map +0 -1
- package/dist/crypto/keyring.js +0 -219
- package/dist/crypto/keyring.js.map +0 -1
- package/dist/crypto/known-keys.d.ts +0 -34
- package/dist/crypto/known-keys.d.ts.map +0 -1
- package/dist/crypto/known-keys.js +0 -114
- package/dist/crypto/known-keys.js.map +0 -1
- package/dist/crypto/project-keys.d.ts +0 -26
- package/dist/crypto/project-keys.d.ts.map +0 -1
- package/dist/crypto/project-keys.js +0 -69
- package/dist/crypto/project-keys.js.map +0 -1
- package/dist/crypto/secure-buffer.d.ts +0 -31
- package/dist/crypto/secure-buffer.d.ts.map +0 -1
- package/dist/crypto/secure-buffer.js +0 -61
- package/dist/crypto/secure-buffer.js.map +0 -1
- package/dist/crypto/tiers/enhanced.d.ts +0 -25
- package/dist/crypto/tiers/enhanced.d.ts.map +0 -1
- package/dist/crypto/tiers/enhanced.js +0 -56
- package/dist/crypto/tiers/enhanced.js.map +0 -1
- package/dist/crypto/tiers/maximum.d.ts +0 -19
- package/dist/crypto/tiers/maximum.d.ts.map +0 -1
- package/dist/crypto/tiers/maximum.js +0 -25
- package/dist/crypto/tiers/maximum.js.map +0 -1
- package/dist/crypto/tiers/standard.d.ts +0 -27
- package/dist/crypto/tiers/standard.d.ts.map +0 -1
- package/dist/crypto/tiers/standard.js +0 -155
- package/dist/crypto/tiers/standard.js.map +0 -1
|
@@ -1,10 +1,16 @@
|
|
|
1
1
|
import * as fs from 'node:fs';
|
|
2
|
+
import * as os from 'node:os';
|
|
2
3
|
import * as readline from 'node:readline';
|
|
3
|
-
import
|
|
4
|
+
import * as path from 'node:path';
|
|
5
|
+
import { KeyRing, StandardTier, MaximumTier, OsKeychainStorage, FileSystemStorage, } from '@de-otio/keyring';
|
|
4
6
|
import { loadConfig, saveConfig, CHAOSKB_DIR } from './setup.js';
|
|
5
7
|
import { SecurityTier } from '../../crypto/types.js';
|
|
6
|
-
import
|
|
7
|
-
const TIER_ORDER = [
|
|
8
|
+
import { KEYRING_SERVICE, FILE_KEY_PATH } from '../bootstrap.js';
|
|
9
|
+
const TIER_ORDER = [
|
|
10
|
+
SecurityTier.Standard,
|
|
11
|
+
SecurityTier.Enhanced,
|
|
12
|
+
SecurityTier.Maximum,
|
|
13
|
+
];
|
|
8
14
|
function tierIndex(tier) {
|
|
9
15
|
return TIER_ORDER.indexOf(tier);
|
|
10
16
|
}
|
|
@@ -15,14 +21,39 @@ function prompt(rl, question) {
|
|
|
15
21
|
});
|
|
16
22
|
});
|
|
17
23
|
}
|
|
24
|
+
function buildStorage(kind) {
|
|
25
|
+
if (process.env.CHAOSKB_KEY_STORAGE === 'file') {
|
|
26
|
+
const fsDir = path.join(CHAOSKB_DIR, 'keyring');
|
|
27
|
+
fs.mkdirSync(fsDir, { recursive: true, mode: 0o700 });
|
|
28
|
+
return new FileSystemStorage({
|
|
29
|
+
root: fsDir,
|
|
30
|
+
acceptedTiers: [kind],
|
|
31
|
+
});
|
|
32
|
+
}
|
|
33
|
+
return new OsKeychainStorage({
|
|
34
|
+
service: KEYRING_SERVICE,
|
|
35
|
+
acceptedTiers: [kind],
|
|
36
|
+
});
|
|
37
|
+
}
|
|
38
|
+
function resolveSshKeyPath(configSshKeyPath) {
|
|
39
|
+
if (configSshKeyPath && fs.existsSync(configSshKeyPath))
|
|
40
|
+
return configSshKeyPath;
|
|
41
|
+
const sshDir = path.join(os.homedir(), '.ssh');
|
|
42
|
+
for (const c of ['id_ed25519', 'id_rsa']) {
|
|
43
|
+
const p = path.join(sshDir, c);
|
|
44
|
+
if (fs.existsSync(p) && fs.existsSync(`${p}.pub`))
|
|
45
|
+
return p;
|
|
46
|
+
}
|
|
47
|
+
return null;
|
|
48
|
+
}
|
|
18
49
|
/**
|
|
19
50
|
* Upgrade security tier.
|
|
20
51
|
*
|
|
21
|
-
* Standard → Maximum:
|
|
22
|
-
*
|
|
52
|
+
* Standard → Maximum: unlock master via the current Standard tier,
|
|
53
|
+
* then re-wrap under a passphrase-derived KEK via keyring's `MaximumTier`.
