@icure/api 7.1.16 → 8.0.0-RC.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (363) hide show
  1. package/icc-api/api/IccAccesslogApi.d.ts +12 -1
  2. package/icc-api/api/IccAccesslogApi.js +142 -98
  3. package/icc-api/api/IccAccesslogApi.js.map +1 -1
  4. package/icc-api/api/IccBemikronoApi.d.ts +81 -0
  5. package/icc-api/api/IccBemikronoApi.js +163 -0
  6. package/icc-api/api/IccBemikronoApi.js.map +1 -0
  7. package/icc-api/api/IccCalendarItemApi.d.ts +21 -1
  8. package/icc-api/api/IccCalendarItemApi.js +183 -117
  9. package/icc-api/api/IccCalendarItemApi.js.map +1 -1
  10. package/icc-api/api/IccClassificationApi.d.ts +21 -1
  11. package/icc-api/api/IccClassificationApi.js +119 -63
  12. package/icc-api/api/IccClassificationApi.js.map +1 -1
  13. package/icc-api/api/IccContactApi.d.ts +21 -1
  14. package/icc-api/api/IccContactApi.js +385 -294
  15. package/icc-api/api/IccContactApi.js.map +1 -1
  16. package/icc-api/api/IccDocumentApi.d.ts +38 -25
  17. package/icc-api/api/IccDocumentApi.js +279 -212
  18. package/icc-api/api/IccDocumentApi.js.map +1 -1
  19. package/icc-api/api/IccExchangeDataApi.d.ts +19 -0
  20. package/icc-api/api/IccExchangeDataApi.js +85 -0
  21. package/icc-api/api/IccExchangeDataApi.js.map +1 -0
  22. package/icc-api/api/IccExchangeDataMapApi.d.ts +18 -0
  23. package/icc-api/api/IccExchangeDataMapApi.js +65 -0
  24. package/icc-api/api/IccExchangeDataMapApi.js.map +1 -0
  25. package/icc-api/api/IccFormApi.d.ts +21 -1
  26. package/icc-api/api/IccFormApi.js +321 -229
  27. package/icc-api/api/IccFormApi.js.map +1 -1
  28. package/icc-api/api/IccHelementApi.d.ts +21 -1
  29. package/icc-api/api/IccHelementApi.js +207 -137
  30. package/icc-api/api/IccHelementApi.js.map +1 -1
  31. package/icc-api/api/IccInvoiceApi.d.ts +21 -1
  32. package/icc-api/api/IccInvoiceApi.js +404 -298
  33. package/icc-api/api/IccInvoiceApi.js.map +1 -1
  34. package/icc-api/api/IccMaintenanceTaskApi.d.ts +12 -1
  35. package/icc-api/api/IccMaintenanceTaskApi.js +79 -43
  36. package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
  37. package/icc-api/api/IccMessageApi.d.ts +28 -1
  38. package/icc-api/api/IccMessageApi.js +294 -191
  39. package/icc-api/api/IccMessageApi.js.map +1 -1
  40. package/icc-api/api/IccPatientApi.d.ts +12 -1
  41. package/icc-api/api/IccPatientApi.js +447 -351
  42. package/icc-api/api/IccPatientApi.js.map +1 -1
  43. package/icc-api/api/IccReceiptApi.d.ts +22 -8
  44. package/icc-api/api/IccReceiptApi.js +121 -64
  45. package/icc-api/api/IccReceiptApi.js.map +1 -1
  46. package/icc-api/api/IccRestApiPath.js +1 -1
  47. package/icc-api/api/IccRestApiPath.js.map +1 -1
  48. package/icc-api/api/IccSecureDelegationKeyMapApi.d.ts +26 -0
  49. package/icc-api/api/IccSecureDelegationKeyMapApi.js +71 -0
  50. package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +1 -0
  51. package/icc-api/api/IccTimeTableApi.d.ts +12 -1
  52. package/icc-api/api/IccTimeTableApi.js +86 -48
  53. package/icc-api/api/IccTimeTableApi.js.map +1 -1
  54. package/icc-api/api/IccTopicApi.d.ts +90 -0
  55. package/icc-api/api/IccTopicApi.js +193 -0
  56. package/icc-api/api/IccTopicApi.js.map +1 -0
  57. package/icc-api/index.d.ts +2 -0
  58. package/icc-api/index.js +2 -0
  59. package/icc-api/index.js.map +1 -1
  60. package/icc-api/model/AbstractFilterMessage.d.ts +15 -0
  61. package/icc-api/model/AbstractFilterMessage.js +21 -0
  62. package/icc-api/model/AbstractFilterMessage.js.map +1 -0
  63. package/icc-api/model/AbstractFilterTopic.d.ts +15 -0
  64. package/icc-api/model/AbstractFilterTopic.js +21 -0
  65. package/icc-api/model/AbstractFilterTopic.js.map +1 -0
  66. package/icc-api/model/AccessLog.d.ts +2 -0
  67. package/icc-api/model/AccessLog.js.map +1 -1
  68. package/icc-api/model/Article.d.ts +2 -0
  69. package/icc-api/model/Article.js.map +1 -1
  70. package/icc-api/model/CalendarItem.d.ts +2 -0
  71. package/icc-api/model/CalendarItem.js.map +1 -1
  72. package/icc-api/model/Classification.d.ts +2 -0
  73. package/icc-api/model/Classification.js.map +1 -1
  74. package/icc-api/model/ClassificationTemplate.d.ts +2 -0
  75. package/icc-api/model/ClassificationTemplate.js.map +1 -1
  76. package/icc-api/model/Connection.d.ts +1 -1
  77. package/icc-api/model/Connection.js.map +1 -1
  78. package/icc-api/model/Contact.d.ts +2 -0
  79. package/icc-api/model/Contact.js.map +1 -1
  80. package/icc-api/model/Device.d.ts +4 -4
  81. package/icc-api/model/Device.js.map +1 -1
  82. package/icc-api/model/Document.d.ts +2 -0
  83. package/icc-api/model/Document.js.map +1 -1
  84. package/icc-api/model/ExchangeDataMapCreationBatch.d.ts +13 -0
  85. package/icc-api/model/ExchangeDataMapCreationBatch.js +10 -0
  86. package/icc-api/model/ExchangeDataMapCreationBatch.js.map +1 -0
  87. package/icc-api/model/FilterChainMessage.d.ts +19 -0
  88. package/icc-api/model/FilterChainMessage.js +11 -0
  89. package/icc-api/model/FilterChainMessage.js.map +1 -0
  90. package/icc-api/model/FilterChainTopic.d.ts +19 -0
  91. package/icc-api/model/FilterChainTopic.js +11 -0
  92. package/icc-api/model/FilterChainTopic.js.map +1 -0
  93. package/icc-api/model/Form.d.ts +2 -0
  94. package/icc-api/model/Form.js.map +1 -1
  95. package/icc-api/model/HealthElement.d.ts +2 -0
  96. package/icc-api/model/HealthElement.js.map +1 -1
  97. package/icc-api/model/HealthcareParty.d.ts +2 -2
  98. package/icc-api/model/HealthcareParty.js +13 -1
  99. package/icc-api/model/HealthcareParty.js.map +1 -1
  100. package/icc-api/model/IcureStub.d.ts +2 -0
  101. package/icc-api/model/IcureStub.js.map +1 -1
  102. package/icc-api/model/Invoice.d.ts +2 -0
  103. package/icc-api/model/Invoice.js.map +1 -1
  104. package/icc-api/model/MaintenanceTask.d.ts +13 -10
  105. package/icc-api/model/MaintenanceTask.js +13 -11
  106. package/icc-api/model/MaintenanceTask.js.map +1 -1
  107. package/icc-api/model/Message.d.ts +2 -0
  108. package/icc-api/model/Message.js.map +1 -1
  109. package/icc-api/model/PaginatedListExchangeData.d.ts +9 -0
  110. package/icc-api/model/PaginatedListExchangeData.js +10 -0
  111. package/icc-api/model/PaginatedListExchangeData.js.map +1 -0
  112. package/icc-api/model/PaginatedListTopic.d.ts +20 -0
  113. package/icc-api/model/PaginatedListTopic.js +10 -0
  114. package/icc-api/model/PaginatedListTopic.js.map +1 -0
  115. package/icc-api/model/Patient.d.ts +4 -2
  116. package/icc-api/model/Patient.js.map +1 -1
  117. package/icc-api/model/PatientByHcPartyGenderEducationProfession.d.ts +31 -0
  118. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +32 -0
  119. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -0
  120. package/icc-api/model/Receipt.d.ts +2 -0
  121. package/icc-api/model/Receipt.js.map +1 -1
  122. package/icc-api/model/SecureDelegation.d.ts +52 -0
  123. package/icc-api/model/SecureDelegation.js +16 -0
  124. package/icc-api/model/SecureDelegation.js.map +1 -0
  125. package/icc-api/model/SecurityMetadata.d.ts +33 -0
  126. package/icc-api/model/SecurityMetadata.js +13 -0
  127. package/icc-api/model/SecurityMetadata.js.map +1 -0
  128. package/icc-api/model/Service.d.ts +2 -0
  129. package/icc-api/model/Service.js.map +1 -1
  130. package/icc-api/model/TimeTable.d.ts +2 -0
  131. package/icc-api/model/TimeTable.js.map +1 -1
  132. package/icc-api/model/Topic.d.ts +95 -0
  133. package/icc-api/model/Topic.js +16 -0
  134. package/icc-api/model/Topic.js.map +1 -0
  135. package/icc-api/model/internal/ExchangeData.d.ts +64 -0
  136. package/icc-api/model/internal/ExchangeData.js +15 -0
  137. package/icc-api/model/internal/ExchangeData.js.map +1 -0
  138. package/icc-api/model/internal/ExchangeDataMap.d.ts +24 -0
  139. package/icc-api/model/internal/ExchangeDataMap.js +13 -0
  140. package/icc-api/model/internal/ExchangeDataMap.js.map +1 -0
  141. package/icc-api/model/internal/SecureDelegationKeyMap.d.ts +14 -0
  142. package/icc-api/model/internal/SecureDelegationKeyMap.js +13 -0
  143. package/icc-api/model/internal/SecureDelegationKeyMap.js.map +1 -0
  144. package/icc-api/model/models.d.ts +26 -40
  145. package/icc-api/model/models.js +19 -37
  146. package/icc-api/model/models.js.map +1 -1
  147. package/icc-api/model/requests/EntityBulkShareResult.d.ts +28 -0
