@icure/api 7.1.16 → 8.0.0-RC.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccAccesslogApi.d.ts +12 -1
- package/icc-api/api/IccAccesslogApi.js +142 -98
- package/icc-api/api/IccAccesslogApi.js.map +1 -1
- package/icc-api/api/IccBemikronoApi.d.ts +81 -0
- package/icc-api/api/IccBemikronoApi.js +163 -0
- package/icc-api/api/IccBemikronoApi.js.map +1 -0
- package/icc-api/api/IccCalendarItemApi.d.ts +21 -1
- package/icc-api/api/IccCalendarItemApi.js +183 -117
- package/icc-api/api/IccCalendarItemApi.js.map +1 -1
- package/icc-api/api/IccClassificationApi.d.ts +21 -1
- package/icc-api/api/IccClassificationApi.js +119 -63
- package/icc-api/api/IccClassificationApi.js.map +1 -1
- package/icc-api/api/IccContactApi.d.ts +21 -1
- package/icc-api/api/IccContactApi.js +385 -294
- package/icc-api/api/IccContactApi.js.map +1 -1
- package/icc-api/api/IccDocumentApi.d.ts +38 -25
- package/icc-api/api/IccDocumentApi.js +279 -212
- package/icc-api/api/IccDocumentApi.js.map +1 -1
- package/icc-api/api/IccExchangeDataApi.d.ts +19 -0
- package/icc-api/api/IccExchangeDataApi.js +85 -0
- package/icc-api/api/IccExchangeDataApi.js.map +1 -0
- package/icc-api/api/IccExchangeDataMapApi.d.ts +18 -0
- package/icc-api/api/IccExchangeDataMapApi.js +65 -0
- package/icc-api/api/IccExchangeDataMapApi.js.map +1 -0
- package/icc-api/api/IccFormApi.d.ts +21 -1
- package/icc-api/api/IccFormApi.js +321 -229
- package/icc-api/api/IccFormApi.js.map +1 -1
- package/icc-api/api/IccHelementApi.d.ts +21 -1
- package/icc-api/api/IccHelementApi.js +207 -137
- package/icc-api/api/IccHelementApi.js.map +1 -1
- package/icc-api/api/IccInvoiceApi.d.ts +21 -1
- package/icc-api/api/IccInvoiceApi.js +404 -298
- package/icc-api/api/IccInvoiceApi.js.map +1 -1
- package/icc-api/api/IccMaintenanceTaskApi.d.ts +12 -1
- package/icc-api/api/IccMaintenanceTaskApi.js +79 -43
- package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
- package/icc-api/api/IccMessageApi.d.ts +28 -1
- package/icc-api/api/IccMessageApi.js +294 -191
- package/icc-api/api/IccMessageApi.js.map +1 -1
- package/icc-api/api/IccPatientApi.d.ts +12 -1
- package/icc-api/api/IccPatientApi.js +447 -351
- package/icc-api/api/IccPatientApi.js.map +1 -1
- package/icc-api/api/IccReceiptApi.d.ts +22 -8
- package/icc-api/api/IccReceiptApi.js +121 -64
- package/icc-api/api/IccReceiptApi.js.map +1 -1
- package/icc-api/api/IccRestApiPath.js +1 -1
- package/icc-api/api/IccRestApiPath.js.map +1 -1
- package/icc-api/api/IccSecureDelegationKeyMapApi.d.ts +26 -0
- package/icc-api/api/IccSecureDelegationKeyMapApi.js +71 -0
- package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +1 -0
- package/icc-api/api/IccTimeTableApi.d.ts +12 -1
- package/icc-api/api/IccTimeTableApi.js +86 -48
- package/icc-api/api/IccTimeTableApi.js.map +1 -1
- package/icc-api/api/IccTopicApi.d.ts +90 -0
- package/icc-api/api/IccTopicApi.js +193 -0
- package/icc-api/api/IccTopicApi.js.map +1 -0
- package/icc-api/index.d.ts +2 -0
- package/icc-api/index.js +2 -0
- package/icc-api/index.js.map +1 -1
- package/icc-api/model/AbstractFilterMessage.d.ts +15 -0
- package/icc-api/model/AbstractFilterMessage.js +21 -0
- package/icc-api/model/AbstractFilterMessage.js.map +1 -0
- package/icc-api/model/AbstractFilterTopic.d.ts +15 -0
- package/icc-api/model/AbstractFilterTopic.js +21 -0
- package/icc-api/model/AbstractFilterTopic.js.map +1 -0
- package/icc-api/model/AccessLog.d.ts +2 -0
- package/icc-api/model/AccessLog.js.map +1 -1
- package/icc-api/model/Article.d.ts +2 -0
- package/icc-api/model/Article.js.map +1 -1
- package/icc-api/model/CalendarItem.d.ts +2 -0
- package/icc-api/model/CalendarItem.js.map +1 -1
- package/icc-api/model/Classification.d.ts +2 -0
- package/icc-api/model/Classification.js.map +1 -1
- package/icc-api/model/ClassificationTemplate.d.ts +2 -0
- package/icc-api/model/ClassificationTemplate.js.map +1 -1
- package/icc-api/model/Connection.d.ts +1 -1
- package/icc-api/model/Connection.js.map +1 -1
- package/icc-api/model/Contact.d.ts +2 -0
- package/icc-api/model/Contact.js.map +1 -1
- package/icc-api/model/Device.d.ts +4 -4
- package/icc-api/model/Device.js.map +1 -1
- package/icc-api/model/Document.d.ts +2 -0
- package/icc-api/model/Document.js.map +1 -1
- package/icc-api/model/ExchangeDataMapCreationBatch.d.ts +13 -0
- package/icc-api/model/ExchangeDataMapCreationBatch.js +10 -0
- package/icc-api/model/ExchangeDataMapCreationBatch.js.map +1 -0
- package/icc-api/model/FilterChainMessage.d.ts +19 -0
- package/icc-api/model/FilterChainMessage.js +11 -0
- package/icc-api/model/FilterChainMessage.js.map +1 -0
- package/icc-api/model/FilterChainTopic.d.ts +19 -0
- package/icc-api/model/FilterChainTopic.js +11 -0
- package/icc-api/model/FilterChainTopic.js.map +1 -0
- package/icc-api/model/Form.d.ts +2 -0
- package/icc-api/model/Form.js.map +1 -1
- package/icc-api/model/HealthElement.d.ts +2 -0
- package/icc-api/model/HealthElement.js.map +1 -1
- package/icc-api/model/HealthcareParty.d.ts +2 -2
- package/icc-api/model/HealthcareParty.js +13 -1
- package/icc-api/model/HealthcareParty.js.map +1 -1
- package/icc-api/model/IcureStub.d.ts +2 -0
- package/icc-api/model/IcureStub.js.map +1 -1
- package/icc-api/model/Invoice.d.ts +2 -0
- package/icc-api/model/Invoice.js.map +1 -1
- package/icc-api/model/MaintenanceTask.d.ts +13 -10
- package/icc-api/model/MaintenanceTask.js +13 -11
- package/icc-api/model/MaintenanceTask.js.map +1 -1
- package/icc-api/model/Message.d.ts +2 -0
- package/icc-api/model/Message.js.map +1 -1
- package/icc-api/model/PaginatedListExchangeData.d.ts +9 -0
- package/icc-api/model/PaginatedListExchangeData.js +10 -0
- package/icc-api/model/PaginatedListExchangeData.js.map +1 -0
- package/icc-api/model/PaginatedListTopic.d.ts +20 -0
- package/icc-api/model/PaginatedListTopic.js +10 -0
- package/icc-api/model/PaginatedListTopic.js.map +1 -0
- package/icc-api/model/Patient.d.ts +4 -2
- package/icc-api/model/Patient.js.map +1 -1
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.d.ts +31 -0
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +32 -0
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -0
- package/icc-api/model/Receipt.d.ts +2 -0
- package/icc-api/model/Receipt.js.map +1 -1
- package/icc-api/model/SecureDelegation.d.ts +52 -0
- package/icc-api/model/SecureDelegation.js +16 -0
- package/icc-api/model/SecureDelegation.js.map +1 -0
- package/icc-api/model/SecurityMetadata.d.ts +33 -0
- package/icc-api/model/SecurityMetadata.js +13 -0
- package/icc-api/model/SecurityMetadata.js.map +1 -0
- package/icc-api/model/Service.d.ts +2 -0
- package/icc-api/model/Service.js.map +1 -1
- package/icc-api/model/TimeTable.d.ts +2 -0
- package/icc-api/model/TimeTable.js.map +1 -1
- package/icc-api/model/Topic.d.ts +95 -0
- package/icc-api/model/Topic.js +16 -0
- package/icc-api/model/Topic.js.map +1 -0
- package/icc-api/model/internal/ExchangeData.d.ts +64 -0
- package/icc-api/model/internal/ExchangeData.js +15 -0
- package/icc-api/model/internal/ExchangeData.js.map +1 -0
- package/icc-api/model/internal/ExchangeDataMap.d.ts +24 -0
- package/icc-api/model/internal/ExchangeDataMap.js +13 -0
- package/icc-api/model/internal/ExchangeDataMap.js.map +1 -0
- package/icc-api/model/internal/SecureDelegationKeyMap.d.ts +14 -0
- package/icc-api/model/internal/SecureDelegationKeyMap.js +13 -0
- package/icc-api/model/internal/SecureDelegationKeyMap.js.map +1 -0
- package/icc-api/model/models.d.ts +26 -40
- package/icc-api/model/models.js +19 -37
- package/icc-api/model/models.js.map +1 -1
- package/icc-api/model/requests/EntityBulkShareResult.d.ts +28 -0
- package/icc-api/model/requests/EntityBulkShareResult.js +16 -0
- package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -0
- package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.d.ts +10 -0
- package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js +17 -0
- package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -0
- package/icc-api/model/requests/EntityShareRequest.d.ts +110 -0
- package/icc-api/model/requests/EntityShareRequest.js +63 -0
- package/icc-api/model/requests/EntityShareRequest.js.map +1 -0
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.d.ts +54 -0
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +24 -0
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -0
- package/icc-api/model/requests/MinimalEntityBulkShareResult.d.ts +23 -0
- package/icc-api/model/requests/MinimalEntityBulkShareResult.js +13 -0
- package/icc-api/model/requests/MinimalEntityBulkShareResult.js.map +1 -0
- package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.d.ts +21 -0
- package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js +14 -0
- package/icc-api/model/requests/RejectedShareOrMetadataUpdateRequest.js.map +1 -0
- package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +55 -6
- package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -1
- package/icc-x-api/crypto/AES.js +1 -1
- package/icc-x-api/crypto/AES.js.map +1 -1
- package/icc-x-api/crypto/AccessControlKeysHeadersProvider.d.ts +18 -0
- package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js +50 -0
- package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -0
- package/icc-x-api/crypto/AccessControlSecretUtils.d.ts +43 -0
- package/icc-x-api/crypto/AccessControlSecretUtils.js +97 -0
- package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -0
- package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +146 -0
- package/icc-x-api/crypto/BaseExchangeDataManager.js +342 -0
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -0
- package/icc-x-api/crypto/BaseExchangeKeysManager.d.ts +0 -18
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +11 -85
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ConfidentialEntities.d.ts +26 -16
- package/icc-x-api/crypto/ConfidentialEntities.js +30 -17
- package/icc-x-api/crypto/ConfidentialEntities.js.map +1 -1
- package/icc-x-api/crypto/CryptoStrategies.d.ts +8 -1
- package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.d.ts +44 -0
- package/icc-x-api/crypto/DelegationsDeAnonymization.js +235 -0
- package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -0
- package/icc-x-api/crypto/ExchangeDataManager.d.ts +97 -0
- package/icc-x-api/crypto/ExchangeDataManager.js +501 -0
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -0
- package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +32 -0
- package/icc-x-api/crypto/ExchangeDataMapManager.js +70 -0
- package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -0
- package/icc-x-api/crypto/ExchangeKeysManager.d.ts +4 -16
- package/icc-x-api/crypto/ExchangeKeysManager.js +4 -62
- package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtils.d.ts +326 -0
- package/icc-x-api/crypto/ExtendedApisUtils.js +3 -0
- package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -0
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +174 -0
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +559 -0
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -0
- package/icc-x-api/crypto/KeyRecovery.d.ts +5 -2
- package/icc-x-api/crypto/KeyRecovery.js +59 -29
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/LegacyCryptoStrategies.d.ts +7 -2
- package/icc-x-api/crypto/LegacyCryptoStrategies.js +8 -1
- package/icc-x-api/crypto/LegacyCryptoStrategies.js.map +1 -1
- package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.d.ts +33 -0
- package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js +141 -0
- package/icc-x-api/crypto/LegacyDelegationSecurityMetadataDecryptor.js.map +1 -0
- package/icc-x-api/crypto/RSA.d.ts +34 -8
- package/icc-x-api/crypto/RSA.js +80 -13
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsEncryption.d.ts +54 -0
- package/icc-x-api/crypto/SecureDelegationsEncryption.js +178 -0
- package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -0
- package/icc-x-api/crypto/SecureDelegationsManager.d.ts +66 -0
- package/icc-x-api/crypto/SecureDelegationsManager.js +261 -0
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -0
- package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.d.ts +46 -0
- package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js +312 -0
- package/icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor.js.map +1 -0
- package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +97 -0
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js +79 -0
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -0
- package/icc-x-api/crypto/ShamirKeysManager.d.ts +5 -5
- package/icc-x-api/crypto/ShamirKeysManager.js +6 -9
- package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.d.ts +8 -6
- package/icc-x-api/crypto/TransferKeysManager.js +75 -52
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/{KeyManager.d.ts → UserEncryptionKeysManager.d.ts} +4 -6
- package/icc-x-api/crypto/{KeyManager.js → UserEncryptionKeysManager.js} +43 -23
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -0
- package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +26 -0
- package/icc-x-api/crypto/UserSignatureKeysManager.js +74 -0
- package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -0
- package/icc-x-api/crypto/utils.d.ts +61 -11
- package/icc-x-api/crypto/utils.js +113 -44
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.d.ts +8 -0
- package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js +13 -0
- package/icc-x-api/filters/LatestMessageByHcPartyTransportGuidFilter.js.map +1 -0
- package/icc-x-api/filters/MessageByHcPartyFilter.d.ts +7 -0
- package/icc-x-api/filters/MessageByHcPartyFilter.js +13 -0
- package/icc-x-api/filters/MessageByHcPartyFilter.js.map +1 -0
- package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.d.ts +8 -0
- package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js +13 -0
- package/icc-x-api/filters/MessageByHcPartyTransportGuidFilter.js.map +1 -0
- package/icc-x-api/filters/TopicByHcPartyFilter.d.ts +7 -0
- package/icc-x-api/filters/TopicByHcPartyFilter.js +13 -0
- package/icc-x-api/filters/TopicByHcPartyFilter.js.map +1 -0
- package/icc-x-api/filters/TopicByParticipantFilter.d.ts +7 -0
- package/icc-x-api/filters/TopicByParticipantFilter.js +13 -0
- package/icc-x-api/filters/TopicByParticipantFilter.js.map +1 -0
- package/icc-x-api/filters/filters.d.ts +5 -0
- package/icc-x-api/filters/filters.js +5 -0
- package/icc-x-api/filters/filters.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.d.ts +49 -12
- package/icc-x-api/icc-accesslog-x-api.js +81 -44
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.d.ts +53 -15
- package/icc-x-api/icc-calendar-item-x-api.js +105 -51
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.d.ts +47 -10
- package/icc-x-api/icc-classification-x-api.js +62 -33
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.d.ts +59 -33
- package/icc-x-api/icc-contact-x-api.js +101 -66
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-crypto-x-api.d.ts +33 -333
- package/icc-x-api/icc-crypto-x-api.js +47 -764
- package/icc-x-api/icc-crypto-x-api.js.map +1 -1
- package/icc-x-api/icc-data-owner-x-api.d.ts +20 -8
- package/icc-x-api/icc-data-owner-x-api.js +31 -10
- package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.d.ts +51 -12
- package/icc-x-api/icc-document-x-api.js +117 -66
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.d.ts +48 -11
- package/icc-x-api/icc-form-x-api.js +71 -37
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-hcparty-x-api.d.ts +2 -2
- package/icc-x-api/icc-hcparty-x-api.js +3 -3
- package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.d.ts +59 -20
- package/icc-x-api/icc-helement-x-api.js +78 -43
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.d.ts +7 -2
- package/icc-x-api/icc-icure-maintenance-x-api.js +38 -27
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.d.ts +53 -16
- package/icc-x-api/icc-invoice-x-api.js +69 -35
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.d.ts +56 -22
- package/icc-x-api/icc-maintenance-task-x-api.js +77 -36
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.d.ts +75 -19
- package/icc-x-api/icc-message-x-api.js +126 -37
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.d.ts +86 -29
- package/icc-x-api/icc-patient-x-api.js +318 -379
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.d.ts +47 -13
- package/icc-x-api/icc-receipt-x-api.js +72 -36
