@icure/api 8.2.2 → 8.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccAuthApi.js +1 -1
- package/icc-api/api/IccAuthApi.js.map +1 -1
- package/icc-api/api/IccDocumentApi.js.map +1 -1
- package/icc-api/api/IccFormApi.js.map +1 -1
- package/icc-api/api/IccReceiptApi.js.map +1 -1
- package/icc-api/api/IccRestApiPath.js +1 -2
- package/icc-api/api/IccRestApiPath.js.map +1 -1
- package/icc-api/api/XHR.js +17 -8
- package/icc-api/api/XHR.js.map +1 -1
- package/icc-api/model/Address.js +1 -1
- package/icc-api/model/Address.js.map +1 -1
- package/icc-api/model/Amp.js +1 -1
- package/icc-api/model/Amp.js.map +1 -1
- package/icc-api/model/AmpComponent.js +1 -1
- package/icc-api/model/AmpComponent.js.map +1 -1
- package/icc-api/model/Ampp.js +1 -1
- package/icc-api/model/Ampp.js.map +1 -1
- package/icc-api/model/AmppComponent.js +1 -1
- package/icc-api/model/AmppComponent.js.map +1 -1
- package/icc-api/model/CareTeamMember.js +1 -1
- package/icc-api/model/CareTeamMember.js.map +1 -1
- package/icc-api/model/CareTeamMembership.js +1 -1
- package/icc-api/model/CareTeamMembership.js.map +1 -1
- package/icc-api/model/Code.js +1 -1
- package/icc-api/model/Code.js.map +1 -1
- package/icc-api/model/Contact.js.map +1 -1
- package/icc-api/model/Content.js.map +1 -1
- package/icc-api/model/DataOwnerTypeEnum.js +1 -1
- package/icc-api/model/DataOwnerTypeEnum.js.map +1 -1
- package/icc-api/model/DataOwnerWithType.js +1 -1
- package/icc-api/model/DataOwnerWithType.js.map +1 -1
- package/icc-api/model/DatabaseSynchronization.js +1 -1
- package/icc-api/model/DatabaseSynchronization.js.map +1 -1
- package/icc-api/model/Dmpp.js +1 -1
- package/icc-api/model/Dmpp.js.map +1 -1
- package/icc-api/model/Document.js +1 -1
- package/icc-api/model/Document.js.map +1 -1
- package/icc-api/model/DocumentTemplate.d.ts +1 -1
- package/icc-api/model/DocumentTemplate.js +1 -1
- package/icc-api/model/DocumentTemplate.js.map +1 -1
- package/icc-api/model/Editor.js +1 -1
- package/icc-api/model/Editor.js.map +1 -1
- package/icc-api/model/EfactInvoice.js +1 -1
- package/icc-api/model/EfactInvoice.js.map +1 -1
- package/icc-api/model/EmailOrSmsMessage.js +1 -1
- package/icc-api/model/EmailOrSmsMessage.js.map +1 -1
- package/icc-api/model/FlatRateTarification.js +1 -1
- package/icc-api/model/FlatRateTarification.js.map +1 -1
- package/icc-api/model/Formula.js +1 -1
- package/icc-api/model/Formula.js.map +1 -1
- package/icc-api/model/FrontEndMigration.js +1 -1
- package/icc-api/model/FrontEndMigration.js.map +1 -1
- package/icc-api/model/HealthElement.js +1 -1
- package/icc-api/model/HealthElement.js.map +1 -1
- package/icc-api/model/HealthcareParty.js +1 -1
- package/icc-api/model/HealthcareParty.js.map +1 -1
- package/icc-api/model/HealthcarePartyHistoryStatus.js +1 -1
- package/icc-api/model/HealthcarePartyHistoryStatus.js.map +1 -1
- package/icc-api/model/Ingredient.js +1 -1
- package/icc-api/model/Ingredient.js.map +1 -1
- package/icc-api/model/Invoice.js +1 -1
- package/icc-api/model/Invoice.js.map +1 -1
- package/icc-api/model/InvoiceItem.js +1 -1
- package/icc-api/model/InvoiceItem.js.map +1 -1
- package/icc-api/model/InvoicingCode.js +1 -1
- package/icc-api/model/InvoicingCode.js.map +1 -1
- package/icc-api/model/MaintenanceTask.js +1 -1
- package/icc-api/model/MaintenanceTask.js.map +1 -1
- package/icc-api/model/Measure.js.map +1 -1
- package/icc-api/model/MedicalHouseContract.js +1 -1
- package/icc-api/model/MedicalHouseContract.js.map +1 -1
- package/icc-api/model/ModelHelper.js +9 -10
- package/icc-api/model/ModelHelper.js.map +1 -1
- package/icc-api/model/Partnership.js +1 -1
- package/icc-api/model/Partnership.js.map +1 -1
- package/icc-api/model/Patient.js +1 -1
- package/icc-api/model/Patient.js.map +1 -1
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +1 -1
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -1
- package/icc-api/model/PatientHealthCareParty.js +1 -1
- package/icc-api/model/PatientHealthCareParty.js.map +1 -1
- package/icc-api/model/Payment.js +1 -1
- package/icc-api/model/Payment.js.map +1 -1
- package/icc-api/model/PermissionCriterion.js +1 -1
- package/icc-api/model/PermissionCriterion.js.map +1 -1
- package/icc-api/model/PermissionItem.js +1 -1
- package/icc-api/model/PermissionItem.js.map +1 -1
- package/icc-api/model/PersonName.js +1 -1
- package/icc-api/model/PersonName.js.map +1 -1
- package/icc-api/model/PropertyTypeStub.js +1 -1
- package/icc-api/model/PropertyTypeStub.js.map +1 -1
- package/icc-api/model/Reimbursement.js +1 -1
- package/icc-api/model/Reimbursement.js.map +1 -1
- package/icc-api/model/RoleSourceEnum.js +1 -1
- package/icc-api/model/RoleSourceEnum.js.map +1 -1
- package/icc-api/model/SecureDelegation.js +1 -1
- package/icc-api/model/SecureDelegation.js.map +1 -1