  148. package/icc-api/model/requests/EntityBulkShareResult.js +16 -0
  149. package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -0
  150. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.d.ts +10 -0
  151. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js +17 -0
  152. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -0
  153. package/icc-api/model/requests/EntityShareRequest.d.ts +110 -0
  154. package/icc-api/model/requests/EntityShareRequest.js +63 -0
  155. package/icc-api/model/requests/EntityShareRequest.js.map +1 -0
  156. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.d.ts +54 -0
  157. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +24 -0
  158. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -0
  159. package/icc-api/model/requests/MinimalEntityBulkShareResult.d.ts +23 -0
  160. package/icc-api/model/requests/MinimalEntityBulkShareResult.js +13 -0
  161. package/icc-api/model/requests/MinimalEntityBulkShareResult.js.map +1 -0
  162. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.d.ts +21 -0
  163. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js +14 -0
  164. package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js.map +1 -0
  165. package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +55 -6
  166. package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -1
  167. package/icc-x-api/crypto/AES.js +1 -1
  168. package/icc-x-api/crypto/AES.js.map +1 -1
  169. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.d.ts +18 -0
  170. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js +50 -0
  171. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -0
  172. package/icc-x-api/crypto/AccessControlSecretUtils.d.ts +43 -0
  173. package/icc-x-api/crypto/AccessControlSecretUtils.js +97 -0
  174. package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -0
  175. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +146 -0
  176. package/icc-x-api/crypto/BaseExchangeDataManager.js +342 -0
  177. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -0
  178. package/icc-x-api/crypto/BaseExchangeKeysManager.d.ts +0 -18
  179. package/icc-x-api/crypto/BaseExchangeKeysManager.js +11 -85
  180. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  181. package/icc-x-api/crypto/ConfidentialEntities.d.ts +26 -16
  182. package/icc-x-api/crypto/ConfidentialEntities.js +30 -17
  183. package/icc-x-api/crypto/ConfidentialEntities.js.map +1 -1
  184. package/icc-x-api/crypto/CryptoStrategies.d.ts +8 -1
  185. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  186. package/icc-x-api/crypto/DelegationsDeAnonymization.d.ts +44 -0
  187. package/icc-x-api/crypto/DelegationsDeAnonymization.js +235 -0
  188. package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -0
  189. package/icc-x-api/crypto/ExchangeDataManager.d.ts +97 -0
  190. package/icc-x-api/crypto/ExchangeDataManager.js +501 -0
  191. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -0
  192. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +32 -0
  193. package/icc-x-api/crypto/ExchangeDataMapManager.js +70 -0
  194. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -0
  195. package/icc-x-api/crypto/ExchangeKeysManager.d.ts +4 -16
  196. package/icc-x-api/crypto/ExchangeKeysManager.js +4 -62
  197. package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
  198. package/icc-x-api/crypto/ExtendedApisUtils.d.ts +326 -0
  199. package/icc-x-api/crypto/ExtendedApisUtils.js +3 -0
  200. package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -0
  201. package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +174 -0
  202. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +559 -0
  203. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -0
  204. package/icc-x-api/crypto/KeyRecovery.d.ts +5 -2
  205. package/icc-x-api/crypto/KeyRecovery.js +59 -29
  206. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  207. package/icc-x-api/crypto/LegacyCryptoStrategies.d.ts +7 -2
  208. package/icc-x-api/crypto/LegacyCryptoStrategies.js +8 -1
  209. package/icc-x-api/crypto/LegacyCryptoStrategies.js.map +1 -1
  210. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.d.ts +33 -0
  211. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js +141 -0
  212. package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js.map +1 -0
  213. package/icc-x-api/crypto/RSA.d.ts +34 -8
  214. package/icc-x-api/crypto/RSA.js +80 -13
  215. package/icc-x-api/crypto/RSA.js.map +1 -1
  216. package/icc-x-api/crypto/SecureDelegationsEncryption.d.ts +54 -0
  217. package/icc-x-api/crypto/SecureDelegationsEncryption.js +178 -0
  218. package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -0
  219. package/icc-x-api/crypto/SecureDelegationsManager.d.ts +66 -0
  220. package/icc-x-api/crypto/SecureDelegationsManager.js +261 -0
  221. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -0
  222. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.d.ts +46 -0
  223. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js +312 -0
  224. package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js.map +1 -0
  225. package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +97 -0
  226. package/icc-x-api/crypto/SecurityMetadataDecryptor.js +79 -0
  227. package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -0
  228. package/icc-x-api/crypto/ShamirKeysManager.d.ts +5 -5
  229. package/icc-x-api/crypto/ShamirKeysManager.js +6 -9
  230. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  231. package/icc-x-api/crypto/TransferKeysManager.d.ts +8 -6
  232. package/icc-x-api/crypto/TransferKeysManager.js +75 -52
  233. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  234. package/icc-x-api/crypto/{KeyManager.d.ts → UserEncryptionKeysManager.d.ts} +4 -6
  235. package/icc-x-api/crypto/{KeyManager.js → UserEncryptionKeysManager.js} +43 -23
  236. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -0
  237. package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +26 -0
  238. package/icc-x-api/crypto/UserSignatureKeysManager.js +74 -0
  239. package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -0
  240. package/icc-x-api/crypto/utils.d.ts +61 -11
  241. package/icc-x-api/crypto/utils.js +113 -44
  242. package/icc-x-api/crypto/utils.js.map +1 -1
  243. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.d.ts +8 -0
  244. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js +13 -0
  245. package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js.map +1 -0
  246. package/icc-x-api/filters/MessageByHcPartyFilter.d.ts +7 -0
  247. package/icc-x-api/filters/MessageByHcPartyFilter.js +13 -0
  248. package/icc-x-api/filters/MessageByHcPartyFilter.js.map +1 -0
  249. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.d.ts +8 -0
  250. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js +13 -0
  251. package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js.map +1 -0
  252. package/icc-x-api/filters/TopicByHcPartyFilter.d.ts +7 -0
  253. package/icc-x-api/filters/TopicByHcPartyFilter.js +13 -0
  254. package/icc-x-api/filters/TopicByHcPartyFilter.js.map +1 -0
  255. package/icc-x-api/filters/TopicByParticipantFilter.d.ts +7 -0
  256. package/icc-x-api/filters/TopicByParticipantFilter.js +13 -0
  257. package/icc-x-api/filters/TopicByParticipantFilter.js.map +1 -0
  258. package/icc-x-api/filters/filters.d.ts +5 -0
  259. package/icc-x-api/filters/filters.js +5 -0
  260. package/icc-x-api/filters/filters.js.map +1 -1
  261. package/icc-x-api/icc-accesslog-x-api.d.ts +49 -12
  262. package/icc-x-api/icc-accesslog-x-api.js +81 -44
  263. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  264. package/icc-x-api/icc-calendar-item-x-api.d.ts +53 -15
  265. package/icc-x-api/icc-calendar-item-x-api.js +105 -51
  266. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  267. package/icc-x-api/icc-classification-x-api.d.ts +47 -10
  268. package/icc-x-api/icc-classification-x-api.js +62 -33
  269. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  270. package/icc-x-api/icc-contact-x-api.d.ts +59 -33
  271. package/icc-x-api/icc-contact-x-api.js +101 -66
  272. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  273. package/icc-x-api/icc-crypto-x-api.d.ts +33 -333
  274. package/icc-x-api/icc-crypto-x-api.js +47 -764
