@icure/api 7.1.14 → 8.0.0-RC.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (322) hide show
  1. package/icc-api/api/IccAccesslogApi.d.ts +12 -1
  2. package/icc-api/api/IccAccesslogApi.js +142 -98
  3. package/icc-api/api/IccAccesslogApi.js.map +1 -1
  4. package/icc-api/api/IccBemikronoApi.d.ts +81 -0
  5. package/icc-api/api/IccBemikronoApi.js +163 -0
  6. package/icc-api/api/IccBemikronoApi.js.map +1 -0
  7. package/icc-api/api/IccCalendarItemApi.d.ts +21 -1
  8. package/icc-api/api/IccCalendarItemApi.js +183 -117
  9. package/icc-api/api/IccCalendarItemApi.js.map +1 -1
  10. package/icc-api/api/IccClassificationApi.d.ts +21 -1
  11. package/icc-api/api/IccClassificationApi.js +119 -63
  12. package/icc-api/api/IccClassificationApi.js.map +1 -1
  13. package/icc-api/api/IccContactApi.d.ts +21 -1
  14. package/icc-api/api/IccContactApi.js +385 -294
  15. package/icc-api/api/IccContactApi.js.map +1 -1
  16. package/icc-api/api/IccDocumentApi.d.ts +32 -25
  17. package/icc-api/api/IccDocumentApi.js +264 -212
  18. package/icc-api/api/IccDocumentApi.js.map +1 -1
  19. package/icc-api/api/IccExchangeDataApi.d.ts +19 -0
  20. package/icc-api/api/IccExchangeDataApi.js +85 -0
  21. package/icc-api/api/IccExchangeDataApi.js.map +1 -0
  22. package/icc-api/api/IccExchangeDataMapApi.d.ts +18 -0
  23. package/icc-api/api/IccExchangeDataMapApi.js +65 -0
  24. package/icc-api/api/IccExchangeDataMapApi.js.map +1 -0
  25. package/icc-api/api/IccFormApi.d.ts +21 -1
  26. package/icc-api/api/IccFormApi.js +321 -229
  27. package/icc-api/api/IccFormApi.js.map +1 -1
  28. package/icc-api/api/IccHelementApi.d.ts +21 -1
  29. package/icc-api/api/IccHelementApi.js +207 -137
  30. package/icc-api/api/IccHelementApi.js.map +1 -1
  31. package/icc-api/api/IccInvoiceApi.d.ts +21 -1
  32. package/icc-api/api/IccInvoiceApi.js +404 -298
  33. package/icc-api/api/IccInvoiceApi.js.map +1 -1
  34. package/icc-api/api/IccMaintenanceTaskApi.d.ts +12 -1
  35. package/icc-api/api/IccMaintenanceTaskApi.js +79 -43
  36. package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
  37. package/icc-api/api/IccMessageApi.d.ts +12 -1
  38. package/icc-api/api/IccMessageApi.js +257 -191
  39. package/icc-api/api/IccMessageApi.js.map +1 -1
  40. package/icc-api/api/IccPatientApi.d.ts +12 -1
  41. package/icc-api/api/IccPatientApi.js +447 -351
  42. package/icc-api/api/IccPatientApi.js.map +1 -1
  43. package/icc-api/api/IccReceiptApi.d.ts +22 -8
  44. package/icc-api/api/IccReceiptApi.js +121 -64
  45. package/icc-api/api/IccReceiptApi.js.map +1 -1
  46. package/icc-api/api/IccRestApiPath.js +1 -1
  47. package/icc-api/api/IccRestApiPath.js.map +1 -1
  48. package/icc-api/api/IccTimeTableApi.d.ts +12 -1
  49. package/icc-api/api/IccTimeTableApi.js +86 -48
  50. package/icc-api/api/IccTimeTableApi.js.map +1 -1
  51. package/icc-api/index.d.ts +1 -0
  52. package/icc-api/index.js +1 -0
  53. package/icc-api/index.js.map +1 -1
  54. package/icc-api/model/AccessLog.d.ts +4 -0
  55. package/icc-api/model/AccessLog.js +1 -0
  56. package/icc-api/model/AccessLog.js.map +1 -1
  57. package/icc-api/model/Article.d.ts +4 -0
  58. package/icc-api/model/Article.js +1 -0
  59. package/icc-api/model/Article.js.map +1 -1
  60. package/icc-api/model/CalendarItem.d.ts +4 -0
  61. package/icc-api/model/CalendarItem.js +1 -0
  62. package/icc-api/model/CalendarItem.js.map +1 -1
  63. package/icc-api/model/Classification.d.ts +4 -0
  64. package/icc-api/model/Classification.js +1 -0
  65. package/icc-api/model/Classification.js.map +1 -1
  66. package/icc-api/model/ClassificationTemplate.d.ts +2 -0
  67. package/icc-api/model/ClassificationTemplate.js.map +1 -1
  68. package/icc-api/model/Contact.d.ts +4 -0
  69. package/icc-api/model/Contact.js +1 -0
  70. package/icc-api/model/Contact.js.map +1 -1
  71. package/icc-api/model/Device.d.ts +4 -4
  72. package/icc-api/model/Device.js.map +1 -1
  73. package/icc-api/model/Document.d.ts +4 -0
  74. package/icc-api/model/Document.js +1 -0
  75. package/icc-api/model/Document.js.map +1 -1
  76. package/icc-api/model/ExchangeData.d.ts +61 -0
  77. package/icc-api/model/ExchangeData.js +12 -0
  78. package/icc-api/model/ExchangeData.js.map +1 -0
  79. package/icc-api/model/ExchangeDataMap.d.ts +21 -0
  80. package/icc-api/model/ExchangeDataMap.js +10 -0
  81. package/icc-api/model/ExchangeDataMap.js.map +1 -0
  82. package/icc-api/model/ExchangeDataMapCreationBatch.d.ts +13 -0
  83. package/icc-api/model/ExchangeDataMapCreationBatch.js +10 -0
  84. package/icc-api/model/ExchangeDataMapCreationBatch.js.map +1 -0
  85. package/icc-api/model/Form.d.ts +4 -0
  86. package/icc-api/model/Form.js +1 -0
  87. package/icc-api/model/Form.js.map +1 -1
  88. package/icc-api/model/HealthElement.d.ts +4 -0
  89. package/icc-api/model/HealthElement.js +1 -0
  90. package/icc-api/model/HealthElement.js.map +1 -1
  91. package/icc-api/model/HealthcareParty.d.ts +2 -2
  92. package/icc-api/model/HealthcareParty.js.map +1 -1
  93. package/icc-api/model/IcureStub.d.ts +2 -0
  94. package/icc-api/model/IcureStub.js.map +1 -1
  95. package/icc-api/model/Invoice.d.ts +4 -0
  96. package/icc-api/model/Invoice.js +1 -0
  97. package/icc-api/model/Invoice.js.map +1 -1
  98. package/icc-api/model/MaintenanceTask.d.ts +4 -0
  99. package/icc-api/model/MaintenanceTask.js +1 -0
  100. package/icc-api/model/MaintenanceTask.js.map +1 -1
  101. package/icc-api/model/Message.d.ts +4 -0
  102. package/icc-api/model/Message.js +1 -0
  103. package/icc-api/model/Message.js.map +1 -1
  104. package/icc-api/model/PaginatedListExchangeData.d.ts +9 -0
  105. package/icc-api/model/PaginatedListExchangeData.js +10 -0
  106. package/icc-api/model/PaginatedListExchangeData.js.map +1 -0
  107. package/icc-api/model/Patient.d.ts +6 -2
  108. package/icc-api/model/Patient.js +1 -0
  109. package/icc-api/model/Patient.js.map +1 -1
  110. package/icc-api/model/PatientByHcPartyGenderEducationProfession.d.ts +31 -0
  111. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +32 -0
  112. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -0
  113. package/icc-api/model/Receipt.d.ts +4 -0
  114. package/icc-api/model/Receipt.js +1 -0
  115. package/icc-api/model/Receipt.js.map +1 -1
  116. package/icc-api/model/SecureDelegation.d.ts +52 -0
  117. package/icc-api/model/SecureDelegation.js +16 -0
  118. package/icc-api/model/SecureDelegation.js.map +1 -0
  119. package/icc-api/model/SecurityMetadata.d.ts +33 -0
  120. package/icc-api/model/SecurityMetadata.js +13 -0
  121. package/icc-api/model/SecurityMetadata.js.map +1 -0
  122. package/icc-api/model/Service.d.ts +2 -0
  123. package/icc-api/model/Service.js.map +1 -1
  124. package/icc-api/model/TimeTable.d.ts +4 -0
  125. package/icc-api/model/TimeTable.js +1 -0
  126. package/icc-api/model/TimeTable.js.map +1 -1
  127. package/icc-api/model/models.d.ts +20 -39
  128. package/icc-api/model/models.js +15 -37
  129. package/icc-api/model/models.js.map +1 -1
  130. package/icc-api/model/requests/EntityBulkShareResult.d.ts +28 -0
  131. package/icc-api/model/requests/EntityBulkShareResult.js +16 -0
  132. package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -0
  133. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.d.ts +10 -0
  134. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js +17 -0
  135. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -0
  136. package/icc-api/model/requests/EntityShareRequest.d.ts +110 -0
  137. package/icc-api/model/requests/EntityShareRequest.js +63 -0
  138. package/icc-api/model/requests/EntityShareRequest.js.map +1 -0
  139. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.d.ts +54 -0
  140. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +24 -0
  141. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -0
  142. package/icc-api/model/requests/MinimalEntityBulkShareResult.d.ts +23 -0
  143. package/icc-api/model/requests/MinimalEntityBulkShareResult.js +13 -0
  144. package/icc-api/model/requests/MinimalEntityBulkShareResult.js.map +1 -0
  145. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.d.ts +21 -0
  146. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js +14 -0
  147. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js.map +1 -0
  148. package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +3 -2
  149. package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -1
  150. package/icc-x-api/crypto/AES.js +1 -1
  151. package/icc-x-api/crypto/AES.js.map +1 -1
  152. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.d.ts +16 -0
  153. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js +41 -0
  154. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -0
  155. package/icc-x-api/crypto/AccessControlSecretUtils.d.ts +42 -0
  156. package/icc-x-api/crypto/AccessControlSecretUtils.js +86 -0
  157. package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -0
  158. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +146 -0
  159. package/icc-x-api/crypto/BaseExchangeDataManager.js +342 -0
  160. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -0
  161. package/icc-x-api/crypto/BaseExchangeKeysManager.d.ts +0 -18
  162. package/icc-x-api/crypto/BaseExchangeKeysManager.js +11 -85
  163. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  164. package/icc-x-api/crypto/ConfidentialEntities.d.ts +26 -16
  165. package/icc-x-api/crypto/ConfidentialEntities.js +30 -17
  166. package/icc-x-api/crypto/ConfidentialEntities.js.map +1 -1
  167. package/icc-x-api/crypto/CryptoStrategies.d.ts +8 -1
  168. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  169. package/icc-x-api/crypto/ExchangeDataManager.d.ts +95 -0
  170. package/icc-x-api/crypto/ExchangeDataManager.js +493 -0
  171. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -0
