@icure/api 8.0.7 → 8.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (259) hide show
  1. package/icc-api/model/models.d.ts +1 -0
  2. package/icc-api/model/models.js +1 -0
  3. package/icc-api/model/models.js.map +1 -1
  4. package/icc-x-api/crypto/ExchangeDataManager.js +3 -2
  5. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  6. package/icc-x-api/crypto/KeyRecovery.js +5 -4
  7. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  8. package/icc-x-api/crypto/RSA.d.ts +4 -1
  9. package/icc-x-api/crypto/RSA.js +6 -1
  10. package/icc-x-api/crypto/RSA.js.map +1 -1
  11. package/icc-x-api/crypto/SecureDelegationsManager.js +2 -1
  12. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  13. package/icc-x-api/crypto/TransferKeysManager.js +4 -3
  14. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  15. package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -1
  16. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
  17. package/icc-x-api/crypto/utils.d.ts +1 -4
  18. package/icc-x-api/crypto/utils.js +6 -8
  19. package/icc-x-api/crypto/utils.js.map +1 -1
  20. package/icc-x-api/icc-accesslog-x-api.js +16 -14
  21. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  22. package/icc-x-api/icc-calendar-item-x-api.d.ts +2 -2
  23. package/icc-x-api/icc-calendar-item-x-api.js +17 -17
  24. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  25. package/icc-x-api/icc-classification-x-api.js +12 -11
  26. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  27. package/icc-x-api/icc-contact-x-api.d.ts +2 -2
  28. package/icc-x-api/icc-contact-x-api.js +23 -20
  29. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  30. package/icc-x-api/icc-document-x-api.js +17 -16
  31. package/icc-x-api/icc-document-x-api.js.map +1 -1
  32. package/icc-x-api/icc-form-x-api.js +13 -12
  33. package/icc-x-api/icc-form-x-api.js.map +1 -1
  34. package/icc-x-api/icc-helement-x-api.js +18 -16
  35. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  36. package/icc-x-api/icc-invoice-x-api.js +12 -11
  37. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  38. package/icc-x-api/icc-maintenance-task-x-api.js +11 -11
  39. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  40. package/icc-x-api/icc-message-x-api.js +14 -14
  41. package/icc-x-api/icc-message-x-api.js.map +1 -1
  42. package/icc-x-api/icc-patient-x-api.js +28 -27
  43. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  44. package/icc-x-api/icc-receipt-x-api.js +11 -10
  45. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  46. package/icc-x-api/icc-recovery-x-api.js +3 -2
  47. package/icc-x-api/icc-recovery-x-api.js.map +1 -1
  48. package/icc-x-api/icc-time-table-x-api.js +9 -8
  49. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  50. package/icc-x-api/icc-topic-x-api.js +13 -13
  51. package/icc-x-api/icc-topic-x-api.js.map +1 -1
  52. package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +17 -1
  53. package/icc-x-api/utils/EntityWithDelegationTypeName.js +33 -15
  54. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
  55. package/icc-x-api/utils/index.d.ts +1 -0
  56. package/icc-x-api/utils/index.js +1 -0
  57. package/icc-x-api/utils/index.js.map +1 -1
  58. package/package.json +1 -1
  59. package/test/icc-api/api/IccAnonymousAccessApi.d.ts +1 -0
  60. package/test/icc-api/api/IccAnonymousAccessApi.js +58 -0
  61. package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -0
  62. package/test/icc-api/api/IccDocumentApi.d.ts +1 -0
  63. package/test/icc-api/api/IccDocumentApi.js +208 -0
  64. package/test/icc-api/api/IccDocumentApi.js.map +1 -0
  65. package/test/icc-api/api/IccGroupApi.d.ts +1 -0
  66. package/test/icc-api/api/IccGroupApi.js +50 -0
  67. package/test/icc-api/api/IccGroupApi.js.map +1 -0
  68. package/test/icc-api/api/IccRecoveryDataApi.d.ts +1 -0
  69. package/test/icc-api/api/IccRecoveryDataApi.js +95 -0
  70. package/test/icc-api/api/IccRecoveryDataApi.js.map +1 -0
  71. package/test/icc-api/api/IccRoleApi.d.ts +1 -0
  72. package/test/icc-api/api/IccRoleApi.js +34 -0
  73. package/test/icc-api/api/IccRoleApi.js.map +1 -0
  74. package/test/icc-api/api/IccUserApi.d.ts +1 -0
  75. package/test/icc-api/api/IccUserApi.js +96 -0
  76. package/test/icc-api/api/IccUserApi.js.map +1 -0
  77. package/test/icc-api/e2e/IccCalendarItemApi.d.ts +1 -0
  78. package/test/icc-api/e2e/IccCalendarItemApi.js +46 -0
  79. package/test/icc-api/e2e/IccCalendarItemApi.js.map +1 -0
  80. package/test/icc-api/model/modelHelpersTest.d.ts +1 -0
  81. package/test/icc-api/model/modelHelpersTest.js +45 -0
  82. package/test/icc-api/model/modelHelpersTest.js.map +1 -0
  83. package/test/icc-x-api/auth/group-switch-test.d.ts +1 -0
  84. package/test/icc-x-api/auth/group-switch-test.js +81 -0
  85. package/test/icc-x-api/auth/group-switch-test.js.map +1 -0
  86. package/test/icc-x-api/auth/jwt-concurrency-test.d.ts +2 -0
  87. package/test/icc-x-api/auth/jwt-concurrency-test.js +113 -0
  88. package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -0
  89. package/test/icc-x-api/auth/smart-auth-provider-test.d.ts +1 -0
  90. package/test/icc-x-api/auth/smart-auth-provider-test.js +224 -0
  91. package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -0
  92. package/test/icc-x-api/autofix-anonymity-test.d.ts +1 -0
  93. package/test/icc-x-api/autofix-anonymity-test.js +108 -0
  94. package/test/icc-x-api/autofix-anonymity-test.js.map +1 -0
  95. package/test/icc-x-api/confidential-entities-test.d.ts +1 -0
  96. package/test/icc-x-api/confidential-entities-test.js +110 -0
  97. package/test/icc-x-api/confidential-entities-test.js.map +1 -0
  98. package/test/icc-x-api/crud/comprehensive-crud-test.d.ts +1 -0
  99. package/test/icc-x-api/crud/comprehensive-crud-test.js +276 -0
  100. package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -0
  101. package/test/icc-x-api/crud/entities-crud-test-interface.d.ts +16 -0
  102. package/test/icc-x-api/crud/entities-crud-test-interface.js +422 -0
  103. package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -0
  104. package/test/icc-x-api/crypto/anonymous-delegations-test.d.ts +1 -0
  105. package/test/icc-x-api/crypto/anonymous-delegations-test.js +588 -0
  106. package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -0
  107. package/test/icc-x-api/crypto/concurrency.d.ts +1 -0
  108. package/test/icc-x-api/crypto/concurrency.js +35 -0
  109. package/test/icc-x-api/crypto/concurrency.js.map +1 -0
  110. package/test/icc-x-api/crypto/crypto-utils.d.ts +1 -0
  111. package/test/icc-x-api/crypto/crypto-utils.js +80 -0
  112. package/test/icc-x-api/crypto/crypto-utils.js.map +1 -0
  113. package/test/icc-x-api/crypto/cryptoTest.d.ts +2 -0
  114. package/test/icc-x-api/crypto/cryptoTest.js +302 -0
  115. package/test/icc-x-api/crypto/cryptoTest.js.map +1 -0
  116. package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.d.ts +1 -0
  117. package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js +166 -0
  118. package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -0