  275. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  276. package/icc-x-api/icc-data-owner-x-api.d.ts +20 -8
  277. package/icc-x-api/icc-data-owner-x-api.js +31 -10
  278. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  279. package/icc-x-api/icc-document-x-api.d.ts +51 -12
  280. package/icc-x-api/icc-document-x-api.js +117 -66
  281. package/icc-x-api/icc-document-x-api.js.map +1 -1
  282. package/icc-x-api/icc-form-x-api.d.ts +48 -11
  283. package/icc-x-api/icc-form-x-api.js +71 -37
  284. package/icc-x-api/icc-form-x-api.js.map +1 -1
  285. package/icc-x-api/icc-hcparty-x-api.d.ts +2 -2
  286. package/icc-x-api/icc-hcparty-x-api.js +3 -3
  287. package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
  288. package/icc-x-api/icc-helement-x-api.d.ts +59 -20
  289. package/icc-x-api/icc-helement-x-api.js +78 -43
  290. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  291. package/icc-x-api/icc-icure-maintenance-x-api.d.ts +7 -2
  292. package/icc-x-api/icc-icure-maintenance-x-api.js +38 -27
  293. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  294. package/icc-x-api/icc-invoice-x-api.d.ts +53 -16
  295. package/icc-x-api/icc-invoice-x-api.js +69 -35
  296. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  297. package/icc-x-api/icc-maintenance-task-x-api.d.ts +56 -22
  298. package/icc-x-api/icc-maintenance-task-x-api.js +77 -36
  299. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  300. package/icc-x-api/icc-message-x-api.d.ts +75 -19
  301. package/icc-x-api/icc-message-x-api.js +126 -37
  302. package/icc-x-api/icc-message-x-api.js.map +1 -1
  303. package/icc-x-api/icc-patient-x-api.d.ts +86 -29
  304. package/icc-x-api/icc-patient-x-api.js +318 -379
  305. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  306. package/icc-x-api/icc-receipt-x-api.d.ts +47 -13
  307. package/icc-x-api/icc-receipt-x-api.js +72 -36
  308. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  309. package/icc-x-api/icc-time-table-x-api.d.ts +46 -13
  310. package/icc-x-api/icc-time-table-x-api.js +61 -27
  311. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  312. package/icc-x-api/icc-topic-x-api.d.ts +191 -0
  313. package/icc-x-api/icc-topic-x-api.js +307 -0
  314. package/icc-x-api/icc-topic-x-api.js.map +1 -0
  315. package/icc-x-api/icc-user-x-api.d.ts +2 -2
  316. package/icc-x-api/icc-user-x-api.js +3 -3
  317. package/icc-x-api/icc-user-x-api.js.map +1 -1
  318. package/icc-x-api/index.d.ts +18 -2
  319. package/icc-x-api/index.js +203 -156
  320. package/icc-x-api/index.js.map +1 -1
  321. package/icc-x-api/maintenance/KeyPairUpdateRequest.d.ts +1 -1
  322. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.d.ts +2 -0
  323. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js +9 -2
  324. package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js.map +1 -1
  325. package/icc-x-api/storage/IcureStorageFacade.d.ts +23 -2
  326. package/icc-x-api/storage/IcureStorageFacade.js +36 -2
  327. package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
  328. package/icc-x-api/storage/KeyStorageFacade.d.ts +12 -0
  329. package/icc-x-api/storage/KeyStorageFacade.js.map +1 -1
  330. package/icc-x-api/storage/KeyStorageImpl.d.ts +2 -0
  331. package/icc-x-api/storage/KeyStorageImpl.js +10 -0
  332. package/icc-x-api/storage/KeyStorageImpl.js.map +1 -1
  333. package/icc-x-api/storage/StorageEntryKeysFactory.d.ts +14 -1
  334. package/icc-x-api/storage/StorageEntryKeysFactory.js.map +1 -1
  335. package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +32 -0
  336. package/icc-x-api/utils/EntityWithDelegationTypeName.js +75 -0
  337. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -0
  338. package/icc-x-api/utils/ShareResult.d.ts +74 -0
  339. package/icc-x-api/utils/ShareResult.js +61 -0
  340. package/icc-x-api/utils/ShareResult.js.map +1 -0
  341. package/icc-x-api/utils/binary-utils.d.ts +1 -0
  342. package/icc-x-api/utils/binary-utils.js +8 -1
  343. package/icc-x-api/utils/binary-utils.js.map +1 -1
  344. package/icc-x-api/utils/collection-utils.d.ts +5 -0
  345. package/icc-x-api/utils/collection-utils.js +26 -1
  346. package/icc-x-api/utils/collection-utils.js.map +1 -1
  347. package/icc-x-api/utils/crypto-utils.d.ts +4 -3
  348. package/icc-x-api/utils/crypto-utils.js +5 -4
  349. package/icc-x-api/utils/crypto-utils.js.map +1 -1
  350. package/icc-x-api/utils/lru-temporised-async-cache.d.ts +26 -3
  351. package/icc-x-api/utils/lru-temporised-async-cache.js +75 -15
  352. package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
  353. package/icc-x-api/utils/websocket.d.ts +14 -10
  354. package/icc-x-api/utils/websocket.js +26 -9
  355. package/icc-x-api/utils/websocket.js.map +1 -1
  356. package/index.d.ts +1 -1
  357. package/index.js +3 -1
  358. package/index.js.map +1 -1
  359. package/package.json +2 -3
  360. package/icc-x-api/crypto/EntitiesEncryption.d.ts +0 -275
  361. package/icc-x-api/crypto/EntitiesEncryption.js +0 -734
  362. package/icc-x-api/crypto/EntitiesEncryption.js.map +0 -1
  363. package/icc-x-api/crypto/KeyManager.js.map +0 -1
@@ -10,100 +10,89 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
10
10
  };
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.IccCryptoXApi = void 0;
13
- const _ = require("lodash");
14
- const binary_utils_1 = require("./utils/binary-utils");
15
- const utils_1 = require("./utils");
16
13
  class IccCryptoXApi {
14
+ /**
15
+ * The instance of {@link CryptoPrimitives} used by this instance of the iCure SDK.
16
+ */
17
17
  get primitives() {
18
- return this.cryptoPrimitives;
18
+ return this._cryptoPrimitives;
19
19
  }
20
20
  /**
21
21
  * @internal this method is for internal use only and may be changed without notice.
22
22
  */
23
23
  get exchangeKeys() {
24
- return this.exchangeKeysManager;
25
- }
26
- /**
27
- * @deprecated replace with {@link CryptoPrimitives.crypto} at {@link primitives}.
28
- */
29
- get crypto() {
30
- return this.cryptoPrimitives.crypto;
24
+ return this._exchangeKeysManager;
31
25
  }
32
26
  /**
33
- * @deprecated replace with {@link CryptoPrimitives.shamir} at {@link primitives}.
27
+ * @internal this is for internal use only and may be changed without notice.
34
28
  */
35
- get shamir() {
36
- return this.cryptoPrimitives.shamir;
29
+ get keyStorage() {
30
+ return this._keyStorage;
37
31
  }
38
32
  /**
39
- * @deprecated replace with {@link CryptoPrimitives.RSA} at {@link primitives}.
33
+ * @internal this is for internal use only and may be changed without notice.
40
34
  */
41
- get RSA() {
42
- return this.cryptoPrimitives.RSA;
35
+ get storage() {
36
+ return this._storage;
43
37
  }
44
38
  /**
45
- * @deprecated replace with {@link CryptoPrimitives.AES} at {@link primitives}.
39
+ * @internal this is for internal use only and may be changed without notice.
46
40
  */
47
- get AES() {
48
- return this.cryptoPrimitives.AES;
41
+ get xapi() {
42
+ return this.xapiUtils;
49
43
  }
50
44
  /**
51
45
  * @internal this is for internal use only and may be changed without notice.
52
46
  */
53
- get keyStorage() {
54
- return this._keyStorage;
47
+ get exchangeData() {
48
+ return this._exchangeDataManager;
55
49
  }
56
50
  /**
57
51
  * @internal this is for internal use only and may be changed without notice.
58
52
  */
59
- get storage() {
60
- return this._storage;
53
+ get confidential() {
54
+ return this._confidentialEntities;
61
55
  }
62
56
  /**
63
57
  * @internal this is for internal use only and may be changed without notice.
64
58
  */
65
- get entities() {
66
- return this.entitiesEncrypiton;
59
+ get accessControlKeysHeaders() {
60
+ return this._accessControlKeysHeaders;
67
61
  }
68
62
  /**
69
63
  * @internal this is for internal use only and may be changed without notice.
70
64
  */
71
- get confidential() {
72
- return this.confidentialEntities;
65
+ get userKeysManager() {
66
+ return this._keyManager;
73
67
  }
74
68
  /**
75
69
  * @internal this is for internal use only and may be changed without notice.
76
70
  */
77
- get userKeysManager() {
78
- return this.keyManager;
71
+ get shamirKeysManager() {
72
+ return this._shamirManager;
79
73
  }
80
74
  /**
81
75
  * @internal this is for internal use only and may be changed without notice.