|
|
23
54
|
*
|
|
24
|
-
* Note: The Enhanced tier (BIP39 mnemonic) is deprecated. New upgrades
|
|
25
|
-
* support "maximum".
|
|
55
|
+
* Note: The Enhanced tier (BIP39 mnemonic) is deprecated. New upgrades
|
|
56
|
+
* only support "maximum".
|
|
26
57
|
*/
|
|
27
58
|
export async function upgradeTierCommand(tier, options) {
|
|
28
59
|
const dryRun = options?.dryRun ?? false;
|
|
@@ -50,28 +81,19 @@ export async function upgradeTierCommand(tier, options) {
|
|
|
50
81
|
process.exitCode = 1;
|
|
51
82
|
return;
|
|
52
83
|
}
|
|
53
|
-
//
|
|
54
|
-
const
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
catch {
|
|
67
|
-
// Fall through to error
|
|
68
|
-
}
|
|
69
|
-
}
|
|
70
|
-
if (!masterKey) {
|
|
71
|
-
console.error('Master key not found. Ensure your OS keyring is accessible.');
|
|
72
|
-
process.exitCode = 1;
|
|
73
|
-
return;
|
|
74
|
-
}
|
|
84
|
+
// Locate and unlock the current master key via StandardTier.
|
|
85
|
+
const sshKeyPath = resolveSshKeyPath(config.sshKeyPath);
|
|
86
|
+
if (!sshKeyPath) {
|
|
87
|
+
console.error('Master key not found. Ensure your OS keyring is accessible.');
|
|
88
|
+
process.exitCode = 1;
|
|
89
|
+
return;
|
|
90
|
+
}
|
|
91
|
+
const standardStorage = buildStorage('standard');
|
|
92
|
+
const currentWrapped = await standardStorage.get('__personal');
|
|
93
|
+
if (!currentWrapped) {
|
|
94
|
+
console.error('Master key not found. Ensure your OS keyring is accessible.');
|
|
95
|
+
process.exitCode = 1;
|
|
96
|
+
return;
|
|
75
97
|
}
|
|
76
98
|
if (dryRun) {
|
|
77
99
|
console.log('[dry-run] Would upgrade security tier from "%s" to "%s".', config.securityTier, tier);
|
|
@@ -81,60 +103,11 @@ export async function upgradeTierCommand(tier, options) {
|
|
|
81
103
|
console.log('[dry-run] - Write encrypted key blob to ~/.chaoskb/master-key.enc');
|
|
82
104
|
console.log('[dry-run] - Remove the master key from the OS keyring');
|
|
83
105
|
console.log('[dry-run] No changes made.');
|
|
84
|
-
masterKey.dispose();
|
|
85
106
|
return;
|
|
86
107
|
}
|
|
87
|
-
|
|
88
|
-
await upgradeToMaximum(masterKey, config);
|
|
89
|
-
}
|
|
90
|
-
finally {
|
|
91
|
-
masterKey.dispose();
|
|
92
|
-
}
|
|
108
|
+
await upgradeToMaximum(sshKeyPath, currentWrapped, config);
|
|
93
109
|
}
|
|
94
|
-
async function
|
|
95
|
-
const { generateRecoveryKey } = await import('../../crypto/tiers/enhanced.js');
|
|
96
|
-
const mnemonic = generateRecoveryKey(masterKey);
|
|
97
|
-
const words = mnemonic.split(' ');
|
|
98
|
-
console.log('');
|
|
99
|
-
console.log('Your 24-word recovery key:');
|
|
100
|
-
console.log('');
|
|
101
|
-
// Display in 3 columns of 8
|
|
102
|
-
for (let i = 0; i < 24; i += 3) {
|
|
103
|
-
const cols = [];
|
|
104
|
-
for (let j = 0; j < 3 && i + j < 24; j++) {
|
|
105
|
-
cols.push(` ${String(i + j + 1).padStart(2, ' ')}. ${words[i + j].padEnd(10)}`);
|
|
106
|
-
}
|
|
107
|
-
console.log(cols.join(''));
|
|
108
|
-
}
|
|
109
|
-
console.log('');
|
|
110
|
-
console.log('Write these words down and store them safely.');
|
|
111
|
-
console.log('This is your backup recovery factor. Do NOT store it digitally.');
|
|
112
|
-
console.log('');
|
|
113
|
-
// Spot-check: ask user to confirm 2 random words
|
|
114
|
-
const indices = pickRandomIndices(24, 2);
|
|
115
|
-
const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
|
|
116
|
-
try {
|
|
117
|
-
for (const idx of indices) {
|
|
118
|
-
const answer = await prompt(rl, `Confirm word #${idx + 1}: `);
|
|
119
|
-
if (answer.toLowerCase() !== words[idx].toLowerCase()) {
|
|
120
|
-
console.error(`Incorrect. Expected word #${idx + 1} to be "${words[idx]}".`);
|
|
121
|
-
console.error('Tier upgrade cancelled.');
|
|
122
|
-
process.exitCode = 1;
|
|
123
|
-
return;
|
|
124
|
-
}
|
|
125
|
-
}
|
|
126
|
-
}
|
|
127
|
-
finally {
|
|
128
|
-
rl.close();
|
|
129
|
-
}
|
|
130
|
-
// Update config
|
|
131
|
-
config.securityTier = SecurityTier.Enhanced;
|
|
132
|
-
await saveConfig(config);
|
|
133
|
-
console.log('');
|
|
134
|
-
console.log('Security tier upgraded to Enhanced.');
|
|
135
|
-
console.log('Your master key remains in the OS keyring. The recovery key is your backup.');
|
|
136
|
-
}
|
|
137
|
-
async function upgradeToMaximum(masterKey, config) {
|
|
110
|
+
async function upgradeToMaximum(sshKeyPath, currentWrapped, config) {
|
|
138
111
|
if (!process.stdin.isTTY) {
|
|
139
112
|
console.error('Maximum tier requires an interactive terminal for passphrase entry.');
|
|
140
113
|
process.exitCode = 1;
|
|
@@ -166,56 +139,35 @@ async function upgradeToMaximum(masterKey, config) {
|
|
|
166
139
|
rl.close();
|
|
167
140
|
}
|
|
168
141
|
console.log('Deriving key with Argon2id (this may take a moment)...');
|
|
169
|
-
//
|
|
170
|
-
const
|
|
171
|
-
const
|
|
172
|
-
const
|
|
142
|
+
// 1. Unlock the current master via StandardTier + stored wrapped blob.