  119. package/test/icc-x-api/crypto/exchange-data-manager-test.d.ts +1 -0
  120. package/test/icc-x-api/crypto/exchange-data-manager-test.js +690 -0
  121. package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -0
  122. package/test/icc-x-api/crypto/full-crypto-test.d.ts +1 -0
  123. package/test/icc-x-api/crypto/full-crypto-test.js +457 -0
  124. package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -0
  125. package/test/icc-x-api/crypto/secure-delegations-manager-test.d.ts +1 -0
  126. package/test/icc-x-api/crypto/secure-delegations-manager-test.js +266 -0
  127. package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -0
  128. package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.d.ts +1 -0
  129. package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js +393 -0
  130. package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js.map +1 -0
  131. package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.d.ts +1 -0
  132. package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js +213 -0
  133. package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js.map +1 -0
  134. package/test/icc-x-api/crypto/shamir.d.ts +2 -0
  135. package/test/icc-x-api/crypto/shamir.js +166 -0
  136. package/test/icc-x-api/crypto/shamir.js.map +1 -0
  137. package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.d.ts +1 -0
  138. package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js +71 -0
  139. package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js.map +1 -0
  140. package/test/icc-x-api/crypto/signature-keys-manager-test.d.ts +1 -0
  141. package/test/icc-x-api/crypto/signature-keys-manager-test.js +44 -0
  142. package/test/icc-x-api/crypto/signature-keys-manager-test.js.map +1 -0
  143. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.d.ts +1 -0
  144. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +246 -0
  145. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -0
  146. package/test/icc-x-api/entity-with-attachments-api-test.d.ts +1 -0
  147. package/test/icc-x-api/entity-with-attachments-api-test.js +142 -0
  148. package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -0
  149. package/test/icc-x-api/filters/filters.d.ts +1 -0
  150. package/test/icc-x-api/filters/filters.js +49 -0
  151. package/test/icc-x-api/filters/filters.js.map +1 -0
  152. package/test/icc-x-api/icc-accesslog-x-api.d.ts +1 -0
  153. package/test/icc-x-api/icc-accesslog-x-api.js +106 -0
  154. package/test/icc-x-api/icc-accesslog-x-api.js.map +1 -0
  155. package/test/icc-x-api/icc-auth-api.d.ts +1 -0
  156. package/test/icc-x-api/icc-auth-api.js +47 -0
  157. package/test/icc-x-api/icc-auth-api.js.map +1 -0
  158. package/test/icc-x-api/icc-calendar-item-x-api.d.ts +1 -0
  159. package/test/icc-x-api/icc-calendar-item-x-api.js +150 -0
  160. package/test/icc-x-api/icc-calendar-item-x-api.js.map +1 -0
  161. package/test/icc-x-api/icc-contact-x-api.d.ts +1 -0
  162. package/test/icc-x-api/icc-contact-x-api.js +279 -0
  163. package/test/icc-x-api/icc-contact-x-api.js.map +1 -0
  164. package/test/icc-x-api/icc-form-x-api.d.ts +1 -0
  165. package/test/icc-x-api/icc-form-x-api.js +98 -0
  166. package/test/icc-x-api/icc-form-x-api.js.map +1 -0
  167. package/test/icc-x-api/icc-helement-x-api-test.d.ts +1 -0
  168. package/test/icc-x-api/icc-helement-x-api-test.js +153 -0
  169. package/test/icc-x-api/icc-helement-x-api-test.js.map +1 -0
  170. package/test/icc-x-api/icc-invoice-x-api.d.ts +1 -0
  171. package/test/icc-x-api/icc-invoice-x-api.js +99 -0
  172. package/test/icc-x-api/icc-invoice-x-api.js.map +1 -0
  173. package/test/icc-x-api/icc-maintenance-task-x-api-test.d.ts +1 -0
  174. package/test/icc-x-api/icc-maintenance-task-x-api-test.js +221 -0
  175. package/test/icc-x-api/icc-maintenance-task-x-api-test.js.map +1 -0
  176. package/test/icc-x-api/icc-message-x-api.d.ts +1 -0
  177. package/test/icc-x-api/icc-message-x-api.js +328 -0
  178. package/test/icc-x-api/icc-message-x-api.js.map +1 -0
  179. package/test/icc-x-api/icc-patient-x-api-test.d.ts +1 -0
  180. package/test/icc-x-api/icc-patient-x-api-test.js +158 -0
  181. package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -0
  182. package/test/icc-x-api/icc-recovery-x-api.d.ts +1 -0
  183. package/test/icc-x-api/icc-recovery-x-api.js +170 -0
  184. package/test/icc-x-api/icc-recovery-x-api.js.map +1 -0
  185. package/test/icc-x-api/icc-time-table-x-api.d.ts +1 -0
  186. package/test/icc-x-api/icc-time-table-x-api.js +100 -0
  187. package/test/icc-x-api/icc-time-table-x-api.js.map +1 -0
  188. package/test/icc-x-api/icc-topic-x-api.d.ts +1 -0
  189. package/test/icc-x-api/icc-topic-x-api.js +269 -0
  190. package/test/icc-x-api/icc-topic-x-api.js.map +1 -0
  191. package/test/icc-x-api/icc-user-x-api-test.d.ts +1 -0
  192. package/test/icc-x-api/icc-user-x-api-test.js +99 -0
  193. package/test/icc-x-api/icc-user-x-api-test.js.map +1 -0
  194. package/test/icc-x-api/patient-user.d.ts +2 -0
  195. package/test/icc-x-api/patient-user.js +104 -0
  196. package/test/icc-x-api/patient-user.js.map +1 -0
  197. package/test/icc-x-api/storage/storage.d.ts +1 -0
  198. package/test/icc-x-api/storage/storage.js +48 -0
  199. package/test/icc-x-api/storage/storage.js.map +1 -0
  200. package/test/icc-x-api/test-api-no-parent.d.ts +1 -0
  201. package/test/icc-x-api/test-api-no-parent.js +79 -0
  202. package/test/icc-x-api/test-api-no-parent.js.map +1 -0
  203. package/test/icc-x-api/test-legacy-data-support.d.ts +1 -0
  204. package/test/icc-x-api/test-legacy-data-support.js +376 -0
  205. package/test/icc-x-api/test-legacy-data-support.js.map +1 -0
  206. package/test/icc-x-api/utils/graph-test.d.ts +1 -0
  207. package/test/icc-x-api/utils/graph-test.js +54 -0
  208. package/test/icc-x-api/utils/graph-test.js.map +1 -0
  209. package/test/icc-x-api/utils/lru-temporised-async-cache-test.d.ts +1 -0
  210. package/test/icc-x-api/utils/lru-temporised-async-cache-test.js +364 -0
  211. package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -0
  212. package/test/support/CSM-185.d.ts +1 -0
  213. package/test/support/CSM-185.js +124 -0
  214. package/test/support/CSM-185.js.map +1 -0
  215. package/test/support/CSM-243.d.ts +1 -0
  216. package/test/support/CSM-243.js +120 -0
  217. package/test/support/CSM-243.js.map +1 -0
  218. package/test/support/CSM-87.d.ts +0 -0
  219. package/test/support/CSM-87.js +21 -0
  220. package/test/support/CSM-87.js.map +1 -0
  221. package/test/support/CSM-93.d.ts +1 -0
  222. package/test/support/CSM-93.js +112 -0
  223. package/test/support/CSM-93.js.map +1 -0
  224. package/test/utils/FakeDataOwnerApi.d.ts +32 -0
  225. package/test/utils/FakeDataOwnerApi.js +136 -0
  226. package/test/utils/FakeDataOwnerApi.js.map +1 -0
  227. package/test/utils/FakeEncryptionKeysManager.d.ts +35 -0
  228. package/test/utils/FakeEncryptionKeysManager.js +87 -0
  229. package/test/utils/FakeEncryptionKeysManager.js.map +1 -0
  230. package/test/utils/FakeExchangeDataApi.d.ts +30 -0
  231. package/test/utils/FakeExchangeDataApi.js +74 -0
  232. package/test/utils/FakeExchangeDataApi.js.map +1 -0