82
76
  */
83
- get shamirKeysManager() {
84
- return this.shamirManager;
77
+ get delegationsDeAnonymization() {
78
+ return this._delegationsDeAnonymisation;
85
79
  }
86
80
  /**
87
81
  * @internal
88
82
  */
89
- constructor(exchangeKeysManager, cryptoPrimitives, keyManager, dataOwnerApi, entitiesEncrypiton, shamirManager, storage, keyStorage, icureStorageFacade, hcPartyBaseApi, confidentialEntities, basePatientApi) {
90
- this.basePatientApi = basePatientApi;
91
- this.keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.';
92
- this.keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.';
93
- this.hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt';
94
- this.hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate';
95
- this.rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.';
96
- this.exchangeKeysManager = exchangeKeysManager;
97
- this.cryptoPrimitives = cryptoPrimitives;
98
- this.keyManager = keyManager;
99
- this.dataOwnerApi = dataOwnerApi;
100
- this.entitiesEncrypiton = entitiesEncrypiton;
101
- this.shamirManager = shamirManager;
102
- this._storage = storage;
103
- this._keyStorage = keyStorage;
104
- this.icureStorage = icureStorageFacade;
105
- this.hcpartyBaseApi = hcPartyBaseApi;
106
- this.confidentialEntities = confidentialEntities;
83
+ constructor(_exchangeKeysManager, _cryptoPrimitives, _keyManager, _dataOwnerApi, xapiUtils, _shamirManager, _storage, _keyStorage, _confidentialEntities, _exchangeDataManager, _accessControlKeysHeaders, _delegationsDeAnonymisation) {
84
+ this._exchangeKeysManager = _exchangeKeysManager;
85
+ this._cryptoPrimitives = _cryptoPrimitives;
86
+ this._keyManager = _keyManager;
87
+ this._dataOwnerApi = _dataOwnerApi;
88
+ this.xapiUtils = xapiUtils;
89
+ this._shamirManager = _shamirManager;
90
+ this._storage = _storage;
91
+ this._keyStorage = _keyStorage;
92
+ this._confidentialEntities = _confidentialEntities;
93
+ this._exchangeDataManager = _exchangeDataManager;
94
+ this._accessControlKeysHeaders = _accessControlKeysHeaders;
95
+ this._delegationsDeAnonymisation = _delegationsDeAnonymisation;
107
96
  }
108
97
  /**
109
98
  * Deletes values cached by the crypto api, to allow to detect changes in stored key pairs, exchange keys and/or current data owner details.
@@ -112,9 +101,10 @@ class IccCryptoXApi {
112
101
  */
113
102
  forceReload() {
114
103
  return __awaiter(this, void 0, void 0, function* () {
115
- this.exchangeKeysManager.clearCache(true);
116
- this.dataOwnerApi.clearCurrentDataOwnerIdsCache();
117
- yield this.keyManager.reloadKeys();
104
+ this._exchangeKeysManager.clearCache(true);
105
+ this._dataOwnerApi.clearCurrentDataOwnerIdsCache();
106
+ yield this._keyManager.reloadKeys();
107
+ yield this._exchangeDataManager.clearOrRepopulateCache();
118
108
  });
119
109
  }
120
110
  /**
@@ -126,7 +116,7 @@ class IccCryptoXApi {
126
116
  * topmost ancestor (at index 0) to the direct parent of the current data owner (at the last index, may be 0).
127
117
  */
128
118
  getEncryptionDecryptionKeypairsForDataOwnerHierarchy() {
129
- return this.keyManager.getCurrentUserHierarchyAvailableKeypairs();
119
+ return this._keyManager.getCurrentUserHierarchyAvailableKeypairs();
130
120
  }
131
121
  /**
132
122
  * Get a key pair with the provided fingerprint if present.
@@ -134,7 +124,7 @@ class IccCryptoXApi {
134
124
  * @return the pair associated to the fingerprint and a boolean indicating if the pair is verified, if present, else undefined
135
125
  */
136
126
  getKeyPairForFingerprint(fingerprint) {
137
- return this.keyManager.getKeyPairForFingerprint(fingerprint);
127
+ return this._keyManager.getKeyPairForFingerprint(fingerprint);
138
128
  }
139
129
  /**
140
130
  * Get the public keys of available key pairs for the current user and his parents in hex-encoded spki representation (uses cached keys: no request
@@ -144,7 +134,7 @@ class IccCryptoXApi {
144
134
  */
145
135
  getCurrentUserHierarchyAvailablePublicKeysHex() {
146
136
  return __awaiter(this, void 0, void 0, function* () {
147
- return this.keyManager.getCurrentUserHierarchyAvailablePublicKeysHex();
137
+ return this._keyManager.getCurrentUserHierarchyAvailablePublicKeysHex();
148
138
  });
149
139
  }
150
140
  /**
@@ -157,714 +147,7 @@ class IccCryptoXApi {
157
147
  */
158
148
  getCurrentUserAvailablePublicKeysHex(verifiedOnly) {
159
149
  return __awaiter(this, void 0, void 0, function* () {
160
- return this.keyManager.getCurrentUserAvailablePublicKeysHex(verifiedOnly);
161
- });
162
- }
163
- /**
164
- * @deprecated depending on your use case you should delete the calls to this method or call {@link forceReload}:
165
- * - Replace with `forceReload()` if one of the following parts of the current data owner may have been modified from a different api instance:
166
- * - Hcp hierarchy
167
- * - Key recovery data (transfer keys or shamir)
168
- * - Exchange keys (formerly hcp keys)
169
- * - Remove the call if the main goal was to force reload the data owner: data owner are not cached anymore.
170
- */
171
- emptyHcpCache(hcpartyId) {
172
- this.exchangeKeysManager.clearCache(false);
173
- }
174
- /**
175
- * @deprecated you should not need this method anymore to deal with the encryption of iCure entities because everything related to entities
176
- * encryption should be done either through the entity-specific extended api or through the extended apis.
177
- * Note that keys returned by the current implementation of this method may not be safe for encryption/sharing.
178
- * If instead you are using this method to retrieve key pairs for other purposes, for example because you want to reuse the user keys in iCure for
179
- * other services consider the following alternatives:
180
- * - If you want to use all iCure facilities including key recovery and key verification you can use {@link getKeyPairForFingerprint}.
181
- * Note that this solution can only give access to keys for the data owner of the instantiated api and his parents.
182
- * - Alternatively you can use directly your choice of {@link KeyStorageFacade} and {@link StorageEntryKeysFactory}: if these are the same you use
183
- * for the iCure API client the keys will be shared with it. Note however that the iCure api client uses
184
- * {@link StorageEntryKeysFactory.cachedRecoveredKeypairOfDataOwner} to cache recovered keys of a data owner which may not have originated from
185
- * this device, so you should only use {@link StorageEntryKeysFactory.deviceKeypairOfDataOwner} if you want to make sure the keys you use are safe
186
- * for encryption.
187
- */
188
- getCachedRsaKeyPairForFingerprint(dataOwnerId, pubKeyOrFingerprint) {
189
- return __awaiter(this, void 0, void 0, function* () {
190
- const fingerprint = pubKeyOrFingerprint.slice(-32);
191
- const res = this.keyManager.getDecryptionKeys()[fingerprint];
192
- if (!res)
193
- console.warn(`Could not find any keypair for fingerprint ${fingerprint}`);
194
- return res;
195
- });
196
- }
197
- /**
198
- * @deprecated You do not need this method to encrypt/decrypt data of iCure, but if you want to reuse the iCure keys for the user for other purposes
199
- * you have different options to replace this method, depending on what you actually need. All options return the hex-encoded spki representation of
200
- * the public keys.
201
- * - If you want only the public keys for which we have a private key available
202
- * - you can replicate the current behaviour using {@link getCurrentUserHierarchyAvailablePublicKeysHex}. This includes keys for the current user
203
- * and his parents.
204
- * - use {@link getCurrentUserAvailablePublicKeysHex} to get public keys only for the current data owner, ignoring any keys of the
205
- * parent hierarchy. In this case you can also apply a filter to only get verified keys (safe for encryption).
206
- * - If you need all public keys for the data owner, including those for which there is no corresponding private key available on the device use
207
- * {@link IccDataOwnerXApi.getHexPublicKeysOf} with the current data owner. If you don't have it available you may get it from
208
- * {@link IccDataOwnerXApi.getCurrentDataOwner}, but this will require to do a request to the iCure server (other options use only cached data).
209
- */
210
- getPublicKeys() {
211
- return __awaiter(this, void 0, void 0, function* () {
212
- return this.userKeysManager.getCurrentUserHierarchyAvailablePublicKeysHex();
213
- });
214
- }
215
- /**
216
- * @deprecated replace with {@link CryptoPrimitives.randomUuid} at {@link primitives}.
217
- */
218
- randomUuid() {
219
- return this.primitives.randomUuid();
220
- }
221
- /**
222
- * @deprecated replace with {@link CryptoPrimitives.sha256} at {@link primitives}.
223
- */
224
- sha256(data) {
225
- return this.primitives.sha256(data);
226
- }
227
- /**
228
- * @deprecated Use {@link ShamirKeysManager.updateSelfSplits} from {@link shamirKeysManager} instead. Note that the new method completely replaces
229
- * all current values if a split for the provided key already exists.