  172. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +32 -0
  173. package/icc-x-api/crypto/ExchangeDataMapManager.js +70 -0
  174. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -0
  175. package/icc-x-api/crypto/ExchangeKeysManager.d.ts +4 -16
  176. package/icc-x-api/crypto/ExchangeKeysManager.js +4 -62
  177. package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
  178. package/icc-x-api/crypto/ExtendedApisUtils.d.ts +336 -0
  179. package/icc-x-api/crypto/ExtendedApisUtils.js +3 -0
  180. package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -0
  181. package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +181 -0
  182. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +562 -0
  183. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -0
  184. package/icc-x-api/crypto/KeyRecovery.d.ts +5 -2
  185. package/icc-x-api/crypto/KeyRecovery.js +59 -29
  186. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  187. package/icc-x-api/crypto/LegacyCryptoStrategies.d.ts +7 -2
  188. package/icc-x-api/crypto/LegacyCryptoStrategies.js +8 -1
  189. package/icc-x-api/crypto/LegacyCryptoStrategies.js.map +1 -1
  190. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.d.ts +39 -0
  191. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js +150 -0
  192. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js.map +1 -0
  193. package/icc-x-api/crypto/RSA.d.ts +34 -8
  194. package/icc-x-api/crypto/RSA.js +80 -13
  195. package/icc-x-api/crypto/RSA.js.map +1 -1
  196. package/icc-x-api/crypto/SecureDelegationsEncryption.d.ts +54 -0
  197. package/icc-x-api/crypto/SecureDelegationsEncryption.js +178 -0
  198. package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -0
  199. package/icc-x-api/crypto/SecureDelegationsManager.d.ts +66 -0
  200. package/icc-x-api/crypto/SecureDelegationsManager.js +261 -0
  201. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -0
  202. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.d.ts +37 -0
  203. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js +294 -0
  204. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js.map +1 -0
  205. package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +114 -0
  206. package/icc-x-api/crypto/SecurityMetadataDecryptor.js +98 -0
  207. package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -0
  208. package/icc-x-api/crypto/ShamirKeysManager.d.ts +5 -5
  209. package/icc-x-api/crypto/ShamirKeysManager.js +6 -9
  210. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  211. package/icc-x-api/crypto/TransferKeysManager.d.ts +8 -6
  212. package/icc-x-api/crypto/TransferKeysManager.js +75 -52
  213. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  214. package/icc-x-api/crypto/{KeyManager.d.ts → UserEncryptionKeysManager.d.ts} +4 -6
  215. package/icc-x-api/crypto/{KeyManager.js → UserEncryptionKeysManager.js} +43 -23
  216. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -0
  217. package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +26 -0
  218. package/icc-x-api/crypto/UserSignatureKeysManager.js +74 -0
  219. package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -0
  220. package/icc-x-api/crypto/utils.d.ts +61 -11
  221. package/icc-x-api/crypto/utils.js +113 -44
  222. package/icc-x-api/crypto/utils.js.map +1 -1
  223. package/icc-x-api/filters/filters.js.map +1 -1
  224. package/icc-x-api/icc-accesslog-x-api.d.ts +46 -11
  225. package/icc-x-api/icc-accesslog-x-api.js +75 -42
  226. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  227. package/icc-x-api/icc-calendar-item-x-api.d.ts +50 -14
  228. package/icc-x-api/icc-calendar-item-x-api.js +99 -49
  229. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  230. package/icc-x-api/icc-classification-x-api.d.ts +44 -9
  231. package/icc-x-api/icc-classification-x-api.js +56 -31
  232. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  233. package/icc-x-api/icc-contact-x-api.d.ts +56 -32
  234. package/icc-x-api/icc-contact-x-api.js +95 -64
  235. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  236. package/icc-x-api/icc-crypto-x-api.d.ts +28 -334
  237. package/icc-x-api/icc-crypto-x-api.js +41 -765
  238. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  239. package/icc-x-api/icc-data-owner-x-api.d.ts +20 -8
  240. package/icc-x-api/icc-data-owner-x-api.js +31 -10
  241. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  242. package/icc-x-api/icc-document-x-api.d.ts +48 -11
  243. package/icc-x-api/icc-document-x-api.js +111 -64
  244. package/icc-x-api/icc-document-x-api.js.map +1 -1
  245. package/icc-x-api/icc-form-x-api.d.ts +45 -10
  246. package/icc-x-api/icc-form-x-api.js +65 -35
  247. package/icc-x-api/icc-form-x-api.js.map +1 -1
  248. package/icc-x-api/icc-hcparty-x-api.d.ts +2 -2
  249. package/icc-x-api/icc-hcparty-x-api.js +3 -3
  250. package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
  251. package/icc-x-api/icc-helement-x-api.d.ts +55 -18
  252. package/icc-x-api/icc-helement-x-api.js +76 -41
  253. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  254. package/icc-x-api/icc-icure-maintenance-x-api.d.ts +7 -2
  255. package/icc-x-api/icc-icure-maintenance-x-api.js +38 -27
  256. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  257. package/icc-x-api/icc-invoice-x-api.d.ts +50 -15
  258. package/icc-x-api/icc-invoice-x-api.js +63 -33
  259. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  260. package/icc-x-api/icc-maintenance-task-x-api.d.ts +53 -21
  261. package/icc-x-api/icc-maintenance-task-x-api.js +72 -35
  262. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  263. package/icc-x-api/icc-message-x-api.d.ts +53 -15
  264. package/icc-x-api/icc-message-x-api.js +65 -36
  265. package/icc-x-api/icc-message-x-api.js.map +1 -1
  266. package/icc-x-api/icc-patient-x-api.d.ts +84 -29
  267. package/icc-x-api/icc-patient-x-api.js +313 -378
  268. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  269. package/icc-x-api/icc-receipt-x-api.d.ts +44 -12
  270. package/icc-x-api/icc-receipt-x-api.js +67 -35
  271. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  272. package/icc-x-api/icc-time-table-x-api.d.ts +43 -12
  273. package/icc-x-api/icc-time-table-x-api.js +56 -26
  274. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  275. package/icc-x-api/icc-user-x-api.d.ts +2 -2
  276. package/icc-x-api/icc-user-x-api.js +3 -3
  277. package/icc-x-api/icc-user-x-api.js.map +1 -1
  278. package/icc-x-api/index.d.ts +4 -2
  279. package/icc-x-api/index.js +154 -135
  280. package/icc-x-api/index.js.map +1 -1
  281. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.d.ts +2 -0
  282. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js +9 -2
  283. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js.map +1 -1
  284. package/icc-x-api/storage/IcureStorageFacade.d.ts +23 -2
  285. package/icc-x-api/storage/IcureStorageFacade.js +36 -2
  286. package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
  287. package/icc-x-api/storage/KeyStorageFacade.d.ts +12 -0
  288. package/icc-x-api/storage/KeyStorageFacade.js.map +1 -1
  289. package/icc-x-api/storage/KeyStorageImpl.d.ts +2 -0
  290. package/icc-x-api/storage/KeyStorageImpl.js +10 -0
  291. package/icc-x-api/storage/KeyStorageImpl.js.map +1 -1
  292. package/icc-x-api/storage/StorageEntryKeysFactory.d.ts +14 -1
  293. package/icc-x-api/storage/StorageEntryKeysFactory.js.map +1 -1
  294. package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +32 -0
  295. package/icc-x-api/utils/EntityWithDelegationTypeName.js +75 -0
  296. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -0
  297. package/icc-x-api/utils/ShareResult.d.ts +74 -0
  298. package/icc-x-api/utils/ShareResult.js +61 -0
  299. package/icc-x-api/utils/ShareResult.js.map +1 -0
  300. package/icc-x-api/utils/binary-utils.d.ts +1 -0
  301. package/icc-x-api/utils/binary-utils.js +8 -1
  302. package/icc-x-api/utils/binary-utils.js.map +1 -1
  303. package/icc-x-api/utils/collection-utils.d.ts +5 -0
  304. package/icc-x-api/utils/collection-utils.js +26 -1
  305. package/icc-x-api/utils/collection-utils.js.map +1 -1
  306. package/icc-x-api/utils/crypto-utils.d.ts +4 -3
  307. package/icc-x-api/utils/crypto-utils.js +5 -4
  308. package/icc-x-api/utils/crypto-utils.js.map +1 -1
  309. package/icc-x-api/utils/lru-temporised-async-cache.d.ts +26 -3
  310. package/icc-x-api/utils/lru-temporised-async-cache.js +75 -15
  311. package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
  312. package/icc-x-api/utils/websocket.d.ts +10 -10
  313. package/icc-x-api/utils/websocket.js +18 -9
  314. package/icc-x-api/utils/websocket.js.map +1 -1
  315. package/index.d.ts +1 -1
  316. package/index.js +3 -1
  317. package/index.js.map +1 -1
  318. package/package.json +2 -3
  319. package/icc-x-api/crypto/EntitiesEncryption.d.ts +0 -275
  320. package/icc-x-api/crypto/EntitiesEncryption.js +0 -734
  321. package/icc-x-api/crypto/EntitiesEncryption.js.map +0 -1
  322. package/icc-x-api/crypto/KeyManager.js.map +0 -1
@@ -0,0 +1,110 @@
1
+ export declare class EntityShareRequest {
2
+ constructor(params: {
3
+ explicitDelegator?: string;
4
+ explicitDelegate?: string;
5
+ accessControlKeys: string[];
6
+ secretIds?: string[];
7
+ encryptionKeys?: string[];
8
+ owningEntityIds?: string[];
9
+ exchangeDataId?: string;
10
+ encryptedExchangeDataId?: {
11
+ [fp: string]: string;
12
+ };
13
+ requestedPermissions?: EntityShareRequest.RequestedPermissionInternal;
14
+ });
15
+ /**
16
+ * Id of the data owner which is sharing the entity (delegator), if it should be explicitly indicated or null if the
17
+ * delegator requires anonymous delegations. If not null this must match the logged data owner id.