  233. package/test/utils/FakeExchangeDataManager.d.ts +40 -0
  234. package/test/utils/FakeExchangeDataManager.js +89 -0
  235. package/test/utils/FakeExchangeDataManager.js.map +1 -0
  236. package/test/utils/FakeExchangeDataMapManager.d.ts +12 -0
  237. package/test/utils/FakeExchangeDataMapManager.js +38 -0
  238. package/test/utils/FakeExchangeDataMapManager.js.map +1 -0
  239. package/test/utils/FakeGenericApi.d.ts +16 -0
  240. package/test/utils/FakeGenericApi.js +65 -0
  241. package/test/utils/FakeGenericApi.js.map +1 -0
  242. package/test/utils/FakeSignatureKeysManager.d.ts +16 -0
  243. package/test/utils/FakeSignatureKeysManager.js +54 -0
  244. package/test/utils/FakeSignatureKeysManager.js.map +1 -0
  245. package/test/utils/TestApi.d.ts +3 -0
  246. package/test/utils/TestApi.js +30 -0
  247. package/test/utils/TestApi.js.map +1 -0
  248. package/test/utils/TestCollectionUtils.d.ts +1 -0
  249. package/test/utils/TestCollectionUtils.js +109 -0
  250. package/test/utils/TestCollectionUtils.js.map +1 -0
  251. package/test/utils/TestCryptoStrategies.d.ts +42 -0
  252. package/test/utils/TestCryptoStrategies.js +80 -0
  253. package/test/utils/TestCryptoStrategies.js.map +1 -0
  254. package/test/utils/TestStorage.d.ts +23 -0
  255. package/test/utils/TestStorage.js +61 -0
  256. package/test/utils/TestStorage.js.map +1 -0
  257. package/test/utils/test_utils.d.ts +76 -0
  258. package/test/utils/test_utils.js +419 -0
  259. package/test/utils/test_utils.js.map +1 -0
@@ -0,0 +1,266 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ const mocha_1 = require("mocha");
13
+ const CryptoPrimitives_1 = require("../../../icc-x-api/crypto/CryptoPrimitives");
14
+ const crypto_1 = require("crypto");
15
+ const FakeEncryptionKeysManager_1 = require("../../utils/FakeEncryptionKeysManager");
16
+ const SecureDelegationsSecurityMetadataDecryptor_1 = require("../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor");
17
+ const SecureDelegationsEncryption_1 = require("../../../icc-x-api/crypto/SecureDelegationsEncryption");
18
+ const icc_x_api_1 = require("../../../icc-x-api");
19
+ const SecureDelegationsManager_1 = require("../../../icc-x-api/crypto/SecureDelegationsManager");
20
+ const AccessControlSecretUtils_1 = require("../../../icc-x-api/crypto/AccessControlSecretUtils");
21
+ const ExchangeDataManager_1 = require("../../../icc-x-api/crypto/ExchangeDataManager");
22
+ const BaseExchangeDataManager_1 = require("../../../icc-x-api/crypto/BaseExchangeDataManager");
23
+ const FakeExchangeDataApi_1 = require("../../utils/FakeExchangeDataApi");
24
+ const FakeDataOwnerApi_1 = require("../../utils/FakeDataOwnerApi");
25
+ const TestCryptoStrategies_1 = require("../../utils/TestCryptoStrategies");
26
+ const FakeSignatureKeysManager_1 = require("../../utils/FakeSignatureKeysManager");
27
+ const EntityShareRequest_1 = require("../../../icc-api/model/requests/EntityShareRequest");
28
+ const chai_1 = require("chai");
29
+ const SecurityMetadata_1 = require("../../../icc-api/model/SecurityMetadata");
30
+ const SecureDelegation_1 = require("../../../icc-api/model/SecureDelegation");
31
+ const collection_utils_1 = require("../../../icc-x-api/utils/collection-utils");
32
+ const EntitySharedMetadataUpdateRequest_1 = require("../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest");
33
+ const utils_1 = require("../../../icc-x-api/crypto/utils");
34
+ const DataOwnerTypeEnum_1 = require("../../../icc-api/model/DataOwnerTypeEnum");
35
+ const FakeExchangeDataMapManager_1 = require("../../utils/FakeExchangeDataMapManager");
36
+ var RequestedPermissionEnum = EntityShareRequest_1.EntityShareRequest.RequestedPermissionInternal;
37
+ var EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest_1.EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum;
38
+ (0, mocha_1.describe)('Secure delegations manager', function () {
39
+ return __awaiter(this, void 0, void 0, function* () {
40
+ const primitives = new CryptoPrimitives_1.CryptoPrimitives(crypto_1.webcrypto);
41
+ let selfId;
42
+ let selfKeyFp;
43
+ let selfKeypair;
44
+ let delegateId;
45
+ let delegateKeyFp;
46
+ let delegateKeypair;
47
+ let dataOwnerApi;
48
+ let exchangeDataMapManager;
49
+ let secureDelegationsEncryption;
50
+ let decryptor;
51
+ let manager;
52
+ let exchangeData;
53
+ let accessControlSecretUtils;
54
+ function initialiseComponents(explicitSelf, explicitDelegate) {
55
+ return __awaiter(this, void 0, void 0, function* () {
56
+ selfId = primitives.randomUuid();
57
+ selfKeypair = yield primitives.RSA.generateKeyPair(icc_x_api_1.ShaVersion.Sha256);
58
+ selfKeyFp = (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')).slice(-32);
59
+ delegateId = primitives.randomUuid();
60
+ delegateKeypair = yield primitives.RSA.generateKeyPair(icc_x_api_1.ShaVersion.Sha256);
61
+ delegateKeyFp = (0, utils_1.fingerprintV2)((0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')));
62
+ dataOwnerApi = new FakeDataOwnerApi_1.FakeDataOwnerApi({
63
+ id: selfId,
64
+ type: explicitSelf ? DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient,
65
+ publicKey: (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')),
66
+ }, [
67
+ {
68
+ id: delegateId,
69
+ type: explicitDelegate ? DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient,
70
+ publicKey: (0, icc_x_api_1.ua2hex)(yield primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')),
71
+ },
72
+ ]);
73
+ const cryptoStrategies = new TestCryptoStrategies_1.TestCryptoStrategies();
74
+ const exchangeDataApi = new FakeExchangeDataApi_1.FakeExchangeDataApi();
75
+ accessControlSecretUtils = new AccessControlSecretUtils_1.AccessControlSecretUtils(primitives);
76
+ const encryptionKeysManager = yield FakeEncryptionKeysManager_1.FakeEncryptionKeysManager.create(primitives, [selfKeypair]);
77
+ const signatureKeysManager = new FakeSignatureKeysManager_1.FakeSignatureKeysManager(primitives);
78
+ const baseExchangeData = new BaseExchangeDataManager_1.BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, primitives, !explicitSelf);
79
+ exchangeData = yield (0, ExchangeDataManager_1.initialiseExchangeDataManagerForCurrentDataOwner)(baseExchangeData, encryptionKeysManager, signatureKeysManager, accessControlSecretUtils, cryptoStrategies, dataOwnerApi, primitives, true);
80
+ exchangeDataMapManager = new FakeExchangeDataMapManager_1.FakeExchangeDataMapManager();
81
+ secureDelegationsEncryption = new SecureDelegationsEncryption_1.SecureDelegationsEncryption(encryptionKeysManager, primitives);
82
+ decryptor = new SecureDelegationsSecurityMetadataDecryptor_1.SecureDelegationsSecurityMetadataDecryptor(exchangeData, exchangeDataMapManager, secureDelegationsEncryption, dataOwnerApi);
83
+ manager = new SecureDelegationsManager_1.SecureDelegationsManager(exchangeData, exchangeDataMapManager, secureDelegationsEncryption, accessControlSecretUtils, encryptionKeysManager, primitives, dataOwnerApi, cryptoStrategies, !explicitSelf);
84
+ });
85
+ }
86
+ it('should make a share request which will create a decryptable secure delegation.', function () {