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.d.ts +46 -13
- package/icc-x-api/icc-time-table-x-api.js +61 -27
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.d.ts +191 -0
- package/icc-x-api/icc-topic-x-api.js +307 -0
- package/icc-x-api/icc-topic-x-api.js.map +1 -0
- package/icc-x-api/icc-user-x-api.d.ts +2 -2
- package/icc-x-api/icc-user-x-api.js +3 -3
- package/icc-x-api/icc-user-x-api.js.map +1 -1
- package/icc-x-api/index.d.ts +18 -2
- package/icc-x-api/index.js +203 -156
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/maintenance/KeyPairUpdateRequest.d.ts +1 -1
- package/icc-x-api/storage/DefaultStorageEntryKeysFactory.d.ts +2 -0
- package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js +9 -2
- package/icc-x-api/storage/DefaultStorageEntryKeysFactory.js.map +1 -1
- package/icc-x-api/storage/IcureStorageFacade.d.ts +23 -2
- package/icc-x-api/storage/IcureStorageFacade.js +36 -2
- package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
- package/icc-x-api/storage/KeyStorageFacade.d.ts +12 -0
- package/icc-x-api/storage/KeyStorageFacade.js.map +1 -1
- package/icc-x-api/storage/KeyStorageImpl.d.ts +2 -0
- package/icc-x-api/storage/KeyStorageImpl.js +10 -0
- package/icc-x-api/storage/KeyStorageImpl.js.map +1 -1
- package/icc-x-api/storage/StorageEntryKeysFactory.d.ts +14 -1
- package/icc-x-api/storage/StorageEntryKeysFactory.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +32 -0
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +75 -0
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -0
- package/icc-x-api/utils/ShareResult.d.ts +74 -0
- package/icc-x-api/utils/ShareResult.js +61 -0
- package/icc-x-api/utils/ShareResult.js.map +1 -0
- package/icc-x-api/utils/binary-utils.d.ts +1 -0
- package/icc-x-api/utils/binary-utils.js +8 -1
- package/icc-x-api/utils/binary-utils.js.map +1 -1
- package/icc-x-api/utils/collection-utils.d.ts +5 -0
- package/icc-x-api/utils/collection-utils.js +26 -1
- package/icc-x-api/utils/collection-utils.js.map +1 -1
- package/icc-x-api/utils/crypto-utils.d.ts +4 -3
- package/icc-x-api/utils/crypto-utils.js +5 -4
- package/icc-x-api/utils/crypto-utils.js.map +1 -1
- package/icc-x-api/utils/lru-temporised-async-cache.d.ts +26 -3
- package/icc-x-api/utils/lru-temporised-async-cache.js +75 -15
- package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
- package/icc-x-api/utils/websocket.d.ts +14 -10
- package/icc-x-api/utils/websocket.js +26 -9
- package/icc-x-api/utils/websocket.js.map +1 -1
- package/index.d.ts +1 -1
- package/index.js +3 -1
- package/index.js.map +1 -1
- package/package.json +2 -3
- package/icc-x-api/crypto/EntitiesEncryption.d.ts +0 -275
- package/icc-x-api/crypto/EntitiesEncryption.js +0 -734
- package/icc-x-api/crypto/EntitiesEncryption.js.map +0 -1
- package/icc-x-api/crypto/KeyManager.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-crypto-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-crypto-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,4BAA2B;AAE3B,uDAA6G;AAC7G,mCAAyE;AAoBzE,MAAa,aAAa;IAmBxB,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,mBAAmB,CAAA;IACjC,CAAC;IAED;;OAEG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAA;IAClC,CAAC;IAED;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAA;IAClC,CAAC;IAED;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,kBAAkB,CAAA;IAChC,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,oBAAoB,CAAA;IAClC,CAAC;IAED;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,UAAU,CAAA;IACxB,CAAC;IAED;;OAEG;IACH,IAAI,iBAAiB;QACnB,OAAO,IAAI,CAAC,aAAa,CAAA;IAC3B,CAAC;IAED;;OAEG;IACH,YACE,mBAAwC,EACxC,gBAAkC,EAClC,UAAsB,EACtB,YAA8B,EAC9B,kBAAsC,EACtC,aAAgC,EAChC,OAA8B,EAC9B,UAA4B,EAC5B,kBAAsC,EACtC,cAA6B,EAC7B,oBAA0C,EACzB,cAA6B;QAA7B,mBAAc,GAAd,cAAc,CAAe;QAlHhD,+BAA0B,GAAG,oCAAoC,CAAA;QACjE,2CAAsC,GAAG,yCAAyC,CAAA;QAClF,gCAA2B,GAAG,iBAAiB,CAAA;QAC/C,oCAA+B,GAAG,gBAAgB,CAAA;QAClD,0BAAqB,GAAG,uBAAuB,CAAA;QAgH7C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;QAC9C,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAA;QACxC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAA;QAC5C,IAAI,CAAC,aAAa,GAAG,aAAa,CAAA;QAClC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAA;QACvB,IAAI,CAAC,WAAW,GAAG,UAAU,CAAA;QAC7B,IAAI,CAAC,YAAY,GAAG,kBAAkB,CAAA;QACtC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAA;QACpC,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACG,WAAW;;YACf,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;YACzC,IAAI,CAAC,YAAY,CAAC,6BAA6B,EAAE,CAAA;YACjD,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAA;QACpC,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,oDAAoD;QAUlD,OAAO,IAAI,CAAC,UAAU,CAAC,wCAAwC,EAAE,CAAA;IACnE,CAAC;IAED;;;;OAIG;IACH,wBAAwB,CAAC,WAAmB;QAC1C,OAAO,IAAI,CAAC,UAAU,CAAC,wBAAwB,CAAC,WAAW,CAAC,CAAA;IAC9D,CAAC;IAED;;;;;OAKG;IACG,6CAA6C;;YACjD,OAAO,IAAI,CAAC,UAAU,CAAC,6CAA6C,EAAE,CAAA;QACxE,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,oCAAoC,CAAC,YAAqB;;YAC9D,OAAO,IAAI,CAAC,UAAU,CAAC,oCAAoC,CAAC,YAAY,CAAC,CAAA;QAC3E,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,aAAa,CAAC,SAAiB;QAC7B,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IAC5C,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,iCAAiC,CACrC,WAAmB,EACnB,mBAA2B;;YAE3B,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YAClD,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,WAAW,CAAC,CAAA;YAC5D,IAAI,CAAC,GAAG;gBAAE,OAAO,CAAC,IAAI,CAAC,8CAA8C,WAAW,EAAE,CAAC,CAAA;YACnF,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa;;YACjB,OAAO,IAAI,CAAC,eAAe,CAAC,6CAA6C,EAAE,CAAA;QAC7E,CAAC;KAAA;IAED;;OAEG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,IAA8B;QACnC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IACrC,CAAC;IAED;;;OAGG;IACG,mBAAmB,CAAC,GAAoB,EAAE,QAAgC,EAAE,SAAkB;;;YAClG,MAAM,WAAW,GAAG,MAAA,GAAG,CAAC,SAAS,0CAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YAC7C,IAAI,CAAC,WAAW;gBAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAA;YAC5E,MAAM,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAC3C,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,WAAW,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAG,CAAC,EAAE,SAAS,EAAE,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,EACvG,EAAE,CACH,CAAA;YACD,OAAO,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC,EAAG,CAAC,CAAC,CAAC,SAA4B,CAAA;;KACpF;IAED;;OAEG;IACG,mBAAmB,CAAC,GAAoB,EAAE,QAAgC;;YAC9E,IAAI;gBACF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAA;gBAC7C,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAA;gBAC5B,IAAI,oBAAoB,CAAA;gBACxB,IAAI,IAAI,IAAI,CAAC,EAAE;oBACb,MAAM,eAAe,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAG,CAAA;oBACvC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,GAAG,EAAE,eAAe,CAAC,CAAA;oBACvF,MAAM,qBAAqB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,GAAG,CACpC,CAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,EAAE,gDAAC,OAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,GAAG,CAAC,EAAG,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAA,GAAA,CACtI,CACF,CAAA;oBACD,MAAM,kBAAkB,GAAG,GAAG,CAAC,0BAA2B,CAAC,eAAe,CAAC,CAAA;oBAC3E,oBAAoB,GAAG,IAAA,qBAAM,EAC3B,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CACxB,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,EACvC,IAAA,qBAAM,EAAC,kBAAkB,CAAC,CAC3B,CACF,CAAA;iBACF;qBAAM;oBACL,MAAM,eAAe,GAAa,MAAM,CAAC,CAAC,MAAM,CAC9C,QAAQ,EACR,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;wBAChB,OAAO,KAAK,CAAC,IAAI,CAAC,CAAO,MAAgB,EAAE,EAAE;4BAC3C,IAAI;gCACF,iFAAiF;gCACjF,gGAAgG;gCAChG,iFAAiF;gCACjF,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,GAAG,EAAE,MAAM,CAAC,EAAG,CAAC,CAAA;gCAClF,MAAM,qBAAqB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,GAAG,CACpC,CAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,EAAE,gDAAC,OAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAG,EAAE,GAAG,CAAC,EAAG,EAAE,MAAM,CAAC,EAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAA,GAAA,CAC5H,CACF,CAAA;gCACD,MAAM,cAAc,GAAG,GAAG,CAAC,0BAA2B,CAAC,MAAM,CAAC,EAAG,CAAC,CAAA;gCAClE,MAAM,wBAAwB,GAAG,IAAA,qBAAM,EACrC,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CACxB,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,EACvC,IAAA,qBAAM,EAAC,cAAc,CAAC,CACvB,CACF,CAAA;gCACD,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAA;6BACtC;4BAAC,OAAO,CAAC,EAAE;gCACV,OAAO,CAAC,GAAG,CAAC,oCAAoC,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;6BAChE;4BACD,OAAO,MAAM,CAAA;wBACf,CAAC,CAAA,CAAC,CAAA;oBACJ,CAAC,EACD,OAAO,CAAC,OAAO,CAAC,EAAc,CAAC,CAChC,CAAA;oBAED,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;iBACvE;gBAED,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAA,qBAAM,EAAC,oBAAoB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;gBAClH,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,qBAAM,EAAC,GAAG,CAAC,SAAU,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;gBAE1G,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,SAAS,EAAE,iBAAiB,EAAE,UAAU,EAAE,kBAAkB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;gBAC5I,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,EAAG,EAAE,EAAE,eAAe,CAAC,CAAA;aAChG;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAA;aAC7C;QACH,CAAC;KAAA;IAED;;;;OAIG;IACG,iBAAiB,CACrB,eAAuB,EACvB,WAAmB,EACnB,iBAAyB,EACzB,SAAiB,EACjB,oBAA+C,EAC/C,UAAoB;;YAEpB,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE;gBACtB,MAAM,MAAM,GAAG,oDAAoD,WAAW,OAAO,iBAAiB,iBAAiB,CAAA;gBACvH,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;gBACpB,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAA;aACxB;YACD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC9D,MAAM,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAChI,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,oBAAoB,CAAC,EAAE,YAAY,CAAC,CAAA;YAClH,MAAM,GAAG,GAAG,SAAS,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YAC9C,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,KAAK,GACT,oDAAoD,WAAW,OAAO,iBAAiB,2BAA2B;oBAClH,6EAA6E,CAAA;gBAC/E,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;gBACnB,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAA;aACvB;YACD,OAAO;gBACL,WAAW;gBACX,GAAG,EAAE,GAAG;gBACR,MAAM,EAAE,IAAA,qBAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;aAChE,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,YAAY,CAAC,YAAiC;;YAClD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC,UAAU,EAAE,KAAK,EAAE,YAAY,CAAC,SAAS,CAAC,CAAA;YAC5H,MAAM,MAAM,GAAG,IAAA,qBAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAC3F,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YACrC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAC,WAAW,CAAC,EAAE;gBACrD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;gBAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAC,SAAS,CAAC,CAAA;gBAChH,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC;oBACvB,MAAM,IAAI,KAAK,CACb,+CAA+C,WAAW,kBAAkB,MAAM,6CAA6C,CAChI,CAAA;gBACH,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,CAAC,CAAA;gBACxE,sGAAsG;gBACtG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAA;aACzB;YACD,OAAO,aAAa,CAAA;QACtB,CAAC;KAAA;IAED;;;OAGG;IACG,mBAAmB,CAAC,MAA6B,EAAE,SAAiB,EAAE,YAAqB;;YAC/F,OAAO,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,uBAAuB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,+BAA+B,CAAC,MAAM,CAAC,CAAA;QAChJ,CAAC;KAAA;IAED;;;OAGG;IACG,2CAA2C,CAC/C,uBAAsC,EACtC,iBAAyB,EACzB,4BAAoC,EAAE;;YAEtC,OAAO,MAAM,uBAAuB,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,SAAS,EAAE,EAAE;gBACnE,MAAM,UAAU,GAAG,MAAM,GAAG,CAAA;gBAC5B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,4BAA4B,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAA;gBACtG,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,CAAO,SAAS,EAAE,SAAS,EAAE,EAAE;oBACxE,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAA;oBACxC,MAAM,MAAM,GAAG,IAAA,qBAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC7E,OAAO;wBACL,GAAG,gBAAgB;wBACnB;4BACE,GAAG,EAAE,SAAS;4BACd,WAAW,EAAE,SAAS;4BACtB,MAAM,EAAE,MAAM;yBACf;qBACF,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,CAAC,EAAwB,CAAC,CAAC,CAAA;gBAC7C,OAAO,CAAC,GAAG,UAAU,EAAE,GAAG,gBAAgB,CAAC,CAAA;YAC7C,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,CAAC,EAAwB,CAAC,CAAC,CAAA;QAC/C,CAAC;KAAA;IAED;;;;OAIG;IACG,2BAA2B,CAC/B,KAAgB,EAChB,UAAkB;;;YAElB,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAA;YAC1E,MAAM,oBAAoB,GAAG,MAAM,CAAC,OAAO,CAAC,MAAA,KAAK,CAAC,eAAe,mCAAI,EAAE,CAAC;iBACrE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;iBACvH,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;gBACjB,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAA,CAAC,6EAA6E;gBACjI,MAAM,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBAC7I,uCAAY,GAAG,KAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,oBAAoB,CAAC,EAAE,uBAAuB,EAAE,IAAE;YAChF,CAAC,EAAE,EAA6E,CAAC,CAAA;YAEnF,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,oBAAoB,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,CAAA,MAAA,KAAK,CAAC,WAAW,0CAAG,UAAU,CAAC,CAAA,EAAE;gBACjG,OAAO,oBAAoB,CAAA;aAC5B;YACD,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAA;YAC7E,IAAI,QAAQ,CAAC,SAAS,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;gBACjE,uCACK,oBAAoB,KACvB,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,SAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,IAC1F;aACF;iBAAM,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;gBAC/C,uCAAY,oBAAoB,KAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,IAAE;aAC1H;YACD,OAAO,oBAAoB,CAAA;;KAC5B;IAED;;;;OAIG;IACG,kBAAkB,CACtB,aAAkB,EAClB,OAAe;;YAKf,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE;gBACjE,MAAM,IAAI,KAAK,CAAC,mFAAmF,CAAC,CAAA;aACrG;YACD,MAAM,EAAE,aAAa,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sCAAsC,CACpG,gCACK,aAAa,KAChB,WAAW,EAAE,SAAS,EACtB,cAAc,EAAE,SAAS,EACzB,kBAAkB,EAAE,SAAS,EAC7B,iBAAiB,EAAE,SAAS,GACV,EACpB,SAAS,EACT,SAAS,EACT,IAAI,CACL,CAAA;YACD,OAAO;gBACL,cAAc,EAAE,aAAa,CAAC,cAAc;gBAC5C,QAAQ,EAAE,gBAAiB;aAC5B,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,sBAAsB,CAAC,QAAgC,EAAE,SAAkB;;YAC/E,IAAI,CAAC,QAAQ,IAAI,CAAC,SAAS,EAAE;gBAC3B,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,MAAM,0BAA0B,GAAG,QAAQ,CAAC,WAAW,CAAA;YACvD,IAAI,CAAC,0BAA0B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,MAAM,EAAE;gBAClF,OAAO,CAAC,GAAG,CAAC,uCAAuC,QAAQ,CAAC,EAAE,GAAG,CAAC,CAAA;gBAClE,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,OAAO;gBACL,aAAa,EAAE,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,SAAS,CAAC;gBACnE,SAAS,EAAE,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC;aAC1E,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,iBAAiB,CAAC,QAAgC,EAAE,SAAiB;;YACzE,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;gBAC7C,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,MAAM,mBAAmB,GAAG,QAAQ,CAAC,kBAAkB,CAAA;YACvD,IAAI,CAAC,mBAAmB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,MAAM,EAAE;gBACpE,OAAO,CAAC,GAAG,CAAC,+CAA+C,QAAQ,CAAC,EAAE,GAAG,CAAC,CAAA;gBAC1E,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,OAAO;gBACL,aAAa,EAAE,MAAM,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,QAAQ,EAAE,SAAS,CAAC;gBACzE,SAAS,EAAE,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC;aAC1E,CAAA;QACH,CAAC;KAAA;IAED;;;;;;OAMG;IACG,qBAAqB,CAAC,QAAyB,EAAE,SAAiB;;YACtE,IAAI,CAAC,QAAQ,CAAC,cAAc,EAAE;gBAC5B,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,MAAM,qBAAqB,GAAG,QAAQ,CAAC,cAAc,CAAA;YACrD,IAAI,CAAC,qBAAqB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,MAAM,EAAE;gBACxE,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAA;aACpE;YACD,OAAO;gBACL,aAAa,EAAE,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC;gBACxE,SAAS,EAAE,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC;aAC1E,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACG,yCAAyC,CAC7C,WAAmB,EACnB,QAAgB,EAChB,WAAiD;;YAEjD,OAAO;gBACL,aAAa,EAAE,MAAM,IAAI,CAAC,QAAQ,CAAC,4CAA4C,CAC7E,WAAW,EACX,WAAW,EACX,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EACV,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAC5B;gBACD,SAAS,EAAE,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC;aAC1E,CAAA;QACH,CAAC;KAAA;IAED;;;;;;OAMG;IACG,uCAAuC,CAAC,iBAAyB,EAAE,UAAsB;;YAC7F,MAAM,IAAI,CAAC,YAAY,CAAC,IAAA,gCAAwB,EAAC,IAAA,kBAAU,EAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAC3E,CAAC;KAAA;IAED;;;;;OAKG;IACG,sCAAsC,CAAC,iBAAyB,EAAE,UAAsB;;YAC5F,MAAM,IAAI,CAAC,YAAY,CAAC,IAAA,gCAAwB,EAAC,UAAU,CAAC,CAAC,CAAA;QAC/D,CAAC;KAAA;IAED;;;;OAIG;IACH,iCAAiC,CAAC,iBAAyB,EAAE,IAAU