|
|
143
|
+
const sshPublicKeyLine = fs.readFileSync(`${sshKeyPath}.pub`, 'utf-8').trim();
|
|
144
|
+
const sshPrivateKeyPem = fs.readFileSync(sshKeyPath, 'utf-8');
|
|
145
|
+
const standardStorage = buildStorage('standard');
|
|
146
|
+
const standardTier = StandardTier.fromSshKey(sshPublicKeyLine);
|
|
147
|
+
const ring = new KeyRing({ tier: standardTier, storage: standardStorage });
|
|
148
|
+
try {
|
|
149
|
+
await ring.unlockWithSshKey(sshPrivateKeyPem);
|
|
150
|
+
}
|
|
151
|
+
catch (err) {
|
|
152
|
+
console.error(`Failed to unlock master key: ${err instanceof Error ? err.message : String(err)}`);
|
|
153
|
+
process.exitCode = 1;
|
|
154
|
+
return;
|
|
155
|
+
}
|
|
156
|
+
// 2. Wrap the master with MaximumTier under the new passphrase.
|
|
173
157
|
try {
|
|
174
|
-
|
|
175
|
-
const
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
//
|
|
179
|
-
const blob = {
|
|
180
|
-
v: 1,
|
|
181
|
-
kdf: 'argon2id',
|
|
182
|
-
t: 3,
|
|
183
|
-
m: 65536,
|
|
184
|
-
p: 1,
|
|
185
|
-
salt: Buffer.from(salt).toString('hex'),
|
|
186
|
-
nonce: Buffer.from(result.nonce).toString('hex'),
|
|
187
|
-
ciphertext: Buffer.from(new Uint8Array([...result.ciphertext, ...result.tag])).toString('hex'),
|
|
188
|
-
};
|
|
158
|
+
const maxTier = MaximumTier.fromPassphrase(passphrase);
|
|
159
|
+
const maxWrapped = await ring.withMaster(async (master) => maxTier.wrap(master));
|
|
160
|
+
// Persist to a dedicated storage (filesystem-backed blob file for
|
|
161
|
+
// compatibility with the previous Maximum-tier layout at
|
|
162
|
+
// ~/.chaoskb/master-key.enc).
|
|
189
163
|
const blobPath = path.join(CHAOSKB_DIR, 'master-key.enc');
|
|
190
|
-
|
|
191
|
-
fs.writeFileSync(blobPath,
|
|
192
|
-
//
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
const verifyCiphertext = new Uint8Array(verifyCt.subarray(0, verifyCt.length - 16));
|
|
198
|
-
const verifyTag = new Uint8Array(verifyCt.subarray(verifyCt.length - 16));
|
|
199
|
-
const recovered = aeadDecrypt(wrappingKey.buffer, verifyNonce, verifyCiphertext, verifyTag, aad);
|
|
200
|
-
if (!Buffer.from(recovered).equals(masterKey.buffer)) {
|
|
201
|
-
throw new Error('Round-trip verification failed: decrypted key does not match original');
|
|
202
|
-
}
|
|
203
|
-
}
|
|
204
|
-
catch (err) {
|
|
205
|
-
// Verification failed — remove the corrupt blob and abort
|
|
206
|
-
try {
|
|
207
|
-
fs.unlinkSync(blobPath);
|
|
208
|
-
}
|
|
209
|
-
catch { /* ignore */ }
|
|
210
|
-
throw new Error(`Key encryption verification failed. Keyring entry NOT removed. ` +
|
|
211
|
-
`Error: ${err instanceof Error ? err.message : String(err)}`);
|
|
212
|
-
}
|
|
213
|
-
// Verification passed — safe to remove master key from OS keyring
|
|
214
|
-
const { KeyringService } = await import('../../crypto/keyring.js');
|
|
215
|
-
const keyring = new KeyringService();
|
|
216
|
-
await keyring.delete('chaoskb', 'master-key');
|
|
217
|
-
// Also remove file-based key if it exists
|
|
218
|
-
const { FILE_KEY_PATH } = await import('../bootstrap.js');
|
|
164
|
+
const serialisedBlob = serialiseWrappedKey(maxWrapped);
|
|
165
|
+
fs.writeFileSync(blobPath, serialisedBlob, { mode: 0o600 });
|
|
166
|
+
// Verify-after-write: round-trip decrypt the blob we just wrote.