230
- */
231
- encryptShamirRSAKey(hcp, notaries, threshold) {
232
- var _a;
233
- return __awaiter(this, void 0, void 0, function* () {
234
- const legacyKeyFp = (_a = hcp.publicKey) === null || _a === void 0 ? void 0 : _a.slice(-32);
235
- if (!legacyKeyFp)
236
- throw new Error(`No legacy/default key for hcp ${hcp.id}`);
237
- yield this.shamirKeysManager.updateSelfSplits({ [legacyKeyFp]: { notariesIds: notaries.map((x) => x.id), minShares: threshold !== null && threshold !== void 0 ? threshold : notaries.length } }, []);
238
- return (yield this.dataOwnerApi.getDataOwner(hcp.id)).dataOwner;
239
- });
240
- }
241
- /**
242
- * @deprecated You should not need this method anymore because the api will automatically try to recover the available shamir keys on startup.
243
- */
244
- decryptShamirRSAKey(hcp, notaries) {
245
- return __awaiter(this, void 0, void 0, function* () {
246
- try {
247
- const publicKeys = yield this.getPublicKeys();
248
- const nLen = notaries.length;
249
- let decryptedPrivatedKey;
250
- if (nLen == 1) {
251
- const notaryHcPartyId = notaries[0].id;
252
- const encryptedAesKeyMap = yield this.getEncryptedAesExchangeKeys(hcp, notaryHcPartyId);
253
- const importedAESHcPartyKey = yield Promise.all(Object.entries(encryptedAesKeyMap).map(([idPubKey, keysMap]) => __awaiter(this, void 0, void 0, function* () { return yield this.decryptHcPartyKey(notaryHcPartyId, hcp.id, notaryHcPartyId, idPubKey, keysMap, publicKeys); })));
254
- const cryptedPrivatedKey = hcp.privateKeyShamirPartitions[notaryHcPartyId];
255
- decryptedPrivatedKey = (0, binary_utils_1.ua2hex)(yield this.AES.decryptSome(importedAESHcPartyKey.map((k) => k.key), (0, binary_utils_1.hex2ua)(cryptedPrivatedKey)));
256
- }
257
- else {
258
- const decryptedShares = yield _.reduce(notaries, (queue, notary) => {
259
- return queue.then((shares) => __awaiter(this, void 0, void 0, function* () {
260
- try {
261
- // now, we get the encrypted shares in db and decrypt them. This assumes that the
262
- // the notaries' private keys are in localstorage. We should implement a way for the notaries to
263
- // give hcp the decrypted shares without having to also share their private keys.
264
- const encryptedAesKeyMap = yield this.getEncryptedAesExchangeKeys(hcp, notary.id);
265
- const importedAESHcPartyKey = yield Promise.all(Object.entries(encryptedAesKeyMap).map(([idPubKey, keysMap]) => __awaiter(this, void 0, void 0, function* () { return yield this.decryptHcPartyKey(notary.id, hcp.id, notary.id, idPubKey, keysMap, publicKeys); })));
266
- const encryptedShare = hcp.privateKeyShamirPartitions[notary.id];
267
- const decryptedShamirPartition = (0, binary_utils_1.ua2hex)(yield this.AES.decryptSome(importedAESHcPartyKey.map((k) => k.key), (0, binary_utils_1.hex2ua)(encryptedShare)));
268
- shares.push(decryptedShamirPartition);
269
- }
270
- catch (e) {
271
- console.log('Error during encryptedShamirRSAKey', notary.id, e);
272
- }
273
- return shares;
274
- }));
275
- }, Promise.resolve([]));
276
- decryptedPrivatedKey = this.primitives.shamir.combine(decryptedShares);
277
- }
278
- const importedPrivateKey = yield this.primitives.RSA.importKey('pkcs8', (0, binary_utils_1.hex2ua)(decryptedPrivatedKey), ['decrypt']);
279
- const importedPublicKey = yield this.primitives.RSA.importKey('spki', (0, binary_utils_1.hex2ua)(hcp.publicKey), ['encrypt']);
280
- const exportedKeyPair = yield this.primitives.RSA.exportKeys({ publicKey: importedPublicKey, privateKey: importedPrivateKey }, 'jwk', 'jwk');
281
- yield this._keyStorage.storeKeyPair(`${this.rsaLocalStoreIdPrefix}${hcp.id}`, exportedKeyPair);
282
- }
283
- catch (e) {
284
- console.log('Cannot decrypt shamir RSA key');
285
- }
286
- });
287
- }
288
- /**
289
- * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the
290
- * entity-specific extended api.
291
- * Note that currently this method does not cache results anymore (but the updated methods do).
292
- */
293
- decryptHcPartyKey(loggedHcPartyId, delegatorId, delegateHcPartyId, publicKey, encryptedHcPartyKeys, publicKeys) {
294
- return __awaiter(this, void 0, void 0, function* () {
295
- if (!publicKeys.length) {
296
- const reason = `Cannot decrypt RSA encrypted AES HcPartyKey from ${delegatorId} to ${delegateHcPartyId}: no public key`;
297
- console.warn(reason);
298
- throw new Error(reason);
299
- }
300
- const keysFpSet = new Set(publicKeys.map((x) => x.slice(-32)));
301
- const filteredKeys = Object.fromEntries(Object.entries(this.keyManager.getDecryptionKeys()).filter(([fp]) => keysFpSet.has(fp)));
302
- const decrypted = yield this.exchangeKeysManager.base.tryDecryptExchangeKeys([encryptedHcPartyKeys], filteredKeys);
303
- const res = decrypted.successfulDecryptions[0];
304
- if (!res) {
305
- const error = `Cannot decrypt RSA encrypted AES HcPartyKey from ${delegatorId} to ${delegateHcPartyId}: impossible to decrypt. ` +
306
- 'No private key was found or could be used to decrypt the aes exchange keys`';
307
- console.warn(error);
308
- throw new Error(error);
309
- }
310
- return {
311
- delegatorId,
312
- key: res,
313
- rawKey: (0, binary_utils_1.ua2hex)(yield this.primitives.AES.exportKey(res, 'raw')),
314
- };
315
- });
316
- }
317
- /**
318
- * @deprecated you should not need this method anymore. The new API will automatically load on startup all keys available through the key storage
319
- * facade and/or recoverable through transfer keys or shamir split. If no verified key (safe for encryption) can be found during the instantiation
320
- * of the API, depending on the parameters passed to the factory one of two scenarios will happen:
321
- * - A new key will be automatically created on the device and stored using the key storage facade.
322
- * - The api instantiation fails with an exception. This is ideal if you want to try to recover an existing key pair before creating a new one.
323
- *
324
- * If you were using this method to allow the user to recover an existing key that is not available in the storage facade nor recoverable through
325
- * transfer keys or shamir split (for example by scanning a qr code, or by loading a file from the computer to the web browser's local storage)
326
- * you will have to move that logic in your implementation of CryptoStrategies.
327
- * It is currently not allowed to create new key pairs if a verified key pair is already available on the device, as this would be wasteful.
328
- * If you want to convert a `JsonWebKey` pair to a `CryptoKey` pair you should use directly the method in `primitives.RSA`.
329
- */
330
- cacheKeyPair(keyPairInJwk) {
331
- return __awaiter(this, void 0, void 0, function* () {
332
- const cryptoKeyPair = yield this.primitives.RSA.importKeyPair('jwk', keyPairInJwk.privateKey, 'jwk', keyPairInJwk.publicKey);
333
- const pubHex = (0, binary_utils_1.ua2hex)(yield this.primitives.RSA.exportKey(cryptoKeyPair.publicKey, 'spki'));
334
- const fingerprint = pubHex.slice(-32);
335
- if (!this.keyManager.getDecryptionKeys()[fingerprint]) {
336
- const selfId = yield this.dataOwnerApi.getCurrentDataOwnerId();
337
- const selfKeys = this.dataOwnerApi.getHexPublicKeysOf((yield this.dataOwnerApi.getCurrentDataOwner()).dataOwner);
338
- if (!selfKeys.has(pubHex))
339
- throw new Error(`Impossible to add key pair with fingerprint ${fingerprint} to data owner ${selfId}: the data owner has no matching public key`);
340
- yield this.icureStorage.saveKey(selfId, fingerprint, keyPairInJwk, true);
341
- // Force reload to check if more private keys can be recovered or more exchange keys become available.
342
- yield this.forceReload();
343
- }
344
- return cryptoKeyPair;
345
- });
346
- }
347
- /**
348
- * @deprecated Usually you should not need this method, since the preferred sfk is automatically chosen by the extended entity apis when creating a
349
- * new instance of the entity.
350
- */
351
- extractPreferredSfk(parent, hcpartyId, confidential) {
352
- return __awaiter(this, void 0, void 0, function* () {
353
- return confidential ? this.confidential.getConfidentialSecretId(parent, hcpartyId) : this.confidential.getAnySecretIdSharedWithParents(parent);
354
- });
355
- }
356
- /**
357
- * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the
358
- * entity-specific extended api.