;QACrE,MAAM,EAAE,GAAG,IAAI,UAAU,EAAE,CAAA;QAC3B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,EAAE,CAAC,OAAO,GAAG,MAAM,CAAA;YACnB,EAAE,CAAC,OAAO,GAAG,MAAM,CAAA;YACnB,EAAE,CAAC,MAAM,GAAG,CAAC,CAAM,EAAE,EAAE;gBACrB,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,MAAgB,CAAA;gBAC5C,IAAI,CAAC,uCAAuC,CAAC,iBAAiB,EAAE,IAAA,qBAAM,EAAC,UAAU,CAAC,CAAC;qBAChF,IAAI,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;qBACrB,KAAK,CAAC,MAAM,CAAC,CAAA;YAClB,CAAC,CAAA;YACD,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;QACrB,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,qCAAqC;IACrC;;OAEG;IACH,iCAAiC,CAAC,EAAU,EAAE,QAAgB;QAC5D,IAAI,CAAC,QAAQ,CAAC,OAAO,CACnB,IAAI,CAAC,0BAA0B,GAAG,EAAE,EACpC,IAAA,kBAAG,EAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC,CAC3F,CAAA;IACH,CAAC;IAED;;OAEG;IACH,yCAAyC,CAAC,EAAU,EAAE,WAAmB;QACvE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,0BAA0B,GAAG,EAAE,EAAE,WAAW,CAAC,CAAA;IAC1E,CAAC;IAED,qCAAqC;IACrC;;OAEG;IACG,6CAA6C,CAAC,EAAU,EAAE,IAAY;;YAC1E,IAAI,CAAC,EAAE;gBAAE,OAAM;YAEf,IAAI,CAAC,IAAI,EAAE;gBACT,MAAM,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;aACjF;iBAAM;gBACL,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,sCAAsC,GAAG,EAAE,EAAE,IAAI,CAAC,CAAA;aACpF;QACH,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,iCAAiC,CAAC,KAAa;;YACnD,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAO,GAAoB,EAAE,EAAE;gBAC7F,IAAI,MAAM,GAAqB,IAAI,CAAA;gBACnC,IAAI;oBACF,MAAM,GAAG,CAAC,CAAC,IAAI,CACb,MAAM,IAAI,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,EAAG,CAAC,EAAE,GAAG,CAAC,EAAG,CAAC,EAC1E,CAAC,SAA2B,EAAE,EAAE,CAAC,SAAS,CAAC,WAAW,KAAK,GAAG,CAAC,EAAE,CACjE,CAAC,GAAG,CAAA;iBACP;gBAAC,OAAO,CAAC,EAAE;oBACV,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAA;iBACpD;gBACD,IAAI,CAAC,MAAM,EAAE;oBACX,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;iBACpC;gBAED,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAA;gBAE9B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,wCAAwC,CAAC,GAAG,CAAC,EAAI,CAAC,CAAA;gBACzE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE;oBACrB,IAAI,YAAY,GAAuB,IAAI,CAAA;oBAC3C,IAAI;wBACF,YAAY,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,UAAU,CAAC,IAAA,wBAAS,EAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;qBACpF;oBAAC,OAAO,CAAC,EAAE;wBACV,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,CAAC,CAAC,CAAA;qBAC3D;oBAED,+CAA+C;oBAC/C,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,2BAA2B,EAAE,IAAA,wBAAS,EAAC,IAAI,UAAU,CAAC,YAAa,CAAC,CAAC,CAAC,CAAA;iBACxF;gBAED,MAAM,eAAe,GAAG,IAAI,CAAC,4CAA4C,CAAC,GAAG,CAAC,EAAI,CAAC,CAAA;gBACnF,IAAI,CAAC,CAAC,eAAe,EAAE;oBACrB,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,+BAA+B,EAAE,eAAe,CAAC,CAAA;iBACnE;gBAED,GAAG,CAAC,OAAO,GAAG,IAAI,CAAA;gBAClB,OAAO,GAAG,CAAA;YACZ,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;OAEG;IACH,8BAA8B,CAAC,KAAa;QAC1C,OAAO,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAO,GAAoB,EAAE,EAAE;YACvF,IAAI,OAAO,GAAsB,IAAI,CAAA;YACrC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,EAAE;gBACpE,OAAO,GAAG,IAAA,wBAAS,EAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAA;aACnE;YAED,MAAM,eAAe,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,+BAA+B,CAAC,CAAA;YAEhF,0BAA0B;YAC1B,IAAI,CAAC,CAAC,eAAe,EAAE;gBACrB,IAAI,CAAC,6CAA6C,CAAC,GAAG,CAAC,EAAI,EAAE,eAAe,CAAC,CAAA;aAC9E;YAED,IAAI,GAAG,GAAuB,IAAI,CAAA;YAClC,IAAI,aAAa,GAAqB,IAAI,CAAA;YAC1C,IAAI;gBACF,aAAa,GAAG,CAAC,CAAC,IAAI,CACpB,MAAM,IAAI,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,EAAG,CAAC,EAAE,GAAG,CAAC,EAAG,CAAC,EAC1E,CAAC,SAA2B,EAAE,EAAE,CAAC,SAAS,CAAC,WAAW,KAAK,GAAG,CAAC,EAAE,CACjE,CAAC,GAAG,CAAA;aACP;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAA;aACpD;YACD,IAAI,CAAC,aAAa,EAAE;gBAClB,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAA;aAC/E;YAED,IAAI,CAAC,CAAC,OAAO,IAAI,aAAa,EAAE;gBAC9B,IAAI;oBACF,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA;iBACrD;gBAAC,OAAO,CAAC,EAAE;oBACV,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;iBACjB;aACF;YAED,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,gEAAgE,GAAG,CAAC,EAAE,sBAAsB,CAAC,CAAA;aAC9G;iBAAM;gBACL,IAAI,CAAC,yCAAyC,CAAC,GAAG,CAAC,EAAI,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;aACjI;YAED,OAAM;QACR,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;;OASG;IACH,kCAAkC,CAAC,KAAa;QAC9C,OAAO,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,GAAoB,EAAE,EAAE;YACjF,MAAM,iBAAiB,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,2BAA2B,CAAC,CAAA;YAC9E,MAAM,gBAAgB,GAAG,IAAI,CAAC,wCAAwC,CAAC,GAAG,CAAC,EAAG,CAAC,CAAA;YAE/E,IAAI,iBAAiB,EAAE;gBACrB,OAAO,IAAI,CAAC,8BAA8B,CAAC,GAAG,CAAC,EAAG,CAAC;qBAChD,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;qBAC3C,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,gBAAgB,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;aAC9D;iBAAM;gBACL,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,iBAAiB,EAAE,CAAA;aAClE;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACH,wCAAwC,CAAC,EAAU;QACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;IACpE,CAAC;IAED;;OAEG;IACH,4CAA4C,CAAC,EAAU;QACrD,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAA;IAChF,CAAC;IAED;;OAEG;IACG,mCAAmC,CAAC,EAAU;;YAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;YAChF,OAAO,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,uBAAQ,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QACvD,CAAC;KAAA;IAED;;;;OAIG;IACG,sBAAsB,CAAC,EAAU,EAAE,oBAA6B;;;YACpE,IAAI,oBAAoB,EAAE;gBACxB,MAAM,MAAM,GAAG,MAAA,IAAI,CAAC,UAAU,CAAC,wBAAwB,CAAC,oBAAoB,CAAC,0CAAE,IAAI,CAAA;gBACnF,IAAI,MAAM,EAAE;oBACV,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;iBAC5D;aACF;iBAAM;gBACL,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAA;gBACrF,IAAI,UAAU;oBAAE,OAAO,UAAU,CAAA;aAClC;YACD,OAAO,CAAC,IAAI,CAAC,+CAA+C,EAAE,6BAA6B,oBAAoB,EAAE,CAAC,CAAA;;KACnH;IAED;;OAEG;IACG,gBAAgB,CAAC,YAAkB,EAAE,OAAe,EAAE,iBAAyB;;YACnF,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,EAAE,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAAC,CAAA;YACnH,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QACzE,CAAC;KAAA;IACD;;;;;OAKG;IACG,sBAAsB,CAAC,OAAe,EAAE,UAAkB;;YAC9D,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE;gBACjE,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAA;aAChG;YACD,OAAO,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;QAClE,CAAC;KAAA;IAED;;OAEG;IACH,YAAY,CAAC,OAAe,EAAE,yBAAkC,IAAI;QAClE,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;IAChD,CAAC;IAED;;;;OAIG;IACG,uBAAuB,CAAC,SAAoB;;;YAChD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAa,CAAA;YAEjJ,OAAO,MAAM,UAAU,CAAC,MAAM,CAAC,CAAO,IAAI,EAAE,SAAS,EAAE,EAAE;gBACvD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAA;gBACtB,IAAI;oBACF,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,iBAAS,EAAC,IAAA,qBAAM,EAAC,SAAS,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;oBAC/F,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,IAAA,uBAAQ,EAAC,YAAY,CAAC,CAAC,CAAA;oBAC3E,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAAC,SAAS,CAAC,EAAG,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;oBAC7F,MAAM,SAAS,GAAG,IAAA,sBAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBACpG,OAAO,SAAS,KAAK,YAAY,IAAI,GAAG,CAAA;iBACzC;gBAAC,OAAO,CAAC,EAAE;oBACV,OAAO,GAAG,CAAA;iBACX;YACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAA;;KAC3B;IAED;;OAEG;IACG,2BAA2B,CAAC,WAAmB,EAAE,QAAyB;;YAC9E,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;QAC9D,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAClB,MAA6B,EAC7B,OAAiC,EACjC,KAAc,EACd,IAAW,EACX,cAAyB;;YAEzB,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,iBAAiB,KAAI,cAAc,CAAC,CAAC;gBAAE,OAAO,OAAO,CAAA;YAEvF,IAAI,KAAK,EAAE;gBACT,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,qBAAM,EAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAA;gBACjG,IAAI;oBACF,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA;iBACjE;gBAAC,OAAO,CAAC,EAAE;oBACV,OAAO,OAAO,CAAA;iBACf;aACF;YAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,cAAe,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,iBAAkB,CAAC,CAAA;YACtG,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,qBAAM,EAAC,cAAc,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAA;YAC7G,IAAI;gBACF,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA;aACjE;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,OAAO,CAAA;aACf;QACH,CAAC;KAAA;IAED;;OAEG;IACH,YAAY,CAAC,EAAU,EAAE,OAA4C;QACnE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,qBAAqB,GAAG,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;IACjF,CAAC;IAED;;;;OAIG;IACG,gCAAgC,CACpC,OAAe;;;YAEf,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;YACzE,IAAI,IAAI,KAAK,QAAQ;gBAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;YAC3E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,EAAE,CAAA;YAC3D,MAAM,WAAW,GAAW,IAAA,qBAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAClG,MAAM,YAAY,GAAW,IAAA,qBAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAA;YACrG,IAAI,UAAkB,CAAA;YACtB,IAAI,SAAS,CAAC,SAAS,IAAI,EAAE,EAAE;gBAC7B,IAAI,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,WAAW,mCAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,cAAc,OAAO,iDAAiD,CAAC,CAAA;gBAChJ,UAAU,GAAG,WAAW,CAAA;aACzB;iBAAM;gBACL,UAAU,GAAG,MAAA,SAAS,CAAC,SAAS,mCAAI,WAAW,CAAA;aAChD;YACD,MAAM,gBAAgB,mCACjB,SAAS,KACZ,SAAS,EAAE,UAAU,EACrB,eAAe,kCACV,SAAS,CAAC,eAAe,KAC5B,CAAC,WAAW,CAAC,EAAE,EAAE,MAEpB,CAAA;YACD,IAAI,cAAyC,CAAA;YAC7C,IAAI,IAAI,KAAK,SAAS,EAAE;gBACtB,cAAc,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,gBAA2B,CAAC,CAAA;aACtF;iBAAM,IAAI,IAAI,KAAK,KAAK,EAAE;gBACzB,cAAc,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,gBAAmC,CAAC,CAAA;aACtG;;gBAAM,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,EAAE,CAAC,CAAA;YACzD,OAAO;gBACL,SAAS,EAAE,cAAc;gBACzB,SAAS,EAAE,WAAW;gBACtB,UAAU,EAAE,YAAY;aACzB,CAAA;;KACF;CACF;AA38BD,sCA28BC","sourcesContent":["/* eslint-disable */\nimport { AESUtils } from './crypto/AES'\nimport { KeyPair, RSAUtils } from './crypto/RSA'\nimport { ShamirClass } from './crypto/shamir'\nimport * as _ from 'lodash'\nimport { Delegation, Device, Document, EncryptedEntity, EncryptedParentEntity, HealthcareParty, Patient, User } from '../icc-api/model/models'\nimport { b2a, b64_2uas, hex2ua, string2ua, ua2hex, ua2string, ua2utf8, utf8_2ua } from './utils/binary-utils'\nimport { keyPairFromPrivateKeyJwk, pkcs8ToJwk, spkiToJwk } from './utils'\nimport { StorageFacade } from './storage/StorageFacade'\nimport { KeyStorageFacade } from './storage/KeyStorageFacade'\nimport { ExchangeKeysManager } from './crypto/ExchangeKeysManager'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { KeyManager } from './crypto/KeyManager'\nimport { DataOwner, IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { EntitiesEncryption } from './crypto/EntitiesEncryption'\nimport { IcureStorageFacade } from './storage/IcureStorageFacade'\nimport { ShamirKeysManager } from './crypto/ShamirKeysManager'\nimport { IccHcpartyApi, IccPatientApi } from '../icc-api'\nimport { StorageEntryKeysFactory } from './storage/StorageEntryKeysFactory'\nimport { ConfidentialEntities } from './crypto/ConfidentialEntities'\n\ninterface DelegatorAndKeys {\n delegatorId: string\n key: CryptoKey\n rawKey: string\n}\n\nexport class IccCryptoXApi {\n keychainLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain.'\n keychainValidityDateLocalStoreIdPrefix = 'org.taktik.icure.ehealth.keychain-date.'\n hcpPreferenceKeyEhealthCert = 'eHealthCRTCrypt'\n hcpPreferenceKeyEhealthCertDate = 'eHealthCRTDate'\n rsaLocalStoreIdPrefix = 'org.taktik.icure.rsa.'\n private readonly exchangeKeysManager: ExchangeKeysManager\n private readonly cryptoPrimitives: CryptoPrimitives\n private readonly keyManager: KeyManager\n private readonly dataOwnerApi: IccDataOwnerXApi\n private readonly entitiesEncrypiton: EntitiesEncryption\n private readonly confidentialEntities: ConfidentialEntities\n private readonly icureStorage: IcureStorageFacade\n private readonly shamirManager: ShamirKeysManager\n private readonly _storage: StorageFacade<string>\n private readonly _keyStorage: KeyStorageFacade\n\n private readonly hcpartyBaseApi: IccHcpartyApi\n\n get primitives(): CryptoPrimitives {\n return this.cryptoPrimitives\n }\n\n /**\n * @internal this method is for internal use only and may be changed without notice.\n */\n get exchangeKeys(): ExchangeKeysManager {\n return this.exchangeKeysManager\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.crypto} at {@link primitives}.\n */\n get crypto(): Crypto {\n return this.cryptoPrimitives.crypto\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.shamir} at {@link primitives}.\n */\n get shamir(): ShamirClass {\n return this.cryptoPrimitives.shamir\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.RSA} at {@link primitives}.\n */\n get RSA(): RSAUtils {\n return this.cryptoPrimitives.RSA\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.AES} at {@link primitives}.\n */\n get AES(): AESUtils {\n return this.cryptoPrimitives.AES\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get keyStorage(): KeyStorageFacade {\n return this._keyStorage\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get storage(): StorageFacade<string> {\n return this._storage\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get entities(): EntitiesEncryption {\n return this.entitiesEncrypiton\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get confidential(): ConfidentialEntities {\n return this.confidentialEntities\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get userKeysManager(): KeyManager {\n return this.keyManager\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get shamirKeysManager(): ShamirKeysManager {\n return this.shamirManager\n }\n\n /**\n * @internal\n */\n constructor(\n exchangeKeysManager: ExchangeKeysManager,\n cryptoPrimitives: CryptoPrimitives,\n keyManager: KeyManager,\n dataOwnerApi: IccDataOwnerXApi,\n entitiesEncrypiton: EntitiesEncryption,\n shamirManager: ShamirKeysManager,\n storage: StorageFacade<string>,\n keyStorage: KeyStorageFacade,\n icureStorageFacade: IcureStorageFacade,\n hcPartyBaseApi: IccHcpartyApi,\n confidentialEntities: ConfidentialEntities,\n private readonly basePatientApi: IccPatientApi\n ) {\n this.exchangeKeysManager = exchangeKeysManager\n this.cryptoPrimitives = cryptoPrimitives\n this.keyManager = keyManager\n this.dataOwnerApi = dataOwnerApi\n this.entitiesEncrypiton = entitiesEncrypiton\n this.shamirManager = shamirManager\n this._storage = storage\n this._keyStorage = keyStorage\n this.icureStorage = icureStorageFacade\n this.hcpartyBaseApi = hcPartyBaseApi\n this.confidentialEntities = confidentialEntities\n }\n\n /**\n * Deletes values cached by the crypto api, to allow to detect changes in stored key pairs, exchange keys and/or current data owner details.\n * This method may be useful in cases where a user is logged in from multiple devices or in cases where other users have just shared some data with\n * the current user for the first time.\n */\n async forceReload() {\n this.exchangeKeysManager.clearCache(true)\n this.dataOwnerApi.clearCurrentDataOwnerIdsCache()\n await this.keyManager.reloadKeys()\n }\n\n /**\n * Get all key pairs available for the decrpytion and encryption of data to the current data owner. These include the key pairs from the data owner\n * and his parents.\n * @return an object with:\n * - `self` an object containing the current data owner id and the list of key pairs available for the current data owner with verification details.\n * - `parents` the list of parents to the current data owner with the list of key pairs available for each parent. The list is ordered from the\n * topmost ancestor (at index 0) to the direct parent of the current data owner (at the last index, may be 0).\n */\n getEncryptionDecryptionKeypairsForDataOwnerHierarchy(): Promise<{\n self: {\n dataOwnerId: string\n keys: { pair: KeyPair<CryptoKey>; verified: boolean }[]\n }\n parents: {\n dataOwnerId: string\n keys: { pair: KeyPair<CryptoKey> }[]\n }[]\n }> {\n return this.keyManager.getCurrentUserHierarchyAvailableKeypairs()\n }\n\n /**\n * Get a key pair with the provided fingerprint if present.