npm - @element-hq/element-call-embedded - Versions diffs - 0.9.0-rc.1 - Mend

@element-hq/element-call-embedded 0.9.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (140) hide show

package/dist/assets/index-DhG7hwDH.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index-DhG7hwDH.js","sources":["../../node_modules/matrix-js-sdk/src/crypto-api/verification.ts","../../node_modules/matrix-js-sdk/src/crypto-api/recovery-key.ts","../../node_modules/matrix-js-sdk/src/crypto-api/key-passphrase.ts","../../node_modules/matrix-js-sdk/src/types.ts","../../node_modules/another-json/another-json.js","../../node_modules/matrix-js-sdk/src/rust-crypto/RoomEncryptor.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/DehydratedDeviceManager.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/OutgoingRequestProcessor.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/KeyClaimManager.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/device-converter.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/CrossSigningIdentity.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/secret-storage.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/verification.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/backup.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/OutgoingRequestsManager.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/PerSessionKeyBackupDownloader.ts","../../node_modules/matrix-js-sdk/src/common-crypto/key-passphrase.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/rust-crypto.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/libolm_migration.ts","../../node_modules/matrix-js-sdk/src/rust-crypto/index.ts"],"sourcesContent":["/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type MatrixEvent } from \"../models/event.ts\";\nimport { type TypedEventEmitter } from \"../models/typed-event-emitter.ts\";\n\n/**\n * An incoming, or outgoing, request to verify a user or a device via cross-signing.\n */\nexport interface VerificationRequest\n extends TypedEventEmitter<VerificationRequestEvent, VerificationRequestEventHandlerMap> {\n /**\n * Unique ID for this verification request.\n *\n * An ID isn't assigned until the first message is sent, so this may be `undefined` in the early phases.\n */\n get transactionId(): string | undefined;\n\n /**\n * For an in-room verification, the ID of the room.\n *\n * For to-device verifictions, `undefined`.\n */\n get roomId(): string | undefined;\n\n /**\n * True if this request was initiated by the local client.\n *\n * For in-room verifications, the initiator is who sent the `m.key.verification.request` event.\n * For to-device verifications, the initiator is who sent the `m.key.verification.start` event.\n */\n get initiatedByMe(): boolean;\n\n /** The user id of the other party in this request */\n get otherUserId(): string;\n\n /** For verifications via to-device messages: the ID of the other device. Otherwise, undefined. */\n get otherDeviceId(): string | undefined;\n\n /** True if the other party in this request is one of this user's own devices. */\n get isSelfVerification(): boolean;\n\n /** current phase of the request. */\n get phase(): VerificationPhase;\n\n /** True if the request has sent its initial event and needs more events to complete\n * (ie it is in phase `Requested`, `Ready` or `Started`).\n */\n get pending(): boolean;\n\n /**\n * True if we have started the process of sending an `m.key.verification.ready` (but have not necessarily received\n * the remote echo which causes a transition to {@link VerificationPhase.Ready}.\n */\n get accepting(): boolean;\n\n /**\n * True if we have started the process of sending an `m.key.verification.cancel` (but have not necessarily received\n * the remote echo which causes a transition to {@link VerificationPhase.Cancelled}).\n */\n get declining(): boolean;\n\n /**\n * The remaining number of ms before the request will be automatically cancelled.\n *\n * `null` indicates that there is no timeout\n */\n get timeout(): number | null;\n\n /** once the phase is Started (and !initiatedByMe) or Ready: common methods supported by both sides */\n get methods(): string[];\n\n /** the method picked in the .start event */\n get chosenMethod(): string | null;\n\n /**\n * Checks whether the other party supports a given verification method.\n * This is useful when setting up the QR code UI, as it is somewhat asymmetrical:\n * if the other party supports SCAN_QR, we should show a QR code in the UI, and vice versa.\n * For methods that need to be supported by both ends, use the `methods` property.\n *\n * @param method - the method to check\n * @returns true if the other party said they supported the method\n */\n otherPartySupportsMethod(method: string): boolean;\n\n /**\n * Accepts the request, sending a .ready event to the other party\n *\n * @returns Promise which resolves when the event has been sent.\n */\n accept(): Promise<void>;\n\n /**\n * Cancels the request, sending a cancellation to the other party\n *\n * @param params - Details for the cancellation, including `reason` (defaults to \"User declined\"), and `code`\n * (defaults to `m.user`). **Deprecated**: this parameter is ignored by the Rust cryptography implementation.\n *\n * @returns Promise which resolves when the event has been sent.\n */\n cancel(params?: { reason?: string; code?: string }): Promise<void>;\n\n /**\n * Create a {@link Verifier} to do this verification via a particular method.\n *\n * If a verifier has already been created for this request, returns that verifier.\n *\n * This does *not* send the `m.key.verification.start` event - to do so, call {@link Verifier.verify} on the\n * returned verifier.\n *\n * If no previous events have been sent, pass in `targetDevice` to set who to direct this request to.\n *\n * @param method - the name of the verification method to use.\n * @param targetDevice - details of where to send the request to.\n *\n * @returns The verifier which will do the actual verification.\n *\n * @deprecated Use {@link VerificationRequest#startVerification} instead.\n */\n beginKeyVerification(method: string, targetDevice?: { userId?: string; deviceId?: string }): Verifier;\n\n /**\n * Send an `m.key.verification.start` event to start verification via a particular method.\n *\n * This is normally used when starting a verification via emojis (ie, `method` is set to `m.sas.v1`).\n *\n * @param method - the name of the verification method to use.\n *\n * @returns The verifier which will do the actual verification.\n */\n startVerification(method: string): Promise<Verifier>;\n\n /**\n * Start a QR code verification by providing a scanned QR code for this verification flow.\n *\n * Validates the QR code, and if it is ok, sends an `m.key.verification.start` event with `method` set to\n * `m.reciprocate.v1`, to tell the other side the scan was successful.\n *\n * See also {@link VerificationRequest#startVerification} which can be used to start other verification methods.\n *\n * @param qrCodeData - the decoded QR code.\n * @returns A verifier; call `.verify()` on it to wait for the other side to complete the verification flow.\n */\n scanQRCode(qrCodeData: Uint8ClampedArray): Promise<Verifier>;\n\n /**\n * The verifier which is doing the actual verification, once the method has been established.\n * Only defined when the `phase` is Started.\n */\n get verifier(): Verifier | undefined;\n\n /**\n * Get the data for a QR code allowing the other device to verify this one, if it supports it.\n *\n * Only set after a .ready if the other party can scan a QR code, otherwise undefined.\n *\n * @deprecated Not supported in Rust Crypto. Use {@link VerificationRequest#generateQRCode} instead.\n */\n getQRCodeBytes(): Uint8ClampedArray | undefined;\n\n /**\n * Generate the data for a QR code allowing the other device to verify this one, if it supports it.\n *\n * Only returns data once `phase` is {@link VerificationPhase.Ready} and the other party can scan a QR code;\n * otherwise returns `undefined`.\n */\n generateQRCode(): Promise<Uint8ClampedArray | undefined>;\n\n /**\n * If this request has been cancelled, the cancellation code (e.g `m.user`) which is responsible for cancelling\n * this verification.\n */\n get cancellationCode(): string | null;\n\n /**\n * The id of the user that cancelled the request.\n *\n * Only defined when phase is Cancelled\n */\n get cancellingUserId(): string | undefined;\n}\n\n/** Events emitted by {@link VerificationRequest}. */\nexport enum VerificationRequestEvent {\n /**\n * Fires whenever the state of the request object has changed.\n *\n * There is no payload to the event.\n */\n Change = \"change\",\n}\n\n/**\n * Listener type map for {@link VerificationRequestEvent}s.\n *\n * @internal\n */\nexport type VerificationRequestEventHandlerMap = {\n [VerificationRequestEvent.Change]: () => void;\n};\n\n/** The current phase of a verification request. */\nexport enum VerificationPhase {\n /** Initial state: no event yet exchanged */\n Unsent = 1,\n\n /** An `m.key.verification.request` event has been sent or received */\n Requested,\n\n /** An `m.key.verification.ready` event has been sent or received, indicating the verification request is accepted. */\n Ready,\n\n /**\n * The verification is in flight.\n *\n * This means that an `m.key.verification.start` event has been sent or received, choosing a verification method;\n * however the verification has not yet completed or been cancelled.\n */\n Started,\n\n /**\n * An `m.key.verification.cancel` event has been sent or received at any time before the `done` event, cancelling\n * the verification request\n */\n Cancelled,\n\n /**\n * The verification request is complete.\n *\n * Normally this means that `m.key.verification.done` events have been sent and received.\n */\n Done,\n}\n\n/**\n * A `Verifier` is responsible for performing the verification using a particular method, such as via QR code or SAS\n * (emojis).\n *\n * A verifier object can be created by calling `VerificationRequest.beginVerification`; one is also created\n * automatically when a `m.key.verification.start` event is received for an existing VerificationRequest.\n *\n * Once a verifier object is created, the verification can be started by calling the {@link Verifier#verify} method.\n */\nexport interface Verifier extends TypedEventEmitter<VerifierEvent, VerifierEventHandlerMap> {\n /**\n * Returns true if the verification has been cancelled, either by us or the other side.\n */\n get hasBeenCancelled(): boolean;\n\n /**\n * The ID of the other user in the verification process.\n */\n get userId(): string;\n\n /**\n * Start the key verification, if it has not already been started.\n *\n * This means sending a `m.key.verification.start` if we are the first responder, or a `m.key.verification.accept`\n * if the other side has already sent a start event.\n *\n * @returns Promise which resolves when the verification has completed, or rejects if the verification is cancelled\n * or times out.\n */\n verify(): Promise<void>;\n\n /**\n * Cancel a verification.\n *\n * We will send an `m.key.verification.cancel` if the verification is still in flight. The verification promise\n * will reject, and a {@link crypto-api.VerifierEvent.Cancel | VerifierEvent.Cancel} will be emitted.\n *\n * @param e - the reason for the cancellation.\n */\n cancel(e: Error): void;\n\n /**\n * Get the details for an SAS verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for a SAS-based verification and we are waiting for the user to confirm\n * the SAS matches.\n */\n getShowSasCallbacks(): ShowSasCallbacks | null;\n\n /**\n * Get the details for reciprocating QR code verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for reciprocating a QR-code-based verification (ie, the other user has\n * already scanned our QR code), and we are waiting for the user to confirm.\n */\n getReciprocateQrCodeCallbacks(): ShowQrCodeCallbacks | null;\n}\n\n/** Events emitted by {@link Verifier} */\nexport enum VerifierEvent {\n /**\n * The verification has been cancelled, by us or the other side.\n *\n * The payload is either an {@link Error}, or an (incoming or outgoing) {@link MatrixEvent}, depending on\n * unspecified reasons.\n */\n Cancel = \"cancel\",\n\n /**\n * SAS data has been exchanged and should be displayed to the user.\n *\n * The payload is the {@link ShowSasCallbacks} object.\n */\n ShowSas = \"show_sas\",\n\n /**\n * The user should confirm if the other side has scanned our QR code.\n *\n * The payload is the {@link ShowQrCodeCallbacks} object.\n */\n ShowReciprocateQr = \"show_reciprocate_qr\",\n}\n\n/** Listener type map for {@link VerifierEvent}s. */\nexport type VerifierEventHandlerMap = {\n [VerifierEvent.Cancel]: (e: Error | MatrixEvent) => void;\n [VerifierEvent.ShowSas]: (sas: ShowSasCallbacks) => void;\n [VerifierEvent.ShowReciprocateQr]: (qr: ShowQrCodeCallbacks) => void;\n};\n\n/**\n * Callbacks for user actions to confirm that the other side has scanned our QR code.\n *\n * This is exposed as the payload of a `VerifierEvent.ShowReciprocateQr` event, or can be retrieved directly from the\n * verifier as `reciprocateQREvent`.\n */\nexport interface ShowQrCodeCallbacks {\n /** The user confirms that the verification data matches */\n confirm(): void;\n\n /** Cancel the verification flow */\n cancel(): void;\n}\n\n/**\n * Callbacks for user actions while a SAS is displayed.\n *\n * This is exposed as the payload of a `VerifierEvent.ShowSas` event, or directly from the verifier as `sasEvent`.\n */\nexport interface ShowSasCallbacks {\n /** The generated SAS to be shown to the user */\n sas: GeneratedSas;\n\n /** Function to call if the user confirms that the SAS matches.\n *\n * @returns A Promise that completes once the m.key.verification.mac is queued.\n */\n confirm(): Promise<void>;\n\n /**\n * Function to call if the user finds the SAS does not match.\n *\n * Sends an `m.key.verification.cancel` event with a `m.mismatched_sas` error code.\n */\n mismatch(): void;\n\n /** Cancel the verification flow */\n cancel(): void;\n}\n\n/** A generated SAS to be shown to the user, in alternative formats */\nexport interface GeneratedSas {\n /**\n * The SAS as three numbers between 0 and 8191.\n *\n * Only populated if the `decimal` SAS method was negotiated.\n */\n decimal?: [number, number, number];\n\n /**\n * The SAS as seven emojis.\n *\n * Only populated if the `emoji` SAS method was negotiated.\n */\n emoji?: EmojiMapping[];\n}\n\n/**\n * An emoji for the generated SAS. A tuple `[emoji, name]` where `emoji` is the emoji itself and `name` is the\n * English name.\n */\nexport type EmojiMapping = [emoji: string, name: string];\n\n/**\n * True if the request is in a state where it can be accepted (ie, that we're in phases {@link VerificationPhase.Unsent}\n * or {@link VerificationPhase.Requested}, and that we're not in the process of sending a `ready` or `cancel`).\n */\nexport function canAcceptVerificationRequest(req: VerificationRequest): boolean {\n return req.phase < VerificationPhase.Ready && !req.accepting && !req.declining;\n}\n","/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport bs58 from \"bs58\";\n\n// picked arbitrarily but to try & avoid clashing with any bitcoin ones\n// (which are also base58 encoded, but bitcoin's involve a lot more hashing)\nconst OLM_RECOVERY_KEY_PREFIX = [0x8b, 0x01];\nconst KEY_SIZE = 32;\n\n/**\n * Encode a recovery key using the Matrix {@link https://spec.matrix.org/v1.11/appendices/#cryptographic-key-representation | Cryptographic key representation}\n * @param key\n */\nexport function encodeRecoveryKey(key: ArrayLike<number>): string | undefined {\n const buf = new Uint8Array(OLM_RECOVERY_KEY_PREFIX.length + key.length + 1);\n buf.set(OLM_RECOVERY_KEY_PREFIX, 0);\n buf.set(key, OLM_RECOVERY_KEY_PREFIX.length);\n\n let parity = 0;\n for (let i = 0; i < buf.length - 1; ++i) {\n parity ^= buf[i];\n }\n buf[buf.length - 1] = parity;\n const base58key = bs58.encode(buf);\n\n return base58key.match(/.{1,4}/g)?.join(\" \");\n}\n\n/**\n * Decode a recovery key encoded with the Matrix {@link https://spec.matrix.org/v1.11/appendices/#cryptographic-key-representation | Cryptographic key representation} encoding.\n * @param recoveryKey\n */\nexport function decodeRecoveryKey(recoveryKey: string): Uint8Array {\n const result = bs58.decode(recoveryKey.replace(/ /g, \"\"));\n\n let parity = 0;\n for (const b of result) {\n parity ^= b;\n }\n if (parity !== 0) {\n throw new Error(\"Incorrect parity\");\n }\n\n for (let i = 0; i < OLM_RECOVERY_KEY_PREFIX.length; ++i) {\n if (result[i] !== OLM_RECOVERY_KEY_PREFIX[i]) {\n throw new Error(\"Incorrect prefix\");\n }\n }\n\n if (result.length !== OLM_RECOVERY_KEY_PREFIX.length + KEY_SIZE + 1) {\n throw new Error(\"Incorrect length\");\n }\n\n return Uint8Array.from(result.slice(OLM_RECOVERY_KEY_PREFIX.length, OLM_RECOVERY_KEY_PREFIX.length + KEY_SIZE));\n}\n","/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nconst DEFAULT_BIT_SIZE = 256;\n\n/**\n * Derive a recovery key from a passphrase and salt using PBKDF2.\n * @see https://spec.matrix.org/v1.11/client-server-api/#deriving-keys-from-passphrases\n *\n * @param passphrase - The passphrase to derive the key from\n * @param salt - The salt to use in the derivation\n * @param iterations - The number of iterations to use in the derivation\n * @param numBits - The number of bits to derive\n */\nexport async function deriveRecoveryKeyFromPassphrase(\n passphrase: string,\n salt: string,\n iterations: number,\n numBits = DEFAULT_BIT_SIZE,\n): Promise<Uint8Array> {\n if (!globalThis.crypto.subtle || !TextEncoder) {\n throw new Error(\"Password-based backup is not available on this platform\");\n }\n\n const key = await globalThis.crypto.subtle.importKey(\n \"raw\",\n new TextEncoder().encode(passphrase),\n { name: \"PBKDF2\" },\n false,\n [\"deriveBits\"],\n );\n\n const keybits = await globalThis.crypto.subtle.deriveBits(\n {\n name: \"PBKDF2\",\n salt: new TextEncoder().encode(salt),\n iterations: iterations,\n hash: \"SHA-512\",\n },\n key,\n numBits,\n );\n\n return new Uint8Array(keybits);\n}\n","/*\nCopyright 2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\n/*\n * This file is a secondary entrypoint for the js-sdk library, for use by Typescript projects.\n * It exposes low-level types and interfaces reflecting structures defined in the Matrix specification.\n *\n * Remember to only export *public* types from this file.\n */\n\nexport type * from \"./@types/media.ts\";\nexport * from \"./@types/membership.ts\";\nexport type * from \"./@types/event.ts\";\nexport type * from \"./@types/events.ts\";\nexport type * from \"./@types/state_events.ts\";\nexport type * from \"./@types/AESEncryptedSecretStoragePayload.ts\";\n\n/** The different methods for device and user verification */\nexport enum VerificationMethod {\n /** Short authentication string (emoji or decimals).\n *\n * @see https://spec.matrix.org/v1.9/client-server-api/#short-authentication-string-sas-verification\n */\n Sas = \"m.sas.v1\",\n\n /**\n * Verification by showing a QR code which is scanned by the other device.\n *\n * @see https://spec.matrix.org/v1.9/client-server-api/#qr-codes\n */\n ShowQrCode = \"m.qr_code.show.v1\",\n\n /**\n * Verification by scanning a QR code that is shown by the other device.\n *\n * @see https://spec.matrix.org/v1.9/client-server-api/#qr-codes\n */\n ScanQrCode = \"m.qr_code.scan.v1\",\n\n /**\n * Verification by confirming that we have scanned a QR code.\n *\n * @see https://spec.matrix.org/v1.9/client-server-api/#qr-codes\n */\n Reciprocate = \"m.reciprocate.v1\",\n}\n","/* Copyright 2015 Mark Haines\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\n'use strict';\n\nvar escaped = /[\\\\\\\"\\x00-\\x1F]/g;\nvar escapes = {};\nfor (var i = 0; i < 0x20; ++i) {\n escapes[String.fromCharCode(i)] = (\n '\\\\U' + ('0000' + i.toString(16)).slice(-4).toUpperCase()\n );\n}\nescapes['\\b'] = '\\\\b';\nescapes['\\t'] = '\\\\t';\nescapes['\\n'] = '\\\\n';\nescapes['\\f'] = '\\\\f';\nescapes['\\r'] = '\\\\r';\nescapes['\\\"'] = '\\\\\\\"';\nescapes['\\\\'] = '\\\\\\\\';\n\nfunction escapeString(value) {\n escaped.lastIndex = 0;\n return value.replace(escaped, function(c) { return escapes[c]; });\n}\n\nfunction stringify(value) {\n switch (typeof value) {\n case 'string':\n return '\"' + escapeString(value) + '\"';\n case 'number':\n return isFinite(value) ? value : 'null';\n case 'boolean':\n return value;\n case 'object':\n if (value === null) {\n return 'null';\n }\n if (Array.isArray(value)) {\n return stringifyArray(value);\n }\n return stringifyObject(value);\n default:\n throw new Error('Cannot stringify: ' + typeof value);\n }\n}\n\nfunction stringifyArray(array) {\n var sep = '[';\n var result = '';\n for (var i = 0; i < array.length; ++i) {\n result += sep;\n sep = ',';\n result += stringify(array[i]);\n }\n if (sep != ',') {\n return '[]';\n } else {\n return result + ']';\n }\n}\n\nfunction stringifyObject(object) {\n var sep = '{';\n var result = '';\n var keys = Object.keys(object);\n keys.sort();\n for (var i = 0; i < keys.length; ++i) {\n var key = keys[i];\n result += sep + '\"' + escapeString(key) + '\":';\n sep = ',';\n result += stringify(object[key]);\n }\n if (sep != ',') {\n return '{}';\n } else {\n return result + '}';\n }\n}\n\n/** */\nmodule.exports = {stringify: stringify};\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport {\n CollectStrategy,\n EncryptionAlgorithm,\n EncryptionSettings,\n HistoryVisibility as RustHistoryVisibility,\n type OlmMachine,\n RoomId,\n type ToDeviceRequest,\n UserId,\n} from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { EventType } from \"../@types/event.ts\";\nimport { type IContent, type MatrixEvent } from \"../models/event.ts\";\nimport { type Room } from \"../models/room.ts\";\nimport { type Logger, logger, LogSpan } from \"../logger.ts\";\nimport { type KeyClaimManager } from \"./KeyClaimManager.ts\";\nimport { type RoomMember } from \"../models/room-member.ts\";\nimport { HistoryVisibility } from \"../@types/partials.ts\";\nimport { type OutgoingRequestsManager } from \"./OutgoingRequestsManager.ts\";\nimport { logDuration } from \"../utils.ts\";\nimport { KnownMembership } from \"../@types/membership.ts\";\nimport { type DeviceIsolationMode, DeviceIsolationModeKind } from \"../crypto-api/index.ts\";\n\n/**\n * RoomEncryptor: responsible for encrypting messages to a given room\n *\n * @internal\n */\nexport class RoomEncryptor {\n private readonly prefixedLogger: Logger;\n\n /** whether the room members have been loaded and tracked for the first time */\n private lazyLoadedMembersResolved = false;\n\n /**\n * Ensures that there is only one encryption operation at a time for that room.\n *\n * An encryption operation is either a {@link prepareForEncryption} or an {@link encryptEvent} call.\n */\n private currentEncryptionPromise: Promise<void> = Promise.resolve();\n\n /**\n * @param olmMachine - The rust-sdk's OlmMachine\n * @param keyClaimManager - Our KeyClaimManager, which manages the queue of one-time-key claim requests\n * @param outgoingRequestManager - The OutgoingRequestManager, which manages the queue of outgoing requests.\n * @param room - The room we want to encrypt for\n * @param encryptionSettings - body of the m.room.encryption event currently in force in this room\n */\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly keyClaimManager: KeyClaimManager,\n private readonly outgoingRequestManager: OutgoingRequestsManager,\n private readonly room: Room,\n private encryptionSettings: IContent,\n ) {\n this.prefixedLogger = logger.getChild(`[${room.roomId} encryption]`);\n\n // start tracking devices for any users already known to be in this room.\n // Do not load members here, would defeat lazy loading.\n const members = room.getJoinedMembers();\n\n // At this point just mark the known members as tracked, it might not be the full list of members\n // because of lazy loading. This is fine, because we will get a member list update when sending a message for\n // the first time, see `RoomEncryptor#ensureEncryptionSession`\n this.olmMachine\n .updateTrackedUsers(members.map((u) => new RustSdkCryptoJs.UserId(u.userId)))\n .catch((e) => this.prefixedLogger.error(\"Error initializing tracked users\", e));\n }\n\n /**\n * Handle a new `m.room.encryption` event in this room\n *\n * @param config - The content of the encryption event\n */\n public onCryptoEvent(config: IContent): void {\n if (JSON.stringify(this.encryptionSettings) != JSON.stringify(config)) {\n // This should currently be unreachable, since the Rust SDK will reject any attempts to change config.\n throw new Error(\"Cannot reconfigure an active RoomEncryptor\");\n }\n }\n\n /**\n * Handle a new `m.room.member` event in this room\n *\n * @param member - new membership state\n */\n public onRoomMembership(member: RoomMember): void {\n if (\n member.membership == KnownMembership.Join ||\n (member.membership == KnownMembership.Invite && this.room.shouldEncryptForInvitedMembers())\n ) {\n // make sure we are tracking the deviceList for this user\n this.olmMachine.updateTrackedUsers([new UserId(member.userId)]).catch((e) => {\n this.prefixedLogger.error(\"Unable to update tracked users\", e);\n });\n }\n\n // TODO: handle leaves (including our own)\n }\n\n /**\n * Prepare to encrypt events in this room.\n *\n * This ensures that we have a megolm session ready to use and that we have shared its key with all the devices\n * in the room.\n * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,\n * will not send encrypted messages to unverified devices.\n * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.\n * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.\n */\n public async prepareForEncryption(\n globalBlacklistUnverifiedDevices: boolean,\n deviceIsolationMode: DeviceIsolationMode,\n ): Promise<void> {\n // We consider a prepareForEncryption as an encryption promise as it will potentially share keys\n // even if it doesn't send an event.\n // Usually this is called when the user starts typing, so we want to make sure we have keys ready when the\n // message is finally sent.\n // If `encryptEvent` is invoked before `prepareForEncryption` has completed, the `encryptEvent` call will wait for\n // `prepareForEncryption` to complete before executing.\n // The part where `encryptEvent` shares the room key will then usually be a no-op as it was already performed by `prepareForEncryption`.\n await this.encryptEvent(null, globalBlacklistUnverifiedDevices, deviceIsolationMode);\n }\n\n /**\n * Encrypt an event for this room, or prepare for encryption.\n *\n * This will ensure that we have a megolm session for this room, share it with the devices in the room, and\n * then, if an event is provided, encrypt it using the session.\n *\n * @param event - Event to be encrypted, or null if only preparing for encryption (in which case we will pre-share the room key).\n * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,\n * will not send encrypted messages to unverified devices.\n * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.\n * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.\n */\n public encryptEvent(\n event: MatrixEvent | null,\n globalBlacklistUnverifiedDevices: boolean,\n deviceIsolationMode: DeviceIsolationMode,\n ): Promise<void> {\n const logger = new LogSpan(this.prefixedLogger, event ? (event.getTxnId() ?? \"\") : \"prepareForEncryption\");\n // Ensure order of encryption to avoid message ordering issues, as the scheduler only ensures\n // events order after they have been encrypted.\n const prom = this.currentEncryptionPromise\n .catch(() => {\n // Any errors in the previous call will have been reported already, so there is nothing to do here.\n // we just throw away the error and start anew.\n })\n .then(async () => {\n await logDuration(logger, \"ensureEncryptionSession\", async () => {\n await this.ensureEncryptionSession(logger, globalBlacklistUnverifiedDevices, deviceIsolationMode);\n });\n if (event) {\n await logDuration(logger, \"encryptEventInner\", async () => {\n await this.encryptEventInner(logger, event);\n });\n }\n });\n\n this.currentEncryptionPromise = prom;\n return prom;\n }\n\n /**\n * Prepare to encrypt events in this room.\n *\n * This ensures that we have a megolm session ready to use and that we have shared its key with all the devices\n * in the room.\n *\n * @param logger - a place to write diagnostics to\n * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,\n * will not send encrypted messages to unverified devices.\n * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.\n * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.\n */\n private async ensureEncryptionSession(\n logger: LogSpan,\n globalBlacklistUnverifiedDevices: boolean,\n deviceIsolationMode: DeviceIsolationMode,\n ): Promise<void> {\n if (this.encryptionSettings.algorithm !== \"m.megolm.v1.aes-sha2\") {\n throw new Error(\n `Cannot encrypt in ${this.room.roomId} for unsupported algorithm '${this.encryptionSettings.algorithm}'`,\n );\n }\n logger.debug(\"Starting encryption\");\n\n const members = await this.room.getEncryptionTargetMembers();\n\n // If this is the first time we are sending a message to the room, we may not yet have seen all the members\n // (so the Crypto SDK might not have a device list for them). So, if this is the first time we are encrypting\n // for this room, give the SDK the full list of members, to be on the safe side.\n //\n // This could end up being racy (if two calls to ensureEncryptionSession happen at the same time), but that's\n // not a particular problem, since `OlmMachine.updateTrackedUsers` just adds any users that weren't already tracked.\n if (!this.lazyLoadedMembersResolved) {\n await logDuration(this.prefixedLogger, \"loadMembersIfNeeded: updateTrackedUsers\", async () => {\n await this.olmMachine.updateTrackedUsers(members.map((u) => new RustSdkCryptoJs.UserId(u.userId)));\n });\n logger.debug(`Updated tracked users`);\n this.lazyLoadedMembersResolved = true;\n\n // Query keys in case we don't have them for newly tracked members.\n // It's important after loading members for the first time, as likely most of them won't be\n // known yet and will be unable to decrypt messages despite being in the room for long.\n // This must be done before ensuring sessions. If not the devices of these users are not\n // known yet and will not get the room key.\n // We don't have API to only get the keys queries related to this member list, so we just\n // process the pending requests from the olmMachine. (usually these are processed\n // at the end of the sync, but we can't wait for that).\n // XXX future improvement process only KeysQueryRequests for the users that have never been queried.\n logger.debug(`Processing outgoing requests`);\n\n await logDuration(this.prefixedLogger, \"doProcessOutgoingRequests\", async () => {\n await this.outgoingRequestManager.doProcessOutgoingRequests();\n });\n } else {\n // If members are already loaded it's less critical to await on key queries.\n // We might still want to trigger a processOutgoingRequests here.\n // The call to `ensureSessionsForUsers` below will wait a bit on in-flight key queries we are\n // interested in. If a sync handling happens in the meantime, and some new members are added to the room\n // or have new devices it would give us a chance to query them before sending.\n // It's less critical due to the racy nature of this process.\n logger.debug(`Processing outgoing requests in background`);\n this.outgoingRequestManager.doProcessOutgoingRequests();\n }\n\n logger.debug(\n `Encrypting for users (shouldEncryptForInvitedMembers: ${this.room.shouldEncryptForInvitedMembers()}):`,\n members.map((u) => `${u.userId} (${u.membership})`),\n );\n\n const userList = members.map((u) => new UserId(u.userId));\n\n await logDuration(this.prefixedLogger, \"ensureSessionsForUsers\", async () => {\n await this.keyClaimManager.ensureSessionsForUsers(logger, userList);\n });\n\n const rustEncryptionSettings = new EncryptionSettings();\n rustEncryptionSettings.historyVisibility = toRustHistoryVisibility(this.room.getHistoryVisibility());\n\n // We only support megolm\n rustEncryptionSettings.algorithm = EncryptionAlgorithm.MegolmV1AesSha2;\n\n // We need to convert the rotation period from milliseconds to microseconds\n // See https://spec.matrix.org/v1.8/client-server-api/#mroomencryption and\n // https://matrix-org.github.io/matrix-rust-sdk-crypto-wasm/classes/EncryptionSettings.html#rotationPeriod\n if (typeof this.encryptionSettings.rotation_period_ms === \"number\") {\n rustEncryptionSettings.rotationPeriod = BigInt(this.encryptionSettings.rotation_period_ms * 1000);\n }\n\n if (typeof this.encryptionSettings.rotation_period_msgs === \"number\") {\n rustEncryptionSettings.rotationPeriodMessages = BigInt(this.encryptionSettings.rotation_period_msgs);\n }\n\n switch (deviceIsolationMode.kind) {\n case DeviceIsolationModeKind.AllDevicesIsolationMode:\n {\n // When this.room.getBlacklistUnverifiedDevices() === null, the global settings should be used\n // See Room#getBlacklistUnverifiedDevices\n const onlyAllowTrustedDevices =\n this.room.getBlacklistUnverifiedDevices() ?? globalBlacklistUnverifiedDevices;\n rustEncryptionSettings.sharingStrategy = CollectStrategy.deviceBasedStrategy(\n onlyAllowTrustedDevices,\n deviceIsolationMode.errorOnVerifiedUserProblems,\n );\n }\n break;\n case DeviceIsolationModeKind.OnlySignedDevicesIsolationMode:\n rustEncryptionSettings.sharingStrategy = CollectStrategy.identityBasedStrategy();\n break;\n }\n\n await logDuration(this.prefixedLogger, \"shareRoomKey\", async () => {\n const shareMessages: ToDeviceRequest[] = await this.olmMachine.shareRoomKey(\n new RoomId(this.room.roomId),\n // safe to pass without cloning, as it's not reused here (before or after)\n userList,\n rustEncryptionSettings,\n );\n if (shareMessages) {\n for (const m of shareMessages) {\n await this.outgoingRequestManager.outgoingRequestProcessor.makeOutgoingRequest(m);\n }\n }\n });\n }\n\n /**\n * Discard any existing group session for this room\n */\n public async forceDiscardSession(): Promise<void> {\n const r = await this.olmMachine.invalidateGroupSession(new RoomId(this.room.roomId));\n if (r) {\n this.prefixedLogger.info(\"Discarded existing group session\");\n }\n }\n\n private async encryptEventInner(logger: LogSpan, event: MatrixEvent): Promise<void> {\n logger.debug(\"Encrypting actual message content\");\n const encryptedContent = await this.olmMachine.encryptRoomEvent(\n new RoomId(this.room.roomId),\n event.getType(),\n JSON.stringify(event.getContent()),\n );\n\n event.makeEncrypted(\n EventType.RoomMessageEncrypted,\n JSON.parse(encryptedContent),\n this.olmMachine.identityKeys.curve25519.toBase64(),\n this.olmMachine.identityKeys.ed25519.toBase64(),\n );\n\n logger.debug(\"Encrypted event successfully\");\n }\n}\n\n/**\n * Convert a HistoryVisibility to a RustHistoryVisibility\n * @param visibility - HistoryVisibility enum\n * @returns a RustHistoryVisibility enum\n */\nexport function toRustHistoryVisibility(visibility: HistoryVisibility): RustHistoryVisibility {\n switch (visibility) {\n case HistoryVisibility.Invited:\n return RustHistoryVisibility.Invited;\n case HistoryVisibility.Joined:\n return RustHistoryVisibility.Joined;\n case HistoryVisibility.Shared:\n return RustHistoryVisibility.Shared;\n case HistoryVisibility.WorldReadable:\n return RustHistoryVisibility.WorldReadable;\n }\n}\n","/*\nCopyright 2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { encodeUri } from \"../utils.ts\";\nimport { type IHttpOpts, type MatrixError, type MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { type IToDeviceEvent } from \"../sync-accumulator.ts\";\nimport { type ServerSideSecretStorage } from \"../secret-storage.ts\";\nimport { decodeBase64 } from \"../base64.ts\";\nimport { type Logger } from \"../logger.ts\";\nimport { CryptoEvent, type CryptoEventHandlerMap, type StartDehydrationOpts } from \"../crypto-api/index.ts\";\nimport { TypedEventEmitter } from \"../models/typed-event-emitter.ts\";\n\n/**\n * The response body of `GET /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device`.\n */\ninterface DehydratedDeviceResp {\n device_id: string;\n device_data: {\n algorithm: string;\n };\n}\n/**\n * The response body of `POST /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/events`.\n */\ninterface DehydratedDeviceEventsResp {\n events: IToDeviceEvent[];\n next_batch: string;\n}\n\n/**\n * The unstable URL prefix for dehydrated device endpoints\n */\nexport const UnstablePrefix = \"/_matrix/client/unstable/org.matrix.msc3814.v1\";\n/**\n * The name used for the dehydration key in Secret Storage\n */\nconst SECRET_STORAGE_NAME = \"org.matrix.msc3814\";\n\n/**\n * The interval between creating dehydrated devices. (one week)\n */\nconst DEHYDRATION_INTERVAL = 7 * 24 * 60 * 60 * 1000;\n\n/**\n * Manages dehydrated devices\n *\n * We have one of these per `RustCrypto`. It's responsible for\n *\n * * determining server support for dehydrated devices\n * * creating new dehydrated devices when requested, including periodically\n * replacing the dehydrated device with a new one\n * * rehydrating a device when requested, and when present\n *\n * @internal\n */\nexport class DehydratedDeviceManager extends TypedEventEmitter<DehydratedDevicesEvents, DehydratedDevicesEventMap> {\n /** the ID of the interval for periodically replacing the dehydrated device */\n private intervalId?: ReturnType<typeof setInterval>;\n\n public constructor(\n private readonly logger: Logger,\n private readonly olmMachine: RustSdkCryptoJs.OlmMachine,\n private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n private readonly secretStorage: ServerSideSecretStorage,\n ) {\n super();\n }\n\n private async cacheKey(key: RustSdkCryptoJs.DehydratedDeviceKey): Promise<void> {\n await this.olmMachine.dehydratedDevices().saveDehydratedDeviceKey(key);\n this.emit(CryptoEvent.DehydrationKeyCached);\n }\n\n /**\n * Return whether the server supports dehydrated devices.\n */\n public async isSupported(): Promise<boolean> {\n // call the endpoint to get a dehydrated device. If it returns an\n // M_UNRECOGNIZED error, then dehydration is unsupported. If it returns\n // a successful response, or an M_NOT_FOUND, then dehydration is supported.\n // Any other exceptions are passed through.\n try {\n await this.http.authedRequest<DehydratedDeviceResp>(\n Method.Get,\n \"/dehydrated_device\",\n undefined,\n undefined,\n {\n prefix: UnstablePrefix,\n },\n );\n } catch (error) {\n const err = error as MatrixError;\n if (err.errcode === \"M_UNRECOGNIZED\") {\n return false;\n } else if (err.errcode === \"M_NOT_FOUND\") {\n return true;\n }\n throw error;\n }\n return true;\n }\n\n /**\n * Start using device dehydration.\n *\n * - Rehydrates a dehydrated device, if one is available and `opts.rehydrate`\n * is `true`.\n * - Creates a new dehydration key, if necessary, and stores it in Secret\n * Storage.\n * - If `opts.createNewKey` is set to true, always creates a new key.\n * - If a dehydration key is not available, creates a new one.\n * - Creates a new dehydrated device, and schedules periodically creating\n * new dehydrated devices.\n *\n * @param opts - options for device dehydration. For backwards compatibility\n * with old code, a boolean can be given here, which will be treated as\n * the `createNewKey` option. However, this is deprecated.\n */\n public async start(opts: StartDehydrationOpts | boolean = {}): Promise<void> {\n if (typeof opts === \"boolean\") {\n opts = { createNewKey: opts };\n }\n\n if (opts.onlyIfKeyCached && !(await this.olmMachine.dehydratedDevices().getDehydratedDeviceKey())) {\n return;\n }\n this.stop();\n if (opts.rehydrate !== false) {\n try {\n await this.rehydrateDeviceIfAvailable();\n } catch (e) {\n // If rehydration fails, there isn't much we can do about it. Log\n // the error, and create a new device.\n this.logger.info(\"dehydration: Error rehydrating device:\", e);\n this.emit(CryptoEvent.RehydrationError, (e as Error).message);\n }\n }\n if (opts.createNewKey) {\n await this.resetKey();\n }\n await this.scheduleDeviceDehydration();\n }\n\n /**\n * Return whether the dehydration key is stored in Secret Storage.\n */\n public async isKeyStored(): Promise<boolean> {\n return Boolean(await this.secretStorage.isStored(SECRET_STORAGE_NAME));\n }\n\n /**\n * Reset the dehydration key.\n *\n * Creates a new key and stores it in secret storage.\n *\n * @returns The newly-generated key.\n */\n public async resetKey(): Promise<RustSdkCryptoJs.DehydratedDeviceKey> {\n const key = RustSdkCryptoJs.DehydratedDeviceKey.createRandomKey();\n await this.secretStorage.store(SECRET_STORAGE_NAME, key.toBase64());\n // Also cache it in the rust SDK's crypto store.\n await this.cacheKey(key);\n return key;\n }\n\n /**\n * Get and cache the encryption key from secret storage.\n *\n * If `create` is `true`, creates a new key if no existing key is present.\n *\n * @returns the key, if available, or `null` if no key is available\n */\n private async getKey(create: boolean): Promise<RustSdkCryptoJs.DehydratedDeviceKey | null> {\n const cachedKey = await this.olmMachine.dehydratedDevices().getDehydratedDeviceKey();\n if (cachedKey) return cachedKey;\n const keyB64 = await this.secretStorage.get(SECRET_STORAGE_NAME);\n if (keyB64 === undefined) {\n if (!create) {\n return null;\n }\n return await this.resetKey();\n }\n\n // We successfully found the key in secret storage: decode it, and cache it in\n // the rust SDK's crypto store.\n const bytes = decodeBase64(keyB64);\n try {\n const key = RustSdkCryptoJs.DehydratedDeviceKey.createKeyFromArray(bytes);\n await this.cacheKey(key);\n return key;\n } finally {\n bytes.fill(0);\n }\n }\n\n /**\n * Rehydrate the dehydrated device stored on the server.\n *\n * Checks if there is a dehydrated device on the server. If so, rehydrates\n * the device and processes the to-device events.\n *\n * Returns whether or not a dehydrated device was found.\n */\n public async rehydrateDeviceIfAvailable(): Promise<boolean> {\n const key = await this.getKey(false);\n if (!key) {\n return false;\n }\n\n let dehydratedDeviceResp;\n try {\n dehydratedDeviceResp = await this.http.authedRequest<DehydratedDeviceResp>(\n Method.Get,\n \"/dehydrated_device\",\n undefined,\n undefined,\n {\n prefix: UnstablePrefix,\n },\n );\n } catch (error) {\n const err = error as MatrixError;\n // We ignore M_NOT_FOUND (there is no dehydrated device, so nothing\n // us to do) and M_UNRECOGNIZED (the server does not understand the\n // endpoint). We pass through any other errors.