359
- */
360
- decryptAndImportAesHcPartyKeysForDelegators(delegatorsHcPartyIdsSet, delegateHcPartyId, minCacheDurationInSeconds = 60) {
361
- return __awaiter(this, void 0, void 0, function* () {
362
- return yield delegatorsHcPartyIdsSet.reduce((acc, delegator) => __awaiter(this, void 0, void 0, function* () {
363
- const awaitedAcc = yield acc;
364
- const keys = yield this.exchangeKeysManager.getDecryptionExchangeKeysFor(delegator, delegateHcPartyId);
365
- const keysForDelegator = yield keys.reduce((accForKey, cryptoKey) => __awaiter(this, void 0, void 0, function* () {
366
- const awaitedAccForKey = yield accForKey;
367
- const rawKey = (0, binary_utils_1.ua2hex)(yield this.primitives.RSA.exportKey(cryptoKey, 'spki'));
368
- return [
369
- ...awaitedAccForKey,
370
- {
371
- key: cryptoKey,
372
- delegatorId: delegator,
373
- rawKey: rawKey,
374
- },
375
- ];
376
- }), Promise.resolve([]));
377
- return [...awaitedAcc, ...keysForDelegator];
378
- }), Promise.resolve([]));
379
- });
380
- }
381
- /**
382
- * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the
383
- * entity-specific extended api.
384
- * Note that currently this method does not cache results anymore (but the updated methods do).
385
- */
386
- getEncryptedAesExchangeKeys(owner, delegateId) {
387
- var _a, _b;
388
- return __awaiter(this, void 0, void 0, function* () {
389
- const publicKeys = Array.from(this.dataOwnerApi.getHexPublicKeysOf(owner));
390
- const mapOfAesExchangeKeys = Object.entries((_a = owner.aesExchangeKeys) !== null && _a !== void 0 ? _a : {})
391
- .filter((e) => e[1][delegateId] && Object.keys(e[1][delegateId]).some((k1) => publicKeys.some((pk) => pk.endsWith(k1))))
392
- .reduce((map, e) => {
393
- const candidates = Object.entries(e[1][delegateId]); //[fingerprint of delegate pub key, key], [fingerprint of owner pub key, key]
394
- const [publicKeyFingerprint, encryptedAesExchangeKey] = candidates[candidates.findIndex(([k, v]) => publicKeys.some((pk) => pk.endsWith(k)))];
395
- return Object.assign(Object.assign({}, map), { [e[0]]: { [publicKeyFingerprint]: encryptedAesExchangeKey } });
396
- }, {});
397
- if (!owner.publicKey || mapOfAesExchangeKeys[owner.publicKey] || !((_b = owner.hcPartyKeys) === null || _b === void 0 ? void 0 : _b[delegateId])) {
398
- return mapOfAesExchangeKeys;
399
- }
400
- const delegate = (yield this.dataOwnerApi.getDataOwner(delegateId)).dataOwner;
401
- if (delegate.publicKey && publicKeys.includes(delegate.publicKey)) {
402
- return Object.assign(Object.assign({}, mapOfAesExchangeKeys), { [owner.publicKey]: { [delegate.publicKey.slice(-32)]: owner.hcPartyKeys[delegateId][1] } });
403
- }
404
- else if (publicKeys.includes(owner.publicKey)) {
405
- return Object.assign(Object.assign({}, mapOfAesExchangeKeys), { [owner.publicKey]: { [owner.publicKey.slice(-32)]: owner.hcPartyKeys[delegateId][0] } });
406
- }
407
- return mapOfAesExchangeKeys;
408
- });
409
- }
410
- /**
411
- * @deprecated you should not use this method because initialisation of encrypted entities keys is done automatically by the entity-specific
412
- * extended api. Also note that it is now forbidden to initialise an entity as a data owner which is not the current data owner: you should instead
413
- * create the entity as the current data owner then create a delegation to the other data owner.
414
- */
415
- initEncryptionKeys(createdObject, ownerId) {
416
- return __awaiter(this, void 0, void 0, function* () {
417
- if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId())) {
418
- throw new Error('Impossible to initialise keys as a data owner which is not the current data owner');
419
- }
420
- const { updatedEntity, rawEncryptionKey } = yield this.entities.entityWithInitialisedEncryptedMetadata(Object.assign(Object.assign({}, createdObject), { delegations: undefined, encryptionKeys: undefined, cryptedForeignKeys: undefined, secretForeignKeys: undefined }), undefined, undefined, true);
421
- return {
422
- encryptionKeys: updatedEntity.encryptionKeys,
423
- secretId: rawEncryptionKey,
424
- };
425
- });
426
- }
427
- /**
428
- * @deprecated You should use:
429
- * - {@link IccPatientXApi.decryptSecretIdsOf} or {@link IccMessageXApi.decryptSecretIdsOf} to get the delegation sfks (now called secret ids).
430
- * - {@link IccDataOwnerXApi.getCurrentDataOwnerHierarchyIds} to get the full hierarchy for the current data owner (cached). The first element is
431
- * the id of the topmost parent, while the last is the current data owner.
432
- * Note that the behaviour of this method has some subtle changes compared to the past:
433
- * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.
434
- * - does not provide any guarantees on the ordering of the extracted keys
435
- * - deduplicates extracted keys
436
- */
437
- extractDelegationsSFKs(document, hcpartyId) {
438
- return __awaiter(this, void 0, void 0, function* () {
439
- if (!document || !hcpartyId) {
440
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
441
- }
442
- const delegationsForAllDelegates = document.delegations;
443
- if (!delegationsForAllDelegates || !Object.keys(delegationsForAllDelegates).length) {
444
- console.log(`There is no delegation in document (${document.id})`);
445
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
446
- }
447
- return {
448
- extractedKeys: yield this.entities.secretIdsOf(document, hcpartyId),
449
- hcpartyId: (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],
450
- };
451
- });
452
- }
453
- /**
454
- * @deprecated (light) You should use:
455
- * - {@link IccHelementXApi.decryptPatientIdOf}, {@link IccDocumentXApi.decryptMessageIdOf}, ... to get the crypted foreign keys.
456
- * - {@link IccDataOwnerXApi.getCurrentDataOwnerHierarchyIds} to get the full hierarchy for the current data owner (cached). The first element is
457
- * the id of the topmost parent, while the last is the current data owner.
458
- * Note that the behaviour of this method has some subtle changes compared to the past:
459
- * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.
460
- * - does not provide any guarantees on the ordering of the extracted keys
461
- * - deduplicates extracted keys
462
- */
463
- extractCryptedFKs(document, hcpartyId) {
464
- return __awaiter(this, void 0, void 0, function* () {
465
- if (!document || !document.cryptedForeignKeys) {
466
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
467
- }
468
- const cfksForAllDelegates = document.cryptedForeignKeys;
469
- if (!cfksForAllDelegates || !Object.keys(cfksForAllDelegates).length) {
470
- console.log(`There is no cryptedForeignKeys in document (${document.id})`);
471
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
472
- }
473
- return {
474
- extractedKeys: yield this.entities.owningEntityIdsOf(document, hcpartyId),
475
- hcpartyId: (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],
476
- };
477
- });
478
- }
479
- /**
480
- * @deprecated You should use the extended apis methods to encrypt/decrypt entities or their attachments
481
- * Note that the behaviour of this method has some subtle changes compared to the past:
482
- * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.
483
- * - does not provide any guarantees on the ordering of the extracted keys
484
- * - deduplicates extracted keys
485
- */
486
- extractEncryptionsSKs(document, hcpartyId) {
487
- return __awaiter(this, void 0, void 0, function* () {
488
- if (!document.encryptionKeys) {
489
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
490
- }
491
- const eckeysForAllDelegates = document.encryptionKeys;
492
- if (!eckeysForAllDelegates || !Object.keys(eckeysForAllDelegates).length) {
493
- return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId });
494
- }
495
- return {
496
- extractedKeys: yield this.entities.encryptionKeysOf(document, hcpartyId),
497
- hcpartyId: (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],
498
- };
499
- });
500
- }
501
- /**
502
- * @deprecated You should not use this method anymore, depending on what you were passing as {@link delegations} you should replace this method as
503
- * explained in {@link extractEncryptionsSKs} (if you were passing encryptionKeys), {@link extractCryptedFKs} (cryptedForeignKeys), or
504
- * {@link extractDelegationsSFKs} (delegations).
505
- */
506
- extractKeysFromDelegationsForHcpHierarchy(dataOwnerId, objectId, delegations) {
507
- return __awaiter(this, void 0, void 0, function* () {
508
- return {
509
- extractedKeys: yield this.entities.extractMergedHierarchyFromDelegationAndOwner(delegations, dataOwnerId, (x) => !!x, () => Promise.resolve(true)),
510
- hcpartyId: (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],
511
- };
512
- });
513
- }
514
- /**
515
- * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage
516
- * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you
517
- * will have to do so in your implementation of CryptoStrategies.
518
- * You can convert the private key pkcs8 array to a jwk key using {@link pkcs8ToJwk} then you can extract the full key pair using
519
- * {@link keyPairFromPrivateKeyJwk}.