|
|
167
|
+
await verifyRoundTrip(blobPath, passphrase);
|
|
168
|
+
// Verification passed — safe to clear the StandardTier wrapping.
|
|
169
|
+
await ring.delete();
|
|
170
|
+
// Also remove file-based key if it exists (legacy pre-migration state).
|
|
219
171
|
try {
|
|
220
172
|
fs.unlinkSync(FILE_KEY_PATH);
|
|
221
173
|
}
|
|
@@ -231,14 +183,89 @@ async function upgradeToMaximum(masterKey, config) {
|
|
|
231
183
|
console.log('Your passphrase is now your only recovery factor.');
|
|
232
184
|
}
|
|
233
185
|
finally {
|
|
234
|
-
|
|
186
|
+
await ring.lock();
|
|
187
|
+
// We do our best to forget `currentWrapped` by not retaining a
|
|
188
|
+
// reference past this scope.
|
|
189
|
+
void currentWrapped;
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
/**
|
|
193
|
+
* Serialise a keyring `WrappedKey` to the chaoskb `master-key.enc` file.
|
|
194
|
+
* Uses a JSON schema compatible with keyring's internal serialiser so
|
|
195
|
+
* both halves of the migration can read it — matches the shape written
|
|
196
|
+
* by keyring's own filesystem storage.
|
|
197
|
+
*/
|
|
198
|
+
function serialiseWrappedKey(w) {
|
|
199
|
+
const out = {
|
|
200
|
+
v: w.v,
|
|
201
|
+
tier: w.tier,
|
|
202
|
+
envelope: Buffer.from(w.envelope).toString('base64'),
|
|
203
|
+
ts: w.ts,
|
|
204
|
+
};
|
|
205
|
+
if (w.kdfParams) {
|
|
206
|
+
if (w.kdfParams.algorithm === 'argon2id') {
|
|
207
|
+
out.kdfParams = {
|
|
208
|
+
algorithm: 'argon2id',
|
|
209
|
+
t: w.kdfParams.t,
|
|
210
|
+
m: w.kdfParams.m,
|
|
211
|
+
p: w.kdfParams.p,
|
|
212
|
+
salt: Buffer.from(w.kdfParams.salt).toString('base64'),
|
|
213
|
+
};
|
|
214
|
+
}
|
|
215
|
+
else {
|
|
216
|
+
out.kdfParams = {
|
|
217
|
+
algorithm: 'pbkdf2-sha256',
|
|
218
|
+
iterations: w.kdfParams.iterations,
|
|
219
|
+
salt: Buffer.from(w.kdfParams.salt).toString('base64'),
|
|
220
|
+
};
|
|
221
|
+
}
|
|
235
222
|
}
|
|
223
|
+
return JSON.stringify(out, null, 2);
|
|
236
224
|
}
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
225
|
+
/** Parse the serialised form back into a WrappedKey. */
|
|
226
|
+
export function parseWrappedKey(json) {
|
|
227
|
+
const parsed = JSON.parse(json);
|
|
228
|
+
if (parsed.v !== 1)
|
|
229
|
+
throw new Error(`unsupported wrapped-key wire version: ${parsed.v}`);
|
|
230
|
+
if (parsed.tier !== 'standard' && parsed.tier !== 'maximum') {
|
|
231
|
+
throw new Error(`unsupported tier kind: ${parsed.tier}`);
|
|
232
|
+
}
|
|
233
|
+
const out = {
|
|
234
|
+
v: 1,
|
|
235
|
+
tier: parsed.tier,
|
|
236
|
+
envelope: new Uint8Array(Buffer.from(parsed.envelope, 'base64')),
|
|
237
|
+
ts: parsed.ts,
|
|
238
|
+
};
|
|
239
|
+
if (parsed.kdfParams) {
|
|
240
|
+
const saltBytes = new Uint8Array(Buffer.from(parsed.kdfParams.salt, 'base64'));
|
|
241
|
+
if (parsed.kdfParams.algorithm === 'argon2id') {
|
|
242
|
+
out.kdfParams = {
|
|
243
|
+
algorithm: 'argon2id',
|
|
244
|
+
t: parsed.kdfParams.t ?? 0,
|
|
245
|
+
m: parsed.kdfParams.m ?? 0,
|
|
246
|
+
p: parsed.kdfParams.p ?? 0,
|
|
247
|
+
salt: saltBytes,
|
|
248
|
+
};
|
|
249
|
+
}
|
|
250
|
+
else if (parsed.kdfParams.algorithm === 'pbkdf2-sha256') {
|
|
251
|
+
out.kdfParams = {
|
|
252
|
+
algorithm: 'pbkdf2-sha256',
|
|
253
|
+
iterations: parsed.kdfParams.iterations ?? 0,
|
|
254
|
+
salt: saltBytes,
|
|
255
|
+
};
|
|
256
|
+
}
|
|
241
257
|
}
|
|
242
|
-
|
|
258
|
+
if (parsed.sshFingerprint)
|
|
259
|
+
out.sshFingerprint = parsed.sshFingerprint;
|
|
260
|
+
return out;
|
|
261
|
+
}
|
|
262
|
+
async function verifyRoundTrip(blobPath, passphrase) {
|
|
263
|
+
const json = fs.readFileSync(blobPath, 'utf-8');
|
|
264
|
+
const wrapped = parseWrappedKey(json);
|
|
265
|
+
// Construct a temporary MaximumTier (its passphrase is only used for
|
|
266
|
+
// wrap; unwrap reads the passphrase from UnlockInput).