\n * @param fingerprint a key-pair/public-key fingerprint\n * @return the pair associated to the fingerprint and a boolean indicating if the pair is verified, if present, else undefined\n */\n getKeyPairForFingerprint(fingerprint: string): { pair: KeyPair<CryptoKey>; verified: boolean } | undefined {\n return this.keyManager.getKeyPairForFingerprint(fingerprint)\n }\n\n /**\n * Get the public keys of available key pairs for the current user and his parents in hex-encoded spki representation (uses cached keys: no request\n * is done to the server).\n * Note that this will also include unverified keys.\n * @return the spki representation of public keys of available keypairs for the current user.\n */\n async getCurrentUserHierarchyAvailablePublicKeysHex(): Promise<string[]> {\n return this.keyManager.getCurrentUserHierarchyAvailablePublicKeysHex()\n }\n\n /**\n * Get the public keys of available key pairs for the current user in hex-encoded spki representation (uses cached keys: no request is done to the\n * server).\n * By setting {@link verifiedOnly} to true only the public keys for verified key pairs will be returned: these will include only key pairs created\n * on this device or which have been verified using {@link CryptoStrategies} on this device.\n * @param verifiedOnly if true only the verified public keys will be returned.\n * @return the spki representation of public keys of available keypairs for the current user.\n */\n async getCurrentUserAvailablePublicKeysHex(verifiedOnly: boolean): Promise<string[]> {\n return this.keyManager.getCurrentUserAvailablePublicKeysHex(verifiedOnly)\n }\n\n /**\n * @deprecated depending on your use case you should delete the calls to this method or call {@link forceReload}:\n * - Replace with `forceReload()` if one of the following parts of the current data owner may have been modified from a different api instance:\n * - Hcp hierarchy\n * - Key recovery data (transfer keys or shamir)\n * - Exchange keys (formerly hcp keys)\n * - Remove the call if the main goal was to force reload the data owner: data owner are not cached anymore.\n */\n emptyHcpCache(hcpartyId: string) {\n this.exchangeKeysManager.clearCache(false)\n }\n\n /**\n * @deprecated you should not need this method anymore to deal with the encryption of iCure entities because everything related to entities\n * encryption should be done either through the entity-specific extended api or through the extended apis.\n * Note that keys returned by the current implementation of this method may not be safe for encryption/sharing.\n * If instead you are using this method to retrieve key pairs for other purposes, for example because you want to reuse the user keys in iCure for\n * other services consider the following alternatives:\n * - If you want to use all iCure facilities including key recovery and key verification you can use {@link getKeyPairForFingerprint}.\n * Note that this solution can only give access to keys for the data owner of the instantiated api and his parents.\n * - Alternatively you can use directly your choice of {@link KeyStorageFacade} and {@link StorageEntryKeysFactory}: if these are the same you use\n * for the iCure API client the keys will be shared with it. Note however that the iCure api client uses\n * {@link StorageEntryKeysFactory.cachedRecoveredKeypairOfDataOwner} to cache recovered keys of a data owner which may not have originated from\n * this device, so you should only use {@link StorageEntryKeysFactory.deviceKeypairOfDataOwner} if you want to make sure the keys you use are safe\n * for encryption.\n */\n async getCachedRsaKeyPairForFingerprint(\n dataOwnerId: string,\n pubKeyOrFingerprint: string\n ): Promise<{ publicKey: CryptoKey; privateKey: CryptoKey }> {\n const fingerprint = pubKeyOrFingerprint.slice(-32)\n const res = this.keyManager.getDecryptionKeys()[fingerprint]\n if (!res) console.warn(`Could not find any keypair for fingerprint ${fingerprint}`)\n return res\n }\n\n /**\n * @deprecated You do not need this method to encrypt/decrypt data of iCure, but if you want to reuse the iCure keys for the user for other purposes\n * you have different options to replace this method, depending on what you actually need. All options return the hex-encoded spki representation of\n * the public keys.\n * - If you want only the public keys for which we have a private key available\n * - you can replicate the current behaviour using {@link getCurrentUserHierarchyAvailablePublicKeysHex}. This includes keys for the current user\n * and his parents.\n * - use {@link getCurrentUserAvailablePublicKeysHex} to get public keys only for the current data owner, ignoring any keys of the\n * parent hierarchy. In this case you can also apply a filter to only get verified keys (safe for encryption).\n * - If you need all public keys for the data owner, including those for which there is no corresponding private key available on the device use\n * {@link IccDataOwnerXApi.getHexPublicKeysOf} with the current data owner. If you don't have it available you may get it from\n * {@link IccDataOwnerXApi.getCurrentDataOwner}, but this will require to do a request to the iCure server (other options use only cached data).\n */\n async getPublicKeys(): Promise<string[]> {\n return this.userKeysManager.getCurrentUserHierarchyAvailablePublicKeysHex()\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.randomUuid} at {@link primitives}.\n */\n randomUuid() {\n return this.primitives.randomUuid()\n }\n\n /**\n * @deprecated replace with {@link CryptoPrimitives.sha256} at {@link primitives}.\n */\n sha256(data: ArrayBuffer | Uint8Array) {\n return this.primitives.sha256(data)\n }\n\n /**\n * @deprecated Use {@link ShamirKeysManager.updateSelfSplits} from {@link shamirKeysManager} instead. Note that the new method completely replaces\n * all current values if a split for the provided key already exists.\n */\n async encryptShamirRSAKey(hcp: HealthcareParty, notaries: Array<HealthcareParty>, threshold?: number): Promise<HealthcareParty> {\n const legacyKeyFp = hcp.publicKey?.slice(-32)\n if (!legacyKeyFp) throw new Error(`No legacy/default key for hcp ${hcp.id}`)\n await this.shamirKeysManager.updateSelfSplits(\n { [legacyKeyFp]: { notariesIds: notaries.map((x) => x.id!), minShares: threshold ?? notaries.length } },\n []\n )\n return (await this.dataOwnerApi.getDataOwner(hcp.id!)).dataOwner as HealthcareParty\n }\n\n /**\n * @deprecated You should not need this method anymore because the api will automatically try to recover the available shamir keys on startup.\n */\n async decryptShamirRSAKey(hcp: HealthcareParty, notaries: Array<HealthcareParty>): Promise<void> {\n try {\n const publicKeys = await this.getPublicKeys()\n const nLen = notaries.length\n let decryptedPrivatedKey\n if (nLen == 1) {\n const notaryHcPartyId = notaries[0].id!\n const encryptedAesKeyMap = await this.getEncryptedAesExchangeKeys(hcp, notaryHcPartyId)\n const importedAESHcPartyKey = await Promise.all(\n Object.entries(encryptedAesKeyMap).map(\n async ([idPubKey, keysMap]) => await this.decryptHcPartyKey(notaryHcPartyId, hcp.id!, notaryHcPartyId, idPubKey, keysMap, publicKeys)\n )\n )\n const cryptedPrivatedKey = hcp.privateKeyShamirPartitions![notaryHcPartyId]\n decryptedPrivatedKey = ua2hex(\n await this.AES.decryptSome(\n importedAESHcPartyKey.map((k) => k.key),\n hex2ua(cryptedPrivatedKey)\n )\n )\n } else {\n const decryptedShares: string[] = await _.reduce(\n notaries,\n (queue, notary) => {\n return queue.then(async (shares: string[]) => {\n try {\n // now, we get the encrypted shares in db and decrypt them. This assumes that the\n // the notaries' private keys are in localstorage. We should implement a way for the notaries to\n // give hcp the decrypted shares without having to also share their private keys.\n const encryptedAesKeyMap = await this.getEncryptedAesExchangeKeys(hcp, notary.id!)\n const importedAESHcPartyKey = await Promise.all(\n Object.entries(encryptedAesKeyMap).map(\n async ([idPubKey, keysMap]) => await this.decryptHcPartyKey(notary.id!, hcp.id!, notary.id!, idPubKey, keysMap, publicKeys)\n )\n )\n const encryptedShare = hcp.privateKeyShamirPartitions![notary.id!]\n const decryptedShamirPartition = ua2hex(\n await this.AES.decryptSome(\n importedAESHcPartyKey.map((k) => k.key),\n hex2ua(encryptedShare)\n )\n )\n shares.push(decryptedShamirPartition)\n } catch (e) {\n console.log('Error during encryptedShamirRSAKey', notary.id, e)\n }\n return shares\n })\n },\n Promise.resolve([] as string[])\n )\n\n decryptedPrivatedKey = this.primitives.shamir.combine(decryptedShares)\n }\n\n const importedPrivateKey = await this.primitives.RSA.importKey('pkcs8', hex2ua(decryptedPrivatedKey), ['decrypt'])\n const importedPublicKey = await this.primitives.RSA.importKey('spki', hex2ua(hcp.publicKey!), ['encrypt'])\n\n const exportedKeyPair = await this.primitives.RSA.exportKeys({ publicKey: importedPublicKey, privateKey: importedPrivateKey }, 'jwk', 'jwk')\n await this._keyStorage.storeKeyPair(`${this.rsaLocalStoreIdPrefix}${hcp.id!}`, exportedKeyPair)\n } catch (e) {\n console.log('Cannot decrypt shamir RSA key')\n }\n }\n\n /**\n * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the\n * entity-specific extended api.\n * Note that currently this method does not cache results anymore (but the updated methods do).\n */\n async decryptHcPartyKey(\n loggedHcPartyId: string,\n delegatorId: string,\n delegateHcPartyId: string,\n publicKey: string,\n encryptedHcPartyKeys: { [key: string]: string },\n publicKeys: string[]\n ): Promise<DelegatorAndKeys> {\n if (!publicKeys.length) {\n const reason = `Cannot decrypt RSA encrypted AES HcPartyKey from ${delegatorId} to ${delegateHcPartyId}: no public key`\n console.warn(reason)\n throw new Error(reason)\n }\n const keysFpSet = new Set(publicKeys.map((x) => x.slice(-32)))\n const filteredKeys = Object.fromEntries(Object.entries(this.keyManager.getDecryptionKeys()).filter(([fp]) => keysFpSet.has(fp)))\n const decrypted = await this.exchangeKeysManager.base.tryDecryptExchangeKeys([encryptedHcPartyKeys], filteredKeys)\n const res = decrypted.successfulDecryptions[0]\n if (!res) {\n const error =\n `Cannot decrypt RSA encrypted AES HcPartyKey from ${delegatorId} to ${delegateHcPartyId}: impossible to decrypt. ` +\n 'No private key was found or could be used to decrypt the aes exchange keys`'\n console.warn(error)\n throw new Error(error)\n }\n return {\n delegatorId,\n key: res,\n rawKey: ua2hex(await this.primitives.AES.exportKey(res, 'raw')),\n }\n }\n\n /**\n * @deprecated you should not need this method anymore. The new API will automatically load on startup all keys available through the key storage\n * facade and/or recoverable through transfer keys or shamir split. If no verified key (safe for encryption) can be found during the instantiation\n * of the API, depending on the parameters passed to the factory one of two scenarios will happen:\n * - A new key will be automatically created on the device and stored using the key storage facade.\n * - The api instantiation fails with an exception. This is ideal if you want to try to recover an existing key pair before creating a new one.\n *\n * If you were using this method to allow the user to recover an existing key that is not available in the storage facade nor recoverable through\n * transfer keys or shamir split (for example by scanning a qr code, or by loading a file from the computer to the web browser's local storage)\n * you will have to move that logic in your implementation of CryptoStrategies.\n * It is currently not allowed to create new key pairs if a verified key pair is already available on the device, as this would be wasteful.\n * If you want to convert a `JsonWebKey` pair to a `CryptoKey` pair you should use directly the method in `primitives.RSA`.\n */\n async cacheKeyPair(keyPairInJwk: KeyPair<JsonWebKey>): Promise<KeyPair<CryptoKey>> {\n const cryptoKeyPair = await this.primitives.RSA.importKeyPair('jwk', keyPairInJwk.privateKey, 'jwk', keyPairInJwk.publicKey)\n const pubHex = ua2hex(await this.primitives.RSA.exportKey(cryptoKeyPair.publicKey, 'spki'))\n const fingerprint = pubHex.slice(-32)\n if (!this.keyManager.getDecryptionKeys()[fingerprint]) {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const selfKeys = this.dataOwnerApi.getHexPublicKeysOf((await this.dataOwnerApi.getCurrentDataOwner()).dataOwner)\n if (!selfKeys.has(pubHex))\n throw new Error(\n `Impossible to add key pair with fingerprint ${fingerprint} to data owner ${selfId}: the data owner has no matching public key`\n )\n await this.icureStorage.saveKey(selfId, fingerprint, keyPairInJwk, true)\n // Force reload to check if more private keys can be recovered or more exchange keys become available.\n await this.forceReload()\n }\n return cryptoKeyPair\n }\n\n /**\n * @deprecated Usually you should not need this method, since the preferred sfk is automatically chosen by the extended entity apis when creating a\n * new instance of the entity.\n */\n async extractPreferredSfk(parent: EncryptedParentEntity, hcpartyId: string, confidential: boolean) {\n return confidential ? this.confidential.getConfidentialSecretId(parent, hcpartyId) : this.confidential.getAnySecretIdSharedWithParents(parent)\n }\n\n /**\n * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the\n * entity-specific extended api.\n */\n async decryptAndImportAesHcPartyKeysForDelegators(\n delegatorsHcPartyIdsSet: Array<string>,\n delegateHcPartyId: string,\n minCacheDurationInSeconds: number = 60\n ): Promise<Array<DelegatorAndKeys>> {\n return await delegatorsHcPartyIdsSet.reduce(async (acc, delegator) => {\n const awaitedAcc = await acc\n const keys = await this.exchangeKeysManager.getDecryptionExchangeKeysFor(delegator, delegateHcPartyId)\n const keysForDelegator = await keys.reduce(async (accForKey, cryptoKey) => {\n const awaitedAccForKey = await accForKey\n const rawKey = ua2hex(await this.primitives.RSA.exportKey(cryptoKey, 'spki'))\n return [\n ...awaitedAccForKey,\n {\n key: cryptoKey,\n delegatorId: delegator,\n rawKey: rawKey,\n },\n ]\n }, Promise.resolve([] as DelegatorAndKeys[]))\n return [...awaitedAcc, ...keysForDelegator]\n }, Promise.resolve([] as DelegatorAndKeys[]))\n }\n\n /**\n * @deprecated you should not need this method anymore because everything related to entities encryption should be done either through the\n * entity-specific extended api.\n * Note that currently this method does not cache results anymore (but the updated methods do).\n */\n async getEncryptedAesExchangeKeys(\n owner: DataOwner,\n delegateId: string\n ): Promise<{ [pubKeyIdentifier: string]: { [pubKeyFingerprint: string]: string } }> {\n const publicKeys = Array.from(this.dataOwnerApi.getHexPublicKeysOf(owner))\n const mapOfAesExchangeKeys = Object.entries(owner.aesExchangeKeys ?? {})\n .filter((e) => e[1][delegateId] && Object.keys(e[1][delegateId]).some((k1) => publicKeys.some((pk) => pk.endsWith(k1))))\n .reduce((map, e) => {\n const candidates = Object.entries(e[1][delegateId]) //[fingerprint of delegate pub key, key], [fingerprint of owner pub key, key]\n const [publicKeyFingerprint, encryptedAesExchangeKey] = candidates[candidates.findIndex(([k, v]) => publicKeys.some((pk) => pk.endsWith(k)))]\n return { ...map, [e[0]]: { [publicKeyFingerprint]: encryptedAesExchangeKey } }\n }, {} as { [pubKeyIdentifier: string]: { [pubKeyFingerprint: string]: string } })\n\n if (!owner.publicKey || mapOfAesExchangeKeys[owner.publicKey] || !owner.hcPartyKeys?.[delegateId]) {\n return mapOfAesExchangeKeys\n }\n const delegate = (await this.dataOwnerApi.getDataOwner(delegateId)).dataOwner\n if (delegate.publicKey && publicKeys.includes(delegate.publicKey)) {\n return {\n ...mapOfAesExchangeKeys,\n [owner.publicKey]: { [delegate.publicKey!.slice(-32)]: owner.hcPartyKeys[delegateId][1] },\n }\n } else if (publicKeys.includes(owner.publicKey)) {\n return { ...mapOfAesExchangeKeys, [owner.publicKey]: { [owner.publicKey.slice(-32)]: owner.hcPartyKeys[delegateId][0] } }\n }\n return mapOfAesExchangeKeys\n }\n\n /**\n * @deprecated you should not use this method because initialisation of encrypted entities keys is done automatically by the entity-specific\n * extended api. Also note that it is now forbidden to initialise an entity as a data owner which is not the current data owner: you should instead\n * create the entity as the current data owner then create a delegation to the other data owner.