\n if (err.errcode === \"M_NOT_FOUND\" || err.errcode === \"M_UNRECOGNIZED\") {\n this.logger.info(\"dehydration: No dehydrated device\");\n return false;\n }\n throw err;\n }\n\n this.logger.info(\"dehydration: dehydrated device found\");\n this.emit(CryptoEvent.RehydrationStarted);\n\n const rehydratedDevice = await this.olmMachine\n .dehydratedDevices()\n .rehydrate(\n key,\n new RustSdkCryptoJs.DeviceId(dehydratedDeviceResp.device_id),\n JSON.stringify(dehydratedDeviceResp.device_data),\n );\n\n this.logger.info(\"dehydration: device rehydrated\");\n\n let nextBatch: string | undefined = undefined;\n let toDeviceCount = 0;\n let roomKeyCount = 0;\n const path = encodeUri(\"/dehydrated_device/$device_id/events\", {\n $device_id: dehydratedDeviceResp.device_id,\n });\n // eslint-disable-next-line no-constant-condition\n while (true) {\n const eventResp: DehydratedDeviceEventsResp = await this.http.authedRequest<DehydratedDeviceEventsResp>(\n Method.Post,\n path,\n undefined,\n nextBatch ? { next_batch: nextBatch } : {},\n {\n prefix: UnstablePrefix,\n },\n );\n\n if (eventResp.events.length === 0) {\n break;\n }\n toDeviceCount += eventResp.events.length;\n nextBatch = eventResp.next_batch;\n const roomKeyInfos = await rehydratedDevice.receiveEvents(JSON.stringify(eventResp.events));\n roomKeyCount += roomKeyInfos.length;\n\n this.emit(CryptoEvent.RehydrationProgress, roomKeyCount, toDeviceCount);\n }\n this.logger.info(`dehydration: received ${roomKeyCount} room keys from ${toDeviceCount} to-device events`);\n this.emit(CryptoEvent.RehydrationCompleted);\n\n return true;\n }\n\n /**\n * Creates and uploads a new dehydrated device.\n *\n * Creates and stores a new key in secret storage if none is available.\n */\n public async createAndUploadDehydratedDevice(): Promise<void> {\n const key = (await this.getKey(true))!;\n\n const dehydratedDevice = await this.olmMachine.dehydratedDevices().create();\n this.emit(CryptoEvent.DehydratedDeviceCreated);\n const request = await dehydratedDevice.keysForUpload(\"Dehydrated device\", key);\n\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n this.emit(CryptoEvent.DehydratedDeviceUploaded);\n\n this.logger.info(\"dehydration: uploaded device\");\n }\n\n /**\n * Schedule periodic creation of dehydrated devices.\n */\n public async scheduleDeviceDehydration(): Promise<void> {\n // cancel any previously-scheduled tasks\n this.stop();\n\n await this.createAndUploadDehydratedDevice();\n this.intervalId = setInterval(() => {\n this.createAndUploadDehydratedDevice().catch((error) => {\n this.emit(CryptoEvent.DehydratedDeviceRotationError, error.message);\n this.logger.error(\"Error creating dehydrated device:\", error);\n });\n }, DEHYDRATION_INTERVAL);\n }\n\n /**\n * Stop the dehydrated device manager.\n *\n * Cancels any scheduled dehydration tasks.\n */\n public stop(): void {\n if (this.intervalId) {\n clearInterval(this.intervalId);\n this.intervalId = undefined;\n }\n }\n\n /**\n * Delete the current dehydrated device and stop the dehydrated device manager.\n */\n public async delete(): Promise<void> {\n this.stop();\n try {\n await this.http.authedRequest(\n Method.Delete,\n \"/dehydrated_device\",\n undefined,\n {},\n {\n prefix: UnstablePrefix,\n },\n );\n } catch (error) {\n const err = error as MatrixError;\n // If dehydrated devices aren't supported, or no dehydrated device\n // is found, we don't consider it an error, because we we'll end up\n // with no dehydrated device.\n if (err.errcode === \"M_UNRECOGNIZED\") {\n return;\n } else if (err.errcode === \"M_NOT_FOUND\") {\n return;\n }\n throw error;\n }\n }\n}\n\n/**\n * The events fired by the DehydratedDeviceManager\n * @internal\n */\ntype DehydratedDevicesEvents =\n | CryptoEvent.DehydratedDeviceCreated\n | CryptoEvent.DehydratedDeviceUploaded\n | CryptoEvent.RehydrationStarted\n | CryptoEvent.RehydrationProgress\n | CryptoEvent.RehydrationCompleted\n | CryptoEvent.RehydrationError\n | CryptoEvent.DehydrationKeyCached\n | CryptoEvent.DehydratedDeviceRotationError;\n\n/**\n * A map of the {@link DehydratedDeviceEvents} fired by the {@link DehydratedDeviceManager} and their payloads.\n * @internal\n */\ntype DehydratedDevicesEventMap = Pick<CryptoEventHandlerMap, DehydratedDevicesEvents>;\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport {\n KeysBackupRequest,\n KeysClaimRequest,\n KeysQueryRequest,\n KeysUploadRequest,\n type OlmMachine,\n type OutgoingRequest,\n PutDehydratedDeviceRequest,\n RoomMessageRequest,\n SignatureUploadRequest,\n ToDeviceRequest,\n UploadSigningKeysRequest,\n} from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { logger } from \"../logger.ts\";\nimport { calculateRetryBackoff, type IHttpOpts, type MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { logDuration, type QueryDict, sleep } from \"../utils.ts\";\nimport { type AuthDict, type UIAuthCallback } from \"../interactive-auth.ts\";\nimport { ToDeviceMessageId } from \"../@types/event.ts\";\nimport { UnstablePrefix as DehydrationUnstablePrefix } from \"./DehydratedDeviceManager.ts\";\n\n/**\n * OutgoingRequestManager: turns `OutgoingRequest`s from the rust sdk into HTTP requests\n *\n * We have one of these per `RustCrypto` (and hence per `MatrixClient`), not that it does anything terribly complicated.\n * It's responsible for:\n *\n * * holding the reference to the `MatrixHttpApi`\n * * turning `OutgoingRequest`s from the rust backend into HTTP requests, and sending them\n * * sending the results of such requests back to the rust backend.\n *\n * @internal\n */\nexport class OutgoingRequestProcessor {\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n ) {}\n\n public async makeOutgoingRequest<T>(\n msg: OutgoingRequest | UploadSigningKeysRequest | PutDehydratedDeviceRequest,\n uiaCallback?: UIAuthCallback<T>,\n ): Promise<void> {\n let resp: string;\n\n /* refer https://docs.rs/matrix-sdk-crypto/0.6.0/matrix_sdk_crypto/requests/enum.OutgoingRequests.html\n * for the complete list of request types\n */\n if (msg instanceof KeysUploadRequest) {\n resp = await this.requestWithRetry(Method.Post, \"/_matrix/client/v3/keys/upload\", {}, msg.body);\n } else if (msg instanceof KeysQueryRequest) {\n resp = await this.requestWithRetry(Method.Post, \"/_matrix/client/v3/keys/query\", {}, msg.body);\n } else if (msg instanceof KeysClaimRequest) {\n resp = await this.requestWithRetry(Method.Post, \"/_matrix/client/v3/keys/claim\", {}, msg.body);\n } else if (msg instanceof SignatureUploadRequest) {\n resp = await this.requestWithRetry(Method.Post, \"/_matrix/client/v3/keys/signatures/upload\", {}, msg.body);\n } else if (msg instanceof KeysBackupRequest) {\n resp = await this.requestWithRetry(\n Method.Put,\n \"/_matrix/client/v3/room_keys/keys\",\n { version: msg.version },\n msg.body,\n );\n } else if (msg instanceof ToDeviceRequest) {\n resp = await this.sendToDeviceRequest(msg);\n } else if (msg instanceof RoomMessageRequest) {\n const path =\n `/_matrix/client/v3/rooms/${encodeURIComponent(msg.room_id)}/send/` +\n `${encodeURIComponent(msg.event_type)}/${encodeURIComponent(msg.txn_id)}`;\n resp = await this.requestWithRetry(Method.Put, path, {}, msg.body);\n } else if (msg instanceof UploadSigningKeysRequest) {\n await this.makeRequestWithUIA(\n Method.Post,\n \"/_matrix/client/v3/keys/device_signing/upload\",\n {},\n msg.body,\n uiaCallback,\n );\n // SigningKeysUploadRequest does not implement OutgoingRequest and does not need to be marked as sent.\n return;\n } else if (msg instanceof PutDehydratedDeviceRequest) {\n const path = DehydrationUnstablePrefix + \"/dehydrated_device\";\n await this.rawJsonRequest(Method.Put, path, {}, msg.body);\n // PutDehydratedDeviceRequest does not implement OutgoingRequest and does not need to be marked as sent.\n return;\n } else {\n logger.warn(\"Unsupported outgoing message\", Object.getPrototypeOf(msg));\n resp = \"\";\n }\n\n if (msg.id) {\n try {\n await logDuration(logger, `Mark Request as sent ${msg.type}`, async () => {\n await this.olmMachine.markRequestAsSent(msg.id!, msg.type, resp);\n });\n } catch (e) {\n // Ignore errors which are caused by the olmMachine having been freed. The exact error message depends\n // on whether we are using a release or develop build of rust-sdk-crypto-wasm.\n if (\n e instanceof Error &&\n (e.message === \"Attempt to use a moved value\" || e.message === \"null pointer passed to rust\")\n ) {\n logger.log(`Ignoring error '${e.message}': client is likely shutting down`);\n } else {\n throw e;\n }\n }\n } else {\n logger.trace(`Outgoing request type:${msg.type} does not have an ID`);\n }\n }\n\n /**\n * Send the HTTP request for a `ToDeviceRequest`\n *\n * @param request - request to send\n * @returns JSON-serialized body of the response, if successful\n */\n private async sendToDeviceRequest(request: ToDeviceRequest): Promise<string> {\n // a bit of extra logging, to help trace to-device messages through the system\n const parsedBody: { messages: Record<string, Record<string, Record<string, any>>> } = JSON.parse(request.body);\n\n const messageList = [];\n for (const [userId, perUserMessages] of Object.entries(parsedBody.messages)) {\n for (const [deviceId, message] of Object.entries(perUserMessages)) {\n messageList.push(`${userId}/${deviceId} (msgid ${message[ToDeviceMessageId]})`);\n }\n }\n\n logger.info(\n `Sending batch of to-device messages. type=${request.event_type} txnid=${request.txn_id}`,\n messageList,\n );\n\n const path =\n `/_matrix/client/v3/sendToDevice/${encodeURIComponent(request.event_type)}/` +\n encodeURIComponent(request.txn_id);\n return await this.requestWithRetry(Method.Put, path, {}, request.body);\n }\n\n private async makeRequestWithUIA<T>(\n method: Method,\n path: string,\n queryParams: QueryDict,\n body: string,\n uiaCallback: UIAuthCallback<T> | undefined,\n ): Promise<string> {\n if (!uiaCallback) {\n return await this.requestWithRetry(method, path, queryParams, body);\n }\n\n const parsedBody = JSON.parse(body);\n const makeRequest = async (auth: AuthDict | null): Promise<T> => {\n const newBody: Record<string, any> = {\n ...parsedBody,\n };\n if (auth !== null) {\n newBody.auth = auth;\n }\n const resp = await this.requestWithRetry(method, path, queryParams, JSON.stringify(newBody));\n return JSON.parse(resp) as T;\n };\n\n const resp = await uiaCallback(makeRequest);\n return JSON.stringify(resp);\n }\n\n private async requestWithRetry(\n method: Method,\n path: string,\n queryParams: QueryDict,\n body: string,\n ): Promise<string> {\n let currentRetryCount = 0;\n\n // eslint-disable-next-line no-constant-condition\n while (true) {\n try {\n return await this.rawJsonRequest(method, path, queryParams, body);\n } catch (e) {\n currentRetryCount++;\n const backoff = calculateRetryBackoff(e, currentRetryCount, true);\n if (backoff < 0) {\n // Max number of retries reached, or error is not retryable. rethrow the error\n throw e;\n }\n // wait for the specified time and then retry the request\n await sleep(backoff);\n }\n }\n }\n\n private async rawJsonRequest(method: Method, path: string, queryParams: QueryDict, body: string): Promise<string> {\n const opts = {\n // inhibit the JSON stringification and parsing within HttpApi.\n json: false,\n\n // nevertheless, we are sending, and accept, JSON.\n headers: {\n \"Content-Type\": \"application/json\",\n \"Accept\": \"application/json\",\n },\n\n // we use the full prefix\n prefix: \"\",\n };\n\n return await this.http.authedRequest<string>(method, path, queryParams, body, opts);\n }\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type OlmMachine, type UserId } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { type LogSpan } from \"../logger.ts\";\n\n/**\n * KeyClaimManager: linearises calls to OlmMachine.getMissingSessions to avoid races\n *\n * We have one of these per `RustCrypto` (and hence per `MatrixClient`).\n *\n * @internal\n */\nexport class KeyClaimManager {\n private currentClaimPromise: Promise<void>;\n private stopped = false;\n\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n ) {\n this.currentClaimPromise = Promise.resolve();\n }\n\n /**\n * Tell the KeyClaimManager to immediately stop processing requests.\n *\n * Any further calls, and any still in the queue, will fail with an error.\n */\n public stop(): void {\n this.stopped = true;\n }\n\n /**\n * Given a list of users, attempt to ensure that we have Olm Sessions active with each of their devices\n *\n * If we don't have an active olm session, we will claim a one-time key and start one.\n * @param logger - logger to use\n * @param userList - list of userIDs to claim\n */\n public ensureSessionsForUsers(logger: LogSpan, userList: Array<UserId>): Promise<void> {\n // The Rust-SDK requires that we only have one getMissingSessions process in flight at once. This little dance\n // ensures that, by only having one call to ensureSessionsForUsersInner active at once (and making them\n // queue up in order).\n const prom = this.currentClaimPromise\n .catch(() => {\n // any errors in the previous claim will have been reported already, so there is nothing to do here.\n // we just throw away the error and start anew.\n })\n .then(() => this.ensureSessionsForUsersInner(logger, userList));\n this.currentClaimPromise = prom;\n return prom;\n }\n\n private async ensureSessionsForUsersInner(logger: LogSpan, userList: Array<UserId>): Promise<void> {\n // bail out quickly if we've been stopped.\n if (this.stopped) {\n throw new Error(`Cannot ensure Olm sessions: shutting down`);\n }\n logger.info(\"Checking for missing Olm sessions\");\n // By passing the userId array to rust we transfer ownership of the items to rust, causing\n // them to be invalidated on the JS side as soon as the method is called.\n // As we haven't created the `userList` let's clone the users, to not break the caller from re-using it.\n const claimRequest = await this.olmMachine.getMissingSessions(userList.map((u) => u.clone()));\n if (claimRequest) {\n logger.info(\"Making /keys/claim request\");\n await this.outgoingRequestProcessor.makeOutgoingRequest(claimRequest);\n }\n logger.info(\"Olm sessions prepared\");\n }\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { Device, DeviceVerification } from \"../models/device.ts\";\nimport { type DeviceKeys } from \"../client.ts\";\n\n/**\n * Convert a {@link RustSdkCryptoJs.Device} to a {@link Device}\n * @param device - Rust Sdk device\n * @param userId - owner of the device\n *\n * @internal\n */\nexport function rustDeviceToJsDevice(device: RustSdkCryptoJs.Device, userId: RustSdkCryptoJs.UserId): Device {\n // Copy rust device keys to Device.keys\n const keys = new Map<string, string>();\n for (const [keyId, key] of device.keys.entries()) {\n keys.set(keyId.toString(), key.toBase64());\n }\n\n // Compute verified from device state\n let verified: DeviceVerification = DeviceVerification.Unverified;\n if (device.isBlacklisted()) {\n verified = DeviceVerification.Blocked;\n } else if (device.isVerified()) {\n verified = DeviceVerification.Verified;\n }\n\n // Convert rust signatures to Device.signatures\n const signatures = new Map<string, Map<string, string>>();\n const mayBeSignatureMap: Map<string, RustSdkCryptoJs.MaybeSignature> | undefined = device.signatures.get(userId);\n if (mayBeSignatureMap) {\n const convertedSignatures = new Map<string, string>();\n // Convert maybeSignatures map to a Map<string, string>\n for (const [key, value] of mayBeSignatureMap.entries()) {\n if (value.isValid() && value.signature) {\n convertedSignatures.set(key, value.signature.toBase64());\n }\n }\n\n signatures.set(userId.toString(), convertedSignatures);\n }\n\n // Convert rust algorithms to algorithms\n const rustAlgorithms: RustSdkCryptoJs.EncryptionAlgorithm[] = device.algorithms;\n // Use set to ensure that algorithms are not duplicated\n const algorithms = new Set<string>();\n rustAlgorithms.forEach((algorithm) => {\n switch (algorithm) {\n case RustSdkCryptoJs.EncryptionAlgorithm.MegolmV1AesSha2:\n algorithms.add(\"m.megolm.v1.aes-sha2\");\n break;\n case RustSdkCryptoJs.EncryptionAlgorithm.OlmV1Curve25519AesSha2:\n default:\n algorithms.add(\"m.olm.v1.curve25519-aes-sha2\");\n break;\n }\n });\n\n return new Device({\n deviceId: device.deviceId.toString(),\n userId: userId.toString(),\n keys,\n algorithms: Array.from(algorithms),\n verified,\n signatures,\n displayName: device.displayName,\n dehydrated: device.isDehydrated,\n });\n}\n\n/**\n * Convert {@link DeviceKeys} from `/keys/query` request to a `Map<string, Device>`\n * @param deviceKeys - Device keys object to convert\n *\n * @internal\n */\nexport function deviceKeysToDeviceMap(deviceKeys: DeviceKeys): Map<string, Device> {\n return new Map(\n Object.entries(deviceKeys).map(([deviceId, device]) => [deviceId, downloadDeviceToJsDevice(device)]),\n );\n}\n\n// Device from `/keys/query` request\ntype QueryDevice = DeviceKeys[keyof DeviceKeys];\n\n/**\n * Convert `/keys/query` {@link QueryDevice} device to {@link Device}\n * @param device - Device from `/keys/query` request\n *\n * @internal\n */\nexport function downloadDeviceToJsDevice(device: QueryDevice): Device {\n const keys = new Map(Object.entries(device.keys));\n const displayName = device.unsigned?.device_display_name;\n\n const signatures = new Map<string, Map<string, string>>();\n if (device.signatures) {\n for (const userId in device.signatures) {\n signatures.set(userId, new Map(Object.entries(device.signatures[userId])));\n }\n }\n\n return new Device({\n deviceId: device.device_id,\n userId: device.user_id,\n keys,\n algorithms: device.algorithms,\n verified: DeviceVerification.Unverified,\n signatures,\n displayName,\n });\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport {\n type OlmMachine,\n type CrossSigningStatus,\n type CrossSigningBootstrapRequests,\n} from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport type * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport { type BootstrapCrossSigningOpts } from \"../crypto-api/index.ts\";\nimport { logger } from \"../logger.ts\";\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { type UIAuthCallback } from \"../interactive-auth.ts\";\nimport { type ServerSideSecretStorage } from \"../secret-storage.ts\";\n\n/** Manages the cross-signing keys for our own user.\n *\n * @internal\n */\nexport class CrossSigningIdentity {\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n private readonly secretStorage: ServerSideSecretStorage,\n ) {}\n\n /**\n * Initialise our cross-signing keys by creating new keys if they do not exist, and uploading to the server\n */\n public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {\n if (opts.setupNewCrossSigning) {\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n return;\n }\n\n const olmDeviceStatus: CrossSigningStatus = await this.olmMachine.crossSigningStatus();\n\n // Try to fetch cross signing keys from the secret storage\n const masterKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.master\");\n const selfSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.self_signing\");\n const userSigningKeyFromSecretStorage = await this.secretStorage.get(\"m.cross_signing.user_signing\");\n const privateKeysInSecretStorage = Boolean(\n masterKeyFromSecretStorage && selfSigningKeyFromSecretStorage && userSigningKeyFromSecretStorage,\n );\n\n const olmDeviceHasKeys =\n olmDeviceStatus.hasMaster && olmDeviceStatus.hasUserSigning && olmDeviceStatus.hasSelfSigning;\n\n // Log all relevant state for easier parsing of debug logs.\n logger.log(\"bootstrapCrossSigning: starting\", {\n setupNewCrossSigning: opts.setupNewCrossSigning,\n olmDeviceHasMaster: olmDeviceStatus.hasMaster,\n olmDeviceHasUserSigning: olmDeviceStatus.hasUserSigning,\n olmDeviceHasSelfSigning: olmDeviceStatus.hasSelfSigning,\n privateKeysInSecretStorage,\n });\n\n if (olmDeviceHasKeys) {\n if (!(await this.secretStorage.hasKey())) {\n logger.warn(\n \"bootstrapCrossSigning: Olm device has private keys, but secret storage is not yet set up; doing nothing for now.\",\n );\n // the keys should get uploaded to 4S once that is set up.\n } else if (!privateKeysInSecretStorage) {\n // the device has the keys but they are not in 4S, so update it\n logger.log(\"bootstrapCrossSigning: Olm device has private keys: exporting to secret storage\");\n await this.exportCrossSigningKeysToStorage();\n } else {\n logger.log(\n \"bootstrapCrossSigning: Olm device has private keys and they are saved in secret storage; doing nothing\",\n );\n }\n } /* (!olmDeviceHasKeys) */ else {\n if (privateKeysInSecretStorage) {\n // they are in 4S, so import from there\n logger.log(\n \"bootstrapCrossSigning: Cross-signing private keys not found locally, but they are available \" +\n \"in secret storage, reading storage and caching locally\",\n );\n const status = await this.olmMachine.importCrossSigningKeys(\n masterKeyFromSecretStorage,\n selfSigningKeyFromSecretStorage,\n userSigningKeyFromSecretStorage,\n );\n\n // Check that `importCrossSigningKeys` worked correctly (for example, it will fail silently if the\n // public keys are not available).\n if (!status.hasMaster || !status.hasSelfSigning || !status.hasUserSigning) {\n throw new Error(\"importCrossSigningKeys failed to import the keys\");\n }\n\n // Get the current device\n const device: RustSdkCryptoJs.Device = (await this.olmMachine.getDevice(\n this.olmMachine.userId,\n this.olmMachine.deviceId,\n ))!;\n try {\n // Sign the device with our cross-signing key and upload the signature\n const request: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n } finally {\n device.free();\n }\n } else {\n logger.log(\n \"bootstrapCrossSigning: Cross-signing private keys not found locally or in secret storage, creating new keys\",\n );\n await this.resetCrossSigning(opts.authUploadDeviceSigningKeys);\n }\n }\n\n // TODO: we might previously have bootstrapped cross-signing but not completed uploading the keys to the\n // server -- in which case we should call OlmDevice.bootstrap_cross_signing. How do we know?\n logger.log(\"bootstrapCrossSigning: complete\");\n }\n\n /** Reset our cross-signing keys\n *\n * This method will:\n * * Tell the OlmMachine to create new keys\n * * Upload the new public keys and the device signature to the server\n * * Upload the private keys to SSSS, if it is set up\n */\n private async resetCrossSigning(authUploadDeviceSigningKeys?: UIAuthCallback<void>): Promise<void> {\n // XXX: We must find a way to make this atomic, currently if the user does not remember his account password\n // or 4S passphrase/key the process will fail in a bad state, with keys rotated but not uploaded or saved in 4S.\n const outgoingRequests: CrossSigningBootstrapRequests = await this.olmMachine.bootstrapCrossSigning(true);\n\n // If 4S is configured we need to update it.\n if (!(await this.secretStorage.hasKey())) {\n logger.warn(\n \"resetCrossSigning: Secret storage is not yet set up; not exporting keys to secret storage yet.\",\n );\n // the keys should get uploaded to 4S once that is set up.\n } else {\n // Update 4S before uploading cross-signing keys, to stay consistent with legacy that asks\n // 4S passphrase before asking for account password.\n // Ultimately should be made atomic and resistant to forgotten password/passphrase.\n logger.log(\"resetCrossSigning: exporting private keys to secret storage\");\n await this.exportCrossSigningKeysToStorage();\n }\n\n logger.log(\"resetCrossSigning: publishing public keys to server\");\n for (const req of [\n outgoingRequests.uploadKeysRequest,\n outgoingRequests.uploadSigningKeysRequest,\n outgoingRequests.uploadSignaturesRequest,\n ]) {\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req, authUploadDeviceSigningKeys);\n }\n }\n }\n\n /**\n * Extract the cross-signing keys from the olm machine and save them to secret storage, if it is configured\n *\n * (If secret storage is *not* configured, we assume that the export will happen when it is set up)\n */\n private async exportCrossSigningKeysToStorage(): Promise<void> {\n const exported: RustSdkCryptoJs.CrossSigningKeyExport | undefined =\n await this.olmMachine.exportCrossSigningKeys();\n /* istanbul ignore else (this function is only called when we know the olm machine has keys) */\n if (exported?.masterKey) {\n await this.secretStorage.store(\"m.cross_signing.master\", exported.masterKey);\n } else {\n logger.error(`Cannot export MSK to secret storage, private key unknown`);\n }\n if (exported?.self_signing_key) {\n await this.secretStorage.store(\"m.cross_signing.self_signing\", exported.self_signing_key);\n } else {\n logger.error(`Cannot export SSK to secret storage, private key unknown`);\n }\n if (exported?.userSigningKey) {\n await this.secretStorage.store(\"m.cross_signing.user_signing\", exported.userSigningKey);\n } else {\n logger.error(`Cannot export USK to secret storage, private key unknown`);\n }\n }\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type SecretStorageKey, type ServerSideSecretStorage } from \"../secret-storage.ts\";\n\n/**\n * Check that the private cross signing keys (master, self signing, user signing) are stored in the secret storage and encrypted with the default secret storage key.\n *\n * @param secretStorage - The secret store using account data\n * @returns True if the cross-signing keys are all stored and encrypted with the same secret storage key.\n *\n * @internal\n */\nexport async function secretStorageContainsCrossSigningKeys(secretStorage: ServerSideSecretStorage): Promise<boolean> {\n return secretStorageCanAccessSecrets(secretStorage, [\n \"m.cross_signing.master\",\n \"m.cross_signing.user_signing\",\n \"m.cross_signing.self_signing\",\n ]);\n}\n\n/**\n *\n * Check that the secret storage can access the given secrets using the default key.\n *\n * @param secretStorage - The secret store using account data\n * @param secretNames - The secret names to check\n * @returns True if all the given secrets are accessible and encrypted with the given key.\n *\n * @internal\n */\nexport async function secretStorageCanAccessSecrets(\n secretStorage: ServerSideSecretStorage,\n secretNames: SecretStorageKey[],\n): Promise<boolean> {\n const defaultKeyId = await secretStorage.getDefaultKeyId();\n if (!defaultKeyId) return false;\n\n for (const secretName of secretNames) {\n // check which keys this particular secret is encrypted with\n const record = (await secretStorage.isStored(secretName)) || {};\n // if it's not encrypted with the right key, there is no point continuing\n if (!(defaultKeyId in record)) return false;\n }\n\n return true;\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport { type OutgoingRequest, QrState } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport {\n type GeneratedSas,\n type ShowQrCodeCallbacks,\n type ShowSasCallbacks,\n VerificationPhase,\n type VerificationRequest,\n VerificationRequestEvent,\n type VerificationRequestEventHandlerMap,\n type Verifier,\n VerifierEvent,\n type VerifierEventHandlerMap,\n} from \"../crypto-api/verification.ts\";\nimport { TypedEventEmitter } from \"../models/typed-event-emitter.ts\";\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { TypedReEmitter } from \"../ReEmitter.ts\";\nimport { type MatrixEvent } from \"../models/event.ts\";\nimport { EventType, MsgType } from \"../@types/event.ts\";\nimport { defer, type IDeferred } from \"../utils.ts\";\nimport { VerificationMethod } from \"../types.ts\";\n\n/**\n * An incoming, or outgoing, request to verify a user or a device via cross-signing.\n *\n * @internal\n */\nexport class RustVerificationRequest\n extends TypedEventEmitter<VerificationRequestEvent, VerificationRequestEventHandlerMap>\n implements VerificationRequest\n{\n /** a reëmitter which relays VerificationRequestEvent.Changed events emitted by the verifier */\n private readonly reEmitter: TypedReEmitter<VerificationRequestEvent, VerificationRequestEventHandlerMap>;\n\n /** Are we in the process of sending an `m.key.verification.ready` event? */\n private _accepting = false;\n\n /** Are we in the process of sending an `m.key.verification.cancellation` event? */\n private _cancelling = false;\n\n private _verifier: undefined | RustSASVerifier | RustQrCodeVerifier;\n\n /**\n * Construct a new RustVerificationRequest to wrap the rust-level `VerificationRequest`.\n *\n * @param olmMachine - The `OlmMachine` from the underlying rust crypto sdk.\n * @param inner - VerificationRequest from the Rust SDK.\n * @param outgoingRequestProcessor - `OutgoingRequestProcessor` to use for making outgoing HTTP requests.\n * @param supportedVerificationMethods - Verification methods to use when `accept()` is called.\n */\n public constructor(\n private readonly olmMachine: RustSdkCryptoJs.OlmMachine,\n private readonly inner: RustSdkCryptoJs.VerificationRequest,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n private readonly supportedVerificationMethods: string[],\n ) {\n super();\n this.reEmitter = new TypedReEmitter(this);\n\n // Obviously, the Rust object maintains a reference to the callback function. If the callback function maintains\n // a reference to the Rust object, then we have a reference cycle which means that `RustVerificationRequest`\n // will never be garbage-collected, and hence the underlying rust object will never be freed.\n //\n // To avoid this reference cycle, use a weak reference in the callback function. If the `RustVerificationRequest`\n // gets garbage-collected, then there is nothing to update!\n const weakThis = new WeakRef(this);\n inner.registerChangesCallback(async () => weakThis.deref()?.onChange());\n }\n\n /**\n * Hook which is called when the underlying rust class notifies us that there has been a change.\n */\n private onChange(): void {\n const verification: RustSdkCryptoJs.Qr | RustSdkCryptoJs.Sas | undefined = this.inner.getVerification();\n\n // Set the _verifier object (wrapping the rust `Verification` as a js-sdk Verifier) if:\n // - we now have a `Verification` where we lacked one before\n // - we have transitioned from QR to SAS\n // - we are verifying with SAS, but we need to replace our verifier with a new one because both parties\n // tried to start verification at the same time, and we lost the tie breaking\n if (verification instanceof RustSdkCryptoJs.Sas) {\n if (this._verifier === undefined || this._verifier instanceof RustQrCodeVerifier) {\n this.setVerifier(new RustSASVerifier(verification, this, this.outgoingRequestProcessor));\n } else if (this._verifier instanceof RustSASVerifier) {\n this._verifier.replaceInner(verification);\n }\n } else if (verification instanceof RustSdkCryptoJs.Qr && this._verifier === undefined) {\n this.setVerifier(new RustQrCodeVerifier(verification, this.outgoingRequestProcessor));\n }\n\n this.emit(VerificationRequestEvent.Change);\n }\n\n private setVerifier(verifier: RustSASVerifier | RustQrCodeVerifier): void {\n // if we already have a verifier, unsubscribe from its events\n if (this._verifier) {\n this.reEmitter.stopReEmitting(this._verifier, [VerificationRequestEvent.Change]);\n }\n this._verifier = verifier;\n this.reEmitter.reEmit(this._verifier, [VerificationRequestEvent.Change]);\n }\n\n /**\n * Unique ID for this verification request.\n *\n * An ID isn't assigned until the first message is sent, so this may be `undefined` in the early phases.\n */\n public get transactionId(): string | undefined {\n return this.inner.flowId;\n }\n\n /**\n * For an in-room verification, the ID of the room.\n *\n * For to-device verifications, `undefined`.\n */\n public get roomId(): string | undefined {\n return this.inner.roomId?.toString();\n }\n\n /**\n * True if this request was initiated by the local client.\n *\n * For in-room verifications, the initiator is who sent the `m.key.verification.request` event.\n * For to-device verifications, the initiator is who sent the `m.key.verification.start` event.\n */\n public get initiatedByMe(): boolean {\n return this.inner.weStarted();\n }\n\n /** The user id of the other party in this request */\n public get otherUserId(): string {\n return this.inner.otherUserId.toString();\n }\n\n /** For verifications via to-device messages: the ID of the other device. Otherwise, undefined. */\n public get otherDeviceId(): string | undefined {\n return this.inner.otherDeviceId?.toString();\n }\n\n /** Get the other device involved in the verification, if it is known */\n private async getOtherDevice(): Promise<undefined | RustSdkCryptoJs.Device> {\n const otherDeviceId = this.inner.otherDeviceId;\n if (!otherDeviceId) {\n return undefined;\n }\n return await this.olmMachine.getDevice(this.inner.otherUserId, otherDeviceId, 5);\n }\n\n /** True if the other party in this request is one of this user's own devices. */\n public get isSelfVerification(): boolean {\n return this.inner.isSelfVerification();\n }\n\n /** current phase of the request. */\n public get phase(): VerificationPhase {\n const phase = this.inner.phase();\n\n switch (phase) {\n case RustSdkCryptoJs.VerificationRequestPhase.Created:\n case RustSdkCryptoJs.VerificationRequestPhase.Requested:\n return VerificationPhase.Requested;\n case RustSdkCryptoJs.VerificationRequestPhase.Ready:\n // if we're still sending the `m.key.verification.ready`, that counts as \"Requested\" in the js-sdk's\n // parlance.\n return this._accepting ? VerificationPhase.Requested : VerificationPhase.Ready;\n case RustSdkCryptoJs.VerificationRequestPhase.Transitioned:\n if (!this._verifier) {\n // this shouldn't happen, because the onChange handler should have created a _verifier.\n throw new Error(\"VerificationRequest: inner phase == Transitioned but no verifier!\");\n }\n return this._verifier.verificationPhase;\n case RustSdkCryptoJs.VerificationRequestPhase.Done:\n return VerificationPhase.Done;\n case RustSdkCryptoJs.VerificationRequestPhase.Cancelled:\n return VerificationPhase.Cancelled;\n }\n\n throw new Error(`Unknown verification phase ${phase}`);\n }\n\n /** True if the request has sent its initial event and needs more events to complete\n * (ie it is in phase `Requested`, `Ready` or `Started`).\n */\n public get pending(): boolean {\n if (this.inner.isPassive()) return false;\n const phase = this.phase;\n return phase !== VerificationPhase.Done && phase !== VerificationPhase.Cancelled;\n }\n\n /**\n * True if we have started the process of sending an `m.key.verification.ready` (but have not necessarily received\n * the remote echo which causes a transition to {@link VerificationPhase.Ready}.\n */\n public get accepting(): boolean {\n return this._accepting;\n }\n\n /**\n * True if we have started the process of sending an `m.key.verification.cancel` (but have not necessarily received\n * the remote echo which causes a transition to {@link VerificationPhase.Cancelled}).\n */\n public get declining(): boolean {\n return this._cancelling;\n }\n\n /**\n * The remaining number of ms before the request will be automatically cancelled.\n *\n * `null` indicates that there is no timeout\n */\n public get timeout(): number | null {\n return this.inner.timeRemainingMillis();\n }\n\n /** once the phase is Started (and !initiatedByMe) or Ready: common methods supported by both sides */\n public get methods(): string[] {\n throw new Error(\"not implemented\");\n }\n\n /** the method picked in the .start event */\n public get chosenMethod(): string | null {\n if (this.phase !== VerificationPhase.Started) return null;\n\n const verification: RustSdkCryptoJs.Qr | RustSdkCryptoJs.Sas | undefined = this.inner.getVerification();\n if (verification instanceof RustSdkCryptoJs.Sas) {\n return VerificationMethod.Sas;\n } else if (verification instanceof RustSdkCryptoJs.Qr) {\n return VerificationMethod.Reciprocate;\n } else {\n return null;\n }\n }\n\n /**\n * Checks whether the other party supports a given verification method.\n * This is useful when setting up the QR code UI, as it is somewhat asymmetrical:\n * if the other party supports SCAN_QR, we should show a QR code in the UI, and vice versa.\n * For methods that need to be supported by both ends, use the `methods` property.\n *\n * @param method - the method to check\n * @returns true if the other party said they supported the method\n */\n public otherPartySupportsMethod(method: string): boolean {\n const theirMethods: RustSdkCryptoJs.VerificationMethod[] | undefined = this.inner.theirSupportedMethods;\n if (theirMethods === undefined) {\n // no message from the other side yet\n return false;\n }\n\n const requiredMethod = verificationMethodsByIdentifier[method];\n return theirMethods.some((m) => m === requiredMethod);\n }\n\n /**\n * Accepts the request, sending a .ready event to the other party\n *\n * @returns Promise which resolves when the event has been sent.\n */\n public async accept(): Promise<void> {\n if (this.inner.phase() !== RustSdkCryptoJs.VerificationRequestPhase.Requested || this._accepting) {\n throw new Error(`Cannot accept a verification request in phase ${this.phase}`);\n }\n\n this._accepting = true;\n try {\n const req: undefined | OutgoingRequest = this.inner.acceptWithMethods(\n this.supportedVerificationMethods.map(verificationMethodIdentifierToMethod),\n );\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n } finally {\n this._accepting = false;\n }\n\n // phase may have changed, so emit a 'change' event\n this.emit(VerificationRequestEvent.Change);\n }\n\n /**\n * Cancels the request, sending a cancellation to the other party\n *\n * @param params - Details for the cancellation, including `reason` (defaults to \"User declined\"), and `code`\n * (defaults to `m.user`).\n *\n * @returns Promise which resolves when the event has been sent.\n */\n public async cancel(params?: { reason?: string; code?: string }): Promise<void> {\n if (this._cancelling) {\n // already cancelling; do nothing\n return;\n }\n\n this._cancelling = true;\n try {\n const req: undefined | OutgoingRequest = this.inner.cancel();\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n } finally {\n this._cancelling = false;\n }\n }\n\n /**\n * Create a {@link Verifier} to do this verification via a particular method.\n *\n * If a verifier has already been created for this request, returns that verifier.\n *\n * This does *not* send the `m.key.verification.start` event - to do so, call {@link Verifier#verifier} on the\n * returned verifier.\n *\n * If no previous events have been sent, pass in `targetDevice` to set who to direct this request to.\n *\n * @param method - the name of the verification method to use.\n * @param targetDevice - details of where to send the request to.\n *\n * @returns The verifier which will do the actual verification.\n */\n public beginKeyVerification(method: string, targetDevice?: { userId?: string; deviceId?: string }): Verifier {\n throw new Error(\"not implemented\");\n }\n\n /**\n * Send an `m.key.verification.start` event to start verification via a particular method.\n *\n * Implementation of {@link Crypto.VerificationRequest#startVerification}.\n *\n * @param method - the name of the verification method to use.\n */\n public async startVerification(method: string): Promise<Verifier> {\n if (method !== VerificationMethod.Sas) {\n throw new Error(`Unsupported verification method ${method}`);\n }\n\n // make sure that we have a list of the other user's devices (workaround https://github.com/matrix-org/matrix-rust-sdk/issues/2896)\n if (!(await this.getOtherDevice())) {\n throw new Error(\"startVerification(): other device is unknown\");\n }\n\n const res:\n | [RustSdkCryptoJs.Sas, RustSdkCryptoJs.RoomMessageRequest | RustSdkCryptoJs.ToDeviceRequest]\n | undefined = await this.inner.startSas();\n\n if (res) {\n const [, req] = res;\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n\n // this should have triggered the onChange callback, and we should now have a verifier\n if (!this._verifier) {\n throw new Error(\"Still no verifier after startSas() call\");\n }\n\n return this._verifier;\n }\n\n /**\n * Start a QR code verification by providing a scanned QR code for this verification flow.\n *\n * Implementation of {@link Crypto.VerificationRequest#scanQRCode}.\n *\n * @param qrCodeData - the decoded QR code.\n * @returns A verifier; call `.verify()` on it to wait for the other side to complete the verification flow.\n */\n public async scanQRCode(uint8Array: Uint8ClampedArray): Promise<Verifier> {\n const scan = RustSdkCryptoJs.QrCodeScan.fromBytes(uint8Array);\n const verifier: RustSdkCryptoJs.Qr = await this.inner.scanQrCode(scan);\n\n // this should have triggered the onChange callback, and we should now have a verifier\n if (!this._verifier) {\n throw new Error(\"Still no verifier after scanQrCode() call\");\n }\n\n // we can immediately trigger the reciprocate request\n const req: undefined | OutgoingRequest = verifier.reciprocate();\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n\n return this._verifier;\n }\n\n /**\n * The verifier which is doing the actual verification, once the method has been established.\n * Only defined when the `phase` is Started.\n */\n public get verifier(): Verifier | undefined {\n // It's possible for us to have a Verifier before a method has been chosen (in particular,\n // if we are showing a QR code which the other device has not yet scanned. At that point, we could\n // still switch to SAS).\n //\n // In that case, we should not return it to the application yet, since the application will not expect the\n // Verifier to be replaced during the lifetime of the VerificationRequest.\n return this.phase === VerificationPhase.Started ? this._verifier : undefined;\n }\n\n /**\n * Stub implementation of {@link Crypto.VerificationRequest#getQRCodeBytes}.\n */\n public getQRCodeBytes(): Uint8ClampedArray | undefined {\n throw new Error(\"getQRCodeBytes() unsupported in Rust Crypto; use generateQRCode() instead.\");\n }\n\n /**\n * Generate the data for a QR code allowing the other device to verify this one, if it supports it.\n *\n * Implementation of {@link Crypto.VerificationRequest#generateQRCode}.\n */\n public async generateQRCode(): Promise<Uint8ClampedArray | undefined> {\n // make sure that we have a list of the other user's devices (workaround https://github.com/matrix-org/matrix-rust-sdk/issues/2896)\n if (!(await this.getOtherDevice())) {\n throw new Error(\"generateQRCode(): other device is unknown\");\n }\n\n const innerVerifier: RustSdkCryptoJs.Qr | undefined = await this.inner.generateQrCode();\n // If we are unable to generate a QRCode, we return undefined\n if (!innerVerifier) return;\n\n return innerVerifier.toBytes();\n }\n\n /**\n * If this request has been cancelled, the cancellation code (e.g `m.user`) which is responsible for cancelling\n * this verification.