|
|
267
|
+
const tier = MaximumTier.fromPassphrase(passphrase);
|
|
268
|
+
const master = await tier.unwrap(wrapped, { kind: 'passphrase', passphrase });
|
|
269
|
+
master.dispose();
|
|
243
270
|
}
|
|
244
271
|
//# sourceMappingURL=config.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../cli/commands/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../cli/commands/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EACL,OAAO,EACP,YAAY,EACZ,WAAW,EACX,iBAAiB,EACjB,iBAAiB,GAGlB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEjE,MAAM,UAAU,GAAmB;IACjC,YAAY,CAAC,QAAQ;IACrB,YAAY,CAAC,QAAQ;IACrB,YAAY,CAAC,OAAO;CACrB,CAAC;AAEF,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,UAAU,CAAC,OAAO,CAAC,IAAoB,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,MAAM,CAAC,EAAsB,EAAE,QAAgB;IACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,EAAE;YAC/B,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CAAmC,IAAO;IAC7D,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,MAAM,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACtD,OAAO,IAAI,iBAAiB,CAAI;YAC9B,IAAI,EAAE,KAAK;YACX,aAAa,EAAE,CAAC,IAAI,CAAU;SAC/B,CAAkB,CAAC;IACtB,CAAC;IACD,OAAO,IAAI,iBAAiB,CAAI;QAC9B,OAAO,EAAE,eAAe;QACxB,aAAa,EAAE,CAAC,IAAI,CAAU;KAC/B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,iBAAiB,CAAC,gBAAyB;IAClD,IAAI,gBAAgB,IAAI,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAAE,OAAO,gBAAgB,CAAC;IACjF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/C,KAAK,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC/B,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,IAAY,EACZ,OAA8B;IAE9B,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,KAAK,CAAC;IACxC,uEAAuE;IACvE,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;YACxB,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,kBAAkB,IAAI,uBAAuB,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;QAC3E,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAEpC,IAAI,WAAW,IAAI,YAAY,EAAE,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,eAAe,MAAM,CAAC,YAAY,mBAAmB,CAAC,CAAC;QACrE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,6DAA6D;IAC7D,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACxD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAC;QAC7E,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,eAAe,GAAG,YAAY,CAAa,UAAU,CAAC,CAAC;IAC7D,MAAM,cAAc,GAAsB,MAAM,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAClF,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAC;QAC7E,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CACT,0DAA0D,EAC1D,MAAM,CAAC,YAAY,EACnB,IAAI,CACL,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC;QACvF,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,qEAAqE,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO;IACT,CAAC;IAED,MAAM,gBAAgB,CAAC,UAAU,EAAE,cAAc,EAAE,MAAM,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,UAAkB,EAClB,cAA0B,EAC1B,MAAsF;IAEtF,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACrF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACtF,IAAI,UAAkB,CAAC;IACvB,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,MAAM,CAAC,EAAE,EAAE,4CAA4C,CAAC,CAAC;QAC5E,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC3B,OAAO,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;YACrF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,EAAE,EAAE,sBAAsB,CAAC,CAAC;QACzD,IAAI,UAAU,KAAK,OAAO,EAAE,CAAC;YAC3B,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC3C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,IAAI,MAAM,CAAC,YAAY,KAAK,YAAY,CAAC,QAAQ,EAAE,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,6EAA6E,CAAC,CAAC;YAC3F,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;YAAS,CAAC;QACT,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;IAEtE,uEAAuE;IACvE,MAAM,gBAAgB,GAAG,EAAE,CAAC,YAAY,CAAC,GAAG,UAAU,MAAM,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9E,MAAM,gBAAgB,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC9D,MAAM,eAAe,GAAG,YAAY,CAAa,UAAU,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC/D,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;IAC3E,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;IAChD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CACX,gCAAgC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACnF,CAAC;QACF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,gEAAgE;IAChE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAEjF,kEAAkE;QAClE,yDAAyD;QACzD,8BAA8B;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;QAC1D,MAAM,cAAc,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC;QACvD,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,cAAc,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAE5D,iEAAiE;QACjE,MAAM,eAAe,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE5C,iEAAiE;QACjE,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB,wEAAwE;QACxE,IAAI,CAAC;YACH,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACP,qBAAqB;QACvB,CAAC;QAED,gBAAgB;QAChB,MAAM,CAAC,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC;QAC3C,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC;QAEzB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACnE,CAAC;YAAS,CAAC;QACT,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,+DAA+D;QAC/D,6BAA6B;QAC7B,KAAK,cAAc,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,CAAa;IACxC,MAAM,GAAG,GAA4B;QACnC,CAAC,EAAE,CAAC,CAAC,CAAC;QACN,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACpD,EAAE,EAAE,CAAC,CAAC,EAAE;KACT,CAAC;IACF,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;QAChB,IAAI,CAAC,CAAC,SAAS,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACzC,GAAG,CAAC,SAAS,GAAG;gBACd,SAAS,EAAE,UAAU;gBACrB,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;gBAChB,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;gBAChB,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;aACvD,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,SAAS,GAAG;gBACd,SAAS,EAAE,eAAe;gBAC1B,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,UAAU;gBAClC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;aACvD,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACtC,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,eAAe,CAAC,IAAY;IAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAc7B,CAAC;IACF,IAAI,MAAM,CAAC,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;IACzF,IAAI,MAAM,CAAC,IAAI,KAAK,UAAU,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5D,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,GAAG,GAAe;QACtB,CAAC,EAAE,CAAC;QACJ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAChE,EAAE,EAAE,MAAM,CAAC,EAAE;KACd,CAAC;IACF,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC/E,IAAI,MAAM,CAAC,SAAS,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YAC9C,GAAG,CAAC,SAAS,GAAG;gBACd,SAAS,EAAE,UAAU;gBACrB,CAAC,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;gBAC1B,CAAC,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;gBAC1B,CAAC,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;gBAC1B,IAAI,EAAE,SAAS;aAChB,CAAC;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,SAAS,CAAC,SAAS,KAAK,eAAe,EAAE,CAAC;YAC1D,GAAG,CAAC,SAAS,GAAG;gBACd,SAAS,EAAE,eAAe;gBAC1B,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,UAAU,IAAI,CAAC;gBAC5C,IAAI,EAAE,SAAS;aAChB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,cAAc;QAAE,GAAG,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;IACtE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,QAAgB,EAAE,UAAkB;IACjE,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IACtC,qEAAqE;IACrE,uDAAuD;IACvD,MAAM,IAAI,GAAG,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,CAAC;IAC9E,MAAM,CAAC,OAAO,EAAE,CAAC;AACnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../../../cli/commands/devices.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"devices.d.ts","sourceRoot":"","sources":["../../../cli/commands/devices.ts"],"names":[],"mappings":"AA4DA;;;;;;GAMG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC,CAmGvD;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC,CA6BxD;AAED;;;;GAIG;AACH,wBAAsB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA2B7E"}
|
|
@@ -2,9 +2,10 @@ import * as crypto from 'node:crypto';
|
|
|
2
2
|
import * as fs from 'node:fs';
|
|
3
3
|
import * as path from 'node:path';
|
|
4
4
|
import * as os from 'node:os';
|
|
5
|
+
import { KeyRing, StandardTier, OsKeychainStorage, FileSystemStorage, parseSshPublicKey, } from '@de-otio/keyring';
|
|
5
6
|
import { loadConfig } from './setup.js';
|
|
6
7
|
import { createSyncClient } from '../tools/sync-client.js';
|
|
7
|
-
|
|
8
|
+
import { KEYRING_SERVICE, CHAOSKB_DIR, FILE_KEY_PATH } from '../bootstrap.js';
|
|
8
9
|
/** Base62 alphabet for human-friendly codes. */
|
|
9
10
|
const BASE62 = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
|
10
11
|
/** Generate a random base62 string of the given length. */
|
|
@@ -23,6 +24,28 @@ function hashCode(code) {
|
|
|
23
24
|
function sleep(ms) {
|
|
24
25
|
return new Promise((resolve) => setTimeout(resolve, ms));
|
|
25
26
|
}
|
|
27
|
+
function buildStorage() {
|
|
28
|
+
if (process.env.CHAOSKB_KEY_STORAGE === 'file') {
|
|
29
|
+
const fsDir = path.join(CHAOSKB_DIR, 'keyring');
|
|
30
|
+
fs.mkdirSync(fsDir, { recursive: true, mode: 0o700 });
|
|
31
|
+
return new FileSystemStorage({ root: fsDir });
|
|
32
|
+
}
|
|
33
|
+
return new OsKeychainStorage({
|
|
34
|
+
service: KEYRING_SERVICE,
|
|
35
|
+
acceptedTiers: ['standard'],
|
|
36
|
+
});
|
|
37
|
+
}
|
|
38
|
+
function resolveOldKeyPath(configSshKeyPath) {
|
|
39
|