\n */\n async initEncryptionKeys(\n createdObject: any,\n ownerId: string\n ): Promise<{\n encryptionKeys: any\n secretId: string\n }> {\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n throw new Error('Impossible to initialise keys as a data owner which is not the current data owner')\n }\n const { updatedEntity, rawEncryptionKey } = await this.entities.entityWithInitialisedEncryptedMetadata(\n {\n ...createdObject,\n delegations: undefined,\n encryptionKeys: undefined,\n cryptedForeignKeys: undefined,\n secretForeignKeys: undefined,\n } as EncryptedEntity,\n undefined,\n undefined,\n true\n )\n return {\n encryptionKeys: updatedEntity.encryptionKeys,\n secretId: rawEncryptionKey!,\n }\n }\n\n /**\n * @deprecated You should use:\n * - {@link IccPatientXApi.decryptSecretIdsOf} or {@link IccMessageXApi.decryptSecretIdsOf} to get the delegation sfks (now called secret ids).\n * - {@link IccDataOwnerXApi.getCurrentDataOwnerHierarchyIds} to get the full hierarchy for the current data owner (cached). The first element is\n * the id of the topmost parent, while the last is the current data owner.\n * Note that the behaviour of this method has some subtle changes compared to the past:\n * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.\n * - does not provide any guarantees on the ordering of the extracted keys\n * - deduplicates extracted keys\n */\n async extractDelegationsSFKs(document: EncryptedEntity | null, hcpartyId?: string): Promise<{ extractedKeys: Array<string>; hcpartyId?: string }> {\n if (!document || !hcpartyId) {\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n const delegationsForAllDelegates = document.delegations\n if (!delegationsForAllDelegates || !Object.keys(delegationsForAllDelegates).length) {\n console.log(`There is no delegation in document (${document.id})`)\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n return {\n extractedKeys: await this.entities.secretIdsOf(document, hcpartyId),\n hcpartyId: (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],\n }\n }\n\n /**\n * @deprecated (light) You should use:\n * - {@link IccHelementXApi.decryptPatientIdOf}, {@link IccDocumentXApi.decryptMessageIdOf}, ... to get the crypted foreign keys.\n * - {@link IccDataOwnerXApi.getCurrentDataOwnerHierarchyIds} to get the full hierarchy for the current data owner (cached). The first element is\n * the id of the topmost parent, while the last is the current data owner.\n * Note that the behaviour of this method has some subtle changes compared to the past:\n * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.\n * - does not provide any guarantees on the ordering of the extracted keys\n * - deduplicates extracted keys\n */\n async extractCryptedFKs(document: EncryptedEntity | null, hcpartyId: string): Promise<{ extractedKeys: Array<string>; hcpartyId: string }> {\n if (!document || !document.cryptedForeignKeys) {\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n const cfksForAllDelegates = document.cryptedForeignKeys\n if (!cfksForAllDelegates || !Object.keys(cfksForAllDelegates).length) {\n console.log(`There is no cryptedForeignKeys in document (${document.id})`)\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n return {\n extractedKeys: await this.entities.owningEntityIdsOf(document, hcpartyId),\n hcpartyId: (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],\n }\n }\n\n /**\n * @deprecated You should use the extended apis methods to encrypt/decrypt entities or their attachments\n * Note that the behaviour of this method has some subtle changes compared to the past:\n * - throws an error if the provided hcpartyId is not part of the current data owner hierarchy.\n * - does not provide any guarantees on the ordering of the extracted keys\n * - deduplicates extracted keys\n */\n async extractEncryptionsSKs(document: EncryptedEntity, hcpartyId: string): Promise<{ extractedKeys: Array<string>; hcpartyId: string }> {\n if (!document.encryptionKeys) {\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n const eckeysForAllDelegates = document.encryptionKeys\n if (!eckeysForAllDelegates || !Object.keys(eckeysForAllDelegates).length) {\n return Promise.resolve({ extractedKeys: [], hcpartyId: hcpartyId })\n }\n return {\n extractedKeys: await this.entities.encryptionKeysOf(document, hcpartyId),\n hcpartyId: (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],\n }\n }\n\n /**\n * @deprecated You should not use this method anymore, depending on what you were passing as {@link delegations} you should replace this method as\n * explained in {@link extractEncryptionsSKs} (if you were passing encryptionKeys), {@link extractCryptedFKs} (cryptedForeignKeys), or\n * {@link extractDelegationsSFKs} (delegations).\n */\n async extractKeysFromDelegationsForHcpHierarchy(\n dataOwnerId: string,\n objectId: string,\n delegations: { [key: string]: Array<Delegation> }\n ): Promise<{ extractedKeys: Array<string>; hcpartyId: string }> {\n return {\n extractedKeys: await this.entities.extractMergedHierarchyFromDelegationAndOwner(\n delegations,\n dataOwnerId,\n (x) => !!x,\n () => Promise.resolve(true)\n ),\n hcpartyId: (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0],\n }\n }\n\n /**\n * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage\n * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you\n * will have to do so in your implementation of CryptoStrategies.\n * You can convert the private key pkcs8 array to a jwk key using {@link pkcs8ToJwk} then you can extract the full key pair using\n * {@link keyPairFromPrivateKeyJwk}.\n */\n async loadKeyPairsAsTextInBrowserLocalStorage(healthcarePartyId: string, privateKey: Uint8Array) {\n await this.cacheKeyPair(keyPairFromPrivateKeyJwk(pkcs8ToJwk(privateKey)))\n }\n\n /**\n * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage\n * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you\n * will have to do so in your implementation of CryptoStrategies.\n * You can extract the full key pair using {@link keyPairFromPrivateKeyJwk}.\n */\n async loadKeyPairsAsJwkInBrowserLocalStorage(healthcarePartyId: string, privateKey: JsonWebKey) {\n await this.cacheKeyPair(keyPairFromPrivateKeyJwk(privateKey))\n }\n\n /**\n * @deprecated you should not need this method anymore: the new API will automatically load on startup all keys available through the key storage\n * facade and/or recoverable through transfer keys or shamir split. If you were using this method to load a key recovered through other means you\n * will have to do so in your implementation of CryptoStrategies.\n */\n loadKeyPairsInBrowserLocalStorage(healthcarePartyId: string, file: Blob): Promise<void> {\n const fr = new FileReader()\n return new Promise((resolve, reject) => {\n fr.onerror = reject\n fr.onabort = reject\n fr.onload = (e: any) => {\n const privateKey = e.target.result as string\n this.loadKeyPairsAsTextInBrowserLocalStorage(healthcarePartyId, hex2ua(privateKey))\n .then(() => resolve())\n .catch(reject)\n }\n fr.readAsText(file)\n })\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n saveKeychainInBrowserLocalStorage(id: string, keychain: number) {\n this._storage.setItem(\n this.keychainLocalStoreIdPrefix + id,\n b2a(new Uint8Array(keychain).reduce((data, byte) => data + String.fromCharCode(byte), ''))\n )\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n saveKeychainInBrowserLocalStorageAsBase64(id: string, keyChainB64: string) {\n this._storage.setItem(this.keychainLocalStoreIdPrefix + id, keyChainB64)\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n async saveKeychainValidityDateInBrowserLocalStorage(id: string, date: string) {\n if (!id) return\n\n if (!date) {\n await this._storage.removeItem(this.keychainValidityDateLocalStoreIdPrefix + id)\n } else {\n await this._storage.setItem(this.keychainValidityDateLocalStoreIdPrefix + id, date)\n }\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n *\n * Populate the HCP.options dict with an encrypted eHealth certificate and unencryped expiry date.\n * Any potentially unencrypted certificates will be pruned from the HCP.\n * @param hcpId Id of the hcp to modify\n * @returns modified HCP\n */\n async saveKeyChainInHCPFromLocalStorage(hcpId: string): Promise<HealthcareParty> {\n return await this.hcpartyBaseApi.getHealthcareParty(hcpId).then(async (hcp: HealthcareParty) => {\n let aesKey: CryptoKey | null = null\n try {\n aesKey = _.find(\n await this.decryptAndImportAesHcPartyKeysForDelegators([hcp.id!], hcp.id!),\n (delegator: DelegatorAndKeys) => delegator.delegatorId === hcp.id\n )!.key\n } catch (e) {\n console.error('Error while importing the AES key.')\n }\n if (!aesKey) {\n console.error('No encryption key!')\n }\n\n const opts = hcp.options || {}\n\n const crt = await this.getKeychainInBrowserLocalStorageAsBase64(hcp.id!!)\n if (!!aesKey && !!crt) {\n let crtEncrypted: ArrayBuffer | null = null\n try {\n crtEncrypted = await this.AES.encrypt(aesKey, new Uint8Array(string2ua(atob(crt))))\n } catch (e) {\n console.error('Error while encrypting the certificate', e)\n }\n\n // add the encrypted certificate to the options\n _.set(opts, this.hcpPreferenceKeyEhealthCert, ua2string(new Uint8Array(crtEncrypted!)))\n }\n\n const crtValidityDate = this.getKeychainValidityDateInBrowserLocalStorage(hcp.id!!)\n if (!!crtValidityDate) {\n _.set(opts, this.hcpPreferenceKeyEhealthCertDate, crtValidityDate)\n }\n\n hcp.options = opts\n return hcp\n })\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n importKeychainInBrowserFromHCP(hcpId: string): Promise<void> {\n return this.hcpartyBaseApi.getHealthcareParty(hcpId).then(async (hcp: HealthcareParty) => {\n let crtCryp: Uint8Array | null = null\n if (!!hcp.options && !!hcp.options[this.hcpPreferenceKeyEhealthCert]) {\n crtCryp = string2ua(hcp.options[this.hcpPreferenceKeyEhealthCert])\n }\n\n const crtValidityDate = _.get(hcp.options, this.hcpPreferenceKeyEhealthCertDate)\n\n // store the validity date\n if (!!crtValidityDate) {\n this.saveKeychainValidityDateInBrowserLocalStorage(hcp.id!!, crtValidityDate)\n }\n\n let crt: ArrayBuffer | null = null\n let decryptionKey: CryptoKey | null = null\n try {\n decryptionKey = _.find(\n await this.decryptAndImportAesHcPartyKeysForDelegators([hcp.id!], hcp.id!),\n (delegator: DelegatorAndKeys) => delegator.delegatorId === hcp.id\n )!.key\n } catch (e) {\n console.error('Error while importing the AES key.')\n }\n if (!decryptionKey) {\n throw new Error('No encryption key! eHealth certificate cannot be decrypted.')\n }\n\n if (!!crtCryp && decryptionKey) {\n try {\n crt = await this.AES.decrypt(decryptionKey, crtCryp)\n } catch (e) {\n console.error(e)\n }\n }\n\n if (!crt) {\n throw new Error(`Error while saving certificate in browser local storage! Hcp ${hcp.id} has no certificate.`)\n } else {\n this.saveKeychainInBrowserLocalStorageAsBase64(hcp.id!!, btoa(String.fromCharCode.apply(null, Array.from(new Uint8Array(crt)))))\n }\n\n return\n })\n }\n\n /**\n * @deprecated e-health certificates and keychains are not part of iCure's api: this method will be removed.\n *\n * Synchronizes the eHealth certificate from the database into the LocalStorage, returning information on the presence\n * of certificate data in either place.\n *\n * @param hcpId The healthcare party id\n * @returns A Promise for an object that represents the existence of a certificate in local storage and in the DB,\n * through the two boolean properties \"local\" and \"remote\".\n */\n syncEhealthCertificateFromDatabase(hcpId: string): Promise<{ remote: boolean; local: boolean }> {\n return this.hcpartyBaseApi.getHealthcareParty(hcpId).then((hcp: HealthcareParty) => {\n const remoteCertificate = _.get(hcp.options, this.hcpPreferenceKeyEhealthCert)\n const localCertificate = this.getKeychainInBrowserLocalStorageAsBase64(hcp.id!)\n\n if (remoteCertificate) {\n return this.importKeychainInBrowserFromHCP(hcp.id!)\n .then(() => ({ local: true, remote: true }))\n .catch(() => ({ local: !!localCertificate, remote: true }))\n } else {\n return { local: !!localCertificate, remote: !!remoteCertificate }\n }\n })\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n getKeychainInBrowserLocalStorageAsBase64(id: string) {\n return this._storage.getItem(this.keychainLocalStoreIdPrefix + id)\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n getKeychainValidityDateInBrowserLocalStorage(id: string) {\n return this._storage.getItem(this.keychainValidityDateLocalStoreIdPrefix + id)\n }\n\n /**\n * @deprecated keychains are not part of iCure's api: this method will be removed.\n */\n async loadKeychainFromBrowserLocalStorage(id: string) {\n const lsItem = await this._storage.getItem(this.keychainLocalStoreIdPrefix + id)\n return lsItem !== undefined ? b64_2uas(lsItem) : null\n }\n\n /**\n * @deprecated you should not need this method anymore to deal with the encryption of iCure entities because everything related to entities\n * encryption should be done through the entity-specific extended api.\n * If instead you were using the method for other reasons check {@link getCachedRsaKeyPairForFingerprint} to get an idea of possible replacements.\n */\n async loadKeyPairNotImported(id: string, publicKeyFingerPrint?: string): Promise<{ publicKey: JsonWebKey; privateKey: JsonWebKey } | undefined> {\n if (publicKeyFingerPrint) {\n const cached = this.keyManager.getKeyPairForFingerprint(publicKeyFingerPrint)?.pair\n if (cached) {\n return this.primitives.RSA.exportKeys(cached, 'jwk', 'jwk')\n }\n } else {\n const defaultKey = await this._keyStorage.getKeypair(this.rsaLocalStoreIdPrefix + id)\n if (defaultKey) return defaultKey\n }\n console.warn(`No key can be found in local storage for id ${id} and publicKeyFingerPrint ${publicKeyFingerPrint}`)\n }\n\n /**\n * @deprecated use {@link IccIcureMaintenanceXApi.applyKeyPairUpdate} instead.\n */\n async giveAccessBackTo(delegateUser: User, ownerId: string, ownerNewPublicKey: string): Promise<DataOwner> {\n await this.exchangeKeys.base.giveAccessBackTo(ownerId, ownerNewPublicKey, this.userKeysManager.getDecryptionKeys())\n return this.dataOwnerApi.getDataOwner(ownerId).then((x) => x.dataOwner)\n }\n /**\n * @deprecated You don't need to manually generate exchange keys as they will be automatically created by the api when needed.\n * Note that this method has some changes compared to previous version:\n * - The method may return any data owner (including devices)\n * - The method will throw an exception if the provided ownerId does not match the current data owner\n */\n async generateKeyForDelegate(ownerId: string, delegateId: string): Promise<DataOwner> {\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n throw new Error('You can only create delegation where the delegator is the current data owner')\n }\n return (await this.dataOwnerApi.getDataOwner(ownerId)).dataOwner\n }\n\n /**\n * @deprecated replace with {@link IccDataOwnerXApi.getDataOwner}. Note that data owners are not cached anymore.\n */\n getDataOwner(ownerId: string, loadIfMissingFromCache: boolean = true) {\n return this.dataOwnerApi.getDataOwner(ownerId)\n }\n\n /**\n * @deprecated the crypto api will automatically verify on startup the validity of private keys, but in some cases you may want to verify the\n * validity of keys recovered in your implementation of {@link CryptoStrategies}: in this case the method has been replaced with\n * {@link RSA.checkKeyPairValidity}\n */\n async checkPrivateKeyValidity(dataOwner: DataOwner): Promise<boolean> {\n const publicKeys = Array.from(new Set([dataOwner.publicKey].concat(Object.keys(dataOwner.aesExchangeKeys ?? {})).filter((x) => !!x))) as string[]\n\n return await publicKeys.reduce(async (pres, publicKey) => {\n const res = await pres\n try {\n const k = await this.primitives.RSA.importKey('jwk', spkiToJwk(hex2ua(publicKey)), ['encrypt'])\n const cipher = await this.primitives.RSA.encrypt(k, utf8_2ua('shibboleth'))\n const ikp = await this.getCachedRsaKeyPairForFingerprint(dataOwner.id!, publicKey.slice(-32))\n const plainText = ua2utf8(await this.primitives.RSA.decrypt(ikp.privateKey, new Uint8Array(cipher)))\n return plainText === 'shibboleth' || res\n } catch (e) {\n return res\n }\n }, Promise.resolve(false))\n }\n\n /**\n * @deprecated (See {@link extractEncryptionsSKs} for a detailed explanation).