520
- */
521
- loadKeyPairsAsTextInBrowserLocalStorage(healthcarePartyId, privateKey) {
522
- return __awaiter(this, void 0, void 0, function* () {
523
- yield this.cacheKeyPair((0, utils_1.keyPairFromPrivateKeyJwk)((0, utils_1.pkcs8ToJwk)(privateKey)));
524
- });
525
- }
526
- /**
527
- * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage
528
- * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you
529
- * will have to do so in your implementation of CryptoStrategies.
530
- * You can extract the full key pair using {@link keyPairFromPrivateKeyJwk}.
531
- */
532
- loadKeyPairsAsJwkInBrowserLocalStorage(healthcarePartyId, privateKey) {
533
- return __awaiter(this, void 0, void 0, function* () {
534
- yield this.cacheKeyPair((0, utils_1.keyPairFromPrivateKeyJwk)(privateKey));
535
- });
536
- }
537
- /**
538
- * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage
539
- * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you
540
- * will have to do so in your implementation of CryptoStrategies.
541
- */
542
- loadKeyPairsInBrowserLocalStorage(healthcarePartyId, file) {
543
- const fr = new FileReader();
544
- return new Promise((resolve, reject) => {
545
- fr.onerror = reject;
546
- fr.onabort = reject;
547
- fr.onload = (e) => {
548
- const privateKey = e.target.result;
549
- this.loadKeyPairsAsTextInBrowserLocalStorage(healthcarePartyId, (0, binary_utils_1.hex2ua)(privateKey))
550
- .then(() => resolve())
551
- .catch(reject);
552
- };
553
- fr.readAsText(file);
554
- });
555
- }
556
- // noinspection JSUnusedGlobalSymbols
557
- /**
558
- * @deprecated keychains are not part of iCure's api: this method will be removed.
559
- */
560
- saveKeychainInBrowserLocalStorage(id, keychain) {
561
- this._storage.setItem(this.keychainLocalStoreIdPrefix + id, (0, binary_utils_1.b2a)(new Uint8Array(keychain).reduce((data, byte) => data + String.fromCharCode(byte), '')));
562
- }
563
- /**
564
- * @deprecated keychains are not part of iCure's api: this method will be removed.
565
- */
566
- saveKeychainInBrowserLocalStorageAsBase64(id, keyChainB64) {
567
- this._storage.setItem(this.keychainLocalStoreIdPrefix + id, keyChainB64);
568
- }
569
- // noinspection JSUnusedGlobalSymbols
570
- /**
571
- * @deprecated keychains are not part of iCure's api: this method will be removed.
572
- */
573
- saveKeychainValidityDateInBrowserLocalStorage(id, date) {
574
- return __awaiter(this, void 0, void 0, function* () {
575
- if (!id)
576
- return;
577
- if (!date) {
578
- yield this._storage.removeItem(this.keychainValidityDateLocalStoreIdPrefix + id);
579
- }
580
- else {
581
- yield this._storage.setItem(this.keychainValidityDateLocalStoreIdPrefix + id, date);
582
- }
583
- });
584
- }
585
- /**
586
- * @deprecated keychains are not part of iCure's api: this method will be removed.
587
- *
588
- * Populate the HCP.options dict with an encrypted eHealth certificate and unencryped expiry date.
589
- * Any potentially unencrypted certificates will be pruned from the HCP.
590
- * @param hcpId Id of the hcp to modify
591
- * @returns modified HCP
592
- */
593
- saveKeyChainInHCPFromLocalStorage(hcpId) {
594
- return __awaiter(this, void 0, void 0, function* () {
595
- return yield this.hcpartyBaseApi.getHealthcareParty(hcpId).then((hcp) => __awaiter(this, void 0, void 0, function* () {
596
- let aesKey = null;
597
- try {
598
- aesKey = _.find(yield this.decryptAndImportAesHcPartyKeysForDelegators([hcp.id], hcp.id), (delegator) => delegator.delegatorId === hcp.id).key;
599
- }
600
- catch (e) {
601
- console.error('Error while importing the AES key.');
602
- }
603
- if (!aesKey) {
604
- console.error('No encryption key!');
605
- }
606
- const opts = hcp.options || {};
607
- const crt = yield this.getKeychainInBrowserLocalStorageAsBase64(hcp.id);
608
- if (!!aesKey && !!crt) {
609
- let crtEncrypted = null;
610
- try {
611
- crtEncrypted = yield this.AES.encrypt(aesKey, new Uint8Array((0, binary_utils_1.string2ua)(atob(crt))));
612
- }
613
- catch (e) {
614
- console.error('Error while encrypting the certificate', e);
615
- }
616
- // add the encrypted certificate to the options
617
- _.set(opts, this.hcpPreferenceKeyEhealthCert, (0, binary_utils_1.ua2string)(new Uint8Array(crtEncrypted)));
618
- }
619
- const crtValidityDate = this.getKeychainValidityDateInBrowserLocalStorage(hcp.id);
620
- if (!!crtValidityDate) {
621
- _.set(opts, this.hcpPreferenceKeyEhealthCertDate, crtValidityDate);
622
- }
623
- hcp.options = opts;
624
- return hcp;
625
- }));
626
- });
627
- }
628
- /**
629
- * @deprecated keychains are not part of iCure's api: this method will be removed.
630
- */
631
- importKeychainInBrowserFromHCP(hcpId) {
632
- return this.hcpartyBaseApi.getHealthcareParty(hcpId).then((hcp) => __awaiter(this, void 0, void 0, function* () {
633
- let crtCryp = null;
634
- if (!!hcp.options && !!hcp.options[this.hcpPreferenceKeyEhealthCert]) {
635
- crtCryp = (0, binary_utils_1.string2ua)(hcp.options[this.hcpPreferenceKeyEhealthCert]);
636
- }
637
- const crtValidityDate = _.get(hcp.options, this.hcpPreferenceKeyEhealthCertDate);
638
- // store the validity date
639
- if (!!crtValidityDate) {
640
- this.saveKeychainValidityDateInBrowserLocalStorage(hcp.id, crtValidityDate);
641
- }
642
- let crt = null;
643
- let decryptionKey = null;
644
- try {
645
- decryptionKey = _.find(yield this.decryptAndImportAesHcPartyKeysForDelegators([hcp.id], hcp.id), (delegator) => delegator.delegatorId === hcp.id).key;
646
- }
647
- catch (e) {
648
- console.error('Error while importing the AES key.');
649
- }
650
- if (!decryptionKey) {
651
- throw new Error('No encryption key! eHealth certificate cannot be decrypted.');
652
- }
653
- if (!!crtCryp && decryptionKey) {
654
- try {
655
- crt = yield this.AES.decrypt(decryptionKey, crtCryp);
656
- }
657
- catch (e) {
658
- console.error(e);
659
- }
660
- }
661
- if (!crt) {
662
- throw new Error(`Error while saving certificate in browser local storage! Hcp ${hcp.id} has no certificate.`);
663
- }
664
- else {
665
- this.saveKeychainInBrowserLocalStorageAsBase64(hcp.id, btoa(String.fromCharCode.apply(null, Array.from(new Uint8Array(crt)))));
666
- }
667
- return;
668
- }));
669
- }
670
- /**
671
- * @deprecated e-health certificates and keychains are not part of iCure's api: this method will be removed.
672
- *
673
- * Synchronizes the eHealth certificate from the database into the LocalStorage, returning information on the presence
674
- * of certificate data in either place.
675
- *
676
- * @param hcpId The healthcare party id
677
- * @returns A Promise for an object that represents the existence of a certificate in local storage and in the DB,
678
- * through the two boolean properties "local" and "remote".
679
- */
680
- syncEhealthCertificateFromDatabase(hcpId) {
681
- return this.hcpartyBaseApi.getHealthcareParty(hcpId).then((hcp) => {
682
- const remoteCertificate = _.get(hcp.options, this.hcpPreferenceKeyEhealthCert);
683
- const localCertificate = this.getKeychainInBrowserLocalStorageAsBase64(hcp.id);
684
- if (remoteCertificate) {
685
- return this.importKeychainInBrowserFromHCP(hcp.id)
686
- .then(() => ({ local: true, remote: true }))
687
- .catch(() => ({ local: !!localCertificate, remote: true }));
688
- }
689
- else {
690
- return { local: !!localCertificate, remote: !!remoteCertificate };
691
- }
692
- });
693
- }
694
- /**
695
- * @deprecated keychains are not part of iCure's api: this method will be removed.
696
- */
697
- getKeychainInBrowserLocalStorageAsBase64(id) {
698
- return this._storage.getItem(this.keychainLocalStoreIdPrefix + id);
699
- }
700
- /**
701
- * @deprecated keychains are not part of iCure's api: this method will be removed.
702
- */
703
- getKeychainValidityDateInBrowserLocalStorage(id) {
704
- return this._storage.getItem(this.keychainValidityDateLocalStoreIdPrefix + id);
705
- }
706
- /**
707
- * @deprecated keychains are not part of iCure's api: this method will be removed.