87
+ return __awaiter(this, void 0, void 0, function* () {
88
+ function doTest(explicitSelf, explicitDelegate) {
89
+ var _a, _b, _c, _d;
90
+ return __awaiter(this, void 0, void 0, function* () {
91
+ yield initialiseComponents(explicitSelf, explicitDelegate);
92
+ const secretIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16)), (0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
93
+ const encryptionKeys = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
94
+ const owningEntityIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16)), (0, icc_x_api_1.ua2hex)(primitives.randomBytes(16)), (0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
95
+ const entityType = icc_x_api_1.EntityWithDelegationTypeName.Patient;
96
+ const shareOrUpdateParams = yield manager.makeShareOrUpdateRequestParams({ entity: { secretForeignKeys: [] }, type: entityType }, delegateId, secretIds, encryptionKeys, owningEntityIds, EntityShareRequest_1.EntityShareRequest.RequestedPermissionEnum.MAX_WRITE);
97
+ (0, chai_1.expect)(shareOrUpdateParams).to.not.be.undefined;
98
+ (0, chai_1.expect)(shareOrUpdateParams.update).to.be.undefined;
99
+ (0, chai_1.expect)(shareOrUpdateParams.share).to.not.be.undefined;
100
+ const shareParams = shareOrUpdateParams.share;
101
+ (0, chai_1.expect)(shareParams.accessControlKeys).to.have.length(1);
102
+ if (explicitSelf && explicitDelegate) {
103
+ (0, chai_1.expect)(shareParams.exchangeDataId).to.not.be.undefined;
104
+ (0, chai_1.expect)(Object.entries((_a = shareParams.encryptedExchangeDataId) !== null && _a !== void 0 ? _a : {})).to.have.length(0);
105
+ }
106
+ else if (explicitSelf && !explicitDelegate) {
107
+ (0, chai_1.expect)(shareParams.exchangeDataId).to.be.undefined;
108
+ (0, chai_1.expect)(Object.entries((_b = shareParams.encryptedExchangeDataId) !== null && _b !== void 0 ? _b : {})).to.have.length(1);
109
+ (0, chai_1.expect)(shareParams.encryptedExchangeDataId[selfKeyFp]).to.not.be.undefined;
110
+ }
111
+ else if (!explicitSelf && explicitDelegate) {
112
+ (0, chai_1.expect)(shareParams.exchangeDataId).to.be.undefined;
113
+ (0, chai_1.expect)(Object.entries((_c = shareParams.encryptedExchangeDataId) !== null && _c !== void 0 ? _c : {})).to.have.length(1);
114
+ (0, chai_1.expect)(shareParams.encryptedExchangeDataId[delegateKeyFp]).to.not.be.undefined;
115
+ }
116
+ else {
117
+ (0, chai_1.expect)(shareParams.exchangeDataId).to.be.undefined;
118
+ (0, chai_1.expect)(Object.entries((_d = shareParams.encryptedExchangeDataId) !== null && _d !== void 0 ? _d : {})).to.have.length(0);
119
+ }
120
+ const secDelKey = (0, icc_x_api_1.ua2hex)(yield primitives.sha256((0, icc_x_api_1.hex2ua)(shareParams.accessControlKeys[0])));
121
+ const fakeEntity = {
122
+ entity: {
123
+ secretForeignKeys: [],
124
+ securityMetadata: new SecurityMetadata_1.SecurityMetadata({
125
+ secureDelegations: {
126
+ [secDelKey]: new SecureDelegation_1.SecureDelegation({
127
+ delegator: shareParams.explicitDelegator,
128
+ delegate: shareParams.explicitDelegate,
129
+ secretIds: shareParams.secretIds,
130
+ encryptionKeys: shareParams.encryptionKeys,
131
+ owningEntityIds: shareParams.owningEntityIds,
132
+ exchangeDataId: shareParams.exchangeDataId,
133
+ encryptedExchangeDataId: shareParams.encryptedExchangeDataId,
134
+ permissions: SecureDelegation_1.SecureDelegation.AccessLevelEnum.WRITE,
135
+ }),
136
+ },
137
+ }),
138
+ },
139
+ type: icc_x_api_1.EntityWithDelegationTypeName.Patient,
140
+ };
141
+ yield exchangeDataMapManager.createExchangeDataMaps({ [secDelKey]: shareParams.encryptedExchangeDataId });
142
+ yield exchangeData.clearOrRepopulateCache();
143
+ const decryptedSecretIds = (yield (0, collection_utils_1.asyncGeneratorToArray)(decryptor.decryptSecretIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted);
144
+ const decryptedEncryptionKeys = (yield (0, collection_utils_1.asyncGeneratorToArray)(decryptor.decryptEncryptionKeysOf(fakeEntity, [selfId]))).map((x) => x.decrypted);
145
+ const decryptedOwningEntityIds = (yield (0, collection_utils_1.asyncGeneratorToArray)(decryptor.decryptOwningEntityIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted);
146
+ (0, chai_1.expect)(decryptedSecretIds).to.have.length(secretIds.length);
147
+ for (const secretId of secretIds) {
148
+ (0, chai_1.expect)(decryptedSecretIds).to.include(secretId);
149
+ }
150
+ (0, chai_1.expect)(decryptedEncryptionKeys).to.have.length(encryptionKeys.length);
151
+ for (const encryptionKey of encryptionKeys) {
152
+ (0, chai_1.expect)(decryptedEncryptionKeys).to.include(encryptionKey);
153
+ }
154
+ (0, chai_1.expect)(decryptedOwningEntityIds).to.have.length(owningEntityIds.length);
155
+ for (const owningEntityId of owningEntityIds) {
156
+ (0, chai_1.expect)(decryptedOwningEntityIds).to.include(owningEntityId);
157
+ }
158
+ });
159
+ }
160
+ console.log('Patient->Patient');
161
+ yield doTest(false, false);
162
+ console.log('Hcp->Patient');
163
+ yield doTest(true, false);
164
+ console.log('Patient->Hcp');
165
+ yield doTest(false, true);
166
+ console.log('Hcp->Hcp');
167
+ yield doTest(true, true);
168
+ });
169
+ });
170
+ it('should make an update request which the missing entries for existing secure delegations.', function () {
171
+ return __awaiter(this, void 0, void 0, function* () {
172
+ function doTest(makeAccessibleFromAlias) {
173
+ var _a, _b, _c, _d, _e, _f;
174
+ return __awaiter(this, void 0, void 0, function* () {
175
+ yield initialiseComponents(false, false);
176
+ const canonicalSfk = primitives.randomUuid();
177
+ const aliasSfk = primitives.randomUuid();
178
+ const exchangeDataInfo = yield exchangeData.getOrCreateEncryptionDataTo(delegateId, icc_x_api_1.EntityWithDelegationTypeName.Patient, [], false);
179
+ const canonicalKey = yield accessControlSecretUtils.secureDelegationKeyFor(exchangeDataInfo.accessControlSecret, icc_x_api_1.EntityWithDelegationTypeName.Patient, canonicalSfk);
180
+ const aliasKey = yield accessControlSecretUtils.secureDelegationKeyFor(exchangeDataInfo.accessControlSecret, icc_x_api_1.EntityWithDelegationTypeName.Patient, aliasSfk);
181
+ const existingSecretIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
182
+ const newSecretIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
183
+ const existingEncryptionKeys = [];
184
+ const newEncryptionKeys = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
185
+ const existingOwningEntityIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
186
+ const newOwningEntityIds = [];
187
+ const fakeEntity = {
188
+ entity: {
189
+ secretForeignKeys: makeAccessibleFromAlias ? [aliasSfk] : [canonicalSfk],
190
+ securityMetadata: new SecurityMetadata_1.SecurityMetadata({
191
+ secureDelegations: {
192
+ [canonicalKey]: new SecureDelegation_1.SecureDelegation({
193
+ delegator: selfId,
194
+ delegate: selfId,
195
+ secretIds: yield secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),
196
+ encryptionKeys: yield secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),
197
+ owningEntityIds: yield secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),
198