\n */\n async getEncryptionDecryptionKeys(dataOwnerId: string, document: EncryptedEntity): Promise<Array<string> | undefined> {\n return this.entities.encryptionKeysOf(document, dataOwnerId)\n }\n\n /**\n * @deprecated For the encryption/decryption of iCure entities and attachments you should rely solely on the extended apis methods.\n */\n async encryptDecrypt(\n method: 'encrypt' | 'decrypt',\n content: Uint8Array | ArrayBuffer,\n edKey?: string,\n user?: User,\n documentObject?: Document\n ): Promise<Uint8Array | Array<any> | any> {\n if (!content || !(edKey || (user?.healthcarePartyId && documentObject))) return content\n\n if (edKey) {\n const importedEdKey = await this.primitives.AES.importKey('raw', hex2ua(edKey.replace(/-/g, '')))\n try {\n return await this.primitives.AES[method](importedEdKey, content)\n } catch (e) {\n return content\n }\n }\n\n const encryptionKeys = await this.entities.encryptionKeysOf(documentObject!, user?.healthcarePartyId!)\n const importedEdKey = await this.primitives.AES.importKey('raw', hex2ua(encryptionKeys[0].replace(/-/g, '')))\n try {\n return await this.primitives.AES[method](importedEdKey, content)\n } catch (e) {\n return content\n }\n }\n\n /**\n * @deprecated you should not need to interact directly with the storage instance used by the iCure sdk.\n */\n storeKeyPair(id: string, keyPair: { publicKey: any; privateKey: any }) {\n this._storage.setItem(this.rsaLocalStoreIdPrefix + id, JSON.stringify(keyPair))\n }\n\n /**\n * @deprecated This method is not safe as it allows any data owner to add a public key to other data owners. The method will be removed in future,\n * additionally the user calling this method will require a special permission when calling it for another data owner.\n * @param ownerId the id of the data owner which will have a new key.\n */\n async generateAndAddNewKeyPairForOwner(\n ownerId: string\n ): Promise<{ dataOwner: HealthcareParty | Patient | Device; publicKey: string; privateKey: string }> {\n const { dataOwner, type } = await this.dataOwnerApi.getDataOwner(ownerId)\n if (type === 'device') throw new Error('Cannot add a key pair to a device')\n const newPair = await this.primitives.RSA.generateKeyPair()\n const exportedPub: string = ua2hex(await this.primitives.RSA.exportKey(newPair.publicKey, 'spki'))\n const exportedPriv: string = ua2hex(await this.primitives.RSA.exportKey(newPair.privateKey, 'pkcs8'))\n let updatedPub: string\n if (dataOwner.publicKey == '') {\n if (Object.keys(dataOwner.hcPartyKeys ?? {}).length > 0) throw new Error(`Data owner ${ownerId} has empty public key but non-empty hcPartyKeys`)\n updatedPub = exportedPub\n } else {\n updatedPub = dataOwner.publicKey ?? exportedPub\n }\n const updatedDataOwner = {\n ...dataOwner,\n publicKey: updatedPub,\n aesExchangeKeys: {\n ...dataOwner.aesExchangeKeys,\n [exportedPub]: {},\n },\n }\n let savedDataOwner: HealthcareParty | Patient\n if (type === 'patient') {\n savedDataOwner = await this.basePatientApi.modifyPatient(updatedDataOwner as Patient)\n } else if (type === 'hcp') {\n savedDataOwner = await this.hcpartyBaseApi.modifyHealthcareParty(updatedDataOwner as HealthcareParty)\n } else throw new Error(`Unknown data owner type ${type}`)\n return {\n dataOwner: savedDataOwner,\n publicKey: exportedPub,\n privateKey: exportedPriv,\n }\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-crypto-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-crypto-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAcA,MAAa,aAAa;IACxB;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,iBAAiB,CAAA;IAC/B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,oBAAoB,CAAA;IAClC,CAAC;IAED;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAA;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,SAAS,CAAA;IACvB,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,oBAAoB,CAAA;IAClC,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,qBAAqB,CAAA;IACnC,CAAC;IAED;;OAEG;IACH,IAAI,wBAAwB;QAC1B,OAAO,IAAI,CAAC,yBAAyB,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED;;OAEG;IACH,IAAI,iBAAiB;QACnB,OAAO,IAAI,CAAC,cAAc,CAAA;IAC5B,CAAC;IAED;;OAEG;IACH,IAAI,0BAA0B;QAC5B,OAAO,IAAI,CAAC,2BAA2B,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,YACmB,oBAAyC,EACzC,iBAAmC,EACnC,WAAsC,EACtC,aAA+B,EAC/B,SAA4B,EAC5B,cAAiC,EACjC,QAA+B,EAC/B,WAA6B,EAC7B,qBAA2C,EAC3C,oBAAyC,EACzC,yBAA2D,EAC3D,2BAAuD;QAXvD,yBAAoB,GAApB,oBAAoB,CAAqB;QACzC,sBAAiB,GAAjB,iBAAiB,CAAkB;QACnC,gBAAW,GAAX,WAAW,CAA2B;QACtC,kBAAa,GAAb,aAAa,CAAkB;QAC/B,cAAS,GAAT,SAAS,CAAmB;QAC5B,mBAAc,GAAd,cAAc,CAAmB;QACjC,aAAQ,GAAR,QAAQ,CAAuB;QAC/B,gBAAW,GAAX,WAAW,CAAkB;QAC7B,0BAAqB,GAArB,qBAAqB,CAAsB;QAC3C,yBAAoB,GAApB,oBAAoB,CAAqB;QACzC,8BAAyB,GAAzB,yBAAyB,CAAkC;QAC3D,gCAA2B,GAA3B,2BAA2B,CAA4B;IACvE,CAAC;IAEJ;;;;OAIG;IACG,WAAW;;YACf,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;YAC1C,IAAI,CAAC,aAAa,CAAC,6BAA6B,EAAE,CAAA;YAClD,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAA;YACnC,MAAM,IAAI,CAAC,oBAAoB,CAAC,sBAAsB,EAAE,CAAA;QAC1D,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,oDAAoD;QAUlD,OAAO,IAAI,CAAC,WAAW,CAAC,wCAAwC,EAAE,CAAA;IACpE,CAAC;IAED;;;;OAIG;IACH,wBAAwB,CAAC,WAAmB;QAC1C,OAAO,IAAI,CAAC,WAAW,CAAC,wBAAwB,CAAC,WAAW,CAAC,CAAA;IAC/D,CAAC;IAED;;;;;OAKG;IACG,6CAA6C;;YACjD,OAAO,IAAI,CAAC,WAAW,CAAC,6CAA6C,EAAE,CAAA;QACzE,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,oCAAoC,CAAC,YAAqB;;YAC9D,OAAO,IAAI,CAAC,WAAW,CAAC,oCAAoC,CAAC,YAAY,CAAC,CAAA;QAC5E,CAAC;KAAA;CACF;AA/JD,sCA+JC","sourcesContent":["import { StorageFacade } from './storage/StorageFacade'\nimport { KeyStorageFacade } from './storage/KeyStorageFacade'\nimport { ExchangeKeysManager } from './crypto/ExchangeKeysManager'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { UserEncryptionKeysManager } from './crypto/UserEncryptionKeysManager'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { ExtendedApisUtils } from './crypto/ExtendedApisUtils'\nimport { ShamirKeysManager } from './crypto/ShamirKeysManager'\nimport { ConfidentialEntities } from './crypto/ConfidentialEntities'\nimport { ExchangeDataManager } from './crypto/ExchangeDataManager'\nimport { AccessControlKeysHeadersProvider } from './crypto/AccessControlKeysHeadersProvider'\nimport { KeyPair } from './crypto/RSA'\nimport { DelegationsDeAnonymization } from './crypto/DelegationsDeAnonymization'\n\nexport class IccCryptoXApi {\n /**\n * The instance of {@link CryptoPrimitives} used by this instance of the iCure SDK.\n */\n get primitives(): CryptoPrimitives {\n return this._cryptoPrimitives\n }\n\n /**\n * @internal this method is for internal use only and may be changed without notice.\n */\n get exchangeKeys(): ExchangeKeysManager {\n return this._exchangeKeysManager\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get keyStorage(): KeyStorageFacade {\n return this._keyStorage\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get storage(): StorageFacade<string> {\n return this._storage\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get xapi(): ExtendedApisUtils {\n return this.xapiUtils\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get exchangeData(): ExchangeDataManager {\n return this._exchangeDataManager\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get confidential(): ConfidentialEntities {\n return this._confidentialEntities\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get accessControlKeysHeaders(): AccessControlKeysHeadersProvider {\n return this._accessControlKeysHeaders\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get userKeysManager(): UserEncryptionKeysManager {\n return this._keyManager\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get shamirKeysManager(): ShamirKeysManager {\n return this._shamirManager\n }\n\n /**\n * @internal this is for internal use only and may be changed without notice.\n */\n get delegationsDeAnonymization(): DelegationsDeAnonymization {\n return this._delegationsDeAnonymisation\n }\n\n /**\n * @internal\n */\n constructor(\n private readonly _exchangeKeysManager: ExchangeKeysManager,\n private readonly _cryptoPrimitives: CryptoPrimitives,\n private readonly _keyManager: UserEncryptionKeysManager,\n private readonly _dataOwnerApi: IccDataOwnerXApi,\n private readonly xapiUtils: ExtendedApisUtils,\n private readonly _shamirManager: ShamirKeysManager,\n private readonly _storage: StorageFacade<string>,\n private readonly _keyStorage: KeyStorageFacade,\n private readonly _confidentialEntities: ConfidentialEntities,\n private readonly _exchangeDataManager: ExchangeDataManager,\n private readonly _accessControlKeysHeaders: AccessControlKeysHeadersProvider,\n private readonly _delegationsDeAnonymisation: DelegationsDeAnonymization\n ) {}\n\n /**\n * Deletes values cached by the crypto api, to allow to detect changes in stored key pairs, exchange keys and/or current data owner details.\n * This method may be useful in cases where a user is logged in from multiple devices or in cases where other users have just shared some data with\n * the current user for the first time.\n */\n async forceReload() {\n this._exchangeKeysManager.clearCache(true)\n this._dataOwnerApi.clearCurrentDataOwnerIdsCache()\n await this._keyManager.reloadKeys()\n await this._exchangeDataManager.clearOrRepopulateCache()\n }\n\n /**\n * Get all key pairs available for the decrpytion and encryption of data to the current data owner. These include the key pairs from the data owner\n * and his parents.\n * @return an object with:\n * - `self` an object containing the current data owner id and the list of key pairs available for the current data owner with verification details.\n * - `parents` the list of parents to the current data owner with the list of key pairs available for each parent. The list is ordered from the\n * topmost ancestor (at index 0) to the direct parent of the current data owner (at the last index, may be 0).\n */\n getEncryptionDecryptionKeypairsForDataOwnerHierarchy(): Promise<{\n self: {\n dataOwnerId: string\n keys: { pair: KeyPair<CryptoKey>; verified: boolean }[]\n }\n parents: {\n dataOwnerId: string\n keys: { pair: KeyPair<CryptoKey> }[]\n }[]\n }> {\n return this._keyManager.getCurrentUserHierarchyAvailableKeypairs()\n }\n\n /**\n * Get a key pair with the provided fingerprint if present.\n * @param fingerprint a key-pair/public-key fingerprint\n * @return the pair associated to the fingerprint and a boolean indicating if the pair is verified, if present, else undefined\n */\n getKeyPairForFingerprint(fingerprint: string): { pair: KeyPair<CryptoKey>; verified: boolean } | undefined {\n return this._keyManager.getKeyPairForFingerprint(fingerprint)\n }\n\n /**\n * Get the public keys of available key pairs for the current user and his parents in hex-encoded spki representation (uses cached keys: no request\n * is done to the server).\n * Note that this will also include unverified keys.\n * @return the spki representation of public keys of available keypairs for the current user.\n */\n async getCurrentUserHierarchyAvailablePublicKeysHex(): Promise<string[]> {\n return this._keyManager.getCurrentUserHierarchyAvailablePublicKeysHex()\n }\n\n /**\n * Get the public keys of available key pairs for the current user in hex-encoded spki representation (uses cached keys: no request is done to the\n * server).\n * By setting {@link verifiedOnly} to true only the public keys for verified key pairs will be returned: these will include only key pairs created\n * on this device or which have been verified using {@link CryptoStrategies} on this device.\n * @param verifiedOnly if true only the verified public keys will be returned.\n * @return the spki representation of public keys of available keypairs for the current user.\n */\n async getCurrentUserAvailablePublicKeysHex(verifiedOnly: boolean): Promise<string[]> {\n return this._keyManager.getCurrentUserAvailablePublicKeysHex(verifiedOnly)\n }\n}\n"]}
|
|
@@ -2,10 +2,10 @@ import { User } from '../icc-api/model/User';
|
|
|
2
2
|
import { HealthcareParty } from '../icc-api/model/HealthcareParty';
|
|
3
3
|
import { Patient } from '../icc-api/model/Patient';
|
|
4
4
|
import { Device } from '../icc-api/model/Device';
|
|
5
|
-
import { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum';
|
|
6
5
|
import { CryptoActorStub, CryptoActorStubWithType } from '../icc-api/model/CryptoActorStub';
|
|
7
|
-
import {
|
|
6
|
+
import { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum';
|
|
8
7
|
import { AuthenticationProvider } from './auth/AuthenticationProvider';
|
|
8
|
+
import { IccDataownerApi } from '../icc-api/api/IccDataownerApi';
|
|
9
9
|
import { DataOwnerWithType } from '../icc-api/model/DataOwnerWithType';
|
|
10
10
|
export type DataOwnerOrStub = DataOwner | CryptoActorStub;
|
|
11
11
|
export type DataOwner = HealthcareParty | Patient | Device;
|
|
@@ -16,6 +16,24 @@ export declare class IccDataOwnerXApi extends IccDataownerApi {
|
|
|
16
16
|
constructor(host: string, headers: {
|
|
17
17
|
[key: string]: string;
|
|
18
18
|
}, authenticationProvider?: AuthenticationProvider, fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>);
|
|
19
|
+
/**
|
|
20
|
+
* Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-1, in hex format.
|
|
21
|
+
* @param dataOwner a data owner.
|
|
22
|
+
* @return the public keys for the data owner in hex format.
|
|
23
|
+
*/
|
|
24
|
+
getHexPublicKeysWithSha1Of(dataOwner: DataOwnerOrStub): Set<string>;
|
|
25
|
+
/**
|
|
26
|
+
* Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-256, in hex format.
|
|
27
|
+
* @param dataOwner a data owner.
|
|
28
|
+
* @return the public keys for the data owner in hex format.
|
|
29
|
+
*/
|
|
30
|
+
getHexPublicKeysWithSha256Of(dataOwner: DataOwnerOrStub): Set<string>;
|
|
31
|
+
/**
|
|
32
|
+
* Gets all public keys of a data owner to be used for encryption, in hex format. Note that this may include keys that should be used for different
|
|
33
|
+
* encryption algorithms.
|
|
34
|
+
*/
|
|
35
|
+
getHexPublicKeysOf(dataOwner: DataOwnerOrStub): Set<string>;
|
|
36
|
+
getCurrentDataOwnerStub(): Promise<CryptoActorStubWithType>;
|
|
19
37
|
/**
|
|
20
38
|
* If the logged user is a data owner get the current data owner. This information is cached without expiration, and will only be updated in case
|
|
21
39
|
* of forced refresh.
|
|
@@ -66,12 +84,6 @@ export declare class IccDataOwnerXApi extends IccDataownerApi {
|
|
|
66
84
|
* @return the crypto actor stub of the data owner with the provided id
|
|
67
85
|
*/
|
|
68
86
|
getCryptoActorStub(ownerId: string): Promise<CryptoActorStubWithType>;
|
|
69
|
-
/**
|
|
70
|
-
* Gets the public keys of a data owner in hex format.
|
|
71
|
-
* @param dataOwner a data owner.
|
|
72
|
-
* @return the public keys for the data owner in hex format.
|
|
73
|
-
*/
|
|
74
|
-
getHexPublicKeysOf(dataOwner: DataOwnerOrStub): Set<string>;
|
|
75
87
|
/**
|
|
76
88
|
* Clears the cache of current data owner id and parent hierarchy ids. The hierarchy of a data owner should not normally change over time, so this
|
|
77
89
|
* method should be rarely needed.
|
|
@@ -11,8 +11,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.IccDataOwnerXApi = void 0;
|
|
13
13
|
const utils_1 = require("./crypto/utils");
|
|
14
|
-
const
|
|
14
|
+
const CryptoActorStub_1 = require("../icc-api/model/CryptoActorStub");
|
|
15
15
|
const AuthenticationProvider_1 = require("./auth/AuthenticationProvider");
|
|
16
|
+
const IccDataownerApi_1 = require("../icc-api/api/IccDataownerApi");
|
|
16
17
|
class IccDataOwnerXApi extends IccDataownerApi_1.IccDataownerApi {
|
|
17
18
|
get selfDataOwnerId() {
|
|
18
19
|
if (!this.currentDataOwnerHierarchyIds)
|
|
@@ -26,6 +27,34 @@ class IccDataOwnerXApi extends IccDataownerApi_1.IccDataownerApi {
|
|
|
26
27
|
: fetch) {
|
|
27
28
|
super(host, headers, authenticationProvider, fetchImpl);
|
|
28
29
|
}
|
|
30
|
+
/**
|
|
31
|
+
* Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-1, in hex format.
|
|
32
|
+
* @param dataOwner a data owner.
|
|
33
|
+
* @return the public keys for the data owner in hex format.
|
|
34
|
+
*/
|
|
35
|
+
getHexPublicKeysWithSha1Of(dataOwner) {
|
|
36
|
+
return (0, utils_1.hexPublicKeysWithSha1Of)(dataOwner);
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-256, in hex format.
|
|
40
|
+
* @param dataOwner a data owner.
|
|
41
|
+
* @return the public keys for the data owner in hex format.