\n */\n public get cancellationCode(): string | null {\n return this.inner.cancelInfo?.cancelCode() ?? null;\n }\n\n /**\n * The id of the user that cancelled the request.\n *\n * Only defined when phase is Cancelled\n */\n public get cancellingUserId(): string | undefined {\n const cancelInfo = this.inner.cancelInfo;\n if (!cancelInfo) {\n return undefined;\n } else if (cancelInfo.cancelledbyUs()) {\n return this.olmMachine.userId.toString();\n } else {\n return this.inner.otherUserId.toString();\n }\n }\n}\n\n/** Common base class for `Verifier` implementations which wrap rust classes.\n *\n * The generic parameter `InnerType` is the type of the rust Verification class which we wrap.\n *\n * @internal\n */\nabstract class BaseRustVerifer<InnerType extends RustSdkCryptoJs.Qr | RustSdkCryptoJs.Sas> extends TypedEventEmitter<\n VerifierEvent | VerificationRequestEvent,\n VerifierEventHandlerMap & VerificationRequestEventHandlerMap\n> {\n /** A deferred which completes when the verification completes (or rejects when it is cancelled/fails) */\n protected readonly completionDeferred: IDeferred<void>;\n\n public constructor(\n protected inner: InnerType,\n protected readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n ) {\n super();\n\n this.completionDeferred = defer();\n\n // As with RustVerificationRequest, we need to avoid a reference cycle.\n // See the comments in RustVerificationRequest.\n const weakThis = new WeakRef(this);\n inner.registerChangesCallback(async () => weakThis.deref()?.onChange());\n\n // stop the runtime complaining if nobody catches a failure\n this.completionDeferred.promise.catch(() => null);\n }\n\n /**\n * Hook which is called when the underlying rust class notifies us that there has been a change.\n *\n * Can be overridden by subclasses to see if we can notify the application about an update. The overriding method\n * must call `super.onChange()`.\n */\n protected onChange(): void {\n if (this.inner.isDone()) {\n this.completionDeferred.resolve(undefined);\n } else if (this.inner.isCancelled()) {\n const cancelInfo = this.inner.cancelInfo()!;\n this.completionDeferred.reject(\n new Error(\n `Verification cancelled by ${\n cancelInfo.cancelledbyUs() ? \"us\" : \"them\"\n } with code ${cancelInfo.cancelCode()}: ${cancelInfo.reason()}`,\n ),\n );\n }\n\n this.emit(VerificationRequestEvent.Change);\n }\n\n /**\n * Returns true if the verification has been cancelled, either by us or the other side.\n */\n public get hasBeenCancelled(): boolean {\n return this.inner.isCancelled();\n }\n\n /**\n * The ID of the other user in the verification process.\n */\n public get userId(): string {\n return this.inner.otherUserId.toString();\n }\n\n /**\n * Cancel a verification.\n *\n * We will send an `m.key.verification.cancel` if the verification is still in flight. The verification promise\n * will reject, and a {@link Crypto.VerifierEvent#Cancel} will be emitted.\n *\n * @param e - the reason for the cancellation.\n */\n public cancel(e?: Error): void {\n // TODO: something with `e`\n const req: undefined | OutgoingRequest = this.inner.cancel();\n if (req) {\n this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n }\n\n /**\n * Get the details for an SAS verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for a SAS-based verification and we are waiting for the user to confirm\n * the SAS matches.\n */\n public getShowSasCallbacks(): ShowSasCallbacks | null {\n return null;\n }\n\n /**\n * Get the details for reciprocating QR code verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for reciprocating a QR-code-based verification (ie, the other user has\n * already scanned our QR code), and we are waiting for the user to confirm.\n */\n public getReciprocateQrCodeCallbacks(): ShowQrCodeCallbacks | null {\n return null;\n }\n}\n\n/** A Verifier instance which is used to show and/or scan a QR code. */\nexport class RustQrCodeVerifier extends BaseRustVerifer<RustSdkCryptoJs.Qr> implements Verifier {\n private callbacks: ShowQrCodeCallbacks | null = null;\n\n public constructor(inner: RustSdkCryptoJs.Qr, outgoingRequestProcessor: OutgoingRequestProcessor) {\n super(inner, outgoingRequestProcessor);\n }\n\n protected onChange(): void {\n // if the other side has scanned our QR code and sent us a \"reciprocate\" message, it is now time for the\n // application to prompt the user to confirm their side.\n if (this.callbacks === null && this.inner.hasBeenScanned()) {\n this.callbacks = {\n confirm: (): void => {\n this.confirmScanning();\n },\n cancel: (): void => this.cancel(),\n };\n }\n\n super.onChange();\n }\n\n /**\n * Start the key verification, if it has not already been started.\n *\n * @returns Promise which resolves when the verification has completed, or rejects if the verification is cancelled\n * or times out.\n */\n public async verify(): Promise<void> {\n // Some applications (hello, matrix-react-sdk) may not check if there is a `ShowQrCodeCallbacks` and instead\n // register a `ShowReciprocateQr` listener which they expect to be called once `.verify` is called.\n if (this.callbacks !== null) {\n this.emit(VerifierEvent.ShowReciprocateQr, this.callbacks);\n }\n // Nothing to do here but wait.\n await this.completionDeferred.promise;\n }\n\n /**\n * Calculate an appropriate VerificationPhase for a VerificationRequest where this is the verifier.\n *\n * This is abnormally complicated because a rust-side QR Code verifier can span several verification phases.\n */\n public get verificationPhase(): VerificationPhase {\n switch (this.inner.state()) {\n case QrState.Created:\n // we have created a QR for display; neither side has yet sent an `m.key.verification.start`.\n return VerificationPhase.Ready;\n case QrState.Scanned:\n // other side has scanned our QR and sent an `m.key.verification.start` with `m.reciprocate.v1`\n return VerificationPhase.Started;\n case QrState.Confirmed:\n // we have confirmed the other side's scan and sent an `m.key.verification.done`.\n //\n // However, the verification is not yet \"Done\", because we have to wait until we have received the\n // `m.key.verification.done` from the other side (in particular, we don't mark the device/identity as\n // verified until that happens). If we return \"Done\" too soon, we risk the user cancelling the flow.\n return VerificationPhase.Started;\n case QrState.Reciprocated:\n // although the rust SDK doesn't immediately send the `m.key.verification.start` on transition into this\n // state, `RustVerificationRequest.scanQrCode` immediately calls `reciprocate()` and does so, so in practice\n // we can treat the two the same.\n return VerificationPhase.Started;\n case QrState.Done:\n return VerificationPhase.Done;\n case QrState.Cancelled:\n return VerificationPhase.Cancelled;\n default:\n throw new Error(`Unknown qr code state ${this.inner.state()}`);\n }\n }\n\n /**\n * Get the details for reciprocating QR code verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for reciprocating a QR-code-based verification (ie, the other user has\n * already scanned our QR code), and we are waiting for the user to confirm.\n */\n public getReciprocateQrCodeCallbacks(): ShowQrCodeCallbacks | null {\n return this.callbacks;\n }\n\n private async confirmScanning(): Promise<void> {\n const req: undefined | OutgoingRequest = this.inner.confirmScanning();\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n }\n}\n\n/** A Verifier instance which is used if we are exchanging emojis */\nexport class RustSASVerifier extends BaseRustVerifer<RustSdkCryptoJs.Sas> implements Verifier {\n private callbacks: ShowSasCallbacks | null = null;\n\n public constructor(\n inner: RustSdkCryptoJs.Sas,\n _verificationRequest: RustVerificationRequest,\n outgoingRequestProcessor: OutgoingRequestProcessor,\n ) {\n super(inner, outgoingRequestProcessor);\n }\n\n /**\n * Start the key verification, if it has not already been started.\n *\n * This means sending a `m.key.verification.start` if we are the first responder, or a `m.key.verification.accept`\n * if the other side has already sent a start event.\n *\n * @returns Promise which resolves when the verification has completed, or rejects if the verification is cancelled\n * or times out.\n */\n public async verify(): Promise<void> {\n await this.sendAccept();\n await this.completionDeferred.promise;\n }\n\n /**\n * Send the accept or start event, if it hasn't already been sent\n */\n private async sendAccept(): Promise<void> {\n const req: undefined | OutgoingRequest = this.inner.accept();\n if (req) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(req);\n }\n }\n\n /** if we can now show the callbacks, do so */\n protected onChange(): void {\n super.onChange();\n\n if (this.callbacks === null) {\n const emoji = this.inner.emoji();\n const decimal = this.inner.decimals();\n\n if (emoji === undefined && decimal === undefined) {\n return;\n }\n\n const sas: GeneratedSas = {};\n if (emoji) {\n sas.emoji = emoji.map((e) => [e.symbol, e.description]);\n }\n if (decimal) {\n sas.decimal = [decimal[0], decimal[1], decimal[2]];\n }\n\n this.callbacks = {\n sas,\n confirm: async (): Promise<void> => {\n const requests: Array<OutgoingRequest> = await this.inner.confirm();\n for (const m of requests) {\n await this.outgoingRequestProcessor.makeOutgoingRequest(m);\n }\n },\n mismatch: (): void => {\n const request = this.inner.cancelWithCode(\"m.mismatched_sas\");\n if (request) {\n this.outgoingRequestProcessor.makeOutgoingRequest(request);\n }\n },\n cancel: (): void => {\n const request = this.inner.cancelWithCode(\"m.user\");\n if (request) {\n this.outgoingRequestProcessor.makeOutgoingRequest(request);\n }\n },\n };\n this.emit(VerifierEvent.ShowSas, this.callbacks);\n }\n }\n\n /**\n * Calculate an appropriate VerificationPhase for a VerificationRequest where this is the verifier.\n */\n public get verificationPhase(): VerificationPhase {\n return VerificationPhase.Started;\n }\n\n /**\n * Get the details for an SAS verification, if one is in progress\n *\n * Returns `null`, unless this verifier is for a SAS-based verification and we are waiting for the user to confirm\n * the SAS matches.\n */\n public getShowSasCallbacks(): ShowSasCallbacks | null {\n return this.callbacks;\n }\n\n /**\n * Replace the inner Rust verifier with a different one.\n *\n * @param inner - the new Rust verifier\n * @internal\n */\n public replaceInner(inner: RustSdkCryptoJs.Sas): void {\n if (this.inner != inner) {\n this.inner = inner;\n\n // As with RustVerificationRequest, we need to avoid a reference cycle.\n // See the comments in RustVerificationRequest.\n const weakThis = new WeakRef(this);\n inner.registerChangesCallback(async () => weakThis.deref()?.onChange());\n\n // replaceInner will only get called if we started the verification at the same time as the other side, and we lost\n // the tie breaker. So we need to re-accept their verification.\n this.sendAccept();\n this.onChange();\n }\n }\n}\n\n/** For each specced verification method, the rust-side `VerificationMethod` corresponding to it */\nconst verificationMethodsByIdentifier: Record<string, RustSdkCryptoJs.VerificationMethod> = {\n [VerificationMethod.Sas]: RustSdkCryptoJs.VerificationMethod.SasV1,\n [VerificationMethod.ScanQrCode]: RustSdkCryptoJs.VerificationMethod.QrCodeScanV1,\n [VerificationMethod.ShowQrCode]: RustSdkCryptoJs.VerificationMethod.QrCodeShowV1,\n [VerificationMethod.Reciprocate]: RustSdkCryptoJs.VerificationMethod.ReciprocateV1,\n};\n\n/**\n * Convert a specced verification method identifier into a rust-side `VerificationMethod`.\n *\n * @param method - specced method identifier, for example `m.sas.v1`.\n * @returns Rust-side `VerificationMethod` corresponding to `method`.\n * @throws An error if the method is unknown.\n *\n * @internal\n */\nexport function verificationMethodIdentifierToMethod(method: string): RustSdkCryptoJs.VerificationMethod {\n const meth = verificationMethodsByIdentifier[method];\n if (meth === undefined) {\n throw new Error(`Unknown verification method ${method}`);\n }\n return meth;\n}\n\n/**\n * Return true if the event's type matches that of an in-room verification event\n *\n * @param event - MatrixEvent\n * @returns\n *\n * @internal\n */\nexport function isVerificationEvent(event: MatrixEvent): boolean {\n switch (event.getType()) {\n case EventType.KeyVerificationCancel:\n case EventType.KeyVerificationDone:\n case EventType.KeyVerificationMac:\n case EventType.KeyVerificationStart:\n case EventType.KeyVerificationKey:\n case EventType.KeyVerificationReady:\n case EventType.KeyVerificationAccept:\n return true;\n case EventType.RoomMessage:\n return event.getContent().msgtype === MsgType.KeyVerificationRequest;\n default:\n return false;\n }\n}\n","/*\nCopyright 2023 - 2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type OlmMachine, type SignatureVerification } from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport {\n type BackupTrustInfo,\n type Curve25519AuthData,\n type KeyBackupCheck,\n type KeyBackupInfo,\n type KeyBackupSession,\n type Curve25519SessionData,\n type KeyBackupRestoreOpts,\n type KeyBackupRestoreResult,\n type KeyBackupRoomSessions,\n} from \"../crypto-api/keybackup.ts\";\nimport { logger } from \"../logger.ts\";\nimport { ClientPrefix, type IHttpOpts, MatrixError, type MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { TypedEventEmitter } from \"../models/typed-event-emitter.ts\";\nimport { encodeUri, logDuration } from \"../utils.ts\";\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { sleep } from \"../utils.ts\";\nimport { type BackupDecryptor } from \"../common-crypto/CryptoBackend.ts\";\nimport {\n type ImportRoomKeyProgressData,\n type ImportRoomKeysOpts,\n CryptoEvent,\n ImportRoomKeyStage,\n} from \"../crypto-api/index.ts\";\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\nimport { type IMegolmSessionData } from \"../@types/crypto.ts\";\n\n/** Authentification of the backup info, depends on algorithm */\ntype AuthData = KeyBackupInfo[\"auth_data\"];\n\n/**\n * Holds information of a created keybackup.\n * Useful to get the generated private key material and save it securely somewhere.\n */\ninterface KeyBackupCreationInfo {\n version: string;\n algorithm: string;\n authData: AuthData;\n decryptionKey: RustSdkCryptoJs.BackupDecryptionKey;\n}\n\n/**\n * @internal\n */\nexport class RustBackupManager extends TypedEventEmitter<RustBackupCryptoEvents, RustBackupCryptoEventMap> {\n /** Have we checked if there is a backup on the server which we can use */\n private checkedForBackup = false;\n\n /**\n * The latest backup version on the server, when we last checked.\n *\n * If there was no backup on the server, `null`. If our attempt to check resulted in an error, `undefined`.\n *\n * Note that the backup was not necessarily verified.\n */\n private serverBackupInfo: KeyBackupInfo | null | undefined = undefined;\n\n private activeBackupVersion: string | null = null;\n private stopped = false;\n\n /** whether {@link backupKeysLoop} is currently running */\n private backupKeysLoopRunning = false;\n\n public constructor(\n private readonly olmMachine: OlmMachine,\n private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n private readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n ) {\n super();\n }\n\n /**\n * Tells the RustBackupManager to stop.\n * The RustBackupManager is scheduling background uploads of keys to the backup, this\n * call allows to cancel the process when the client is stoppped.\n */\n public stop(): void {\n this.stopped = true;\n }\n\n /**\n * Get the backup version we are currently backing up to, if any\n */\n public async getActiveBackupVersion(): Promise<string | null> {\n if (!(await this.olmMachine.isBackupEnabled())) return null;\n return this.activeBackupVersion;\n }\n\n /**\n * Return the details of the latest backup on the server, when we last checked.\n *\n * This normally returns a cached value, but if we haven't yet made a request to the server, it will fire one off.\n * It will always return the details of the active backup if key backup is enabled.\n *\n * If there was no backup on the server, `null`. If our attempt to check resulted in an error, `undefined`.\n */\n public async getServerBackupInfo(): Promise<KeyBackupInfo | null | undefined> {\n // Do a validity check if we haven't already done one. The check is likely to fail if we don't yet have the\n // backup keys -- but as a side-effect, it will populate `serverBackupInfo`.\n await this.checkKeyBackupAndEnable(false);\n return this.serverBackupInfo;\n }\n\n /**\n * Determine if a key backup can be trusted.\n *\n * @param info - key backup info dict from {@link CryptoApi.getKeyBackupInfo}.\n */\n public async isKeyBackupTrusted(info: KeyBackupInfo): Promise<BackupTrustInfo> {\n const signatureVerification: SignatureVerification = await this.olmMachine.verifyBackup(info);\n\n const backupKeys: RustSdkCryptoJs.BackupKeys = await this.olmMachine.getBackupKeys();\n const decryptionKey = backupKeys?.decryptionKey;\n const backupMatchesSavedPrivateKey =\n !!decryptionKey && backupInfoMatchesBackupDecryptionKey(info, decryptionKey);\n return {\n matchesDecryptionKey: backupMatchesSavedPrivateKey,\n trusted: signatureVerification.trusted(),\n };\n }\n\n /**\n * Re-check the key backup and enable/disable it as appropriate.\n *\n * @param force - whether we should force a re-check even if one has already happened.\n */\n public checkKeyBackupAndEnable(force: boolean): Promise<KeyBackupCheck | null> {\n if (!force && this.checkedForBackup) {\n return Promise.resolve(null);\n }\n\n // make sure there is only one check going on at a time\n if (!this.keyBackupCheckInProgress) {\n this.keyBackupCheckInProgress = this.doCheckKeyBackup().finally(() => {\n this.keyBackupCheckInProgress = null;\n });\n }\n return this.keyBackupCheckInProgress;\n }\n\n /**\n * Handles a backup secret received event and store it if it matches the current backup version.\n *\n * @param secret - The secret as received from a `m.secret.send` event for secret `m.megolm_backup.v1`.\n * @returns true if the secret is valid and has been stored, false otherwise.\n */\n public async handleBackupSecretReceived(secret: string): Promise<boolean> {\n // Currently we only receive the decryption key without any key backup version. It is important to\n // check that the secret is valid for the current version before storing it.\n // We force a check to ensure to have the latest version.\n let latestBackupInfo: KeyBackupInfo | null;\n try {\n latestBackupInfo = await this.requestKeyBackupVersion();\n } catch (e) {\n logger.warn(\"handleBackupSecretReceived: Error checking for latest key backup\", e);\n return false;\n }\n\n if (!latestBackupInfo?.version) {\n // There is no server-side key backup.\n // This decryption key is useless to us.\n logger.warn(\n \"handleBackupSecretReceived: Received a backup decryption key, but there is no trusted server-side key backup\",\n );\n return false;\n }\n\n try {\n const backupDecryptionKey = RustSdkCryptoJs.BackupDecryptionKey.fromBase64(secret);\n const privateKeyMatches = backupInfoMatchesBackupDecryptionKey(latestBackupInfo, backupDecryptionKey);\n if (!privateKeyMatches) {\n logger.warn(\n `handleBackupSecretReceived: Private decryption key does not match the public key of the current remote backup.`,\n );\n // just ignore the secret\n return false;\n }\n logger.info(\n `handleBackupSecretReceived: A valid backup decryption key has been received and stored in cache.`,\n );\n await this.saveBackupDecryptionKey(backupDecryptionKey, latestBackupInfo.version);\n return true;\n } catch (e) {\n logger.warn(\"handleBackupSecretReceived: Invalid backup decryption key\", e);\n }\n\n return false;\n }\n\n public async saveBackupDecryptionKey(\n backupDecryptionKey: RustSdkCryptoJs.BackupDecryptionKey,\n version: string,\n ): Promise<void> {\n await this.olmMachine.saveBackupDecryptionKey(backupDecryptionKey, version);\n // Emit an event that we have a new backup decryption key, so that the sdk can start\n // importing keys from backup if needed.\n this.emit(CryptoEvent.KeyBackupDecryptionKeyCached, version);\n }\n\n /**\n * Import a list of room keys previously exported by exportRoomKeys\n *\n * @param keys - a list of session export objects\n * @param opts - options object\n * @returns a promise which resolves once the keys have been imported\n */\n public async importRoomKeys(keys: IMegolmSessionData[], opts?: ImportRoomKeysOpts): Promise<void> {\n await this.importRoomKeysAsJson(JSON.stringify(keys), opts);\n }\n\n /**\n * Import a list of room keys previously exported by exportRoomKeysAsJson\n *\n * @param jsonKeys - a JSON string encoding a list of session export objects,\n * each of which is an IMegolmSessionData\n * @param opts - options object\n * @returns a promise which resolves once the keys have been imported\n */\n public async importRoomKeysAsJson(jsonKeys: string, opts?: ImportRoomKeysOpts): Promise<void> {\n await this.olmMachine.importExportedRoomKeys(jsonKeys, (progress: bigint, total: bigint): void => {\n const importOpt: ImportRoomKeyProgressData = {\n total: Number(total),\n successes: Number(progress),\n stage: ImportRoomKeyStage.LoadKeys,\n failures: 0,\n };\n opts?.progressCallback?.(importOpt);\n });\n }\n\n /**\n * Implementation of {@link CryptoBackend#importBackedUpRoomKeys}.\n */\n public async importBackedUpRoomKeys(\n keys: IMegolmSessionData[],\n backupVersion: string,\n opts?: ImportRoomKeysOpts,\n ): Promise<void> {\n const keysByRoom: Map<RustSdkCryptoJs.RoomId, Map<string, IMegolmSessionData>> = new Map();\n for (const key of keys) {\n const roomId = new RustSdkCryptoJs.RoomId(key.room_id);\n if (!keysByRoom.has(roomId)) {\n keysByRoom.set(roomId, new Map());\n }\n keysByRoom.get(roomId)!.set(key.session_id, key);\n }\n await this.olmMachine.importBackedUpRoomKeys(\n keysByRoom,\n (progress: bigint, total: bigint, failures: bigint): void => {\n const importOpt: ImportRoomKeyProgressData = {\n total: Number(total),\n successes: Number(progress),\n stage: ImportRoomKeyStage.LoadKeys,\n failures: Number(failures),\n };\n opts?.progressCallback?.(importOpt);\n },\n backupVersion,\n );\n }\n\n private keyBackupCheckInProgress: Promise<KeyBackupCheck | null> | null = null;\n\n /** Helper for `checkKeyBackup` */\n private async doCheckKeyBackup(): Promise<KeyBackupCheck | null> {\n logger.log(\"Checking key backup status...\");\n let backupInfo: KeyBackupInfo | null | undefined;\n try {\n backupInfo = await this.requestKeyBackupVersion();\n } catch (e) {\n logger.warn(\"Error checking for active key backup\", e);\n this.serverBackupInfo = undefined;\n return null;\n }\n this.checkedForBackup = true;\n\n if (backupInfo && !backupInfo.version) {\n logger.warn(\"active backup lacks a useful 'version'; ignoring it\");\n backupInfo = undefined;\n }\n this.serverBackupInfo = backupInfo;\n\n const activeVersion = await this.getActiveBackupVersion();\n\n if (!backupInfo) {\n if (activeVersion !== null) {\n logger.log(\"No key backup present on server: disabling key backup\");\n await this.disableKeyBackup();\n } else {\n logger.log(\"No key backup present on server: not enabling key backup\");\n }\n return null;\n }\n\n const trustInfo = await this.isKeyBackupTrusted(backupInfo);\n\n // Per the spec, we should enable key upload if either (a) the backup is signed by a trusted key, or\n // (b) the public key matches the private decryption key that we have received from 4S.\n if (!trustInfo.matchesDecryptionKey && !trustInfo.trusted) {\n if (activeVersion !== null) {\n logger.log(\"Key backup present on server but not trusted: disabling key backup\");\n await this.disableKeyBackup();\n } else {\n logger.log(\"Key backup present on server but not trusted: not enabling key backup\");\n }\n } else {\n if (activeVersion === null) {\n logger.log(`Found usable key backup v${backupInfo.version}: enabling key backups`);\n await this.enableKeyBackup(backupInfo);\n } else if (activeVersion !== backupInfo.version) {\n logger.log(`On backup version ${activeVersion} but found version ${backupInfo.version}: switching.`);\n // This will remove any pending backup request, remove the backup key and reset the backup state of each room key we have.\n await this.disableKeyBackup();\n // Enabling will now trigger re-upload of all the keys\n await this.enableKeyBackup(backupInfo);\n } else {\n logger.log(`Backup version ${backupInfo.version} still current`);\n }\n }\n return { backupInfo, trustInfo };\n }\n\n private async enableKeyBackup(backupInfo: KeyBackupInfo): Promise<void> {\n // we know for certain it must be a Curve25519 key, because we have verified it and only Curve25519\n // keys can be verified.\n //\n // we also checked it has a valid `version`.\n await this.olmMachine.enableBackupV1(\n (backupInfo.auth_data as Curve25519AuthData).public_key,\n backupInfo.version!,\n );\n this.activeBackupVersion = backupInfo.version!;\n\n this.emit(CryptoEvent.KeyBackupStatus, true);\n\n this.backupKeysLoop();\n }\n\n /**\n * Restart the backup key loop if there is an active trusted backup.\n * Doesn't try to check the backup server side. To be called when a new\n * megolm key is known locally.\n */\n public async maybeUploadKey(): Promise<void> {\n if (this.activeBackupVersion != null) {\n this.backupKeysLoop();\n }\n }\n\n private async disableKeyBackup(): Promise<void> {\n await this.olmMachine.disableBackup();\n this.activeBackupVersion = null;\n this.emit(CryptoEvent.KeyBackupStatus, false);\n }\n\n private async backupKeysLoop(maxDelay = 10000): Promise<void> {\n if (this.backupKeysLoopRunning) {\n logger.log(`Backup loop already running`);\n return;\n }\n this.backupKeysLoopRunning = true;\n\n logger.log(`Backup: Starting keys upload loop for backup version:${this.activeBackupVersion}.`);\n\n // wait between 0 and `maxDelay` seconds, to avoid backup\n // requests from different clients hitting the server all at\n // the same time when a new key is sent\n const delay = Math.random() * maxDelay;\n await sleep(delay);\n\n try {\n // number of consecutive network failures for exponential backoff\n let numFailures = 0;\n // The number of keys left to back up. (Populated lazily: see more comments below.)\n let remainingToUploadCount: number | null = null;\n // To avoid computing the key when only a few keys were added (after a sync for example),\n // we compute the count only when at least two iterations are needed.\n let isFirstIteration = true;\n\n while (!this.stopped) {\n // Get a batch of room keys to upload\n let request: RustSdkCryptoJs.KeysBackupRequest | undefined = undefined;\n try {\n request = await logDuration(\n logger,\n \"BackupRoomKeys: Get keys to backup from rust crypto-sdk\",\n async () => {\n return await this.olmMachine.backupRoomKeys();\n },\n );\n } catch (err) {\n logger.error(\"Backup: Failed to get keys to backup from rust crypto-sdk\", err);\n }\n\n if (!request || this.stopped || !this.activeBackupVersion) {\n logger.log(`Backup: Ending loop for version ${this.activeBackupVersion}.`);\n if (!request) {\n // nothing more to upload\n this.emit(CryptoEvent.KeyBackupSessionsRemaining, 0);\n }\n return;\n }\n\n try {\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n numFailures = 0;\n if (this.stopped) break;\n\n // Key count performance (`olmMachine.roomKeyCounts()`) can be pretty bad on some configurations.\n // In particular, we detected on some M1 macs that when the object store reaches a threshold, the count\n // performance stops growing in O(n) and suddenly becomes very slow (40s, 60s or more).\n // For reference, the performance drop occurs around 300-400k keys on the platforms where this issue is observed.\n // Even on other configurations, the count can take several seconds.\n // This will block other operations on the database, like sending messages.\n //\n // This is a workaround to avoid calling `olmMachine.roomKeyCounts()` too often, and only when necessary.\n // We don't call it on the first loop because there could be only a few keys to upload, and we don't want to wait for the count.\n if (!isFirstIteration && remainingToUploadCount === null) {\n try {\n const keyCount = await this.olmMachine.roomKeyCounts();\n remainingToUploadCount = keyCount.total - keyCount.backedUp;\n } catch (err) {\n logger.error(\"Backup: Failed to get key counts from rust crypto-sdk\", err);\n }\n }\n\n if (remainingToUploadCount !== null) {\n this.emit(CryptoEvent.KeyBackupSessionsRemaining, remainingToUploadCount);\n const keysCountInBatch = this.keysCountInBatch(request);\n // `OlmMachine.roomKeyCounts` is called only once for the current backupKeysLoop. But new\n // keys could be added during the current loop (after a sync for example).\n // So the count can get out of sync with the real number of remaining keys to upload.\n // Depending on the number of new keys imported and the time to complete the loop,\n // this could result in multiple events being emitted with a remaining key count of 0.\n remainingToUploadCount = Math.max(remainingToUploadCount - keysCountInBatch, 0);\n }\n } catch (err) {\n numFailures++;\n logger.error(\"Backup: Error processing backup request for rust crypto-sdk\", err);\n if (err instanceof MatrixError) {\n const errCode = err.data.errcode;\n if (errCode == \"M_NOT_FOUND\" || errCode == \"M_WRONG_ROOM_KEYS_VERSION\") {\n logger.log(`Backup: Failed to upload keys to current vesion: ${errCode}.`);\n try {\n await this.disableKeyBackup();\n } catch (error) {\n logger.error(\"Backup: An error occurred while disabling key backup:\", error);\n }\n this.emit(CryptoEvent.KeyBackupFailed, err.data.errcode!);\n // There was an active backup and we are out of sync with the server\n // force a check server side\n this.backupKeysLoopRunning = false;\n this.checkKeyBackupAndEnable(true);\n return;\n } else if (err.isRateLimitError()) {\n // wait for that and then continue?\n try {\n const waitTime = err.getRetryAfterMs();\n if (waitTime && waitTime > 0) {\n await sleep(waitTime);\n continue;\n }\n } catch (error) {\n logger.warn(\n \"Backup: An error occurred while retrieving a rate-limit retry delay\",\n error,\n );\n } // else go to the normal backoff\n }\n }\n\n // Some other errors (mx, network, or CORS or invalid urls?) anyhow backoff\n // exponential backoff if we have failures\n await sleep(1000 * Math.pow(2, Math.min(numFailures - 1, 4)));\n }\n isFirstIteration = false;\n }\n } finally {\n this.backupKeysLoopRunning = false;\n }\n }\n\n /**\n * Utility method to count the number of keys in a backup request, in order to update the remaining keys count.\n * This should be the chunk size of the backup request for all requests but the last, but we don't have access to it\n * (it's static in the Rust SDK).\n * @param batch - The backup request to count the keys from.\n *\n * @returns The number of keys in the backup request.\n */\n private keysCountInBatch(batch: RustSdkCryptoJs.KeysBackupRequest): number {\n const parsedBody: KeyBackup = JSON.parse(batch.body);\n return countKeysInBackup(parsedBody);\n }\n\n /**\n * Get information about a key backup from the server\n * - If version is provided, get information about that backup version.\n * - If no version is provided, get information about the latest backup.\n *\n * @param version - The version of the backup to get information about.\n * @returns Information object from API or null if there is no active backup.\n */\n public async requestKeyBackupVersion(version?: string): Promise<KeyBackupInfo | null> {\n return await requestKeyBackupVersion(this.http, version);\n }\n\n /**\n * Creates a new key backup by generating a new random private key.\n *\n * If there is an existing backup server side it will be deleted and replaced\n * by the new one.\n *\n * @param signObject - Method that should sign the backup with existing device and\n * existing identity.\n * @returns a KeyBackupCreationInfo - All information related to the backup.\n */\n public async setupKeyBackup(signObject: (authData: AuthData) => Promise<void>): Promise<KeyBackupCreationInfo> {\n // Clean up any existing backup\n await this.deleteAllKeyBackupVersions();\n\n const randomKey = RustSdkCryptoJs.BackupDecryptionKey.createRandomKey();\n const pubKey = randomKey.megolmV1PublicKey;\n\n const authData = { public_key: pubKey.publicKeyBase64 };\n\n await signObject(authData);\n\n const res = await this.http.authedRequest<{ version: string }>(\n Method.Post,\n \"/room_keys/version\",\n undefined,\n {\n algorithm: pubKey.algorithm,\n auth_data: authData,\n },\n {\n prefix: ClientPrefix.V3,\n },\n );\n\n await this.saveBackupDecryptionKey(randomKey, res.version);\n\n return {\n version: res.version,\n algorithm: pubKey.algorithm,\n authData: authData,\n decryptionKey: randomKey,\n };\n }\n\n /**\n * Deletes all key backups.\n *\n * Will call the API to delete active backup until there is no more present.\n */\n public async deleteAllKeyBackupVersions(): Promise<void> {\n // there could be several backup versions. Delete all to be safe.\n let current = (await this.requestKeyBackupVersion())?.version ?? null;\n while (current != null) {\n await this.deleteKeyBackupVersion(current);\n current = (await this.requestKeyBackupVersion())?.version ?? null;\n }\n\n // XXX: Should this also update Secret Storage and delete any existing keys?\n }\n\n /**\n * Deletes the given key backup.\n *\n * @param version - The backup version to delete.\n */\n public async deleteKeyBackupVersion(version: string): Promise<void> {\n logger.debug(`deleteKeyBackupVersion v:${version}`);\n const path = encodeUri(\"/room_keys/version/$version\", { $version: version });\n await this.http.authedRequest<void>(Method.Delete, path, undefined, undefined, {\n prefix: ClientPrefix.V3,\n });\n // If the backup we are deleting is the active one, we need to disable the key backup and to have the local properties reset\n if (this.activeBackupVersion === version) {\n this.serverBackupInfo = null;\n await this.disableKeyBackup();\n }\n }\n\n /**\n * Creates a new backup decryptor for the given private key.\n * @param decryptionKey - The private key to use for decryption.\n */\n public createBackupDecryptor(decryptionKey: RustSdkCryptoJs.BackupDecryptionKey): BackupDecryptor {\n return new RustBackupDecryptor(decryptionKey);\n }\n\n /**\n * Restore a key backup.\n *\n * @param backupVersion - The version of the backup to restore.\n * @param backupDecryptor - The backup decryptor to use to decrypt the keys.\n * @param opts - Options for the restore.\n * @returns The total number of keys and the total imported.\n */\n public async restoreKeyBackup(\n backupVersion: string,\n backupDecryptor: BackupDecryptor,\n opts?: KeyBackupRestoreOpts,\n ): Promise<KeyBackupRestoreResult> {\n const keyBackup = await this.downloadKeyBackup(backupVersion);\n\n return this.importKeyBackup(keyBackup, backupVersion, backupDecryptor, opts);\n }\n\n /**\n * Call `/room_keys/keys` to download the key backup (room keys) for the given backup version.\n * https://spec.matrix.org/v1.12/client-server-api/#get_matrixclientv3room_keyskeys\n *\n * @param backupVersion\n * @returns The key backup response.\n */\n private downloadKeyBackup(backupVersion: string): Promise<KeyBackup> {\n return this.http.authedRequest<KeyBackup>(\n Method.Get,\n \"/room_keys/keys\",\n { version: backupVersion },\n undefined,\n {\n prefix: ClientPrefix.V3,\n },\n );\n }\n\n /**\n * Import the room keys from a `/room_keys/keys` call.\n * Calls `opts.progressCallback` with the progress of the import.\n *\n * @param keyBackup - The response from the server containing the keys to import.\n * @param backupVersion - The version of the backup info.\n * @param backupDecryptor - The backup decryptor to use to decrypt the keys.\n * @param opts - Options for the import.\n *\n * @returns The total number of keys and the total imported.\n *\n * @private\n */\n private async importKeyBackup(\n keyBackup: KeyBackup,\n backupVersion: string,\n backupDecryptor: BackupDecryptor,\n opts?: KeyBackupRestoreOpts,\n ): Promise<KeyBackupRestoreResult> {\n // We have a full backup here, it can get quite big, so we need to decrypt and import it in chunks.\n\n const CHUNK_SIZE = 200;\n // Get the total count as a first pass\n const totalKeyCount = countKeysInBackup(keyBackup);\n let totalImported = 0;\n let totalFailures = 0;\n\n opts?.progressCallback?.({\n total: totalKeyCount,\n successes: totalImported,\n stage: ImportRoomKeyStage.LoadKeys,\n failures: totalFailures,\n });\n\n /**\n * This method is called when we have enough chunks to decrypt.\n * It will decrypt the chunks and try to import the room keys.\n * @param roomChunks\n */\n const handleChunkCallback = async (roomChunks: Map<string, KeyBackupRoomSessions>): Promise<void> => {\n const currentChunk: IMegolmSessionData[] = [];\n for (const roomId of roomChunks.keys()) {\n // Decrypt the sessions for the given room\n const decryptedSessions = await backupDecryptor.decryptSessions(roomChunks.get(roomId)!);\n // Add the decrypted sessions to the current chunk\n decryptedSessions.forEach((session) => {\n // We set the room_id for each session\n session.room_id = roomId;\n currentChunk.push(session);\n });\n }\n\n // We have a chunk of decrypted keys: import them\n try {\n await this.importBackedUpRoomKeys(currentChunk, backupVersion);\n totalImported += currentChunk.length;\n } catch (e) {\n totalFailures += currentChunk.length;\n // We failed to import some keys, but we should still try to import the rest?\n // Log the error and continue\n logger.error(\"Error importing keys from backup\", e);\n }\n\n opts?.progressCallback?.({\n total: totalKeyCount,\n successes: totalImported,\n stage: ImportRoomKeyStage.LoadKeys,\n failures: totalFailures,\n });\n };\n\n let groupChunkCount = 0;\n let chunkGroupByRoom: Map<string, KeyBackupRoomSessions> = new Map();\n\n // Iterate over the rooms and sessions to group them in chunks\n // And we call the handleChunkCallback when we have enough chunks to decrypt\n for (const [roomId, roomData] of Object.entries(keyBackup.rooms)) {\n // If there are no sessions for the room, skip it\n if (!roomData.sessions) continue;\n\n // Initialize a new chunk group for the current room\n chunkGroupByRoom.set(roomId, {});\n\n for (const [sessionId, session] of Object.entries(roomData.sessions)) {\n // We set previously the chunk group for the current room, so we can safely get it\n const sessionsForRoom = chunkGroupByRoom.get(roomId)!;\n sessionsForRoom[sessionId] = session;\n groupChunkCount += 1;\n // If we have enough chunks to decrypt, call the block callback\n if (groupChunkCount >= CHUNK_SIZE) {\n // We have enough chunks to decrypt\n await handleChunkCallback(chunkGroupByRoom);\n // Reset the chunk group\n chunkGroupByRoom = new Map();\n // There might be remaining keys for that room, so add back an entry for the current room.\n chunkGroupByRoom.set(roomId, {});\n groupChunkCount = 0;\n }\n }\n }\n\n // Handle remaining chunk if needed\n if (groupChunkCount > 0) {\n await handleChunkCallback(chunkGroupByRoom);\n }\n\n return { total: totalKeyCount, imported: totalImported };\n }\n}\n\n/**\n * Checks if the provided backup info matches the given private key.\n *\n * @param info - The backup info to check.\n * @param backupDecryptionKey - The `BackupDecryptionKey` private key to check against.\n * @returns `true` if the private key can decrypt the backup, `false` otherwise.\n */\nfunction backupInfoMatchesBackupDecryptionKey(\n info: KeyBackupInfo,\n backupDecryptionKey: RustSdkCryptoJs.BackupDecryptionKey,\n): boolean {\n if (info.algorithm !== \"m.megolm_backup.v1.curve25519-aes-sha2\") {\n logger.warn(\"backupMatchesPrivateKey: Unsupported backup algorithm\", info.algorithm);\n return false;\n }\n\n return (info.auth_data as Curve25519AuthData)?.public_key === backupDecryptionKey.megolmV1PublicKey.publicKeyBase64;\n}\n\n/**\n * Implementation of {@link BackupDecryptor} for the rust crypto backend.\n */\nexport class RustBackupDecryptor implements BackupDecryptor {\n private decryptionKey: RustSdkCryptoJs.BackupDecryptionKey;\n public sourceTrusted: boolean;\n\n public constructor(decryptionKey: RustSdkCryptoJs.BackupDecryptionKey) {\n this.decryptionKey = decryptionKey;\n this.sourceTrusted = false;\n }\n\n /**\n * Implements {@link BackupDecryptor#decryptSessions}\n */\n public async decryptSessions(\n ciphertexts: Record<string, KeyBackupSession<Curve25519SessionData | AESEncryptedSecretStoragePayload>>,\n ): Promise<IMegolmSessionData[]> {\n const keys: IMegolmSessionData[] = [];\n for (const [sessionId, sessionData] of Object.entries(ciphertexts)) {\n try {\n const decrypted = JSON.parse(\n this.decryptionKey.decryptV1(\n sessionData.session_data.ephemeral,\n sessionData.session_data.mac,\n sessionData.session_data.ciphertext,\n ),\n );\n decrypted.session_id = sessionId;\n keys.push(decrypted);\n } catch (e) {\n logger.log(\"Failed to decrypt megolm session from backup\", e, sessionData);\n }\n }\n return keys;\n }\n\n /**\n * Implements {@link BackupDecryptor#free}\n */\n public free(): void {\n this.decryptionKey.free();\n }\n}\n\n/**\n * Fetch a key backup info from the server.\n *\n * If `version` is provided, calls `GET /room_keys/version/$version` and gets the backup info for that version.\n * See https://spec.matrix.org/v1.12/client-server-api/#get_matrixclientv3room_keysversionversion.\n *\n * If not, calls `GET /room_keys/version` and gets the latest backup info.\n * See https://spec.matrix.org/v1.12/client-server-api/#get_matrixclientv3room_keysversion\n *\n * @param http\n * @param version - the specific version of the backup info to fetch\n * @returns The key backup info or null if there is no backup.\n */\nexport async function requestKeyBackupVersion(\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n version?: string,\n): Promise<KeyBackupInfo | null> {\n try {\n const path = version ? encodeUri(\"/room_keys/version/$version\", { $version: version }) : \"/room_keys/version\";\n return await http.authedRequest<KeyBackupInfo>(Method.Get, path, undefined, undefined, {\n prefix: ClientPrefix.V3,\n });\n } catch (e) {\n if ((<MatrixError>e).errcode === \"M_NOT_FOUND\") {\n return null;\n } else {\n throw e;\n }\n }\n}\n\n/**\n * Checks if the provided decryption key matches the public key of the key backup info.\n *\n * @param decryptionKey - The decryption key to check.\n * @param keyBackupInfo - The key backup info to check against.\n * @returns `true` if the decryption key matches the key backup info, `false` otherwise.