18
+ */
19
+ explicitDelegator?: string;
20
+ /**
21
+ * Id of the data owner which will gain access to the entity (delegate), if it should be explicitly indicated or
22
+ * null if the delegate requires anonymous delegations.
23
+ */
24
+ explicitDelegate?: string;
25
+ /**
26
+ * The access control keys obtained from the access control secrets of the exchange data used for the encryption of the ids and keys
27
+ * to share. These are also used to uniquely identify an instance of share metadata.
28
+ */
29
+ accessControlKeys: string[];
30
+ /**
31
+ * Encrypted secret ids to share with the delegate.
32
+ */
33
+ secretIds?: string[];
34
+ /**
35
+ * Encrypted encryption keys to share with the delegate.
36
+ */
37
+ encryptionKeys?: string[];
38
+ /**
39
+ * Encrypted owning entity ids to share with the delegate.
40
+ */
41
+ owningEntityIds?: string[];
42
+ /**
43
+ * Id of the exchange data used for the encryption of the ids and keys to share. Must be null at least one of
44
+ * delegator or delegate is not explicit.
45
+ */
46
+ exchangeDataId?: string;
47
+ /**
48
+ * Must be non-empty if exactly one of delegator or delegate is explicit and the other is not, empty in all other
49
+ * cases.
50
+ */
51
+ encryptedExchangeDataId?: {
52
+ [fp: string]: string;
53
+ };
54
+ /**
55
+ * Permissions requested for the delegate.
56
+ */
57
+ requestedPermissions: EntityShareRequest.RequestedPermissionInternal;
58
+ }
59
+ export declare namespace EntityShareRequest {
60
+ /**
61
+ * Strategy to use for the calculation of permissions for the new [SecureDelegation.permissions]
62
+ */
63
+ type RequestedPermissionEnum = 'FULL_READ' | 'MAX_WRITE' | 'FULL_WRITE';
64
+ const RequestedPermissionEnum: {
65
+ /**
66
+ * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support
67
+ * fine-grained access control a user may have limited read access to an entity, and in such case the request
68
+ * would fail (similarly to [FULL_WRITE]).
69
+ */
70
+ FULL_READ: RequestedPermissionEnum;
71
+ /**
72
+ * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.
73
+ * If the delegator has full-write access the delegate will also have full-write access else the delegate will
74
+ * have full-read access.
75
+ */
76
+ MAX_WRITE: RequestedPermissionEnum;
77
+ /**
78
+ * The new secure delegation will give full-write access to the delegate. If the delegator does not have
79
+ * full-write access to the entity the request will fail.
80
+ */
81
+ FULL_WRITE: RequestedPermissionEnum;
82
+ };
83
+ /**
84
+ * @internal this type is for internal use only and may be changed without notice.
85
+ * Additional values for requested permissions which are used automatically by the extended apis and should not
86
+ * be used directly by the user.
87
+ */
88
+ type RequestedPermissionInternal = 'ROOT' | RequestedPermissionEnum;
89
+ const RequestedPermissionInternal: {
90
+ /**
91
+ * Request to create a root delegation on the entity. Usually new entities are created with a root delegation
92
+ * for the creator data owner and no other data owners will be able to obtain root permissions, but there are
93
+ * some situations where other data owners can create root delegations on existing entities:
94
+ * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in
95
+ * cases where the data owner wants to share an entity with another data owner using the new delegation format
96
+ * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self
97
+ * and then creates a delegation self->other).
98
+ * - A patient data owner is always allowed to create a root delegation for himself
99
+ *
100
+ * A root delegation gives full write permissions to the data owners which can access it (usually a root
101
+ * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend
102
+ * on any other delegation: this means that no data owners except for the data owners with the root permission
103
+ * can revoke it.
104
+ */
105
+ ROOT: RequestedPermissionInternal;
106
+ FULL_READ: RequestedPermissionInternal;
107
+ MAX_WRITE: RequestedPermissionInternal;
108
+ FULL_WRITE: RequestedPermissionInternal;
109
+ };
110
+ }
@@ -0,0 +1,63 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntityShareRequest = void 0;
4
+ class EntityShareRequest {
5
+ constructor(params) {
6
+ var _a;
7
+ if (!params.accessControlKeys.length)
8
+ throw new Error('Access control keys should not be empty');
9
+ this.explicitDelegator = params.explicitDelegator;
10
+ this.explicitDelegate = params.explicitDelegate;
11
+ this.accessControlKeys = params.accessControlKeys;
12
+ this.secretIds = params.secretIds;
13
+ this.encryptionKeys = params.encryptionKeys;
14
+ this.owningEntityIds = params.owningEntityIds;
15
+ this.exchangeDataId = params.exchangeDataId;
16
+ this.encryptedExchangeDataId = params.encryptedExchangeDataId;
17
+ this.requestedPermissions = (_a = params.requestedPermissions) !== null && _a !== void 0 ? _a : EntityShareRequest.RequestedPermissionInternal.MAX_WRITE;
18
+ }
19
+ }
20
+ exports.EntityShareRequest = EntityShareRequest;
21
+ (function (EntityShareRequest) {
22
+ EntityShareRequest.RequestedPermissionEnum = {
23
+ /**
24
+ * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support
25
+ * fine-grained access control a user may have limited read access to an entity, and in such case the request
26
+ * would fail (similarly to [FULL_WRITE]).
27
+ */
28
+ FULL_READ: 'FULL_READ',
29
+ /**
30
+ * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.
31
+ * If the delegator has full-write access the delegate will also have full-write access else the delegate will
32
+ * have full-read access.
33
+ */
34
+ MAX_WRITE: 'MAX_WRITE',
35
+ /**
36
+ * The new secure delegation will give full-write access to the delegate. If the delegator does not have
37
+ * full-write access to the entity the request will fail.
38
+ */
39
+ FULL_WRITE: 'FULL_WRITE',
40
+ };
41
+ EntityShareRequest.RequestedPermissionInternal = {
42
+ /**
43
+ * Request to create a root delegation on the entity. Usually new entities are created with a root delegation
44
+ * for the creator data owner and no other data owners will be able to obtain root permissions, but there are
45
+ * some situations where other data owners can create root delegations on existing entities:
46
+ * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in
47
+ * cases where the data owner wants to share an entity with another data owner using the new delegation format
48
+ * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self
49
+ * and then creates a delegation self->other).
50
+ * - A patient data owner is always allowed to create a root delegation for himself
51
+ *
52
+ * A root delegation gives full write permissions to the data owners which can access it (usually a root
53
+ * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend
54
+ * on any other delegation: this means that no data owners except for the data owners with the root permission
55
+ * can revoke it.
56
+ */
57
+ ROOT: 'ROOT',
58
+ FULL_READ: EntityShareRequest.RequestedPermissionEnum.FULL_READ,
59
+ MAX_WRITE: EntityShareRequest.RequestedPermissionEnum.MAX_WRITE,
60
+ FULL_WRITE: EntityShareRequest.RequestedPermissionEnum.FULL_WRITE,
61
+ };
62
+ })(EntityShareRequest = exports.EntityShareRequest || (exports.EntityShareRequest = {}));
63
+ //# sourceMappingURL=EntityShareRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntityShareRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntityShareRequest.ts"],"names":[],"mappings":";;;AAAA,MAAa,kBAAkB;IAC7B,YAAY,MAUX;;QACC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;QAChG,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAA;QACjD,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAA;QAC/C,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAA;QACjD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAA;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAA;QAC7C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,uBAAuB,GAAG,MAAM,CAAC,uBAAuB,CAAA;QAC7D,IAAI,CAAC,oBAAoB,GAAG,MAAA,MAAM,CAAC,oBAAoB,mCAAI,kBAAkB,CAAC,2BAA2B,CAAC,SAAS,CAAA;IACrH,CAAC;CA2CF;AAjED,gDAiEC;AAED,WAAiB,kBAAkB;IAKpB,0CAAuB,GAAG;QACrC;;;;WAIG;QACH,SAAS,EAAE,WAAsC;QAEjD;;;;WAIG;QACH,SAAS,EAAE,WAAsC;QAEjD;;;WAGG;QACH,UAAU,EAAE,YAAuC;KACpD,CAAA;IAQY,8CAA2B,GAAG;QACzC;;;;;;;;;;;;;;WAcG;QACH,IAAI,EAAE,MAAqC;QAC3C,SAAS,EAAE,mBAAA,uBAAuB,CAAC,SAAwC;QAC3E,SAAS,EAAE,mBAAA,uBAAuB,CAAC,SAAwC;QAC3E,UAAU,EAAE,mBAAA,uBAAuB,CAAC,UAAyC;KAC9E,CAAA;AACH,CAAC,EAtDgB,kBAAkB,GAAlB,0BAAkB,KAAlB,0BAAkB,QAsDlC","sourcesContent":["export class EntityShareRequest {\n constructor(params: {\n explicitDelegator?: string\n explicitDelegate?: string\n accessControlKeys: string[]\n secretIds?: string[]\n encryptionKeys?: string[]\n owningEntityIds?: string[]\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n requestedPermissions?: EntityShareRequest.RequestedPermissionInternal\n }) {\n if (!params.accessControlKeys.length) throw new Error('Access control keys should not be empty')\n this.explicitDelegator = params.explicitDelegator\n this.explicitDelegate = params.explicitDelegate\n this.accessControlKeys = params.accessControlKeys\n this.secretIds = params.secretIds\n this.encryptionKeys = params.encryptionKeys\n this.owningEntityIds = params.owningEntityIds\n this.exchangeDataId = params.exchangeDataId\n this.encryptedExchangeDataId = params.encryptedExchangeDataId\n this.requestedPermissions = params.requestedPermissions ?? EntityShareRequest.RequestedPermissionInternal.MAX_WRITE\n }\n\n /**\n * Id of the data owner which is sharing the entity (delegator), if it should be explicitly indicated or null if the\n * delegator requires anonymous delegations. If not null this must match the logged data owner id.\n */\n explicitDelegator?: string\n /**\n * Id of the data owner which will gain access to the entity (delegate), if it should be explicitly indicated or\n * null if the delegate requires anonymous delegations.\n */\n explicitDelegate?: string\n /**\n * The access control keys obtained from the access control secrets of the exchange data used for the encryption of the ids and keys\n * to share. These are also used to uniquely identify an instance of share metadata.\n */\n accessControlKeys: string[]\n /**\n * Encrypted secret ids to share with the delegate.\n */\n secretIds?: string[]\n /**\n * Encrypted encryption keys to share with the delegate.\n */\n encryptionKeys?: string[]\n /**\n * Encrypted owning entity ids to share with the delegate.\n */\n owningEntityIds?: string[]\n /**\n * Id of the exchange data used for the encryption of the ids and keys to share. Must be null at least one of\n * delegator or delegate is not explicit.\n */\n exchangeDataId?: string\n /**\n * Must be non-empty if exactly one of delegator or delegate is explicit and the other is not, empty in all other\n * cases.\n */\n encryptedExchangeDataId?: { [fp: string]: string }\n /**\n * Permissions requested for the delegate.