@icure/api 6.0.4 → 6.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -18,31 +18,6 @@ const models_1 = require("../icc-api/model/models");
18
18
  const binary_utils_1 = require("./utils/binary-utils");
19
19
  const utils_1 = require("./utils");
20
20
  class IccCryptoXApi {
21
- constructor(host, headers, hcpartyBaseApi, //Init with a hcparty x api for better performances
22
- patientBaseApi, deviceBaseApi, crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : {}, storage, keyStorage) {
23
- this.hcPartyKeysCache = {};
24
- //[delegateId][delegatorId] = delegateEncryptedHcPartyKey
25
- //for each delegate, it stores the list of delegators and the corresponding delegateEncryptedHcPartyKey (shared HcPartyKey, from delegator to delegate, encrypted with the RSA key of the delegate)
26
- this.hcPartyKeysRequestsCache = {};
27
- this.cacheLastDeletionTimestamp = undefined;
28
- this.dataOwnerCache = {};
29
- this.keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.';
30
- this.keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.';
31
- this.hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt';
32
- this.hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate';
33
- this.rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.';
34
- this.rsaKeyPairs = {};
35
- this.hcpartyBaseApi = hcpartyBaseApi;
36
- this.patientBaseApi = patientBaseApi;
37
- this.deviceBaseApi = deviceBaseApi;
38
- this._crypto = crypto;
39
- this.generateKeyConcurrencyMap = {};
40
- this._AES = new AES_1.AESUtils(crypto);
41
- this._RSA = new RSA_1.RSAUtils(crypto);
42
- this._shamir = new shamir_1.ShamirClass(crypto);
43
- this._storage = storage;
44
- this._keyStorage = keyStorage;
45
- }
46
21
  get crypto() {
47
22
  return this._crypto;
48
23
  }
@@ -83,6 +58,31 @@ class IccCryptoXApi {
83
58
  this.deviceBaseApi.getDeviceAesExchangeKeysForDelegate(delegateHcPartyId).catch(() => { }),
84
59
  ]).then(([a, b, c]) => (Object.assign(Object.assign(Object.assign({}, a), b), c)));
85
60
  }
61
+ constructor(host, headers, hcpartyBaseApi, //Init with a hcparty x api for better performances
62
+ patientBaseApi, deviceBaseApi, crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : {}, storage, keyStorage) {
63
+ this.hcPartyKeysCache = {};
64
+ //[delegateId][delegatorId] = delegateEncryptedHcPartyKey
65
+ //for each delegate, it stores the list of delegators and the corresponding delegateEncryptedHcPartyKey (shared HcPartyKey, from delegator to delegate, encrypted with the RSA key of the delegate)
66
+ this.hcPartyKeysRequestsCache = {};
67
+ this.cacheLastDeletionTimestamp = undefined;
68
+ this.dataOwnerCache = {};
69
+ this.keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.';
70
+ this.keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.';
71
+ this.hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt';
72
+ this.hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate';
73
+ this.rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.';
74
+ this.rsaKeyPairs = {};
75
+ this.hcpartyBaseApi = hcpartyBaseApi;
76
+ this.patientBaseApi = patientBaseApi;
77
+ this.deviceBaseApi = deviceBaseApi;
78
+ this._crypto = crypto;
79
+ this.generateKeyConcurrencyMap = {};
80
+ this._AES = new AES_1.AESUtils(crypto);
81
+ this._RSA = new RSA_1.RSAUtils(crypto);
82
+ this._shamir = new shamir_1.ShamirClass(crypto);
83
+ this._storage = storage;
84
+ this._keyStorage = keyStorage;
85
+ }
86
86
  loadAllKeysFromLocalStorage(dataOwnerId) {
87
87
  return __awaiter(this, void 0, void 0, function* () {
88
88
  const pubKeys = yield this.getDataOwnerHexPublicKeys((yield this.getDataOwner(dataOwnerId)).dataOwner);
@@ -226,7 +226,7 @@ class IccCryptoXApi {
226
226
  return res;
227
227
  }
228
228
  const result = yield publicKeys.reduce((res, pk) => __awaiter(this, void 0, void 0, function* () {
229
- var _b, _c;
229
+ var _b, _c, _d;
230
230
  const delegatorAndKeys = yield res;
231
231
  if (delegatorAndKeys) {
232
232
  return delegatorAndKeys;
@@ -236,10 +236,11 @@ class IccCryptoXApi {
236
236
  if (!keyPair) {
237
237
  return;
238
238
  }
239
- let encryptedHcPartyKey = encryptedHcPartyKeys[fingerprint];
239
+ // Due to past bugs the encryptedHcPartyKeys may contain the full key instead of just the fingerprint.