\n */\nexport function decryptionKeyMatchesKeyBackupInfo(\n decryptionKey: RustSdkCryptoJs.BackupDecryptionKey,\n keyBackupInfo: KeyBackupInfo,\n): boolean {\n const authData = <Curve25519AuthData>keyBackupInfo.auth_data;\n return authData.public_key === decryptionKey.megolmV1PublicKey.publicKeyBase64;\n}\n\n/**\n * Counts the total number of keys present in a key backup.\n * @param keyBackup - The key backup to count the keys from.\n * @returns The total number of keys in the backup.\n */\nfunction countKeysInBackup(keyBackup: KeyBackup): number {\n let count = 0;\n for (const { sessions } of Object.values(keyBackup.rooms)) {\n count += Object.keys(sessions).length;\n }\n return count;\n}\n\nexport type RustBackupCryptoEvents =\n | CryptoEvent.KeyBackupStatus\n | CryptoEvent.KeyBackupSessionsRemaining\n | CryptoEvent.KeyBackupFailed\n | CryptoEvent.KeyBackupDecryptionKeyCached;\n\nexport type RustBackupCryptoEventMap = {\n [CryptoEvent.KeyBackupStatus]: (enabled: boolean) => void;\n [CryptoEvent.KeyBackupSessionsRemaining]: (remaining: number) => void;\n [CryptoEvent.KeyBackupFailed]: (errCode: string) => void;\n [CryptoEvent.KeyBackupDecryptionKeyCached]: (version: string) => void;\n};\n\n/**\n * Response from GET `/room_keys/keys` endpoint.\n * See https://spec.matrix.org/latest/client-server-api/#get_matrixclientv3room_keyskeys\n */\nexport interface KeyBackup {\n rooms: Record<string, { sessions: KeyBackupRoomSessions }>;\n}\n","/*\nCopyright 2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type OlmMachine, type OutgoingRequest } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { type OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { type Logger } from \"../logger.ts\";\nimport { defer, type IDeferred, logDuration } from \"../utils.ts\";\n\n/**\n * OutgoingRequestsManager: responsible for processing outgoing requests from the OlmMachine.\n * Ensure that only one loop is going on at once, and that the requests are processed in order.\n */\nexport class OutgoingRequestsManager {\n /** whether {@link stop} has been called */\n private stopped = false;\n\n /** whether {@link outgoingRequestLoop} is currently running */\n private outgoingRequestLoopRunning = false;\n\n /**\n * If there are additional calls to doProcessOutgoingRequests() while there is a current call running\n * we need to remember in order to call `doProcessOutgoingRequests` again (as there could be new requests).\n *\n * If this is defined, it is an indication that we need to do another iteration; in this case the deferred\n * will resolve once that next iteration completes. If it is undefined, there have been no new calls\n * to `doProcessOutgoingRequests` since the current iteration started.\n */\n private nextLoopDeferred?: IDeferred<void>;\n\n public constructor(\n private readonly logger: Logger,\n private readonly olmMachine: OlmMachine,\n public readonly outgoingRequestProcessor: OutgoingRequestProcessor,\n ) {}\n\n /**\n * Shut down as soon as possible the current loop of outgoing requests processing.\n */\n public stop(): void {\n this.stopped = true;\n }\n\n /**\n * Process the OutgoingRequests from the OlmMachine.\n *\n * This should be called at the end of each sync, to process any OlmMachine OutgoingRequests created by the rust sdk.\n * In some cases if OutgoingRequests need to be sent immediately, this can be called directly.\n *\n * Calls to doProcessOutgoingRequests() are processed synchronously, one after the other, in order.\n * If doProcessOutgoingRequests() is called while another call is still being processed, it will be queued.\n * Multiple calls to doProcessOutgoingRequests() when a call is already processing will be batched together.\n */\n public doProcessOutgoingRequests(): Promise<void> {\n // Flag that we need at least one more iteration of the loop.\n //\n // It is important that we do this even if the loop is currently running. There is potential for a race whereby\n // a request is added to the queue *after* `OlmMachine.outgoingRequests` checks the queue, but *before* it\n // returns. In such a case, the item could sit there unnoticed for some time.\n //\n // In order to circumvent the race, we set a flag which tells the loop to go round once again even if the\n // queue appears to be empty.\n if (!this.nextLoopDeferred) {\n this.nextLoopDeferred = defer();\n }\n\n // ... and wait for it to complete.\n const result = this.nextLoopDeferred.promise;\n\n // set the loop going if it is not already.\n if (!this.outgoingRequestLoopRunning) {\n this.outgoingRequestLoop().catch((e) => {\n // this should not happen; outgoingRequestLoop should return any errors via `nextLoopDeferred`.\n /* istanbul ignore next */\n this.logger.error(\"Uncaught error in outgoing request loop\", e);\n });\n }\n return result;\n }\n\n private async outgoingRequestLoop(): Promise<void> {\n /* istanbul ignore if */\n if (this.outgoingRequestLoopRunning) {\n throw new Error(\"Cannot run two outgoing request loops\");\n }\n this.outgoingRequestLoopRunning = true;\n try {\n while (!this.stopped && this.nextLoopDeferred) {\n const deferred = this.nextLoopDeferred;\n\n // reset `nextLoopDeferred` so that any future calls to `doProcessOutgoingRequests` are queued\n // for another additional iteration.\n this.nextLoopDeferred = undefined;\n\n // make the requests and feed the results back to the `nextLoopDeferred`\n await this.processOutgoingRequests().then(deferred.resolve, deferred.reject);\n }\n } finally {\n this.outgoingRequestLoopRunning = false;\n }\n\n if (this.nextLoopDeferred) {\n // the loop was stopped, but there was a call to `doProcessOutgoingRequests`. Make sure that\n // we reject the promise in case anything is waiting for it.\n this.nextLoopDeferred.reject(new Error(\"OutgoingRequestsManager was stopped\"));\n }\n }\n\n /**\n * Make a single request to `olmMachine.outgoingRequests` and do the corresponding requests.\n */\n private async processOutgoingRequests(): Promise<void> {\n if (this.stopped) return;\n\n const outgoingRequests: OutgoingRequest[] = await this.olmMachine.outgoingRequests();\n\n for (const request of outgoingRequests) {\n if (this.stopped) return;\n try {\n await logDuration(this.logger, `Make outgoing request ${request.type}`, async () => {\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n });\n } catch (e) {\n // as part of the loop we silently ignore errors, but log them.\n // The rust sdk will retry the request later as it won't have been marked as sent.\n this.logger.error(`Failed to process outgoing request ${request.type}: ${e}`);\n }\n }\n }\n}\n","/*\nCopyright 2023 - 2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport { type OlmMachine } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport type * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport { type Curve25519AuthData, type KeyBackupInfo, type KeyBackupSession } from \"../crypto-api/keybackup.ts\";\nimport { CryptoEvent } from \"../crypto-api/index.ts\";\nimport { type Logger } from \"../logger.ts\";\nimport { ClientPrefix, type IHttpOpts, MatrixError, type MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { type RustBackupManager } from \"./backup.ts\";\nimport { encodeUri, sleep } from \"../utils.ts\";\nimport { type BackupDecryptor } from \"../common-crypto/CryptoBackend.ts\";\n\n// The minimum time to wait between two retries in case of errors. To avoid hammering the server.\nconst KEY_BACKUP_BACKOFF = 5000; // ms\n\n/**\n * Enumerates the different kind of errors that can occurs when downloading and importing a key from backup.\n */\nenum KeyDownloadErrorCode {\n /** The requested key is not in the backup. */\n MISSING_DECRYPTION_KEY = \"MISSING_DECRYPTION_KEY\",\n /** A network error occurred while trying to download the key from backup. */\n NETWORK_ERROR = \"NETWORK_ERROR\",\n /** The loop has been stopped. */\n STOPPED = \"STOPPED\",\n}\n\nclass KeyDownloadError extends Error {\n public constructor(public readonly code: KeyDownloadErrorCode) {\n super(`Failed to get key from backup: ${code}`);\n this.name = \"KeyDownloadError\";\n }\n}\n\nclass KeyDownloadRateLimitError extends Error {\n public constructor(public readonly retryMillis: number) {\n super(`Failed to get key from backup: rate limited`);\n this.name = \"KeyDownloadRateLimitError\";\n }\n}\n\n/** Details of a megolm session whose key we are trying to fetch. */\ntype SessionInfo = { roomId: string; megolmSessionId: string };\n\n/** Holds the current backup decryptor and version that should be used.\n *\n * This is intended to be used as an immutable object (a new instance should be created if the configuration changes),\n * and some of the logic relies on that, so the properties are marked as `readonly`.\n */\ntype Configuration = {\n readonly backupVersion: string;\n readonly decryptor: BackupDecryptor;\n};\n\n/**\n * Used when an 'unable to decrypt' error occurs. It attempts to download the key from the backup.\n *\n * The current backup API lacks pagination, which can lead to lengthy key retrieval times for large histories (several 10s of minutes).\n * To mitigate this, keys are downloaded on demand as decryption errors occurs.\n * While this approach may result in numerous requests, it improves user experience by reducing wait times for message decryption.\n *\n * The PerSessionKeyBackupDownloader is resistant to backup configuration changes: it will automatically resume querying when\n * the backup is configured correctly.\n */\nexport class PerSessionKeyBackupDownloader {\n private stopped = false;\n\n /**\n * The version and decryption key to use with current backup if all set up correctly.\n *\n * Will not be set unless `hasConfigurationProblem` is `false`.\n */\n private configuration: Configuration | null = null;\n\n /** We remember when a session was requested and not found in backup to avoid query again too soon.\n * Map of session_id to timestamp */\n private sessionLastCheckAttemptedTime: Map<string, number> = new Map();\n\n /** The logger to use */\n private readonly logger: Logger;\n\n /** Whether the download loop is running. */\n private downloadLoopRunning = false;\n\n /** The list of requests that are queued. */\n private queuedRequests: SessionInfo[] = [];\n\n /** Remembers if we have a configuration problem. */\n private hasConfigurationProblem = false;\n\n /** The current server backup version check promise. To avoid doing a server call if one is in flight. */\n private currentBackupVersionCheck: Promise<Configuration | null> | null = null;\n\n /**\n * Creates a new instance of PerSessionKeyBackupDownloader.\n *\n * @param backupManager - The backup manager to use.\n * @param olmMachine - The olm machine to use.\n * @param http - The http instance to use.\n * @param logger - The logger to use.\n */\n public constructor(\n logger: Logger,\n private readonly olmMachine: OlmMachine,\n private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n private readonly backupManager: RustBackupManager,\n ) {\n this.logger = logger.getChild(\"[PerSessionKeyBackupDownloader]\");\n\n backupManager.on(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);\n backupManager.on(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);\n backupManager.on(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);\n }\n\n /**\n * Check if key download is successfully configured and active.\n *\n * @return `true` if key download is correctly configured and active; otherwise `false`.\n */\n public isKeyBackupDownloadConfigured(): boolean {\n return this.configuration !== null;\n }\n\n /**\n * Return the details of the latest backup on the server, when we last checked.\n *\n * This is just a convenience method to expose {@link RustBackupManager.getServerBackupInfo}.\n */\n public async getServerBackupInfo(): Promise<KeyBackupInfo | null | undefined> {\n return await this.backupManager.getServerBackupInfo();\n }\n\n /**\n * Called when a MissingRoomKey or UnknownMessageIndex decryption error is encountered.\n *\n * This will try to download the key from the backup if there is a trusted active backup.\n * In case of success the key will be imported and the onRoomKeysUpdated callback will be called\n * internally by the rust-sdk and decryption will be retried.\n *\n * @param roomId - The room ID of the room where the error occurred.\n * @param megolmSessionId - The megolm session ID that is missing.\n */\n public onDecryptionKeyMissingError(roomId: string, megolmSessionId: string): void {\n // Several messages encrypted with the same session may be decrypted at the same time,\n // so we need to be resistant and not query several time the same session.\n if (this.isAlreadyInQueue(roomId, megolmSessionId)) {\n // There is already a request queued for this session, no need to queue another one.\n this.logger.trace(`Not checking key backup for session ${megolmSessionId} as it is already queued`);\n return;\n }\n\n if (this.wasRequestedRecently(megolmSessionId)) {\n // We already tried to download this session recently and it was not in backup, no need to try again.\n this.logger.trace(\n `Not checking key backup for session ${megolmSessionId} as it was already requested recently`,\n );\n return;\n }\n\n // We always add the request to the queue, even if we have a configuration problem (can't access backup).\n // This is to make sure that if the configuration problem is resolved, we will try to download the key.\n // This will happen after an initial sync, at this point the backup will not yet be trusted and the decryption\n // key will not be available, but it will be just after the verification.\n // We don't need to persist it because currently on refresh the sdk will retry to decrypt the messages in error.\n this.queuedRequests.push({ roomId, megolmSessionId });\n\n // Start the download loop if it's not already running.\n this.downloadKeysLoop();\n }\n\n public stop(): void {\n this.stopped = true;\n this.backupManager.off(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);\n this.backupManager.off(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);\n this.backupManager.off(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);\n }\n\n /**\n * Called when the backup status changes (CryptoEvents)\n * This will trigger a check of the backup configuration.\n */\n private onBackupStatusChanged = (): void => {\n // we want to force check configuration, so we clear the current one.\n this.hasConfigurationProblem = false;\n this.configuration = null;\n this.getOrCreateBackupConfiguration().then((configuration) => {\n if (configuration) {\n // restart the download loop if it was stopped\n this.downloadKeysLoop();\n }\n });\n };\n\n /** Returns true if the megolm session is already queued for download. */\n private isAlreadyInQueue(roomId: string, megolmSessionId: string): boolean {\n return this.queuedRequests.some((info) => {\n return info.roomId == roomId && info.megolmSessionId == megolmSessionId;\n });\n }\n\n /**\n * Marks the session as not found in backup, to avoid retrying to soon for a key not in backup\n *\n * @param megolmSessionId - The megolm session ID that is missing.\n */\n private markAsNotFoundInBackup(megolmSessionId: string): void {\n const now = Date.now();\n this.sessionLastCheckAttemptedTime.set(megolmSessionId, now);\n // if too big make some cleaning to keep under control\n if (this.sessionLastCheckAttemptedTime.size > 100) {\n this.sessionLastCheckAttemptedTime = new Map(\n Array.from(this.sessionLastCheckAttemptedTime).filter((sid, ts) => {\n return Math.max(now - ts, 0) < KEY_BACKUP_BACKOFF;\n }),\n );\n }\n }\n\n /** Returns true if the session was requested recently. */\n private wasRequestedRecently(megolmSessionId: string): boolean {\n const lastCheck = this.sessionLastCheckAttemptedTime.get(megolmSessionId);\n if (!lastCheck) return false;\n return Math.max(Date.now() - lastCheck, 0) < KEY_BACKUP_BACKOFF;\n }\n\n private async getBackupDecryptionKey(): Promise<RustSdkCryptoJs.BackupKeys | null> {\n try {\n return await this.olmMachine.getBackupKeys();\n } catch {\n return null;\n }\n }\n\n /**\n * Requests a key from the server side backup.\n *\n * @param version - The backup version to use.\n * @param roomId - The room ID of the room where the error occurred.\n * @param sessionId - The megolm session ID that is missing.\n */\n private async requestRoomKeyFromBackup(\n version: string,\n roomId: string,\n sessionId: string,\n ): Promise<KeyBackupSession> {\n const path = encodeUri(\"/room_keys/keys/$roomId/$sessionId\", {\n $roomId: roomId,\n $sessionId: sessionId,\n });\n\n return await this.http.authedRequest<KeyBackupSession>(Method.Get, path, { version }, undefined, {\n prefix: ClientPrefix.V3,\n });\n }\n\n private async downloadKeysLoop(): Promise<void> {\n if (this.downloadLoopRunning) return;\n\n // If we have a configuration problem, we don't want to try to download.\n // If any configuration change is detected, we will retry and restart the loop.\n if (this.hasConfigurationProblem) return;\n\n this.downloadLoopRunning = true;\n\n try {\n while (this.queuedRequests.length > 0) {\n // we just peek the first one without removing it, so if a new request for same key comes in while we're\n // processing this one, it won't queue another request.\n const request = this.queuedRequests[0];\n try {\n // The backup could have changed between the time we queued the request and now, so we need to check\n const configuration = await this.getOrCreateBackupConfiguration();\n if (!configuration) {\n // Backup is not configured correctly, so stop the loop.\n this.downloadLoopRunning = false;\n return;\n }\n\n const result = await this.queryKeyBackup(request.roomId, request.megolmSessionId, configuration);\n\n if (this.stopped) {\n return;\n }\n // We got the encrypted key from backup, let's try to decrypt and import it.\n try {\n await this.decryptAndImport(request, result, configuration);\n } catch (e) {\n this.logger.error(\n `Error while decrypting and importing key backup for session ${request.megolmSessionId}`,\n e,\n );\n }\n // now remove the request from the queue as we've processed it.\n this.queuedRequests.shift();\n } catch (err) {\n if (err instanceof KeyDownloadError) {\n switch (err.code) {\n case KeyDownloadErrorCode.MISSING_DECRYPTION_KEY:\n this.markAsNotFoundInBackup(request.megolmSessionId);\n // continue for next one\n this.queuedRequests.shift();\n break;\n case KeyDownloadErrorCode.NETWORK_ERROR:\n // We don't want to hammer if there is a problem, so wait a bit.\n await sleep(KEY_BACKUP_BACKOFF);\n break;\n case KeyDownloadErrorCode.STOPPED:\n // If the downloader was stopped, we don't want to retry.\n this.downloadLoopRunning = false;\n return;\n }\n } else if (err instanceof KeyDownloadRateLimitError) {\n // we want to retry after the backoff time\n await sleep(err.retryMillis);\n }\n }\n }\n } finally {\n // all pending request have been processed, we can stop the loop.\n this.downloadLoopRunning = false;\n }\n }\n\n /**\n * Query the backup for a key.\n *\n * @param targetRoomId - ID of the room that the session is used in.\n * @param targetSessionId - ID of the session for which to check backup.\n * @param configuration - The backup configuration to use.\n */\n private async queryKeyBackup(\n targetRoomId: string,\n targetSessionId: string,\n configuration: Configuration,\n ): Promise<KeyBackupSession> {\n this.logger.debug(`Checking key backup for session ${targetSessionId}`);\n if (this.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);\n try {\n const res = await this.requestRoomKeyFromBackup(configuration.backupVersion, targetRoomId, targetSessionId);\n this.logger.debug(`Got key from backup for sessionId:${targetSessionId}`);\n return res;\n } catch (e) {\n if (this.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);\n\n this.logger.info(`No luck requesting key backup for session ${targetSessionId}: ${e}`);\n if (e instanceof MatrixError) {\n const errCode = e.data.errcode;\n if (errCode == \"M_NOT_FOUND\") {\n // Unfortunately the spec doesn't give us a way to differentiate between a missing key and a wrong version.\n // Synapse will return:\n // - \"error\": \"Unknown backup version\" if the version is wrong.\n // - \"error\": \"No room_keys found\" if the key is missing.\n // It's useful to know if the key is missing or if the version is wrong.\n // As it's not spec'ed, we fall back on considering the key is not in backup.\n // Notice that this request will be lost if instead the backup got out of sync (updated from other session).\n throw new KeyDownloadError(KeyDownloadErrorCode.MISSING_DECRYPTION_KEY);\n }\n if (e.isRateLimitError()) {\n let waitTime: number | undefined;\n try {\n waitTime = e.getRetryAfterMs() ?? undefined;\n } catch (error) {\n this.logger.warn(\"Error while retrieving a rate-limit retry delay\", error);\n }\n if (waitTime && waitTime > 0) {\n this.logger.info(`Rate limited by server, waiting ${waitTime}ms`);\n }\n throw new KeyDownloadRateLimitError(waitTime ?? KEY_BACKUP_BACKOFF);\n }\n }\n throw new KeyDownloadError(KeyDownloadErrorCode.NETWORK_ERROR);\n }\n }\n\n private async decryptAndImport(\n sessionInfo: SessionInfo,\n data: KeyBackupSession,\n configuration: Configuration,\n ): Promise<void> {\n const sessionsToImport: Record<string, KeyBackupSession> = { [sessionInfo.megolmSessionId]: data };\n\n const keys = await configuration!.decryptor.decryptSessions(sessionsToImport);\n for (const k of keys) {\n k.room_id = sessionInfo.roomId;\n }\n await this.backupManager.importBackedUpRoomKeys(keys, configuration.backupVersion);\n }\n\n /**\n * Gets the current backup configuration or create one if it doesn't exist.\n *\n * When a valid configuration is found it is cached and returned for subsequent calls.\n * Otherwise, if a check is forced or a check has not yet been done, a new check is done.\n *\n * @returns The backup configuration to use or null if there is a configuration problem.\n */\n private async getOrCreateBackupConfiguration(): Promise<Configuration | null> {\n if (this.configuration) {\n return this.configuration;\n }\n\n // We already tried to check the configuration and it failed.\n // We don't want to try again immediately, we will retry if a configuration change is detected.\n if (this.hasConfigurationProblem) {\n return null;\n }\n\n // This method can be called rapidly by several emitted CryptoEvent, so we need to make sure that we don't\n // query the server several times.\n if (this.currentBackupVersionCheck != null) {\n this.logger.debug(`Already checking server version, use current promise`);\n return await this.currentBackupVersionCheck;\n }\n\n this.currentBackupVersionCheck = this.internalCheckFromServer();\n try {\n return await this.currentBackupVersionCheck;\n } finally {\n this.currentBackupVersionCheck = null;\n }\n }\n\n private async internalCheckFromServer(): Promise<Configuration | null> {\n let currentServerVersion = null;\n try {\n currentServerVersion = await this.backupManager.getServerBackupInfo();\n } catch (e) {\n this.logger.debug(`Backup: error while checking server version: ${e}`);\n this.hasConfigurationProblem = true;\n return null;\n }\n this.logger.debug(`Got current backup version from server: ${currentServerVersion?.version}`);\n\n if (currentServerVersion?.algorithm != \"m.megolm_backup.v1.curve25519-aes-sha2\") {\n this.logger.info(`Unsupported algorithm ${currentServerVersion?.algorithm}`);\n this.hasConfigurationProblem = true;\n return null;\n }\n\n if (!currentServerVersion?.version) {\n this.logger.info(`No current key backup`);\n this.hasConfigurationProblem = true;\n return null;\n }\n\n const activeVersion = await this.backupManager.getActiveBackupVersion();\n if (activeVersion == null || currentServerVersion.version != activeVersion) {\n // Either the current backup version on server side is not trusted, or it is out of sync with the active version on the client side.\n this.logger.info(\n `The current backup version on the server (${currentServerVersion.version}) is not trusted. Version we are currently backing up to: ${activeVersion}`,\n );\n this.hasConfigurationProblem = true;\n return null;\n }\n\n const backupKeys = await this.getBackupDecryptionKey();\n if (!backupKeys?.decryptionKey) {\n this.logger.debug(`Not checking key backup for session (no decryption key)`);\n this.hasConfigurationProblem = true;\n return null;\n }\n\n if (activeVersion != backupKeys.backupVersion) {\n this.logger.debug(\n `Version for which we have a decryption key (${backupKeys.backupVersion}) doesn't match the version we are backing up to (${activeVersion})`,\n );\n this.hasConfigurationProblem = true;\n return null;\n }\n\n const authData = currentServerVersion.auth_data as Curve25519AuthData;\n if (authData.public_key != backupKeys.decryptionKey.megolmV1PublicKey.publicKeyBase64) {\n this.logger.debug(`Key backup on server does not match our decryption key`);\n this.hasConfigurationProblem = true;\n return null;\n }\n\n const backupDecryptor = this.backupManager.createBackupDecryptor(backupKeys.decryptionKey);\n this.hasConfigurationProblem = false;\n this.configuration = {\n decryptor: backupDecryptor,\n backupVersion: activeVersion,\n };\n return this.configuration;\n }\n}\n","/*\n * Copyright 2024 The Matrix.org Foundation C.I.C.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { deriveRecoveryKeyFromPassphrase } from \"../crypto-api/index.ts\";\n\n/* eslint-disable camelcase */\ninterface IAuthData {\n private_key_salt?: string;\n private_key_iterations?: number;\n private_key_bits?: number;\n}\n\n/**\n * Derive a backup key from a passphrase using the salt and iterations from the auth data.\n * @param authData - The auth data containing the salt and iterations\n * @param passphrase - The passphrase to derive the key from\n * @deprecated Deriving a backup key from a passphrase is not part of the matrix spec. Instead, a random key is generated and stored/shared via 4S.\n */\nexport function keyFromAuthData(authData: IAuthData, passphrase: string): Promise<Uint8Array> {\n if (!authData.private_key_salt || !authData.private_key_iterations) {\n throw new Error(\"Salt and/or iterations not found: \" + \"this backup cannot be restored with a passphrase\");\n }\n\n return deriveRecoveryKeyFromPassphrase(\n passphrase,\n authData.private_key_salt,\n authData.private_key_iterations,\n authData.private_key_bits,\n );\n}\n","/*\nCopyright 2022-2023 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport anotherjson from \"another-json\";\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport type { IEventDecryptionResult, IMegolmSessionData } from \"../@types/crypto.ts\";\nimport { KnownMembership } from \"../@types/membership.ts\";\nimport type { IDeviceLists, IToDeviceEvent } from \"../sync-accumulator.ts\";\nimport type { ToDevicePayload, ToDeviceBatch } from \"../models/ToDeviceMessage.ts\";\nimport { type MatrixEvent, MatrixEventEvent } from \"../models/event.ts\";\nimport { type Room } from \"../models/room.ts\";\nimport { type RoomMember } from \"../models/room-member.ts\";\nimport {\n type BackupDecryptor,\n type CryptoBackend,\n DecryptionError,\n type OnSyncCompletedData,\n} from \"../common-crypto/CryptoBackend.ts\";\nimport { logger, type Logger, LogSpan } from \"../logger.ts\";\nimport { type IHttpOpts, type MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { RoomEncryptor } from \"./RoomEncryptor.ts\";\nimport { OutgoingRequestProcessor } from \"./OutgoingRequestProcessor.ts\";\nimport { KeyClaimManager } from \"./KeyClaimManager.ts\";\nimport { logDuration, MapWithDefault } from \"../utils.ts\";\nimport {\n type BackupTrustInfo,\n type BootstrapCrossSigningOpts,\n type CreateSecretStorageOpts,\n CrossSigningKey,\n type CrossSigningKeyInfo,\n type CrossSigningStatus,\n type CryptoApi,\n type CryptoCallbacks,\n DecryptionFailureCode,\n DeviceVerificationStatus,\n type EventEncryptionInfo,\n EventShieldColour,\n EventShieldReason,\n type GeneratedSecretStorageKey,\n type ImportRoomKeysOpts,\n type KeyBackupCheck,\n type KeyBackupInfo,\n type OwnDeviceKeys,\n UserVerificationStatus,\n type VerificationRequest,\n encodeRecoveryKey,\n deriveRecoveryKeyFromPassphrase,\n type DeviceIsolationMode,\n AllDevicesIsolationMode,\n DeviceIsolationModeKind,\n CryptoEvent,\n type CryptoEventHandlerMap,\n type KeyBackupRestoreOpts,\n type KeyBackupRestoreResult,\n type StartDehydrationOpts,\n ImportRoomKeyStage,\n} from \"../crypto-api/index.ts\";\nimport { deviceKeysToDeviceMap, rustDeviceToJsDevice } from \"./device-converter.ts\";\nimport { type IDownloadKeyResult, type IQueryKeysRequest } from \"../client.ts\";\nimport { type Device, type DeviceMap } from \"../models/device.ts\";\nimport {\n SECRET_STORAGE_ALGORITHM_V1_AES,\n type SecretStorageKey,\n type ServerSideSecretStorage,\n} from \"../secret-storage.ts\";\nimport { CrossSigningIdentity } from \"./CrossSigningIdentity.ts\";\nimport { secretStorageCanAccessSecrets, secretStorageContainsCrossSigningKeys } from \"./secret-storage.ts\";\nimport { isVerificationEvent, RustVerificationRequest, verificationMethodIdentifierToMethod } from \"./verification.ts\";\nimport { EventType, MsgType } from \"../@types/event.ts\";\nimport { TypedEventEmitter } from \"../models/typed-event-emitter.ts\";\nimport { decryptionKeyMatchesKeyBackupInfo, RustBackupManager } from \"./backup.ts\";\nimport { TypedReEmitter } from \"../ReEmitter.ts\";\nimport { secureRandomString } from \"../randomstring.ts\";\nimport { ClientStoppedError } from \"../errors.ts\";\nimport { type ISignatures } from \"../@types/signed.ts\";\nimport { decodeBase64, encodeBase64 } from \"../base64.ts\";\nimport { OutgoingRequestsManager } from \"./OutgoingRequestsManager.ts\";\nimport { PerSessionKeyBackupDownloader } from \"./PerSessionKeyBackupDownloader.ts\";\nimport { DehydratedDeviceManager } from \"./DehydratedDeviceManager.ts\";\nimport { VerificationMethod } from \"../types.ts\";\nimport { keyFromAuthData } from \"../common-crypto/key-passphrase.ts\";\nimport { type UIAuthCallback } from \"../interactive-auth.ts\";\n\nconst ALL_VERIFICATION_METHODS = [\n VerificationMethod.Sas,\n VerificationMethod.ScanQrCode,\n VerificationMethod.ShowQrCode,\n VerificationMethod.Reciprocate,\n];\n\ninterface ISignableObject {\n signatures?: ISignatures;\n unsigned?: object;\n}\n\n/**\n * An implementation of {@link CryptoBackend} using the Rust matrix-sdk-crypto.\n *\n * @internal\n */\nexport class RustCrypto extends TypedEventEmitter<RustCryptoEvents, CryptoEventHandlerMap> implements CryptoBackend {\n /**\n * The number of iterations to use when deriving a recovery key from a passphrase.\n */\n private readonly RECOVERY_KEY_DERIVATION_ITERATIONS = 500000;\n\n private _trustCrossSignedDevices = true;\n private deviceIsolationMode: DeviceIsolationMode = new AllDevicesIsolationMode(false);\n\n /** whether {@link stop} has been called */\n private stopped = false;\n\n /** mapping of roomId → encryptor class */\n private roomEncryptors: Record<string, RoomEncryptor> = {};\n\n private eventDecryptor: EventDecryptor;\n private keyClaimManager: KeyClaimManager;\n private outgoingRequestProcessor: OutgoingRequestProcessor;\n private crossSigningIdentity: CrossSigningIdentity;\n private readonly backupManager: RustBackupManager;\n private outgoingRequestsManager: OutgoingRequestsManager;\n private readonly perSessionBackupDownloader: PerSessionKeyBackupDownloader;\n private readonly dehydratedDeviceManager: DehydratedDeviceManager;\n private readonly reemitter = new TypedReEmitter<RustCryptoEvents, CryptoEventHandlerMap>(this);\n\n public constructor(\n private readonly logger: Logger,\n\n /** The `OlmMachine` from the underlying rust crypto sdk. */\n private readonly olmMachine: RustSdkCryptoJs.OlmMachine,\n\n /**\n * Low-level HTTP interface: used to make outgoing requests required by the rust SDK.\n *\n * We expect it to set the access token, etc.\n */\n private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n\n /** The local user's User ID. */\n private readonly userId: string,\n\n /** The local user's Device ID. */\n _deviceId: string,\n\n /** Interface to server-side secret storage */\n private readonly secretStorage: ServerSideSecretStorage,\n\n /** Crypto callbacks provided by the application */\n private readonly cryptoCallbacks: CryptoCallbacks,\n ) {\n super();\n this.outgoingRequestProcessor = new OutgoingRequestProcessor(olmMachine, http);\n this.outgoingRequestsManager = new OutgoingRequestsManager(\n this.logger,\n olmMachine,\n this.outgoingRequestProcessor,\n );\n\n this.keyClaimManager = new KeyClaimManager(olmMachine, this.outgoingRequestProcessor);\n\n this.backupManager = new RustBackupManager(olmMachine, http, this.outgoingRequestProcessor);\n this.perSessionBackupDownloader = new PerSessionKeyBackupDownloader(\n this.logger,\n this.olmMachine,\n this.http,\n this.backupManager,\n );\n this.dehydratedDeviceManager = new DehydratedDeviceManager(\n this.logger,\n olmMachine,\n http,\n this.outgoingRequestProcessor,\n secretStorage,\n );\n this.eventDecryptor = new EventDecryptor(this.logger, olmMachine, this.perSessionBackupDownloader);\n\n // re-emit the events emitted by managers\n this.reemitter.reEmit(this.backupManager, [\n CryptoEvent.KeyBackupStatus,\n CryptoEvent.KeyBackupSessionsRemaining,\n CryptoEvent.KeyBackupFailed,\n CryptoEvent.KeyBackupDecryptionKeyCached,\n ]);\n this.reemitter.reEmit(this.dehydratedDeviceManager, [\n CryptoEvent.DehydratedDeviceCreated,\n CryptoEvent.DehydratedDeviceUploaded,\n CryptoEvent.RehydrationStarted,\n CryptoEvent.RehydrationProgress,\n CryptoEvent.RehydrationCompleted,\n CryptoEvent.RehydrationError,\n CryptoEvent.DehydrationKeyCached,\n CryptoEvent.DehydratedDeviceRotationError,\n ]);\n\n this.crossSigningIdentity = new CrossSigningIdentity(olmMachine, this.outgoingRequestProcessor, secretStorage);\n\n // Check and start in background the key backup connection\n this.checkKeyBackupAndEnable();\n }\n\n /**\n * Return the OlmMachine only if {@link RustCrypto#stop} has not been called.\n *\n * This allows us to better handle race conditions where the client is stopped before or during a crypto API call.\n *\n * @throws ClientStoppedError if {@link RustCrypto#stop} has been called.\n */\n private getOlmMachineOrThrow(): RustSdkCryptoJs.OlmMachine {\n if (this.stopped) {\n throw new ClientStoppedError();\n }\n return this.olmMachine;\n }\n\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n //\n // CryptoBackend implementation\n //\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n\n public set globalErrorOnUnknownDevices(_v: boolean) {\n // Not implemented for rust crypto.\n }\n\n public get globalErrorOnUnknownDevices(): boolean {\n // Not implemented for rust crypto.\n return false;\n }\n\n public stop(): void {\n // stop() may be called multiple times, but attempting to close() the OlmMachine twice\n // will cause an error.\n if (this.stopped) {\n return;\n }\n this.stopped = true;\n\n this.keyClaimManager.stop();\n this.backupManager.stop();\n this.outgoingRequestsManager.stop();\n this.perSessionBackupDownloader.stop();\n this.dehydratedDeviceManager.stop();\n\n // make sure we close() the OlmMachine; doing so means that all the Rust objects will be\n // cleaned up; in particular, the indexeddb connections will be closed, which means they\n // can then be deleted.\n this.olmMachine.close();\n }\n\n public async encryptEvent(event: MatrixEvent, _room: Room): Promise<void> {\n const roomId = event.getRoomId()!;\n const encryptor = this.roomEncryptors[roomId];\n\n if (!encryptor) {\n throw new Error(`Cannot encrypt event in unconfigured room ${roomId}`);\n }\n\n await encryptor.encryptEvent(event, this.globalBlacklistUnverifiedDevices, this.deviceIsolationMode);\n }\n\n public async decryptEvent(event: MatrixEvent): Promise<IEventDecryptionResult> {\n const roomId = event.getRoomId();\n if (!roomId) {\n // presumably, a to-device message. These are normally decrypted in preprocessToDeviceMessages\n // so the fact it has come back here suggests that decryption failed.\n //\n // once we drop support for the libolm crypto implementation, we can stop passing to-device messages\n // through decryptEvent and hence get rid of this case.\n throw new Error(\"to-device event was not decrypted in preprocessToDeviceMessages\");\n }\n return await this.eventDecryptor.attemptEventDecryption(event, this.deviceIsolationMode);\n }\n\n /**\n * Implementation of {@link CryptoBackend#getBackupDecryptor}.\n */\n public async getBackupDecryptor(backupInfo: KeyBackupInfo, privKey: Uint8Array): Promise<BackupDecryptor> {\n if (!(privKey instanceof Uint8Array)) {\n throw new Error(`getBackupDecryptor: expects Uint8Array`);\n }\n\n if (backupInfo.algorithm != \"m.megolm_backup.v1.curve25519-aes-sha2\") {\n throw new Error(`getBackupDecryptor: Unsupported algorithm ${backupInfo.algorithm}`);\n }\n\n const backupDecryptionKey = RustSdkCryptoJs.BackupDecryptionKey.fromBase64(encodeBase64(privKey));\n if (!decryptionKeyMatchesKeyBackupInfo(backupDecryptionKey, backupInfo)) {\n throw new Error(`getBackupDecryptor: key backup on server does not match the decryption key`);\n }\n\n return this.backupManager.createBackupDecryptor(backupDecryptionKey);\n }\n\n /**\n * Implementation of {@link CryptoBackend#importBackedUpRoomKeys}.\n */\n public async importBackedUpRoomKeys(\n keys: IMegolmSessionData[],\n backupVersion: string,\n opts?: ImportRoomKeysOpts,\n ): Promise<void> {\n return await this.backupManager.importBackedUpRoomKeys(keys, backupVersion, opts);\n }\n\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n //\n // CryptoApi implementation\n //\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n\n public globalBlacklistUnverifiedDevices = false;\n\n /**\n * Implementation of {@link CryptoApi#getVersion}.\n */\n public getVersion(): string {\n const versions = RustSdkCryptoJs.getVersions();\n return `Rust SDK ${versions.matrix_sdk_crypto} (${versions.git_sha}), Vodozemac ${versions.vodozemac}`;\n }\n\n /**\n * Implementation of {@link CryptoApi#setDeviceIsolationMode}.\n */\n public setDeviceIsolationMode(isolationMode: DeviceIsolationMode): void {\n this.deviceIsolationMode = isolationMode;\n }\n\n /**\n * Implementation of {@link CryptoApi#isEncryptionEnabledInRoom}.\n */\n public async isEncryptionEnabledInRoom(roomId: string): Promise<boolean> {\n const roomSettings: RustSdkCryptoJs.RoomSettings | undefined = await this.olmMachine.getRoomSettings(\n new RustSdkCryptoJs.RoomId(roomId),\n );\n return Boolean(roomSettings?.algorithm);\n }\n\n /**\n * Implementation of {@link CryptoApi#getOwnDeviceKeys}.\n */\n public async getOwnDeviceKeys(): Promise<OwnDeviceKeys> {\n const keys = this.olmMachine.identityKeys;\n return { ed25519: keys.ed25519.toBase64(), curve25519: keys.curve25519.toBase64() };\n }\n\n public prepareToEncrypt(room: Room): void {\n const encryptor = this.roomEncryptors[room.roomId];\n\n if (encryptor) {\n encryptor.prepareForEncryption(this.globalBlacklistUnverifiedDevices, this.deviceIsolationMode);\n }\n }\n\n public forceDiscardSession(roomId: string): Promise<void> {\n return this.roomEncryptors[roomId]?.forceDiscardSession();\n }\n\n public async exportRoomKeys(): Promise<IMegolmSessionData[]> {\n const raw = await this.olmMachine.exportRoomKeys(() => true);\n return JSON.parse(raw);\n }\n\n public async exportRoomKeysAsJson(): Promise<string> {\n return await this.olmMachine.exportRoomKeys(() => true);\n }\n\n public async importRoomKeys(keys: IMegolmSessionData[], opts?: ImportRoomKeysOpts): Promise<void> {\n return await this.backupManager.importRoomKeys(keys, opts);\n }\n\n public async importRoomKeysAsJson(keys: string, opts?: ImportRoomKeysOpts): Promise<void> {\n return await this.backupManager.importRoomKeysAsJson(keys, opts);\n }\n\n /**\n * Implementation of {@link CryptoApi.userHasCrossSigningKeys}.\n */\n public async userHasCrossSigningKeys(userId = this.userId, downloadUncached = false): Promise<boolean> {\n // TODO: could probably do with a more efficient way of doing this than returning the whole set and searching\n const rustTrackedUsers: Set<RustSdkCryptoJs.UserId> = await this.olmMachine.trackedUsers();\n let rustTrackedUser: RustSdkCryptoJs.UserId | undefined;\n for (const u of rustTrackedUsers) {\n if (userId === u.toString()) {\n rustTrackedUser = u;\n break;\n }\n }\n\n if (rustTrackedUser !== undefined) {\n if (userId === this.userId) {\n /* make sure we have an *up-to-date* idea of the user's cross-signing keys. This is important, because if we\n * return \"false\" here, we will end up generating new cross-signing keys and replacing the existing ones.\n */\n const request = this.olmMachine.queryKeysForUsers(\n // clone as rust layer will take ownership and it's reused later\n [rustTrackedUser.clone()],\n );\n await this.outgoingRequestProcessor.makeOutgoingRequest(request);\n }\n const userIdentity = await this.olmMachine.getIdentity(rustTrackedUser);\n userIdentity?.free();\n return userIdentity !== undefined;\n } else if (downloadUncached) {\n // Download the cross signing keys and check if the master key is available\n const keyResult = await this.downloadDeviceList(new Set([userId]));\n const keys = keyResult.master_keys?.[userId];\n\n // No master key\n if (!keys) return false;\n\n // `keys` is an object with { [`ed25519:${pubKey}`]: pubKey }\n // We assume only a single key, and we want the bare form without type\n // prefix, so we select the values.\n return Boolean(Object.values(keys.keys)[0]);\n } else {\n return false;\n }\n }\n\n /**\n * Get the device information for the given list of users.\n *\n * @param userIds - The users to fetch.\n * @param downloadUncached - If true, download the device list for users whose device list we are not\n * currently tracking. Defaults to false, in which case such users will not appear at all in the result map.\n *\n * @returns A map `{@link DeviceMap}`.\n */\n public async getUserDeviceInfo(userIds: string[], downloadUncached = false): Promise<DeviceMap> {\n const deviceMapByUserId = new Map<string, Map<string, Device>>();\n const rustTrackedUsers: Set<RustSdkCryptoJs.UserId> = await this.getOlmMachineOrThrow().trackedUsers();\n\n // Convert RustSdkCryptoJs.UserId to a `Set<string>`\n const trackedUsers = new Set<string>();\n rustTrackedUsers.forEach((rustUserId) => trackedUsers.add(rustUserId.toString()));\n\n // Keep untracked user to download their keys after\n const untrackedUsers: Set<string> = new Set();\n\n for (const userId of userIds) {\n // if this is a tracked user, we can just fetch the device list from the rust-sdk\n // (NB: this is probably ok even if we race with a leave event such that we stop tracking the user's\n // devices: the rust-sdk will return the last-known device list, which will be good enough.)