+ permissions: SecureDelegation_1.SecureDelegation.AccessLevelEnum.WRITE,
199
+ }),
200
+ },
201
+ keysEquivalences: { [aliasKey]: canonicalKey },
202
+ }),
203
+ },
204
+ type: icc_x_api_1.EntityWithDelegationTypeName.Patient,
205
+ };
206
+ const shareOrUpdateParams = yield manager.makeShareOrUpdateRequestParams(fakeEntity, delegateId, [...existingSecretIds, ...newSecretIds], [...existingEncryptionKeys, ...newEncryptionKeys], [...existingOwningEntityIds, ...newOwningEntityIds], RequestedPermissionEnum.MAX_WRITE);
207
+ (0, chai_1.expect)(shareOrUpdateParams).to.not.be.undefined;
208
+ (0, chai_1.expect)(shareOrUpdateParams.share).to.be.undefined;
209
+ (0, chai_1.expect)(shareOrUpdateParams.update).to.not.be.undefined;
210
+ const updateParams = shareOrUpdateParams.update;
211
+ (0, chai_1.expect)(updateParams.metadataAccessControlHash).to.equal(canonicalKey);
212
+ (0, chai_1.expect)(Object.keys((_a = updateParams.secretIds) !== null && _a !== void 0 ? _a : {})).to.have.length(newSecretIds.length);
213
+ for (const [secretId, updateType] of Object.entries((_b = updateParams.secretIds) !== null && _b !== void 0 ? _b : {})) {
214
+ (0, chai_1.expect)(updateType).to.equal(EntryUpdateTypeEnum.CREATE);
215
+ (0, chai_1.expect)(newSecretIds).to.contain(yield secureDelegationsEncryption.decryptSecretId(secretId, exchangeDataInfo.exchangeKey));
216
+ }
217
+ (0, chai_1.expect)(Object.keys((_c = updateParams.encryptionKeys) !== null && _c !== void 0 ? _c : {})).to.have.length(newEncryptionKeys.length);
218
+ for (const [encryptionKey, updateType] of Object.entries((_d = updateParams.encryptionKeys) !== null && _d !== void 0 ? _d : {})) {
219
+ (0, chai_1.expect)(updateType).to.equal(EntryUpdateTypeEnum.CREATE);
220
+ (0, chai_1.expect)(newEncryptionKeys).to.contain(yield secureDelegationsEncryption.decryptEncryptionKey(encryptionKey, exchangeDataInfo.exchangeKey));
221
+ }
222
+ (0, chai_1.expect)(Object.keys((_e = updateParams.owningEntityIds) !== null && _e !== void 0 ? _e : {})).to.have.length(newOwningEntityIds.length);
223
+ for (const [owningEntityId, updateType] of Object.entries((_f = updateParams.owningEntityIds) !== null && _f !== void 0 ? _f : {})) {
224
+ (0, chai_1.expect)(updateType).to.equal(EntryUpdateTypeEnum.CREATE);
225
+ (0, chai_1.expect)(newOwningEntityIds).to.contain(yield secureDelegationsEncryption.decryptOwningEntityId(owningEntityId, exchangeDataInfo.exchangeKey));
226
+ }
227
+ });
228
+ }
229
+ yield doTest(true);
230
+ yield doTest(false);
231
+ });
232
+ });
233
+ it('should return undefined for existing secure delegations if it contains all entries.', function () {
234
+ return __awaiter(this, void 0, void 0, function* () {
235
+ yield initialiseComponents(false, false);
236
+ const canonicalSfk = primitives.randomUuid();
237
+ const exchangeDataInfo = yield exchangeData.getOrCreateEncryptionDataTo(delegateId, icc_x_api_1.EntityWithDelegationTypeName.Patient, [], false);
238
+ const canonicalKey = yield accessControlSecretUtils.secureDelegationKeyFor(exchangeDataInfo.accessControlSecret, icc_x_api_1.EntityWithDelegationTypeName.Patient, canonicalSfk);
239
+ const existingSecretIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
240
+ const existingEncryptionKeys = [];
241
+ const existingOwningEntityIds = [(0, icc_x_api_1.ua2hex)(primitives.randomBytes(16))];
242
+ const fakeEntity = {
243
+ entity: {
244
+ secretForeignKeys: [canonicalSfk],
245
+ securityMetadata: new SecurityMetadata_1.SecurityMetadata({
246
+ secureDelegations: {
247
+ [canonicalKey]: new SecureDelegation_1.SecureDelegation({
248
+ delegator: selfId,
249
+ delegate: selfId,
250
+ secretIds: yield secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),
251
+ encryptionKeys: yield secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),
252
+ owningEntityIds: yield secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),
253
+ permissions: SecureDelegation_1.SecureDelegation.AccessLevelEnum.WRITE,
254
+ }),
255
+ },
256
+ }),
257
+ },
258
+ type: icc_x_api_1.EntityWithDelegationTypeName.Patient,
259
+ };
260
+ const shareOrUpdateParams = yield manager.makeShareOrUpdateRequestParams(fakeEntity, delegateId, [...existingSecretIds], [...existingEncryptionKeys], [...existingOwningEntityIds], RequestedPermissionEnum.MAX_WRITE);
261
+ (0, chai_1.expect)(shareOrUpdateParams).to.be.undefined;
262
+ });
263
+ });
264
+ });
265
+ });
266
+ //# sourceMappingURL=secure-delegations-manager-test.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secure-delegations-manager-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/crypto/secure-delegations-manager-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iCAAgC;AAChC,iFAA6E;AAC7E,mCAAkC;AAClC,qFAAiF;AACjF,qIAAiI;AACjI,uGAAmG;AACnG,kDAA6F;AAC7F,iGAA6F;AAC7F,iGAA6F;AAC7F,uFAAqI;AACrI,+FAA2F;AAC3F,yEAAqE;AACrE,mEAA+D;AAC/D,2EAAuE;AACvE,mFAA+E;AAE/E,2FAAuF;AACvF,+BAA6B;AAE7B,8EAA0E;AAC1E,8EAA0E;AAC1E,gFAAiF;AACjF,yHAAqH;AACrH,2DAA+D;AAC/D,gFAA4E;AAC5E,uFAAmF;AACnF,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,2BAA2B,CAAA;AAC/E,IAAO,mBAAmB,GAAG,qEAAiC,CAAC,mBAAmB,CAAA;AAElF,IAAA,gBAAQ,EAAC,4BAA4B,EAAE;;QACrC,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC,kBAAgB,CAAC,CAAA;QACzD,IAAI,MAAc,CAAA;QAClB,IAAI,SAAiB,CAAA;QACrB,IAAI,WAA+B,CAAA;QACnC,IAAI,UAAkB,CAAA;QACtB,IAAI,aAAqB,CAAA;QACzB,IAAI,eAAmC,CAAA;QACvC,IAAI,YAA8B,CAAA;QAClC,IAAI,sBAAkD,CAAA;QACtD,IAAI,2BAAwD,CAAA;QAC5D,IAAI,SAAqD,CAAA;QACzD,IAAI,OAAiC,CAAA;QACrC,IAAI,YAAiC,CAAA;QACrC,IAAI,wBAAkD,CAAA;QAEtD,SAAe,oBAAoB,CAAC,YAAqB,EAAE,gBAAyB;;gBAClF,MAAM,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAChC,WAAW,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACrE,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC5F,UAAU,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBACpC,eAAe,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,sBAAU,CAAC,MAAM,CAAC,CAAA;gBACzE,aAAa,GAAG,IAAA,qBAAa,EAAC,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;gBACxG,YAAY,GAAG,IAAI,mCAAgB,CACjC;oBACE,EAAE,EAAE,MAAM;oBACV,IAAI,EAAE,YAAY,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;oBACtE,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;iBACjF,EACD;oBACE;wBACE,EAAE,EAAE,UAAU;wBACd,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO;wBAC1E,SAAS,EAAE,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;qBACrF;iBACF,CACF,CAAA;gBACD,MAAM,gBAAgB,GAAG,IAAI,2CAAoB,EAAE,CAAA;gBACnD,MAAM,eAAe,GAAG,IAAI,yCAAmB,EAAE,CAAA;gBACjD,wBAAwB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACnE,MAAM,qBAAqB,GAAG,MAAM,qDAAyB,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,WAAW,CAAC,CAAC,CAAA;gBAC/F,MAAM,oBAAoB,GAAG,IAAI,mDAAwB,CAAC,UAAU,CAAC,CAAA;gBACrE,MAAM,gBAAgB,GAAG,IAAI,iDAAuB,CAAC,eAAe,EAAE,YAAY,EAAE,UAAU,EAAE,CAAC,YAAY,CAAC,CAAA;gBAC9G,YAAY,GAAG,MAAM,IAAA,sEAAgD,EACnE,gBAAgB,EAChB,qBAAqB,EACrB,oBAAoB,EACpB,wBAAwB,EACxB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,IAAI,CACL,CAAA;gBACD,sBAAsB,GAAG,IAAI,uDAA0B,EAAE,CAAA;gBACzD,2BAA2B,GAAG,IAAI,yDAA2B,CAAC,qBAAqB,EAAE,UAAU,CAAC,CAAA;gBAChG,SAAS,GAAG,IAAI,uFAA0C,CAAC,YAAY,EAAE,sBAAsB,EAAE,2BAA2B,EAAE,YAAY,CAAC,CAAA;gBAC3I,OAAO,GAAG,IAAI,mDAAwB,CACpC,YAAY,EACZ,sBAAsB,EACtB,2BAA2B,EAC3B,wBAAwB,EACxB,qBAAqB,EACrB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,CAAC,YAAY,CACd,CAAA;YACH,CAAC;SAAA;QAED,EAAE,CAAC,gFAAgF,EAAE;;gBACnF,SAAe,MAAM,CAAC,YAAqB,EAAE,gBAAyB;;;wBACpE,MAAM,oBAAoB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;wBAC1D,MAAM,SAAS,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC1F,MAAM,cAAc,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC3D,MAAM,eAAe,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,EAAE,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpI,MAAM,UAAU,GAAG,wCAA4B,CAAC,OAAO,CAAA;wBACvD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,EAAE,MAAM,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,EACvD,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,uCAAkB,CAAC,uBAAuB,CAAC,SAAS,CACrD,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBACnD,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACtD,MAAM,WAAW,GAAG,mBAAoB,CAAC,KAAM,CAAA;wBAC/C,IAAA,aAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;wBACvD,IAAI,YAAY,IAAI,gBAAgB,EAAE;4BACpC,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;4BACtD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;6BAAM,IAAI,YAAY,IAAI,CAAC,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAC5E;6BAAM,IAAI,CAAC,YAAY,IAAI,gBAAgB,EAAE;4BAC5C,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;4BACnF,IAAA,aAAM,EAAC,WAAW,CAAC,uBAAwB,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;yBAChF;6BAAM;4BACL,IAAA,aAAM,EAAC,WAAW,CAAC,cAAc,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;4BAClD,IAAA,aAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAA,WAAW,CAAC,uBAAuB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;yBACpF;wBACD,MAAM,SAAS,GAAG,IAAA,kBAAM,EAAC,MAAM,UAAU,CAAC,MAAM,CAAC,IAAA,kBAAM,EAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC3F,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,EAAE;gCACrB,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,SAAS,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CAChC,SAAS,EAAE,WAAW,CAAC,iBAAiB;4CACxC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;4CACtC,SAAS,EAAE,WAAW,CAAC,SAAS;4CAChC,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,eAAe,EAAE,WAAW,CAAC,eAAe;4CAC5C,cAAc,EAAE,WAAW,CAAC,cAAc;4CAC1C,uBAAuB,EAAE,WAAW,CAAC,uBAAuB;4CAC5D,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;iCACF,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,sBAAsB,CAAC,sBAAsB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,WAAW,CAAC,uBAAwB,EAAE,CAAC,CAAA;wBAC1G,MAAM,YAAY,CAAC,sBAAsB,EAAE,CAAA;wBAC3C,MAAM,kBAAkB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,kBAAkB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBACpI,MAAM,uBAAuB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,uBAAuB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAC9I,MAAM,wBAAwB,GAAG,CAAC,MAAM,IAAA,wCAAqB,EAAC,SAAS,CAAC,wBAAwB,CAAC,UAAU,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;wBAChJ,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBAC3D,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;4BAChC,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;yBAChD;wBACD,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;wBACrE,KAAK,MAAM,aAAa,IAAI,cAAc,EAAE;4BAC1C,IAAA,aAAM,EAAC,uBAAuB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;yBAC1D;wBACD,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;wBACvE,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;4BAC5C,IAAA,aAAM,EAAC,wBAAwB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;yBAC5D;;iBACF;gBACD,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;gBAC/B,MAAM,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBAC1B,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBAC3B,MAAM,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;gBACzB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACvB,MAAM,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC1B,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,0FAA0F,EAAE;;gBAC7F,SAAe,MAAM,CAAC,uBAAgC;;;wBACpD,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;wBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBAC5C,MAAM,QAAQ,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;wBACxC,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;wBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;wBACD,MAAM,QAAQ,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACpE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,QAAQ,CACT,CAAA;wBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,YAAY,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACzD,MAAM,sBAAsB,GAAa,EAAE,CAAA;wBAC3C,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC9D,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACpE,MAAM,kBAAkB,GAAa,EAAE,CAAA;wBACvC,MAAM,UAAU,GAAwE;4BACtF,MAAM,EAAE;gCACN,iBAAiB,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;gCACxE,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;oCACrC,iBAAiB,EAAE;wCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;4CACnC,SAAS,EAAE,MAAM;4CACjB,QAAQ,EAAE,MAAM;4CAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;4CAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;yCACpD,CAAC;qCACH;oCACD,gBAAgB,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,YAAY,EAAE;iCAC/C,CAAC;6BACH;4BACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;yBAC3C,CAAA;wBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,EAAE,GAAG,YAAY,CAAC,EACvC,CAAC,GAAG,sBAAsB,EAAE,GAAG,iBAAiB,CAAC,EACjD,CAAC,GAAG,uBAAuB,EAAE,GAAG,kBAAkB,CAAC,EACnD,uBAAuB,CAAC,SAAS,CAClC,CAAA;wBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBAC/C,IAAA,aAAM,EAAC,mBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;wBAClD,IAAA,aAAM,EAAC,mBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAA;wBACvD,MAAM,YAAY,GAAG,mBAAoB,CAAC,MAAO,CAAA;wBACjD,IAAA,aAAM,EAAC,YAAY,CAAC,yBAAyB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;wBACrE,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;wBACrF,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,SAAS,mCAAI,EAAE,CAAC,EAAE;4BACjF,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,YAAY,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,eAAe,CAAC,QAAQ,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC3H;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAA;wBAC/F,KAAK,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,cAAc,mCAAI,EAAE,CAAC,EAAE;4BAC3F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,oBAAoB,CAAC,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC1I;wBACD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAA;wBACjG,KAAK,MAAM,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAA,YAAY,CAAC,eAAe,mCAAI,EAAE,CAAC,EAAE;4BAC7F,IAAA,aAAM,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAA;4BACvD,IAAA,aAAM,EAAC,kBAAkB,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,cAAc,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;yBAC7I;;iBACF;gBACD,MAAM,MAAM,CAAC,IAAI,CAAC,CAAA;gBAClB,MAAM,MAAM,CAAC,KAAK,CAAC,CAAA;YACrB,CAAC;SAAA,CAAC,CAAA;QAEF,EAAE,CAAC,qFAAqF,EAAE;;gBACxF,MAAM,