\n */\n requestedPermissions: EntityShareRequest.RequestedPermissionInternal\n}\n\nexport namespace EntityShareRequest {\n /**\n * Strategy to use for the calculation of permissions for the new [SecureDelegation.permissions]\n */\n export type RequestedPermissionEnum = 'FULL_READ' | 'MAX_WRITE' | 'FULL_WRITE'\n export const RequestedPermissionEnum = {\n /**\n * The new secure delegation will give full-read access to the delegate. If in future iCure is going to support\n * fine-grained access control a user may have limited read access to an entity, and in such case the request\n * would fail (similarly to [FULL_WRITE]).\n */\n FULL_READ: 'FULL_READ' as RequestedPermissionEnum,\n\n /**\n * The new secure delegation will give maximum access to the delegate, depending on the rights of the delegator.\n * If the delegator has full-write access the delegate will also have full-write access else the delegate will\n * have full-read access.\n */\n MAX_WRITE: 'MAX_WRITE' as RequestedPermissionEnum,\n\n /**\n * The new secure delegation will give full-write access to the delegate. If the delegator does not have\n * full-write access to the entity the request will fail.\n */\n FULL_WRITE: 'FULL_WRITE' as RequestedPermissionEnum,\n }\n\n /**\n * @internal this type is for internal use only and may be changed without notice.\n * Additional values for requested permissions which are used automatically by the extended apis and should not\n * be used directly by the user.\n */\n export type RequestedPermissionInternal = 'ROOT' | RequestedPermissionEnum\n export const RequestedPermissionInternal = {\n /**\n * Request to create a root delegation on the entity. Usually new entities are created with a root delegation\n * for the creator data owner and no other data owners will be able to obtain root permissions, but there are\n * some situations where other data owners can create root delegations on existing entities:\n * - If a data owner has a legacy delegation on an entity he can create a root delegation. This is necessary in\n * cases where the data owner wants to share an entity with another data owner using the new delegation format\n * but does not have a delegation in the new format yet (the data owner creates a new root delegation self->self\n * and then creates a delegation self->other).\n * - A patient data owner is always allowed to create a root delegation for himself\n *\n * A root delegation gives full write permissions to the data owners which can access it (usually a root\n * delegation should be accessible only for one data owner, it should be a delegation a->a) and does not depend\n * on any other delegation: this means that no data owners except for the data owners with the root permission\n * can revoke it.\n */\n ROOT: 'ROOT' as RequestedPermissionInternal,\n FULL_READ: RequestedPermissionEnum.FULL_READ as RequestedPermissionInternal,\n MAX_WRITE: RequestedPermissionEnum.MAX_WRITE as RequestedPermissionInternal,\n FULL_WRITE: RequestedPermissionEnum.FULL_WRITE as RequestedPermissionInternal,\n }\n}\n"]}
@@ -0,0 +1,54 @@
1
+ /**
2
+ * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity
3
+ * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the
4
+ * shared metadata.
5
+ */
6
+ export declare class EntitySharedMetadataUpdateRequest {
7
+ constructor(params: {
8
+ metadataAccessControlHash: string;
9
+ secretIds?: {
10
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
11
+ };
12
+ encryptionKeys?: {
13
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
14
+ };
15
+ owningEntityIds?: {
16
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
17
+ };
18
+ });
19
+ /**
20
+ * Access control hash of the metadata to update.
21
+ */
22
+ metadataAccessControlHash: string;
23
+ /**
24
+ * Updates for secret ids: the key is an encrypted secret id and the value is if an entry with that encrypted secret
25
+ * id should be created or deleted.
26
+ */
27
+ secretIds?: {
28
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
29
+ };
30
+ /**
31
+ * Updates for encryption keys: a key in the map is an encrypted encrpytion key and the value is if an entry with
32
+ * that encrypted encryption key should be created or deleted.
33
+ */
34
+ encryptionKeys?: {
35
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
36
+ };
37
+ /**
38
+ * Updates for owning entity ids: the key is the encrypted id of an owning entity and the value is if an entry with
39
+ * that encrypted owning entity id should be created or deleted.
40
+ */
41
+ owningEntityIds?: {
42
+ [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
43
+ };
44
+ }
45
+ export declare namespace EntitySharedMetadataUpdateRequest {
46
+ /**
47
+ * Specifies if an entry should be created anew or deleted
48
+ */
49
+ type EntryUpdateTypeEnum = 'CREATE' | 'DELETE';
50
+ const EntryUpdateTypeEnum: {
51
+ CREATE: EntryUpdateTypeEnum;
52
+ DELETE: EntryUpdateTypeEnum;
53
+ };
54
+ }
@@ -0,0 +1,24 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.EntitySharedMetadataUpdateRequest = void 0;
4
+ /**
5
+ * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity
6
+ * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the
7
+ * shared metadata.
8
+ */
9
+ class EntitySharedMetadataUpdateRequest {
10
+ constructor(params) {
11
+ this.metadataAccessControlHash = params.metadataAccessControlHash;
12
+ this.secretIds = params.secretIds;
13
+ this.encryptionKeys = params.encryptionKeys;
14
+ this.owningEntityIds = params.owningEntityIds;
15
+ }
16
+ }
17
+ exports.EntitySharedMetadataUpdateRequest = EntitySharedMetadataUpdateRequest;
18
+ (function (EntitySharedMetadataUpdateRequest) {
19
+ EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum = {
20
+ CREATE: 'CREATE',
21
+ DELETE: 'DELETE',
22
+ };
23
+ })(EntitySharedMetadataUpdateRequest = exports.EntitySharedMetadataUpdateRequest || (exports.EntitySharedMetadataUpdateRequest = {}));
24
+ //# sourceMappingURL=EntitySharedMetadataUpdateRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EntitySharedMetadataUpdateRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACH,MAAa,iCAAiC;IAC5C,YAAY,MAKX;QACC,IAAI,CAAC,yBAAyB,GAAG,MAAM,CAAC,yBAAyB,CAAA;QACjE,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAA;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAA;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAA;IAC/C,CAAC;CAqBF;AAhCD,8EAgCC;AACD,WAAiB,iCAAiC;IAKnC,qDAAmB,GAAG;QACjC,MAAM,EAAE,QAA+B;QACvC,MAAM,EAAE,QAA+B;KACxC,CAAA;AACH,CAAC,EATgB,iCAAiC,GAAjC,yCAAiC,KAAjC,yCAAiC,QASjD","sourcesContent":["/**\n * Parameters for the update of shared metadata. Currently only changes to secret ids, encryption keys and owning entity\n * ids are allowed. In the future we are going to allow also changes to the permissions of users with access to the\n * shared metadata.\n */\nexport class EntitySharedMetadataUpdateRequest {\n constructor(params: {\n metadataAccessControlHash: string\n secretIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n encryptionKeys?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n owningEntityIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n }) {\n this.metadataAccessControlHash = params.metadataAccessControlHash\n this.secretIds = params.secretIds\n this.encryptionKeys = params.encryptionKeys\n this.owningEntityIds = params.owningEntityIds\n }\n\n /**\n * Access control hash of the metadata to update.\n */\n metadataAccessControlHash: string\n /**\n * Updates for secret ids: the key is an encrypted secret id and the value is if an entry with that encrypted secret\n * id should be created or deleted.\n */\n secretIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n /**\n * Updates for encryption keys: a key in the map is an encrypted encrpytion key and the value is if an entry with\n * that encrypted encryption key should be created or deleted.\n */\n encryptionKeys?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n /**\n * Updates for owning entity ids: the key is the encrypted id of an owning entity and the value is if an entry with\n * that encrypted owning entity id should be created or deleted.\n */\n owningEntityIds?: { [encryptedData: string]: EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum }\n}\nexport namespace EntitySharedMetadataUpdateRequest {\n /**\n * Specifies if an entry should be created anew or deleted\n */\n export type EntryUpdateTypeEnum = 'CREATE' | 'DELETE'\n export const EntryUpdateTypeEnum = {\n CREATE: 'CREATE' as EntryUpdateTypeEnum,\n DELETE: 'DELETE' as EntryUpdateTypeEnum,\n }\n}\n"]}
@@ -0,0 +1,23 @@
1
+ import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest';
2
+ /**
3
+ * Result of a bulk share operation.
4
+ */
5
+ export declare class MinimalEntityBulkShareResult {
6
+ constructor(json: JSON | any);
7
+ /**
8
+ * Id of the entity for which the update was requested.
9
+ */
10
+ entityId: string;
11
+ /**
12
+ * Last known revision of the entity before any update, non-null only if an entity matching the requests could be
13
+ * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.
14
+ */
15
+ entityRev?: string;
16
+ /**
17
+ * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the
18
+ * original failed request to the reason of failure.
19
+ */
20
+ rejectedRequests?: {
21
+ [requestId: string]: RejectedShareOrMetadataUpdateRequest;
22
+ };
23
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.MinimalEntityBulkShareResult = void 0;
4
+ /**
5
+ * Result of a bulk share operation.
6
+ */
7
+ class MinimalEntityBulkShareResult {
8
+ constructor(json) {
9
+ Object.assign(this, json);
10
+ }
11
+ }
12
+ exports.MinimalEntityBulkShareResult = MinimalEntityBulkShareResult;
13
+ //# sourceMappingURL=MinimalEntityBulkShareResult.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"MinimalEntityBulkShareResult.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/MinimalEntityBulkShareResult.ts"],"names":[],"mappings":";;;AAGA;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAoC,EAAE,IAAI,CAAC,CAAA;IAC3D,CAAC;CAgBF;AAnBD,oEAmBC","sourcesContent":["import { RejectedShareOrMetadataUpdateRequest } from './RejectedShareOrMetadataUpdateRequest'\nimport { EncryptedEntity } from '../models'\n\n/**\n * Result of a bulk share operation.\n */\nexport class MinimalEntityBulkShareResult {\n constructor(json: JSON | any) {\n Object.assign(this as MinimalEntityBulkShareResult, json)\n }\n\n /**\n * Id of the entity for which the update was requested.\n */\n entityId!: string\n /**\n * Last known revision of the entity before any update, non-null only if an entity matching the requests could be\n * found. This can help to understand if an error is caused by an outdated version of the entity on the client-side.\n */\n entityRev?: string\n /**\n * If a `bulkShare` method fails to apply any of the share requests for an entity this map associates the id of the\n * original failed request to the reason of failure.\n */\n rejectedRequests?: { [requestId: string]: RejectedShareOrMetadataUpdateRequest }\n}\n"]}
@@ -0,0 +1,21 @@
1
+ /**
2
+ * Represents a reason why a share requests failed or was rejected.