\n if (trackedUsers.has(userId)) {\n deviceMapByUserId.set(userId, await this.getUserDevices(userId));\n } else {\n untrackedUsers.add(userId);\n }\n }\n\n // for any users whose device lists we are not tracking, fall back to downloading the device list\n // over HTTP.\n if (downloadUncached && untrackedUsers.size >= 1) {\n const queryResult = await this.downloadDeviceList(untrackedUsers);\n Object.entries(queryResult.device_keys).forEach(([userId, deviceKeys]) =>\n deviceMapByUserId.set(userId, deviceKeysToDeviceMap(deviceKeys)),\n );\n }\n\n return deviceMapByUserId;\n }\n\n /**\n * Get the device list for the given user from the olm machine\n * @param userId - Rust SDK UserId\n */\n private async getUserDevices(userId: string): Promise<Map<string, Device>> {\n const rustUserId = new RustSdkCryptoJs.UserId(userId);\n\n // For reasons I don't really understand, the Javascript FinalizationRegistry doesn't seem to run the\n // registered callbacks when `userDevices` goes out of scope, nor when the individual devices in the array\n // returned by `userDevices.devices` do so.\n //\n // This is particularly problematic, because each of those structures holds a reference to the\n // VerificationMachine, which in turn holds a reference to the IndexeddbCryptoStore. Hence, we end up leaking\n // open connections to the crypto store, which means the store can't be deleted on logout.\n //\n // To fix this, we explicitly call `.free` on each of the objects, which tells the rust code to drop the\n // allocated memory and decrement the refcounts for the crypto store.\n\n // Wait for up to a second for any in-flight device list requests to complete.\n // The reason for this isn't so much to avoid races (some level of raciness is\n // inevitable for this method) but to make testing easier.\n const userDevices: RustSdkCryptoJs.UserDevices = await this.olmMachine.getUserDevices(rustUserId, 1);\n try {\n const deviceArray: RustSdkCryptoJs.Device[] = userDevices.devices();\n try {\n return new Map(\n deviceArray.map((device) => [device.deviceId.toString(), rustDeviceToJsDevice(device, rustUserId)]),\n );\n } finally {\n deviceArray.forEach((d) => d.free());\n }\n } finally {\n userDevices.free();\n }\n }\n\n /**\n * Download the given user keys by calling `/keys/query` request\n * @param untrackedUsers - download keys of these users\n */\n private async downloadDeviceList(untrackedUsers: Set<string>): Promise<IDownloadKeyResult> {\n const queryBody: IQueryKeysRequest = { device_keys: {} };\n untrackedUsers.forEach((user) => (queryBody.device_keys[user] = []));\n\n return await this.http.authedRequest(Method.Post, \"/_matrix/client/v3/keys/query\", undefined, queryBody, {\n prefix: \"\",\n });\n }\n\n /**\n * Implementation of {@link CryptoApi#getTrustCrossSignedDevices}.\n */\n public getTrustCrossSignedDevices(): boolean {\n return this._trustCrossSignedDevices;\n }\n\n /**\n * Implementation of {@link CryptoApi#setTrustCrossSignedDevices}.\n */\n public setTrustCrossSignedDevices(val: boolean): void {\n this._trustCrossSignedDevices = val;\n // TODO: legacy crypto goes through the list of known devices and emits DeviceVerificationChanged\n // events. Maybe we need to do the same?\n }\n\n /**\n * Mark the given device as locally verified.\n *\n * Implementation of {@link CryptoApi#setDeviceVerified}.\n */\n public async setDeviceVerified(userId: string, deviceId: string, verified = true): Promise<void> {\n const device: RustSdkCryptoJs.Device | undefined = await this.olmMachine.getDevice(\n new RustSdkCryptoJs.UserId(userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n );\n\n if (!device) {\n throw new Error(`Unknown device ${userId}|${deviceId}`);\n }\n try {\n await device.setLocalTrust(\n verified ? RustSdkCryptoJs.LocalTrust.Verified : RustSdkCryptoJs.LocalTrust.Unset,\n );\n } finally {\n device.free();\n }\n }\n\n /**\n * Blindly cross-sign one of our other devices.\n *\n * Implementation of {@link CryptoApi#crossSignDevice}.\n */\n public async crossSignDevice(deviceId: string): Promise<void> {\n const device: RustSdkCryptoJs.Device | undefined = await this.olmMachine.getDevice(\n new RustSdkCryptoJs.UserId(this.userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n );\n if (!device) {\n throw new Error(`Unknown device ${deviceId}`);\n }\n try {\n const outgoingRequest: RustSdkCryptoJs.SignatureUploadRequest = await device.verify();\n await this.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);\n } finally {\n device.free();\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#getDeviceVerificationStatus}.\n */\n public async getDeviceVerificationStatus(\n userId: string,\n deviceId: string,\n ): Promise<DeviceVerificationStatus | null> {\n const device: RustSdkCryptoJs.Device | undefined = await this.olmMachine.getDevice(\n new RustSdkCryptoJs.UserId(userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n );\n\n if (!device) return null;\n try {\n return new DeviceVerificationStatus({\n signedByOwner: device.isCrossSignedByOwner(),\n crossSigningVerified: device.isCrossSigningTrusted(),\n localVerified: device.isLocallyTrusted(),\n trustCrossSignedDevices: this._trustCrossSignedDevices,\n });\n } finally {\n device.free();\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#getUserVerificationStatus}.\n */\n public async getUserVerificationStatus(userId: string): Promise<UserVerificationStatus> {\n const userIdentity: RustSdkCryptoJs.OtherUserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined =\n await this.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));\n if (userIdentity === undefined) {\n return new UserVerificationStatus(false, false, false);\n }\n\n const verified = userIdentity.isVerified();\n const wasVerified = userIdentity.wasPreviouslyVerified();\n const needsUserApproval =\n userIdentity instanceof RustSdkCryptoJs.OtherUserIdentity\n ? userIdentity.identityNeedsUserApproval()\n : false;\n userIdentity.free();\n return new UserVerificationStatus(verified, wasVerified, false, needsUserApproval);\n }\n\n /**\n * Implementation of {@link CryptoApi#pinCurrentUserIdentity}.\n */\n public async pinCurrentUserIdentity(userId: string): Promise<void> {\n const userIdentity: RustSdkCryptoJs.OtherUserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined =\n await this.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));\n\n if (userIdentity === undefined) {\n throw new Error(\"Cannot pin identity of unknown user\");\n }\n\n if (userIdentity instanceof RustSdkCryptoJs.OwnUserIdentity) {\n throw new Error(\"Cannot pin identity of own user\");\n }\n\n await userIdentity.pinCurrentMasterKey();\n }\n\n /**\n * Implementation of {@link CryptoApi#withdrawVerificationRequirement}.\n */\n public async withdrawVerificationRequirement(userId: string): Promise<void> {\n const userIdentity: RustSdkCryptoJs.OtherUserIdentity | RustSdkCryptoJs.OwnUserIdentity | undefined =\n await this.getOlmMachineOrThrow().getIdentity(new RustSdkCryptoJs.UserId(userId));\n\n if (userIdentity === undefined) {\n throw new Error(\"Cannot withdraw verification of unknown user\");\n }\n\n await userIdentity.withdrawVerification();\n }\n\n /**\n * Implementation of {@link CryptoApi#isCrossSigningReady}\n */\n public async isCrossSigningReady(): Promise<boolean> {\n const { privateKeysInSecretStorage, privateKeysCachedLocally } = await this.getCrossSigningStatus();\n const hasKeysInCache =\n Boolean(privateKeysCachedLocally.masterKey) &&\n Boolean(privateKeysCachedLocally.selfSigningKey) &&\n Boolean(privateKeysCachedLocally.userSigningKey);\n\n const identity = await this.getOwnIdentity();\n\n // Cross-signing is ready if the public identity is trusted, and the private keys\n // are either cached, or accessible via secret-storage.\n return !!identity?.isVerified() && (hasKeysInCache || privateKeysInSecretStorage);\n }\n\n /**\n * Implementation of {@link CryptoApi#getCrossSigningKeyId}\n */\n public async getCrossSigningKeyId(type: CrossSigningKey = CrossSigningKey.Master): Promise<string | null> {\n const userIdentity: RustSdkCryptoJs.OwnUserIdentity | undefined = await this.olmMachine.getIdentity(\n new RustSdkCryptoJs.UserId(this.userId),\n );\n if (!userIdentity) {\n // The public keys are not available on this device\n return null;\n }\n\n try {\n const crossSigningStatus: RustSdkCryptoJs.CrossSigningStatus = await this.olmMachine.crossSigningStatus();\n\n const privateKeysOnDevice =\n crossSigningStatus.hasMaster && crossSigningStatus.hasUserSigning && crossSigningStatus.hasSelfSigning;\n\n if (!privateKeysOnDevice) {\n // The private keys are not available on this device\n return null;\n }\n\n if (!userIdentity.isVerified()) {\n // We have both public and private keys, but they don't match!\n return null;\n }\n\n let key: string;\n switch (type) {\n case CrossSigningKey.Master:\n key = userIdentity.masterKey;\n break;\n case CrossSigningKey.SelfSigning:\n key = userIdentity.selfSigningKey;\n break;\n case CrossSigningKey.UserSigning:\n key = userIdentity.userSigningKey;\n break;\n default:\n // Unknown type\n return null;\n }\n\n const parsedKey: CrossSigningKeyInfo = JSON.parse(key);\n // `keys` is an object with { [`ed25519:${pubKey}`]: pubKey }\n // We assume only a single key, and we want the bare form without type\n // prefix, so we select the values.\n return Object.values(parsedKey.keys)[0];\n } finally {\n userIdentity.free();\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#bootstrapCrossSigning}\n */\n public async bootstrapCrossSigning(opts: BootstrapCrossSigningOpts): Promise<void> {\n await this.crossSigningIdentity.bootstrapCrossSigning(opts);\n }\n\n /**\n * Implementation of {@link CryptoApi#isSecretStorageReady}\n */\n public async isSecretStorageReady(): Promise<boolean> {\n // make sure that the cross-signing keys are stored\n const secretsToCheck: SecretStorageKey[] = [\n \"m.cross_signing.master\",\n \"m.cross_signing.user_signing\",\n \"m.cross_signing.self_signing\",\n ];\n\n // if key backup is active, we also need to check that the backup decryption key is stored\n const keyBackupEnabled = (await this.backupManager.getActiveBackupVersion()) != null;\n if (keyBackupEnabled) {\n secretsToCheck.push(\"m.megolm_backup.v1\");\n }\n\n return secretStorageCanAccessSecrets(this.secretStorage, secretsToCheck);\n }\n\n /**\n * Implementation of {@link CryptoApi#bootstrapSecretStorage}\n */\n public async bootstrapSecretStorage({\n createSecretStorageKey,\n setupNewSecretStorage,\n setupNewKeyBackup,\n }: CreateSecretStorageOpts = {}): Promise<void> {\n // If an AES Key is already stored in the secret storage and setupNewSecretStorage is not set\n // we don't want to create a new key\n const isNewSecretStorageKeyNeeded = setupNewSecretStorage || !(await this.secretStorageHasAESKey());\n\n if (isNewSecretStorageKeyNeeded) {\n if (!createSecretStorageKey) {\n throw new Error(\"unable to create a new secret storage key, createSecretStorageKey is not set\");\n }\n\n // Create a new storage key and add it to secret storage\n this.logger.info(\"bootstrapSecretStorage: creating new secret storage key\");\n const recoveryKey = await createSecretStorageKey();\n if (!recoveryKey) {\n throw new Error(\"createSecretStorageKey() callback did not return a secret storage key\");\n }\n await this.addSecretStorageKeyToSecretStorage(recoveryKey);\n }\n\n const crossSigningPrivateKeys: RustSdkCryptoJs.CrossSigningKeyExport | undefined =\n await this.olmMachine.exportCrossSigningKeys();\n const hasPrivateKeys =\n crossSigningPrivateKeys &&\n crossSigningPrivateKeys.masterKey !== undefined &&\n crossSigningPrivateKeys.self_signing_key !== undefined &&\n crossSigningPrivateKeys.userSigningKey !== undefined;\n\n // If we have cross-signing private keys cached, store them in secret\n // storage if they are not there already.\n if (\n hasPrivateKeys &&\n (isNewSecretStorageKeyNeeded || !(await secretStorageContainsCrossSigningKeys(this.secretStorage)))\n ) {\n this.logger.info(\"bootstrapSecretStorage: cross-signing keys not yet exported; doing so now.\");\n\n await this.secretStorage.store(\"m.cross_signing.master\", crossSigningPrivateKeys.masterKey);\n await this.secretStorage.store(\"m.cross_signing.user_signing\", crossSigningPrivateKeys.userSigningKey);\n await this.secretStorage.store(\"m.cross_signing.self_signing\", crossSigningPrivateKeys.self_signing_key);\n }\n\n // likewise with the key backup key: if we have one, store it in secret storage (if it's not already there)\n // also don't bother storing it if we're about to set up a new backup\n if (!setupNewKeyBackup) {\n await this.saveBackupKeyToStorage();\n } else {\n await this.resetKeyBackup();\n }\n }\n\n /**\n * If we have a backup key for the current, trusted backup in cache,\n * save it to secret storage.\n */\n private async saveBackupKeyToStorage(): Promise<void> {\n const keyBackupInfo = await this.backupManager.getServerBackupInfo();\n if (!keyBackupInfo || !keyBackupInfo.version) {\n logger.info(\"Not saving backup key to secret storage: no backup info\");\n return;\n }\n\n const backupKeys: RustSdkCryptoJs.BackupKeys = await this.olmMachine.getBackupKeys();\n if (!backupKeys.decryptionKey) {\n logger.info(\"Not saving backup key to secret storage: no backup key\");\n return;\n }\n\n if (!decryptionKeyMatchesKeyBackupInfo(backupKeys.decryptionKey, keyBackupInfo)) {\n logger.info(\"Not saving backup key to secret storage: decryption key does not match backup info\");\n return;\n }\n\n const backupKeyBase64 = backupKeys.decryptionKey.toBase64();\n\n await this.secretStorage.store(\"m.megolm_backup.v1\", backupKeyBase64);\n }\n\n /**\n * Add the secretStorage key to the secret storage\n * - The secret storage key must have the `keyInfo` field filled\n * - The secret storage key is set as the default key of the secret storage\n * - Call `cryptoCallbacks.cacheSecretStorageKey` when done\n *\n * @param secretStorageKey - The secret storage key to add in the secret storage.\n */\n private async addSecretStorageKeyToSecretStorage(secretStorageKey: GeneratedSecretStorageKey): Promise<void> {\n const secretStorageKeyObject = await this.secretStorage.addKey(SECRET_STORAGE_ALGORITHM_V1_AES, {\n passphrase: secretStorageKey.keyInfo?.passphrase,\n name: secretStorageKey.keyInfo?.name,\n key: secretStorageKey.privateKey,\n });\n\n await this.secretStorage.setDefaultKeyId(secretStorageKeyObject.keyId);\n\n this.cryptoCallbacks.cacheSecretStorageKey?.(\n secretStorageKeyObject.keyId,\n secretStorageKeyObject.keyInfo,\n secretStorageKey.privateKey,\n );\n }\n\n /**\n * Check if a secret storage AES Key is already added in secret storage\n *\n * @returns True if an AES key is in the secret storage\n */\n private async secretStorageHasAESKey(): Promise<boolean> {\n // See if we already have an AES secret-storage key.\n const secretStorageKeyTuple = await this.secretStorage.getKey();\n\n if (!secretStorageKeyTuple) return false;\n\n const [, keyInfo] = secretStorageKeyTuple;\n\n // Check if the key is an AES key\n return keyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES;\n }\n\n /**\n * Implementation of {@link CryptoApi#getCrossSigningStatus}\n */\n public async getCrossSigningStatus(): Promise<CrossSigningStatus> {\n const userIdentity: RustSdkCryptoJs.OwnUserIdentity | null = await this.getOlmMachineOrThrow().getIdentity(\n new RustSdkCryptoJs.UserId(this.userId),\n );\n\n const publicKeysOnDevice =\n Boolean(userIdentity?.masterKey) &&\n Boolean(userIdentity?.selfSigningKey) &&\n Boolean(userIdentity?.userSigningKey);\n userIdentity?.free();\n\n const privateKeysInSecretStorage = await secretStorageContainsCrossSigningKeys(this.secretStorage);\n const crossSigningStatus: RustSdkCryptoJs.CrossSigningStatus | null =\n await this.getOlmMachineOrThrow().crossSigningStatus();\n\n return {\n publicKeysOnDevice,\n privateKeysInSecretStorage,\n privateKeysCachedLocally: {\n masterKey: Boolean(crossSigningStatus?.hasMaster),\n userSigningKey: Boolean(crossSigningStatus?.hasUserSigning),\n selfSigningKey: Boolean(crossSigningStatus?.hasSelfSigning),\n },\n };\n }\n\n /**\n * Implementation of {@link CryptoApi#createRecoveryKeyFromPassphrase}\n */\n public async createRecoveryKeyFromPassphrase(password?: string): Promise<GeneratedSecretStorageKey> {\n if (password) {\n // Generate the key from the passphrase\n // first we generate a random salt\n const salt = secureRandomString(32);\n // then we derive the key from the passphrase\n const recoveryKey = await deriveRecoveryKeyFromPassphrase(\n password,\n salt,\n this.RECOVERY_KEY_DERIVATION_ITERATIONS,\n );\n return {\n keyInfo: {\n passphrase: {\n algorithm: \"m.pbkdf2\",\n iterations: this.RECOVERY_KEY_DERIVATION_ITERATIONS,\n salt,\n },\n },\n privateKey: recoveryKey,\n encodedPrivateKey: encodeRecoveryKey(recoveryKey),\n };\n } else {\n // Using the navigator crypto API to generate the private key\n const key = new Uint8Array(32);\n globalThis.crypto.getRandomValues(key);\n return {\n privateKey: key,\n encodedPrivateKey: encodeRecoveryKey(key),\n };\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#getEncryptionInfoForEvent}.\n */\n public async getEncryptionInfoForEvent(event: MatrixEvent): Promise<EventEncryptionInfo | null> {\n return this.eventDecryptor.getEncryptionInfoForEvent(event);\n }\n\n /**\n * Returns to-device verification requests that are already in progress for the given user id.\n *\n * Implementation of {@link CryptoApi#getVerificationRequestsToDeviceInProgress}\n *\n * @param userId - the ID of the user to query\n *\n * @returns the VerificationRequests that are in progress\n */\n public getVerificationRequestsToDeviceInProgress(userId: string): VerificationRequest[] {\n const requests: RustSdkCryptoJs.VerificationRequest[] = this.olmMachine.getVerificationRequests(\n new RustSdkCryptoJs.UserId(userId),\n );\n return requests\n .filter((request) => request.roomId === undefined)\n .map(\n (request) =>\n new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n ),\n );\n }\n\n /**\n * Finds a DM verification request that is already in progress for the given room id\n *\n * Implementation of {@link CryptoApi#findVerificationRequestDMInProgress}\n *\n * @param roomId - the room to use for verification\n * @param userId - search the verification request for the given user\n *\n * @returns the VerificationRequest that is in progress, if any\n *\n */\n public findVerificationRequestDMInProgress(roomId: string, userId?: string): VerificationRequest | undefined {\n if (!userId) throw new Error(\"missing userId\");\n\n const requests: RustSdkCryptoJs.VerificationRequest[] = this.olmMachine.getVerificationRequests(\n new RustSdkCryptoJs.UserId(userId),\n );\n\n // Search for the verification request for the given room id\n const request = requests.find((request) => request.roomId?.toString() === roomId);\n\n if (request) {\n return new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n );\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#requestVerificationDM}\n */\n public async requestVerificationDM(userId: string, roomId: string): Promise<VerificationRequest> {\n const userIdentity: RustSdkCryptoJs.OtherUserIdentity | undefined = await this.olmMachine.getIdentity(\n new RustSdkCryptoJs.UserId(userId),\n );\n\n if (!userIdentity) throw new Error(`unknown userId ${userId}`);\n\n try {\n // Transform the verification methods into rust objects\n const methods = this._supportedVerificationMethods.map((method) =>\n verificationMethodIdentifierToMethod(method),\n );\n // Get the request content to send to the DM room\n const verificationEventContent: string = await userIdentity.verificationRequestContent(methods);\n\n // Send the request content to send to the DM room\n const eventId = await this.sendVerificationRequestContent(roomId, verificationEventContent);\n\n // Get a verification request\n const request: RustSdkCryptoJs.VerificationRequest = await userIdentity.requestVerification(\n new RustSdkCryptoJs.RoomId(roomId),\n new RustSdkCryptoJs.EventId(eventId),\n methods,\n );\n return new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n );\n } finally {\n userIdentity.free();\n }\n }\n\n /**\n * Send the verification content to a room\n * See https://spec.matrix.org/v1.7/client-server-api/#put_matrixclientv3roomsroomidsendeventtypetxnid\n *\n * Prefer to use {@link OutgoingRequestProcessor.makeOutgoingRequest} when dealing with {@link RustSdkCryptoJs.RoomMessageRequest}\n *\n * @param roomId - the targeted room\n * @param verificationEventContent - the request body.\n *\n * @returns the event id\n */\n private async sendVerificationRequestContent(roomId: string, verificationEventContent: string): Promise<string> {\n const txId = secureRandomString(32);\n // Send the verification request content to the DM room\n const { event_id: eventId } = await this.http.authedRequest<{ event_id: string }>(\n Method.Put,\n `/_matrix/client/v3/rooms/${encodeURIComponent(roomId)}/send/m.room.message/${encodeURIComponent(txId)}`,\n undefined,\n verificationEventContent,\n {\n prefix: \"\",\n },\n );\n\n return eventId;\n }\n\n /**\n * The verification methods we offer to the other side during an interactive verification.\n */\n private _supportedVerificationMethods: string[] = ALL_VERIFICATION_METHODS;\n\n /**\n * Set the verification methods we offer to the other side during an interactive verification.\n *\n * If `undefined`, we will offer all the methods supported by the Rust SDK.\n */\n public setSupportedVerificationMethods(methods: string[] | undefined): void {\n // by default, the Rust SDK does not offer `m.qr_code.scan.v1`, but we do want to offer that.\n this._supportedVerificationMethods = methods ?? ALL_VERIFICATION_METHODS;\n }\n\n /**\n * Send a verification request to our other devices.\n *\n * If a verification is already in flight, returns it. Otherwise, initiates a new one.\n *\n * Implementation of {@link CryptoApi#requestOwnUserVerification}.\n *\n * @returns a VerificationRequest when the request has been sent to the other party.\n */\n public async requestOwnUserVerification(): Promise<VerificationRequest> {\n const userIdentity: RustSdkCryptoJs.OwnUserIdentity | undefined = await this.olmMachine.getIdentity(\n new RustSdkCryptoJs.UserId(this.userId),\n );\n if (userIdentity === undefined) {\n throw new Error(\"cannot request verification for this device when there is no existing cross-signing key\");\n }\n\n try {\n const [request, outgoingRequest]: [RustSdkCryptoJs.VerificationRequest, RustSdkCryptoJs.ToDeviceRequest] =\n await userIdentity.requestVerification(\n this._supportedVerificationMethods.map(verificationMethodIdentifierToMethod),\n );\n await this.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);\n return new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n );\n } finally {\n userIdentity.free();\n }\n }\n\n /**\n * Request an interactive verification with the given device.\n *\n * If a verification is already in flight, returns it. Otherwise, initiates a new one.\n *\n * Implementation of {@link CryptoApi#requestDeviceVerification}.\n *\n * @param userId - ID of the owner of the device to verify\n * @param deviceId - ID of the device to verify\n *\n * @returns a VerificationRequest when the request has been sent to the other party.\n */\n public async requestDeviceVerification(userId: string, deviceId: string): Promise<VerificationRequest> {\n const device: RustSdkCryptoJs.Device | undefined = await this.olmMachine.getDevice(\n new RustSdkCryptoJs.UserId(userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n );\n\n if (!device) {\n throw new Error(\"Not a known device\");\n }\n\n try {\n const [request, outgoingRequest] = device.requestVerification(\n this._supportedVerificationMethods.map(verificationMethodIdentifierToMethod),\n );\n await this.outgoingRequestProcessor.makeOutgoingRequest(outgoingRequest);\n return new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n );\n } finally {\n device.free();\n }\n }\n\n /**\n * Fetch the backup decryption key we have saved in our store.\n *\n * Implementation of {@link CryptoApi#getSessionBackupPrivateKey}.\n *\n * @returns the key, if any, or null\n */\n public async getSessionBackupPrivateKey(): Promise<Uint8Array | null> {\n const backupKeys: RustSdkCryptoJs.BackupKeys = await this.olmMachine.getBackupKeys();\n if (!backupKeys.decryptionKey) return null;\n return decodeBase64(backupKeys.decryptionKey.toBase64());\n }\n\n /**\n * Store the backup decryption key.\n *\n * Implementation of {@link CryptoApi#storeSessionBackupPrivateKey}.\n *\n * @param key - the backup decryption key\n * @param version - the backup version for this key.\n */\n public async storeSessionBackupPrivateKey(key: Uint8Array, version?: string): Promise<void> {\n const base64Key = encodeBase64(key);\n\n if (!version) {\n throw new Error(\"storeSessionBackupPrivateKey: version is required\");\n }\n\n await this.backupManager.saveBackupDecryptionKey(\n RustSdkCryptoJs.BackupDecryptionKey.fromBase64(base64Key),\n version,\n );\n }\n\n /**\n * Implementation of {@link CryptoApi#loadSessionBackupPrivateKeyFromSecretStorage}.\n */\n public async loadSessionBackupPrivateKeyFromSecretStorage(): Promise<void> {\n const backupKey = await this.secretStorage.get(\"m.megolm_backup.v1\");\n if (!backupKey) {\n throw new Error(\"loadSessionBackupPrivateKeyFromSecretStorage: missing decryption key in secret storage\");\n }\n\n const keyBackupInfo = await this.backupManager.getServerBackupInfo();\n if (!keyBackupInfo || !keyBackupInfo.version) {\n throw new Error(\"loadSessionBackupPrivateKeyFromSecretStorage: unable to get backup version\");\n }\n\n const backupDecryptionKey = RustSdkCryptoJs.BackupDecryptionKey.fromBase64(backupKey);\n if (!decryptionKeyMatchesKeyBackupInfo(backupDecryptionKey, keyBackupInfo)) {\n throw new Error(\"loadSessionBackupPrivateKeyFromSecretStorage: decryption key does not match backup info\");\n }\n\n await this.backupManager.saveBackupDecryptionKey(backupDecryptionKey, keyBackupInfo.version);\n }\n\n /**\n * Get the current status of key backup.\n *\n * Implementation of {@link CryptoApi#getActiveSessionBackupVersion}.\n */\n public async getActiveSessionBackupVersion(): Promise<string | null> {\n return await this.backupManager.getActiveBackupVersion();\n }\n\n /**\n * Implementation of {@link CryptoApi#getKeyBackupInfo}.\n */\n public async getKeyBackupInfo(): Promise<KeyBackupInfo | null> {\n return (await this.backupManager.getServerBackupInfo()) || null;\n }\n\n /**\n * Determine if a key backup can be trusted.\n *\n * Implementation of {@link CryptoApi#isKeyBackupTrusted}.\n */\n public async isKeyBackupTrusted(info: KeyBackupInfo): Promise<BackupTrustInfo> {\n return await this.backupManager.isKeyBackupTrusted(info);\n }\n\n /**\n * Force a re-check of the key backup and enable/disable it as appropriate.\n *\n * Implementation of {@link CryptoApi#checkKeyBackupAndEnable}.\n */\n public async checkKeyBackupAndEnable(): Promise<KeyBackupCheck | null> {\n return await this.backupManager.checkKeyBackupAndEnable(true);\n }\n\n /**\n * Implementation of {@link CryptoApi#deleteKeyBackupVersion}.\n */\n public async deleteKeyBackupVersion(version: string): Promise<void> {\n await this.backupManager.deleteKeyBackupVersion(version);\n }\n\n /**\n * Implementation of {@link CryptoApi#resetKeyBackup}.\n */\n public async resetKeyBackup(): Promise<void> {\n const backupInfo = await this.backupManager.setupKeyBackup((o) => this.signObject(o));\n\n // we want to store the private key in 4S\n // need to check if 4S is set up?\n if (await this.secretStorageHasAESKey()) {\n await this.secretStorage.store(\"m.megolm_backup.v1\", backupInfo.decryptionKey.toBase64());\n }\n\n // we can check and start async\n this.checkKeyBackupAndEnable();\n }\n\n /**\n * Implementation of {@link CryptoApi#disableKeyStorage}.\n */\n public async disableKeyStorage(): Promise<void> {\n // Get the key backup version we're using\n const info = await this.getKeyBackupInfo();\n if (info?.version) {\n await this.deleteKeyBackupVersion(info.version);\n } else {\n logger.error(\"Can't delete key backup version: no version available\");\n }\n\n // also turn off 4S, since this is also storing keys on the server.\n await this.deleteSecretStorage();\n\n await this.dehydratedDeviceManager.delete();\n }\n\n /**\n * Signs the given object with the current device and current identity (if available).\n * As defined in {@link https://spec.matrix.org/v1.8/appendices/#signing-json | Signing JSON}.\n *\n * Helper for {@link RustCrypto#resetKeyBackup}.\n *\n * @param obj - The object to sign\n */\n private async signObject<T extends ISignableObject & object>(obj: T): Promise<void> {\n const sigs = new Map(Object.entries(obj.signatures || {}));\n const unsigned = obj.unsigned;\n\n delete obj.signatures;\n delete obj.unsigned;\n\n const userSignatures = sigs.get(this.userId) || {};\n\n const canonalizedJson = anotherjson.stringify(obj);\n const signatures: RustSdkCryptoJs.Signatures = await this.olmMachine.sign(canonalizedJson);\n\n const map = JSON.parse(signatures.asJSON());\n\n sigs.set(this.userId, { ...userSignatures, ...map[this.userId] });\n\n if (unsigned !== undefined) obj.unsigned = unsigned;\n obj.signatures = Object.fromEntries(sigs.entries());\n }\n\n /**\n * Implementation of {@link CryptoApi#restoreKeyBackupWithPassphrase}.\n */\n public async restoreKeyBackupWithPassphrase(\n passphrase: string,\n opts?: KeyBackupRestoreOpts,\n ): Promise<KeyBackupRestoreResult> {\n const backupInfo = await this.backupManager.getServerBackupInfo();\n if (!backupInfo?.version) {\n throw new Error(\"No backup info available\");\n }\n\n const privateKey = await keyFromAuthData(backupInfo.auth_data, passphrase);\n\n // Cache the key\n await this.storeSessionBackupPrivateKey(privateKey, backupInfo.version);\n return this.restoreKeyBackup(opts);\n }\n\n /**\n * Implementation of {@link CryptoApi#restoreKeyBackup}.\n */\n public async restoreKeyBackup(opts?: KeyBackupRestoreOpts): Promise<KeyBackupRestoreResult> {\n // Get the decryption key from the crypto store\n const backupKeys: RustSdkCryptoJs.BackupKeys = await this.olmMachine.getBackupKeys();\n const { decryptionKey, backupVersion } = backupKeys;\n if (!decryptionKey || !backupVersion) throw new Error(\"No decryption key found in crypto store\");\n\n const decodedDecryptionKey = decodeBase64(decryptionKey.toBase64());\n\n const backupInfo = await this.backupManager.requestKeyBackupVersion(backupVersion);\n if (!backupInfo) throw new Error(`Backup version to restore ${backupVersion} not found on server`);\n\n const backupDecryptor = await this.getBackupDecryptor(backupInfo, decodedDecryptionKey);\n\n try {\n opts?.progressCallback?.({\n stage: ImportRoomKeyStage.Fetch,\n });\n\n return await this.backupManager.restoreKeyBackup(backupVersion, backupDecryptor, opts);\n } finally {\n // Free to avoid to keep in memory the decryption key stored in it. To avoid to exposing it to an attacker.\n backupDecryptor.free();\n }\n }\n\n /**\n * Implementation of {@link CryptoApi#isDehydrationSupported}.\n */\n public async isDehydrationSupported(): Promise<boolean> {\n return await this.dehydratedDeviceManager.isSupported();\n }\n\n /**\n * Implementation of {@link CryptoApi#startDehydration}.\n */\n public async startDehydration(opts: StartDehydrationOpts | boolean = {}): Promise<void> {\n if (!(await this.isCrossSigningReady()) || !(await this.isSecretStorageReady())) {\n throw new Error(\"Device dehydration requires cross-signing and secret storage to be set up\");\n }\n return await this.dehydratedDeviceManager.start(opts || {});\n }\n\n /**\n * Implementation of {@link CryptoApi#importSecretsBundle}.\n */\n public async importSecretsBundle(\n secrets: Parameters<NonNullable<CryptoApi[\"importSecretsBundle\"]>>[0],\n ): Promise<void> {\n const secretsBundle = RustSdkCryptoJs.SecretsBundle.from_json(secrets);\n await this.getOlmMachineOrThrow().importSecretsBundle(secretsBundle); // this method frees the SecretsBundle\n }\n\n /**\n * Implementation of {@link CryptoApi#exportSecretsBundle}.\n */\n public async exportSecretsBundle(): ReturnType<NonNullable<CryptoApi[\"exportSecretsBundle\"]>> {\n const secretsBundle = await this.getOlmMachineOrThrow().exportSecretsBundle();\n const secrets = secretsBundle.to_json();\n secretsBundle.free();\n return secrets;\n }\n\n /**\n * Implementation of {@link CryptoApi#encryptToDeviceMessages}.\n */\n public async encryptToDeviceMessages(\n eventType: string,\n devices: { userId: string; deviceId: string }[],\n payload: ToDevicePayload,\n ): Promise<ToDeviceBatch> {\n const logger = new LogSpan(this.logger, \"encryptToDeviceMessages\");\n const uniqueUsers = new Set(devices.map(({ userId }) => userId));\n\n // This will ensure we have Olm sessions for all of the users' devices.\n // However, we only care about some of the devices.\n // So, perhaps we can optimise this later on.\n await this.keyClaimManager.ensureSessionsForUsers(\n logger,\n Array.from(uniqueUsers).map((userId) => new RustSdkCryptoJs.UserId(userId)),\n );\n const batch: ToDeviceBatch = {\n batch: [],\n eventType: EventType.RoomMessageEncrypted,\n };\n\n await Promise.all(\n devices.map(async ({ userId, deviceId }) => {\n const device: RustSdkCryptoJs.Device | undefined = await this.olmMachine.getDevice(\n new RustSdkCryptoJs.UserId(userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n );\n\n if (device) {\n const encryptedPayload = JSON.parse(await device.encryptToDeviceEvent(eventType, payload));\n batch.batch.push({\n deviceId,\n userId,\n payload: encryptedPayload,\n });\n } else {\n this.logger.warn(`encryptToDeviceMessages: unknown device ${userId}:${deviceId}`);\n }\n }),\n );\n\n return batch;\n }\n\n /**\n * Implementation of {@link CryptoApi#resetEncryption}.\n */\n public async resetEncryption(authUploadDeviceSigningKeys: UIAuthCallback<void>): Promise<void> {\n this.logger.debug(\"resetEncryption: resetting encryption\");\n\n // Delete the dehydrated device, since any existing one will be signed\n // by the wrong cross-signing key\n this.dehydratedDeviceManager.delete();\n\n // Disable backup, and delete all the backups from the server\n await this.backupManager.deleteAllKeyBackupVersions();\n\n this.deleteSecretStorage();\n\n // Reset the cross-signing keys\n await this.crossSigningIdentity.bootstrapCrossSigning({\n setupNewCrossSigning: true,\n authUploadDeviceSigningKeys,\n });\n\n // Create a new key backup\n await this.resetKeyBackup();\n\n this.logger.debug(\"resetEncryption: ended\");\n }\n\n /**\n * Removes the secret storage key, default key pointer and all (known) secret storage data\n * from the user's account data\n */\n private async deleteSecretStorage(): Promise<void> {\n // Remove the stored secrets in the secret storage\n await this.secretStorage.store(\"m.cross_signing.master\", null);\n await this.secretStorage.store(\"m.cross_signing.self_signing\", null);\n await this.secretStorage.store(\"m.cross_signing.user_signing\", null);\n await this.secretStorage.store(\"m.megolm_backup.v1\", null);\n\n // Remove the recovery key\n const defaultKeyId = await this.secretStorage.getDefaultKeyId();\n if (defaultKeyId) await this.secretStorage.store(`m.secret_storage.key.${defaultKeyId}`, null);\n // Disable the recovery key and the secret storage\n await this.secretStorage.setDefaultKeyId(null);\n }\n\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n //\n // SyncCryptoCallbacks implementation\n //\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n\n /**\n * Apply sync changes to the olm machine\n * @param events - the received to-device messages\n * @param oneTimeKeysCounts - the received one time key counts\n * @param unusedFallbackKeys - the received unused fallback keys\n * @param devices - the received device list updates\n * @returns A list of preprocessed to-device messages.\n */\n private async receiveSyncChanges({\n events,\n oneTimeKeysCounts = new Map<string, number>(),\n unusedFallbackKeys,\n devices = new RustSdkCryptoJs.DeviceLists(),\n }: {\n events?: IToDeviceEvent[];\n oneTimeKeysCounts?: Map<string, number>;\n unusedFallbackKeys?: Set<string>;\n devices?: RustSdkCryptoJs.DeviceLists;\n }): Promise<IToDeviceEvent[]> {\n const result = await logDuration(logger, \"receiveSyncChanges\", async () => {\n return await this.olmMachine.receiveSyncChanges(\n events ? JSON.stringify(events) : \"[]\",\n devices,\n oneTimeKeysCounts,\n unusedFallbackKeys,\n );\n });\n\n // receiveSyncChanges returns a JSON-encoded list of decrypted to-device messages.\n return JSON.parse(result);\n }\n\n /** called by the sync loop to preprocess incoming to-device messages\n *\n * @param events - the received to-device messages\n * @returns A list of preprocessed to-device messages.\n */\n public async preprocessToDeviceMessages(events: IToDeviceEvent[]): Promise<IToDeviceEvent[]> {\n // send the received to-device messages into receiveSyncChanges. We have no info on device-list changes,\n // one-time-keys, or fallback keys, so just pass empty data.\n const processed = await this.receiveSyncChanges({ events });\n\n // look for interesting to-device messages\n for (const message of processed) {\n if (message.type === EventType.KeyVerificationRequest) {\n const sender = message.sender;\n const transactionId = message.content.transaction_id;\n if (transactionId && sender) {\n this.onIncomingKeyVerificationRequest(sender, transactionId);\n }\n }\n }\n return processed;\n }\n\n /** called by the sync loop to process one time key counts and unused fallback keys\n *\n * @param oneTimeKeysCounts - the received one time key counts\n * @param unusedFallbackKeys - the received unused fallback keys\n */\n public async processKeyCounts(\n oneTimeKeysCounts?: Record<string, number>,\n unusedFallbackKeys?: string[],\n ): Promise<void> {\n const mapOneTimeKeysCount = oneTimeKeysCounts && new Map<string, number>(Object.entries(oneTimeKeysCounts));\n const setUnusedFallbackKeys = unusedFallbackKeys && new Set<string>(unusedFallbackKeys);\n\n if (mapOneTimeKeysCount !== undefined || setUnusedFallbackKeys !== undefined) {\n await this.receiveSyncChanges({\n oneTimeKeysCounts: mapOneTimeKeysCount,\n unusedFallbackKeys: setUnusedFallbackKeys,\n });\n }\n }\n\n /** called by the sync loop to process the notification that device lists have\n * been changed.\n *\n * @param deviceLists - device_lists field from /sync\n */\n public async processDeviceLists(deviceLists: IDeviceLists): Promise<void> {\n const devices = new RustSdkCryptoJs.DeviceLists(\n deviceLists.changed?.map((userId) => new RustSdkCryptoJs.UserId(userId)),\n deviceLists.left?.map((userId) => new RustSdkCryptoJs.UserId(userId)),\n );\n await this.receiveSyncChanges({ devices });\n }\n\n /** called by the sync loop on m.room.encrypted events\n *\n * @param room - in which the event was received\n * @param event - encryption event to be processed\n */\n public async onCryptoEvent(room: Room, event: MatrixEvent): Promise<void> {\n const config = event.getContent();\n const settings = new RustSdkCryptoJs.RoomSettings();\n\n if (config.algorithm === \"m.megolm.v1.aes-sha2\") {\n settings.algorithm = RustSdkCryptoJs.EncryptionAlgorithm.MegolmV1AesSha2;\n } else {\n // Among other situations, this happens if the crypto state event is redacted.\n this.logger.warn(`Room ${room.roomId}: ignoring crypto event with invalid algorithm ${config.algorithm}`);\n return;\n }\n\n try {\n settings.sessionRotationPeriodMs = config.rotation_period_ms;\n settings.sessionRotationPeriodMessages = config.rotation_period_msgs;\n await this.olmMachine.setRoomSettings(new RustSdkCryptoJs.RoomId(room.roomId), settings);\n } catch (e) {\n this.logger.warn(`Room ${room.roomId}: ignoring crypto event which caused error: ${e}`);\n return;\n }\n\n // If we got this far, the SDK found the event acceptable.\n // We need to either create or update the active RoomEncryptor.\n const existingEncryptor = this.roomEncryptors[room.roomId];\n if (existingEncryptor) {\n existingEncryptor.onCryptoEvent(config);\n } else {\n this.roomEncryptors[room.roomId] = new RoomEncryptor(\n this.olmMachine,\n this.keyClaimManager,\n this.outgoingRequestsManager,\n room,\n config,\n );\n }\n }\n\n /** called by the sync loop after processing each sync.\n *\n * TODO: figure out something equivalent for sliding sync.\n *\n * @param syncState - information on the completed sync.\n */\n public onSyncCompleted(syncState: OnSyncCompletedData): void {\n // Processing the /sync may have produced new outgoing requests which need sending, so kick off the outgoing\n // request loop, if it's not already running.\n this.outgoingRequestsManager.doProcessOutgoingRequests().catch((e) => {\n this.logger.warn(\"onSyncCompleted: Error processing outgoing requests\", e);\n });\n }\n\n /**\n * Handle an incoming m.key.verification.request event, received either in-room or in a to-device message.\n *\n * @param sender - the sender of the event\n * @param transactionId - the transaction ID for the verification. For to-device messages, this comes from the\n * content of the message; for in-room messages it is the event ID.\n */\n private onIncomingKeyVerificationRequest(sender: string, transactionId: string): void {\n const request: RustSdkCryptoJs.VerificationRequest | undefined = this.olmMachine.getVerificationRequest(\n new RustSdkCryptoJs.UserId(sender),\n transactionId,\n );\n\n if (request) {\n this.emit(\n CryptoEvent.VerificationRequestReceived,\n new RustVerificationRequest(\n this.olmMachine,\n request,\n this.outgoingRequestProcessor,\n this._supportedVerificationMethods,\n ),\n );\n } else {\n // There are multiple reasons this can happen; probably the most likely is that the event is an\n // in-room event which is too old.\n this.logger.info(\n `Ignoring just-received verification request ${transactionId} which did not start a rust-side verification`,\n );\n }\n }\n\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n //\n // Other public functions\n //\n ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////\n\n /** called by the MatrixClient on a room membership event\n *\n * @param event - The matrix event which caused this event to fire.\n * @param member - The member whose RoomMember.membership changed.\n * @param oldMembership - The previous membership state. Null if it's a new member.