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;gBACxC,MAAM,YAAY,GAAG,UAAU,CAAC,UAAU,EAAE,CAAA;gBAC5C,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,2BAA2B,CAAC,UAAU,EAAE,wCAA4B,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,CAAC,CAAA;gBACpI,MAAM,YAAY,GAAG,MAAM,wBAAwB,CAAC,sBAAsB,CACxE,gBAAgB,CAAC,mBAAmB,EACpC,wCAA4B,CAAC,OAAO,EACpC,YAAY,CACb,CAAA;gBACD,MAAM,iBAAiB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBAC9D,MAAM,sBAAsB,GAAa,EAAE,CAAA;gBAC3C,MAAM,uBAAuB,GAAG,CAAC,IAAA,kBAAM,EAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACpE,MAAM,UAAU,GAAwE;oBACtF,MAAM,EAAE;wBACN,iBAAiB,EAAE,CAAC,YAAY,CAAC;wBACjC,gBAAgB,EAAE,IAAI,mCAAgB,CAAC;4BACrC,iBAAiB,EAAE;gCACjB,CAAC,YAAY,CAAC,EAAE,IAAI,mCAAgB,CAAC;oCACnC,SAAS,EAAE,MAAM;oCACjB,QAAQ,EAAE,MAAM;oCAChB,SAAS,EAAE,MAAM,2BAA2B,CAAC,gBAAgB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC9G,cAAc,EAAE,MAAM,2BAA2B,CAAC,qBAAqB,CAAC,sBAAsB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAC7H,eAAe,EAAE,MAAM,2BAA2B,CAAC,sBAAsB,CAAC,uBAAuB,EAAE,gBAAgB,CAAC,WAAW,CAAC;oCAChI,WAAW,EAAE,mCAAgB,CAAC,eAAe,CAAC,KAAK;iCACpD,CAAC;6BACH;yBACF,CAAC;qBACH;oBACD,IAAI,EAAE,wCAA4B,CAAC,OAAO;iBAC3C,CAAA;gBACD,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,8BAA8B,CACtE,UAAU,EACV,UAAU,EACV,CAAC,GAAG,iBAAiB,CAAC,EACtB,CAAC,GAAG,sBAAsB,CAAC,EAC3B,CAAC,GAAG,uBAAuB,CAAC,EAC5B,uBAAuB,CAAC,SAAS,CAClC,CAAA;gBACD,IAAA,aAAM,EAAC,mBAAmB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAA;YAC7C,CAAC;SAAA,CAAC,CAAA;IACJ,CAAC;CAAA,CAAC,CAAA","sourcesContent":["import { describe } from 'mocha'\nimport { CryptoPrimitives } from '../../../icc-x-api/crypto/CryptoPrimitives'\nimport { webcrypto } from 'crypto'\nimport { FakeEncryptionKeysManager } from '../../utils/FakeEncryptionKeysManager'\nimport { SecureDelegationsSecurityMetadataDecryptor } from '../../../icc-x-api/crypto/SecureDelegationsSecurityMetadataDecryptor'\nimport { SecureDelegationsEncryption } from '../../../icc-x-api/crypto/SecureDelegationsEncryption'\nimport { EntityWithDelegationTypeName, hex2ua, ShaVersion, ua2hex } from '../../../icc-x-api'\nimport { SecureDelegationsManager } from '../../../icc-x-api/crypto/SecureDelegationsManager'\nimport { AccessControlSecretUtils } from '../../../icc-x-api/crypto/AccessControlSecretUtils'\nimport { ExchangeDataManager, initialiseExchangeDataManagerForCurrentDataOwner } from '../../../icc-x-api/crypto/ExchangeDataManager'\nimport { BaseExchangeDataManager } from '../../../icc-x-api/crypto/BaseExchangeDataManager'\nimport { FakeExchangeDataApi } from '../../utils/FakeExchangeDataApi'\nimport { FakeDataOwnerApi } from '../../utils/FakeDataOwnerApi'\nimport { TestCryptoStrategies } from '../../utils/TestCryptoStrategies'\nimport { FakeSignatureKeysManager } from '../../utils/FakeSignatureKeysManager'\nimport { KeyPair } from '../../../icc-x-api/crypto/RSA'\nimport { EntityShareRequest } from '../../../icc-api/model/requests/EntityShareRequest'\nimport { expect } from 'chai'\nimport { EncryptedEntityStub } from '../../../icc-api/model/models'\nimport { SecurityMetadata } from '../../../icc-api/model/SecurityMetadata'\nimport { SecureDelegation } from '../../../icc-api/model/SecureDelegation'\nimport { asyncGeneratorToArray } from '../../../icc-x-api/utils/collection-utils'\nimport { EntitySharedMetadataUpdateRequest } from '../../../icc-api/model/requests/EntitySharedMetadataUpdateRequest'\nimport { fingerprintV2 } from '../../../icc-x-api/crypto/utils'\nimport { DataOwnerTypeEnum } from '../../../icc-api/model/DataOwnerTypeEnum'\nimport { FakeExchangeDataMapManager } from '../../utils/FakeExchangeDataMapManager'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionInternal\nimport EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum\n\ndescribe('Secure delegations manager', async function () {\n const primitives = new CryptoPrimitives(webcrypto as any)\n let selfId: string\n let selfKeyFp: string\n let selfKeypair: KeyPair<CryptoKey>\n let delegateId: string\n let delegateKeyFp: string\n let delegateKeypair: KeyPair<CryptoKey>\n let dataOwnerApi: FakeDataOwnerApi\n let exchangeDataMapManager: FakeExchangeDataMapManager\n let secureDelegationsEncryption: SecureDelegationsEncryption\n let decryptor: SecureDelegationsSecurityMetadataDecryptor\n let manager: SecureDelegationsManager\n let exchangeData: ExchangeDataManager\n let accessControlSecretUtils: AccessControlSecretUtils\n\n async function initialiseComponents(explicitSelf: boolean, explicitDelegate: boolean) {\n selfId = primitives.randomUuid()\n selfKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n selfKeyFp = ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')).slice(-32)\n delegateId = primitives.randomUuid()\n delegateKeypair = await primitives.RSA.generateKeyPair(ShaVersion.Sha256)\n delegateKeyFp = fingerprintV2(ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')))\n dataOwnerApi = new FakeDataOwnerApi(\n {\n id: selfId,\n type: explicitSelf ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(selfKeypair.publicKey, 'spki')),\n },\n [\n {\n id: delegateId,\n type: explicitDelegate ? DataOwnerTypeEnum.Hcp : DataOwnerTypeEnum.Patient,\n publicKey: ua2hex(await primitives.RSA.exportKey(delegateKeypair.publicKey, 'spki')),\n },\n ]\n )\n const cryptoStrategies = new TestCryptoStrategies()\n const exchangeDataApi = new FakeExchangeDataApi()\n accessControlSecretUtils = new AccessControlSecretUtils(primitives)\n const encryptionKeysManager = await FakeEncryptionKeysManager.create(primitives, [selfKeypair])\n const signatureKeysManager = new FakeSignatureKeysManager(primitives)\n const baseExchangeData = new BaseExchangeDataManager(exchangeDataApi, dataOwnerApi, primitives, !explicitSelf)\n exchangeData = await initialiseExchangeDataManagerForCurrentDataOwner(\n baseExchangeData,\n encryptionKeysManager,\n signatureKeysManager,\n accessControlSecretUtils,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n true\n )\n exchangeDataMapManager = new FakeExchangeDataMapManager()\n secureDelegationsEncryption = new SecureDelegationsEncryption(encryptionKeysManager, primitives)\n decryptor = new SecureDelegationsSecurityMetadataDecryptor(exchangeData, exchangeDataMapManager, secureDelegationsEncryption, dataOwnerApi)\n manager = new SecureDelegationsManager(\n exchangeData,\n exchangeDataMapManager,\n secureDelegationsEncryption,\n accessControlSecretUtils,\n encryptionKeysManager,\n primitives,\n dataOwnerApi,\n cryptoStrategies,\n !explicitSelf\n )\n }\n\n it('should make a share request which will create a decryptable secure delegation.', async function () {\n async function doTest(explicitSelf: boolean, explicitDelegate: boolean) {\n await initialiseComponents(explicitSelf, explicitDelegate)\n const secretIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const encryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const owningEntityIds = [ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16)), ua2hex(primitives.randomBytes(16))]\n const entityType = EntityWithDelegationTypeName.Patient\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n { entity: { secretForeignKeys: [] }, type: entityType },\n delegateId,\n secretIds,\n encryptionKeys,\n owningEntityIds,\n EntityShareRequest.RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.update).to.be.undefined\n expect(shareOrUpdateParams!.share).to.not.be.undefined\n const shareParams = shareOrUpdateParams!.share!