@icure/api 6.0.4 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccAuthApi.js +1 -1
- package/icc-api/api/IccAuthApi.js.map +1 -1
- package/icc-api/model/ModelHelper.js +34 -10
- package/icc-api/model/ModelHelper.js.map +1 -1
- package/icc-api/model/models.d.ts +2 -2
- package/icc-x-api/auth/JwtAuthService.js +1 -1
- package/icc-x-api/auth/JwtAuthService.js.map +1 -1
- package/icc-x-api/crypto/AES.js +3 -3
- package/icc-x-api/crypto/AES.js.map +1 -1
- package/icc-x-api/filters/HealthcarePartyByNameFilter.d.ts +19 -0
- package/icc-x-api/filters/HealthcarePartyByNameFilter.js +25 -0
- package/icc-x-api/filters/HealthcarePartyByNameFilter.js.map +1 -0
- package/icc-x-api/filters/filters.d.ts +2 -1
- package/icc-x-api/filters/filters.js +1 -0
- package/icc-x-api/filters/filters.js.map +1 -1
- package/icc-x-api/icc-bekmehr-x-api.d.ts +1 -1
- package/icc-x-api/icc-crypto-x-api.d.ts +14 -1
- package/icc-x-api/icc-crypto-x-api.js +46 -33
- package/icc-x-api/icc-crypto-x-api.js.map +1 -1
- package/icc-x-api/index.d.ts +3 -1
- package/icc-x-api/index.js +4 -0
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/utils/asn1-packer.d.ts +1 -1
- package/icc-x-api/utils/asn1-parser.d.ts +1 -1
- package/icc-x-api/utils/formatting-util.js +1 -1
- package/icc-x-api/utils/formatting-util.js.map +1 -1
- package/icc-x-api/utils/insurability-util.js +2 -1
- package/icc-x-api/utils/insurability-util.js.map +1 -1
- package/icc-x-api/utils/net-utils.d.ts +2 -2
- package/package.json +1 -1
|
@@ -18,31 +18,6 @@ const models_1 = require("../icc-api/model/models");
|
|
|
18
18
|
const binary_utils_1 = require("./utils/binary-utils");
|
|
19
19
|
const utils_1 = require("./utils");
|
|
20
20
|
class IccCryptoXApi {
|
|
21
|
-
constructor(host, headers, hcpartyBaseApi, //Init with a hcparty x api for better performances
|
|
22
|
-
patientBaseApi, deviceBaseApi, crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : {}, storage, keyStorage) {
|
|
23
|
-
this.hcPartyKeysCache = {};
|
|
24
|
-
//[delegateId][delegatorId] = delegateEncryptedHcPartyKey
|
|
25
|
-
//for each delegate, it stores the list of delegators and the corresponding delegateEncryptedHcPartyKey (shared HcPartyKey, from delegator to delegate, encrypted with the RSA key of the delegate)
|
|
26
|
-
this.hcPartyKeysRequestsCache = {};
|
|
27
|
-
this.cacheLastDeletionTimestamp = undefined;
|
|
28
|
-
this.dataOwnerCache = {};
|
|
29
|
-
this.keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.';
|
|
30
|
-
this.keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.';
|
|
31
|
-
this.hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt';
|
|
32
|
-
this.hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate';
|
|
33
|
-
this.rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.';
|
|
34
|
-
this.rsaKeyPairs = {};
|
|
35
|
-
this.hcpartyBaseApi = hcpartyBaseApi;
|
|
36
|
-
this.patientBaseApi = patientBaseApi;
|
|
37
|
-
this.deviceBaseApi = deviceBaseApi;
|
|
38
|
-
this._crypto = crypto;
|
|
39
|
-
this.generateKeyConcurrencyMap = {};
|
|
40
|
-
this._AES = new AES_1.AESUtils(crypto);
|
|
41
|
-
this._RSA = new RSA_1.RSAUtils(crypto);
|
|
42
|
-
this._shamir = new shamir_1.ShamirClass(crypto);
|
|
43
|
-
this._storage = storage;
|
|
44
|
-
this._keyStorage = keyStorage;
|
|
45
|
-
}
|
|
46
21
|
get crypto() {
|
|
47
22
|
return this._crypto;
|
|
48
23
|
}
|
|
@@ -83,6 +58,31 @@ class IccCryptoXApi {
|
|
|
83
58
|
this.deviceBaseApi.getDeviceAesExchangeKeysForDelegate(delegateHcPartyId).catch(() => { }),
|
|
84
59
|
]).then(([a, b, c]) => (Object.assign(Object.assign(Object.assign({}, a), b), c)));
|
|
85
60
|
}
|
|
61
|
+
constructor(host, headers, hcpartyBaseApi, //Init with a hcparty x api for better performances
|
|
62
|
+