3
+ */
4
+ export declare class RejectedShareOrMetadataUpdateRequest {
5
+ constructor(json: JSON | any);
6
+ /**
7
+ * Code of the error, mimics an http status code (400 general user error, 409 conflict, ...).
8
+ */
9
+ code?: number;
10
+ /**
11
+ * If true a new share request with the same content may succeed so the user is encouraged to retry. This could
12
+ * happen if the entity to share changed while verifying the validity of the request (correctness, permissions,
13
+ * ...), and if the entity did not change in ways incompatible with the request re-performing the request in
14
+ * the same way may succeed.
15
+ */
16
+ shouldRetry: boolean;
17
+ /**
18
+ * Human-friendly message explaining the reason of the failure.
19
+ */
20
+ reason?: string;
21
+ }
@@ -0,0 +1,14 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.RejectedShareOrMetadataUpdateRequest = void 0;
4
+ /**
5
+ * Represents a reason why a share requests failed or was rejected.
6
+ */
7
+ class RejectedShareOrMetadataUpdateRequest {
8
+ constructor(json) {
9
+ Object.assign(this, json);
10
+ this.shouldRetry = !!json['shouldRetry'];
11
+ }
12
+ }
13
+ exports.RejectedShareOrMetadataUpdateRequest = RejectedShareOrMetadataUpdateRequest;
14
+ //# sourceMappingURL=RejectedShareOrMetadataUpdateRequest.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"RejectedShareOrMetadataUpdateRequest.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,MAAa,oCAAoC;IAC/C,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAA4C,EAAE,IAAI,CAAC,CAAA;QACjE,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;IAC1C,CAAC;CAiBF;AArBD,oFAqBC","sourcesContent":["/**\n * Represents a reason why a share requests failed or was rejected.\n */\nexport class RejectedShareOrMetadataUpdateRequest {\n constructor(json: JSON | any) {\n Object.assign(this as RejectedShareOrMetadataUpdateRequest, json)\n this.shouldRetry = !!json['shouldRetry']\n }\n\n /**\n * Code of the error, mimics an http status code (400 general user error, 409 conflict, ...).\n */\n code?: number\n /**\n * If true a new share request with the same content may succeed so the user is encouraged to retry. This could\n * happen if the entity to share changed while verifying the validity of the request (correctness, permissions,\n * ...), and if the entity did not change in ways incompatible with the request re-performing the request in\n * the same way may succeed.\n */\n shouldRetry: boolean\n /**\n * Human-friendly message explaining the reason of the failure.\n */\n reason?: string\n}\n"]}
@@ -1,4 +1,5 @@
1
- import { EncryptedEntity } from '../../icc-api/model/models';
1
+ import { EncryptedEntity, SecureDelegation } from '../../icc-api/model/models';
2
+ import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
2
3
  /**
3
4
  * Interface of common methods for XApis of any encryptable entities.
4
5
  */
@@ -35,7 +36,7 @@ export interface EncryptedEntityXApi<T extends EncryptedEntity> {
35
36
  */
36
37
  getDataOwnersWithAccessTo(entity: T): Promise<{
37
38
  permissionsByDataOwnerId: {
38
- [dataOwnerId: string]: 'WRITE';
39
+ [dataOwnerId: string]: AccessLevelEnum;
39
40
  };
40
41
  hasUnknownAnonymousDataOwners: boolean;
41
42
  }>;
@@ -1 +1 @@
1
- {"version":3,"file":"EncryptedEntityXApi.js","sourceRoot":"","sources":["../../../icc-x-api/basexapi/EncryptedEntityXApi.ts"],"names":[],"mappings":"","sourcesContent":["import { EncryptedEntity } from '../../icc-api/model/models'\n\n/**\n * Interface of common methods for XApis of any encryptable entities.\n */\nexport interface EncryptedEntityXApi<T extends EncryptedEntity> {\n /**\n * Get the ids of all data owners with access to the provided entity, including their permissions on the entity. This method also uses the\n * information available to the current user to attempt to identify the anonymous data owners with access to this entity. Note however that\n * the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least an anonymous\n * data owner with access to the entity the value of `hasUnknownAnonymousDataOwners` in the returned object will be `true` (`false` otherwise).\n * Note that users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a\n * specific anonymous data owners has access to an entity through two delegations, one accessible to the current user and one not, the anonymous\n * data owner will appear in the `permissionsByDataOwnerId`, but the `hasUnknownAnonymousDataOwners` will also be `true`, since the user can't know\n * if the other delegation refers to the same anonymous data owner or not.\n *\n * For example consider an entity with the following delegations, where `A` and `B` are unrelated explicit data owners, and `P` is an anonymous\n * data owner:\n * - A -> A - r/w\n * - A -> B - r/w\n * - A -> P - r\n * - B -> P - r/w\n * In this case we can get the following results, depending on whether the current user is `A`, `B` or `P`:\n * - `A` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'READ' }, hasUnknownAnonymousDataOwners: true }` (`A` does not know that\n * `B->P` actually refers to `P`, but only that it was created by `B`)\n * - `B` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: true }` (`B` does not know that\n * `A->P` actually refers to `P`, but only that it was created by `A`)\n * - `P` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: false }` (`P` knows the\n * delegations that he is part of)\n *\n * @param entity an entity.\n * @return an object containing:\n * - `permissionsByDataOwnerId`: a map associating each data owner id with the access level to the entity. Currently only WRITE access is supported.\n * - `hasUnknownAnonymousDataOwners`: a boolean indicating if there are anonymous data owners with access to the entity that the current user can\n * not identify.\n */\n getDataOwnersWithAccessTo(entity: T): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: 'WRITE' }\n hasUnknownAnonymousDataOwners: boolean\n }>\n\n /**\n * @param entity an entity.\n * @return the available encryption keys for the entity, which could be decrypted by the current data owner. Normally this array should contain at\n * most one element but this method in case of entity merges there could be multiple values.\n */\n getEncryptionKeysOf(entity: T): Promise<string[]>\n}\n"]}
1
+ {"version":3,"file":"EncryptedEntityXApi.js","sourceRoot":"","sources":["../../../icc-x-api/basexapi/EncryptedEntityXApi.ts"],"names":[],"mappings":"","sourcesContent":["import { EncryptedEntity, SecureDelegation } from '../../icc-api/model/models'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\n/**\n * Interface of common methods for XApis of any encryptable entities.\n */\nexport interface EncryptedEntityXApi<T extends EncryptedEntity> {\n /**\n * Get the ids of all data owners with access to the provided entity, including their permissions on the entity. This method also uses the\n * information available to the current user to attempt to identify the anonymous data owners with access to this entity. Note however that\n * the user may not be capable of identifying all anonymous data owners with access to the entity. In cases where there is at least an anonymous\n * data owner with access to the entity the value of `hasUnknownAnonymousDataOwners` in the returned object will be `true` (`false` otherwise).\n * Note that users are only capable of identifying anonymous data owners in delegations where the user itself is involved, meaning that if a\n * specific anonymous data owners has access to an entity through two delegations, one accessible to the current user and one not, the anonymous\n * data owner will appear in the `permissionsByDataOwnerId`, but the `hasUnknownAnonymousDataOwners` will also be `true`, since the user can't know\n * if the other delegation refers to the same anonymous data owner or not.\n *\n * For example consider an entity with the following delegations, where `A` and `B` are unrelated explicit data owners, and `P` is an anonymous\n * data owner:\n * - A -> A - r/w\n * - A -> B - r/w\n * - A -> P - r\n * - B -> P - r/w\n * In this case we can get the following results, depending on whether the current user is `A`, `B` or `P`:\n * - `A` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'READ' }, hasUnknownAnonymousDataOwners: true }` (`A` does not know that\n * `B->P` actually refers to `P`, but only that it was created by `B`)\n * - `B` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: true }` (`B` does not know that\n * `A->P` actually refers to `P`, but only that it was created by `A`)\n * - `P` gets `{ permissionsByDataOwnerId: { A: 'WRITE', B: 'WRITE', P: 'WRITE' }, hasUnknownAnonymousDataOwners: false }` (`P` knows the\n * delegations that he is part of)\n *\n * @param entity an entity.\n * @return an object containing:\n * - `permissionsByDataOwnerId`: a map associating each data owner id with the access level to the entity. Currently only WRITE access is supported.\n * - `hasUnknownAnonymousDataOwners`: a boolean indicating if there are anonymous data owners with access to the entity that the current user can\n * not identify.\n */\n getDataOwnersWithAccessTo(entity: T): Promise<{\n permissionsByDataOwnerId: { [dataOwnerId: string]: AccessLevelEnum }\n hasUnknownAnonymousDataOwners: boolean\n }>\n\n /**\n * @param entity an entity.\n * @return the available encryption keys for the entity, which could be decrypted by the current data owner. Normally this array should contain at\n * most one element but this method in case of entity merges there could be multiple values.\n */\n getEncryptionKeysOf(entity: T): Promise<string[]>\n}\n"]}
@@ -95,7 +95,7 @@ class AESUtils {
95
95
  this._debug && console.log(`decipheredData: ${(0, utils_1.ua2hex)(decipheredData)}`);