708
- */
709
- loadKeychainFromBrowserLocalStorage(id) {
710
- return __awaiter(this, void 0, void 0, function* () {
711
- const lsItem = yield this._storage.getItem(this.keychainLocalStoreIdPrefix + id);
712
- return lsItem !== undefined ? (0, binary_utils_1.b64_2uas)(lsItem) : null;
713
- });
714
- }
715
- /**
716
- * @deprecated you should not need this method anymore to deal with the encryption of iCure entities because everything related to entities
717
- * encryption should be done through the entity-specific extended api.
718
- * If instead you were using the method for other reasons check {@link getCachedRsaKeyPairForFingerprint} to get an idea of possible replacements.
719
- */
720
- loadKeyPairNotImported(id, publicKeyFingerPrint) {
721
- var _a;
722
- return __awaiter(this, void 0, void 0, function* () {
723
- if (publicKeyFingerPrint) {
724
- const cached = (_a = this.keyManager.getKeyPairForFingerprint(publicKeyFingerPrint)) === null || _a === void 0 ? void 0 : _a.pair;
725
- if (cached) {
726
- return this.primitives.RSA.exportKeys(cached, 'jwk', 'jwk');
727
- }
728
- }
729
- else {
730
- const defaultKey = yield this._keyStorage.getKeypair(this.rsaLocalStoreIdPrefix + id);
731
- if (defaultKey)
732
- return defaultKey;
733
- }
734
- console.warn(`No key can be found in local storage for id ${id} and publicKeyFingerPrint ${publicKeyFingerPrint}`);
735
- });
736
- }
737
- /**
738
- * @deprecated use {@link IccIcureMaintenanceXApi.applyKeyPairUpdate} instead.
739
- */
740
- giveAccessBackTo(delegateUser, ownerId, ownerNewPublicKey) {
741
- return __awaiter(this, void 0, void 0, function* () {
742
- yield this.exchangeKeys.base.giveAccessBackTo(ownerId, ownerNewPublicKey, this.userKeysManager.getDecryptionKeys());
743
- return this.dataOwnerApi.getDataOwner(ownerId).then((x) => x.dataOwner);
744
- });
745
- }
746
- /**
747
- * @deprecated You don't need to manually generate exchange keys as they will be automatically created by the api when needed.
748
- * Note that this method has some changes compared to previous version:
749
- * - The method may return any data owner (including devices)
750
- * - The method will throw an exception if the provided ownerId does not match the current data owner
751
- */
752
- generateKeyForDelegate(ownerId, delegateId) {
753
- return __awaiter(this, void 0, void 0, function* () {
754
- if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId())) {
755
- throw new Error('You can only create delegation where the delegator is the current data owner');
756
- }
757
- return (yield this.dataOwnerApi.getDataOwner(ownerId)).dataOwner;
758
- });
759
- }
760
- /**
761
- * @deprecated replace with {@link IccDataOwnerXApi.getDataOwner}. Note that data owners are not cached anymore.
762
- */
763
- getDataOwner(ownerId, loadIfMissingFromCache = true) {
764
- return this.dataOwnerApi.getDataOwner(ownerId);
765
- }
766
- /**
767
- * @deprecated the crypto api will automatically verify on startup the validity of private keys, but in some cases you may want to verify the
768
- * validity of keys recovered in your implementation of {@link CryptoStrategies}: in this case the method has been replaced with
769
- * {@link RSA.checkKeyPairValidity}
770
- */
771
- checkPrivateKeyValidity(dataOwner) {
772
- var _a;
773
- return __awaiter(this, void 0, void 0, function* () {
774
- const publicKeys = Array.from(new Set([dataOwner.publicKey].concat(Object.keys((_a = dataOwner.aesExchangeKeys) !== null && _a !== void 0 ? _a : {})).filter((x) => !!x)));
775
- return yield publicKeys.reduce((pres, publicKey) => __awaiter(this, void 0, void 0, function* () {
776
- const res = yield pres;
777
- try {
778
- const k = yield this.primitives.RSA.importKey('jwk', (0, utils_1.spkiToJwk)((0, binary_utils_1.hex2ua)(publicKey)), ['encrypt']);
779
- const cipher = yield this.primitives.RSA.encrypt(k, (0, binary_utils_1.utf8_2ua)('shibboleth'));
780
- const ikp = yield this.getCachedRsaKeyPairForFingerprint(dataOwner.id, publicKey.slice(-32));
781
- const plainText = (0, binary_utils_1.ua2utf8)(yield this.primitives.RSA.decrypt(ikp.privateKey, new Uint8Array(cipher)));
782
- return plainText === 'shibboleth' || res;
783
- }
784
- catch (e) {
785
- return res;
786
- }
787
- }), Promise.resolve(false));
788
- });
789
- }
790
- /**
791
- * @deprecated (See {@link extractEncryptionsSKs} for a detailed explanation).
792
- */
793
- getEncryptionDecryptionKeys(dataOwnerId, document) {
794
- return __awaiter(this, void 0, void 0, function* () {
795
- return this.entities.encryptionKeysOf(document, dataOwnerId);
796
- });
797
- }
798
- /**
799
- * @deprecated For the encryption/decryption of iCure entities and attachments you should rely solely on the extended apis methods.
800
- */
801
- encryptDecrypt(method, content, edKey, user, documentObject) {
802
- return __awaiter(this, void 0, void 0, function* () {
803
- if (!content || !(edKey || ((user === null || user === void 0 ? void 0 : user.healthcarePartyId) && documentObject)))
804
- return content;
805
- if (edKey) {
806
- const importedEdKey = yield this.primitives.AES.importKey('raw', (0, binary_utils_1.hex2ua)(edKey.replace(/-/g, '')));
807
- try {
808
- return yield this.primitives.AES[method](importedEdKey, content);
809
- }
810
- catch (e) {
811
- return content;
812
- }
813
- }
814
- const encryptionKeys = yield this.entities.encryptionKeysOf(documentObject, user === null || user === void 0 ? void 0 : user.healthcarePartyId);
815
- const importedEdKey = yield this.primitives.AES.importKey('raw', (0, binary_utils_1.hex2ua)(encryptionKeys[0].replace(/-/g, '')));
816
- try {
817
- return yield this.primitives.AES[method](importedEdKey, content);
818
- }
819
- catch (e) {
820
- return content;
821
- }
822
- });
823
- }
824
- /**
825
- * @deprecated you should not need to interact directly with the storage instance used by the iCure sdk.
826
- */
827
- storeKeyPair(id, keyPair) {
828
- this._storage.setItem(this.rsaLocalStoreIdPrefix + id, JSON.stringify(keyPair));
829
- }
830
- /**
831
- * @deprecated This method is not safe as it allows any data owner to add a public key to other data owners. The method will be removed in future,
832
- * additionally the user calling this method will require a special permission when calling it for another data owner.
833
- * @param ownerId the id of the data owner which will have a new key.
834
- */
835
- generateAndAddNewKeyPairForOwner(ownerId) {
836
- var _a, _b;
837
- return __awaiter(this, void 0, void 0, function* () {
838
- const { dataOwner, type } = yield this.dataOwnerApi.getDataOwner(ownerId);
839
- if (type === 'device')
840
- throw new Error('Cannot add a key pair to a device');
841
- const newPair = yield this.primitives.RSA.generateKeyPair();
842
- const exportedPub = (0, binary_utils_1.ua2hex)(yield this.primitives.RSA.exportKey(newPair.publicKey, 'spki'));
843
- const exportedPriv = (0, binary_utils_1.ua2hex)(yield this.primitives.RSA.exportKey(newPair.privateKey, 'pkcs8'));
844
- let updatedPub;
845
- if (dataOwner.publicKey == '') {
846
- if (Object.keys((_a = dataOwner.hcPartyKeys) !== null && _a !== void 0 ? _a : {}).length > 0)
847
- throw new Error(`Data owner ${ownerId} has empty public key but non-empty hcPartyKeys`);
848
- updatedPub = exportedPub;
849
- }
850
- else {
851
- updatedPub = (_b = dataOwner.publicKey) !== null && _b !== void 0 ? _b : exportedPub;
852
- }
853
- const updatedDataOwner = Object.assign(Object.assign({}, dataOwner), { publicKey: updatedPub, aesExchangeKeys: Object.assign(Object.assign({}, dataOwner.aesExchangeKeys), { [exportedPub]: {} }) });
854
- let savedDataOwner;
855
- if (type === 'patient') {
856
- savedDataOwner = yield this.basePatientApi.modifyPatient(updatedDataOwner);
857
- }
858
- else if (type === 'hcp') {
859
- savedDataOwner = yield this.hcpartyBaseApi.modifyHealthcareParty(updatedDataOwner);
860
- }
861
- else
862
- throw new Error(`Unknown data owner type ${type}`);
863
- return {
864
- dataOwner: savedDataOwner,
865
- publicKey: exportedPub,
866
- privateKey: exportedPriv,
867
- };
150
+ return this._keyManager.getCurrentUserAvailablePublicKeysHex(verifiedOnly);
868
151
  });
869
152
  }
870
153
  }