patientBaseApi, deviceBaseApi, crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : {}, storage, keyStorage) {
|
|
63
|
+
this.hcPartyKeysCache = {};
|
|
64
|
+
//[delegateId][delegatorId] = delegateEncryptedHcPartyKey
|
|
65
|
+
//for each delegate, it stores the list of delegators and the corresponding delegateEncryptedHcPartyKey (shared HcPartyKey, from delegator to delegate, encrypted with the RSA key of the delegate)
|
|
66
|
+
this.hcPartyKeysRequestsCache = {};
|
|
67
|
+
this.cacheLastDeletionTimestamp = undefined;
|
|
68
|
+
this.dataOwnerCache = {};
|
|
69
|
+
this.keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.';
|
|
70
|
+
this.keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.';
|
|
71
|
+
this.hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt';
|
|
72
|
+
this.hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate';
|
|
73
|
+
this.rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.';
|
|
74
|
+
this.rsaKeyPairs = {};
|
|
75
|
+
this.hcpartyBaseApi = hcpartyBaseApi;
|
|
76
|
+
this.patientBaseApi = patientBaseApi;
|
|
77
|
+
this.deviceBaseApi = deviceBaseApi;
|
|
78
|
+
this._crypto = crypto;
|
|
79
|
+
this.generateKeyConcurrencyMap = {};
|
|
80
|
+
this._AES = new AES_1.AESUtils(crypto);
|
|
81
|
+
this._RSA = new RSA_1.RSAUtils(crypto);
|
|
82
|
+
this._shamir = new shamir_1.ShamirClass(crypto);
|
|
83
|
+
this._storage = storage;
|
|
84
|
+
this._keyStorage = keyStorage;
|
|
85
|
+
}
|
|
86
86
|
loadAllKeysFromLocalStorage(dataOwnerId) {
|
|
87
87
|
return __awaiter(this, void 0, void 0, function* () {
|
|
88
88
|
const pubKeys = yield this.getDataOwnerHexPublicKeys((yield this.getDataOwner(dataOwnerId)).dataOwner);
|
|
@@ -226,7 +226,7 @@ class IccCryptoXApi {
|
|
|
226
226
|
return res;
|
|
227
227
|
}
|
|
228
228
|
const result = yield publicKeys.reduce((res, pk) => __awaiter(this, void 0, void 0, function* () {
|
|
229
|
-
var _b, _c;
|
|
229
|
+
var _b, _c, _d;
|
|
230
230
|
const delegatorAndKeys = yield res;
|
|
231
231
|
if (delegatorAndKeys) {
|
|
232
232
|
return delegatorAndKeys;
|
|
@@ -236,10 +236,11 @@ class IccCryptoXApi {
|
|
|
236
236
|
if (!keyPair) {
|
|
237
237
|
return;
|
|
238
238
|
}
|
|
239
|
-
|
|
239
|
+
// Due to past bugs the encryptedHcPartyKeys may contain the full key instead of just the fingerprint.
|
|
240
|
+
let encryptedHcPartyKey = (_c = encryptedHcPartyKeys[fingerprint]) !== null && _c !== void 0 ? _c : encryptedHcPartyKeys[pk];
|
|
240
241
|
if (!encryptedHcPartyKey) {
|
|
241
242
|
const delegate = yield this.getDataOwner(delegateHcPartyId, false); //it is faster to just try to decrypt if not in cache
|
|
242
|
-
if (!(delegate === null || delegate === void 0 ? void 0 : delegate.dataOwner) || ((
|
|
243
|
+
if (!(delegate === null || delegate === void 0 ? void 0 : delegate.dataOwner) || ((_d = delegate.dataOwner.publicKey) === null || _d === void 0 ? void 0 : _d.endsWith(fingerprint))) {
|
|
243
244
|
encryptedHcPartyKey = encryptedHcPartyKeys[''];
|
|
244
245
|
}
|
|
245
246
|
else {
|
|
@@ -270,11 +271,11 @@ class IccCryptoXApi {
|
|
|
270
271
|
.filter(([_, k]) => !publicKeys.some((apk) => apk.slice(-32) === k.slice(-32)));
|
|
271
272
|
if (candidates.length) {
|
|
272
273
|
const newPublicKeys = yield candidates.reduce((p, [decryptionKeyFingerprint, privateKeyFingerprint, encryptedPrivateKey]) => __awaiter(this, void 0, void 0, function* () {
|
|
273
|
-
var
|
|
274
|
+
var _e, _f;
|
|
274
275
|
const newKeys = yield p;
|
|
275
|
-
const aesExchangeKeys = (
|
|
276
|
+
const aesExchangeKeys = (_e = Object.entries(hcp.dataOwner.aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === privateKeyFingerprint.slice(-32))) === null || _e === void 0 ? void 0 : _e[1][loggedHcPartyId];
|
|
276
277
|
if (aesExchangeKeys) {
|
|
277
|
-
const encryptedAesExchangeKey = (
|
|
278