96
96
  resolve(decipheredData);
97
97
  }, (err) => {
98
- reject('AES decryption failed: ' + err);
98
+ reject(new Error('AES decryption failed: ' + err));
99
99
  });
100
100
  });
101
101
  }
@@ -1 +1 @@
1
- {"version":3,"file":"AES.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/AES.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAuD;AAEvD,MAAa,QAAQ;IAYnB,IAAI,KAAK,CAAC,KAAc;QACtB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QAfvI,iCAAiC;QACjC,aAAQ,GAAG,EAAE,CAAA;QACb,4BAAuB,GAAG,SAAS,CAAA;QAEnC,oBAAe,GAAoB;YACjC,IAAI,EAAE,SAAS;YACf,MAAM,EAAE,GAAG;SACZ,CAAA;QAEO,WAAM,GAAY,KAAK,CAAA;QAO7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,OAAO,IAAI,CAAC,OAAO,CACjB,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAC7D,SAAS,EACT,MAAM,CAAC,+DAA+D;aACvE,CAAA;QACH,CAAC;KAAA;IAED,OAAO,CAAC,SAAoB,EAAE,SAAmC,EAAE,MAAM,GAAG,MAAM;QAChF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAA4B,EAAE,EAAE;YACxF,IAAI,SAAS,YAAY,UAAU,EAAE;gBACnC,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;gBAC/B,SAAS,GAAG,CAAC,MAAM,CAAC,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAgB,CAAA;aACvH;YACD,MAAM,mBAAmB,GAAG;gBAC1B,IAAI,EAAE,IAAI,CAAC,uBAAuB;gBAClC,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;aACnC,CAAA;YACD,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAA,cAAM,EAAC,SAAS,CAAC,SAAS,MAAM,EAAE,CAAC,CAAA;YACzE,IAAI,CAAC,MAAM,CAAC,MAAM;iBACf,OAAO,mBAED,mBAAmB,GAExB,SAAS,EACT,SAAS,CACV;iBACA,IAAI,CACH,CAAC,UAAU,EAAE,EAAE;gBACb,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,IAAA,cAAM,EAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/D,OAAO,OAAO,CAAC,IAAA,oBAAY,EAAC,mBAAmB,CAAC,EAAE,CAAC,MAAqB,EAAE,UAAU,CAAC,CAAC,CAAA;YACxF,CAAC,EACD,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,yBAAyB,GAAG,GAAG,CAAC,CACjD,CAAA;QACL,CAAC,CAAC,CAAA;IACJ,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,OAAO,IAAI,CAAC,OAAO,CACjB,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAC7D,SAAS,EACT,MAAM,CAAC,+DAA+D;aACvE,CAAA;QACH,CAAC;KAAA;IAED;;;;;;OAMG;IACH,OAAO,CAAC,SAAoB,EAAE,aAAuC,EAAE,MAAM,GAAG,MAAM;QACpF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAA4B,EAAE,EAAE;YACxF,IAAI,CAAC,SAAS,EAAE;gBACd,OAAO,MAAM,CAAC,uCAAuC,CAAC,CAAA;aACvD;YACD,MAAM,kBAAkB,GAAG,aAAa,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAA;YAC/G,MAAM,mBAAmB,GAAG;gBAC1B,IAAI,EAAE,IAAI,CAAC,uBAAuB;gBAClC,EAAE,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC;gBAEjD;;;;;;;;;;;;;;;mBAeG;aACJ,CAAA;YACD,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAA,cAAM,EAAC,aAAa,CAAC,SAAS,MAAM,EAAE,CAAC,CAAA;YAC7E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,SAAS,EAAE,kBAAkB,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CACpI,CAAC,cAAc,EAAE,EAAE;gBACjB,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAA,cAAM,EAAC,cAAc,CAAC,EAAE,CAAC,CAAA;gBACvE,OAAO,CAAC,cAAc,CAAC,CAAA;YACzB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;gBACN,MAAM,CAAC,yBAAyB,GAAG,GAAG,CAAC,CAAA;YACzC,CAAC,CACF,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEK,WAAW,CAAC,UAAuB,EAAE,UAAsB;;YAC/D,IAAI;gBACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;aAC/C;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzB,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;iBACzD;qBAAM;oBACL,MAAM,CAAC,CAAA;iBACR;aACF;QACH,CAAC;KAAA;IAWD,iBAAiB,CAAC,KAAc;QAC9B,OAAO,IAAI,OAAO,CAAC,CAAC,OAA2C,EAAE,MAA4B,EAAE,EAAE;YAC/F,MAAM,WAAW,GAAG,IAAI,CAAA;YACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;YACpD,MAAM,gBAAgB,GAAuB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,SAAS,CAAuB,CAAA;YAC/I,OAAO,KAAK,KAAK,SAAS,IAAI,CAAC,KAAK;gBAClC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;gBACxC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;QAChH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,mCAAmC;IACnC,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;IAClF,CAAC;IAYD,SAAS,CAAC,SAAoB,EAAE,MAAqB;QACnD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAA4B,EAAE,EAAE;YACrG,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACrF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,MAAqB,EAAE,MAA6C;QAC5E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAA4B,EAAE,EAAE;YACtF,MAAM,WAAW,GAAG,IAAI,CAAA;YACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;YACpD,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM;iBACtB,SAAS,CAAC,MAAa,EAAE,MAAa,EAAE,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,SAAS,CAAC;iBACrF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,IAAI,MAAM,IAAI,KAAK,IAAI,CAAC,MAAM,YAAY,WAAW,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;oBACpF,OAAO,CAAC,IAAI,CAAC,iBAAiB,IAAA,cAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAA;iBACvD;gBACD,MAAM,GAAG,CAAA;YACX,CAAC,CAAC;iBACD,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC1B,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAhMD,4BAgMC;AAEY,QAAA,GAAG,GAAG,IAAI,QAAQ,EAAE,CAAA","sourcesContent":["import { appendBuffer, hex2ua, ua2hex } from '../utils'\n\nexport class AESUtils {\n /********* AES Config **********/\n ivLength = 16\n aesAlgorithmEncryptName = 'AES-CBC'\n\n aesKeyGenParams: AesKeyGenParams = {\n name: 'AES-CBC',\n length: 256,\n }\n private crypto: Crypto\n private _debug: boolean = false\n\n set debug(value: boolean) {\n this._debug = value\n }\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return this.encrypt(\n await this.importKey('raw', hex2ua(rawKey.replace(/-/g, ''))),\n plainData,\n rawKey // Used for logging only if debug is enabled, ok to always pass\n )\n }\n\n encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array, rawKey = '<NA>'): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject: (reason: any) => any) => {\n if (plainData instanceof Uint8Array) {\n const buffer = plainData.buffer\n plainData = (buffer.byteLength > plainData.byteLength ? buffer.slice(0, plainData.byteLength) : buffer) as ArrayBuffer\n }\n const aesAlgorithmEncrypt = {\n name: this.aesAlgorithmEncryptName,\n iv: this.generateIV(this.ivLength),\n }\n this._debug && console.log(`encrypt ${ua2hex(plainData)} with ${rawKey}`)\n this.crypto.subtle\n .encrypt(\n {\n ...aesAlgorithmEncrypt,\n } /* some ill behaved implementations change the values in place */,\n cryptoKey,\n plainData\n )\n .then(\n (cipherData) => {\n this._debug && console.log(`cipherData: ${ua2hex(cipherData)}`)\n return resolve(appendBuffer(aesAlgorithmEncrypt.iv.buffer as ArrayBuffer, cipherData))\n },\n (err) => reject('AES encryption failed: ' + err)\n )\n })\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return this.decrypt(\n await this.importKey('raw', hex2ua(rawKey.replace(/-/g, ''))),\n plainData,\n rawKey // Used for logging only if debug is enabled, ok to always pass\n )\n }\n\n /**\n *\n * @param cryptoKey (CryptoKey)\n * @param encryptedData (ArrayBuffer)\n * @param rawKey\n * @returns {Promise} will be ArrayBuffer\n */\n decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array, rawKey = '<NA>'): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject: (reason: any) => any) => {\n if (!cryptoKey) {\n return reject('No crypto key provided for decryption')\n }\n const encryptedDataUint8 = encryptedData instanceof ArrayBuffer ? new Uint8Array(encryptedData) : encryptedData\n const aesAlgorithmEncrypt = {\n name: this.aesAlgorithmEncryptName,\n iv: encryptedDataUint8.subarray(0, this.ivLength),\n\n /*\n * IF THIS BIT OF CODE PRODUCES A DOMEXCEPTION CODE 0 ERROR, IT MIGHT BE RELATED TO THIS:\n *\n * NOTOK:\n * if (!hcparty.hcPartyKeys && !hcparty.hcPartyKeys[hcpartyId] && hcparty.hcPartyKeys[hcpartyId].length !== 2) {\n * throw 'No hcPartyKey for this Healthcare party(' + hcpartyId + ').';\n * }\n * var delegateHcPartyKey = hcparty.hcPartyKeys[hcpartyId][1];\n *\n * SHOULD BE:\n * var delegatorId = patient.delegations[hcpartyId][0].owner;\n * if (!hcparty.hcPartyKeys && !hcparty.hcPartyKeys[delegatorId] && hcparty.hcPartyKeys[delegatorId].length !== 2) {\n * throw 'No hcPartyKey for this Healthcare party(' + delegatorId + ').';\n * }\n * var delegateHcPartyKey = hcparty.hcPartyKeys[delegatorId][1];\n */\n }\n this._debug && console.log(`decrypt ${ua2hex(encryptedData)} with ${rawKey}`)\n this.crypto.subtle.decrypt(aesAlgorithmEncrypt, cryptoKey, encryptedDataUint8.subarray(this.ivLength, encryptedDataUint8.length)).then(\n (decipheredData) => {\n this._debug && console.log(`decipheredData: ${ua2hex(decipheredData)}`)\n resolve(decipheredData)\n },\n (err) => {\n reject('AES decryption failed: ' + err)\n }\n )\n })\n }\n\n async decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n // generate an AES key\n // noinspection JSUnusedGlobalSymbols\n /**\n *\n * @param toHex boolean, if true, it returns hex String\n * @returns {Promise} either Hex string or CryptoKey\n */\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n return new Promise((resolve: (value: CryptoKey | string) => any, reject: (reason: any) => any) => {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const cryptoKeyPromise: Promise<CryptoKey> = this.crypto.subtle.generateKey(this.aesKeyGenParams, extractable, keyUsages) as Promise<CryptoKey>\n return toHex === undefined || !toHex\n ? cryptoKeyPromise.then(resolve, reject)\n : cryptoKeyPromise.then((k) => this.exportKey(k, 'raw'), reject).then((raw) => resolve(ua2hex(raw)), reject)\n })\n }\n\n // noinspection JSMethodCanBeStatic\n generateIV(ivByteLength: number): Uint8Array {\n return new Uint8Array(this.crypto.getRandomValues(new Uint8Array(ivByteLength)))\n }\n\n /**\n * This function return a promise which will be the key Format will be either 'raw' or 'jwk'.\n * JWK: Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n *\n * @param cryptoKey CryptoKey\n * @param format will be 'raw' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n return new Promise((resolve: (value: ArrayBuffer | JsonWebKey) => any, reject: (reason: any) => any) => {\n return this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n * the ability to import a key that have already been created elsewhere, for use within the web\n * application that is invoking the import function, for use within the importing web application's\n * origin. This necessiates an interoperable key format, such as JSON Web Key [JWK] which may be\n * represented as octets.\n *\n * https://chromium.googlesource.com/chromium/blink.git/+/6b902997e3ca0384c8fa6fe56f79ecd7589d3ca6/LayoutTests/crypto/resources/common.js\n *\n * @param format 'raw' or 'jwk'\n * @param aesKey\n * @returns {*}\n */\n importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n return new Promise((resolve: (value: CryptoKey) => any, reject: (reason: any) => any) => {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n return this.crypto.subtle\n .importKey(format as any, aesKey as any, this.aesKeyGenParams, extractable, keyUsages)\n .catch((err) => {\n if (format == 'raw' && (aesKey instanceof ArrayBuffer || ArrayBuffer.isView(aesKey))) {\n console.warn(`Import of key ${ua2hex(aesKey)} failed`)\n }\n throw err\n })\n .then(resolve, reject)\n })\n }\n}\n\nexport const AES = new AESUtils()\n"]}