\n expect(shareParams.accessControlKeys).to.have.length(1)\n if (explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.not.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n } else if (explicitSelf && !explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![selfKeyFp]).to.not.be.undefined\n } else if (!explicitSelf && explicitDelegate) {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(1)\n expect(shareParams.encryptedExchangeDataId![delegateKeyFp]).to.not.be.undefined\n } else {\n expect(shareParams.exchangeDataId).to.be.undefined\n expect(Object.entries(shareParams.encryptedExchangeDataId ?? {})).to.have.length(0)\n }\n const secDelKey = ua2hex(await primitives.sha256(hex2ua(shareParams.accessControlKeys[0])))\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [secDelKey]: new SecureDelegation({\n delegator: shareParams.explicitDelegator,\n delegate: shareParams.explicitDelegate,\n secretIds: shareParams.secretIds,\n encryptionKeys: shareParams.encryptionKeys,\n owningEntityIds: shareParams.owningEntityIds,\n exchangeDataId: shareParams.exchangeDataId,\n encryptedExchangeDataId: shareParams.encryptedExchangeDataId,\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n await exchangeDataMapManager.createExchangeDataMaps({ [secDelKey]: shareParams.encryptedExchangeDataId! })\n await exchangeData.clearOrRepopulateCache()\n const decryptedSecretIds = (await asyncGeneratorToArray(decryptor.decryptSecretIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedEncryptionKeys = (await asyncGeneratorToArray(decryptor.decryptEncryptionKeysOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n const decryptedOwningEntityIds = (await asyncGeneratorToArray(decryptor.decryptOwningEntityIdsOf(fakeEntity, [selfId]))).map((x) => x.decrypted)\n expect(decryptedSecretIds).to.have.length(secretIds.length)\n for (const secretId of secretIds) {\n expect(decryptedSecretIds).to.include(secretId)\n }\n expect(decryptedEncryptionKeys).to.have.length(encryptionKeys.length)\n for (const encryptionKey of encryptionKeys) {\n expect(decryptedEncryptionKeys).to.include(encryptionKey)\n }\n expect(decryptedOwningEntityIds).to.have.length(owningEntityIds.length)\n for (const owningEntityId of owningEntityIds) {\n expect(decryptedOwningEntityIds).to.include(owningEntityId)\n }\n }\n console.log('Patient->Patient')\n await doTest(false, false)\n console.log('Hcp->Patient')\n await doTest(true, false)\n console.log('Patient->Hcp')\n await doTest(false, true)\n console.log('Hcp->Hcp')\n await doTest(true, true)\n })\n\n it('should make an update request which the missing entries for existing secure delegations.', async function () {\n async function doTest(makeAccessibleFromAlias: boolean) {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const aliasSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const aliasKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n aliasSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const newSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const newEncryptionKeys = [ua2hex(primitives.randomBytes(16))]\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const newOwningEntityIds: string[] = []\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: makeAccessibleFromAlias ? [aliasSfk] : [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n keysEquivalences: { [aliasKey]: canonicalKey },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds, ...newSecretIds],\n [...existingEncryptionKeys, ...newEncryptionKeys],\n [...existingOwningEntityIds, ...newOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.not.be.undefined\n expect(shareOrUpdateParams!.share).to.be.undefined\n expect(shareOrUpdateParams!.update).to.not.be.undefined\n const updateParams = shareOrUpdateParams!.update!\n expect(updateParams.metadataAccessControlHash).to.equal(canonicalKey)\n expect(Object.keys(updateParams.secretIds ?? {})).to.have.length(newSecretIds.length)\n for (const [secretId, updateType] of Object.entries(updateParams.secretIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newSecretIds).to.contain(await secureDelegationsEncryption.decryptSecretId(secretId, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.encryptionKeys ?? {})).to.have.length(newEncryptionKeys.length)\n for (const [encryptionKey, updateType] of Object.entries(updateParams.encryptionKeys ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newEncryptionKeys).to.contain(await secureDelegationsEncryption.decryptEncryptionKey(encryptionKey, exchangeDataInfo.exchangeKey))\n }\n expect(Object.keys(updateParams.owningEntityIds ?? {})).to.have.length(newOwningEntityIds.length)\n for (const [owningEntityId, updateType] of Object.entries(updateParams.owningEntityIds ?? {})) {\n expect(updateType).to.equal(EntryUpdateTypeEnum.CREATE)\n expect(newOwningEntityIds).to.contain(await secureDelegationsEncryption.decryptOwningEntityId(owningEntityId, exchangeDataInfo.exchangeKey))\n }\n }\n await doTest(true)\n await doTest(false)\n })\n\n it('should return undefined for existing secure delegations if it contains all entries.', async function () {\n await initialiseComponents(false, false)\n const canonicalSfk = primitives.randomUuid()\n const exchangeDataInfo = await exchangeData.getOrCreateEncryptionDataTo(delegateId, EntityWithDelegationTypeName.Patient, [], false)\n const canonicalKey = await accessControlSecretUtils.secureDelegationKeyFor(\n exchangeDataInfo.accessControlSecret,\n EntityWithDelegationTypeName.Patient,\n canonicalSfk\n )\n const existingSecretIds = [ua2hex(primitives.randomBytes(16))]\n const existingEncryptionKeys: string[] = []\n const existingOwningEntityIds = [ua2hex(primitives.randomBytes(16))]\n const fakeEntity: { entity: EncryptedEntityStub; type: EntityWithDelegationTypeName } = {\n entity: {\n secretForeignKeys: [canonicalSfk],\n securityMetadata: new SecurityMetadata({\n secureDelegations: {\n [canonicalKey]: new SecureDelegation({\n delegator: selfId,\n delegate: selfId,\n secretIds: await secureDelegationsEncryption.encryptSecretIds(existingSecretIds, exchangeDataInfo.exchangeKey),\n encryptionKeys: await secureDelegationsEncryption.encryptEncryptionKeys(existingEncryptionKeys, exchangeDataInfo.exchangeKey),\n owningEntityIds: await secureDelegationsEncryption.encryptOwningEntityIds(existingOwningEntityIds, exchangeDataInfo.exchangeKey),\n permissions: SecureDelegation.AccessLevelEnum.WRITE,\n }),\n },\n }),\n },\n type: EntityWithDelegationTypeName.Patient,\n }\n const shareOrUpdateParams = await manager.makeShareOrUpdateRequestParams(\n fakeEntity,\n delegateId,\n [...existingSecretIds],\n [...existingEncryptionKeys],\n [...existingOwningEntityIds],\n RequestedPermissionEnum.MAX_WRITE\n )\n expect(shareOrUpdateParams).to.be.undefined\n })\n})\n"]}