+
if (configSshKeyPath && fs.existsSync(configSshKeyPath))
|
|
40
|
+
return configSshKeyPath;
|
|
41
|
+
const sshDir = path.join(os.homedir(), '.ssh');
|
|
42
|
+
for (const c of ['id_ed25519', 'id_rsa']) {
|
|
43
|
+
const p = path.join(sshDir, c);
|
|
44
|
+
if (fs.existsSync(p) && fs.existsSync(`${p}.pub`))
|
|
45
|
+
return p;
|
|
46
|
+
}
|
|
47
|
+
return null;
|
|
48
|
+
}
|
|
26
49
|
/**
|
|
27
50
|
* `chaoskb-mcp devices add`
|
|
28
51
|
*
|
|
@@ -62,7 +85,7 @@ export async function devicesAddCommand() {
|
|
|
62
85
|
console.error(` Poll failed: ${statusResp.status}`);
|
|
63
86
|
continue;
|
|
64
87
|
}
|
|
65
|
-
const statusBody = await statusResp.json();
|
|
88
|
+
const statusBody = (await statusResp.json());
|
|
66
89
|
if (statusBody.status === 'ready' && statusBody.newPublicKey) {
|
|
67
90
|
newPublicKey = statusBody.newPublicKey;
|
|
68
91
|
break;
|
|
@@ -74,44 +97,43 @@ export async function devicesAddCommand() {
|
|
|
74
97
|
process.exit(1);
|
|
75
98
|
}
|
|
76
99
|
console.log('\n New device connected. Wrapping master key...');
|
|
77
|
-
// 4. Wrap master key with new device's public key and upload
|
|
78
|
-
const
|
|
79
|
-
const
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
console.error(` Failed to upload wrapped key: ${putResp.status}`);
|
|
97
|
-
process.exit(1);
|
|
98
|
-
}
|
|
100
|
+
// 4. Wrap master key with new device's public key and upload.
|
|
101
|
+
const config = await loadConfig();
|
|
102
|
+
const oldKeyPath = resolveOldKeyPath(config?.sshKeyPath);
|
|
103
|
+
if (!oldKeyPath) {
|
|
104
|
+
console.error(' Could not locate the current SSH key. Cannot wrap master for new device.');
|
|
105
|
+
process.exit(1);
|
|
106
|
+
}
|
|
107
|
+
const oldPublicKeyLine = fs.readFileSync(`${oldKeyPath}.pub`, 'utf-8').trim();
|
|
108
|
+
const oldKeyPem = fs.readFileSync(oldKeyPath, 'utf-8');
|
|
109
|
+
const storage = buildStorage();
|
|
110
|
+
const oldTier = StandardTier.fromSshKey(oldPublicKeyLine);
|
|
111
|
+
const ring = new KeyRing({ tier: oldTier, storage });
|
|
112
|
+
try {
|
|
113
|
+
await ring.unlockWithSshKey(oldKeyPem);
|
|
114
|
+
}
|
|
115
|
+
catch (err) {
|
|
116
|
+
// Fallback: legacy file-based master.key for users mid-migration.
|
|
117
|
+
if (fs.existsSync(FILE_KEY_PATH)) {
|
|
118
|
+
console.error(' Legacy master.key detected but keyring slot is empty. Re-run setup.');
|
|
99
119
|
}
|
|
100
120
|
else {
|
|
101
|
-
console.error(
|
|
102
|
-
process.exit(1);
|
|
121
|
+
console.error(` Failed to unlock master: ${err instanceof Error ? err.message : String(err)}`);
|
|
103
122
|
}
|
|
123
|
+
process.exit(1);
|
|
104
124
|
}
|
|
105
|
-
|
|
106
|
-
const
|
|
107
|
-
const
|
|
108
|
-
|
|
109
|
-
const putResp = await signedFetch('PUT', '/v1/wrapped-key', wrappedBlob);
|
|
125
|
+
try {
|
|
126
|
+
const newTier = StandardTier.fromSshKey(newPublicKey);
|
|
127
|
+
const wrappedNew = await ring.withMaster(async (master) => newTier.wrap(master));
|
|
128
|
+
const putResp = await signedFetch('PUT', '/v1/wrapped-key', wrappedNew.envelope);
|
|
110
129
|
if (!putResp.ok) {
|
|
111
130
|
console.error(` Failed to upload wrapped key: ${putResp.status}`);
|
|
112
131
|
process.exit(1);
|
|
113
132
|
}
|
|
114
133
|
}
|
|
134
|
+
finally {
|
|
135
|
+
await ring.lock();
|
|
136
|
+
}
|
|
115
137
|
console.log(' Device linked successfully.');
|
|
116
138
|
console.log('');
|
|
117
139
|
}
|
|
@@ -128,7 +150,7 @@ export async function devicesListCommand() {
|
|
|
128
150
|
console.error(`Failed to list devices: ${resp.status} ${err}`);
|
|
129
151
|
process.exit(1);
|
|
130
152
|
}
|
|
131
|
-
const data = await resp.json();
|
|
153
|
+
const data = (await resp.json());
|
|
132
154
|
console.log('');
|
|
133
155
|
console.log(' Registered devices');
|
|
134
156
|
console.log(' ==================');
|
|
@@ -155,7 +177,7 @@ export async function devicesRemoveCommand(fingerprint) {
|
|
|
155
177
|
// Show device info before removing
|
|
156
178
|
const listResp = await signedFetch('GET', '/v1/devices');
|
|
157
179
|
if (listResp.ok) {
|
|
158
|
-
const data = await listResp.json();
|
|
180
|
+
const data = (await listResp.json());
|
|
159
181
|
const device = data.devices.find((d) => d.fingerprint === fingerprint);
|
|
160
182
|
if (device) {
|
|
161
183
|
const date = new Date(device.registeredAt).toLocaleString();
|
|
@@ -175,4 +197,7 @@ export async function devicesRemoveCommand(fingerprint) {
|
|
|
175
197
|
console.log(` Device ${fingerprint} removed. It will stop syncing on its next attempt.`);
|
|
176
198
|
console.log('');
|
|
177
199
|
}
|
|
200
|
+
// Parked: imports below keep bundlers from complaining about unused pure imports
|
|
201
|
+
// when only some of the keyring symbols are used per function.