1
+ {"version":3,"file":"AES.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/AES.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAuD;AAEvD,MAAa,QAAQ;IAYnB,IAAI,KAAK,CAAC,KAAc;QACtB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QAfvI,iCAAiC;QACjC,aAAQ,GAAG,EAAE,CAAA;QACb,4BAAuB,GAAG,SAAS,CAAA;QAEnC,oBAAe,GAAoB;YACjC,IAAI,EAAE,SAAS;YACf,MAAM,EAAE,GAAG;SACZ,CAAA;QAEO,WAAM,GAAY,KAAK,CAAA;QAO7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,OAAO,IAAI,CAAC,OAAO,CACjB,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAC7D,SAAS,EACT,MAAM,CAAC,+DAA+D;aACvE,CAAA;QACH,CAAC;KAAA;IAED,OAAO,CAAC,SAAoB,EAAE,SAAmC,EAAE,MAAM,GAAG,MAAM;QAChF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAA4B,EAAE,EAAE;YACxF,IAAI,SAAS,YAAY,UAAU,EAAE;gBACnC,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAA;gBAC/B,SAAS,GAAG,CAAC,MAAM,CAAC,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,CAAgB,CAAA;aACvH;YACD,MAAM,mBAAmB,GAAG;gBAC1B,IAAI,EAAE,IAAI,CAAC,uBAAuB;gBAClC,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;aACnC,CAAA;YACD,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAA,cAAM,EAAC,SAAS,CAAC,SAAS,MAAM,EAAE,CAAC,CAAA;YACzE,IAAI,CAAC,MAAM,CAAC,MAAM;iBACf,OAAO,mBAED,mBAAmB,GAExB,SAAS,EACT,SAAS,CACV;iBACA,IAAI,CACH,CAAC,UAAU,EAAE,EAAE;gBACb,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,IAAA,cAAM,EAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/D,OAAO,OAAO,CAAC,IAAA,oBAAY,EAAC,mBAAmB,CAAC,EAAE,CAAC,MAAqB,EAAE,UAAU,CAAC,CAAC,CAAA;YACxF,CAAC,EACD,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,yBAAyB,GAAG,GAAG,CAAC,CACjD,CAAA;QACL,CAAC,CAAC,CAAA;IACJ,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,OAAO,IAAI,CAAC,OAAO,CACjB,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAC7D,SAAS,EACT,MAAM,CAAC,+DAA+D;aACvE,CAAA;QACH,CAAC;KAAA;IAED;;;;;;OAMG;IACH,OAAO,CAAC,SAAoB,EAAE,aAAuC,EAAE,MAAM,GAAG,MAAM;QACpF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAA4B,EAAE,EAAE;YACxF,IAAI,CAAC,SAAS,EAAE;gBACd,OAAO,MAAM,CAAC,uCAAuC,CAAC,CAAA;aACvD;YACD,MAAM,kBAAkB,GAAG,aAAa,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,aAAa,CAAA;YAC/G,MAAM,mBAAmB,GAAG;gBAC1B,IAAI,EAAE,IAAI,CAAC,uBAAuB;gBAClC,EAAE,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC;gBAEjD;;;;;;;;;;;;;;;mBAeG;aACJ,CAAA;YACD,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,IAAA,cAAM,EAAC,aAAa,CAAC,SAAS,MAAM,EAAE,CAAC,CAAA;YAC7E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,SAAS,EAAE,kBAAkB,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CACpI,CAAC,cAAc,EAAE,EAAE;gBACjB,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAA,cAAM,EAAC,cAAc,CAAC,EAAE,CAAC,CAAA;gBACvE,OAAO,CAAC,cAAc,CAAC,CAAA;YACzB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;gBACN,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,GAAG,GAAG,CAAC,CAAC,CAAA;YACpD,CAAC,CACF,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAEK,WAAW,CAAC,UAAuB,EAAE,UAAsB;;YAC/D,IAAI;gBACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;aAC/C;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzB,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;iBACzD;qBAAM;oBACL,MAAM,CAAC,CAAA;iBACR;aACF;QACH,CAAC;KAAA;IAWD,iBAAiB,CAAC,KAAc;QAC9B,OAAO,IAAI,OAAO,CAAC,CAAC,OAA2C,EAAE,MAA4B,EAAE,EAAE;YAC/F,MAAM,WAAW,GAAG,IAAI,CAAA;YACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;YACpD,MAAM,gBAAgB,GAAuB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,SAAS,CAAuB,CAAA;YAC/I,OAAO,KAAK,KAAK,SAAS,IAAI,CAAC,KAAK;gBAClC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;gBACxC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;QAChH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,mCAAmC;IACnC,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;IAClF,CAAC;IAYD,SAAS,CAAC,SAAoB,EAAE,MAAqB;QACnD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAA4B,EAAE,EAAE;YACrG,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACrF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;;;OAWG;IACH,SAAS,CAAC,MAAqB,EAAE,MAA6C;QAC5E,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAA4B,EAAE,EAAE;YACtF,MAAM,WAAW,GAAG,IAAI,CAAA;YACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;YACpD,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM;iBACtB,SAAS,CAAC,MAAa,EAAE,MAAa,EAAE,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,SAAS,CAAC;iBACrF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;gBACb,IAAI,MAAM,IAAI,KAAK,IAAI,CAAC,MAAM,YAAY,WAAW,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;oBACpF,OAAO,CAAC,IAAI,CAAC,iBAAiB,IAAA,cAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAA;iBACvD;gBACD,MAAM,GAAG,CAAA;YACX,CAAC,CAAC;iBACD,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC1B,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAhMD,4BAgMC;AAEY,QAAA,GAAG,GAAG,IAAI,QAAQ,EAAE,CAAA","sourcesContent":["import { appendBuffer, hex2ua, ua2hex } from '../utils'\n\nexport class AESUtils {\n /********* AES Config **********/\n ivLength = 16\n aesAlgorithmEncryptName = 'AES-CBC'\n\n aesKeyGenParams: AesKeyGenParams = {\n name: 'AES-CBC',\n length: 256,\n }\n private crypto: Crypto\n private _debug: boolean = false\n\n set debug(value: boolean) {\n this._debug = value\n }\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return this.encrypt(\n await this.importKey('raw', hex2ua(rawKey.replace(/-/g, ''))),\n plainData,\n rawKey // Used for logging only if debug is enabled, ok to always pass\n )\n }\n\n encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array, rawKey = '<NA>'): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject: (reason: any) => any) => {\n if (plainData instanceof Uint8Array) {\n const buffer = plainData.buffer\n plainData = (buffer.byteLength > plainData.byteLength ? buffer.slice(0, plainData.byteLength) : buffer) as ArrayBuffer\n }\n const aesAlgorithmEncrypt = {\n name: this.aesAlgorithmEncryptName,\n iv: this.generateIV(this.ivLength),\n }\n this._debug && console.log(`encrypt ${ua2hex(plainData)} with ${rawKey}`)\n this.crypto.subtle\n .encrypt(\n {\n ...aesAlgorithmEncrypt,\n } /* some ill behaved implementations change the values in place */,\n cryptoKey,\n plainData\n )\n .then(\n (cipherData) => {\n this._debug && console.log(`cipherData: ${ua2hex(cipherData)}`)\n return resolve(appendBuffer(aesAlgorithmEncrypt.iv.buffer as ArrayBuffer, cipherData))\n },\n (err) => reject('AES encryption failed: ' + err)\n )\n })\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return this.decrypt(\n await this.importKey('raw', hex2ua(rawKey.replace(/-/g, ''))),\n plainData,\n rawKey // Used for logging only if debug is enabled, ok to always pass\n )\n }\n\n /**\n *\n * @param cryptoKey (CryptoKey)\n * @param encryptedData (ArrayBuffer)\n * @param rawKey\n * @returns {Promise} will be ArrayBuffer\n */\n decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array, rawKey = '<NA>'): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject: (reason: any) => any) => {\n if (!cryptoKey) {\n return reject('No crypto key provided for decryption')\n }\n const encryptedDataUint8 = encryptedData instanceof ArrayBuffer ? new Uint8Array(encryptedData) : encryptedData\n const aesAlgorithmEncrypt = {\n name: this.aesAlgorithmEncryptName,\n iv: encryptedDataUint8.subarray(0, this.ivLength),\n\n /*\n * IF THIS BIT OF CODE PRODUCES A DOMEXCEPTION CODE 0 ERROR, IT MIGHT BE RELATED TO THIS:\n *\n * NOTOK:\n * if (!hcparty.hcPartyKeys && !hcparty.hcPartyKeys[hcpartyId] && hcparty.hcPartyKeys[hcpartyId].length !== 2) {\n * throw 'No hcPartyKey for this Healthcare party(' + hcpartyId + ').';\n * }\n * var delegateHcPartyKey = hcparty.hcPartyKeys[hcpartyId][1];\n *\n * SHOULD BE:\n * var delegatorId = patient.delegations[hcpartyId][0].owner;\n * if (!hcparty.hcPartyKeys && !hcparty.hcPartyKeys[delegatorId] && hcparty.hcPartyKeys[delegatorId].length !