\n */\n public onRoomMembership(event: MatrixEvent, member: RoomMember, oldMembership?: string): void {\n const enc = this.roomEncryptors[event.getRoomId()!];\n if (!enc) {\n // not encrypting in this room\n return;\n }\n enc.onRoomMembership(member);\n }\n\n /** Callback for OlmMachine.registerRoomKeyUpdatedCallback\n *\n * Called by the rust-sdk whenever there is an update to (megolm) room keys. We\n * check if we have any events waiting for the given keys, and schedule them for\n * a decryption retry if so.\n *\n * @param keys - details of the updated keys\n */\n public async onRoomKeysUpdated(keys: RustSdkCryptoJs.RoomKeyInfo[]): Promise<void> {\n for (const key of keys) {\n this.onRoomKeyUpdated(key);\n }\n this.backupManager.maybeUploadKey();\n }\n\n private onRoomKeyUpdated(key: RustSdkCryptoJs.RoomKeyInfo): void {\n if (this.stopped) return;\n this.logger.debug(\n `Got update for session ${key.sessionId} from sender ${key.senderKey.toBase64()} in ${key.roomId.toString()}`,\n );\n const pendingList = this.eventDecryptor.getEventsPendingRoomKey(key.roomId.toString(), key.sessionId);\n if (pendingList.length === 0) return;\n\n this.logger.debug(\n \"Retrying decryption on events:\",\n pendingList.map((e) => `${e.getId()}`),\n );\n\n // Have another go at decrypting events with this key.\n //\n // We don't want to end up blocking the callback from Rust, which could otherwise end up dropping updates,\n // so we don't wait for the decryption to complete. In any case, there is no need to wait:\n // MatrixEvent.attemptDecryption ensures that there is only one decryption attempt happening at once,\n // and deduplicates repeated attempts for the same event.\n for (const ev of pendingList) {\n ev.attemptDecryption(this, { isRetry: true }).catch((_e) => {\n this.logger.info(`Still unable to decrypt event ${ev.getId()} after receiving key`);\n });\n }\n }\n\n /**\n * Callback for `OlmMachine.registerRoomKeyWithheldCallback`.\n *\n * Called by the rust sdk whenever we are told that a key has been withheld. We see if we had any events that\n * failed to decrypt for the given session, and update their status if so.\n *\n * @param withheld - Details of the withheld sessions.\n */\n public async onRoomKeysWithheld(withheld: RustSdkCryptoJs.RoomKeyWithheldInfo[]): Promise<void> {\n for (const session of withheld) {\n this.logger.debug(`Got withheld message for session ${session.sessionId} in ${session.roomId.toString()}`);\n const pendingList = this.eventDecryptor.getEventsPendingRoomKey(\n session.roomId.toString(),\n session.sessionId,\n );\n if (pendingList.length === 0) return;\n\n // The easiest way to update the status of the event is to have another go at decrypting it.\n this.logger.debug(\n \"Retrying decryption on events:\",\n pendingList.map((e) => `${e.getId()}`),\n );\n\n for (const ev of pendingList) {\n ev.attemptDecryption(this, { isRetry: true }).catch((_e) => {\n // It's somewhat expected that we still can't decrypt here.\n });\n }\n }\n }\n\n /**\n * Callback for `OlmMachine.registerUserIdentityUpdatedCallback`\n *\n * Called by the rust-sdk whenever there is an update to any user's cross-signing status. We re-check their trust\n * status and emit a `UserTrustStatusChanged` event, as well as a `KeysChanged` if it is our own identity that changed.\n *\n * @param userId - the user with the updated identity\n */\n public async onUserIdentityUpdated(userId: RustSdkCryptoJs.UserId): Promise<void> {\n const newVerification = await this.getUserVerificationStatus(userId.toString());\n this.emit(CryptoEvent.UserTrustStatusChanged, userId.toString(), newVerification);\n\n // If our own user identity has changed, we may now trust the key backup where we did not before.\n // So, re-check the key backup status and enable it if available.\n if (userId.toString() === this.userId) {\n this.emit(CryptoEvent.KeysChanged, {});\n await this.checkKeyBackupAndEnable();\n }\n }\n\n /**\n * Callback for `OlmMachine.registerDevicesUpdatedCallback`\n *\n * Called when users' devices have updated. Emits `WillUpdateDevices` and `DevicesUpdated`. In the JavaScript\n * crypto backend, these events are called at separate times, with `WillUpdateDevices` being emitted just before\n * the devices are saved, and `DevicesUpdated` being emitted just after. But the OlmMachine only gives us\n * one event, so we emit both events here.\n *\n * @param userIds - an array of user IDs of users whose devices have updated.\n */\n public async onDevicesUpdated(userIds: string[]): Promise<void> {\n this.emit(CryptoEvent.WillUpdateDevices, userIds, false);\n this.emit(CryptoEvent.DevicesUpdated, userIds, false);\n }\n\n /**\n * Handles secret received from the rust secret inbox.\n *\n * The gossipped secrets are received using the `m.secret.send` event type\n * and are guaranteed to have been received over a 1-to-1 Olm\n * Session from a verified device.\n *\n * The only secret currently handled in this way is `m.megolm_backup.v1`.\n *\n * @param name - the secret name\n * @param value - the secret value\n */\n private async handleSecretReceived(name: string, value: string): Promise<boolean> {\n this.logger.debug(`onReceiveSecret: Received secret ${name}`);\n if (name === \"m.megolm_backup.v1\") {\n return await this.backupManager.handleBackupSecretReceived(value);\n // XXX at this point we should probably try to download the backup and import the keys,\n // or at least retry for the current decryption failures?\n // Maybe add some signaling when a new secret is received, and let clients handle it?\n // as it's where the restore from backup APIs are exposed.\n }\n return false;\n }\n\n /**\n * Called when a new secret is received in the rust secret inbox.\n *\n * Will poll the secret inbox and handle the secrets received.\n *\n * @param name - The name of the secret received.\n */\n public async checkSecrets(name: string): Promise<void> {\n const pendingValues: Set<string> = await this.olmMachine.getSecretsFromInbox(name);\n for (const value of pendingValues) {\n if (await this.handleSecretReceived(name, value)) {\n // If we have a valid secret for that name there is no point of processing the other secrets values.\n // It's probably the same secret shared by another device.\n break;\n }\n }\n\n // Important to call this after handling the secrets as good hygiene.\n await this.olmMachine.deleteSecretsFromInbox(name);\n }\n\n /**\n * Handle a live event received via /sync.\n * See {@link ClientEventHandlerMap#event}\n *\n * @param event - live event\n */\n public async onLiveEventFromSync(event: MatrixEvent): Promise<void> {\n // Ignore state event or remote echo\n // transaction_id is provided in case of remote echo {@link https://spec.matrix.org/v1.7/client-server-api/#local-echo}\n if (event.isState() || !!event.getUnsigned().transaction_id) return;\n\n const processEvent = async (evt: MatrixEvent): Promise<void> => {\n // Process only verification event\n if (isVerificationEvent(event)) {\n await this.onKeyVerificationEvent(evt);\n }\n };\n\n // If the event is encrypted of in failure, we wait for decryption\n if (event.isDecryptionFailure() || event.isEncrypted()) {\n // 5 mins\n const TIMEOUT_DELAY = 5 * 60 * 1000;\n\n // After 5mins, we are not expecting the event to be decrypted\n const timeoutId = setTimeout(() => event.off(MatrixEventEvent.Decrypted, onDecrypted), TIMEOUT_DELAY);\n\n const onDecrypted = (decryptedEvent: MatrixEvent, error?: Error): void => {\n if (error) return;\n\n clearTimeout(timeoutId);\n event.off(MatrixEventEvent.Decrypted, onDecrypted);\n processEvent(decryptedEvent);\n };\n\n event.on(MatrixEventEvent.Decrypted, onDecrypted);\n } else {\n await processEvent(event);\n }\n }\n\n /**\n * Handle an in-room key verification event.\n *\n * @param event - a key validation request event.\n */\n private async onKeyVerificationEvent(event: MatrixEvent): Promise<void> {\n const roomId = event.getRoomId();\n\n if (!roomId) {\n throw new Error(\"missing roomId in the event\");\n }\n\n this.logger.debug(\n `Incoming verification event ${event.getId()} type ${event.getType()} from ${event.getSender()}`,\n );\n\n await this.olmMachine.receiveVerificationEvent(\n JSON.stringify({\n event_id: event.getId(),\n type: event.getType(),\n sender: event.getSender(),\n state_key: event.getStateKey(),\n content: event.getContent(),\n origin_server_ts: event.getTs(),\n }),\n new RustSdkCryptoJs.RoomId(roomId),\n );\n\n if (\n event.getType() === EventType.RoomMessage &&\n event.getContent().msgtype === MsgType.KeyVerificationRequest\n ) {\n this.onIncomingKeyVerificationRequest(event.getSender()!, event.getId()!);\n }\n\n // that may have caused us to queue up outgoing requests, so make sure we send them.\n this.outgoingRequestsManager.doProcessOutgoingRequests().catch((e) => {\n this.logger.warn(\"onKeyVerificationRequest: Error processing outgoing requests\", e);\n });\n }\n\n /**\n * Returns the cross-signing user identity of the current user.\n *\n * Not part of the public crypto-api interface.\n * Used during migration from legacy js-crypto to update local trust if needed.\n */\n public async getOwnIdentity(): Promise<RustSdkCryptoJs.OwnUserIdentity | undefined> {\n return await this.olmMachine.getIdentity(new RustSdkCryptoJs.UserId(this.userId));\n }\n}\n\nclass EventDecryptor {\n /**\n * Events which we couldn't decrypt due to unknown sessions / indexes.\n *\n * Map from roomId to sessionId to Set of MatrixEvents\n */\n private eventsPendingKey = new MapWithDefault<string, MapWithDefault<string, Set<MatrixEvent>>>(\n () => new MapWithDefault<string, Set<MatrixEvent>>(() => new Set()),\n );\n\n public constructor(\n private readonly logger: Logger,\n private readonly olmMachine: RustSdkCryptoJs.OlmMachine,\n private readonly perSessionBackupDownloader: PerSessionKeyBackupDownloader,\n ) {}\n\n public async attemptEventDecryption(\n event: MatrixEvent,\n isolationMode: DeviceIsolationMode,\n ): Promise<IEventDecryptionResult> {\n // add the event to the pending list *before* attempting to decrypt.\n // then, if the key turns up while decryption is in progress (and\n // decryption fails), we will schedule a retry.\n // (fixes https://github.com/vector-im/element-web/issues/5001)\n this.addEventToPendingList(event);\n\n let trustRequirement;\n\n switch (isolationMode.kind) {\n case DeviceIsolationModeKind.AllDevicesIsolationMode:\n trustRequirement = RustSdkCryptoJs.TrustRequirement.Untrusted;\n break;\n case DeviceIsolationModeKind.OnlySignedDevicesIsolationMode:\n trustRequirement = RustSdkCryptoJs.TrustRequirement.CrossSignedOrLegacy;\n break;\n }\n\n try {\n const res = (await this.olmMachine.decryptRoomEvent(\n stringifyEvent(event),\n new RustSdkCryptoJs.RoomId(event.getRoomId()!),\n new RustSdkCryptoJs.DecryptionSettings(trustRequirement),\n )) as RustSdkCryptoJs.DecryptedRoomEvent;\n\n // Success. We can remove the event from the pending list, if\n // that hasn't already happened.\n this.removeEventFromPendingList(event);\n\n return {\n clearEvent: JSON.parse(res.event),\n claimedEd25519Key: res.senderClaimedEd25519Key,\n senderCurve25519Key: res.senderCurve25519Key,\n forwardingCurve25519KeyChain: res.forwardingCurve25519KeyChain,\n };\n } catch (err) {\n if (err instanceof RustSdkCryptoJs.MegolmDecryptionError) {\n this.onMegolmDecryptionError(event, err, await this.perSessionBackupDownloader.getServerBackupInfo());\n } else {\n throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, \"Unknown error\");\n }\n }\n }\n\n /**\n * Handle a `MegolmDecryptionError` returned by the rust SDK.\n *\n * Fires off a request to the `perSessionBackupDownloader`, if appropriate, and then throws a `DecryptionError`.\n *\n * @param event - The event which could not be decrypted.\n * @param err - The error from the Rust SDK.\n * @param serverBackupInfo - Details about the current backup from the server. `null` if there is no backup.\n * `undefined` if our attempt to check failed.\n */\n private onMegolmDecryptionError(\n event: MatrixEvent,\n err: RustSdkCryptoJs.MegolmDecryptionError,\n serverBackupInfo: KeyBackupInfo | null | undefined,\n ): never {\n const content = event.getWireContent();\n const errorDetails = { sender_key: content.sender_key, session_id: content.session_id };\n\n // If the error looks like it might be recoverable from backup, queue up a request to try that.\n if (\n err.code === RustSdkCryptoJs.DecryptionErrorCode.MissingRoomKey ||\n err.code === RustSdkCryptoJs.DecryptionErrorCode.UnknownMessageIndex\n ) {\n this.perSessionBackupDownloader.onDecryptionKeyMissingError(event.getRoomId()!, content.session_id!);\n\n // If the server is telling us our membership at the time the event\n // was sent, and it isn't \"join\", we use a different error code.\n const membership = event.getMembershipAtEvent();\n if (membership && membership !== KnownMembership.Join && membership !== KnownMembership.Invite) {\n throw new DecryptionError(\n DecryptionFailureCode.HISTORICAL_MESSAGE_USER_NOT_JOINED,\n \"This message was sent when we were not a member of the room.\",\n errorDetails,\n );\n }\n\n // If the event was sent before this device was created, we use some different error codes.\n if (event.getTs() <= this.olmMachine.deviceCreationTimeMs) {\n if (serverBackupInfo === null) {\n throw new DecryptionError(\n DecryptionFailureCode.HISTORICAL_MESSAGE_NO_KEY_BACKUP,\n \"This message was sent before this device logged in, and there is no key backup on the server.\",\n errorDetails,\n );\n } else if (!this.perSessionBackupDownloader.isKeyBackupDownloadConfigured()) {\n throw new DecryptionError(\n DecryptionFailureCode.HISTORICAL_MESSAGE_BACKUP_UNCONFIGURED,\n \"This message was sent before this device logged in, and key backup is not working.\",\n errorDetails,\n );\n } else {\n throw new DecryptionError(\n DecryptionFailureCode.HISTORICAL_MESSAGE_WORKING_BACKUP,\n \"This message was sent before this device logged in. Key backup is working, but we still do not (yet) have the key.\",\n errorDetails,\n );\n }\n }\n }\n\n // If we got a withheld code, expose that.\n if (err.maybe_withheld) {\n // Unfortunately the Rust SDK API doesn't let us distinguish between different withheld cases, other than\n // by string-matching.\n const failureCode =\n err.maybe_withheld === \"The sender has disabled encrypting to unverified devices.\"\n ? DecryptionFailureCode.MEGOLM_KEY_WITHHELD_FOR_UNVERIFIED_DEVICE\n : DecryptionFailureCode.MEGOLM_KEY_WITHHELD;\n throw new DecryptionError(failureCode, err.maybe_withheld, errorDetails);\n }\n\n switch (err.code) {\n case RustSdkCryptoJs.DecryptionErrorCode.MissingRoomKey:\n throw new DecryptionError(\n DecryptionFailureCode.MEGOLM_UNKNOWN_INBOUND_SESSION_ID,\n \"The sender's device has not sent us the keys for this message.\",\n errorDetails,\n );\n\n case RustSdkCryptoJs.DecryptionErrorCode.UnknownMessageIndex:\n throw new DecryptionError(\n DecryptionFailureCode.OLM_UNKNOWN_MESSAGE_INDEX,\n \"The sender's device has not sent us the keys for this message at this index.\",\n errorDetails,\n );\n\n case RustSdkCryptoJs.DecryptionErrorCode.SenderIdentityVerificationViolation:\n // We're refusing to decrypt due to not trusting the sender,\n // rather than failing to decrypt due to lack of keys, so we\n // don't need to keep it on the pending list.\n this.removeEventFromPendingList(event);\n throw new DecryptionError(\n DecryptionFailureCode.SENDER_IDENTITY_PREVIOUSLY_VERIFIED,\n \"The sender identity is unverified, but was previously verified.\",\n );\n\n case RustSdkCryptoJs.DecryptionErrorCode.UnknownSenderDevice:\n // We're refusing to decrypt due to not trusting the sender,\n // rather than failing to decrypt due to lack of keys, so we\n // don't need to keep it on the pending list.\n this.removeEventFromPendingList(event);\n throw new DecryptionError(\n DecryptionFailureCode.UNKNOWN_SENDER_DEVICE,\n \"The sender device is not known.\",\n );\n\n case RustSdkCryptoJs.DecryptionErrorCode.UnsignedSenderDevice:\n // We're refusing to decrypt due to not trusting the sender,\n // rather than failing to decrypt due to lack of keys, so we\n // don't need to keep it on the pending list.\n this.removeEventFromPendingList(event);\n throw new DecryptionError(\n DecryptionFailureCode.UNSIGNED_SENDER_DEVICE,\n \"The sender identity is not cross-signed.\",\n );\n\n // We don't map MismatchedIdentityKeys for now, as there is no equivalent in legacy.\n // Just put it on the `UNKNOWN_ERROR` bucket.\n default:\n throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ERROR, err.description, errorDetails);\n }\n }\n\n public async getEncryptionInfoForEvent(event: MatrixEvent): Promise<EventEncryptionInfo | null> {\n if (!event.getClearContent() || event.isDecryptionFailure()) {\n // not successfully decrypted\n return null;\n }\n\n // special-case outgoing events, which the rust crypto-sdk will barf on\n if (event.status !== null) {\n return { shieldColour: EventShieldColour.NONE, shieldReason: null };\n }\n\n const encryptionInfo = await this.olmMachine.getRoomEventEncryptionInfo(\n stringifyEvent(event),\n new RustSdkCryptoJs.RoomId(event.getRoomId()!),\n );\n\n return rustEncryptionInfoToJsEncryptionInfo(this.logger, encryptionInfo);\n }\n\n /**\n * Look for events which are waiting for a given megolm session\n *\n * Returns a list of events which were encrypted by `session` and could not be decrypted\n */\n public getEventsPendingRoomKey(roomId: string, sessionId: string): MatrixEvent[] {\n const roomPendingEvents = this.eventsPendingKey.get(roomId);\n if (!roomPendingEvents) return [];\n\n const sessionPendingEvents = roomPendingEvents.get(sessionId);\n if (!sessionPendingEvents) return [];\n\n return [...sessionPendingEvents];\n }\n\n /**\n * Add an event to the list of those awaiting their session keys.\n */\n private addEventToPendingList(event: MatrixEvent): void {\n const roomId = event.getRoomId();\n // We shouldn't have events without a room id here.\n if (!roomId) return;\n\n const roomPendingEvents = this.eventsPendingKey.getOrCreate(roomId);\n const sessionPendingEvents = roomPendingEvents.getOrCreate(event.getWireContent().session_id);\n sessionPendingEvents.add(event);\n }\n\n /**\n * Remove an event from the list of those awaiting their session keys.\n */\n private removeEventFromPendingList(event: MatrixEvent): void {\n const roomId = event.getRoomId();\n if (!roomId) return;\n\n const roomPendingEvents = this.eventsPendingKey.getOrCreate(roomId);\n if (!roomPendingEvents) return;\n\n const sessionPendingEvents = roomPendingEvents.get(event.getWireContent().session_id);\n if (!sessionPendingEvents) return;\n\n sessionPendingEvents.delete(event);\n\n // also clean up the higher-level maps if they are now empty\n if (sessionPendingEvents.size === 0) {\n roomPendingEvents.delete(event.getWireContent().session_id);\n if (roomPendingEvents.size === 0) {\n this.eventsPendingKey.delete(roomId);\n }\n }\n }\n}\n\nfunction stringifyEvent(event: MatrixEvent): string {\n return JSON.stringify({\n event_id: event.getId(),\n type: event.getWireType(),\n sender: event.getSender(),\n state_key: event.getStateKey(),\n content: event.getWireContent(),\n origin_server_ts: event.getTs(),\n });\n}\n\nfunction rustEncryptionInfoToJsEncryptionInfo(\n logger: Logger,\n encryptionInfo: RustSdkCryptoJs.EncryptionInfo | undefined,\n): EventEncryptionInfo | null {\n if (encryptionInfo === undefined) {\n // not decrypted here\n return null;\n }\n\n // TODO: use strict shield semantics.\n const shieldState = encryptionInfo.shieldState(false);\n\n let shieldColour: EventShieldColour;\n switch (shieldState.color) {\n case RustSdkCryptoJs.ShieldColor.Grey:\n shieldColour = EventShieldColour.GREY;\n break;\n case RustSdkCryptoJs.ShieldColor.None:\n shieldColour = EventShieldColour.NONE;\n break;\n default:\n shieldColour = EventShieldColour.RED;\n }\n\n let shieldReason: EventShieldReason | null;\n switch (shieldState.code) {\n case undefined:\n case null:\n shieldReason = null;\n break;\n case RustSdkCryptoJs.ShieldStateCode.AuthenticityNotGuaranteed:\n shieldReason = EventShieldReason.AUTHENTICITY_NOT_GUARANTEED;\n break;\n case RustSdkCryptoJs.ShieldStateCode.UnknownDevice:\n shieldReason = EventShieldReason.UNKNOWN_DEVICE;\n break;\n case RustSdkCryptoJs.ShieldStateCode.UnsignedDevice:\n shieldReason = EventShieldReason.UNSIGNED_DEVICE;\n break;\n case RustSdkCryptoJs.ShieldStateCode.UnverifiedIdentity:\n shieldReason = EventShieldReason.UNVERIFIED_IDENTITY;\n break;\n case RustSdkCryptoJs.ShieldStateCode.SentInClear:\n shieldReason = EventShieldReason.SENT_IN_CLEAR;\n break;\n case RustSdkCryptoJs.ShieldStateCode.VerificationViolation:\n shieldReason = EventShieldReason.VERIFICATION_VIOLATION;\n break;\n }\n\n return { shieldColour, shieldReason };\n}\n\ntype CryptoEvents = (typeof CryptoEvent)[keyof typeof CryptoEvent];\ntype RustCryptoEvents = Exclude<CryptoEvents, CryptoEvent.LegacyCryptoStoreMigrationProgress>;\n","/*\nCopyright 2023-2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { type Logger } from \"../logger.ts\";\nimport { type CryptoStore, MigrationState, type SecretStorePrivateKeys } from \"../crypto/store/base.ts\";\nimport { IndexedDBCryptoStore } from \"../crypto/store/indexeddb-crypto-store.ts\";\nimport { type IHttpOpts, type MatrixHttpApi } from \"../http-api/index.ts\";\nimport { requestKeyBackupVersion } from \"./backup.ts\";\nimport { type CrossSigningKeyInfo, type Curve25519AuthData } from \"../crypto-api/index.ts\";\nimport { type RustCrypto } from \"./rust-crypto.ts\";\nimport { type KeyBackupInfo } from \"../crypto-api/keybackup.ts\";\nimport { sleep } from \"../utils.ts\";\nimport { encodeBase64 } from \"../base64.ts\";\nimport decryptAESSecretStorageItem from \"../utils/decryptAESSecretStorageItem.ts\";\nimport { type AESEncryptedSecretStoragePayload } from \"../@types/AESEncryptedSecretStoragePayload.ts\";\n\ninterface LegacyRoomEncryption {\n algorithm: string;\n rotation_period_ms?: number;\n rotation_period_msgs?: number;\n}\n\n/**\n * Determine if any data needs migrating from the legacy store, and do so.\n *\n * This migrates the base account data, and olm and megolm sessions. It does *not* migrate the room list, which should\n * happen after an `OlmMachine` is created, via {@link migrateRoomSettingsFromLegacyCrypto}.\n *\n * @param args - Arguments object.\n */\nexport async function migrateFromLegacyCrypto(args: {\n /** A `Logger` instance that will be used for debug output. */\n logger: Logger;\n\n /**\n * Low-level HTTP interface: used to make outgoing requests required by the rust SDK.\n * We expect it to set the access token, etc.\n */\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>;\n\n /** Store to migrate data from. */\n legacyStore: CryptoStore;\n\n /** Pickle key for `legacyStore`. */\n legacyPickleKey?: string;\n\n /** Local user's User ID. */\n userId: string;\n\n /** Local user's Device ID. */\n deviceId: string;\n\n /** Rust crypto store to migrate data into. */\n storeHandle: RustSdkCryptoJs.StoreHandle;\n\n /**\n * A callback which will receive progress updates on migration from `legacyStore`.\n *\n * Called with (-1, -1) to mark the end of migration.\n */\n legacyMigrationProgressListener?: (progress: number, total: number) => void;\n}): Promise<void> {\n const { logger, legacyStore } = args;\n\n // initialise the rust matrix-sdk-crypto-wasm, if it hasn't already been done\n await RustSdkCryptoJs.initAsync();\n\n // enable tracing in the rust-sdk\n new RustSdkCryptoJs.Tracing(RustSdkCryptoJs.LoggerLevel.Debug).turnOn();\n\n if (!(await legacyStore.containsData())) {\n // This store was never used. Nothing to migrate.\n return;\n }\n\n await legacyStore.startup();\n\n let accountPickle: string | null = null;\n await legacyStore.doTxn(\"readonly\", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {\n legacyStore.getAccount(txn, (acctPickle) => {\n accountPickle = acctPickle;\n });\n });\n if (!accountPickle) {\n // This store is not properly set up. Nothing to migrate.\n logger.debug(\"Legacy crypto store is not set up (no account found). Not migrating.\");\n return;\n }\n\n let migrationState = await legacyStore.getMigrationState();\n\n if (migrationState >= MigrationState.MEGOLM_SESSIONS_MIGRATED) {\n // All migration is done for now. The room list comes later, once we have an OlmMachine.\n return;\n }\n\n const nOlmSessions = await countOlmSessions(logger, legacyStore);\n const nMegolmSessions = await countMegolmSessions(logger, legacyStore);\n const totalSteps = 1 + nOlmSessions + nMegolmSessions;\n logger.info(\n `Migrating data from legacy crypto store. ${nOlmSessions} olm sessions and ${nMegolmSessions} megolm sessions to migrate.`,\n );\n\n let stepsDone = 0;\n function onProgress(steps: number): void {\n stepsDone += steps;\n args.legacyMigrationProgressListener?.(stepsDone, totalSteps);\n }\n onProgress(0);\n\n const pickleKey = new TextEncoder().encode(args.legacyPickleKey);\n\n if (migrationState === MigrationState.NOT_STARTED) {\n logger.info(\"Migrating data from legacy crypto store. Step 1: base data\");\n await migrateBaseData(args.http, args.userId, args.deviceId, legacyStore, pickleKey, args.storeHandle, logger);\n\n migrationState = MigrationState.INITIAL_DATA_MIGRATED;\n await legacyStore.setMigrationState(migrationState);\n }\n onProgress(1);\n\n if (migrationState === MigrationState.INITIAL_DATA_MIGRATED) {\n logger.info(\n `Migrating data from legacy crypto store. Step 2: olm sessions (${nOlmSessions} sessions to migrate).`,\n );\n await migrateOlmSessions(logger, legacyStore, pickleKey, args.storeHandle, onProgress);\n\n migrationState = MigrationState.OLM_SESSIONS_MIGRATED;\n await legacyStore.setMigrationState(migrationState);\n }\n\n if (migrationState === MigrationState.OLM_SESSIONS_MIGRATED) {\n logger.info(\n `Migrating data from legacy crypto store. Step 3: megolm sessions (${nMegolmSessions} sessions to migrate).`,\n );\n await migrateMegolmSessions(logger, legacyStore, pickleKey, args.storeHandle, onProgress);\n\n migrationState = MigrationState.MEGOLM_SESSIONS_MIGRATED;\n await legacyStore.setMigrationState(migrationState);\n }\n\n // Migration is done.\n args.legacyMigrationProgressListener?.(-1, -1);\n logger.info(\"Migration from legacy crypto store complete\");\n}\n\nasync function migrateBaseData(\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n userId: string,\n deviceId: string,\n legacyStore: CryptoStore,\n pickleKey: Uint8Array,\n storeHandle: RustSdkCryptoJs.StoreHandle,\n logger: Logger,\n): Promise<void> {\n const migrationData = new RustSdkCryptoJs.BaseMigrationData();\n migrationData.userId = new RustSdkCryptoJs.UserId(userId);\n migrationData.deviceId = new RustSdkCryptoJs.DeviceId(deviceId);\n\n await legacyStore.doTxn(\"readonly\", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) =>\n legacyStore.getAccount(txn, (a) => {\n migrationData.pickledAccount = a ?? \"\";\n }),\n );\n\n const recoveryKey = await getAndDecryptCachedSecretKey(legacyStore, pickleKey, \"m.megolm_backup.v1\");\n\n // If we have a backup recovery key, we need to try to figure out which backup version it is for.\n // All we can really do is ask the server for the most recent version and check if the cached key we have matches.\n // It is possible that the backup has changed since last time his session was opened.\n if (recoveryKey) {\n let backupCallDone = false;\n let backupInfo: KeyBackupInfo | null = null;\n while (!backupCallDone) {\n try {\n backupInfo = await requestKeyBackupVersion(http);\n backupCallDone = true;\n } catch (e) {\n logger.info(\"Failed to get backup version during migration, retrying in 2 seconds\", e);\n // Retry until successful, use simple constant delay\n await sleep(2000);\n }\n }\n if (backupInfo && backupInfo.algorithm == \"m.megolm_backup.v1.curve25519-aes-sha2\") {\n // check if the recovery key matches, as the active backup version may have changed since the key was cached\n // and the migration started.\n try {\n const decryptionKey = RustSdkCryptoJs.BackupDecryptionKey.fromBase64(recoveryKey);\n const publicKey = (backupInfo.auth_data as Curve25519AuthData)?.public_key;\n const isValid = decryptionKey.megolmV1PublicKey.publicKeyBase64 == publicKey;\n if (isValid) {\n migrationData.backupVersion = backupInfo.version;\n migrationData.backupRecoveryKey = recoveryKey;\n } else {\n logger.debug(\n \"The backup key to migrate does not match the active backup version\",\n `Cached pub key: ${decryptionKey.megolmV1PublicKey.publicKeyBase64}`,\n `Active pub key: ${publicKey}`,\n );\n }\n } catch (e) {\n logger.warn(\"Failed to check if the backup key to migrate matches the active backup version\", e);\n }\n }\n }\n\n migrationData.privateCrossSigningMasterKey = await getAndDecryptCachedSecretKey(legacyStore, pickleKey, \"master\");\n migrationData.privateCrossSigningSelfSigningKey = await getAndDecryptCachedSecretKey(\n legacyStore,\n pickleKey,\n \"self_signing\",\n );\n migrationData.privateCrossSigningUserSigningKey = await getAndDecryptCachedSecretKey(\n legacyStore,\n pickleKey,\n \"user_signing\",\n );\n await RustSdkCryptoJs.Migration.migrateBaseData(migrationData, pickleKey, storeHandle);\n}\n\nasync function countOlmSessions(logger: Logger, legacyStore: CryptoStore): Promise<number> {\n logger.debug(\"Counting olm sessions to be migrated\");\n let nSessions: number;\n await legacyStore.doTxn(\"readonly\", [IndexedDBCryptoStore.STORE_SESSIONS], (txn) =>\n legacyStore.countEndToEndSessions(txn, (n) => (nSessions = n)),\n );\n return nSessions!;\n}\n\nasync function countMegolmSessions(logger: Logger, legacyStore: CryptoStore): Promise<number> {\n logger.debug(\"Counting megolm sessions to be migrated\");\n return await legacyStore.countEndToEndInboundGroupSessions();\n}\n\nasync function migrateOlmSessions(\n logger: Logger,\n legacyStore: CryptoStore,\n pickleKey: Uint8Array,\n storeHandle: RustSdkCryptoJs.StoreHandle,\n onBatchDone: (batchSize: number) => void,\n): Promise<void> {\n // eslint-disable-next-line no-constant-condition\n while (true) {\n const batch = await legacyStore.getEndToEndSessionsBatch();\n if (batch === null) return;\n\n logger.debug(`Migrating batch of ${batch.length} olm sessions`);\n const migrationData: RustSdkCryptoJs.PickledSession[] = [];\n for (const session of batch) {\n const pickledSession = new RustSdkCryptoJs.PickledSession();\n pickledSession.senderKey = session.deviceKey!;\n pickledSession.pickle = session.session!;\n pickledSession.lastUseTime = pickledSession.creationTime = new Date(session.lastReceivedMessageTs!);\n migrationData.push(pickledSession);\n }\n\n await RustSdkCryptoJs.Migration.migrateOlmSessions(migrationData, pickleKey, storeHandle);\n await legacyStore.deleteEndToEndSessionsBatch(batch);\n onBatchDone(batch.length);\n }\n}\n\nasync function migrateMegolmSessions(\n logger: Logger,\n legacyStore: CryptoStore,\n pickleKey: Uint8Array,\n storeHandle: RustSdkCryptoJs.StoreHandle,\n onBatchDone: (batchSize: number) => void,\n): Promise<void> {\n // eslint-disable-next-line no-constant-condition\n while (true) {\n const batch = await legacyStore.getEndToEndInboundGroupSessionsBatch();\n if (batch === null) return;\n\n logger.debug(`Migrating batch of ${batch.length} megolm sessions`);\n const migrationData: RustSdkCryptoJs.PickledInboundGroupSession[] = [];\n for (const session of batch) {\n const sessionData = session.sessionData!;\n\n const pickledSession = new RustSdkCryptoJs.PickledInboundGroupSession();\n pickledSession.pickle = sessionData.session;\n pickledSession.roomId = new RustSdkCryptoJs.RoomId(sessionData.room_id);\n pickledSession.senderKey = session.senderKey;\n pickledSession.senderSigningKey = sessionData.keysClaimed?.[\"ed25519\"];\n pickledSession.backedUp = !session.needsBackup;\n\n // The Rust SDK `imported` flag is used to indicate the authenticity status of a Megolm\n // session, which tells us whether we can reliably tell which Olm device is the owner\n // (creator) of the session.\n //\n // If `imported` is true, then we have no cryptographic proof that the session is owned\n // by the device with the identity key `senderKey`.\n //\n // Only Megolm sessions received directly from the owning device via an encrypted\n // `m.room_key` to-device message should have `imported` flag set to false. Megolm\n // sessions received by any other currently available means (i.e. from a\n // `m.forwarded_room_key`, from v1 asymmetric server-side key backup, imported from a\n // file, etc) should have the `imported` flag set to true.\n //\n // Messages encrypted with such Megolm sessions will have a grey shield in the UI\n // (\"Authenticity of this message cannot be guaranteed\").\n //\n // However, we don't want to bluntly mark all sessions as `imported` during migration\n // because users will suddenly start seeing all their historic messages decorated with a\n // grey shield, which would be seen as a non-actionable regression.\n //\n // In the legacy crypto stack, the flag encoding similar information was called\n // `InboundGroupSessionData.untrusted`. The value of this flag was set as follows:\n //\n // - For outbound Megolm sessions created by our own device, `untrusted` is `undefined`.\n // - For Megolm sessions received via a `m.room_key` to-device message, `untrusted` is\n // `undefined`.\n // - For Megolm sessions received via a `m.forwarded_room_key` to-device message,\n // `untrusted` is `true`.\n // - For Megolm sessions imported from a (v1 asymmetric / \"legacy\") server-side key\n // backup, `untrusted` is `true`.\n // - For Megolm sessions imported from a file, untrusted is `undefined`.\n //\n // The main difference between the legacy crypto stack and the Rust crypto stack is that\n // the Rust stack considers sessions imported from a file as `imported` (not\n // authenticated). This is because the Megolm session export file format does not\n // encode this authenticity information.\n //\n // Given this migration is only a one-time thing, we make a concession to accept the\n // loss of information in this case, to avoid degrading UX in a non-actionable way.\n pickledSession.imported = sessionData.untrusted === true;\n\n migrationData.push(pickledSession);\n }\n\n await RustSdkCryptoJs.Migration.migrateMegolmSessions(migrationData, pickleKey, storeHandle);\n await legacyStore.deleteEndToEndInboundGroupSessionsBatch(batch);\n onBatchDone(batch.length);\n }\n}\n\n/**\n * Determine if any room settings need migrating from the legacy store, and do so.\n *\n * @param args - Arguments object.\n */\nexport async function migrateRoomSettingsFromLegacyCrypto({\n logger,\n legacyStore,\n olmMachine,\n}: {\n /** A `Logger` instance that will be used for debug output. */\n logger: Logger;\n\n /** Store to migrate data from. */\n legacyStore: CryptoStore;\n\n /** OlmMachine to store the new data on. */\n olmMachine: RustSdkCryptoJs.OlmMachine;\n}): Promise<void> {\n if (!(await legacyStore.containsData())) {\n // This store was never used. Nothing to migrate.\n return;\n }\n\n const migrationState = await legacyStore.getMigrationState();\n\n if (migrationState >= MigrationState.ROOM_SETTINGS_MIGRATED) {\n // We've already migrated the room settings.\n return;\n }\n\n let rooms: Record<string, LegacyRoomEncryption> = {};\n\n await legacyStore.doTxn(\"readwrite\", [IndexedDBCryptoStore.STORE_ROOMS], (txn) => {\n legacyStore.getEndToEndRooms(txn, (result) => {\n rooms = result;\n });\n });\n\n logger.debug(`Migrating ${Object.keys(rooms).length} sets of room settings`);\n for (const [roomId, legacySettings] of Object.entries(rooms)) {\n try {\n const rustSettings = new RustSdkCryptoJs.RoomSettings();\n\n if (legacySettings.algorithm !== \"m.megolm.v1.aes-sha2\") {\n logger.warn(`Room ${roomId}: ignoring room with invalid algorithm ${legacySettings.algorithm}`);\n continue;\n }\n rustSettings.algorithm = RustSdkCryptoJs.EncryptionAlgorithm.MegolmV1AesSha2;\n rustSettings.sessionRotationPeriodMs = legacySettings.rotation_period_ms;\n rustSettings.sessionRotationPeriodMessages = legacySettings.rotation_period_msgs;\n await olmMachine.setRoomSettings(new RustSdkCryptoJs.RoomId(roomId), rustSettings);\n\n // We don't attempt to clear out the settings from the old store, or record where we've gotten up to,\n // which means that if the app gets restarted while we're in the middle of this migration, we'll start\n // again from scratch. So be it. Given that legacy crypto loads the whole room list into memory on startup\n // anyway, we know it can't be that big.\n } catch (e) {\n logger.warn(`Room ${roomId}: ignoring settings ${JSON.stringify(legacySettings)} which caused error ${e}`);\n }\n }\n\n logger.debug(`Completed room settings migration`);\n await legacyStore.setMigrationState(MigrationState.ROOM_SETTINGS_MIGRATED);\n}\n\nasync function getAndDecryptCachedSecretKey(\n legacyStore: CryptoStore,\n legacyPickleKey: Uint8Array,\n name: string,\n): Promise<string | undefined> {\n const key = await new Promise<any>((resolve) => {\n legacyStore.doTxn(\"readonly\", [IndexedDBCryptoStore.STORE_ACCOUNT], (txn) => {\n legacyStore.getSecretStorePrivateKey(txn, resolve, name as keyof SecretStorePrivateKeys);\n });\n });\n\n if (key && key.ciphertext && key.iv && key.mac) {\n return await decryptAESSecretStorageItem(key as AESEncryptedSecretStoragePayload, legacyPickleKey, name);\n } else if (key instanceof Uint8Array) {\n // This is a legacy backward compatibility case where the key was stored in clear.\n return encodeBase64(key);\n } else {\n return undefined;\n }\n}\n\n/**\n * Check if the user's published identity (ie, public cross-signing keys) was trusted by the legacy session,\n * and if so mark it as trusted in the Rust session if needed.\n *\n * By default, if the legacy session didn't have the private MSK, the migrated session will revert to unverified,\n * even if the user has verified the session in the past.\n *\n * This only occurs if the private MSK was not cached in the crypto store (USK and SSK private keys won't help\n * to establish trust: the trust is rooted in the MSK).\n *\n * Rust crypto will only consider the current session as trusted if we import the private MSK itself.\n *\n * We could prompt the user to verify the session again, but it's probably better to just mark the user identity\n * as locally verified if it was before.\n *\n * See https://github.com/element-hq/element-web/issues/27079\n *\n * @param args - Argument object.\n */\nexport async function migrateLegacyLocalTrustIfNeeded(args: {\n /** The legacy crypto store that is migrated. */\n legacyCryptoStore: CryptoStore;\n /** The migrated rust crypto stack. */\n rustCrypto: RustCrypto;\n /** The logger to use */\n logger: Logger;\n}): Promise<void> {\n const { legacyCryptoStore, rustCrypto, logger } = args;\n // Get the public cross-signing identity from rust.\n const rustOwnIdentity = await rustCrypto.getOwnIdentity();\n if (!rustOwnIdentity) {\n // There are no cross-signing keys published server side, so nothing to do here.\n return;\n }\n if (rustOwnIdentity.isVerified()) {\n // The rust session already trusts the keys, so again, nothing to do.\n return;\n }\n\n const legacyLocallyTrustedMSK = await getLegacyTrustedPublicMasterKeyBase64(legacyCryptoStore);\n if (!legacyLocallyTrustedMSK) {\n // The user never verified their identity in the legacy session, so nothing to do.\n return;\n }\n\n const mskInfo: CrossSigningKeyInfo = JSON.parse(rustOwnIdentity.masterKey);\n if (!mskInfo.keys || Object.keys(mskInfo.keys).length === 0) {\n // This should not happen, but let's be safe\n logger.error(\"Post Migration | Unexpected error: no master key in the rust session.\");\n return;\n }\n const rustSeenMSK = Object.values(mskInfo.keys)[0];\n\n if (rustSeenMSK && rustSeenMSK == legacyLocallyTrustedMSK) {\n logger.info(`Post Migration: Migrating legacy trusted MSK: ${legacyLocallyTrustedMSK} to locally verified.`);\n // Let's mark the user identity as locally verified as part of the migration.\n await rustOwnIdentity!.verify();\n // As well as marking the MSK as trusted, `OlmMachine.verify` returns a\n // `SignatureUploadRequest` which will publish a signature of the MSK using\n // this device. In this case, we ignore the request: since the user hasn't\n // actually re-verified the MSK, we don't publish a new signature. (`.verify`\n // doesn't store the signature, and if we drop the request here it won't be\n // retried.)\n //\n // Not publishing the signature is consistent with the behaviour of\n // matrix-crypto-sdk when the private key is imported via\n // `importCrossSigningKeys`, and when the identity is verified via interactive\n // verification.\n //\n // [Aside: device signatures on the MSK are not considered by the rust-sdk to\n // establish the trust of the user identity so in any case, what we actually do\n // here is somewhat moot.]\n }\n}\n\n/**\n * Checks if the legacy store has a trusted public master key, and returns it if so.\n *\n * @param legacyStore - The legacy store to check.\n *\n * @returns `null` if there were no cross signing keys or if they were not trusted. The trusted public master key if it was.\n */\nasync function getLegacyTrustedPublicMasterKeyBase64(legacyStore: CryptoStore): Promise<string | null> {\n let maybeTrustedKeys: string | null = null;\n await legacyStore.doTxn(\"readonly\", \"account\", (txn) => {\n legacyStore.getCrossSigningKeys(txn, (keys) => {\n // can be an empty object after resetting cross-signing keys, see storeTrustedSelfKeys\n const msk = keys?.master;\n if (msk && Object.keys(msk.keys).length != 0) {\n // `msk.keys` is an object with { [`ed25519:${pubKey}`]: pubKey }\n maybeTrustedKeys = Object.values(msk.keys)[0];\n }\n });\n });\n\n return maybeTrustedKeys;\n}\n","/*\nCopyright 2022 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport { StoreHandle } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { RustCrypto } from \"./rust-crypto.ts\";\nimport { type IHttpOpts, type MatrixHttpApi } from \"../http-api/index.ts\";\nimport { type ServerSideSecretStorage } from \"../secret-storage.ts\";\nimport { type Logger } from \"../logger.ts\";\nimport { type CryptoStore, MigrationState } from \"../crypto/store/base.ts\";\nimport {\n migrateFromLegacyCrypto,\n migrateLegacyLocalTrustIfNeeded,\n migrateRoomSettingsFromLegacyCrypto,\n} from \"./libolm_migration.ts\";\nimport { type CryptoCallbacks } from \"../crypto-api/index.ts\";\n\n/**\n * Create a new `RustCrypto` implementation\n *\n * @param args - Parameter object\n * @internal\n */\nexport async function initRustCrypto(args: {\n /** A `Logger` instance that will be used for debug output. */\n logger: Logger;\n\n /**\n * Low-level HTTP interface: used to make outgoing requests required by the rust SDK.\n * We expect it to set the access token, etc.