|
|
202
|
+
void parseSshPublicKey;
|
|
178
203
|
//# sourceMappingURL=devices.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"devices.js","sourceRoot":"","sources":["../../../cli/commands/devices.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"devices.js","sourceRoot":"","sources":["../../../cli/commands/devices.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,OAAO,EACP,YAAY,EACZ,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE9E,gDAAgD;AAChD,MAAM,MAAM,GAAG,gEAAgE,CAAC;AAEhF,2DAA2D;AAC3D,SAAS,gBAAgB,CAAC,MAAc;IACtC,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IACzC,IAAI,IAAI,GAAG,EAAE,CAAC;IACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAChC,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sCAAsC;AACtC,SAAS,QAAQ,CAAC,IAAY;IAC5B,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAChE,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,MAAM,EAAE,CAAC;QAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACtD,OAAO,IAAI,iBAAiB,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAA2B,CAAC;IAC1E,CAAC;IACD,OAAO,IAAI,iBAAiB,CAAa;QACvC,OAAO,EAAE,eAAe;QACxB,aAAa,EAAE,CAAC,UAAU,CAAU;KACrC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,iBAAiB,CAAC,gBAAyB;IAClD,IAAI,gBAAgB,IAAI,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC;QAAE,OAAO,gBAAgB,CAAC;IACjF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,MAAM,CAAC,CAAC;IAC/C,KAAK,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC/B,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,wBAAwB;IACxB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAEpC,yBAAyB;IACzB,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAEjD,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAEjD,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,eAAe,EAAE,SAAS,CAAC,CAAC;IACzE,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,+BAA+B,UAAU,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,0BAA0B,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,mCAAmC,QAAQ,EAAE,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAE3C,sCAAsC;IACtC,MAAM,QAAQ,GAAG,iBAAiB,kBAAkB,CAAC,QAAQ,CAAC,SAAS,CAAC;IACxE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IAC5C,IAAI,YAAY,GAAkB,IAAI,CAAC;IAEvC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,KAAK,CAAC,IAAI,CAAC,CAAC;QAElB,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QACtD,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,kBAAkB,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;YACrD,SAAS;QACX,CAAC;QAED,MAAM,UAAU,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,EAAE,CAA8C,CAAC;QAC1F,IAAI,UAAU,CAAC,MAAM,KAAK,OAAO,IAAI,UAAU,CAAC,YAAY,EAAE,CAAC;YAC7D,YAAY,GAAG,UAAU,CAAC,YAAY,CAAC;YACvC,MAAM;QACR,CAAC;QAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;QACrG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAEhE,8DAA8D;IAC9D,MAAM,MAAM,GAAG,MAAM,UAAU,EAAE,CAAC;IAClC,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACzD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,4EAA4E,CAAC,CAAC;QAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,gBAAgB,GAAG,EAAE,CAAC,YAAY,CAAC,GAAG,UAAU,MAAM,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9E,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAEvD,MAAM,OAAO,GAAG,YAAY,EAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC1D,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAErD,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,kEAAkE;QAClE,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;QACzF,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CACX,8BAA8B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACjF,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;QACtD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QAEjF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,iBAAiB,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;QACjF,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,mCAAmC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;YACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;YAAS,CAAC;QACT,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAEjD,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IACrD,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,2BAA2B,IAAI,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAE9B,CAAC;IAEF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,kBAAkB,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YACpD,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,WAAmB;IAC5D,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAEjD,mCAAmC;IACnC,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IACzD,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;QAChB,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAsE,CAAC;QAC1G,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,WAAW,CAAC,CAAC;QACvE,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,cAAc,EAAE,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAClC,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,eAAe,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3F,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,4BAA4B,IAAI,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,YAAY,WAAW,qDAAqD,CAAC,CAAC;IAC1F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,iFAAiF;AACjF,+DAA+D;AAC/D,KAAK,iBAAiB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"export.d.ts","sourceRoot":"","sources":["../../../cli/commands/export.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,WAAW,GAAG,WAAW,CAAC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAUD,wBAAsB,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAsBzE;
|
|
1
|
+
{"version":3,"file":"export.d.ts","sourceRoot":"","sources":["../../../cli/commands/export.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,WAAW,GAAG,WAAW,CAAC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAUD,wBAAsB,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAsBzE;AAyKD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAQrD"}
|