== 2) {\n * throw 'No hcPartyKey for this Healthcare party(' + delegatorId + ').';\n * }\n * var delegateHcPartyKey = hcparty.hcPartyKeys[delegatorId][1];\n */\n }\n this._debug && console.log(`decrypt ${ua2hex(encryptedData)} with ${rawKey}`)\n this.crypto.subtle.decrypt(aesAlgorithmEncrypt, cryptoKey, encryptedDataUint8.subarray(this.ivLength, encryptedDataUint8.length)).then(\n (decipheredData) => {\n this._debug && console.log(`decipheredData: ${ua2hex(decipheredData)}`)\n resolve(decipheredData)\n },\n (err) => {\n reject(new Error('AES decryption failed: ' + err))\n }\n )\n })\n }\n\n async decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n // generate an AES key\n // noinspection JSUnusedGlobalSymbols\n /**\n *\n * @param toHex boolean, if true, it returns hex String\n * @returns {Promise} either Hex string or CryptoKey\n */\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n return new Promise((resolve: (value: CryptoKey | string) => any, reject: (reason: any) => any) => {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const cryptoKeyPromise: Promise<CryptoKey> = this.crypto.subtle.generateKey(this.aesKeyGenParams, extractable, keyUsages) as Promise<CryptoKey>\n return toHex === undefined || !toHex\n ? cryptoKeyPromise.then(resolve, reject)\n : cryptoKeyPromise.then((k) => this.exportKey(k, 'raw'), reject).then((raw) => resolve(ua2hex(raw)), reject)\n })\n }\n\n // noinspection JSMethodCanBeStatic\n generateIV(ivByteLength: number): Uint8Array {\n return new Uint8Array(this.crypto.getRandomValues(new Uint8Array(ivByteLength)))\n }\n\n /**\n * This function return a promise which will be the key Format will be either 'raw' or 'jwk'.\n * JWK: Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n *\n * @param cryptoKey CryptoKey\n * @param format will be 'raw' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n return new Promise((resolve: (value: ArrayBuffer | JsonWebKey) => any, reject: (reason: any) => any) => {\n return this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n * the ability to import a key that have already been created elsewhere, for use within the web\n * application that is invoking the import function, for use within the importing web application's\n * origin. This necessiates an interoperable key format, such as JSON Web Key [JWK] which may be\n * represented as octets.\n *\n * https://chromium.googlesource.com/chromium/blink.git/+/6b902997e3ca0384c8fa6fe56f79ecd7589d3ca6/LayoutTests/crypto/resources/common.js\n *\n * @param format 'raw' or 'jwk'\n * @param aesKey\n * @returns {*}\n */\n importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n return new Promise((resolve: (value: CryptoKey) => any, reject: (reason: any) => any) => {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n return this.crypto.subtle\n .importKey(format as any, aesKey as any, this.aesKeyGenParams, extractable, keyUsages)\n .catch((err) => {\n if (format == 'raw' && (aesKey instanceof ArrayBuffer || ArrayBuffer.isView(aesKey))) {\n console.warn(`Import of key ${ua2hex(aesKey)} failed`)\n }\n throw err\n })\n .then(resolve, reject)\n })\n }\n}\n\nexport const AES = new AESUtils()\n"]}
@@ -0,0 +1,16 @@
1
+ import { ExchangeDataManager } from './ExchangeDataManager';
2
+ import { XHR } from '../../icc-api/api/XHR';
3
+ import { EntityWithDelegationTypeName } from '../utils/EntityWithDelegationTypeName';
4
+ /**
5
+ * @internal this class is intended for internal use only and may be changed without notice.
6
+ */
7
+ export declare class AccessControlKeysHeadersProvider {
8
+ private readonly exchangeDataManager;
9
+ constructor(exchangeDataManager: ExchangeDataManager);
10
+ /**
11
+ * Add the access control keys headers to the provided initial headers, allowing access control on users with anonymous delegations.
12
+ * @param initialHeaders the initial headers
13
+ * @param entityType the type of entity which the user is attempting to retrieve.
14
+ */
15
+ addAccessControlKeysHeaders(initialHeaders: XHR.Header[], entityType: EntityWithDelegationTypeName): Promise<XHR.Header[]>;
16
+ }
@@ -0,0 +1,41 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.AccessControlKeysHeadersProvider = void 0;
13
+ const XHR_1 = require("../../icc-api/api/XHR");
14
+ const ACCESS_CONTROL_KEYS_HEADER = 'Icure-Access-Control-Keys';
15
+ /**
16
+ * @internal this class is intended for internal use only and may be changed without notice.
17
+ */
18
+ class AccessControlKeysHeadersProvider {
19
+ constructor(exchangeDataManager) {
20
+ this.exchangeDataManager = exchangeDataManager;
21
+ }
22
+ // This will be enough only as long as we don't use the entities sfks in the access control keys.
23
+ /**
24
+ * Add the access control keys headers to the provided initial headers, allowing access control on users with anonymous delegations.
25
+ * @param initialHeaders the initial headers
26
+ * @param entityType the type of entity which the user is attempting to retrieve.
27
+ */
28
+ addAccessControlKeysHeaders(initialHeaders, entityType) {
29
+ return __awaiter(this, void 0, void 0, function* () {
30
+ const accessControlKeysValue = yield this.exchangeDataManager.getAccessControlKeysValue(entityType);
31
+ if (accessControlKeysValue) {
32
+ return [...initialHeaders, new XHR_1.XHR.Header(ACCESS_CONTROL_KEYS_HEADER, accessControlKeysValue)];
33
+ }
34
+ else {
35
+ return initialHeaders;
36
+ }
37
+ });
38
+ }
39
+ }
40
+ exports.AccessControlKeysHeadersProvider = AccessControlKeysHeadersProvider;
41
+ //# sourceMappingURL=AccessControlKeysHeadersProvider.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AccessControlKeysHeadersProvider.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/AccessControlKeysHeadersProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAG3C,MAAM,0BAA0B,GAAG,2BAA2B,CAAA;AAE9D;;GAEG;AACH,MAAa,gCAAgC;IAC3C,YAA6B,mBAAwC;QAAxC,wBAAmB,GAAnB,mBAAmB,CAAqB;IAAG,CAAC;IAEzE,iGAAiG;IACjG;;;;OAIG;IACG,2BAA2B,CAAC,cAA4B,EAAE,UAAwC;;YACtG,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;YACnG,IAAI,sBAAsB,EAAE;gBAC1B,OAAO,CAAC,GAAG,cAAc,EAAE,IAAI,SAAG,CAAC,MAAM,CAAC,0BAA0B,EAAE,sBAAsB,CAAC,CAAC,CAAA;aAC/F;iBAAM;gBACL,OAAO,cAAc,CAAA;aACtB;QACH,CAAC;KAAA;CACF;AAjBD,4EAiBC","sourcesContent":["import { ExchangeDataManager } from './ExchangeDataManager'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { EntityWithDelegationTypeName } from '../utils/EntityWithDelegationTypeName'\n\nconst ACCESS_CONTROL_KEYS_HEADER = 'Icure-Access-Control-Keys'\n\n/**\n * @internal this class is intended for internal use only and may be changed without notice.\n */\nexport class AccessControlKeysHeadersProvider {\n constructor(private readonly exchangeDataManager: ExchangeDataManager) {}\n\n // This will be enough only as long as we don't use the entities sfks in the access control keys.\n /**\n * Add the access control keys headers to the provided initial headers, allowing access control on users with anonymous delegations.\n * @param initialHeaders the initial headers\n * @param entityType the type of entity which the user is attempting to retrieve.\n */\n async addAccessControlKeysHeaders(initialHeaders: XHR.Header[], entityType: EntityWithDelegationTypeName): Promise<XHR.Header[]> {\n const accessControlKeysValue = await this.exchangeDataManager.getAccessControlKeysValue(entityType)\n if (accessControlKeysValue) {\n return [...initialHeaders, new XHR.Header(ACCESS_CONTROL_KEYS_HEADER, accessControlKeysValue)]\n } else {\n return initialHeaders\n }\n }\n}\n"]}
@@ -0,0 +1,42 @@
1
+ import { CryptoPrimitives } from './CryptoPrimitives';
2
+ import { EntityWithDelegationTypeName } from '../utils/EntityWithDelegationTypeName';
3
+ /**
4
+ * @internal this class is intended for internal use only and may be changed without notice.
5
+ */
6
+ export declare class AccessControlSecretUtils {
7
+ private readonly primitives;
8
+ constructor(primitives: CryptoPrimitives);
9
+ /**
10
+ * Size of the access control keys returned by this class.
11
+ */
12
+ get accessControlKeyLengthBytes(): number;
13
+ /**
14
+ * Get the access control key to use for entities of the provided type and using the provided secret foreign key. The combination of secret foreign
15
+ * keys and entity type ensures that unauthorised people will not be able to draw links between entities of different types of data or different
16
+ * confidentiality levels.
17
+ * These keys will be sent to the icure server for access control of data owners which require anonymous delegations.
18
+ * @param accessControlSecret an access control secret
19
+ * @param entityTypeName an entity type name
20
+ * @param secretForeignKey optionally a secret foreign key to include in the secret. "" and undefined are equivalent.
21
+ */
22
+ accessControlKeyFor(accessControlSecret: string, entityTypeName: EntityWithDelegationTypeName, secretForeignKey: string | undefined): Promise<ArrayBuffer>;
23
+ /**
24
+ * Get the access control keys for proving access to an entity of provided type with the provided secret foreign keys.
25
+ */
26
+ accessControlKeysFor(accessControlSecret: string, entityTypeName: EntityWithDelegationTypeName, secretForeignKeys: string[]): Promise<ArrayBuffer[]>;
27
+ /**
28
+ * Get value to use as key in secure delegations for entities of the provided type with the provided secret foreign key. The combination of secret
29
+ * foreign keys and entity type ensures that unauthorised people will not be able to draw links between entities of different types of data or
30
+ * different confidentiality levels.
31
+ * These keys will be used in the secure delegations map of security metadata.
32
+ * @param accessControlSecret an access control secret
33
+ * @param entityTypeName an entity type name
34
+ * @param secretForeignKey optionally a secret foreign key to include in the secret. "" and undefined are equivalent.
35
+ */
36
+ secureDelegationKeyFor(accessControlSecret: string, entityTypeName: EntityWithDelegationTypeName, secretForeignKey: string | undefined): Promise<string>;
37
+ /**
38
+ * Get the secure delegations keys which can be used on an entity of provided type with the provided secret foreign keys.
39
+ */
40
+ secureDelegationKeysFor(accessControlSecret: string, entityTypeName: EntityWithDelegationTypeName, secretForeignKeys: string[]): Promise<string[]>;
41
+ private getKeys;
42
+ }