240
+ let encryptedHcPartyKey = (_c = encryptedHcPartyKeys[fingerprint]) !== null && _c !== void 0 ? _c : encryptedHcPartyKeys[pk];
240
241
  if (!encryptedHcPartyKey) {
241
242
  const delegate = yield this.getDataOwner(delegateHcPartyId, false); //it is faster to just try to decrypt if not in cache
242
- if (!(delegate === null || delegate === void 0 ? void 0 : delegate.dataOwner) || ((_c = delegate.dataOwner.publicKey) === null || _c === void 0 ? void 0 : _c.endsWith(fingerprint))) {
243
+ if (!(delegate === null || delegate === void 0 ? void 0 : delegate.dataOwner) || ((_d = delegate.dataOwner.publicKey) === null || _d === void 0 ? void 0 : _d.endsWith(fingerprint))) {
243
244
  encryptedHcPartyKey = encryptedHcPartyKeys[''];
244
245
  }
245
246
  else {
@@ -270,11 +271,11 @@ class IccCryptoXApi {
270
271
  .filter(([_, k]) => !publicKeys.some((apk) => apk.slice(-32) === k.slice(-32)));
271
272
  if (candidates.length) {
272
273
  const newPublicKeys = yield candidates.reduce((p, [decryptionKeyFingerprint, privateKeyFingerprint, encryptedPrivateKey]) => __awaiter(this, void 0, void 0, function* () {
273
- var _d, _e;
274
+ var _e, _f;
274
275
  const newKeys = yield p;
275
- const aesExchangeKeys = (_d = Object.entries(hcp.dataOwner.aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === privateKeyFingerprint.slice(-32))) === null || _d === void 0 ? void 0 : _d[1][loggedHcPartyId];
276
+ const aesExchangeKeys = (_e = Object.entries(hcp.dataOwner.aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === privateKeyFingerprint.slice(-32))) === null || _e === void 0 ? void 0 : _e[1][loggedHcPartyId];
276
277
  if (aesExchangeKeys) {
277
- const encryptedAesExchangeKey = (_e = Object.entries(aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === decryptionKeyFingerprint.slice(-32))) === null || _e === void 0 ? void 0 : _e[1];
278
+ const encryptedAesExchangeKey = (_f = Object.entries(aesExchangeKeys).find(([fp, _]) => fp.slice(-32) === decryptionKeyFingerprint.slice(-32))) === null || _f === void 0 ? void 0 : _f[1];
278
279
  if (encryptedAesExchangeKey) {
279
280
  const keyPair = this.rsaKeyPairs[decryptionKeyFingerprint.slice(-32)];
280
281
  if (!keyPair) {
@@ -1575,7 +1576,7 @@ class IccCryptoXApi {
1575
1576
  ];
1576
1577
  ownerCombinedAesExchangeKeys = Object.assign({ [ownerLegacyPublicKey]: Object.entries((_d = owner.hcPartyKeys) !== null && _d !== void 0 ? _d : {}).reduce((map, [hcpId, keys]) => {
1577
1578
  var _a, _b;
1578
- return (Object.assign(Object.assign(Object.assign({}, map), { [hcpId]: { [ownerLegacyPublicKey]: keys[0], [(_b = (_a = counterParts.find((x) => x.id === hcpId)) === null || _a === void 0 ? void 0 : _a.publicKey) !== null && _b !== void 0 ? _b : '']: keys[1] } }), {}));