|
+
const encryptedAesExchangeKey = (_f = Object.entries(aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === decryptionKeyFingerprint.slice(-32))) === null || _f === void 0 ? void 0 : _f[1];
|
|
278
279
|
if (encryptedAesExchangeKey) {
|
|
279
280
|
const keyPair = this.rsaKeyPairs[decryptionKeyFingerprint.slice(-32)];
|
|
280
281
|
if (!keyPair) {
|
|
@@ -1575,7 +1576,7 @@ class IccCryptoXApi {
|
|
|
1575
1576
|
];
|
|
1576
1577
|
ownerCombinedAesExchangeKeys = Object.assign({ [ownerLegacyPublicKey]: Object.entries((_d = owner.hcPartyKeys) !== null && _d !== void 0 ? _d : {}).reduce((map, [hcpId, keys]) => {
|
|
1577
1578
|
var _a, _b;
|
|
1578
|
-
return (Object.assign(Object.assign(Object.assign({}, map), { [hcpId]: { [ownerLegacyPublicKey]: keys[0], [(_b = (_a = counterParts.find((x) => x.id === hcpId)) === null || _a === void 0 ? void 0 : _a.publicKey) !== null && _b !== void 0 ? _b : '']: keys[1] } }), {}));
|
|
1579
|
+
return (Object.assign(Object.assign(Object.assign({}, map), { [hcpId]: { [ownerLegacyPublicKey.slice(-32)]: keys[0], [(_b = (_a = counterParts.find((x) => x.id === hcpId)) === null || _a === void 0 ? void 0 : _a.publicKey) !== null && _b !== void 0 ? _b : '']: keys[1] } }), {}));
|
|
1579
1580
|
}, {}) }, ownerCombinedAesExchangeKeys);
|
|
1580
1581
|
}
|
|
1581
1582
|
const delegatePublicKeys = [delegate.publicKey, ...Object.keys((_e = delegate.aesExchangeKeys) !== null && _e !== void 0 ? _e : {}).filter((x) => x !== delegate.publicKey)].filter((x) => !!x);
|
|
@@ -1591,7 +1592,7 @@ class IccCryptoXApi {
|
|
|
1591
1592
|
if (delegate.publicKey && ownerLegacyPublicKey && isOwnerLegacyPublicKeyAvailable) {
|
|
1592
1593
|
owner.hcPartyKeys[delegateId] = [encryptedAesKeys[ownerLegacyPublicKey.slice(-32)], encryptedAesKeys[delegate.publicKey.slice(-32)]];
|
|
1593
1594
|
}
|
|
1594
|
-
owner.aesExchangeKeys = Object.assign(Object.assign({}, (ownerCombinedAesExchangeKeys !== null && ownerCombinedAesExchangeKeys !== void 0 ? ownerCombinedAesExchangeKeys : {})), { [selectedPublicKey]: Object.assign(Object.assign({}, ((_g = (_f = owner.aesExchangeKeys) === null || _f === void 0 ? void 0 : _f[selectedPublicKey]) !== null && _g !== void 0 ? _g : {})), { [delegateId]: encryptedAesKeys }) });
|
|
1595
|
+
owner.aesExchangeKeys = this.fixAesExchangeKeyEntriesToFingerprints(Object.assign(Object.assign({}, (ownerCombinedAesExchangeKeys !== null && ownerCombinedAesExchangeKeys !== void 0 ? ownerCombinedAesExchangeKeys : {})), { [selectedPublicKey]: Object.assign(Object.assign({}, ((_g = (_f = owner.aesExchangeKeys) === null || _f === void 0 ? void 0 : _f[selectedPublicKey]) !== null && _g !== void 0 ? _g : {})), { [delegateId]: encryptedAesKeys }) }));
|
|
1595
1596
|
return new Promise((resolve, reject) => {
|
|
1596
1597
|
ownerType === 'hcp'
|
|
1597
1598
|
? (this.dataOwnerCache[owner.id] = this.hcpartyBaseApi
|
|
@@ -1722,6 +1723,18 @@ class IccCryptoXApi {
|
|
|
1722
1723
|
storeKeyPair(id, keyPair) {
|
|
1723
1724
|
this._storage.setItem(this.rsaLocalStoreIdPrefix + id, JSON.stringify(keyPair));
|
|
1724
1725
|
}
|
|
1726
|
+
fixAesExchangeKeyEntriesToFingerprints(aesExchangeKeys) {
|
|
1727
|
+
return Object.fromEntries(Object.entries(aesExchangeKeys).map(([delegatorPubKey, allDelegates]) => [
|
|
1728
|
+
delegatorPubKey,
|
|
1729
|
+
Object.fromEntries(Object.entries(allDelegates).map(([delegateId, keyEntries]) => [
|
|
1730
|
+
delegateId,
|
|
1731
|
+
Object.fromEntries(Object.entries(keyEntries).map(([publicKey, encryptedValue]) => [
|
|
1732
|
+
publicKey.slice(-32),
|
|
1733
|
+
encryptedValue
|
|
1734
|
+
]))
|
|
1735
|
+
]))
|
|
1736
|
+
]));
|
|
1737
|
+
}
|
|
1725
1738
|
}
|
|
1726
1739
|
exports.IccCryptoXApi = IccCryptoXApi;
|
|
1727
1740
|
//# sourceMappingURL=icc-crypto-x-api.js.map
|