\n */\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>;\n\n /** The local user's User ID. */\n userId: string;\n\n /** The local user's Device ID. */\n deviceId: string;\n\n /** Interface to server-side secret storage. */\n secretStorage: ServerSideSecretStorage;\n\n /** Crypto callbacks provided by the application. */\n cryptoCallbacks: CryptoCallbacks;\n\n /**\n * The prefix to use on the indexeddbs created by rust-crypto.\n * If `null`, a memory store will be used.\n */\n storePrefix: string | null;\n\n /**\n * A passphrase to use to encrypt the indexeddb created by rust-crypto.\n *\n * Ignored if `storePrefix` is null, or `storeKey` is set. If neither this nor `storeKey` is set\n * (and `storePrefix` is not null), the indexeddb will be unencrypted.\n */\n storePassphrase?: string;\n\n /**\n * A key to use to encrypt the indexeddb created by rust-crypto.\n *\n * Ignored if `storePrefix` is null. Otherwise, if it is set, it must be a 32-byte cryptographic key, which\n * will be used to encrypt the indexeddb. See also `storePassphrase`.\n */\n storeKey?: Uint8Array;\n\n /** If defined, we will check if any data needs migrating from this store to the rust store. */\n legacyCryptoStore?: CryptoStore;\n\n /** The pickle key for `legacyCryptoStore` */\n legacyPickleKey?: string;\n\n /**\n * A callback which will receive progress updates on migration from `legacyCryptoStore`.\n *\n * Called with (-1, -1) to mark the end of migration.\n */\n legacyMigrationProgressListener?: (progress: number, total: number) => void;\n}): Promise<RustCrypto> {\n const { logger } = args;\n\n // initialise the rust matrix-sdk-crypto-wasm, if it hasn't already been done\n logger.debug(\"Initialising Rust crypto-sdk WASM artifact\");\n await RustSdkCryptoJs.initAsync();\n\n // enable tracing in the rust-sdk\n new RustSdkCryptoJs.Tracing(RustSdkCryptoJs.LoggerLevel.Debug).turnOn();\n\n logger.debug(\"Opening Rust CryptoStore\");\n let storeHandle;\n if (args.storePrefix) {\n if (args.storeKey) {\n storeHandle = await StoreHandle.openWithKey(args.storePrefix, args.storeKey);\n } else {\n storeHandle = await StoreHandle.open(args.storePrefix, args.storePassphrase);\n }\n } else {\n storeHandle = await StoreHandle.open();\n }\n\n if (args.legacyCryptoStore) {\n // We have a legacy crypto store, which we may need to migrate from.\n await migrateFromLegacyCrypto({\n legacyStore: args.legacyCryptoStore,\n storeHandle,\n ...args,\n });\n }\n\n const rustCrypto = await initOlmMachine(\n logger,\n args.http,\n args.userId,\n args.deviceId,\n args.secretStorage,\n args.cryptoCallbacks,\n storeHandle,\n args.legacyCryptoStore,\n );\n\n storeHandle.free();\n\n logger.debug(\"Completed rust crypto-sdk setup\");\n return rustCrypto;\n}\n\nasync function initOlmMachine(\n logger: Logger,\n http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n userId: string,\n deviceId: string,\n secretStorage: ServerSideSecretStorage,\n cryptoCallbacks: CryptoCallbacks,\n storeHandle: StoreHandle,\n legacyCryptoStore?: CryptoStore,\n): Promise<RustCrypto> {\n logger.debug(\"Init OlmMachine\");\n\n const olmMachine = await RustSdkCryptoJs.OlmMachine.initFromStore(\n new RustSdkCryptoJs.UserId(userId),\n new RustSdkCryptoJs.DeviceId(deviceId),\n storeHandle,\n );\n\n // A final migration step, now that we have an OlmMachine.\n if (legacyCryptoStore) {\n await migrateRoomSettingsFromLegacyCrypto({\n logger,\n legacyStore: legacyCryptoStore,\n olmMachine,\n });\n }\n\n // Disable room key requests, per https://github.com/vector-im/element-web/issues/26524.\n olmMachine.roomKeyRequestsEnabled = false;\n\n const rustCrypto = new RustCrypto(logger, olmMachine, http, userId, deviceId, secretStorage, cryptoCallbacks);\n\n await olmMachine.registerRoomKeyUpdatedCallback((sessions: RustSdkCryptoJs.RoomKeyInfo[]) =>\n rustCrypto.onRoomKeysUpdated(sessions),\n );\n await olmMachine.registerRoomKeysWithheldCallback((withheld: RustSdkCryptoJs.RoomKeyWithheldInfo[]) =>\n rustCrypto.onRoomKeysWithheld(withheld),\n );\n await olmMachine.registerUserIdentityUpdatedCallback((userId: RustSdkCryptoJs.UserId) =>\n rustCrypto.onUserIdentityUpdated(userId),\n );\n await olmMachine.registerDevicesUpdatedCallback((userIds: string[]) => rustCrypto.onDevicesUpdated(userIds));\n\n // Check if there are any key backup secrets pending processing. There may be multiple secrets to process if several devices have gossiped them.\n // The `registerReceiveSecretCallback` function will only be triggered for new secrets. If the client is restarted before processing them, the secrets will need to be manually handled.\n rustCrypto.checkSecrets(\"m.megolm_backup.v1\");\n\n // Register a callback to be notified when a new secret is received, as for now only the key backup secret is supported (the cross signing secrets are handled automatically by the OlmMachine)\n await olmMachine.registerReceiveSecretCallback((name: string, _value: string) =>\n // Instead of directly checking the secret value, we poll the inbox to get all values for that secret type.\n // Once we have all the values, we can safely clear the secret inbox.\n rustCrypto.checkSecrets(name),\n );\n\n // Tell the OlmMachine to think about its outgoing requests before we hand control back to the application.\n //\n // This is primarily a fudge to get it to correctly populate the `users_for_key_query` list, so that future\n // calls to getIdentity (etc) block until the key queries are performed.\n //\n // Note that we don't actually need to *make* any requests here; it is sufficient to tell the Rust side to think\n // about them.\n //\n // XXX: find a less hacky way to do this.\n await olmMachine.outgoingRequests();\n\n if (legacyCryptoStore && (await legacyCryptoStore.containsData())) {\n const migrationState = await legacyCryptoStore.getMigrationState();\n if (migrationState < MigrationState.INITIAL_OWN_KEY_QUERY_DONE) {\n logger.debug(`Performing initial key query after migration`);\n // We need to do an initial keys query so that the rust stack can properly update trust of\n // the user device and identity from the migrated private keys.\n // If not done, there is a short period where the own device/identity trust will be undefined after migration.\n let initialKeyQueryDone = false;\n while (!initialKeyQueryDone) {\n try {\n await rustCrypto.userHasCrossSigningKeys(userId);\n initialKeyQueryDone = true;\n } catch (e) {\n // If the initial key query fails, we retry until it succeeds.\n logger.error(\"Failed to check for cross-signing keys after migration, retrying\", e);\n }\n }\n\n // If the private master cross-signing key was not cached in the legacy store, the rust session\n // will not be able to establish the trust of the user identity.\n // That means that after migration the session could revert to unverified.\n // In order to avoid asking the users to re-verify their sessions, we need to migrate the legacy local trust\n // (if the legacy session was already verified) to the new session.\n await migrateLegacyLocalTrustIfNeeded({ legacyCryptoStore, rustCrypto, logger });\n\n await legacyCryptoStore.setMigrationState(MigrationState.INITIAL_OWN_KEY_QUERY_DONE);\n }\n }\n\n return rustCrypto;\n}\n"],"names":["VerificationRequestEvent","VerificationPhase","VerificationPhase2","VerifierEvent","OLM_RECOVERY_KEY_PREFIX","encodeRecoveryKey","key","buf","parity","i","_a","bs58","DEFAULT_BIT_SIZE","deriveRecoveryKeyFromPassphrase","passphrase","salt","iterations","numBits","keybits","VerificationMethod","escaped","escapes","escapeString","value","stringify","stringifyArray","stringifyObject","array","sep","result","object","keys","anotherJson","RoomEncryptor","olmMachine","keyClaimManager","outgoingRequestManager","room","encryptionSettings","logger","members","u","RustSdkCryptoJs.UserId","e","config","member","KnownMembership","UserId","globalBlacklistUnverifiedDevices","deviceIsolationMode","event","LogSpan","prom","logDuration","userList","rustEncryptionSettings","EncryptionSettings","toRustHistoryVisibility","EncryptionAlgorithm","DeviceIsolationModeKind","onlyAllowTrustedDevices","CollectStrategy","shareMessages","RoomId","m","encryptedContent","EventType","visibility","HistoryVisibility","RustHistoryVisibility","UnstablePrefix","SECRET_STORAGE_NAME","DEHYDRATION_INTERVAL","DehydratedDeviceManager","TypedEventEmitter","http","outgoingRequestProcessor","secretStorage","CryptoEvent","Method","error","err","opts","RustSdkCryptoJs.DehydratedDeviceKey","create","cachedKey","keyB64","bytes","decodeBase64","dehydratedDeviceResp","rehydratedDevice","RustSdkCryptoJs.DeviceId","nextBatch","toDeviceCount","roomKeyCount","path","encodeUri","eventResp","roomKeyInfos","dehydratedDevice","request","OutgoingRequestProcessor","msg","uiaCallback","resp","KeysUploadRequest","KeysQueryRequest","KeysClaimRequest","SignatureUploadRequest","KeysBackupRequest","ToDeviceRequest","RoomMessageRequest","UploadSigningKeysRequest","PutDehydratedDeviceRequest","DehydrationUnstablePrefix","parsedBody","messageList","userId","perUserMessages","deviceId","message","ToDeviceMessageId","method","queryParams","body","auth","newBody","currentRetryCount","backoff","calculateRetryBackoff","sleep","KeyClaimManager","claimRequest","rustDeviceToJsDevice","device","keyId","verified","DeviceVerification","signatures","mayBeSignatureMap","convertedSignatures","rustAlgorithms","algorithms","algorithm","RustSdkCryptoJs.EncryptionAlgorithm","Device","deviceKeysToDeviceMap","deviceKeys","downloadDeviceToJsDevice","displayName","CrossSigningIdentity","olmDeviceStatus","masterKeyFromSecretStorage","selfSigningKeyFromSecretStorage","userSigningKeyFromSecretStorage","privateKeysInSecretStorage","olmDeviceHasKeys","status","authUploadDeviceSigningKeys","outgoingRequests","req","exported","secretStorageContainsCrossSigningKeys","secretStorageCanAccessSecrets","secretNames","defaultKeyId","secretName","record","RustVerificationRequest","inner","supportedVerificationMethods","TypedReEmitter","weakThis","verification","RustSdkCryptoJs.Sas","RustQrCodeVerifier","RustSASVerifier","RustSdkCryptoJs.Qr","verifier","otherDeviceId","phase","RustSdkCryptoJs.VerificationRequestPhase","theirMethods","requiredMethod","verificationMethodsByIdentifier","verificationMethodIdentifierToMethod","params","targetDevice","res","uint8Array","scan","RustSdkCryptoJs.QrCodeScan","innerVerifier","cancelInfo","BaseRustVerifer","defer","QrState","_verificationRequest","emoji","decimal","sas","requests","RustSdkCryptoJs.VerificationMethod","meth","isVerificationEvent","MsgType","RustBackupManager","info","signatureVerification","backupKeys","decryptionKey","backupInfoMatchesBackupDecryptionKey","force","secret","latestBackupInfo","backupDecryptionKey","RustSdkCryptoJs.BackupDecryptionKey","version","jsonKeys","progress","total","importOpt","ImportRoomKeyStage","backupVersion","keysByRoom","roomId","RustSdkCryptoJs.RoomId","failures","backupInfo","activeVersion","trustInfo","maxDelay","delay","numFailures","remainingToUploadCount","isFirstIteration","keyCount","keysCountInBatch","MatrixError","errCode","waitTime","batch","countKeysInBackup","requestKeyBackupVersion","signObject","randomKey","pubKey","authData","ClientPrefix","current","_b","RustBackupDecryptor","backupDecryptor","keyBackup","totalKeyCount","totalImported","totalFailures","handleChunkCallback","roomChunks","currentChunk","session","groupChunkCount","chunkGroupByRoom","roomData","sessionId","sessionsForRoom","ciphertexts","sessionData","decrypted","decryptionKeyMatchesKeyBackupInfo","keyBackupInfo","count","sessions","OutgoingRequestsManager","deferred","KEY_BACKUP_BACKOFF","KeyDownloadError","code","KeyDownloadRateLimitError","retryMillis","PerSessionKeyBackupDownloader","backupManager","configuration","megolmSessionId","now","sid","ts","lastCheck","targetRoomId","targetSessionId","sessionInfo","data","sessionsToImport","k","currentServerVersion","keyFromAuthData","ALL_VERIFICATION_METHODS","RustCrypto","_deviceId","cryptoCallbacks","AllDevicesIsolationMode","EventDecryptor","ClientStoppedError","_v","_room","encryptor","privKey","encodeBase64","versions","RustSdkCryptoJs.getVersions","isolationMode","roomSettings","raw","downloadUncached","rustTrackedUsers","rustTrackedUser","userIdentity","userIds","deviceMapByUserId","trackedUsers","rustUserId","untrackedUsers","queryResult","userDevices","deviceArray","d","queryBody","user","val","RustSdkCryptoJs.LocalTrust","outgoingRequest","DeviceVerificationStatus","UserVerificationStatus","wasVerified","needsUserApproval","RustSdkCryptoJs.OtherUserIdentity","RustSdkCryptoJs.OwnUserIdentity","privateKeysCachedLocally","hasKeysInCache","identity","type","CrossSigningKey","crossSigningStatus","parsedKey","secretsToCheck","createSecretStorageKey","setupNewSecretStorage","setupNewKeyBackup","isNewSecretStorageKeyNeeded","recoveryKey","crossSigningPrivateKeys","backupKeyBase64","secretStorageKey","secretStorageKeyObject","SECRET_STORAGE_ALGORITHM_V1_AES","_d","_c","secretStorageKeyTuple","keyInfo","publicKeysOnDevice","password","secureRandomString","methods","verificationEventContent","eventId","RustSdkCryptoJs.EventId","txId","base64Key","backupKey","o","obj","sigs","unsigned","userSignatures","canonalizedJson","anotherjson","map","privateKey","decodedDecryptionKey","secrets","secretsBundle","RustSdkCryptoJs.SecretsBundle","eventType","devices","payload","uniqueUsers","encryptedPayload","events","oneTimeKeysCounts","unusedFallbackKeys","RustSdkCryptoJs.DeviceLists","processed","sender","transactionId","mapOneTimeKeysCount","setUnusedFallbackKeys","deviceLists","settings","RustSdkCryptoJs.RoomSettings","existingEncryptor","syncState","oldMembership","enc","pendingList","ev","_e","withheld","newVerification","name","pendingValues","processEvent","evt","timeoutId","MatrixEventEvent","onDecrypted","decryptedEvent","perSessionBackupDownloader","MapWithDefault","trustRequirement","RustSdkCryptoJs.TrustRequirement","stringifyEvent","RustSdkCryptoJs.DecryptionSettings","RustSdkCryptoJs.MegolmDecryptionError","DecryptionError","DecryptionFailureCode","serverBackupInfo","content","errorDetails","RustSdkCryptoJs.DecryptionErrorCode","membership","failureCode","EventShieldColour","encryptionInfo","rustEncryptionInfoToJsEncryptionInfo","roomPendingEvents","sessionPendingEvents","shieldState","shieldColour","RustSdkCryptoJs.ShieldColor","shieldReason","RustSdkCryptoJs.ShieldStateCode","EventShieldReason","migrateFromLegacyCrypto","args","legacyStore","RustSdkCryptoJs.initAsync","RustSdkCryptoJs.Tracing","RustSdkCryptoJs.LoggerLevel","accountPickle","IndexedDBCryptoStore","txn","acctPickle","migrationState","MigrationState","nOlmSessions","countOlmSessions","nMegolmSessions","countMegolmSessions","totalSteps","stepsDone","onProgress","steps","pickleKey","migrateBaseData","migrateOlmSessions","migrateMegolmSessions","storeHandle","migrationData","RustSdkCryptoJs.BaseMigrationData","a","getAndDecryptCachedSecretKey","backupCallDone","publicKey","RustSdkCryptoJs.Migration","nSessions","n","onBatchDone","pickledSession","RustSdkCryptoJs.PickledSession","RustSdkCryptoJs.PickledInboundGroupSession","migrateRoomSettingsFromLegacyCrypto","rooms","legacySettings","rustSettings","legacyPickleKey","resolve","decryptAESSecretStorageItem","migrateLegacyLocalTrustIfNeeded","legacyCryptoStore","rustCrypto","rustOwnIdentity","legacyLocallyTrustedMSK","getLegacyTrustedPublicMasterKeyBase64","mskInfo","rustSeenMSK","maybeTrustedKeys","msk","initRustCrypto","StoreHandle","initOlmMachine","RustSdkCryptoJs.OlmMachine","_value","initialKeyQueryDone"],"mappings":"6jCAqMY,IAAAA,GAAAA,IAMRA,EAAA,OAAS,SANDA,IAAAA,GAAA,CAAA,CAAA,EAmBAC,GAAAA,IAERA,EAAAA,EAAA,OAAS,CAAT,EAAA,SAGAA,EAAAC,EAAA,UAAA,CAAA,EAAA,YAGAD,EAAAC,EAAA,MAAA,CAAA,EAAA,QAQAD,EAAAC,EAAA,QAAA,CAAA,EAAA,UAMAD,EAAAC,EAAA,UAAA,CAAA,EAAA,YAOAD,EAAAC,EAAA,KAAA,CAAA,EAAA,OA7BQD,IAAAA,GAAA,CAAA,CAAA,EA2FAE,IAAAA,IAORA,EAAA,OAAS,SAOTA,EAAA,QAAU,WAOVA,EAAA,kBAAoB,sBArBZA,IAAAA,IAAA,CAAA,CAAA,EC/RZ,MAAMC,GAA0B,CAAC,IAAM,CAAI,EAOpC,SAASC,GAAkBC,EAA4C,OAC1E,MAAMC,EAAM,IAAI,WAAWH,GAAwB,OAASE,EAAI,OAAS,CAAC,EACtEC,EAAA,IAAIH,GAAyB,CAAC,EAC9BG,EAAA,IAAID,EAAKF,GAAwB,MAAM,EAE3C,IAAII,EAAS,EACb,QAASC,EAAI,EAAGA,EAAIF,EAAI,OAAS,EAAG,EAAEE,EAClCD,GAAUD,EAAIE,CAAC,EAEf,OAAAF,EAAAA,EAAI,OAAS,CAAC,EAAIC,GAGfE,EAFWC,GAAK,OAAOJ,CAAG,EAEhB,MAAM,SAAS,IAAzB,YAAAG,EAA4B,KAAK,IAC5C,CCxBA,MAAME,GAAmB,IAWzB,eAAsBC,GAClBC,EACAC,EACAC,EACAC,EAAUL,GACS,CACnB,GAAI,CAAC,WAAW,OAAO,QAAU,CAAC,YACxB,MAAA,IAAI,MAAM,yDAAyD,EAG7E,MAAMN,EAAM,MAAM,WAAW,OAAO,OAAO,UACvC,MACA,IAAI,YAAA,EAAc,OAAOQ,CAAU,EACnC,CAAE,KAAM,QAAS,EACjB,GACA,CAAC,YAAY,CACjB,EAEMI,EAAU,MAAM,WAAW,OAAO,OAAO,WAC3C,CACI,KAAM,SACN,KAAM,IAAI,cAAc,OAAOH,CAAI,EACnC,WAAAC,EACA,KAAM,SACV,EACAV,EACAW,CACJ,EAEO,OAAA,IAAI,WAAWC,CAAO,CACjC,CC1BY,IAAAC,GAAAA,IAKRA,EAAA,IAAM,WAONA,EAAA,WAAa,oBAObA,EAAA,WAAa,oBAObA,EAAA,YAAc,mBA1BNA,IAAAA,GAAA,CAAA,CAAA,2CCZZ,QAFIC,EAAU,mBACVC,EAAU,CAAE,EACPZ,EAAI,EAAGA,EAAI,GAAM,EAAEA,EACxBY,EAAQ,OAAO,aAAaZ,CAAC,CAAC,EAC1B,OAAS,OAASA,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,EAAE,YAAW,EAG/DY,EAAQ,IAAI,EAAI,MAChBA,EAAQ,GAAI,EAAI,MAChBA,EAAQ;AAAA,CAAI,EAAI,MAChBA,EAAQ,IAAI,EAAI,MAChBA,EAAQ,IAAI,EAAI,MAChBA,EAAQ,GAAI,EAAI,MAChBA,EAAQ,IAAI,EAAI,OAEhB,SAASC,EAAaC,EAAO,CACzB,OAAAH,EAAQ,UAAY,EACbG,EAAM,QAAQH,EAAS,SAAS,EAAG,CAAE,OAAOC,EAAQ,CAAC,EAAI,CACpE,CAEA,SAASG,EAAUD,EAAO,CACtB,OAAQ,OAAOA,EAAK,CAChB,IAAK,SACD,MAAO,IAAMD,EAAaC,CAAK,EAAI,IACvC,IAAK,SACD,OAAO,SAASA,CAAK,EAAIA,EAAQ,OACrC,IAAK,UACD,OAAOA,EACX,IAAK,SACD,OAAIA,IAAU,KACH,OAEP,MAAM,QAAQA,CAAK,EACZE,EAAeF,CAAK,EAExBG,EAAgBH,CAAK,EAChC,QACI,MAAM,IAAI,MAAM,qBAAuB,OAAOA,CAAK,CAC/D,CACA,CAEA,SAASE,EAAeE,EAAO,CAG3B,QAFIC,EAAM,IACNC,EAAS,GACJpB,EAAI,EAAGA,EAAIkB,EAAM,OAAQ,EAAElB,EAChCoB,GAAUD,EACVA,EAAM,IACNC,GAAUL,EAAUG,EAAMlB,CAAC,CAAC,EAEhC,OAAImB,GAAO,IACA,KAEAC,EAAS,GAExB,CAEA,SAASH,EAAgBI,EAAQ,CAC7B,IAAIF,EAAM,IACNC,EAAS,GACTE,EAAO,OAAO,KAAKD,CAAM,EAC7BC,EAAK,KAAM,EACX,QAAStB,EAAI,EAAGA,EAAIsB,EAAK,OAAQ,EAAEtB,EAAG,CAClC,IAAIH,EAAMyB,EAAKtB,CAAC,EAChBoB,GAAUD,EAAM,IAAMN,EAAahB,CAAG,EAAI,KAC1CsB,EAAM,IACNC,GAAUL,EAAUM,EAAOxB,CAAG,CAAC,CACvC,CACI,OAAIsB,GAAO,IACA,KAEAC,EAAS,GAExB,CAGA,OAAAG,GAAiB,CAAC,UAAWR,CAAS,iCC/C/B,MAAMS,EAAc,CAoBhB,YACcC,EACAC,EACAC,EACAC,EACTC,EACV,CALmB,KAAA,WAAAJ,EACA,KAAA,gBAAAC,EACA,KAAA,uBAAAC,EACA,KAAA,KAAAC,EACT,KAAA,mBAAAC,EArBZ,KAAQ,0BAA4B,GAO5B,KAAA,yBAA0C,QAAQ,QAAQ,EAgB9D,KAAK,eAAiBC,EAAO,SAAS,IAAIF,EAAK,MAAM,cAAc,EAI7D,MAAAG,EAAUH,EAAK,iBAAiB,EAKjC,KAAA,WACA,mBAAmBG,EAAQ,IAAKC,GAAM,IAAIC,EAAuBD,EAAE,MAAM,CAAC,CAAC,EAC3E,MAAOE,GAAM,KAAK,eAAe,MAAM,mCAAoCA,CAAC,CAAC,CAAA,CAQ/E,cAAcC,EAAwB,CACrC,GAAA,KAAK,UAAU,KAAK,kBAAkB,GAAK,KAAK,UAAUA,CAAM,EAE1D,MAAA,IAAI,MAAM,4CAA4C,CAChE,CAQG,iBAAiBC,EAA0B,EAE1CA,EAAO,YAAcC,GAAgB,MACpCD,EAAO,YAAcC,GAAgB,QAAU,KAAK,KAAK,+BAAA,IAG1D,KAAK,WAAW,mBAAmB,CAAC,IAAIC,EAAOF,EAAO,MAAM,CAAC,CAAC,EAAE,MAAOF,GAAM,CACpE,KAAA,eAAe,MAAM,iCAAkCA,CAAC,CAAA,CAChE,CACL,CAeJ,MAAa,qBACTK,EACAC,EACa,CAQb,MAAM,KAAK,aAAa,KAAMD,EAAkCC,CAAmB,CAAA,CAehF,aACHC,EACAF,EACAC,EACa,CACPV,MAAAA,EAAS,IAAIY,GAAQ,KAAK,eAAgBD,EAASA,EAAM,SAAA,GAAc,GAAM,sBAAsB,EAGnGE,EAAO,KAAK,yBACb,MAAM,IAAM,CAAA,CAGZ,EACA,KAAK,SAAY,CACR,MAAAC,EAAYd,EAAQ,0BAA2B,SAAY,CAC7D,MAAM,KAAK,wBAAwBA,EAAQS,EAAkCC,CAAmB,CAAA,CACnG,EACGC,GACM,MAAAG,EAAYd,EAAQ,oBAAqB,SAAY,CACjD,MAAA,KAAK,kBAAkBA,EAAQW,CAAK,CAAA,CAC7C,CACL,CACH,EAEL,YAAK,yBAA2BE,EACzBA,CAAA,CAeX,MAAc,wBACVb,EACAS,EACAC,EACa,CACT,GAAA,KAAK,mBAAmB,YAAc,uBACtC,MAAM,IAAI,MACN,qBAAqB,KAAK,KAAK,MAAM,+BAA+B,KAAK,mBAAmB,SAAS,GACzG,EAEJV,EAAO,MAAM,qBAAqB,EAElC,MAAMC,EAAU,MAAM,KAAK,KAAK,2BAA2B,EAQtD,KAAK,2BA4BND,EAAO,MAAM,4CAA4C,EACzD,KAAK,uBAAuB,0BAA0B,IA5BtD,MAAMc,EAAY,KAAK,eAAgB,0CAA2C,SAAY,CAC1F,MAAM,KAAK,WAAW,mBAAmBb,EAAQ,IAAKC,GAAM,IAAIC,EAAuBD,EAAE,MAAM,CAAC,CAAC,CAAA,CACpG,EACDF,EAAO,MAAM,uBAAuB,EACpC,KAAK,0BAA4B,GAWjCA,EAAO,MAAM,8BAA8B,EAE3C,MAAMc,EAAY,KAAK,eAAgB,4BAA6B,SAAY,CACtE,MAAA,KAAK,uBAAuB,0BAA0B,CAAA,CAC/D,GAYLd,EAAO,MACH,yDAAyD,KAAK,KAAK,+BAAA,CAAgC,KACnGC,EAAQ,IAAKC,GAAM,GAAGA,EAAE,MAAM,KAAKA,EAAE,UAAU,GAAG,CACtD,EAEM,MAAAa,EAAWd,EAAQ,IAAKC,GAAM,IAAIM,EAAON,EAAE,MAAM,CAAC,EAExD,MAAMY,EAAY,KAAK,eAAgB,yBAA0B,SAAY,CACzE,MAAM,KAAK,gBAAgB,uBAAuBd,EAAQe,CAAQ,CAAA,CACrE,EAEK,MAAAC,EAAyB,IAAIC,GAiBnC,OAhBAD,EAAuB,kBAAoBE,GAAwB,KAAK,KAAK,sBAAsB,EAGnGF,EAAuB,UAAYG,EAAoB,gBAKnD,OAAO,KAAK,mBAAmB,oBAAuB,WACtDH,EAAuB,eAAiB,OAAO,KAAK,mBAAmB,mBAAqB,GAAI,GAGhG,OAAO,KAAK,mBAAmB,sBAAyB,WACxDA,EAAuB,uBAAyB,OAAO,KAAK,mBAAmB,oBAAoB,GAG/FN,EAAoB,KAAM,CAC9B,KAAKU,GAAwB,wBACzB,CAGI,MAAMC,EACF,KAAK,KAAK,8BAAmC,GAAAZ,EACjDO,EAAuB,gBAAkBM,GAAgB,oBACrDD,EACAX,EAAoB,2BACxB,CAAA,CAEJ,MACJ,KAAKU,GAAwB,+BACFJ,EAAA,gBAAkBM,GAAgB,sBAAsB,EAC/E,KAAA,CAGR,MAAMR,EAAY,KAAK,eAAgB,eAAgB,SAAY,CACzD,MAAAS,EAAmC,MAAM,KAAK,WAAW,aAC3D,IAAIC,EAAO,KAAK,KAAK,MAAM,EAE3BT,EACAC,CACJ,EACA,GAAIO,EACA,UAAWE,KAAKF,EACZ,MAAM,KAAK,uBAAuB,yBAAyB,oBAAoBE,CAAC,CAExF,CACH,CAAA,CAML,MAAa,qBAAqC,CACpC,MAAM,KAAK,WAAW,uBAAuB,IAAID,EAAO,KAAK,KAAK,MAAM,CAAC,GAE1E,KAAA,eAAe,KAAK,kCAAkC,CAC/D,CAGJ,MAAc,kBAAkBxB,EAAiBW,EAAmC,CAChFX,EAAO,MAAM,mCAAmC,EAC1C,MAAA0B,EAAmB,MAAM,KAAK,WAAW,iBAC3C,IAAIF,EAAO,KAAK,KAAK,MAAM,EAC3Bb,EAAM,QAAQ,EACd,KAAK,UAAUA,EAAM,WAAY,CAAA,CACrC,EAEMA,EAAA,cACFgB,EAAU,qBACV,KAAK,MAAMD,CAAgB,EAC3B,KAAK,WAAW,aAAa,WAAW,SAAS,EACjD,KAAK,WAAW,aAAa,QAAQ,SAAS,CAClD,EAEA1B,EAAO,MAAM,8BAA8B,CAAA,CAEnD,CAOO,SAASkB,GAAwBU,EAAsD,CAC1F,OAAQA,EAAY,CAChB,KAAKC,EAAkB,QACnB,OAAOC,EAAsB,QACjC,KAAKD,EAAkB,OACnB,OAAOC,EAAsB,OACjC,KAAKD,EAAkB,OACnB,OAAOC,EAAsB,OACjC,KAAKD,EAAkB,cACnB,OAAOC,EAAsB,aAAA,CAEzC,CC/SO,MAAMC,EAAiB,iDAIxBC,GAAsB,qBAKtBC,GAAuB,EAAI,GAAK,GAAK,GAAK,IAczC,MAAMC,WAAgCC,CAAsE,CAIxG,YACcnC,EACAL,EACAyC,EACAC,EACAC,EACnB,CACQ,MAAA,EANW,KAAA,OAAAtC,EACA,KAAA,WAAAL,EACA,KAAA,KAAAyC,EACA,KAAA,yBAAAC,EACA,KAAA,cAAAC,CAAA,CAKrB,MAAc,SAASvE,EAAyD,CAC5E,MAAM,KAAK,WAAW,kBAAkB,EAAE,wBAAwBA,CAAG,EAChE,KAAA,KAAKwE,EAAY,oBAAoB,CAAA,CAM9C,MAAa,aAAgC,CAKrC,GAAA,CACA,MAAM,KAAK,KAAK,cACZC,EAAO,IACP,qBACA,OACA,OACA,CACI,OAAQT,CAAA,CAEhB,QACKU,EAAO,CACZ,MAAMC,EAAMD,EACR,GAAAC,EAAI,UAAY,iBACT,MAAA,GACX,GAAWA,EAAI,UAAY,cAChB,MAAA,GAEL,MAAAD,CAAA,CAEH,MAAA,EAAA,CAmBX,MAAa,MAAME,EAAuC,GAAmB,CAKrE,GAJA,OAAOA,GAAS,YACTA,EAAA,CAAE,aAAcA,CAAK,GAG5B,EAAAA,EAAK,iBAAmB,CAAE,MAAM,KAAK,WAAW,kBAAA,EAAoB,0BAIpE,IADJ,KAAK,KAAK,EACNA,EAAK,YAAc,GACf,GAAA,CACA,MAAM,KAAK,2BAA2B,QACjCvC,EAAG,CAGH,KAAA,OAAO,KAAK,yCAA0CA,CAAC,EAC5D,KAAK,KAAKmC,EAAY,iBAAmBnC,EAAY,OAAO,CAAA,CAGhEuC,EAAK,cACL,MAAM,KAAK,SAAS,EAExB,MAAM,KAAK,0BAA0B,EAAA,CAMzC,MAAa,aAAgC,CACzC,MAAO,EAAQ,MAAM,KAAK,cAAc,SAASX,EAAmB,CAAC,CAUzE,MAAa,UAAyD,CAC5D,MAAAjE,EAAM6E,GAAoC,gBAAgB,EAChE,aAAM,KAAK,cAAc,MAAMZ,GAAqBjE,EAAI,UAAU,EAE5D,MAAA,KAAK,SAASA,CAAG,EAChBA,CAAA,CAUX,MAAc,OAAO8E,EAAsE,CACvF,MAAMC,EAAY,MAAM,KAAK,WAAW,kBAAA,EAAoB,uBAAuB,EACnF,GAAIA,EAAkB,OAAAA,EACtB,MAAMC,EAAS,MAAM,KAAK,cAAc,IAAIf,EAAmB,EAC/D,GAAIe,IAAW,OACX,OAAKF,EAGE,MAAM,KAAK,SAAS,EAFhB,KAOT,MAAAG,EAAQC,GAAaF,CAAM,EAC7B,GAAA,CACA,MAAMhF,EAAM6E,GAAoC,mBAAmBI,CAAK,EAClE,aAAA,KAAK,SAASjF,CAAG,EAChBA,CAAA,QACT,CACEiF,EAAM,KAAK,CAAC,CAAA,CAChB,CAWJ,MAAa,4BAA+C,CACxD,MAAMjF,EAAM,MAAM,KAAK,OAAO,EAAK,EACnC,GAAI,CAACA,EACM,MAAA,GAGP,IAAAmF,EACA,GAAA,CACuBA,EAAA,MAAM,KAAK,KAAK,cACnCV,EAAO,IACP,qBACA,OACA,OACA,CACI,OAAQT,CAAA,CAEhB,QACKU,EAAO,CACZ,MAAMC,EAAMD,EAIZ,GAAIC,EAAI,UAAY,eAAiBA,EAAI,UAAY,iBAC5C,YAAA,OAAO,KAAK,mCAAmC,EAC7C,GAEL,MAAAA,CAAA,CAGL,KAAA,OAAO,KAAK,sCAAsC,EAClD,KAAA,KAAKH,EAAY,kBAAkB,EAExC,MAAMY,EAAmB,MAAM,KAAK,WAC/B,kBACA,EAAA,UACGpF,EACA,IAAIqF,EAAyBF,EAAqB,SAAS,EAC3D,KAAK,UAAUA,EAAqB,WAAW,CACnD,EAEC,KAAA,OAAO,KAAK,gCAAgC,EAEjD,IAAIG,EACAC,EAAgB,EAChBC,EAAe,EACb,MAAAC,EAAOC,GAAU,uCAAwC,CAC3D,WAAYP,EAAqB,SAAA,CACpC,EAED,OAAa,CACH,MAAAQ,EAAwC,MAAM,KAAK,KAAK,cAC1DlB,EAAO,KACPgB,EACA,OACAH,EAAY,CAAE,WAAYA,CAAA,EAAc,CAAC,EACzC,CACI,OAAQtB,CAAA,CAEhB,EAEI,GAAA2B,EAAU,OAAO,SAAW,EAC5B,MAEJJ,GAAiBI,EAAU,OAAO,OAClCL,EAAYK,EAAU,WAChB,MAAAC,EAAe,MAAMR,EAAiB,cAAc,KAAK,UAAUO,EAAU,MAAM,CAAC,EAC1FH,GAAgBI,EAAa,OAE7B,KAAK,KAAKpB,EAAY,oBAAqBgB,EAAcD,CAAa,CAAA,CAE1E,YAAK,OAAO,KAAK,yBAAyBC,CAAY,mBAAmBD,CAAa,mBAAmB,EACpG,KAAA,KAAKf,EAAY,oBAAoB,EAEnC,EAAA,CAQX,MAAa,iCAAiD,CAC1D,MAAMxE,EAAO,MAAM,KAAK,OAAO,EAAI,EAE7B6F,EAAmB,MAAM,KAAK,WAAW,kBAAA,EAAoB,OAAO,EACrE,KAAA,KAAKrB,EAAY,uBAAuB,EAC7C,MAAMsB,EAAU,MAAMD,EAAiB,cAAc,oBAAqB7F,CAAG,EAEvE,MAAA,KAAK,yBAAyB,oBAAoB8F,CAAO,EAC1D,KAAA,KAAKtB,EAAY,wBAAwB,EAEzC,KAAA,OAAO,KAAK,8BAA8B,CAAA,CAMnD,MAAa,2BAA2C,CAEpD,KAAK,KAAK,EAEV,MAAM,KAAK,gCAAgC,EACtC,KAAA,WAAa,YAAY,IAAM,CAChC,KAAK,gCAAgC,EAAE,MAAOE,GAAU,CACpD,KAAK,KAAKF,EAAY,8BAA+BE,EAAM,OAAO,EAC7D,KAAA,OAAO,MAAM,oCAAqCA,CAAK,CAAA,CAC/D,GACFR,EAAoB,CAAA,CAQpB,MAAa,CACZ,KAAK,aACL,cAAc,KAAK,UAAU,EAC7B,KAAK,WAAa,OACtB,CAMJ,MAAa,QAAwB,CACjC,KAAK,KAAK,EACN,GAAA,CACA,MAAM,KAAK,KAAK,cACZO,EAAO,OACP,qBACA,OACA,CAAC,EACD,CACI,OAAQT,CAAA,CAEhB,QACKU,EAAO,CACZ,MAAMC,EAAMD,EAIR,GAAAC,EAAI,UAAY,iBAChB,OACJ,GAAWA,EAAI,UAAY,cACvB,OAEE,MAAAD,CAAA,CACV,CAER,CClUO,MAAMqB,EAAyB,CAC3B,YACcnE,EACAyC,EACnB,CAFmB,KAAA,WAAAzC,EACA,KAAA,KAAAyC,CAAA,CAGrB,MAAa,oBACT2B,EACAC,EACa,CACT,IAAAC,EAKJ,GAAIF,aAAeG,GACRD,EAAA,MAAM,KAAK,iBAAiBzB,EAAO,KAAM,iCAAkC,CAAA,EAAIuB,EAAI,IAAI,UACvFA,aAAeI,GACfF,EAAA,MAAM,KAAK,iBAAiBzB,EAAO,KAAM,gCAAiC,CAAA,EAAIuB,EAAI,IAAI,UACtFA,aAAeK,GACfH,EAAA,MAAM,KAAK,iBAAiBzB,EAAO,KAAM,gCAAiC,CAAA,EAAIuB,EAAI,IAAI,UACtFA,aAAeM,GACfJ,EAAA,MAAM,KAAK,iBAAiBzB,EAAO,KAAM,4CAA6C,CAAA,EAAIuB,EAAI,IAAI,UAClGA,aAAeO,GACtBL,EAAO,MAAM,KAAK,iBACdzB,EAAO,IACP,oCACA,CAAE,QAASuB,EAAI,OAAQ,EACvBA,EAAI,IACR,UACOA,aAAeQ,GACfN,EAAA,MAAM,KAAK,oBAAoBF,CAAG,UAClCA,aAAeS,GAAoB,CAC1C,MAAMhB,EACF,4BAA4B,mBAAmBO,EAAI,OAAO,CAAC,SACxD,mBAAmBA,EAAI,UAAU,CAAC,IAAI,mBAAmBA,EAAI,MAAM,CAAC,GACpEE,EAAA,MAAM,KAAK,iBAAiBzB,EAAO,IAAKgB,EAAM,CAAA,EAAIO,EAAI,IAAI,CAAA,SAC1DA,aAAeU,GAA0B,CAChD,MAAM,KAAK,mBACPjC,EAAO,KACP,gDACA,CAAC,EACDuB,EAAI,KACJC,CACJ,EAEA,MAAA,SACOD,aAAeW,GAA4B,CAClD,MAAMlB,EAAOmB,EAA4B,qBACnC,MAAA,KAAK,eAAenC,EAAO,IAAKgB,EAAM,CAAC,EAAGO,EAAI,IAAI,EAExD,MAAA,MAEA/D,EAAO,KAAK,+BAAgC,OAAO,eAAe+D,CAAG,CAAC,EAC/DE,EAAA,GAGX,GAAIF,EAAI,GACA,GAAA,CACA,MAAMjD,EAAYd,EAAQ,wBAAwB+D,EAAI,IAAI,GAAI,SAAY,CACtE,MAAM,KAAK,WAAW,kBAAkBA,EAAI,GAAKA,EAAI,KAAME,CAAI,CAAA,CAClE,QACI7D,EAAG,CAGR,GACIA,aAAa,QACZA,EAAE,UAAY,gCAAkCA,EAAE,UAAY,+BAE/DJ,EAAO,IAAI,mBAAmBI,EAAE,OAAO,mCAAmC,MAEpE,OAAAA,CACV,MAGJJ,EAAO,MAAM,yBAAyB+D,EAAI,IAAI,sBAAsB,CACxE,CASJ,MAAc,oBAAoBF,EAA2C,CAEzE,MAAMe,EAAgF,KAAK,MAAMf,EAAQ,IAAI,EAEvGgB,EAAc,CAAC,EACV,SAAA,CAACC,EAAQC,CAAe,IAAK,OAAO,QAAQH,EAAW,QAAQ,EACtE,SAAW,CAACI,EAAUC,CAAO,IAAK,OAAO,QAAQF,CAAe,EAChDF,EAAA,KAAK,GAAGC,CAAM,IAAIE,CAAQ,WAAWC,EAAQC,EAAiB,CAAC,GAAG,EAI/ElF,EAAA,KACH,6CAA6C6D,EAAQ,UAAU,UAAUA,EAAQ,MAAM,GACvFgB,CACJ,EAEM,MAAArB,EACF,mCAAmC,mBAAmBK,EAAQ,UAAU,CAAC,IACzE,mBAAmBA,EAAQ,MAAM,EAC9B,OAAA,MAAM,KAAK,iBAAiBrB,EAAO,IAAKgB,EAAM,CAAA,EAAIK,EAAQ,IAAI,CAAA,CAGzE,MAAc,mBACVsB,EACA3B,EACA4B,EACAC,EACArB,EACe,CACf,GAAI,CAACA,EACD,OAAO,MAAM,KAAK,iBAAiBmB,EAAQ3B,EAAM4B,EAAaC,CAAI,EAGhE,MAAAT,EAAa,KAAK,MAAMS,CAAI,EAY5BpB,EAAO,MAAMD,EAXC,MAAOsB,GAAsC,CAC7D,MAAMC,EAA+B,CACjC,GAAGX,CACP,EACIU,IAAS,OACTC,EAAQ,KAAOD,GAEbrB,MAAAA,EAAO,MAAM,KAAK,iBAAiBkB,EAAQ3B,EAAM4B,EAAa,KAAK,UAAUG,CAAO,CAAC,EACpF,OAAA,KAAK,MAAMtB,CAAI,CAC1B,CAE0C,EACnC,OAAA,KAAK,UAAUA,CAAI,CAAA,CAG9B,MAAc,iBACVkB,EACA3B,EACA4B,EACAC,EACe,CACf,IAAIG,EAAoB,EAGxB,OACQ,GAAA,CACA,OAAO,MAAM,KAAK,eAAeL,EAAQ3B,EAAM4B,EAAaC,CAAI,QAC3DjF,EAAG,CACRoF,IACA,MAAMC,EAAUC,GAAsBtF,EAAGoF,EAAmB,EAAI,EAChE,GAAIC,EAAU,EAEJ,MAAArF,EAGV,MAAMuF,EAAMF,CAAO,CAAA,CAE3B,CAGJ,MAAc,eAAeN,EAAgB3B,EAAc4B,EAAwBC,EAA+B,CAC9G,MAAM1C,EAAO,CAET,KAAM,GAGN,QAAS,CACL,eAAgB,mBAChB,OAAU,kBACd,EAGA,OAAQ,EACZ,EAEO,OAAA,MAAM,KAAK,KAAK,cAAsBwC,EAAQ3B,EAAM4B,EAAaC,EAAM1C,CAAI,CAAA,CAE1F,CCrMO,MAAMiD,EAAgB,CAIlB,YACcjG,EACA0C,EACnB,CAFmB,KAAA,WAAA1C,EACA,KAAA,yBAAA0C,EAJrB,KAAQ,QAAU,GAMT,KAAA,oBAAsB,QAAQ,QAAQ,CAAA,CAQxC,MAAa,CAChB,KAAK,QAAU,EAAA,CAUZ,uBAAuBrC,EAAiBe,EAAwC,CAInF,MAAMF,EAAO,KAAK,oBACb,MAAM,IAAM,CAAA,CAGZ,EACA,KAAK,IAAM,KAAK,4BAA4Bb,EAAQe,CAAQ,CAAC,EAClE,YAAK,oBAAsBF,EACpBA,CAAA,CAGX,MAAc,4BAA4Bb,EAAiBe,EAAwC,CAE/F,GAAI,KAAK,QACC,MAAA,IAAI,MAAM,2CAA2C,EAE/Df,EAAO,KAAK,mCAAmC,EAI/C,MAAM6F,EAAe,MAAM,KAAK,WAAW,mBAAmB9E,EAAS,IAAKb,GAAMA,EAAE,MAAO,CAAA,CAAC,EACxF2F,IACA7F,EAAO,KAAK,4BAA4B,EAClC,MAAA,KAAK,yBAAyB,oBAAoB6F,CAAY,GAExE7F,EAAO,KAAK,uBAAuB,CAAA,CAE3C,CCzDgB,SAAA8F,GAAqBC,EAAgCjB,EAAwC,CAEnG,MAAAtF,MAAW,IACjB,SAAW,CAACwG,EAAOjI,CAAG,IAAKgI,EAAO,KAAK,UACnCvG,EAAK,IAAIwG,EAAM,SAAA,EAAYjI,EAAI,UAAU,EAI7C,IAAIkI,EAA+BC,EAAmB,WAClDH,EAAO,gBACPE,EAAWC,EAAmB,QACvBH,EAAO,eACdE,EAAWC,EAAmB,UAI5B,MAAAC,MAAiB,IACjBC,EAA6EL,EAAO,WAAW,IAAIjB,CAAM,EAC/G,GAAIsB,EAAmB,CACb,MAAAC,MAA0B,IAEhC,SAAW,CAACtI,EAAKiB,CAAK,IAAKoH,EAAkB,UACrCpH,EAAM,WAAaA,EAAM,WACzBqH,EAAoB,IAAItI,EAAKiB,EAAM,UAAU,UAAU,EAI/DmH,EAAW,IAAIrB,EAAO,SAAS,EAAGuB,CAAmB,CAAA,CAIzD,MAAMC,EAAwDP,EAAO,WAE/DQ,MAAiB,IACR,OAAAD,EAAA,QAASE,GAAc,CAClC,OAAQA,EAAW,CACf,KAAKC,EAAoC,gBACrCF,EAAW,IAAI,sBAAsB,EACrC,MACJ,KAAKE,EAAoC,uBACzC,QACIF,EAAW,IAAI,8BAA8B,EAC7C,KAAA,CACR,CACH,EAEM,IAAIG,GAAO,CACd,SAAUX,EAAO,SAAS,SAAS,EACnC,OAAQjB,EAAO,SAAS,EACxB,KAAAtF,EACA,WAAY,MAAM,KAAK+G,CAAU,EACjC,SAAAN,EACA,WAAAE,EACA,YAAaJ,EAAO,YACpB,WAAYA,EAAO,YAAA,CACtB,CACL,CAQO,SAASY,GAAsBC,EAA6C,CAC/E,OAAO,IAAI,IACP,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAAC5B,EAAUe,CAAM,IAAM,CAACf,EAAU6B,GAAyBd,CAAM,CAAC,CAAC,CACvG,CACJ,CAWO,SAASc,GAAyBd,EAA6B,OAClE,MAAMvG,EAAO,IAAI,IAAI,OAAO,QAAQuG,EAAO,IAAI,CAAC,EAC1Ce,GAAc3I,EAAA4H,EAAO,WAAP,YAAA5H,EAAiB,oBAE/BgI,MAAiB,IACvB,GAAIJ,EAAO,WACI,UAAAjB,KAAUiB,EAAO,WACbI,EAAA,IAAIrB,EAAQ,IAAI,IAAI,OAAO,QAAQiB,EAAO,WAAWjB,CAAM,CAAC,CAAC,CAAC,EAIjF,OAAO,IAAI4B,GAAO,CACd,SAAUX,EAAO,UACjB,OAAQA,EAAO,QACf,KAAAvG,EACA,WAAYuG,EAAO,WACnB,SAAUG,EAAmB,WAC7B,WAAAC,EACA,YAAAW,CAAA,CACH,CACL,CC9FO,MAAMC,EAAqB,CACvB,YACcpH,EACA0C,EACAC,EACnB,CAHmB,KAAA,WAAA3C,EACA,KAAA,yBAAA0C,EACA,KAAA,cAAAC,CAAA,CAMrB,MAAa,sBAAsBK,EAAgD,CAC/E,GAAIA,EAAK,qBAAsB,CACrB,MAAA,KAAK,kBAAkBA,EAAK,2BAA2B,EAC7D,MAAA,CAGJ,MAAMqE,EAAsC,MAAM,KAAK,WAAW,mBAAmB,EAG/EC,EAA6B,MAAM,KAAK,cAAc,IAAI,wBAAwB,EAClFC,EAAkC,MAAM,KAAK,cAAc,IAAI,8BAA8B,EAC7FC,EAAkC,MAAM,KAAK,cAAc,IAAI,8BAA8B,EAC7FC,EAA6B,GAC/BH,GAA8BC,GAAmCC,GAG/DE,EACFL,EAAgB,WAAaA,EAAgB,gBAAkBA,EAAgB,eAWnF,GARAhH,EAAO,IAAI,kCAAmC,CAC1C,qBAAsB2C,EAAK,qBAC3B,mBAAoBqE,EAAgB,UACpC,wBAAyBA,EAAgB,eACzC,wBAAyBA,EAAgB,eACzC,2BAAAI,CAAA,CACH,EAEGC,EACM,MAAM,KAAK,cAAc,SAKnBD,EAKDpH,EAAA,IACH,wGACJ,GALAA,EAAO,IAAI,iFAAiF,EAC5F,MAAM,KAAK,gCAAgC,GAPpCA,EAAA,KACH,kHACJ,UAYAoH,EAA4B,CAErBpH,EAAA,IACH,oJAEJ,EACM,MAAAsH,EAAS,MAAM,KAAK,WAAW,uBACjCL,EACAC,EACAC,CACJ,EAII,GAAA,CAACG,EAAO,WAAa,CAACA,EAAO,gBAAkB,CAACA,EAAO,eACjD,MAAA,IAAI,MAAM,kDAAkD,EAIhE,MAAAvB,EAAkC,MAAM,KAAK,WAAW,UAC1D,KAAK,WAAW,OAChB,KAAK,WAAW,QACpB,EACI,GAAA,CAEM,MAAAlC,EAAkD,MAAMkC,EAAO,OAAO,EACtE,MAAA,KAAK,yBAAyB,oBAAoBlC,CAAO,CAAA,QACjE,CACEkC,EAAO,KAAK,CAAA,CAChB,MAEO/F,EAAA,IACH,6GACJ,EACM,MAAA,KAAK,kBAAkB2C,EAAK,2BAA2B,EAMrE3C,EAAO,IAAI,iCAAiC,CAAA,CAUhD,MAAc,kBAAkBuH,EAAmE,CAG/F,MAAMC,EAAkD,MAAM,KAAK,WAAW,sBAAsB,EAAI,EAGlG,MAAM,KAAK,cAAc,UAS3BxH,EAAO,IAAI,6DAA6D,EACxE,MAAM,KAAK,gCAAgC,GATpCA,EAAA,KACH,gGACJ,EAUJA,EAAO,IAAI,qDAAqD,EAChE,UAAWyH,IAAO,CACdD,EAAiB,kBACjBA,EAAiB,yBACjBA,EAAiB,uBAAA,EAEbC,GACA,MAAM,KAAK,yBAAyB,oBAAoBA,EAAKF,CAA2B,CAEhG,CAQJ,MAAc,iCAAiD,CAC3D,MAAMG,EACF,MAAM,KAAK,WAAW,uBAAuB,EAE7CA,GAAA,MAAAA,EAAU,UACV,MAAM,KAAK,cAAc,MAAM,yBAA0BA,EAAS,SAAS,EAE3E1H,EAAO,MAAM,0DAA0D,EAEvE0H,GAAA,MAAAA,EAAU,iBACV,MAAM,KAAK,cAAc,MAAM,+BAAgCA,EAAS,gBAAgB,EAExF1H,EAAO,MAAM,0DAA0D,EAEvE0H,GAAA,MAAAA,EAAU,eACV,MAAM,KAAK,cAAc,MAAM,+BAAgCA,EAAS,cAAc,EAEtF1H,EAAO,MAAM,0DAA0D,CAC3E,CAER,CCvKA,eAAsB2H,GAAsCrF,EAA0D,CAClH,OAAOsF,GAA8BtF,EAAe,CAChD,yBACA,+BACA,8BAAA,CACH,CACL,CAYsB,eAAAsF,GAClBtF,EACAuF,EACgB,CACV,MAAAC,EAAe,MAAMxF,EAAc,gBAAgB,EACrD,GAAA,CAACwF,EAAqB,MAAA,GAE1B,UAAWC,KAAcF,EAAa,CAElC,MAAMG,EAAU,MAAM1F,EAAc,SAASyF,CAAU,GAAM,CAAC,EAE1D,GAAA,EAAED,KAAgBE,GAAgB,MAAA,EAAA,CAGnC,MAAA,EACX,CCfO,MAAMC,UACD9F,CAEZ,CAoBW,YACcxC,EACAuI,EACA7F,EACA8F,EACnB,CACQ,MAAA,EALW,KAAA,WAAAxI,EACA,KAAA,MAAAuI,EACA,KAAA,yBAAA7F,EACA,KAAA,6BAAA8F,EAnBrB,KAAQ,WAAa,GAGrB,KAAQ,YAAc,GAmBb,KAAA,UAAY,IAAIC,GAAe,IAAI,EAQlC,MAAAC,EAAW,IAAI,QAAQ,IAAI,EACjCH,EAAM,wBAAwB,SAAY,OAAA,OAAA/J,EAAAkK,EAAS,MAAM,IAAf,YAAAlK,EAAkB,WAAU,CAAA,CAMlE,UAAiB,CACf,MAAAmK,EAAqE,KAAK,MAAM,gBAAgB,EAOlGA,aAAwBC,GACpB,KAAK,YAAc,QAAa,KAAK,qBAAqBC,GAC1D,KAAK,YAAY,IAAIC,GAAgBH,EAAc,KAAM,KAAK,wBAAwB,CAAC,EAChF,KAAK,qBAAqBG,IAC5B,KAAA,UAAU,aAAaH,CAAY,EAErCA,aAAwBI,IAAsB,KAAK,YAAc,QACxE,KAAK,YAAY,IAAIF,GAAmBF,EAAc,KAAK,wBAAwB,CAAC,EAGnF,KAAA,KAAK7K,EAAyB,MAAM,CAAA,CAGrC,YAAYkL,EAAsD,CAElE,KAAK,WACL,KAAK,UAAU,eAAe,KAAK,UAAW,CAAClL,EAAyB,MAAM,CAAC,EAEnF,KAAK,UAAYkL,EACjB,KAAK,UAAU,OAAO,KAAK,UAAW,CAAClL,EAAyB,MAAM,CAAC,CAAA,CAQ3E,IAAW,eAAoC,CAC3C,OAAO,KAAK,MAAM,MAAA,CAQtB,IAAW,QAA6B,OAC7B,OAAAU,EAAA,KAAK,MAAM,SAAX,YAAAA,EAAmB,UAAS,CASvC,IAAW,eAAyB,CACzB,OAAA,KAAK,MAAM,UAAU,CAAA,CAIhC,IAAW,aAAsB,CACtB,OAAA,KAAK,MAAM,YAAY,SAAS,CAAA,CAI3C,IAAW,eAAoC,OACpC,OAAAA,EAAA,KAAK,MAAM,gBAAX,YAAAA,EAA0B,UAAS,CAI9C,MAAc,gBAA8D,CAClE,MAAAyK,EAAgB,KAAK,MAAM,cACjC,GAAKA,EAGE,OAAA,MAAM,KAAK,WAAW,UAAU,KAAK,MAAM,YAAaA,EAAe,CAAC,CAAA,CAInF,IAAW,oBAA8B,CAC9B,OAAA,KAAK,MAAM,mBAAmB,CAAA,CAIzC,IAAW,OAA2B,CAC5B,MAAAC,EAAQ,KAAK,MAAM,MAAM,EAE/B,OAAQA,EAAO,CACX,KAAKC,EAAyC,QAC9C,KAAKA,EAAyC,UAC1C,OAAOpL,EAAkB,UAC7B,KAAKoL,EAAyC,MAG1C,OAAO,KAAK,WAAapL,EAAkB,UAAYA,EAAkB,MAC7E,KAAKoL,EAAyC,aACtC,GAAA,CAAC,KAAK,UAEA,MAAA,IAAI,MAAM,mEAAmE,EAEvF,OAAO,KAAK,UAAU,kBAC1B,KAAKA,EAAyC,KAC1C,OAAOpL,EAAkB,KAC7B,KAAKoL,EAAyC,UAC1C,OAAOpL,EAAkB,SAAA,CAGjC,MAAM,IAAI,MAAM,8BAA8BmL,CAAK,EAAE,CAAA,CAMzD,IAAW,SAAmB,CAC1B,GAAI,KAAK,MAAM,UAAU,EAAU,MAAA,GACnC,MAAMA,EAAQ,KAAK,MACnB,OAAOA,IAAUnL,EAAkB,MAAQmL,IAAUnL,EAAkB,SAAA,CAO3E,IAAW,WAAqB,CAC5B,OAAO,KAAK,UAAA,CAOhB,IAAW,WAAqB,CAC5B,OAAO,KAAK,WAAA,CAQhB,IAAW,SAAyB,CACzB,OAAA,KAAK,MAAM,oBAAoB,CAAA,CAI1C,IAAW,SAAoB,CACrB,MAAA,IAAI,MAAM,iBAAiB,CAAA,CAIrC,IAAW,cAA8B,CACrC,GAAI,KAAK,QAAUA,EAAkB,QAAgB,OAAA,KAE/C,MAAA4K,EAAqE,KAAK,MAAM,gBAAgB,EAClG,OAAAA,aAAwBC,GACjB3J,EAAmB,IACnB0J,aAAwBI,GACxB9J,EAAmB,YAEnB,IACX,CAYG,yBAAyBuG,EAAyB,CAC/C,MAAA4D,EAAiE,KAAK,MAAM,sBAClF,GAAIA,IAAiB,OAEV,MAAA,GAGL,MAAAC,EAAiBC,GAAgC9D,CAAM,EAC7D,OAAO4D,EAAa,KAAMtH,GAAMA,IAAMuH,CAAc,CAAA,CAQxD,MAAa,QAAwB,CAC7B,GAAA,KAAK,MAAM,MAAM,IAAMF,EAAyC,WAAa,KAAK,WAClF,MAAM,IAAI,MAAM,iDAAiD,KAAK,KAAK,EAAE,EAGjF,KAAK,WAAa,GACd,GAAA,CACM,MAAArB,EAAmC,KAAK,MAAM,kBAChD,KAAK,6BAA6B,IAAIyB,EAAoC,CAC9E,EACIzB,GACM,MAAA,KAAK,yBAAyB,oBAAoBA,CAAG,CAC/D,QACF,CACE,KAAK,WAAa,EAAA,CAIjB,KAAA,KAAKhK,EAAyB,MAAM,CAAA,CAW7C,MAAa,OAAO0L,EAA4D,CAC5E,GAAI,MAAK,YAKT,MAAK,YAAc,GACf,GAAA,CACM,MAAA1B,EAAmC,KAAK,MAAM,OAAO,EACvDA,GACM,MAAA,KAAK,yBAAyB,oBAAoBA,CAAG,CAC/D,QACF,CACE,KAAK,YAAc,EAAA,EACvB,CAkBG,qBAAqBtC,EAAgBiE,EAAiE,CACnG,MAAA,IAAI,MAAM,iBAAiB,CAAA,CAUrC,MAAa,kBAAkBjE,EAAmC,CAC1D,GAAAA,IAAWvG,EAAmB,IAC9B,MAAM,IAAI,MAAM,mCAAmCuG,CAAM,EAAE,EAI/D,GAAI,CAAE,MAAM,KAAK,iBACP,MAAA,IAAI,MAAM,8CAA8C,EAGlE,MAAMkE,EAEY,MAAM,KAAK,MAAM,SAAS,EAE5C,GAAIA,EAAK,CACC,KAAA,CAAA,CAAG5B,CAAG,EAAI4B,EACV,MAAA,KAAK,yBAAyB,oBAAoB5B,CAAG,CAAA,CAI3D,GAAA,CAAC,KAAK,UACA,MAAA,IAAI,MAAM,yCAAyC,EAG7D,OAAO,KAAK,SAAA,CAWhB,MAAa,WAAW6B,EAAkD,CACtE,MAAMC,EAAOC,GAA2B,UAAUF,CAAU,EACtDX,EAA+B,MAAM,KAAK,MAAM,WAAWY,CAAI,EAGjE,GAAA,CAAC,KAAK,UACA,MAAA,IAAI,MAAM,2CAA2C,EAIzD,MAAA9B,EAAmCkB,EAAS,YAAY,EAC9D,OAAIlB,GACM,MAAA,KAAK,yBAAyB,oBAAoBA,CAAG,EAGxD,KAAK,SAAA,CAOhB,IAAW,UAAiC,CAOxC,OAAO,KAAK,QAAU/J,EAAkB,QAAU,KAAK,UAAY,MAAA,CAMhE,gBAAgD,CAC7C,MAAA,IAAI,MAAM,4EAA4E,CAAA,CAQhG,MAAa,gBAAyD,CAElE,GAAI,CAAE,MAAM,KAAK,iBACP,MAAA,IAAI,MAAM,2CAA2C,EAG/D,MAAM+L,EAAgD,MAAM,KAAK,MAAM,eAAe,EAEtF,GAAKA,EAEL,OAAOA,EAAc,QAAQ,CAAA,CAOjC,IAAW,kBAAkC,OACzC,QAAOtL,EAAA,KAAK,MAAM,aAAX,YAAAA,EAAuB,eAAgB,IAAA,CAQlD,IAAW,kBAAuC,CACxC,MAAAuL,EAAa,KAAK,MAAM,WAC9B,GAAKA,EAEL,OAAWA,EAAW,gBACX,KAAK,WAAW,OAAO,SAAS,EAEhC,KAAK,MAAM,YAAY,SAAS,CAC3C,CAER,CAQA,MAAeC,WAAoFxH,CAGjG,CAIS,YACO+F,EACS7F,EACrB,CACQ,MAAA,EAHI,KAAA,MAAA6F,EACS,KAAA,yBAAA7F,EAInB,KAAK,mBAAqBuH,GAAM,EAI1B,MAAAvB,EAAW,IAAI,QAAQ,IAAI,EACjCH,EAAM,wBAAwB,SAAY,OAAA,OAAA/J,EAAAkK,EAAS,MAAM,IAAf,YAAAlK,EAAkB,WAAU,EAGtE,KAAK,mBAAmB,QAAQ,MAAM,IAAM,IAAI,CAAA,CAS1C,UAAiB,CACnB,GAAA,KAAK,MAAM,SACN,KAAA,mBAAmB,QAAQ,MAAS,UAClC,KAAK,MAAM,cAAe,CAC3B,MAAAuL,EAAa,KAAK,MAAM,WAAW,EACzC,KAAK,mBAAmB,OACpB,IAAI,MACA,6BACIA,EAAW,cAAc,EAAI,KAAO,MACxC,cAAcA,EAAW,WAAY,CAAA,KAAKA,EAAW,QAAQ,EAAA,CAErE,CAAA,CAGC,KAAA,KAAKjM,EAAyB,MAAM,CAAA,CAM7C,IAAW,kBAA4B,CAC5B,OAAA,KAAK,MAAM,YAAY,CAAA,CAMlC,IAAW,QAAiB,CACjB,OAAA,KAAK,MAAM,YAAY,SAAS,CAAA,CAWpC,OAAO,EAAiB,CAErB,MAAAgK,EAAmC,KAAK,MAAM,OAAO,EACvDA,GACK,KAAA,yBAAyB,oBAAoBA,CAAG,CACzD,CASG,qBAA+C,CAC3C,OAAA,IAAA,CASJ,+BAA4D,CACxD,OAAA,IAAA,CAEf,CAGO,MAAMe,WAA2BmB,EAAwD,CAGrF,YAAYzB,EAA2B7F,EAAoD,CAC9F,MAAM6F,EAAO7F,CAAwB,EAHzC,KAAQ,UAAwC,IAAA,CAMtC,UAAiB,CAGnB,KAAK,YAAc,MAAQ,KAAK,MAAM,mBACtC,KAAK,UAAY,CACb,QAAS,IAAY,CACjB,KAAK,gBAAgB,CACzB,EACA,OAAQ,IAAY,KAAK,OAAO,CACpC,GAGJ,MAAM,SAAS,CAAA,CASnB,MAAa,QAAwB,CAG7B,KAAK,YAAc,MACnB,KAAK,KAAKzE,GAAc,kBAAmB,KAAK,SAAS,EAG7D,MAAM,KAAK,mBAAmB,OAAA,CAQlC,IAAW,mBAAuC,CACtC,OAAA,KAAK,MAAM,MAAS,EAAA,CACxB,KAAKiM,EAAQ,QAET,OAAOnM,EAAkB,MAC7B,KAAKmM,EAAQ,QAET,OAAOnM,EAAkB,QAC7B,KAAKmM,EAAQ,UAMT,OAAOnM,EAAkB,QAC7B,KAAKmM,EAAQ,aAIT,OAAOnM,EAAkB,QAC7B,KAAKmM,EAAQ,KACT,OAAOnM,EAAkB,KAC7B,KAAKmM,EAAQ,UACT,OAAOnM,EAAkB,UAC7B,QACI,MAAM,IAAI,MAAM,yBAAyB,KAAK,MAAM,MAAO,CAAA,EAAE,CAAA,CACrE,CASG,+BAA4D,CAC/D,OAAO,KAAK,SAAA,CAGhB,MAAc,iBAAiC,CACrC,MAAA+J,EAAmC,KAAK,MAAM,gBAAgB,EAChEA,GACM,MAAA,KAAK,yBAAyB,oBAAoBA,CAAG,CAC/D,CAER,CAGO,MAAMgB,WAAwBkB,EAAyD,CAGnF,YACHzB,EACA4B,EACAzH,EACF,CACE,MAAM6F,EAAO7F,CAAwB,EAPzC,KAAQ,UAAqC,IAAA,CAmB7C,MAAa,QAAwB,CACjC,MAAM,KAAK,WAAW,EACtB,MAAM,KAAK,mBAAmB,OAAA,CAMlC,MAAc,YAA4B,CAChC,MAAAoF,EAAmC,KAAK,MAAM,OAAO,EACvDA,GACM,MAAA,KAAK,yBAAyB,oBAAoBA,CAAG,CAC/D,CAIM,UAAiB,CAGnB,GAFJ,MAAM,SAAS,EAEX,KAAK,YAAc,KAAM,CACnB,MAAAsC,EAAQ,KAAK,MAAM,MAAM,EACzBC,EAAU,KAAK,MAAM,SAAS,EAEhC,GAAAD,IAAU,QAAaC,IAAY,OACnC,OAGJ,MAAMC,EAAoB,CAAC,EACvBF,IACIE,EAAA,MAAQF,EAAM,IAAK3J,GAAM,CAACA,EAAE,OAAQA,EAAE,WAAW,CAAC,GAEtD4J,IACIC,EAAA,QAAU,CAACD,EAAQ,CAAC,EAAGA,EAAQ,CAAC,EAAGA,EAAQ,CAAC,CAAC,GAGrD,KAAK,UAAY,CACb,IAAAC,EACA,QAAS,SAA2B,CAChC,MAAMC,EAAmC,MAAM,KAAK,MAAM,QAAQ,EAClE,UAAWzI,KAAKyI,EACN,MAAA,KAAK,yBAAyB,oBAAoBzI,CAAC,CAEjE,EACA,SAAU,IAAY,CAClB,MAAMoC,EAAU,KAAK,MAAM,eAAe,kBAAkB,EACxDA,GACK,KAAA,yBAAyB,oBAAoBA,CAAO,CAEjE,EACA,OAAQ,IAAY,CAChB,MAAMA,EAAU,KAAK,MAAM,eAAe,QAAQ,EAC9CA,GACK,KAAA,yBAAyB,oBAAoBA,CAAO,CAC7D,CAER,EACA,KAAK,KAAKjG,GAAc,QAAS,KAAK,SAAS,CAAA,CACnD,CAMJ,IAAW,mBAAuC,CAC9C,OAAOF,EAAkB,OAAA,CAStB,qBAA+C,CAClD,OAAO,KAAK,SAAA,CAST,aAAawK,EAAkC,CAC9C,GAAA,KAAK,OAASA,EAAO,CACrB,KAAK,MAAQA,EAIP,MAAAG,EAAW,IAAI,QAAQ,IAAI,EACjCH,EAAM,wBAAwB,SAAY,OAAA,OAAA/J,EAAAkK,EAAS,MAAM,IAAf,YAAAlK,EAAkB,WAAU,EAItE,KAAK,WAAW,EAChB,KAAK,SAAS,CAAA,CAClB,CAER,CAGA,MAAM8K,GAAsF,CACxF,CAACrK,EAAmB,GAAG,EAAGuL,EAAmC,MAC7D,CAACvL,EAAmB,UAAU,EAAGuL,EAAmC,aACpE,CAACvL,EAAmB,UAAU,EAAGuL,EAAmC,aACpE,CAACvL,EAAmB,WAAW,EAAGuL,EAAmC,aACzE,EAWO,SAASjB,GAAqC/D,EAAoD,CAC/F,MAAAiF,EAAOnB,GAAgC9D,CAAM,EACnD,GAAIiF,IAAS,OACT,MAAM,IAAI,MAAM,+BAA+BjF,CAAM,EAAE,EAEpD,OAAAiF,CACX,CAUO,SAASC,GAAoB1J,EAA6B,CACrD,OAAAA,EAAM,QAAW,EAAA,CACrB,KAAKgB,EAAU,sBACf,KAAKA,EAAU,oBACf,KAAKA,EAAU,mBACf,KAAKA,EAAU,qBACf,KAAKA,EAAU,mBACf,KAAKA,EAAU,qBACf,KAAKA,EAAU,sBACJ,MAAA,GACX,KAAKA,EAAU,YACX,OAAOhB,EAAM,WAAA,EAAa,UAAY2J,GAAQ,uBAClD,QACW,MAAA,EAAA,CAEnB,CC9vBO,MAAMC,WAA0BpI,CAAoE,CAmBhG,YACcxC,EACAyC,EACAC,EACnB,CACQ,MAAA,EAJW,KAAA,WAAA1C,EACA,KAAA,KAAAyC,EACA,KAAA,yBAAAC,EApBrB,KAAQ,iBAAmB,GAS3B,KAAQ,iBAAqD,OAE7D,KAAQ,oBAAqC,KAC7C,KAAQ,QAAU,GAGlB,KAAQ,sBAAwB,GAwMhC,KAAQ,yBAAkE,IAAA,CAzLnE,MAAa,CAChB,KAAK,QAAU,EAAA,CAMnB,MAAa,wBAAiD,CAC1D,OAAM,MAAM,KAAK,WAAW,gBAAA,EACrB,KAAK,oBAD2C,IAC3C,CAWhB,MAAa,qBAAiE,CAGpE,aAAA,KAAK,wBAAwB,EAAK,EACjC,KAAK,gBAAA,CAQhB,MAAa,mBAAmBmI,EAA+C,CAC3E,MAAMC,EAA+C,MAAM,KAAK,WAAW,aAAaD,CAAI,EAEtFE,EAAyC,MAAM,KAAK,WAAW,cAAc,EAC7EC,EAAgBD,GAAA,YAAAA,EAAY,cAG3B,MAAA,CACH,qBAFA,CAAC,CAACC,GAAiBC,GAAqCJ,EAAMG,CAAa,EAG3E,QAASF,EAAsB,QAAQ,CAC3C,CAAA,CAQG,wBAAwBI,EAAgD,CACvE,MAAA,CAACA,GAAS,KAAK,iBACR,QAAQ,QAAQ,IAAI,GAI1B,KAAK,2BACN,KAAK,yBAA2B,KAAK,iBAAiB,EAAE,QAAQ,IAAM,CAClE,KAAK,yBAA2B,IAAA,CACnC,GAEE,KAAK,yBAAA,CAShB,MAAa,2BAA2BC,EAAkC,CAIlE,IAAAC,EACA,GAAA,CACmBA,EAAA,MAAM,KAAK,wBAAwB,QACjD3K,EAAG,CACD,OAAAJ,EAAA,KAAK,mEAAoEI,CAAC,EAC1E,EAAA,CAGP,GAAA,EAAC2K,GAAA,MAAAA,EAAkB,SAGZ,OAAA/K,EAAA,KACH,8GACJ,EACO,GAGP,GAAA,CACA,MAAMgL,EAAsBC,EAAoC,WAAWH,CAAM,EAEjF,OAD0BF,GAAqCG,EAAkBC,CAAmB,GAQ7FhL,EAAA,KACH,kGACJ,EACA,MAAM,KAAK,wBAAwBgL,EAAqBD,EAAiB,OAAO,EACzE,KAVI/K,EAAA,KACH,gHACJ,EAEO,UAONI,EAAG,CACDJ,EAAA,KAAK,4DAA6DI,CAAC,CAAA,CAGvE,MAAA,EAAA,CAGX,MAAa,wBACT4K,EACAE,EACa,CACb,MAAM,KAAK,WAAW,wBAAwBF,EAAqBE,CAAO,EAGrE,KAAA,KAAK3I,EAAY,6BAA8B2I,CAAO,CAAA,CAU/D,MAAa,eAAe1L,EAA4BmD,EAA0C,CAC9F,MAAM,KAAK,qBAAqB,KAAK,UAAUnD,CAAI,EAAGmD,CAAI,CAAA,CAW9D,MAAa,qBAAqBwI,EAAkBxI,EAA0C,CAC1F,MAAM,KAAK,WAAW,uBAAuBwI,EAAU,CAACC,EAAkBC,IAAwB,OAC9F,MAAMC,EAAuC,CACzC,MAAO,OAAOD,CAAK,EACnB,UAAW,OAAOD,CAAQ,EAC1B,MAAOG,EAAmB,SAC1B,SAAU,CACd,GACApN,EAAAwE,GAAA,YAAAA,EAAM,mBAAN,MAAAxE,EAAA,KAAAwE,EAAyB2I,EAAS,CACrC,CAAA,CAML,MAAa,uBACT9L,EACAgM,EACA7I,EACa,CACP,MAAA8I,MAA+E,IACrF,UAAW1N,KAAOyB,EAAM,CACpB,MAAMkM,EAAS,IAAIC,EAAuB5N,EAAI,OAAO,EAChD0N,EAAW,IAAIC,CAAM,GACtBD,EAAW,IAAIC,EAAY,IAAA,GAAK,EAEpCD,EAAW,IAAIC,CAAM,EAAG,IAAI3N,EAAI,WAAYA,CAAG,CAAA,CAEnD,MAAM,KAAK,WAAW,uBAClB0N,EACA,CAACL,EAAkBC,EAAeO,IAA2B,OACzD,MAAMN,EAAuC,CACzC,MAAO,OAAOD,CAAK,EACnB,UAAW,OAAOD,CAAQ,EAC1B,MAAOG,EAAmB,SAC1B,SAAU,OAAOK,CAAQ,CAC7B,GACAzN,EAAAwE,GAAA,YAAAA,EAAM,mBAAN,MAAAxE,EAAA,KAAAwE,EAAyB2I,EAC7B,EACAE,CACJ,CAAA,CAMJ,MAAc,kBAAmD,CAC7DxL,EAAO,IAAI,+BAA+B,EACtC,IAAA6L,EACA,GAAA,CACaA,EAAA,MAAM,KAAK,wBAAwB,QAC3CzL,EAAG,CACD,OAAAJ,EAAA,KAAK,uCAAwCI,CAAC,EACrD,KAAK,iBAAmB,OACjB,IAAA,CAEX,KAAK,iBAAmB,GAEpByL,GAAc,CAACA,EAAW,UAC1B7L,EAAO,KAAK,qDAAqD,EACpD6L,EAAA,QAEjB,KAAK,iBAAmBA,EAElB,MAAAC,EAAgB,MAAM,KAAK,uBAAuB,EAExD,GAAI,CAACD,EACD,OAAIC,IAAkB,MAClB9L,EAAO,IAAI,uDAAuD,EAClE,MAAM,KAAK,iBAAiB,GAE5BA,EAAO,IAAI,0DAA0D,EAElE,KAGX,MAAM+L,EAAY,MAAM,KAAK,mBAAmBF,CAAU,EAI1D,MAAI,CAACE,EAAU,sBAAwB,CAACA,EAAU,QAC1CD,IAAkB,MAClB9L,EAAO,IAAI,oEAAoE,EAC/E,MAAM,KAAK,iBAAiB,GAE5BA,EAAO,IAAI,uEAAuE,EAGlF8L,IAAkB,MAClB9L,EAAO,IAAI,4BAA4B6L,EAAW,OAAO,wBAAwB,EAC3E,MAAA,KAAK,gBAAgBA,CAAU,GAC9BC,IAAkBD,EAAW,SACpC7L,EAAO,IAAI,qBAAqB8L,CAAa,sBAAsBD,EAAW,OAAO,cAAc,EAEnG,MAAM,KAAK,iBAAiB,EAEtB,MAAA,KAAK,gBAAgBA,CAAU,GAErC7L,EAAO,IAAI,kBAAkB6L,EAAW,OAAO,gBAAgB,EAGhE,CAAE,WAAAA,EAAY,UAAAE,CAAU,CAAA,CAGnC,MAAc,gBAAgBF,EAA0C,CAKpE,MAAM,KAAK,WAAW,eACjBA,EAAW,UAAiC,WAC7CA,EAAW,OACf,EACA,KAAK,oBAAsBA,EAAW,QAEjC,KAAA,KAAKtJ,EAAY,gBAAiB,EAAI,EAE3C,KAAK,eAAe,CAAA,CAQxB,MAAa,gBAAgC,CACrC,KAAK,qBAAuB,MAC5B,KAAK,eAAe,CACxB,CAGJ,MAAc,kBAAkC,CACtC,MAAA,KAAK,WAAW,cAAc,EACpC,KAAK,oBAAsB,KACtB,KAAA,KAAKA,EAAY,gBAAiB,EAAK,CAAA,CAGhD,MAAc,eAAeyJ,EAAW,IAAsB,CAC1D,GAAI,KAAK,sBAAuB,CAC5BhM,EAAO,IAAI,6BAA6B,EACxC,MAAA,CAEJ,KAAK,sBAAwB,GAE7BA,EAAO,IAAI,wDAAwD,KAAK,mBAAmB,GAAG,EAKxF,MAAAiM,EAAQ,KAAK,OAAA,EAAWD,EAC9B,MAAMrG,EAAMsG,CAAK,EAEb,GAAA,CAEA,IAAIC,EAAc,EAEdC,EAAwC,KAGxCC,EAAmB,GAEhB,KAAA,CAAC,KAAK,SAAS,CAElB,IAAIvI,EACA,GAAA,CACAA,EAAU,MAAM/C,EACZd,EACA,0DACA,SACW,MAAM,KAAK,WAAW,eAAe,CAEpD,QACK0C,EAAK,CACH1C,EAAA,MAAM,4DAA6D0C,CAAG,CAAA,CAGjF,GAAI,CAACmB,GAAW,KAAK,SAAW,CAAC,KAAK,oBAAqB,CACvD7D,EAAO,IAAI,mCAAmC,KAAK,mBAAmB,GAAG,EACpE6D,GAEI,KAAA,KAAKtB,EAAY,2BAA4B,CAAC,EAEvD,MAAA,CAGA,GAAA,CAGA,GAFM,MAAA,KAAK,yBAAyB,oBAAoBsB,CAAO,EACjDqI,EAAA,EACV,KAAK,QAAS,MAWd,GAAA,CAACE,GAAoBD,IAA2B,KAC5C,GAAA,CACA,MAAME,EAAW,MAAM,KAAK,WAAW,cAAc,EAC5BF,EAAAE,EAAS,MAAQA,EAAS,eAC9C3J,EAAK,CACH1C,EAAA,MAAM,wDAAyD0C,CAAG,CAAA,CAIjF,GAAIyJ,IAA2B,KAAM,CAC5B,KAAA,KAAK5J,EAAY,2BAA4B4J,CAAsB,EAClE,MAAAG,EAAmB,KAAK,iBAAiBzI,CAAO,EAMtDsI,EAAyB,KAAK,IAAIA,EAAyBG,EAAkB,CAAC,CAAA,QAE7E5J,EAAK,CAGV,GAFAwJ,IACOlM,EAAA,MAAM,8DAA+D0C,CAAG,EAC3EA,aAAe6J,GAAa,CACtB,MAAAC,EAAU9J,EAAI,KAAK,QACrB,GAAA8J,GAAW,eAAiBA,GAAW,4BAA6B,CAC7DxM,EAAA,IAAI,oDAAoDwM,CAAO,GAAG,EACrE,GAAA,CACA,MAAM,KAAK,iBAAiB,QACvB/J,EAAO,CACLzC,EAAA,MAAM,wDAAyDyC,CAAK,CAAA,CAE/E,KAAK,KAAKF,EAAY,gBAAiBG,EAAI,KAAK,OAAQ,EAGxD,KAAK,sBAAwB,GAC7B,KAAK,wBAAwB,EAAI,EACjC,MAAA,SACOA,EAAI,mBAEP,GAAA,CACM,MAAA+J,EAAW/J,EAAI,gBAAgB,EACjC,GAAA+J,GAAYA,EAAW,EAAG,CAC1B,MAAM9G,EAAM8G,CAAQ,EACpB,QAAA,QAEChK,EAAO,CACLzC,EAAA,KACH,sEACAyC,CACJ,CAAA,CAER,CAKE,MAAAkD,EAAM,IAAO,KAAK,IAAI,EAAG,KAAK,IAAIuG,EAAc,EAAG,CAAC,CAAC,CAAC,CAAA,CAE7CE,EAAA,EAAA,CACvB,QACF,CACE,KAAK,sBAAwB,EAAA,CACjC,CAWI,iBAAiBM,EAAkD,CACvE,MAAM9H,EAAwB,KAAK,MAAM8H,EAAM,IAAI,EACnD,OAAOC,GAAkB/H,CAAU,CAAA,CAWvC,MAAa,wBAAwBsG,EAAiD,CAClF,OAAO,MAAM0B,GAAwB,KAAK,KAAM1B,CAAO,CAAA,CAa3D,MAAa,eAAe2B,EAAmF,CAE3G,MAAM,KAAK,2BAA2B,EAEhC,MAAAC,EAAY7B,EAAoC,gBAAgB,EAChE8B,EAASD,EAAU,kBAEnBE,EAAW,CAAE,WAAYD,EAAO,eAAgB,EAEtD,MAAMF,EAAWG,CAAQ,EAEnB,MAAA3D,EAAM,MAAM,KAAK,KAAK,cACxB7G,EAAO,KACP,qBACA,OACA,CACI,UAAWuK,EAAO,UAClB,UAAWC,CACf,EACA,CACI,OAAQC,EAAa,EAAA,CAE7B,EAEA,aAAM,KAAK,wBAAwBH,EAAWzD,EAAI,OAAO,EAElD,CACH,QAASA,EAAI,QACb,UAAW0D,EAAO,UAClB,SAAAC,EACA,cAAeF,CACnB,CAAA,CAQJ,MAAa,4BAA4C,SAErD,IAAII,IAAW/O,EAAA,MAAM,KAAK,4BAAX,YAAAA,EAAuC,UAAW,KACjE,KAAO+O,GAAW,MACR,MAAA,KAAK,uBAAuBA,CAAO,EACzCA,IAAWC,EAAA,MAAM,KAAK,wBAAwB,IAAnC,YAAAA,EAAuC,UAAW,IACjE,CAUJ,MAAa,uBAAuBjC,EAAgC,CACzDlL,EAAA,MAAM,4BAA4BkL,CAAO,EAAE,EAClD,MAAM1H,EAAOC,GAAU,8BAA+B,CAAE,SAAUyH,EAAS,EAC3E,MAAM,KAAK,KAAK,cAAoB1I,EAAO,OAAQgB,EAAM,OAAW,OAAW,CAC3E,OAAQyJ,EAAa,EAAA,CACxB,EAEG,KAAK,sBAAwB/B,IAC7B,KAAK,iBAAmB,KACxB,MAAM,KAAK,iBAAiB,EAChC,CAOG,sBAAsBP,EAAqE,CACvF,OAAA,IAAIyC,GAAoBzC,CAAa,CAAA,CAWhD,MAAa,iBACTa,EACA6B,EACA1K,EAC+B,CAC/B,MAAM2K,EAAY,MAAM,KAAK,kBAAkB9B,CAAa,EAE5D,OAAO,KAAK,gBAAgB8B,EAAW9B,EAAe6B,EAAiB1K,CAAI,CAAA,CAUvE,kBAAkB6I,EAA2C,CACjE,OAAO,KAAK,KAAK,cACbhJ,EAAO,IACP,kBACA,CAAE,QAASgJ,CAAc,EACzB,OACA,CACI,OAAQyB,EAAa,EAAA,CAE7B,CAAA,CAgBJ,MAAc,gBACVK,EACA9B,EACA6B,EACA1K,EAC+B,OAKzB,MAAA4K,EAAgBZ,GAAkBW,CAAS,EACjD,IAAIE,EAAgB,EAChBC,EAAgB,GAEpBtP,EAAAwE,GAAA,YAAAA,EAAM,mBAAN,MAAAxE,EAAA,KAAAwE,EAAyB,CACrB,MAAO4K,EACP,UAAWC,EACX,MAAOjC,EAAmB,SAC1B,SAAUkC,CAAA,GAQR,MAAAC,EAAsB,MAAOC,GAAkE,OACjG,MAAMC,EAAqC,CAAC,EACjC,UAAAlC,KAAUiC,EAAW,QAEF,MAAMN,EAAgB,gBAAgBM,EAAW,IAAIjC,CAAM,CAAE,GAErE,QAASmC,IAAY,CAEnCA,GAAQ,QAAUnC,EAClBkC,EAAa,KAAKC,EAAO,CAAA,CAC5B,EAID,GAAA,CACM,MAAA,KAAK,uBAAuBD,EAAcpC,CAAa,EAC7DgC,GAAiBI,EAAa,aACzBxN,EAAG,CACRqN,GAAiBG,EAAa,OAGvB5N,EAAA,MAAM,mCAAoCI,CAAC,CAAA,EAGtDjC,EAAAwE,GAAA,YAAAA,EAAM,mBAAN,MAAAxE,EAAA,KAAAwE,EAAyB,CACrB,MAAO4K,EACP,UAAWC,EACX,MAAOjC,EAAmB,SAC1B,SAAUkC,CAAA,EAElB,EAEA,IAAIK,EAAkB,EAClBC,MAA2D,IAIpD,SAAA,CAACrC,EAAQsC,CAAQ,IAAK,OAAO,QAAQV,EAAU,KAAK,EAEvD,GAACU,EAAS,SAGG,CAAAD,EAAA,IAAIrC,EAAQ,EAAE,EAEpB,SAAA,CAACuC,EAAWJ,CAAO,IAAK,OAAO,QAAQG,EAAS,QAAQ,EAAG,CAE5D,MAAAE,GAAkBH,EAAiB,IAAIrC,CAAM,EACnDwC,GAAgBD,CAAS,EAAIJ,EACVC,GAAA,EAEfA,GAAmB,MAEnB,MAAMJ,EAAoBK,CAAgB,EAE1CA,MAAuB,IAENA,EAAA,IAAIrC,EAAQ,EAAE,EACboC,EAAA,EACtB,EAKR,OAAIA,EAAkB,GAClB,MAAMJ,EAAoBK,CAAgB,EAGvC,CAAE,MAAOR,EAAe,SAAUC,CAAc,CAAA,CAE/D,CASA,SAAS5C,GACLJ,EACAQ,EACO,OACH,OAAAR,EAAK,YAAc,0CACZxK,EAAA,KAAK,wDAAyDwK,EAAK,SAAS,EAC5E,MAGHrM,EAAAqM,EAAK,YAAL,YAAArM,EAAuC,cAAe6M,EAAoB,kBAAkB,eACxG,CAKO,MAAMoC,EAA+C,CAIjD,YAAYzC,EAAoD,CACnE,KAAK,cAAgBA,EACrB,KAAK,cAAgB,EAAA,CAMzB,MAAa,gBACTwD,EAC6B,CAC7B,MAAM3O,EAA6B,CAAC,EACpC,SAAW,CAACyO,EAAWG,CAAW,IAAK,OAAO,QAAQD,CAAW,EACzD,GAAA,CACA,MAAME,EAAY,KAAK,MACnB,KAAK,cAAc,UACfD,EAAY,aAAa,UACzBA,EAAY,aAAa,IACzBA,EAAY,aAAa,UAAA,CAEjC,EACAC,EAAU,WAAaJ,EACvBzO,EAAK,KAAK6O,CAAS,QACdjO,EAAG,CACDJ,EAAA,IAAI,+CAAgDI,EAAGgO,CAAW,CAAA,CAG1E,OAAA5O,CAAA,CAMJ,MAAa,CAChB,KAAK,cAAc,KAAK,CAAA,CAEhC,CAesB,eAAAoN,GAClBxK,EACA8I,EAC6B,CACzB,GAAA,CACM,MAAA1H,EAAO0H,EAAUzH,GAAU,8BAA+B,CAAE,SAAUyH,CAAS,CAAA,EAAI,qBACzF,OAAO,MAAM9I,EAAK,cAA6BI,EAAO,IAAKgB,EAAM,OAAW,OAAW,CACnF,OAAQyJ,EAAa,EAAA,CACxB,QACI7M,EAAG,CACU,GAAAA,EAAG,UAAY,cACtB,OAAA,KAED,MAAAA,CACV,CAER,CASgB,SAAAkO,GACZ3D,EACA4D,EACO,CAEA,OAD8BA,EAAc,UACnC,aAAe5D,EAAc,kBAAkB,eACnE,CAOA,SAASgC,GAAkBW,EAA8B,CACrD,IAAIkB,EAAQ,EACZ,SAAW,CAAE,SAAAC,KAAc,OAAO,OAAOnB,EAAU,KAAK,EAC3CkB,GAAA,OAAO,KAAKC,CAAQ,EAAE,OAE5B,OAAAD,CACX,CCt1BO,MAAME,EAAwB,CAiB1B,YACc1O,EACAL,EACD0C,EAClB,CAHmB,KAAA,OAAArC,EACA,KAAA,WAAAL,EACD,KAAA,yBAAA0C,EAlBpB,KAAQ,QAAU,GAGlB,KAAQ,2BAA6B,EAAA,CAqB9B,MAAa,CAChB,KAAK,QAAU,EAAA,CAaZ,2BAA2C,CASzC,KAAK,mBACN,KAAK,iBAAmBuH,GAAM,GAI5B,MAAAtK,EAAS,KAAK,iBAAiB,QAGjC,OAAC,KAAK,4BACN,KAAK,oBAAoB,EAAE,MAAOc,GAAM,CAG/B,KAAA,OAAO,MAAM,0CAA2CA,CAAC,CAAA,CACjE,EAEEd,CAAA,CAGX,MAAc,qBAAqC,CAE/C,GAAI,KAAK,2BACC,MAAA,IAAI,MAAM,uCAAuC,EAE3D,KAAK,2BAA6B,GAC9B,GAAA,CACA,KAAO,CAAC,KAAK,SAAW,KAAK,kBAAkB,CAC3C,MAAMqP,EAAW,KAAK,iBAItB,KAAK,iBAAmB,OAGxB,MAAM,KAAK,0BAA0B,KAAKA,EAAS,QAASA,EAAS,MAAM,CAAA,CAC/E,QACF,CACE,KAAK,2BAA6B,EAAA,CAGlC,KAAK,kBAGL,KAAK,iBAAiB,OAAO,IAAI,MAAM,qCAAqC,CAAC,CACjF,CAMJ,MAAc,yBAAyC,CACnD,GAAI,KAAK,QAAS,OAElB,MAAMnH,EAAsC,MAAM,KAAK,WAAW,iBAAiB,EAEnF,UAAW3D,KAAW2D,EAAkB,CACpC,GAAI,KAAK,QAAS,OACd,GAAA,CACA,MAAM1G,EAAY,KAAK,OAAQ,yBAAyB+C,EAAQ,IAAI,GAAI,SAAY,CAC1E,MAAA,KAAK,yBAAyB,oBAAoBA,CAAO,CAAA,CAClE,QACIzD,EAAG,CAGR,KAAK,OAAO,MAAM,sCAAsCyD,EAAQ,IAAI,KAAKzD,CAAC,EAAE,CAAA,CAChF,CACJ,CAER,CClHA,MAAMwO,EAAqB,IAc3B,MAAMC,UAAyB,KAAM,CAC1B,YAA4BC,EAA4B,CACrD,MAAA,kCAAkCA,CAAI,EAAE,EADf,KAAA,KAAAA,EAE/B,KAAK,KAAO,kBAAA,CAEpB,CAEA,MAAMC,WAAkC,KAAM,CACnC,YAA4BC,EAAqB,CACpD,MAAM,6CAA6C,EADpB,KAAA,YAAAA,EAE/B,KAAK,KAAO,2BAAA,CAEpB,CAyBO,MAAMC,EAA8B,CAqChC,YACHjP,EACiBL,EACAyC,EACA8M,EACnB,CAHmB,KAAA,WAAAvP,EACA,KAAA,KAAAyC,EACA,KAAA,cAAA8M,EAxCrB,KAAQ,QAAU,GAOlB,KAAQ,cAAsC,KAItC,KAAA,kCAAyD,IAMjE,KAAQ,oBAAsB,GAG9B,KAAQ,eAAgC,CAAC,EAGzC,KAAQ,wBAA0B,GAGlC,KAAQ,0BAAkE,KA0F1E,KAAQ,sBAAwB,IAAY,CAExC,KAAK,wBAA0B,GAC/B,KAAK,cAAgB,KACrB,KAAK,+BAA+B,EAAE,KAAMC,GAAkB,CACtDA,GAEA,KAAK,iBAAiB,CAC1B,CACH,CACL,EApFS,KAAA,OAASnP,EAAO,SAAS,iCAAiC,EAE/DkP,EAAc,GAAG3M,EAAY,gBAAiB,KAAK,qBAAqB,EACxE2M,EAAc,GAAG3M,EAAY,gBAAiB,KAAK,qBAAqB,EACxE2M,EAAc,GAAG3M,EAAY,6BAA8B,KAAK,qBAAqB,CAAA,CAQlF,+BAAyC,CAC5C,OAAO,KAAK,gBAAkB,IAAA,CAQlC,MAAa,qBAAiE,CACnE,OAAA,MAAM,KAAK,cAAc,oBAAoB,CAAA,CAajD,4BAA4BmJ,EAAgB0D,EAA+B,CAG9E,GAAI,KAAK,iBAAiB1D,EAAQ0D,CAAe,EAAG,CAEhD,KAAK,OAAO,MAAM,uCAAuCA,CAAe,0BAA0B,EAClG,MAAA,CAGA,GAAA,KAAK,qBAAqBA,CAAe,EAAG,CAE5C,KAAK,OAAO,MACR,uCAAuCA,CAAe,uCAC1D,EACA,MAAA,CAQJ,KAAK,eAAe,KAAK,CAAE,OAAA1D,EAAQ,gBAAA0D,EAAiB,EAGpD,KAAK,iBAAiB,CAAA,CAGnB,MAAa,CAChB,KAAK,QAAU,GACf,KAAK,cAAc,IAAI7M,EAAY,gBAAiB,KAAK,qBAAqB,EAC9E,KAAK,cAAc,IAAIA,EAAY,gBAAiB,KAAK,qBAAqB,EAC9E,KAAK,cAAc,IAAIA,EAAY,6BAA8B,KAAK,qBAAqB,CAAA,CAoBvF,iBAAiBmJ,EAAgB0D,EAAkC,CACvE,OAAO,KAAK,eAAe,KAAM5E,GACtBA,EAAK,QAAUkB,GAAUlB,EAAK,iBAAmB4E,CAC3D,CAAA,CAQG,uBAAuBA,EAA+B,CACpD,MAAAC,EAAM,KAAK,IAAI,EAChB,KAAA,8BAA8B,IAAID,EAAiBC,CAAG,EAEvD,KAAK,8BAA8B,KAAO,MAC1C,KAAK,8BAAgC,IAAI,IACrC,MAAM,KAAK,KAAK,6BAA6B,EAAE,OAAO,CAACC,EAAKC,IACjD,KAAK,IAAIF,EAAME,EAAI,CAAC,EAAIX,CAClC,CACL,EACJ,CAII,qBAAqBQ,EAAkC,CAC3D,MAAMI,EAAY,KAAK,8BAA8B,IAAIJ,CAAe,EACpE,OAACI,EACE,KAAK,IAAI,KAAK,MAAQA,EAAW,CAAC,EAAIZ,EADtB,EACsB,CAGjD,MAAc,wBAAqE,CAC3E,GAAA,CACO,OAAA,MAAM,KAAK,WAAW,cAAc,CAAA,MACvC,CACG,OAAA,IAAA,CACX,CAUJ,MAAc,yBACV1D,EACAQ,EACAuC,EACyB,CACnB,MAAAzK,EAAOC,GAAU,qCAAsC,CACzD,QAASiI,EACT,WAAYuC,CAAA,CACf,EAEM,OAAA,MAAM,KAAK,KAAK,cAAgCzL,EAAO,IAAKgB,EAAM,CAAE,QAAA0H,CAAQ,EAAG,OAAW,CAC7F,OAAQ+B,EAAa,EAAA,CACxB,CAAA,CAGL,MAAc,kBAAkC,CAC5C,GAAI,MAAK,qBAIL,MAAK,wBAET,MAAK,oBAAsB,GAEvB,GAAA,CACO,KAAA,KAAK,eAAe,OAAS,GAAG,CAG7B,MAAApJ,EAAU,KAAK,eAAe,CAAC,EACjC,GAAA,CAEM,MAAAsL,EAAgB,MAAM,KAAK,+BAA+B,EAChE,GAAI,CAACA,EAAe,CAEhB,KAAK,oBAAsB,GAC3B,MAAA,CAGE,MAAA7P,EAAS,MAAM,KAAK,eAAeuE,EAAQ,OAAQA,EAAQ,gBAAiBsL,CAAa,EAE/F,GAAI,KAAK,QACL,OAGA,GAAA,CACA,MAAM,KAAK,iBAAiBtL,EAASvE,EAAQ6P,CAAa,QACrD/O,EAAG,CACR,KAAK,OAAO,MACR,+DAA+DyD,EAAQ,eAAe,GACtFzD,CACJ,CAAA,CAGJ,KAAK,eAAe,MAAM,QACrBsC,EAAK,CACV,GAAIA,aAAemM,EACf,OAAQnM,EAAI,KAAM,CACd,IAAK,yBACI,KAAA,uBAAuBmB,EAAQ,eAAe,EAEnD,KAAK,eAAe,MAAM,EAC1B,MACJ,IAAK,gBAED,MAAM8B,EAAMiJ,CAAkB,EAC9B,MACJ,IAAK,UAED,KAAK,oBAAsB,GAC3B,MAAA,MAEDlM,aAAeqM,IAEhB,MAAApJ,EAAMjD,EAAI,WAAW,CAC/B,CACJ,CACJ,QACF,CAEE,KAAK,oBAAsB,EAAA,EAC/B,CAUJ,MAAc,eACV+M,EACAC,EACAP,EACyB,CAEzB,GADA,KAAK,OAAO,MAAM,mCAAmCO,CAAe,EAAE,EAClE,KAAK,QAAe,MAAA,IAAIb,EAAiB,SAA4B,EACrE,GAAA,CACA,MAAMxF,EAAM,MAAM,KAAK,yBAAyB8F,EAAc,cAAeM,EAAcC,CAAe,EAC1G,YAAK,OAAO,MAAM,qCAAqCA,CAAe,EAAE,EACjErG,QACFjJ,EAAG,CACR,GAAI,KAAK,QAAe,MAAA,IAAIyO,EAAiB,SAA4B,EAGzE,GADA,KAAK,OAAO,KAAK,6CAA6Ca,CAAe,KAAKtP,CAAC,EAAE,EACjFA,aAAamM,GAAa,CAE1B,GADgBnM,EAAE,KAAK,SACR,cAQL,MAAA,IAAIyO,EAAiB,wBAA2C,EAEtE,GAAAzO,EAAE,mBAAoB,CAClB,IAAAqM,EACA,GAAA,CACWA,EAAArM,EAAE,gBAAqB,GAAA,aAC7BqC,EAAO,CACP,KAAA,OAAO,KAAK,kDAAmDA,CAAK,CAAA,CAEzE,MAAAgK,GAAYA,EAAW,GACvB,KAAK,OAAO,KAAK,mCAAmCA,CAAQ,IAAI,EAE9D,IAAIsC,GAA0BtC,GAAYmC,CAAkB,CAAA,CACtE,CAEE,MAAA,IAAIC,EAAiB,eAAkC,CAAA,CACjE,CAGJ,MAAc,iBACVc,EACAC,EACAT,EACa,CACb,MAAMU,EAAqD,CAAE,CAACF,EAAY,eAAe,EAAGC,CAAK,EAE3FpQ,EAAO,MAAM2P,EAAe,UAAU,gBAAgBU,CAAgB,EAC5E,UAAWC,KAAKtQ,EACZsQ,EAAE,QAAUH,EAAY,OAE5B,MAAM,KAAK,cAAc,uBAAuBnQ,EAAM2P,EAAc,aAAa,CAAA,CAWrF,MAAc,gCAAgE,CAC1E,GAAI,KAAK,cACL,OAAO,KAAK,cAKhB,GAAI,KAAK,wBACE,OAAA,KAKP,GAAA,KAAK,2BAA6B,KAC7B,YAAA,OAAO,MAAM,sDAAsD,EACjE,MAAM,KAAK,0BAGjB,KAAA,0BAA4B,KAAK,wBAAwB,EAC1D,GAAA,CACA,OAAO,MAAM,KAAK,yBAAA,QACpB,CACE,KAAK,0BAA4B,IAAA,CACrC,CAGJ,MAAc,yBAAyD,CACnE,IAAIY,EAAuB,KACvB,GAAA,CACuBA,EAAA,MAAM,KAAK,cAAc,oBAAoB,QAC/D3P,EAAG,CACR,YAAK,OAAO,MAAM,gDAAgDA,CAAC,EAAE,EACrE,KAAK,wBAA0B,GACxB,IAAA,CAIP,GAFJ,KAAK,OAAO,MAAM,2CAA2C2P,GAAA,YAAAA,EAAsB,OAAO,EAAE,GAExFA,GAAA,YAAAA,EAAsB,YAAa,yCACnC,YAAK,OAAO,KAAK,yBAAyBA,GAAA,YAAAA,EAAsB,SAAS,EAAE,EAC3E,KAAK,wBAA0B,GACxB,KAGP,GAAA,EAACA,GAAA,MAAAA,EAAsB,SAClB,YAAA,OAAO,KAAK,uBAAuB,EACxC,KAAK,wBAA0B,GACxB,KAGX,MAAMjE,EAAgB,MAAM,KAAK,cAAc,uBAAuB,EACtE,GAAIA,GAAiB,MAAQiE,EAAqB,SAAWjE,EAEzD,YAAK,OAAO,KACR,6CAA6CiE,EAAqB,OAAO,6DAA6DjE,CAAa,EACvJ,EACA,KAAK,wBAA0B,GACxB,KAGL,MAAApB,EAAa,MAAM,KAAK,uBAAuB,EACjD,GAAA,EAACA,GAAA,MAAAA,EAAY,eACR,YAAA,OAAO,MAAM,yDAAyD,EAC3E,KAAK,wBAA0B,GACxB,KAGP,GAAAoB,GAAiBpB,EAAW,cAC5B,YAAK,OAAO,MACR,+CAA+CA,EAAW,aAAa,qDAAqDoB,CAAa,GAC7I,EACA,KAAK,wBAA0B,GACxB,KAIX,GADiBiE,EAAqB,UACzB,YAAcrF,EAAW,cAAc,kBAAkB,gBAC7D,YAAA,OAAO,MAAM,wDAAwD,EAC1E,KAAK,wBAA0B,GACxB,KAGX,MAAM2C,EAAkB,KAAK,cAAc,sBAAsB3C,EAAW,aAAa,EACzF,YAAK,wBAA0B,GAC/B,KAAK,cAAgB,CACjB,UAAW2C,EACX,cAAevB,CACnB,EACO,KAAK,aAAA,CAEpB,CCrdgB,SAAAkE,GAAgBhD,EAAqBzO,EAAyC,CAC1F,GAAI,CAACyO,EAAS,kBAAoB,CAACA,EAAS,uBAClC,MAAA,IAAI,MAAM,oFAAyF,EAGtG,OAAA1O,GACHC,EACAyO,EAAS,iBACTA,EAAS,uBACTA,EAAS,gBACb,CACJ,CCuDA,MAAMiD,GAA2B,CAC7BrR,EAAmB,IACnBA,EAAmB,WACnBA,EAAmB,WACnBA,EAAmB,WACvB,EAYO,MAAMsR,WAAmB/N,CAAoF,CAyBzG,YACcnC,EAGAL,EAOAyC,EAGA0C,EAGjBqL,EAGiB7N,EAGA8N,EACnB,CACQ,MAAA,EAxBWpQ,KAAAA,OAAAA,EAGA,KAAA,WAAAL,EAOA,KAAA,KAAAyC,EAGA,KAAA,OAAA0C,EAMA,KAAA,cAAAxC,EAGA,KAAA,gBAAA8N,EA5CrB,KAAiB,mCAAqC,IAEtD,KAAQ,yBAA2B,GAC3B,KAAA,oBAA2C,IAAIC,GAAwB,EAAK,EAGpF,KAAQ,QAAU,GAGlB,KAAQ,eAAgD,CAAC,EAUxC,KAAA,UAAY,IAAIjI,GAAwD,IAAI,EA2L7F,KAAO,iCAAmC,GAqvB1C,KAAQ,8BAA0C6H,GAp5B9C,KAAK,yBAA2B,IAAInM,GAAyBnE,EAAYyC,CAAI,EAC7E,KAAK,wBAA0B,IAAIsM,GAC/B,KAAK,OACL/O,EACA,KAAK,wBACT,EAEA,KAAK,gBAAkB,IAAIiG,GAAgBjG,EAAY,KAAK,wBAAwB,EAEpF,KAAK,cAAgB,IAAI4K,GAAkB5K,EAAYyC,EAAM,KAAK,wBAAwB,EAC1F,KAAK,2BAA6B,IAAI6M,GAClC,KAAK,OACL,KAAK,WACL,KAAK,KACL,KAAK,aACT,EACA,KAAK,wBAA0B,IAAI/M,GAC/B,KAAK,OACLvC,EACAyC,EACA,KAAK,yBACLE,CACJ,EACA,KAAK,eAAiB,IAAIgO,GAAe,KAAK,OAAQ3Q,EAAY,KAAK,0BAA0B,EAG5F,KAAA,UAAU,OAAO,KAAK,cAAe,CACtC4C,EAAY,gBACZA,EAAY,2BACZA,EAAY,gBACZA,EAAY,4BAAA,CACf,EACI,KAAA,UAAU,OAAO,KAAK,wBAAyB,CAChDA,EAAY,wBACZA,EAAY,yBACZA,EAAY,mBACZA,EAAY,oBACZA,EAAY,qBACZA,EAAY,iBACZA,EAAY,qBACZA,EAAY,6BAAA,CACf,EAED,KAAK,qBAAuB,IAAIwE,GAAqBpH,EAAY,KAAK,yBAA0B2C,CAAa,EAG7G,KAAK,wBAAwB,CAAA,CAUzB,sBAAmD,CACvD,GAAI,KAAK,QACL,MAAM,IAAIiO,GAEd,OAAO,KAAK,UAAA,CAShB,IAAW,4BAA4BC,EAAa,CAAA,CAIpD,IAAW,6BAAuC,CAEvC,MAAA,EAAA,CAGJ,MAAa,CAGZ,KAAK,UAGT,KAAK,QAAU,GAEf,KAAK,gBAAgB,KAAK,EAC1B,KAAK,cAAc,KAAK,EACxB,KAAK,wBAAwB,KAAK,EAClC,KAAK,2BAA2B,KAAK,EACrC,KAAK,wBAAwB,KAAK,EAKlC,KAAK,WAAW,MAAM,EAAA,CAG1B,MAAa,aAAa7P,EAAoB8P,EAA4B,CAChE,MAAA/E,EAAS/K,EAAM,UAAU,EACzB+P,EAAY,KAAK,eAAehF,CAAM,EAE5C,GAAI,CAACgF,EACD,MAAM,IAAI,MAAM,6CAA6ChF,CAAM,EAAE,EAGzE,MAAMgF,EAAU,aAAa/P,EAAO,KAAK,iCAAkC,KAAK,mBAAmB,CAAA,CAGvG,MAAa,aAAaA,EAAqD,CAE3E,GAAI,CADWA,EAAM,UAAU,EAOrB,MAAA,IAAI,MAAM,iEAAiE,EAErF,OAAO,MAAM,KAAK,eAAe,uBAAuBA,EAAO,KAAK,mBAAmB,CAAA,CAM3F,MAAa,mBAAmBkL,EAA2B8E,EAA+C,CAClG,GAAA,EAAEA,aAAmB,YACf,MAAA,IAAI,MAAM,wCAAwC,EAGxD,GAAA9E,EAAW,WAAa,yCACxB,MAAM,IAAI,MAAM,6CAA6CA,EAAW,SAAS,EAAE,EAGvF,MAAMb,EAAsBC,EAAoC,WAAW2F,GAAaD,CAAO,CAAC,EAChG,GAAI,CAACrC,GAAkCtD,EAAqBa,CAAU,EAC5D,MAAA,IAAI,MAAM,4EAA4E,EAGzF,OAAA,KAAK,cAAc,sBAAsBb,CAAmB,CAAA,CAMvE,MAAa,uBACTxL,EACAgM,EACA7I,EACa,CACb,OAAO,MAAM,KAAK,cAAc,uBAAuBnD,EAAMgM,EAAe7I,CAAI,CAAA,CAc7E,YAAqB,CAClB,MAAAkO,EAAWC,GAA4B,EACtC,MAAA,YAAYD,EAAS,iBAAiB,KAAKA,EAAS,OAAO,gBAAgBA,EAAS,SAAS,EAAA,CAMjG,uBAAuBE,EAA0C,CACpE,KAAK,oBAAsBA,CAAA,CAM/B,MAAa,0BAA0BrF,EAAkC,CAC/D,MAAAsF,EAAyD,MAAM,KAAK,WAAW,gBACjF,IAAIrF,EAAuBD,CAAM,CACrC,EACO,MAAA,GAAQsF,GAAA,MAAAA,EAAc,UAAS,CAM1C,MAAa,kBAA2C,CAC9C,MAAAxR,EAAO,KAAK,WAAW,aACtB,MAAA,CAAE,QAASA,EAAK,QAAQ,WAAY,WAAYA,EAAK,WAAW,UAAW,CAAA,CAG/E,iBAAiBM,EAAkB,CACtC,MAAM4Q,EAAY,KAAK,eAAe5Q,EAAK,MAAM,EAE7C4Q,GACAA,EAAU,qBAAqB,KAAK,iCAAkC,KAAK,mBAAmB,CAClG,CAGG,oBAAoBhF,EAA+B,OACtD,OAAOvN,EAAA,KAAK,eAAeuN,CAAM,IAA1B,YAAAvN,EAA6B,qBAAoB,CAG5D,MAAa,gBAAgD,CACzD,MAAM8S,EAAM,MAAM,KAAK,WAAW,eAAe,IAAM,EAAI,EACpD,OAAA,KAAK,MAAMA,CAAG,CAAA,CAGzB,MAAa,sBAAwC,CACjD,OAAO,MAAM,KAAK,WAAW,eAAe,IAAM,EAAI,CAAA,CAG1D,MAAa,eAAezR,EAA4BmD,EAA0C,CAC9F,OAAO,MAAM,KAAK,cAAc,eAAenD,EAAMmD,CAAI,CAAA,CAG7D,MAAa,qBAAqBnD,EAAcmD,EAA0C,CACtF,OAAO,MAAM,KAAK,cAAc,qBAAqBnD,EAAMmD,CAAI,CAAA,CAMnE,MAAa,wBAAwBmC,EAAS,KAAK,OAAQoM,EAAmB,GAAyB,OAEnG,MAAMC,EAAgD,MAAM,KAAK,WAAW,aAAa,EACrF,IAAAC,EACJ,UAAWlR,KAAKiR,EACR,GAAArM,IAAW5E,EAAE,WAAY,CACPkR,EAAAlR,EAClB,KAAA,CAIR,GAAIkR,IAAoB,OAAW,CAC3B,GAAAtM,IAAW,KAAK,OAAQ,CAIlB,MAAAjB,EAAU,KAAK,WAAW,kBAE5B,CAACuN,EAAgB,MAAO,CAAA,CAC5B,EACM,MAAA,KAAK,yBAAyB,oBAAoBvN,CAAO,CAAA,CAEnE,MAAMwN,EAAe,MAAM,KAAK,WAAW,YAAYD,CAAe,EACtE,OAAAC,GAAA,MAAAA,EAAc,OACPA,IAAiB,eACjBH,EAAkB,CAGnB,MAAA1R,GAAOrB,GADK,MAAM,KAAK,uBAAuB,IAAI,CAAC2G,CAAM,CAAC,CAAC,GAC1C,cAAV,YAAA3G,EAAwB2G,GAGjC,OAACtF,EAKE,EAAQ,OAAO,OAAOA,EAAK,IAAI,EAAE,CAAC,EALvB,EAKwB,KAEnC,OAAA,EACX,CAYJ,MAAa,kBAAkB8R,EAAmBJ,EAAmB,GAA2B,CACtF,MAAAK,MAAwB,IACxBJ,EAAgD,MAAM,KAAK,qBAAA,EAAuB,aAAa,EAG/FK,MAAmB,IACRL,EAAA,QAASM,GAAeD,EAAa,IAAIC,EAAW,SAAA,CAAU,CAAC,EAG1E,MAAAC,MAAkC,IAExC,UAAW5M,KAAUwM,EAIbE,EAAa,IAAI1M,CAAM,EACvByM,EAAkB,IAAIzM,EAAQ,MAAM,KAAK,eAAeA,CAAM,CAAC,EAE/D4M,EAAe,IAAI5M,CAAM,EAM7B,GAAAoM,GAAoBQ,EAAe,MAAQ,EAAG,CAC9C,MAAMC,EAAc,MAAM,KAAK,mBAAmBD,CAAc,EACzD,OAAA,QAAQC,EAAY,WAAW,EAAE,QAAQ,CAAC,CAAC7M,EAAQ8B,CAAU,IAChE2K,EAAkB,IAAIzM,EAAQ6B,GAAsBC,CAAU,CAAC,CACnE,CAAA,CAGG,OAAA2K,CAAA,CAOX,MAAc,eAAezM,EAA8C,CACvE,MAAM2M,EAAa,IAAItR,EAAuB2E,CAAM,EAgB9C8M,EAA2C,MAAM,KAAK,WAAW,eAAeH,EAAY,CAAC,EAC/F,GAAA,CACM,MAAAI,EAAwCD,EAAY,QAAQ,EAC9D,GAAA,CACA,OAAO,IAAI,IACPC,EAAY,IAAK9L,GAAW,CAACA,EAAO,SAAS,WAAYD,GAAqBC,EAAQ0L,CAAU,CAAC,CAAC,CACtG,CAAA,QACF,CACEI,EAAY,QAASC,GAAMA,EAAE,MAAM,CAAA,CACvC,QACF,CACEF,EAAY,KAAK,CAAA,CACrB,CAOJ,MAAc,mBAAmBF,EAA0D,CACvF,MAAMK,EAA+B,CAAE,YAAa,EAAG,EACxC,OAAAL,EAAA,QAASM,GAAUD,EAAU,YAAYC,CAAI,EAAI,EAAG,EAE5D,MAAM,KAAK,KAAK,cAAcxP,EAAO,KAAM,gCAAiC,OAAWuP,EAAW,CACrG,OAAQ,EAAA,CACX,CAAA,CAME,4BAAsC,CACzC,OAAO,KAAK,wBAAA,CAMT,2BAA2BE,EAAoB,CAClD,KAAK,yBAA2BA,CAAA,CAUpC,MAAa,kBAAkBnN,EAAgBE,EAAkBiB,EAAW,GAAqB,CACvF,MAAAF,EAA6C,MAAM,KAAK,WAAW,UACrE,IAAI5F,EAAuB2E,CAAM,EACjC,IAAI1B,EAAyB4B,CAAQ,CACzC,EAEA,GAAI,CAACe,EACD,MAAM,IAAI,MAAM,kBAAkBjB,CAAM,IAAIE,CAAQ,EAAE,EAEtD,GAAA,CACA,MAAMe,EAAO,cACTE,EAAWiM,GAA2B,SAAWA,GAA2B,KAChF,CAAA,QACF,CACEnM,EAAO,KAAK,CAAA,CAChB,CAQJ,MAAa,gBAAgBf,EAAiC,CACpD,MAAAe,EAA6C,MAAM,KAAK,WAAW,UACrE,IAAI5F,EAAuB,KAAK,MAAM,EACtC,IAAIiD,EAAyB4B,CAAQ,CACzC,EACA,GAAI,CAACe,EACD,MAAM,IAAI,MAAM,kBAAkBf,CAAQ,EAAE,EAE5C,GAAA,CACM,MAAAmN,EAA0D,MAAMpM,EAAO,OAAO,EAC9E,MAAA,KAAK,yBAAyB,oBAAoBoM,CAAe,CAAA,QACzE,CACEpM,EAAO,KAAK,CAAA,CAChB,CAMJ,MAAa,4BACTjB,EACAE,EACwC,CAClC,MAAAe,EAA6C,MAAM,KAAK,WAAW,UACrE,IAAI5F,EAAuB2E,CAAM,EACjC,IAAI1B,EAAyB4B,CAAQ,CACzC,EAEI,GAAA,CAACe,EAAe,OAAA,KAChB,GAAA,CACA,OAAO,IAAIqM,GAAyB,CAChC,cAAerM,EAAO,qBAAqB,EAC3C,qBAAsBA,EAAO,sBAAsB,EACnD,cAAeA,EAAO,iBAAiB,EACvC,wBAAyB,KAAK,wBAAA,CACjC,CAAA,QACH,CACEA,EAAO,KAAK,CAAA,CAChB,CAMJ,MAAa,0BAA0BjB,EAAiD,CAC9E,MAAAuM,EACF,MAAM,KAAK,qBAAqB,EAAE,YAAY,IAAIlR,EAAuB2E,CAAM,CAAC,EACpF,GAAIuM,IAAiB,OACjB,OAAO,IAAIgB,GAAuB,GAAO,GAAO,EAAK,EAGnD,MAAApM,EAAWoL,EAAa,WAAW,EACnCiB,EAAcjB,EAAa,sBAAsB,EACjDkB,EACFlB,aAAwBmB,GAClBnB,EAAa,0BACb,EAAA,GACV,OAAAA,EAAa,KAAK,EACX,IAAIgB,GAAuBpM,EAAUqM,EAAa,GAAOC,CAAiB,CAAA,CAMrF,MAAa,uBAAuBzN,EAA+B,CACzD,MAAAuM,EACF,MAAM,KAAK,qBAAqB,EAAE,YAAY,IAAIlR,EAAuB2E,CAAM,CAAC,EAEpF,GAAIuM,IAAiB,OACX,MAAA,IAAI,MAAM,qCAAqC,EAGrD,GAAAA,aAAwBoB,GAClB,MAAA,IAAI,MAAM,iCAAiC,EAGrD,MAAMpB,EAAa,oBAAoB,CAAA,CAM3C,MAAa,gCAAgCvM,EAA+B,CAClE,MAAAuM,EACF,MAAM,KAAK,qBAAqB,EAAE,YAAY,IAAIlR,EAAuB2E,CAAM,CAAC,EAEpF,GAAIuM,IAAiB,OACX,MAAA,IAAI,MAAM,8CAA8C,EAGlE,MAAMA,EAAa,qBAAqB,CAAA,CAM5C,MAAa,qBAAwC,CACjD,KAAM,CAAE,2BAAAjK,EAA4B,yBAAAsL,CAA6B,EAAA,MAAM,KAAK,sBAAsB,EAC5FC,EACF,EAAQD,EAAyB,WACjC,EAAQA,EAAyB,gBACjC,EAAQA,EAAyB,eAE/BE,EAAW,MAAM,KAAK,eAAe,EAI3C,MAAO,CAAC,EAACA,GAAA,MAAAA,EAAU,gBAAiBD,GAAkBvL,EAAA,CAM1D,MAAa,qBAAqByL,EAAwBC,EAAgB,OAAgC,CAChG,MAAAzB,EAA4D,MAAM,KAAK,WAAW,YACpF,IAAIlR,EAAuB,KAAK,MAAM,CAC1C,EACA,GAAI,CAACkR,EAEM,OAAA,KAGP,GAAA,CACA,MAAM0B,EAAyD,MAAM,KAAK,WAAW,mBAAmB,EAUpG,GALA,EAFAA,EAAmB,WAAaA,EAAmB,gBAAkBA,EAAmB,iBAOxF,CAAC1B,EAAa,aAEP,OAAA,KAGP,IAAAtT,EACJ,OAAQ8U,EAAM,CACV,KAAKC,EAAgB,OACjB/U,EAAMsT,EAAa,UACnB,MACJ,KAAKyB,EAAgB,YACjB/U,EAAMsT,EAAa,eACnB,MACJ,KAAKyB,EAAgB,YACjB/U,EAAMsT,EAAa,eACnB,MACJ,QAEW,OAAA,IAAA,CAGT,MAAA2B,EAAiC,KAAK,MAAMjV,CAAG,EAIrD,OAAO,OAAO,OAAOiV,EAAU,IAAI,EAAE,CAAC,CAAA,QACxC,CACE3B,EAAa,KAAK,CAAA,CACtB,CAMJ,MAAa,sBAAsB1O,EAAgD,CACzE,MAAA,KAAK,qBAAqB,sBAAsBA,CAAI,CAAA,CAM9D,MAAa,sBAAyC,CAElD,MAAMsQ,EAAqC,CACvC,yBACA,+BACA,8BACJ,EAIA,OAD0B,MAAM,KAAK,cAAc,uBAA6B,GAAA,MAE5EA,EAAe,KAAK,oBAAoB,EAGrCrL,GAA8B,KAAK,cAAeqL,CAAc,CAAA,CAM3E,MAAa,uBAAuB,CAChC,uBAAAC,EACA,sBAAAC,EACA,kBAAAC,CACJ,EAA6B,GAAmB,CAG5C,MAAMC,EAA8BF,GAAyB,CAAE,MAAM,KAAK,uBAAuB,EAEjG,GAAIE,EAA6B,CAC7B,GAAI,CAACH,EACK,MAAA,IAAI,MAAM,8EAA8E,EAI7F,KAAA,OAAO,KAAK,yDAAyD,EACpE,MAAAI,EAAc,MAAMJ,EAAuB,EACjD,GAAI,CAACI,EACK,MAAA,IAAI,MAAM,uEAAuE,EAErF,MAAA,KAAK,mCAAmCA,CAAW,CAAA,CAG7D,MAAMC,EACF,MAAM,KAAK,WAAW,uBAAuB,EAE7CA,GACAA,EAAwB,YAAc,QACtCA,EAAwB,mBAAqB,QAC7CA,EAAwB,iBAAmB,SAM1CF,GAA+B,CAAE,MAAM1L,GAAsC,KAAK,aAAa,KAE3F,KAAA,OAAO,KAAK,4EAA4E,EAE7F,MAAM,KAAK,cAAc,MAAM,yBAA0B4L,EAAwB,SAAS,EAC1F,MAAM,KAAK,cAAc,MAAM,+BAAgCA,EAAwB,cAAc,EACrG,MAAM,KAAK,cAAc,MAAM,+BAAgCA,EAAwB,gBAAgB,GAKtGH,EAGD,MAAM,KAAK,eAAe,EAF1B,MAAM,KAAK,uBAAuB,CAGtC,CAOJ,MAAc,wBAAwC,CAClD,MAAM7E,EAAgB,MAAM,KAAK,cAAc,oBAAoB,EACnE,GAAI,CAACA,GAAiB,CAACA,EAAc,QAAS,CAC1CvO,EAAO,KAAK,yDAAyD,EACrE,MAAA,CAGJ,MAAM0K,EAAyC,MAAM,KAAK,WAAW,cAAc,EAC/E,GAAA,CAACA,EAAW,cAAe,CAC3B1K,EAAO,KAAK,wDAAwD,EACpE,MAAA,CAGJ,GAAI,CAACsO,GAAkC5D,EAAW,cAAe6D,CAAa,EAAG,CAC7EvO,EAAO,KAAK,oFAAoF,EAChG,MAAA,CAGE,MAAAwT,EAAkB9I,EAAW,cAAc,SAAS,EAE1D,MAAM,KAAK,cAAc,MAAM,qBAAsB8I,CAAe,CAAA,CAWxE,MAAc,mCAAmCC,EAA4D,aACzG,MAAMC,EAAyB,MAAM,KAAK,cAAc,OAAOC,GAAiC,CAC5F,YAAYxV,EAAAsV,EAAiB,UAAjB,YAAAtV,EAA0B,WACtC,MAAMgP,EAAAsG,EAAiB,UAAjB,YAAAtG,EAA0B,KAChC,IAAKsG,EAAiB,UAAA,CACzB,EAED,MAAM,KAAK,cAAc,gBAAgBC,EAAuB,KAAK,GAErEE,GAAAC,EAAA,KAAK,iBAAgB,wBAArB,MAAAD,EAAA,KAAAC,EACIH,EAAuB,MACvBA,EAAuB,QACvBD,EAAiB,WACrB,CAQJ,MAAc,wBAA2C,CAErD,MAAMK,EAAwB,MAAM,KAAK,cAAc,OAAO,EAE1D,GAAA,CAACA,EAA8B,MAAA,GAE7B,KAAA,CAAA,CAAGC,CAAO,EAAID,EAGpB,OAAOC,EAAQ,YAAcJ,EAAA,CAMjC,MAAa,uBAAqD,CAC9D,MAAMtC,EAAuD,MAAM,KAAK,qBAAuB,EAAA,YAC3F,IAAIlR,EAAuB,KAAK,MAAM,CAC1C,EAEM6T,EACF,GAAQ3C,GAAA,MAAAA,EAAc,YACtB,GAAQA,GAAA,MAAAA,EAAc,iBACtB,GAAQA,GAAA,MAAAA,EAAc,gBAC1BA,GAAA,MAAAA,EAAc,OAEd,MAAMjK,EAA6B,MAAMO,GAAsC,KAAK,aAAa,EAC3FoL,EACF,MAAM,KAAK,qBAAA,EAAuB,mBAAmB,EAElD,MAAA,CACH,mBAAAiB,EACA,2BAAA5M,EACA,yBAA0B,CACtB,UAAW,GAAQ2L,GAAA,MAAAA,EAAoB,WACvC,eAAgB,GAAQA,GAAA,MAAAA,EAAoB,gBAC5C,eAAgB,GAAQA,GAAA,MAAAA,EAAoB,eAAc,CAElE,CAAA,CAMJ,MAAa,gCAAgCkB,EAAuD,CAChG,GAAIA,EAAU,CAGJ,MAAAzV,EAAO0V,GAAmB,EAAE,EAE5BZ,EAAc,MAAMhV,GACtB2V,EACAzV,EACA,KAAK,kCACT,EACO,MAAA,CACH,QAAS,CACL,WAAY,CACR,UAAW,WACX,WAAY,KAAK,mCACjB,KAAAA,CAAA,CAER,EACA,WAAY8U,EACZ,kBAAmBxV,GAAkBwV,CAAW,CACpD,CAAA,KACG,CAEG,MAAAvV,EAAM,IAAI,WAAW,EAAE,EAClB,kBAAA,OAAO,gBAAgBA,CAAG,EAC9B,CACH,WAAYA,EACZ,kBAAmBD,GAAkBC,CAAG,CAC5C,CAAA,CACJ,CAMJ,MAAa,0BAA0B4C,EAAyD,CACrF,OAAA,KAAK,eAAe,0BAA0BA,CAAK,CAAA,CAYvD,0CAA0CmE,EAAuC,CAIpF,OAHwD,KAAK,WAAW,wBACpE,IAAI3E,EAAuB2E,CAAM,CACrC,EAEK,OAAQjB,GAAYA,EAAQ,SAAW,MAAS,EAChD,IACIA,GACG,IAAIoE,EACA,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BAAA,CAEjB,CAAA,CAcD,oCAAoC6H,EAAgB5G,EAAkD,CACzG,GAAI,CAACA,EAAc,MAAA,IAAI,MAAM,gBAAgB,EAOvC,MAAAjB,EALkD,KAAK,WAAW,wBACpE,IAAI1D,EAAuB2E,CAAM,CACrC,EAGyB,KAAMjB,GAAYA,OAAAA,QAAAA,EAAAA,EAAQ,SAARA,YAAAA,EAAgB,cAAe6H,EAAM,EAEhF,GAAI7H,EACA,OAAO,IAAIoE,EACP,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BACT,CACJ,CAMJ,MAAa,sBAAsBiB,EAAgB4G,EAA8C,CACvF,MAAA2F,EAA8D,MAAM,KAAK,WAAW,YACtF,IAAIlR,EAAuB2E,CAAM,CACrC,EAEA,GAAI,CAACuM,EAAc,MAAM,IAAI,MAAM,kBAAkBvM,CAAM,EAAE,EAEzD,GAAA,CAEM,MAAAqP,EAAU,KAAK,8BAA8B,IAAKhP,GACpD+D,GAAqC/D,CAAM,CAC/C,EAEMiP,EAAmC,MAAM/C,EAAa,2BAA2B8C,CAAO,EAGxFE,EAAU,MAAM,KAAK,+BAA+B3I,EAAQ0I,CAAwB,EAGpFvQ,EAA+C,MAAMwN,EAAa,oBACpE,IAAI1F,EAAuBD,CAAM,EACjC,IAAI4I,GAAwBD,CAAO,EACnCF,CACJ,EACA,OAAO,IAAIlM,EACP,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BACT,CAAA,QACF,CACEwN,EAAa,KAAK,CAAA,CACtB,CAcJ,MAAc,+BAA+B3F,EAAgB0I,EAAmD,CACtG,MAAAG,EAAOL,GAAmB,EAAE,EAE5B,CAAE,SAAUG,CAAA,EAAY,MAAM,KAAK,KAAK,cAC1C7R,EAAO,IACP,4BAA4B,mBAAmBkJ,CAAM,CAAC,wBAAwB,mBAAmB6I,CAAI,CAAC,GACtG,OACAH,EACA,CACI,OAAQ,EAAA,CAEhB,EAEO,OAAAC,CAAA,CAaJ,gCAAgCF,EAAqC,CAExE,KAAK,8BAAgCA,GAAWlE,EAAA,CAYpD,MAAa,4BAA2D,CAC9D,MAAAoB,EAA4D,MAAM,KAAK,WAAW,YACpF,IAAIlR,EAAuB,KAAK,MAAM,CAC1C,EACA,GAAIkR,IAAiB,OACX,MAAA,IAAI,MAAM,yFAAyF,EAGzG,GAAA,CACA,KAAM,CAACxN,EAASsO,CAAe,EAC3B,MAAMd,EAAa,oBACf,KAAK,8BAA8B,IAAInI,EAAoC,CAC/E,EACE,aAAA,KAAK,yBAAyB,oBAAoBiJ,CAAe,EAChE,IAAIlK,EACP,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BACT,CAAA,QACF,CACEwN,EAAa,KAAK,CAAA,CACtB,CAeJ,MAAa,0BAA0BvM,EAAgBE,EAAgD,CAC7F,MAAAe,EAA6C,MAAM,KAAK,WAAW,UACrE,IAAI5F,EAAuB2E,CAAM,EACjC,IAAI1B,EAAyB4B,CAAQ,CACzC,EAEA,GAAI,CAACe,EACK,MAAA,IAAI,MAAM,oBAAoB,EAGpC,GAAA,CACA,KAAM,CAAClC,EAASsO,CAAe,EAAIpM,EAAO,oBACtC,KAAK,8BAA8B,IAAImD,EAAoC,CAC/E,EACM,aAAA,KAAK,yBAAyB,oBAAoBiJ,CAAe,EAChE,IAAIlK,EACP,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BACT,CAAA,QACF,CACEkC,EAAO,KAAK,CAAA,CAChB,CAUJ,MAAa,4BAAyD,CAClE,MAAM2E,EAAyC,MAAM,KAAK,WAAW,cAAc,EAC/E,OAACA,EAAW,cACTzH,GAAayH,EAAW,cAAc,SAAA,CAAU,EADjB,IACiB,CAW3D,MAAa,6BAA6B3M,EAAiBmN,EAAiC,CAClF,MAAAsJ,EAAY5D,GAAa7S,CAAG,EAElC,GAAI,CAACmN,EACK,MAAA,IAAI,MAAM,mDAAmD,EAGvE,MAAM,KAAK,cAAc,wBACrBD,EAAoC,WAAWuJ,CAAS,EACxDtJ,CACJ,CAAA,CAMJ,MAAa,8CAA8D,CACvE,MAAMuJ,EAAY,MAAM,KAAK,cAAc,IAAI,oBAAoB,EACnE,GAAI,CAACA,EACK,MAAA,IAAI,MAAM,wFAAwF,EAG5G,MAAMlG,EAAgB,MAAM,KAAK,cAAc,oBAAoB,EACnE,GAAI,CAACA,GAAiB,CAACA,EAAc,QAC3B,MAAA,IAAI,MAAM,4EAA4E,EAGhG,MAAMvD,EAAsBC,EAAoC,WAAWwJ,CAAS,EACpF,GAAI,CAACnG,GAAkCtD,EAAqBuD,CAAa,EAC/D,MAAA,IAAI,MAAM,yFAAyF,EAG7G,MAAM,KAAK,cAAc,wBAAwBvD,EAAqBuD,EAAc,OAAO,CAAA,CAQ/F,MAAa,+BAAwD,CAC1D,OAAA,MAAM,KAAK,cAAc,uBAAuB,CAAA,CAM3D,MAAa,kBAAkD,CAC3D,OAAQ,MAAM,KAAK,cAAc,oBAA0B,GAAA,IAAA,CAQ/D,MAAa,mBAAmB/D,EAA+C,CAC3E,OAAO,MAAM,KAAK,cAAc,mBAAmBA,CAAI,CAAA,CAQ3D,MAAa,yBAA0D,CACnE,OAAO,MAAM,KAAK,cAAc,wBAAwB,EAAI,CAAA,CAMhE,MAAa,uBAAuBU,EAAgC,CAC1D,MAAA,KAAK,cAAc,uBAAuBA,CAAO,CAAA,CAM3D,MAAa,gBAAgC,CACnC,MAAAW,EAAa,MAAM,KAAK,cAAc,eAAgB6I,GAAM,KAAK,WAAWA,CAAC,CAAC,EAIhF,MAAM,KAAK,0BACX,MAAM,KAAK,cAAc,MAAM,qBAAsB7I,EAAW,cAAc,UAAU,EAI5F,KAAK,wBAAwB,CAAA,CAMjC,MAAa,mBAAmC,CAEtC,MAAArB,EAAO,MAAM,KAAK,iBAAiB,EACrCA,GAAA,MAAAA,EAAM,QACA,MAAA,KAAK,uBAAuBA,EAAK,OAAO,EAE9CxK,EAAO,MAAM,uDAAuD,EAIxE,MAAM,KAAK,oBAAoB,EAEzB,MAAA,KAAK,wBAAwB,OAAO,CAAA,CAW9C,MAAc,WAA+C2U,EAAuB,CAC1E,MAAAC,EAAO,IAAI,IAAI,OAAO,QAAQD,EAAI,YAAc,CAAA,CAAE,CAAC,EACnDE,EAAWF,EAAI,SAErB,OAAOA,EAAI,WACX,OAAOA,EAAI,SAEX,MAAMG,EAAiBF,EAAK,IAAI,KAAK,MAAM,GAAK,CAAC,EAE3CG,EAAkBC,GAAY,UAAUL,CAAG,EAC3CxO,EAAyC,MAAM,KAAK,WAAW,KAAK4O,CAAe,EAEnFE,EAAM,KAAK,MAAM9O,EAAW,QAAQ,EAErCyO,EAAA,IAAI,KAAK,OAAQ,CAAE,GAAGE,EAAgB,GAAGG,EAAI,KAAK,MAAM,EAAG,EAE5DJ,IAAa,SAAWF,EAAI,SAAWE,GAC3CF,EAAI,WAAa,OAAO,YAAYC,EAAK,SAAS,CAAA,CAMtD,MAAa,+BACTrW,EACAoE,EAC+B,CAC/B,MAAMkJ,EAAa,MAAM,KAAK,cAAc,oBAAoB,EAC5D,GAAA,EAACA,GAAA,MAAAA,EAAY,SACP,MAAA,IAAI,MAAM,0BAA0B,EAG9C,MAAMqJ,EAAa,MAAMlF,GAAgBnE,EAAW,UAAWtN,CAAU,EAGzE,aAAM,KAAK,6BAA6B2W,EAAYrJ,EAAW,OAAO,EAC/D,KAAK,iBAAiBlJ,CAAI,CAAA,CAMrC,MAAa,iBAAiBA,EAA8D,OAExF,MAAM+H,EAAyC,MAAM,KAAK,WAAW,cAAc,EAC7E,CAAE,cAAAC,EAAe,cAAAa,CAAA,EAAkBd,EACzC,GAAI,CAACC,GAAiB,CAACa,EAAqB,MAAA,IAAI,MAAM,yCAAyC,EAE/F,MAAM2J,EAAuBlS,GAAa0H,EAAc,SAAA,CAAU,EAE5DkB,EAAa,MAAM,KAAK,cAAc,wBAAwBL,CAAa,EACjF,GAAI,CAACK,EAAY,MAAM,IAAI,MAAM,6BAA6BL,CAAa,sBAAsB,EAEjG,MAAM6B,EAAkB,MAAM,KAAK,mBAAmBxB,EAAYsJ,CAAoB,EAElF,GAAA,CACA,OAAAhX,EAAAwE,GAAA,YAAAA,EAAM,mBAAN,MAAAxE,EAAA,KAAAwE,EAAyB,CACrB,MAAO4I,EAAmB,KAAA,GAGvB,MAAM,KAAK,cAAc,iBAAiBC,EAAe6B,EAAiB1K,CAAI,CAAA,QACvF,CAEE0K,EAAgB,KAAK,CAAA,CACzB,CAMJ,MAAa,wBAA2C,CAC7C,OAAA,MAAM,KAAK,wBAAwB,YAAY,CAAA,CAM1D,MAAa,iBAAiB1K,EAAuC,GAAmB,CAChF,GAAA,CAAE,MAAM,KAAK,oBAAA,GAA0B,CAAE,MAAM,KAAK,uBAC9C,MAAA,IAAI,MAAM,2EAA2E,EAE/F,OAAO,MAAM,KAAK,wBAAwB,MAAMA,GAAQ,CAAA,CAAE,CAAA,CAM9D,MAAa,oBACTyS,EACa,CACb,MAAMC,EAAgBC,GAA8B,UAAUF,CAAO,EACrE,MAAM,KAAK,uBAAuB,oBAAoBC,CAAa,CAAA,CAMvE,MAAa,qBAAiF,CAC1F,MAAMA,EAAgB,MAAM,KAAK,qBAAA,EAAuB,oBAAoB,EACtED,EAAUC,EAAc,QAAQ,EACtC,OAAAA,EAAc,KAAK,EACZD,CAAA,CAMX,MAAa,wBACTG,EACAC,EACAC,EACsB,CACtB,MAAMzV,EAAS,IAAIY,GAAQ,KAAK,OAAQ,yBAAyB,EAC3D8U,EAAc,IAAI,IAAIF,EAAQ,IAAI,CAAC,CAAE,OAAA1Q,KAAaA,CAAM,CAAC,EAK/D,MAAM,KAAK,gBAAgB,uBACvB9E,EACA,MAAM,KAAK0V,CAAW,EAAE,IAAK5Q,GAAW,IAAI3E,EAAuB2E,CAAM,CAAC,CAC9E,EACA,MAAM4H,EAAuB,CACzB,MAAO,CAAC,EACR,UAAW/K,EAAU,oBACzB,EAEA,aAAM,QAAQ,IACV6T,EAAQ,IAAI,MAAO,CAAE,OAAA1Q,EAAQ,SAAAE,KAAe,CAClC,MAAAe,EAA6C,MAAM,KAAK,WAAW,UACrE,IAAI5F,EAAuB2E,CAAM,EACjC,IAAI1B,EAAyB4B,CAAQ,CACzC,EAEA,GAAIe,EAAQ,CACF,MAAA4P,EAAmB,KAAK,MAAM,MAAM5P,EAAO,qBAAqBwP,EAAWE,CAAO,CAAC,EACzF/I,EAAM,MAAM,KAAK,CACb,SAAA1H,EACA,OAAAF,EACA,QAAS6Q,CAAA,CACZ,CAAA,MAED,KAAK,OAAO,KAAK,2CAA2C7Q,CAAM,IAAIE,CAAQ,EAAE,CAEvF,CAAA,CACL,EAEO0H,CAAA,CAMX,MAAa,gBAAgBnF,EAAkE,CACtF,KAAA,OAAO,MAAM,uCAAuC,EAIzD,KAAK,wBAAwB,OAAO,EAG9B,MAAA,KAAK,cAAc,2BAA2B,EAEpD,KAAK,oBAAoB,EAGnB,MAAA,KAAK,qBAAqB,sBAAsB,CAClD,qBAAsB,GACtB,4BAAAA,CAAA,CACH,EAGD,MAAM,KAAK,eAAe,EAErB,KAAA,OAAO,MAAM,wBAAwB,CAAA,CAO9C,MAAc,qBAAqC,CAE/C,MAAM,KAAK,cAAc,MAAM,yBAA0B,IAAI,EAC7D,MAAM,KAAK,cAAc,MAAM,+BAAgC,IAAI,EACnE,MAAM,KAAK,cAAc,MAAM,+BAAgC,IAAI,EACnE,MAAM,KAAK,cAAc,MAAM,qBAAsB,IAAI,EAGzD,MAAMO,EAAe,MAAM,KAAK,cAAc,gBAAgB,EAC1DA,SAAoB,KAAK,cAAc,MAAM,wBAAwBA,CAAY,GAAI,IAAI,EAEvF,MAAA,KAAK,cAAc,gBAAgB,IAAI,CAAA,CAiBjD,MAAc,mBAAmB,CAC7B,OAAA8N,EACA,kBAAAC,MAAwB,IACxB,mBAAAC,EACA,QAAAN,EAAU,IAAIO,EAA4B,EAMhB,CAC1B,MAAMzW,EAAS,MAAMwB,EAAYd,EAAQ,qBAAsB,SACpD,MAAM,KAAK,WAAW,mBACzB4V,EAAS,KAAK,UAAUA,CAAM,EAAI,KAClCJ,EACAK,EACAC,CACJ,CACH,EAGM,OAAA,KAAK,MAAMxW,CAAM,CAAA,CAQ5B,MAAa,2BAA2BsW,EAAqD,CAGzF,MAAMI,EAAY,MAAM,KAAK,mBAAmB,CAAE,OAAAJ,EAAQ,EAG1D,UAAW3Q,KAAW+Q,EACd,GAAA/Q,EAAQ,OAAStD,EAAU,uBAAwB,CACnD,MAAMsU,EAAShR,EAAQ,OACjBiR,EAAgBjR,EAAQ,QAAQ,eAClCiR,GAAiBD,GACZ,KAAA,iCAAiCA,EAAQC,CAAa,CAC/D,CAGD,OAAAF,CAAA,CAQX,MAAa,iBACTH,EACAC,EACa,CACb,MAAMK,EAAsBN,GAAqB,IAAI,IAAoB,OAAO,QAAQA,CAAiB,CAAC,EACpGO,EAAwBN,GAAsB,IAAI,IAAYA,CAAkB,GAElFK,IAAwB,QAAaC,IAA0B,SAC/D,MAAM,KAAK,mBAAmB,CAC1B,kBAAmBD,EACnB,mBAAoBC,CAAA,CACvB,CACL,CAQJ,MAAa,mBAAmBC,EAA0C,SAChE,MAAAb,EAAU,IAAIO,IAChB5X,EAAAkY,EAAY,UAAZ,YAAAlY,EAAqB,IAAK2G,GAAW,IAAI3E,EAAuB2E,CAAM,IACtEqI,EAAAkJ,EAAY,OAAZ,YAAAlJ,EAAkB,IAAKrI,GAAW,IAAI3E,EAAuB2E,CAAM,EACvE,EACA,MAAM,KAAK,mBAAmB,CAAE,QAAA0Q,EAAS,CAAA,CAQ7C,MAAa,cAAc1V,EAAYa,EAAmC,CAChE,MAAAN,EAASM,EAAM,WAAW,EAC1B2V,EAAW,IAAIC,GAEjB,GAAAlW,EAAO,YAAc,uBACZiW,EAAA,UAAY7P,EAAoC,oBACtD,CAEE,KAAA,OAAO,KAAK,QAAQ3G,EAAK,MAAM,kDAAkDO,EAAO,SAAS,EAAE,EACxG,MAAA,CAGA,GAAA,CACAiW,EAAS,wBAA0BjW,EAAO,mBAC1CiW,EAAS,8BAAgCjW,EAAO,qBAC1C,MAAA,KAAK,WAAW,gBAAgB,IAAIsL,EAAuB7L,EAAK,MAAM,EAAGwW,CAAQ,QAClFlW,EAAG,CACR,KAAK,OAAO,KAAK,QAAQN,EAAK,MAAM,+CAA+CM,CAAC,EAAE,EACtF,MAAA,CAKJ,MAAMoW,EAAoB,KAAK,eAAe1W,EAAK,MAAM,EACrD0W,EACAA,EAAkB,cAAcnW,CAAM,EAEtC,KAAK,eAAeP,EAAK,MAAM,EAAI,IAAIJ,GACnC,KAAK,WACL,KAAK,gBACL,KAAK,wBACLI,EACAO,CACJ,CACJ,CASG,gBAAgBoW,EAAsC,CAGzD,KAAK,wBAAwB,0BAA4B,EAAA,MAAOrW,GAAM,CAC7D,KAAA,OAAO,KAAK,sDAAuDA,CAAC,CAAA,CAC5E,CAAA,CAUG,iCAAiC6V,EAAgBC,EAA6B,CAC5E,MAAArS,EAA2D,KAAK,WAAW,uBAC7E,IAAI1D,EAAuB8V,CAAM,EACjCC,CACJ,EAEIrS,EACK,KAAA,KACDtB,EAAY,4BACZ,IAAI0F,EACA,KAAK,WACLpE,EACA,KAAK,yBACL,KAAK,6BAAA,CAEb,EAIA,KAAK,OAAO,KACR,+CAA+CqS,CAAa,+CAChE,CACJ,CAeG,iBAAiBvV,EAAoBL,EAAoBoW,EAA8B,CAC1F,MAAMC,EAAM,KAAK,eAAehW,EAAM,WAAY,EAC7CgW,GAILA,EAAI,iBAAiBrW,CAAM,CAAA,CAW/B,MAAa,kBAAkBd,EAAoD,CAC/E,UAAWzB,KAAOyB,EACd,KAAK,iBAAiBzB,CAAG,EAE7B,KAAK,cAAc,eAAe,CAAA,CAG9B,iBAAiBA,EAAwC,CAC7D,GAAI,KAAK,QAAS,OAClB,KAAK,OAAO,MACR,0BAA0BA,EAAI,SAAS,gBAAgBA,EAAI,UAAU,SAAS,CAAC,OAAOA,EAAI,OAAO,SAAA,CAAU,EAC/G,EACM,MAAA6Y,EAAc,KAAK,eAAe,wBAAwB7Y,EAAI,OAAO,SAAA,EAAYA,EAAI,SAAS,EAChG,GAAA6Y,EAAY,SAAW,EAE3B,MAAK,OAAO,MACR,iCACAA,EAAY,IAAKxW,GAAM,GAAGA,EAAE,MAAA,CAAO,EAAE,CACzC,EAQA,UAAWyW,KAAMD,EACVC,EAAA,kBAAkB,KAAM,CAAE,QAAS,GAAM,EAAE,MAAOC,GAAO,CACxD,KAAK,OAAO,KAAK,iCAAiCD,EAAG,MAAA,CAAO,sBAAsB,CAAA,CACrF,EACL,CAWJ,MAAa,mBAAmBE,EAAgE,CAC5F,UAAWlJ,KAAWkJ,EAAU,CACvB,KAAA,OAAO,MAAM,oCAAoClJ,EAAQ,SAAS,OAAOA,EAAQ,OAAO,SAAS,CAAC,EAAE,EACnG,MAAA+I,EAAc,KAAK,eAAe,wBACpC/I,EAAQ,OAAO,SAAS,EACxBA,EAAQ,SACZ,EACI,GAAA+I,EAAY,SAAW,EAAG,OAG9B,KAAK,OAAO,MACR,iCACAA,EAAY,IAAKxW,GAAM,GAAGA,EAAE,MAAA,CAAO,EAAE,CACzC,EAEA,UAAWyW,KAAMD,EACVC,EAAA,kBAAkB,KAAM,CAAE,QAAS,GAAM,EAAE,MAAOC,GAAO,CAAA,CAE3D,CACL,CACJ,CAWJ,MAAa,sBAAsBhS,EAA+C,CAC9E,MAAMkS,EAAkB,MAAM,KAAK,0BAA0BlS,EAAO,UAAU,EAC9E,KAAK,KAAKvC,EAAY,uBAAwBuC,EAAO,WAAYkS,CAAe,EAI5ElS,EAAO,aAAe,KAAK,SAC3B,KAAK,KAAKvC,EAAY,YAAa,CAAA,CAAE,EACrC,MAAM,KAAK,wBAAwB,EACvC,CAaJ,MAAa,iBAAiB+O,EAAkC,CAC5D,KAAK,KAAK/O,EAAY,kBAAmB+O,EAAS,EAAK,EACvD,KAAK,KAAK/O,EAAY,eAAgB+O,EAAS,EAAK,CAAA,CAexD,MAAc,qBAAqB2F,EAAcjY,EAAiC,CAE9E,OADA,KAAK,OAAO,MAAM,oCAAoCiY,CAAI,EAAE,EACxDA,IAAS,qBACF,MAAM,KAAK,cAAc,2BAA2BjY,CAAK,EAM7D,EAAA,CAUX,MAAa,aAAaiY,EAA6B,CACnD,MAAMC,EAA6B,MAAM,KAAK,WAAW,oBAAoBD,CAAI,EACjF,UAAWjY,KAASkY,EAChB,GAAI,MAAM,KAAK,qBAAqBD,EAAMjY,CAAK,EAG3C,MAKF,MAAA,KAAK,WAAW,uBAAuBiY,CAAI,CAAA,CASrD,MAAa,oBAAoBtW,EAAmC,CAG5D,GAAAA,EAAM,WAAeA,EAAM,cAAc,eAAgB,OAEvD,MAAAwW,EAAe,MAAOC,GAAoC,CAExD/M,GAAoB1J,CAAK,GACnB,MAAA,KAAK,uBAAuByW,CAAG,CAE7C,EAGA,GAAIzW,EAAM,oBAAA,GAAyBA,EAAM,cAAe,CAK9C,MAAA0W,EAAY,WAAW,IAAM1W,EAAM,IAAI2W,GAAiB,UAAWC,CAAW,EAAG,GAAa,EAE9FA,EAAc,CAACC,EAA6B/U,IAAwB,CAClEA,IAEJ,aAAa4U,CAAS,EAChB1W,EAAA,IAAI2W,GAAiB,UAAWC,CAAW,EACjDJ,EAAaK,CAAc,EAC/B,EAEM7W,EAAA,GAAG2W,GAAiB,UAAWC,CAAW,CAAA,MAEhD,MAAMJ,EAAaxW,CAAK,CAC5B,CAQJ,MAAc,uBAAuBA,EAAmC,CAC9D,MAAA+K,EAAS/K,EAAM,UAAU,EAE/B,GAAI,CAAC+K,EACK,MAAA,IAAI,MAAM,6BAA6B,EAGjD,KAAK,OAAO,MACR,+BAA+B/K,EAAM,MAAA,CAAO,SAASA,EAAM,SAAS,SAASA,EAAM,UAAA,CAAW,EAClG,EAEA,MAAM,KAAK,WAAW,yBAClB,KAAK,UAAU,CACX,SAAUA,EAAM,MAAM,EACtB,KAAMA,EAAM,QAAQ,EACpB,OAAQA,EAAM,UAAU,EACxB,UAAWA,EAAM,YAAY,EAC7B,QAASA,EAAM,WAAW,EAC1B,iBAAkBA,EAAM,MAAM,CAAA,CACjC,EACD,IAAIgL,EAAuBD,CAAM,CACrC,EAGI/K,EAAM,YAAcgB,EAAU,aAC9BhB,EAAM,aAAa,UAAY2J,GAAQ,wBAEvC,KAAK,iCAAiC3J,EAAM,UAAA,EAAcA,EAAM,OAAQ,EAI5E,KAAK,wBAAwB,0BAA4B,EAAA,MAAOP,GAAM,CAC7D,KAAA,OAAO,KAAK,+DAAgEA,CAAC,CAAA,CACrF,CAAA,CASL,MAAa,gBAAuE,CACzE,OAAA,MAAM,KAAK,WAAW,YAAY,IAAID,EAAuB,KAAK,MAAM,CAAC,CAAA,CAExF,CAEA,MAAMmQ,EAAe,CAUV,YACctQ,EACAL,EACA8X,EACnB,CAHmBzX,KAAAA,OAAAA,EACA,KAAA,WAAAL,EACA,KAAA,2BAAA8X,EAPrB,KAAQ,iBAAmB,IAAIC,GAC3B,IAAM,IAAIA,GAAyC,IAAM,IAAI,GAAK,CACtE,CAAA,CAQA,MAAa,uBACT/W,EACAoQ,EAC+B,CAK/B,KAAK,sBAAsBpQ,CAAK,EAE5B,IAAAgX,EAEJ,OAAQ5G,EAAc,KAAM,CACxB,KAAK3P,GAAwB,wBACzBuW,EAAmBC,GAAiC,UACpD,MACJ,KAAKxW,GAAwB,+BACzBuW,EAAmBC,GAAiC,oBACpD,KAAA,CAGJ,GAAA,CACM,MAAAvO,EAAO,MAAM,KAAK,WAAW,iBAC/BwO,GAAelX,CAAK,EACpB,IAAIgL,EAAuBhL,EAAM,WAAY,EAC7C,IAAImX,GAAmCH,CAAgB,CAC3D,EAIA,YAAK,2BAA2BhX,CAAK,EAE9B,CACH,WAAY,KAAK,MAAM0I,EAAI,KAAK,EAChC,kBAAmBA,EAAI,wBACvB,oBAAqBA,EAAI,oBACzB,6BAA8BA,EAAI,4BACtC,QACK3G,EAAK,CACN,GAAAA,aAAeqV,GACf,KAAK,wBAAwBpX,EAAO+B,EAAK,MAAM,KAAK,2BAA2B,qBAAqB,MAEpG,OAAM,IAAIsV,EAAgBC,EAAsB,cAAe,eAAe,CAClF,CACJ,CAaI,wBACJtX,EACA+B,EACAwV,EACK,CACC,MAAAC,EAAUxX,EAAM,eAAe,EAC/ByX,EAAe,CAAE,WAAYD,EAAQ,WAAY,WAAYA,EAAQ,UAAW,EAIlF,GAAAzV,EAAI,OAAS2V,EAAoC,gBACjD3V,EAAI,OAAS2V,EAAoC,oBACnD,CACE,KAAK,2BAA2B,4BAA4B1X,EAAM,UAAU,EAAIwX,EAAQ,UAAW,EAI7F,MAAAG,EAAa3X,EAAM,qBAAqB,EAC9C,GAAI2X,GAAcA,IAAe/X,GAAgB,MAAQ+X,IAAe/X,GAAgB,OACpF,MAAM,IAAIyX,EACNC,EAAsB,mCACtB,+DACAG,CACJ,EAIJ,GAAIzX,EAAM,MAAA,GAAW,KAAK,WAAW,qBACjC,MAAIuX,IAAqB,KACf,IAAIF,EACNC,EAAsB,iCACtB,gGACAG,CACJ,EACQ,KAAK,2BAA2B,gCAOlC,IAAIJ,EACNC,EAAsB,kCACtB,qHACAG,CACJ,EAVM,IAAIJ,EACNC,EAAsB,uCACtB,qFACAG,CACJ,CAQR,CAIJ,GAAI1V,EAAI,eAAgB,CAGpB,MAAM6V,EACF7V,EAAI,iBAAmB,4DACjBuV,EAAsB,0CACtBA,EAAsB,oBAChC,MAAM,IAAID,EAAgBO,EAAa7V,EAAI,eAAgB0V,CAAY,CAAA,CAG3E,OAAQ1V,EAAI,KAAM,CACd,KAAK2V,EAAoC,eACrC,MAAM,IAAIL,EACNC,EAAsB,kCACtB,iEACAG,CACJ,EAEJ,KAAKC,EAAoC,oBACrC,MAAM,IAAIL,EACNC,EAAsB,0BACtB,+EACAG,CACJ,EAEJ,KAAKC,EAAoC,oCAIrC,WAAK,2BAA2B1X,CAAK,EAC/B,IAAIqX,EACNC,EAAsB,oCACtB,iEACJ,EAEJ,KAAKI,EAAoC,oBAIrC,WAAK,2BAA2B1X,CAAK,EAC/B,IAAIqX,EACNC,EAAsB,sBACtB,iCACJ,EAEJ,KAAKI,EAAoC,qBAIrC,WAAK,2BAA2B1X,CAAK,EAC/B,IAAIqX,EACNC,EAAsB,uBACtB,0CACJ,EAIJ,QACI,MAAM,IAAID,EAAgBC,EAAsB,cAAevV,EAAI,YAAa0V,CAAY,CAAA,CACpG,CAGJ,MAAa,0BAA0BzX,EAAyD,CAC5F,GAAI,CAACA,EAAM,gBAAqB,GAAAA,EAAM,sBAE3B,OAAA,KAIP,GAAAA,EAAM,SAAW,KACjB,MAAO,CAAE,aAAc6X,EAAkB,KAAM,aAAc,IAAK,EAGhE,MAAAC,EAAiB,MAAM,KAAK,WAAW,2BACzCZ,GAAelX,CAAK,EACpB,IAAIgL,EAAuBhL,EAAM,UAAY,CAAA,CACjD,EAEO,OAAA+X,GAAqC,KAAK,OAAQD,CAAc,CAAA,CAQpE,wBAAwB/M,EAAgBuC,EAAkC,CAC7E,MAAM0K,EAAoB,KAAK,iBAAiB,IAAIjN,CAAM,EACtD,GAAA,CAACiN,EAAmB,MAAO,CAAC,EAE1B,MAAAC,EAAuBD,EAAkB,IAAI1K,CAAS,EACxD,OAAC2K,EAEE,CAAC,GAAGA,CAAoB,EAFG,CAAC,CAEJ,CAM3B,sBAAsBjY,EAA0B,CAC9C,MAAA+K,EAAS/K,EAAM,UAAU,EAE/B,GAAI,CAAC+K,EAAQ,OAEa,KAAK,iBAAiB,YAAYA,CAAM,EACnB,YAAY/K,EAAM,iBAAiB,UAAU,EACvE,IAAIA,CAAK,CAAA,CAM1B,2BAA2BA,EAA0B,CACnD,MAAA+K,EAAS/K,EAAM,UAAU,EAC/B,GAAI,CAAC+K,EAAQ,OAEb,MAAMiN,EAAoB,KAAK,iBAAiB,YAAYjN,CAAM,EAClE,GAAI,CAACiN,EAAmB,OAExB,MAAMC,EAAuBD,EAAkB,IAAIhY,EAAM,iBAAiB,UAAU,EAC/EiY,IAELA,EAAqB,OAAOjY,CAAK,EAG7BiY,EAAqB,OAAS,IAC9BD,EAAkB,OAAOhY,EAAM,eAAe,EAAE,UAAU,EACtDgY,EAAkB,OAAS,GACtB,KAAA,iBAAiB,OAAOjN,CAAM,GAE3C,CAER,CAEA,SAASmM,GAAelX,EAA4B,CAChD,OAAO,KAAK,UAAU,CAClB,SAAUA,EAAM,MAAM,EACtB,KAAMA,EAAM,YAAY,EACxB,OAAQA,EAAM,UAAU,EACxB,UAAWA,EAAM,YAAY,EAC7B,QAASA,EAAM,eAAe,EAC9B,iBAAkBA,EAAM,MAAM,CAAA,CACjC,CACL,CAEA,SAAS+X,GACL1Y,EACAyY,EAC0B,CAC1B,GAAIA,IAAmB,OAEZ,OAAA,KAIL,MAAAI,EAAcJ,EAAe,YAAY,EAAK,EAEhD,IAAAK,EACJ,OAAQD,EAAY,MAAO,CACvB,KAAKE,GAA4B,KAC7BD,EAAeN,EAAkB,KACjC,MACJ,KAAKO,GAA4B,KAC7BD,EAAeN,EAAkB,KACjC,MACJ,QACIM,EAAeN,EAAkB,GAAA,CAGrC,IAAAQ,EACJ,OAAQH,EAAY,KAAM,CACtB,KAAK,OACL,KAAK,KACcG,EAAA,KACf,MACJ,KAAKC,EAAgC,0BACjCD,EAAeE,EAAkB,4BACjC,MACJ,KAAKD,EAAgC,cACjCD,EAAeE,EAAkB,eACjC,MACJ,KAAKD,EAAgC,eACjCD,EAAeE,EAAkB,gBACjC,MACJ,KAAKD,EAAgC,mBACjCD,EAAeE,EAAkB,oBACjC,MACJ,KAAKD,EAAgC,YACjCD,EAAeE,EAAkB,cACjC,MACJ,KAAKD,EAAgC,sBACjCD,EAAeE,EAAkB,uBACjC,KAAA,CAGD,MAAA,CAAE,aAAAJ,EAAc,aAAAE,CAAa,CACxC,CC7qEA,eAAsBG,GAAwBC,EA+B5B,OACR,KAAA,CAAE,OAAApZ,EAAQ,YAAAqZ,CAAA,EAAgBD,EAQhC,GALA,MAAME,GAA0B,EAGhC,IAAIC,GAAwBC,GAA4B,KAAK,EAAE,OAAO,EAElE,CAAE,MAAMH,EAAY,eAEpB,OAGJ,MAAMA,EAAY,QAAQ,EAE1B,IAAII,EAA+B,KAMnC,GALM,MAAAJ,EAAY,MAAM,WAAY,CAACK,EAAqB,aAAa,EAAIC,GAAQ,CACnEN,EAAA,WAAWM,EAAMC,GAAe,CACxBH,EAAAG,CAAA,CACnB,CAAA,CACJ,EACG,CAACH,EAAe,CAEhBzZ,EAAO,MAAM,sEAAsE,EACnF,MAAA,CAGA,IAAA6Z,EAAiB,MAAMR,EAAY,kBAAkB,EAErD,GAAAQ,GAAkBC,EAAe,yBAEjC,OAGJ,MAAMC,EAAe,MAAMC,GAAiBha,EAAQqZ,CAAW,EACzDY,EAAkB,MAAMC,GAAoBla,EAAQqZ,CAAW,EAC/Dc,EAAa,EAAIJ,EAAeE,EAC/Bja,EAAA,KACH,4CAA4C+Z,CAAY,qBAAqBE,CAAe,8BAChG,EAEA,IAAIG,EAAY,EAChB,SAASC,EAAWC,EAAqB,OACxBF,GAAAE,GACRnc,EAAAib,EAAA,kCAAA,MAAAjb,EAAA,KAAAib,EAAkCgB,EAAWD,EAAU,CAEhEE,EAAW,CAAC,EAEZ,MAAME,EAAY,IAAI,YAAA,EAAc,OAAOnB,EAAK,eAAe,EAE3DS,IAAmBC,EAAe,cAClC9Z,EAAO,KAAK,4DAA4D,EAClE,MAAAwa,GAAgBpB,EAAK,KAAMA,EAAK,OAAQA,EAAK,SAAUC,EAAakB,EAAWnB,EAAK,YAAapZ,CAAM,EAE7G6Z,EAAiBC,EAAe,sBAC1B,MAAAT,EAAY,kBAAkBQ,CAAc,GAEtDQ,EAAW,CAAC,EAERR,IAAmBC,EAAe,wBAC3B9Z,EAAA,KACH,kEAAkE+Z,CAAY,wBAClF,EACA,MAAMU,GAAmBza,EAAQqZ,EAAakB,EAAWnB,EAAK,YAAaiB,CAAU,EAErFR,EAAiBC,EAAe,sBAC1B,MAAAT,EAAY,kBAAkBQ,CAAc,GAGlDA,IAAmBC,EAAe,wBAC3B9Z,EAAA,KACH,qEAAqEia,CAAe,wBACxF,EACA,MAAMS,GAAsB1a,EAAQqZ,EAAakB,EAAWnB,EAAK,YAAaiB,CAAU,EAExFR,EAAiBC,EAAe,yBAC1B,MAAAT,EAAY,kBAAkBQ,CAAc,IAIjD1b,EAAAib,EAAA,kCAAA,MAAAjb,EAAA,KAAAib,EAAkC,GAAI,IAC3CpZ,EAAO,KAAK,6CAA6C,CAC7D,CAEA,eAAewa,GACXpY,EACA0C,EACAE,EACAqU,EACAkB,EACAI,EACA3a,EACa,OACP,MAAA4a,EAAgB,IAAIC,GAC1BD,EAAc,OAAS,IAAIza,EAAuB2E,CAAM,EACxD8V,EAAc,SAAW,IAAIxX,EAAyB4B,CAAQ,EAE9D,MAAMqU,EAAY,MAAM,WAAY,CAACK,EAAqB,aAAa,EAAIC,GACvEN,EAAY,WAAWM,EAAMmB,GAAM,CAC/BF,EAAc,eAAiBE,GAAK,EACvC,CAAA,CACL,EAEA,MAAMxH,EAAc,MAAMyH,EAA6B1B,EAAakB,EAAW,oBAAoB,EAKnG,GAAIjH,EAAa,CACb,IAAI0H,EAAiB,GACjBnP,EAAmC,KACvC,KAAO,CAACmP,GACA,GAAA,CACanP,EAAA,MAAMe,GAAwBxK,CAAI,EAC9B4Y,EAAA,SACZ5a,EAAG,CACDJ,EAAA,KAAK,uEAAwEI,CAAC,EAErF,MAAMuF,EAAM,GAAI,CAAA,CAGpB,GAAAkG,GAAcA,EAAW,WAAa,yCAGlC,GAAA,CACA,MAAMlB,EAAgBM,EAAoC,WAAWqI,CAAW,EAC1E2H,GAAa9c,EAAA0N,EAAW,YAAX,YAAA1N,EAA6C,WAChDwM,EAAc,kBAAkB,iBAAmBsQ,GAE/DL,EAAc,cAAgB/O,EAAW,QACzC+O,EAAc,kBAAoBtH,GAE3BtT,EAAA,MACH,qEACA,mBAAmB2K,EAAc,kBAAkB,eAAe,GAClE,mBAAmBsQ,CAAS,EAChC,QAEC7a,EAAG,CACDJ,EAAA,KAAK,iFAAkFI,CAAC,CAAA,CAEvG,CAGJwa,EAAc,6BAA+B,MAAMG,EAA6B1B,EAAakB,EAAW,QAAQ,EAChHK,EAAc,kCAAoC,MAAMG,EACpD1B,EACAkB,EACA,cACJ,EACAK,EAAc,kCAAoC,MAAMG,EACpD1B,EACAkB,EACA,cACJ,EACA,MAAMW,GAA0B,gBAAgBN,EAAeL,EAAWI,CAAW,CACzF,CAEA,eAAeX,GAAiBha,EAAgBqZ,EAA2C,CACvFrZ,EAAO,MAAM,sCAAsC,EAC/C,IAAAmb,EACJ,aAAM9B,EAAY,MAAM,WAAY,CAACK,EAAqB,cAAc,EAAIC,GACxEN,EAAY,sBAAsBM,EAAMyB,GAAOD,EAAYC,CAAE,CACjE,EACOD,CACX,CAEA,eAAejB,GAAoBla,EAAgBqZ,EAA2C,CAC1F,OAAArZ,EAAO,MAAM,yCAAyC,EAC/C,MAAMqZ,EAAY,kCAAkC,CAC/D,CAEA,eAAeoB,GACXza,EACAqZ,EACAkB,EACAI,EACAU,EACa,CAEb,OAAa,CACH,MAAA3O,EAAQ,MAAM2M,EAAY,yBAAyB,EACzD,GAAI3M,IAAU,KAAM,OAEpB1M,EAAO,MAAM,sBAAsB0M,EAAM,MAAM,eAAe,EAC9D,MAAMkO,EAAkD,CAAC,EACzD,UAAW/M,KAAWnB,EAAO,CACnB,MAAA4O,EAAiB,IAAIC,GAC3BD,EAAe,UAAYzN,EAAQ,UACnCyN,EAAe,OAASzN,EAAQ,QAChCyN,EAAe,YAAcA,EAAe,aAAe,IAAI,KAAKzN,EAAQ,qBAAsB,EAClG+M,EAAc,KAAKU,CAAc,CAAA,CAGrC,MAAMJ,GAA0B,mBAAmBN,EAAeL,EAAWI,CAAW,EAClF,MAAAtB,EAAY,4BAA4B3M,CAAK,EACnD2O,EAAY3O,EAAM,MAAM,CAAA,CAEhC,CAEA,eAAegO,GACX1a,EACAqZ,EACAkB,EACAI,EACAU,EACa,OAEb,OAAa,CACH,MAAA3O,EAAQ,MAAM2M,EAAY,qCAAqC,EACrE,GAAI3M,IAAU,KAAM,OAEpB1M,EAAO,MAAM,sBAAsB0M,EAAM,MAAM,kBAAkB,EACjE,MAAMkO,EAA8D,CAAC,EACrE,UAAW/M,KAAWnB,EAAO,CACzB,MAAM0B,EAAcP,EAAQ,YAEtByN,EAAiB,IAAIE,GAC3BF,EAAe,OAASlN,EAAY,QACpCkN,EAAe,OAAS,IAAI3P,EAAuByC,EAAY,OAAO,EACtEkN,EAAe,UAAYzN,EAAQ,UACpByN,EAAA,kBAAmBnd,EAAAiQ,EAAY,cAAZ,YAAAjQ,EAA0B,QAC7Cmd,EAAA,SAAW,CAACzN,EAAQ,YAyCpByN,EAAA,SAAWlN,EAAY,YAAc,GAEpDwM,EAAc,KAAKU,CAAc,CAAA,CAGrC,MAAMJ,GAA0B,sBAAsBN,EAAeL,EAAWI,CAAW,EACrF,MAAAtB,EAAY,wCAAwC3M,CAAK,EAC/D2O,EAAY3O,EAAM,MAAM,CAAA,CAEhC,CAOA,eAAsB+O,GAAoC,CACtD,OAAAzb,EACA,YAAAqZ,EACA,WAAA1Z,CACJ,EASkB,CAQV,GAPA,CAAE,MAAM0Z,EAAY,gBAKD,MAAMA,EAAY,kBAAkB,GAErCS,EAAe,uBAEjC,OAGJ,IAAI4B,EAA8C,CAAC,EAE7C,MAAArC,EAAY,MAAM,YAAa,CAACK,EAAqB,WAAW,EAAIC,GAAQ,CAClEN,EAAA,iBAAiBM,EAAMra,GAAW,CAClCoc,EAAApc,CAAA,CACX,CAAA,CACJ,EAEDU,EAAO,MAAM,aAAa,OAAO,KAAK0b,CAAK,EAAE,MAAM,wBAAwB,EAC3E,SAAW,CAAChQ,EAAQiQ,CAAc,IAAK,OAAO,QAAQD,CAAK,EACnD,GAAA,CACM,MAAAE,EAAe,IAAIrF,GAErB,GAAAoF,EAAe,YAAc,uBAAwB,CACrD3b,EAAO,KAAK,QAAQ0L,CAAM,0CAA0CiQ,EAAe,SAAS,EAAE,EAC9F,QAAA,CAESC,EAAA,UAAYnV,EAAoC,gBAC7DmV,EAAa,wBAA0BD,EAAe,mBACtDC,EAAa,8BAAgCD,EAAe,qBAC5D,MAAMhc,EAAW,gBAAgB,IAAIgM,EAAuBD,CAAM,EAAGkQ,CAAY,QAM5Exb,EAAG,CACDJ,EAAA,KAAK,QAAQ0L,CAAM,uBAAuB,KAAK,UAAUiQ,CAAc,CAAC,uBAAuBvb,CAAC,EAAE,CAAA,CAIjHJ,EAAO,MAAM,mCAAmC,EAC1C,MAAAqZ,EAAY,kBAAkBS,EAAe,sBAAsB,CAC7E,CAEA,eAAeiB,EACX1B,EACAwC,EACA5E,EAC2B,CAC3B,MAAMlZ,EAAM,MAAM,IAAI,QAAc+d,GAAY,CAC5CzC,EAAY,MAAM,WAAY,CAACK,EAAqB,aAAa,EAAIC,GAAQ,CAC7DN,EAAA,yBAAyBM,EAAKmC,EAAS7E,CAAoC,CAAA,CAC1F,CAAA,CACJ,EAED,OAAIlZ,GAAOA,EAAI,YAAcA,EAAI,IAAMA,EAAI,IAChC,MAAMge,GAA4Bhe,EAAyC8d,EAAiB5E,CAAI,EAChGlZ,aAAe,WAEf6S,GAAa7S,CAAG,EAEhB,MAEf,CAqBA,eAAsBie,GAAgC5C,EAOpC,CACd,KAAM,CAAE,kBAAA6C,EAAmB,WAAAC,EAAY,OAAAlc,CAAW,EAAAoZ,EAE5C+C,EAAkB,MAAMD,EAAW,eAAe,EAKpD,GAJA,CAACC,GAIDA,EAAgB,aAEhB,OAGE,MAAAC,EAA0B,MAAMC,GAAsCJ,CAAiB,EAC7F,GAAI,CAACG,EAED,OAGJ,MAAME,EAA+B,KAAK,MAAMH,EAAgB,SAAS,EACrE,GAAA,CAACG,EAAQ,MAAQ,OAAO,KAAKA,EAAQ,IAAI,EAAE,SAAW,EAAG,CAEzDtc,EAAO,MAAM,uEAAuE,EACpF,MAAA,CAEJ,MAAMuc,EAAc,OAAO,OAAOD,EAAQ,IAAI,EAAE,CAAC,EAE7CC,GAAeA,GAAeH,IACvBpc,EAAA,KAAK,iDAAiDoc,CAAuB,uBAAuB,EAE3G,MAAMD,EAAiB,OAAO,EAiBtC,CASA,eAAeE,GAAsChD,EAAkD,CACnG,IAAImD,EAAkC,KACtC,aAAMnD,EAAY,MAAM,WAAY,UAAYM,GAAQ,CACxCN,EAAA,oBAAoBM,EAAMna,GAAS,CAE3C,MAAMid,EAAMjd,GAAA,YAAAA,EAAM,OACdid,GAAO,OAAO,KAAKA,EAAI,IAAI,EAAE,QAAU,IAEvCD,EAAmB,OAAO,OAAOC,EAAI,IAAI,EAAE,CAAC,EAChD,CACH,CAAA,CACJ,EAEMD,CACX,CCjfA,eAAsBE,GAAetD,EAwDb,CACd,KAAA,CAAE,OAAApZ,GAAWoZ,EAGnBpZ,EAAO,MAAM,4CAA4C,EACzD,MAAMsZ,GAA0B,EAGhC,IAAIC,GAAwBC,GAA4B,KAAK,EAAE,OAAO,EAEtExZ,EAAO,MAAM,0BAA0B,EACnC,IAAA2a,EACAvB,EAAK,YACDA,EAAK,SACLuB,EAAc,MAAMgC,GAAY,YAAYvD,EAAK,YAAaA,EAAK,QAAQ,EAE3EuB,EAAc,MAAMgC,GAAY,KAAKvD,EAAK,YAAaA,EAAK,eAAe,EAGjEuB,EAAA,MAAMgC,GAAY,KAAK,EAGrCvD,EAAK,mBAEL,MAAMD,GAAwB,CAC1B,YAAaC,EAAK,kBAClB,YAAAuB,EACA,GAAGvB,CAAA,CACN,EAGL,MAAM8C,EAAa,MAAMU,GACrB5c,EACAoZ,EAAK,KACLA,EAAK,OACLA,EAAK,SACLA,EAAK,cACLA,EAAK,gBACLuB,EACAvB,EAAK,iBACT,EAEA,OAAAuB,EAAY,KAAK,EAEjB3a,EAAO,MAAM,iCAAiC,EACvCkc,CACX,CAEA,eAAeU,GACX5c,EACAoC,EACA0C,EACAE,EACA1C,EACA8N,EACAuK,EACAsB,EACmB,CACnBjc,EAAO,MAAM,iBAAiB,EAExB,MAAAL,EAAa,MAAMkd,GAA2B,cAChD,IAAI1c,EAAuB2E,CAAM,EACjC,IAAI1B,EAAyB4B,CAAQ,EACrC2V,CACJ,EAGIsB,GACA,MAAMR,GAAoC,CACtC,OAAAzb,EACA,YAAaic,EACb,WAAAtc,CAAA,CACH,EAILA,EAAW,uBAAyB,GAE9B,MAAAuc,EAAa,IAAIhM,GAAWlQ,EAAQL,EAAYyC,EAAM0C,EAAQE,EAAU1C,EAAe8N,CAAe,EAmC5G,GAjCA,MAAMzQ,EAAW,+BAAgC8O,GAC7CyN,EAAW,kBAAkBzN,CAAQ,CACzC,EACA,MAAM9O,EAAW,iCAAkCoX,GAC/CmF,EAAW,mBAAmBnF,CAAQ,CAC1C,EACA,MAAMpX,EAAW,oCAAqCmF,GAClDoX,EAAW,sBAAsBpX,CAAM,CAC3C,EACA,MAAMnF,EAAW,+BAAgC2R,GAAsB4K,EAAW,iBAAiB5K,CAAO,CAAC,EAI3G4K,EAAW,aAAa,oBAAoB,EAG5C,MAAMvc,EAAW,8BAA8B,CAACsX,EAAc6F,IAG1DZ,EAAW,aAAajF,CAAI,CAChC,EAWA,MAAMtX,EAAW,iBAAiB,EAE9Bsc,GAAsB,MAAMA,EAAkB,gBACvB,MAAMA,EAAkB,kBAAkB,EAC5CnC,EAAe,2BAA4B,CAC5D9Z,EAAO,MAAM,8CAA8C,EAI3D,IAAI+c,EAAsB,GAC1B,KAAO,CAACA,GACA,GAAA,CACM,MAAAb,EAAW,wBAAwBpX,CAAM,EACzBiY,EAAA,SACjB3c,EAAG,CAEDJ,EAAA,MAAM,mEAAoEI,CAAC,CAAA,CAS1F,MAAM4b,GAAgC,CAAE,kBAAAC,EAAmB,WAAAC,EAAY,OAAAlc,EAAQ,EAEzE,MAAAic,EAAkB,kBAAkBnC,EAAe,0BAA0B,CAAA,CAIpF,OAAAoC,CACX","x_google_ignoreList":[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19]}