|
|
42
|
+
*/
|
|
43
|
+
getHexPublicKeysWithSha256Of(dataOwner) {
|
|
44
|
+
return (0, utils_1.hexPublicKeysWithSha256Of)(dataOwner);
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* Gets all public keys of a data owner to be used for encryption, in hex format. Note that this may include keys that should be used for different
|
|
48
|
+
* encryption algorithms.
|
|
49
|
+
*/
|
|
50
|
+
getHexPublicKeysOf(dataOwner) {
|
|
51
|
+
return new Set([...this.getHexPublicKeysWithSha1Of(dataOwner), ...this.getHexPublicKeysWithSha256Of(dataOwner)]);
|
|
52
|
+
}
|
|
53
|
+
getCurrentDataOwnerStub() {
|
|
54
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
55
|
+
return CryptoActorStub_1.CryptoActorStubWithType.fromDataOwner(yield this.getCurrentDataOwner());
|
|
56
|
+
});
|
|
57
|
+
}
|
|
29
58
|
/**
|
|
30
59
|
* If the logged user is a data owner get the current data owner. This information is cached without expiration, and will only be updated in case
|
|
31
60
|
* of forced refresh.
|
|
@@ -147,14 +176,6 @@ class IccDataOwnerXApi extends IccDataownerApi_1.IccDataownerApi {
|
|
|
147
176
|
});
|
|
148
177
|
});
|
|
149
178
|
}
|
|
150
|
-
/**
|
|
151
|
-
* Gets the public keys of a data owner in hex format.
|
|
152
|
-
* @param dataOwner a data owner.
|
|
153
|
-
* @return the public keys for the data owner in hex format.
|
|
154
|
-
*/
|
|
155
|
-
getHexPublicKeysOf(dataOwner) {
|
|
156
|
-
return (0, utils_1.hexPublicKeysOf)(dataOwner);
|
|
157
|
-
}
|
|
158
179
|
/**
|
|
159
180
|
* Clears the cache of current data owner id and parent hierarchy ids. The hierarchy of a data owner should not normally change over time, so this
|
|
160
181
|
* method should be rarely needed.
|
|
@@ -163,7 +184,7 @@ class IccDataOwnerXApi extends IccDataownerApi_1.IccDataownerApi {
|
|
|
163
184
|
this.currentDataOwnerHierarchyIds = undefined;
|
|
164
185
|
}
|
|
165
186
|
checkDataOwnerIntegrity(dataOwner) {
|
|
166
|
-
const keys = this.
|
|
187
|
+
const keys = new Set([...this.getHexPublicKeysWithSha1Of(dataOwner), ...this.getHexPublicKeysWithSha256Of(dataOwner)]);
|
|
167
188
|
if (new Set(Array.from(keys).map((x) => x.slice(-32))).size != keys.size)
|
|
168
189
|
throw new Error(`Different public keys for ${dataOwner.id} have the same fingerprint; this should not happen in normal circumstances. Please report this error to iCure.`);
|
|
169
190
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-data-owner-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-data-owner-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,0CAAgD;AAGhD,oEAAgE;AAChE,0EAAgG;AAMhG,MAAa,gBAAiB,SAAQ,iCAAe;IAInD,IAAY,eAAe;QACzB,IAAI,CAAC,IAAI,CAAC,4BAA4B;YAAE,OAAO,SAAS,CAAA;QACxD,OAAO,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,4BAA4B,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IACxF,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACG,qBAAqB;;YACzB,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,+BAA+B,EAAE,CAAA;aAC7C;YACD,OAAO,IAAI,CAAC,4BAA6B,CAAC,IAAI,CAAC,4BAA6B,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAC1F,CAAC;KAAA;IAED;;;;;OAKG;IACG,+BAA+B;;YACnC,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAC3D;YACD,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA6B,CAAC,CAAA;QAChD,CAAC;KAAA;IAED;;;;OAIG;IACG,mCAAmC,CAAC,QAAgB;;YACxD,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,+BAA+B,EAAE,CAAA;aAC7C;YACD,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,4BAA6B,EAAE;gBAC5D,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;gBACrB,IAAI,WAAW,KAAK,QAAQ;oBAAE,OAAO,GAAG,CAAA;aACzC;YACD,MAAM,IAAI,KAAK,CAAC,GAAG,QAAQ,+DAA+D,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;OAIG;IACG,4BAA4B;;YAChC,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,OAAO,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAClE;;gBAAM,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,4BAA6B,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAClG,CAAC;KAAA;IAED;;;OAGG;IACG,uBAAuB;;YAC3B,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAC3D;YACD,OAAO,IAAI,CAAC,oBAAqB,CAAA;QACnC,CAAC;KAAA;IAED;;;;;OAKG;IACH,gBAAgB,CAAC,IAAU;;QACzB,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,iBAAiB,mCAAI,IAAI,CAAC,SAAS,mCAAI,IAAI,CAAC,QAAQ,CAAA;QAC7E,IAAI,WAAW,IAAI,SAAS,EAAE;YAC5B,MAAM,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,sBAAsB,CAAC,CAAA;SACnD;QACD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED;;;;;OAKG;IACG,YAAY,CAAC,OAAe;;;;;YAChC,OAAO,OAAM,YAAY,YAAC,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC/C,IAAI,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,IAAI,CAAC,eAAe;oBAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBAC5F,OAAO,IAAI,CAAA;YACb,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,OAAe;;;;;YACtC,OAAO,OAAM,kBAAkB,YAAC,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACrD,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC,eAAe;oBAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAClF,OAAO,IAAI,CAAA;YACb,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACH,kBAAkB,CAAC,SAA0B;QAC3C,OAAO,IAAA,uBAAe,EAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED;;;OAGG;IACH,6BAA6B;QAC3B,IAAI,CAAC,4BAA4B,GAAG,SAAS,CAAA;IAC/C,CAAC;IAEO,uBAAuB,CAAC,SAA0B;QACxD,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QAC/C,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI;YACtE,MAAM,IAAI,KAAK,CACb,6BAA6B,SAAS,CAAC,EAAE,gHAAgH,CAC1J,CAAA;IACL,CAAC;IAEa,6CAA6C;;YACzD,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;YAC3C,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAC5C,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAA;YACrC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,CAAA;YAChB,OAAQ,IAAI,CAAC,SAA6B,CAAC,QAAQ,EAAE;gBACnD,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAE,IAAI,CAAC,SAA6B,CAAC,QAAS,CAAC,CAAA;gBAC7E,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAA;aACrB;YACD,IAAI,CAAC,4BAA4B,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAG,CAAC,CAAA;YACnE,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;CACF;AAlKD,4CAkKC","sourcesContent":["import { User } from '../icc-api/model/User'\nimport { HealthcareParty } from '../icc-api/model/HealthcareParty'\nimport { Patient } from '../icc-api/model/Patient'\nimport { Device } from '../icc-api/model/Device'\nimport { hexPublicKeysOf } from './crypto/utils'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport { CryptoActorStub, CryptoActorStubWithType } from '../icc-api/model/CryptoActorStub'\nimport { IccDataownerApi } from '../icc-api/api/IccDataownerApi'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { DataOwnerWithType } from '../icc-api/model/DataOwnerWithType'\n\nexport type DataOwnerOrStub = DataOwner | CryptoActorStub\nexport type DataOwner = HealthcareParty | Patient | Device\n\nexport class IccDataOwnerXApi extends IccDataownerApi {\n private currentDataOwnerType: DataOwnerTypeEnum | undefined\n private currentDataOwnerHierarchyIds: string[] | undefined\n\n private get selfDataOwnerId(): string | undefined {\n if (!this.currentDataOwnerHierarchyIds) return undefined\n return this.currentDataOwnerHierarchyIds[this.currentDataOwnerHierarchyIds.length - 1]\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n }\n\n /**\n * If the logged user is a data owner get the current data owner. This information is cached without expiration, and will only be updated in case\n * of forced refresh.\n * @throws if the current user is not a data owner.\n */\n async getCurrentDataOwnerId(): Promise<string> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.getCurrentDataOwnerHierarchyIds()\n }\n return this.currentDataOwnerHierarchyIds![this.currentDataOwnerHierarchyIds!.length - 1]\n }\n\n /**\n * If the logged user is a data owner get its parent hierarchy. This information is cached without expiration, and will only be updated in case\n * of forced refresh.\n * The resulting array starts with the topmost parent (the only ancestor without a parent) and ends with the data owner itself.\n * @throws if the current user is not a data owner.\n */\n async getCurrentDataOwnerHierarchyIds(): Promise<string[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n }\n return [...this.currentDataOwnerHierarchyIds!]\n }\n\n /**\n * Get the hierarchy for the current data owner starting from the specified parent.\n * @throws an array starting at the topmost parent and ending at the provided parent id. If the provided id is not part of the hierarchy throws an\n * error.\n */\n async getCurrentDataOwnerHierarchyIdsFrom(parentId: string): Promise<string[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.getCurrentDataOwnerHierarchyIds()\n }\n const res = []\n for (const dataOwnerId of this.currentDataOwnerHierarchyIds!) {\n res.push(dataOwnerId)\n if (dataOwnerId === parentId) return res\n }\n throw new Error(`${parentId} is not part of the data owner hierarchy for the current user`)\n }\n\n /**\n * If the logged user is a data owner get the current data owner and all of his parents.\n * @throws if the current user is not a data owner.\n * @return the current data owner hierarchy, starting from the topmost parent to the current data owner.\n */\n async getCurrentDataOwnerHierarchy(): Promise<DataOwnerWithType[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n return await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n } else return Promise.all(this.currentDataOwnerHierarchyIds!.map((id) => this.getDataOwner(id)))\n }\n\n /**\n * If the logged user is a data owner get the type of the current data owner. This information is cached.\n * @throws if the current user is not a data owner\n */\n async getCurrentDataOwnerType(): Promise<DataOwnerTypeEnum> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n }\n return this.currentDataOwnerType!\n }\n\n /**\n * Get the id of the data owner entity for a user.\n * @param user a user that is also a data owner.\n * @return the id of the data owner corresponding to the provided user.\n * @throws if the user is not a data owner.\n */\n getDataOwnerIdOf(user: User): string {\n const dataOwnerId = user.healthcarePartyId ?? user.patientId ?? user.deviceId\n if (dataOwnerId == undefined) {\n throw Error(`User ${user.id} is not a data owner`)\n }\n return dataOwnerId\n }\n\n /**\n * Get a data owner. Note that this does not decrpyt patient data owners.\n * @param ownerId id of the data owner to retrieve (patient, medical device, hcp, ...)\n * @return the data owner with the provided id\n * @throws if you have no access to the data owner. Use {@link getCryptoActorStub}.\n */\n async getDataOwner(ownerId: string): Promise<DataOwnerWithType> {\n return super.getDataOwner(ownerId).then((dowt) => {\n if (dowt.dataOwner.id === this.selfDataOwnerId) this.checkDataOwnerIntegrity(dowt.dataOwner)\n return dowt\n })\n }\n\n /**\n * Get a crypto actor stub for a data owner.\n * @param ownerId id of the data owner for which you want to retrieve the stub (patient, medical device, hcp, ...)\n * @return the crypto actor stub of the data owner with the provided id\n */\n async getCryptoActorStub(ownerId: string): Promise<CryptoActorStubWithType> {\n return super.getCryptoActorStub(ownerId).then((dowt) => {\n if (dowt.stub.id === this.selfDataOwnerId) this.checkDataOwnerIntegrity(dowt.stub)\n return dowt\n })\n }\n\n /**\n * Gets the public keys of a data owner in hex format.\n * @param dataOwner a data owner.\n * @return the public keys for the data owner in hex format.\n */\n getHexPublicKeysOf(dataOwner: DataOwnerOrStub): Set<string> {\n return hexPublicKeysOf(dataOwner)\n }\n\n /**\n * Clears the cache of current data owner id and parent hierarchy ids. The hierarchy of a data owner should not normally change over time, so this\n * method should be rarely needed.\n */\n clearCurrentDataOwnerIdsCache() {\n this.currentDataOwnerHierarchyIds = undefined\n }\n\n private checkDataOwnerIntegrity(dataOwner: DataOwnerOrStub) {\n const keys = this.getHexPublicKeysOf(dataOwner)\n if (new Set(Array.from(keys).map((x) => x.slice(-32))).size != keys.size)\n throw new Error(\n `Different public keys for ${dataOwner.id} have the same fingerprint; this should not happen in normal circumstances. Please report this error to iCure.`\n )\n }\n\n private async forceLoadCurrentDataOwnerHierarchyAndCacheIds(): Promise<DataOwnerWithType[]> {\n let curr = await this.getCurrentDataOwner()\n this.checkDataOwnerIntegrity(curr.dataOwner)\n this.currentDataOwnerType = curr.type\n let res = [curr]\n while ((curr.dataOwner as HealthcareParty).parentId) {\n curr = await this.getDataOwner((curr.dataOwner as HealthcareParty).parentId!)\n res = [curr, ...res]\n }\n this.currentDataOwnerHierarchyIds = res.map((x) => x.dataOwner.id!)\n return res\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-data-owner-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-data-owner-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAKA,0CAAkG;AAGlG,sEAA2F;AAE3F,0EAAgG;AAChG,oEAAgE;AAMhE,MAAa,gBAAiB,SAAQ,iCAAe;IAInD,IAAY,eAAe;QACzB,IAAI,CAAC,IAAI,CAAC,4BAA4B;YAAE,OAAO,SAAS,CAAA;QACxD,OAAO,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,4BAA4B,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IACxF,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACH,0BAA0B,CAAC,SAA0B;QACnD,OAAO,IAAA,+BAAuB,EAAC,SAAS,CAAC,CAAA;IAC3C,CAAC;IAED;;;;OAIG;IACH,4BAA4B,CAAC,SAA0B;QACrD,OAAO,IAAA,iCAAyB,EAAC,SAAS,CAAC,CAAA;IAC7C,CAAC;IAED;;;OAGG;IACH,kBAAkB,CAAC,SAA0B;QAC3C,OAAO,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,0BAA0B,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,CAAC,4BAA4B,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IAClH,CAAC;IAEK,uBAAuB;;YAC3B,OAAO,yCAAuB,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC,CAAA;QAChF,CAAC;KAAA;IAED;;;;OAIG;IACG,qBAAqB;;YACzB,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,+BAA+B,EAAE,CAAA;aAC7C;YACD,OAAO,IAAI,CAAC,4BAA6B,CAAC,IAAI,CAAC,4BAA6B,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAC1F,CAAC;KAAA;IAED;;;;;OAKG;IACG,+BAA+B;;YACnC,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAC3D;YACD,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA6B,CAAC,CAAA;QAChD,CAAC;KAAA;IAED;;;;OAIG;IACG,mCAAmC,CAAC,QAAgB;;YACxD,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,+BAA+B,EAAE,CAAA;aAC7C;YACD,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,4BAA6B,EAAE;gBAC5D,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;gBACrB,IAAI,WAAW,KAAK,QAAQ;oBAAE,OAAO,GAAG,CAAA;aACzC;YACD,MAAM,IAAI,KAAK,CAAC,GAAG,QAAQ,+DAA+D,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;OAIG;IACG,4BAA4B;;YAChC,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,OAAO,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAClE;;gBAAM,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,4BAA6B,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAClG,CAAC;KAAA;IAED;;;OAGG;IACG,uBAAuB;;YAC3B,IAAI,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBACtC,MAAM,IAAI,CAAC,6CAA6C,EAAE,CAAA;aAC3D;YACD,OAAO,IAAI,CAAC,oBAAqB,CAAA;QACnC,CAAC;KAAA;IAED;;;;;OAKG;IACH,gBAAgB,CAAC,IAAU;;QACzB,MAAM,WAAW,GAAG,MAAA,MAAA,IAAI,CAAC,iBAAiB,mCAAI,IAAI,CAAC,SAAS,mCAAI,IAAI,CAAC,QAAQ,CAAA;QAC7E,IAAI,WAAW,IAAI,SAAS,EAAE;YAC5B,MAAM,KAAK,CAAC,QAAQ,IAAI,CAAC,EAAE,sBAAsB,CAAC,CAAA;SACnD;QACD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED;;;;;OAKG;IACG,YAAY,CAAC,OAAe;;;;;YAChC,OAAO,OAAM,YAAY,YAAC,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC/C,IAAI,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,IAAI,CAAC,eAAe;oBAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;gBAC5F,OAAO,IAAI,CAAA;YACb,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,OAAe;;;;;YACtC,OAAO,OAAM,kBAAkB,YAAC,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBACrD,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC,eAAe;oBAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAClF,OAAO,IAAI,CAAA;YACb,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;;OAGG;IACH,6BAA6B;QAC3B,IAAI,CAAC,4BAA4B,GAAG,SAAS,CAAA;IAC/C,CAAC;IAEO,uBAAuB,CAAC,SAA0B;QACxD,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,0BAA0B,CAAC,SAAS,CAAC,EAAE,GAAG,IAAI,CAAC,4BAA4B,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QACtH,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI;YACtE,MAAM,IAAI,KAAK,CACb,6BAA6B,SAAS,CAAC,EAAE,gHAAgH,CAC1J,CAAA;IACL,CAAC;IAEa,6CAA6C;;YACzD,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAA;YAC3C,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAC5C,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC,IAAI,CAAA;YACrC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,CAAA;YAChB,OAAQ,IAAI,CAAC,SAA6B,CAAC,QAAQ,EAAE;gBACnD,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAE,IAAI,CAAC,SAA6B,CAAC,QAAS,CAAC,CAAA;gBAC7E,GAAG,GAAG,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC,CAAA;aACrB;YACD,IAAI,CAAC,4BAA4B,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAG,CAAC,CAAA;YACnE,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;CACF;AAvLD,4CAuLC","sourcesContent":["import { User } from '../icc-api/model/User'\nimport { IccDeviceApi, IccPatientApi, IccUserApi } from '../icc-api'\nimport { HealthcareParty } from '../icc-api/model/HealthcareParty'\nimport { Patient } from '../icc-api/model/Patient'\nimport { Device } from '../icc-api/model/Device'\nimport { fingerprintV1, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './crypto/utils'\nimport { IccHcpartyXApi } from './icc-hcparty-x-api'\nimport { XHR } from '../icc-api/api/XHR'\nimport { CryptoActorStub, CryptoActorStubWithType } from '../icc-api/model/CryptoActorStub'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { IccDataownerApi } from '../icc-api/api/IccDataownerApi'\nimport { DataOwnerWithType } from '../icc-api/model/DataOwnerWithType'\n\nexport type DataOwnerOrStub = DataOwner | CryptoActorStub\nexport type DataOwner = HealthcareParty | Patient | Device\n\nexport class IccDataOwnerXApi extends IccDataownerApi {\n private currentDataOwnerType: DataOwnerTypeEnum | undefined\n private currentDataOwnerHierarchyIds: string[] | undefined\n\n private get selfDataOwnerId(): string | undefined {\n if (!this.currentDataOwnerHierarchyIds) return undefined\n return this.currentDataOwnerHierarchyIds[this.currentDataOwnerHierarchyIds.length - 1]\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n }\n\n /**\n * Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-1, in hex format.