1579
+ return (Object.assign(Object.assign(Object.assign({}, map), { [hcpId]: { [ownerLegacyPublicKey.slice(-32)]: keys[0], [(_b = (_a = counterParts.find((x) => x.id === hcpId)) === null || _a === void 0 ? void 0 : _a.publicKey) !== null && _b !== void 0 ? _b : '']: keys[1] } }), {}));
1579
1580
  }, {}) }, ownerCombinedAesExchangeKeys);
1580
1581
  }
1581
1582
  const delegatePublicKeys = [delegate.publicKey, ...Object.keys((_e = delegate.aesExchangeKeys) !== null && _e !== void 0 ? _e : {}).filter((x) => x !== delegate.publicKey)].filter((x) => !!x);
@@ -1591,7 +1592,7 @@ class IccCryptoXApi {
1591
1592
  if (delegate.publicKey && ownerLegacyPublicKey && isOwnerLegacyPublicKeyAvailable) {
1592
1593
  owner.hcPartyKeys[delegateId] = [encryptedAesKeys[ownerLegacyPublicKey.slice(-32)], encryptedAesKeys[delegate.publicKey.slice(-32)]];
1593
1594
  }
1594
- owner.aesExchangeKeys = Object.assign(Object.assign({}, (ownerCombinedAesExchangeKeys !== null && ownerCombinedAesExchangeKeys !== void 0 ? ownerCombinedAesExchangeKeys : {})), { [selectedPublicKey]: Object.assign(Object.assign({}, ((_g = (_f = owner.aesExchangeKeys) === null || _f === void 0 ? void 0 : _f[selectedPublicKey]) !== null && _g !== void 0 ? _g : {})), { [delegateId]: encryptedAesKeys }) });
1595
+ owner.aesExchangeKeys = this.fixAesExchangeKeyEntriesToFingerprints(Object.assign(Object.assign({}, (ownerCombinedAesExchangeKeys !== null && ownerCombinedAesExchangeKeys !== void 0 ? ownerCombinedAesExchangeKeys : {})), { [selectedPublicKey]: Object.assign(Object.assign({}, ((_g = (_f = owner.aesExchangeKeys) === null || _f === void 0 ? void 0 : _f[selectedPublicKey]) !== null && _g !== void 0 ? _g : {})), { [delegateId]: encryptedAesKeys }) }));
1595
1596
  return new Promise((resolve, reject) => {
1596
1597
  ownerType === 'hcp'
1597
1598
  ? (this.dataOwnerCache[owner.id] = this.hcpartyBaseApi
@@ -1722,6 +1723,18 @@ class IccCryptoXApi {
1722
1723
  storeKeyPair(id, keyPair) {
1723
1724
  this._storage.setItem(this.rsaLocalStoreIdPrefix + id, JSON.stringify(keyPair));
1724
1725
  }
1726
+ fixAesExchangeKeyEntriesToFingerprints(aesExchangeKeys) {
1727
+ return Object.fromEntries(Object.entries(aesExchangeKeys).map(([delegatorPubKey, allDelegates]) => [
1728
+ delegatorPubKey,
1729
+ Object.fromEntries(Object.entries(allDelegates).map(([delegateId, keyEntries]) => [
1730
+ delegateId,
1731
+ Object.fromEntries(Object.entries(keyEntries).map(([publicKey, encryptedValue]) => [
1732
+ publicKey.slice(-32),
1733
+ encryptedValue
1734
+ ]))
1735
+ ]))
1736
+ ]));
1737
+ }
1725
1738
  }
1726
1739
  exports.IccCryptoXApi = IccCryptoXApi;
1727
1740
  //# sourceMappingURL=icc-crypto-x-api.js.map