\n * @param dataOwner a data owner.\n * @return the public keys for the data owner in hex format.\n */\n getHexPublicKeysWithSha1Of(dataOwner: DataOwnerOrStub): Set<string> {\n return hexPublicKeysWithSha1Of(dataOwner)\n }\n\n /**\n * Gets the public keys of a data owner to be used for encryption with RSA-OAEP+SHA-256, in hex format.\n * @param dataOwner a data owner.\n * @return the public keys for the data owner in hex format.\n */\n getHexPublicKeysWithSha256Of(dataOwner: DataOwnerOrStub): Set<string> {\n return hexPublicKeysWithSha256Of(dataOwner)\n }\n\n /**\n * Gets all public keys of a data owner to be used for encryption, in hex format. Note that this may include keys that should be used for different\n * encryption algorithms.\n */\n getHexPublicKeysOf(dataOwner: DataOwnerOrStub): Set<string> {\n return new Set([...this.getHexPublicKeysWithSha1Of(dataOwner), ...this.getHexPublicKeysWithSha256Of(dataOwner)])\n }\n\n async getCurrentDataOwnerStub(): Promise<CryptoActorStubWithType> {\n return CryptoActorStubWithType.fromDataOwner(await this.getCurrentDataOwner())\n }\n\n /**\n * If the logged user is a data owner get the current data owner. This information is cached without expiration, and will only be updated in case\n * of forced refresh.\n * @throws if the current user is not a data owner.\n */\n async getCurrentDataOwnerId(): Promise<string> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.getCurrentDataOwnerHierarchyIds()\n }\n return this.currentDataOwnerHierarchyIds![this.currentDataOwnerHierarchyIds!.length - 1]\n }\n\n /**\n * If the logged user is a data owner get its parent hierarchy. This information is cached without expiration, and will only be updated in case\n * of forced refresh.\n * The resulting array starts with the topmost parent (the only ancestor without a parent) and ends with the data owner itself.\n * @throws if the current user is not a data owner.\n */\n async getCurrentDataOwnerHierarchyIds(): Promise<string[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n }\n return [...this.currentDataOwnerHierarchyIds!]\n }\n\n /**\n * Get the hierarchy for the current data owner starting from the specified parent.\n * @throws an array starting at the topmost parent and ending at the provided parent id. If the provided id is not part of the hierarchy throws an\n * error.\n */\n async getCurrentDataOwnerHierarchyIdsFrom(parentId: string): Promise<string[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.getCurrentDataOwnerHierarchyIds()\n }\n const res = []\n for (const dataOwnerId of this.currentDataOwnerHierarchyIds!) {\n res.push(dataOwnerId)\n if (dataOwnerId === parentId) return res\n }\n throw new Error(`${parentId} is not part of the data owner hierarchy for the current user`)\n }\n\n /**\n * If the logged user is a data owner get the current data owner and all of his parents.\n * @throws if the current user is not a data owner.\n * @return the current data owner hierarchy, starting from the topmost parent to the current data owner.\n */\n async getCurrentDataOwnerHierarchy(): Promise<DataOwnerWithType[]> {\n if (!this.currentDataOwnerHierarchyIds) {\n return await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n } else return Promise.all(this.currentDataOwnerHierarchyIds!.map((id) => this.getDataOwner(id)))\n }\n\n /**\n * If the logged user is a data owner get the type of the current data owner. This information is cached.\n * @throws if the current user is not a data owner\n */\n async getCurrentDataOwnerType(): Promise<DataOwnerTypeEnum> {\n if (!this.currentDataOwnerHierarchyIds) {\n await this.forceLoadCurrentDataOwnerHierarchyAndCacheIds()\n }\n return this.currentDataOwnerType!\n }\n\n /**\n * Get the id of the data owner entity for a user.\n * @param user a user that is also a data owner.\n * @return the id of the data owner corresponding to the provided user.\n * @throws if the user is not a data owner.\n */\n getDataOwnerIdOf(user: User): string {\n const dataOwnerId = user.healthcarePartyId ?? user.patientId ?? user.deviceId\n if (dataOwnerId == undefined) {\n throw Error(`User ${user.id} is not a data owner`)\n }\n return dataOwnerId\n }\n\n /**\n * Get a data owner. Note that this does not decrpyt patient data owners.\n * @param ownerId id of the data owner to retrieve (patient, medical device, hcp, ...)\n * @return the data owner with the provided id\n * @throws if you have no access to the data owner. Use {@link getCryptoActorStub}.\n */\n async getDataOwner(ownerId: string): Promise<DataOwnerWithType> {\n return super.getDataOwner(ownerId).then((dowt) => {\n if (dowt.dataOwner.id === this.selfDataOwnerId) this.checkDataOwnerIntegrity(dowt.dataOwner)\n return dowt\n })\n }\n\n /**\n * Get a crypto actor stub for a data owner.\n * @param ownerId id of the data owner for which you want to retrieve the stub (patient, medical device, hcp, ...)\n * @return the crypto actor stub of the data owner with the provided id\n */\n async getCryptoActorStub(ownerId: string): Promise<CryptoActorStubWithType> {\n return super.getCryptoActorStub(ownerId).then((dowt) => {\n if (dowt.stub.id === this.selfDataOwnerId) this.checkDataOwnerIntegrity(dowt.stub)\n return dowt\n })\n }\n\n /**\n * Clears the cache of current data owner id and parent hierarchy ids. The hierarchy of a data owner should not normally change over time, so this\n * method should be rarely needed.\n */\n clearCurrentDataOwnerIdsCache() {\n this.currentDataOwnerHierarchyIds = undefined\n }\n\n private checkDataOwnerIntegrity(dataOwner: DataOwnerOrStub) {\n const keys = new Set([...this.getHexPublicKeysWithSha1Of(dataOwner), ...this.getHexPublicKeysWithSha256Of(dataOwner)])\n if (new Set(Array.from(keys).map((x) => x.slice(-32))).size != keys.size)\n throw new Error(\n `Different public keys for ${dataOwner.id} have the same fingerprint; this should not happen in normal circumstances. Please report this error to iCure.`\n )\n }\n\n private async forceLoadCurrentDataOwnerHierarchyAndCacheIds(): Promise<DataOwnerWithType[]> {\n let curr = await this.getCurrentDataOwner()\n this.checkDataOwnerIntegrity(curr.dataOwner)\n this.currentDataOwnerType = curr.type\n let res = [curr]\n while ((curr.dataOwner as HealthcareParty).parentId) {\n curr = await this.getDataOwner((curr.dataOwner as HealthcareParty).parentId!)\n res = [curr, ...res]\n }\n this.currentDataOwnerHierarchyIds = res.map((x) => x.dataOwner.id!)\n return res\n }\n}\n"]}
|
|
@@ -1,13 +1,20 @@
|
|
|
1
1
|
import { IccAuthApi, IccDocumentApi } from '../icc-api';
|
|
2
2
|
import { IccCryptoXApi } from './icc-crypto-x-api';
|
|
3
|
+
import { XHR } from '../icc-api/api/XHR';
|
|
3
4
|
import * as models from '../icc-api/model/models';
|
|
4
5
|
import { IccDataOwnerXApi } from './icc-data-owner-x-api';
|
|
5
6
|
import { AuthenticationProvider } from './auth/AuthenticationProvider';
|
|
7
|
+
import { SecureDelegation } from '../icc-api/model/SecureDelegation';
|
|
8
|
+
import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
|
|
6
9
|
import { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour';
|
|
10
|
+
import { ShareResult } from './utils/ShareResult';
|
|
11
|
+
import { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest';
|
|
12
|
+
import RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum;
|
|
7
13
|
import { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi';
|
|
8
14
|
export declare class IccDocumentXApi extends IccDocumentApi implements EncryptedEntityXApi<models.Document> {
|
|
9
15
|
private crypto;
|
|
10
16
|
private authApi;
|
|
17
|
+
private readonly autofillAuthor;
|
|
11
18
|
fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>;
|
|
12
19
|
/** maps invalid UTI values to corresponding MIME type for backward-compatibility (pre-v1.0.117) */
|
|
13
20
|
compatUtiRevDefs: {
|
|
@@ -26,7 +33,8 @@ export declare class IccDocumentXApi extends IccDocumentApi implements Encrypted
|
|
|
26
33
|
authenticationProvider: AuthenticationProvider;
|
|
27
34
|
constructor(host: string, headers: {
|
|
28
35
|
[key: string]: string;
|
|
29
|
-
}, crypto: IccCryptoXApi, authApi: IccAuthApi, dataOwnerApi: IccDataOwnerXApi, authenticationProvider?: AuthenticationProvider, fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>);
|
|
36
|
+
}, crypto: IccCryptoXApi, authApi: IccAuthApi, dataOwnerApi: IccDataOwnerXApi, autofillAuthor: boolean, authenticationProvider?: AuthenticationProvider, fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>);
|
|
37
|
+
get headers(): Promise<Array<XHR.Header>>;
|
|
30
38
|
/**
|
|
31
39
|
* Creates a new instance of document with initialised encryption metadata (not in the database).
|
|
32
40
|
* @param user the current user.
|
|
@@ -36,15 +44,14 @@ export declare class IccDocumentXApi extends IccDocumentApi implements Encrypted
|
|
|
36
44
|
* @param options optional parameters:
|
|
37
45
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
38
46
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
39
|
-
* auto-delegations, in such case the access level specified here will be used.
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
* secret id of patient known by the topmost parent in the current data owner hierarchy.
|
|
47
|
+
* auto-delegations, in such case the access level specified here will be used.
|
|
48
|
+
* - preferredSfk: secret id of the message to use as the secret foreign key to use for the document. The default value will be a
|
|
49
|
+
* secret id of the message known by the topmost parent in the current data owner hierarchy.
|
|
43
50
|
* @return a new instance of document.
|
|
44
51
|
*/
|
|
45
52
|
newInstance(user: models.User, message?: models.Message, c?: any, options?: {
|
|
46
53
|
additionalDelegates?: {
|
|
47
|
-
[dataOwnerId: string]:
|
|
54
|
+
[dataOwnerId: string]: AccessLevelEnum;
|
|
48
55
|
};
|
|
49
56
|
preferredSfk?: string;
|
|
50
57
|
}): Promise<models.Document>;
|
|
@@ -53,6 +60,9 @@ export declare class IccDocumentXApi extends IccDocumentApi implements Encrypted
|
|
|
53
60
|
getAttachmentAs(documentId: string, attachmentId: string, returnType: "application/octet-stream", enckeys?: string, fileName?: string): Promise<ArrayBuffer>;
|
|
54
61
|
getAttachmentAs(documentId: string, attachmentId: string, returnType: "text/plain", enckeys?: string, fileName?: string): Promise<string>;
|
|
55
62
|
getAttachmentAs(documentId: string, attachmentId: string, returnType: "application/json", enckeys?: string, fileName?: string): Promise<any>;
|
|
63
|
+
getMainAttachmentAs(documentId: string, returnType: "application/octet-stream"): Promise<ArrayBuffer>;
|
|
64
|
+
getMainAttachmentAs(documentId: string, returnType: "text/plain"): Promise<string>;
|
|
65
|
+
getMainAttachmentAs(documentId: string, returnType: "application/json"): Promise<any>;
|
|
56
66
|
getAttachmentUrl(documentId: string, attachmentId: string, sfks: Array<{
|
|
57
67
|
delegatorId: string;
|
|
58
68
|
key: CryptoKey;
|
|
@@ -147,9 +157,13 @@ export declare class IccDocumentXApi extends IccDocumentApi implements Encrypted
|
|
|
147
157
|
* in the returned array, but in case of entity merges there could be multiple values.
|
|
148
158
|
*/
|
|
149
159
|
decryptMessageIdOf(document: models.Document): Promise<string[]>;
|
|
160
|
+
/**
|
|
161
|
+
* @return if the logged data owner has write access to the content of the given document
|
|
162
|
+
*/
|
|
163
|
+
hasWriteAccess(document: models.Document): Promise<boolean>;
|
|
150
164
|
/**
|
|
151
165
|
* Share an existing document with other data owners, allowing them to access the non-encrypted data of the document and optionally also
|
|
152
|
-
* the encrypted content.
|
|
166
|
+
* the encrypted content, with read-only or read-write permissions.
|
|
153
167
|
* @param delegateId the id of the data owner which will be granted access to the document.
|
|
154
168
|
* @param document the document to share.
|
|
155
169
|
* @param options optional parameters to customize the sharing behaviour:
|
|
@@ -157,34 +171,59 @@ export declare class IccDocumentXApi extends IccDocumentApi implements Encrypted
|
|
|
157
171
|
* content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
158
172
|
* - shareMessageId: specifies if the id of the message that this document refers to should be shared with the delegate (defaults to
|
|
159
173
|
* {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
160
|
-
*
|
|
174
|
+
* - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.
|
|
175
|
+
* @return the updated entity
|
|
161
176
|
*/
|
|
162
177
|
shareWith(delegateId: string, document: models.Document, options?: {
|
|
178
|
+
requestedPermissions?: RequestedPermissionEnum;
|
|
163
179
|
shareEncryptionKey?: ShareMetadataBehaviour;
|
|
164
180
|
shareMessageId?: ShareMetadataBehaviour;
|
|
165
181
|
}): Promise<models.Document>;
|
|
166
182
|
/**
|
|
167
183
|
* Share an existing document with other data owners, allowing them to access the non-encrypted data of the document and optionally also
|
|
168
|
-
* the encrypted content.
|
|
184
|
+
* the encrypted content, with read-only or read-write permissions.
|
|
169
185
|
* @param document the document to share.
|
|
170
|
-
* @param delegates
|
|
186
|
+
* @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:
|
|
171
187
|
* - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted
|
|
172
188
|
* content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
173
189
|
* - shareMessageId: specifies if the id of the message that this document refers to should be shared with the delegate (defaults to
|
|
174
190
|
* {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
175
|
-
*
|
|
191
|
+
* - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.
|
|
192
|
+
* @return the updated entity.
|
|
176
193
|
*/
|
|
177
194
|
shareWithMany(document: models.Document, delegates: {
|
|
178
195
|
[delegateId: string]: {
|
|
196
|
+
requestedPermissions?: RequestedPermissionEnum;
|
|
179
197
|
shareEncryptionKey?: ShareMetadataBehaviour;
|
|
180
198
|
shareMessageId?: ShareMetadataBehaviour;
|
|
181
199
|
};
|
|
182
200
|
}): Promise<models.Document>;
|
|
201
|
+
/**
|
|
202
|
+
* Share an existing document with other data owners, allowing them to access the non-encrypted data of the document and optionally also
|
|
203
|
+
* the encrypted content, with read-only or read-write permissions.
|
|
204
|
+
* @param document the document to share.
|
|
205
|
+
* @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:
|
|
206
|
+
* - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted
|
|
207
|
+
* content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
208
|
+
* - shareMessageId: specifies if the id of the message that this document refers to should be shared with the delegate (defaults to
|
|
209
|
+
* {@link ShareMetadataBehaviour.IF_AVAILABLE}).
|
|
210
|
+
* - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.
|
|
211
|
+
* @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if
|
|
212
|
+
* the operation failed.
|
|
213
|
+
*/
|
|
214
|
+
tryShareWithMany(document: models.Document, delegates: {
|
|
215
|
+
[delegateId: string]: {
|
|
216
|
+
requestedPermissions?: RequestedPermissionEnum;
|
|
217
|
+
shareEncryptionKey?: ShareMetadataBehaviour;
|
|
218
|
+
shareMessageId?: ShareMetadataBehaviour;
|
|
219
|
+
};
|
|
220
|
+
}): Promise<ShareResult<models.Document>>;
|
|
183
221
|
getDataOwnersWithAccessTo(entity: models.Document): Promise<{
|
|
184
222
|
permissionsByDataOwnerId: {
|
|
185
|
-
[p: string]:
|
|
223
|
+
[p: string]: AccessLevelEnum;
|
|
186
224
|
};
|
|
187
225
|
hasUnknownAnonymousDataOwners: boolean;
|
|
188
226
|
}>;
|
|
189
227
|
getEncryptionKeysOf(entity: models.Document): Promise<string[]>;
|
|
228
|
+
createDelegationDeAnonymizationMetadata(entity: models.Document, delegates: string[]): Promise<void>;
|
|
190
229
|
}
|