- package/icc-api/model/Service.js.map +1 -1
- package/icc-api/model/StandardSubstance.js +1 -1
- package/icc-api/model/StandardSubstance.js.map +1 -1
- package/icc-api/model/SumehrValidity.js +1 -1
- package/icc-api/model/SumehrValidity.js.map +1 -1
- package/icc-api/model/Tarification.js +1 -1
- package/icc-api/model/Tarification.js.map +1 -1
- package/icc-api/model/Telecom.js +1 -1
- package/icc-api/model/Telecom.js.map +1 -1
- package/icc-api/model/Topic.js +1 -1
- package/icc-api/model/Topic.js.map +1 -1
- package/icc-api/model/TypedValueObject.js +1 -1
- package/icc-api/model/TypedValueObject.js.map +1 -1
- package/icc-api/model/User.js +1 -1
- package/icc-api/model/User.js.map +1 -1
- package/icc-api/model/UserTypeEnum.js +1 -1
- package/icc-api/model/UserTypeEnum.js.map +1 -1
- package/icc-api/model/VirtualIngredient.js +1 -1
- package/icc-api/model/VirtualIngredient.js.map +1 -1
- package/icc-api/model/internal/RecoveryData.js +1 -1
- package/icc-api/model/internal/RecoveryData.js.map +1 -1
- package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -1
- package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -1
- package/icc-api/model/requests/EntityShareRequest.js +1 -1
- package/icc-api/model/requests/EntityShareRequest.js.map +1 -1
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +1 -1
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -1
- package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
- package/icc-x-api/auth/BasicAuthService.js.map +1 -1
- package/icc-x-api/auth/EnsembleAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtUtils.js +3 -4
- package/icc-x-api/auth/JwtUtils.js.map +1 -1
- package/icc-x-api/auth/NoAuthService.js.map +1 -1
- package/icc-x-api/auth/SmartAuthProvider.d.ts +1 -1
- package/icc-x-api/auth/SmartAuthProvider.js +1 -1
- package/icc-x-api/auth/SmartAuthProvider.js.map +1 -1
- package/icc-x-api/crypto/AES.js.map +1 -1
- package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -1
- package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js +10 -10
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +4 -4
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/CryptoStrategies.d.ts +5 -7
- package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +7 -9
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeKeysManager.js +1 -1
- package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +11 -10
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
- package/icc-x-api/crypto/HMACUtils.js.map +1 -1
- package/icc-x-api/crypto/KeyRecovery.js +5 -5
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js +3 -3
- package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js.map +1 -1
- package/icc-x-api/crypto/RSA.js +4 -4
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/RecoveryDataEncryption.js +1 -1
- package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
- package/icc-x-api/crypto/SecretIdUseOption.js +1 -1
- package/icc-x-api/crypto/SecretIdUseOption.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsEncryption.js +4 -4
- package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +1 -1
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js +9 -9
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -1
- package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ShareMetadataBehaviour.js +1 -1
- package/icc-x-api/crypto/ShareMetadataBehaviour.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -2
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
- package/icc-x-api/crypto/shamir.d.ts +2 -2
- package/icc-x-api/crypto/shamir.js +4 -4
- package/icc-x-api/crypto/shamir.js.map +1 -1
- package/icc-x-api/crypto/utils.js +14 -15
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +10 -10
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-bekmehr-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.js +7 -7
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +5 -5
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-code-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.js +12 -12
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
- package/icc-x-api/icc-device-x-api.js +2 -2
- package/icc-x-api/icc-device-x-api.js.map +1 -1
- package/icc-x-api/icc-doctemplate-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.js +15 -15
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +7 -7
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-hcparty-x-api.js +4 -4
- package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +10 -10
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +7 -7
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +7 -7
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.js +8 -8
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +11 -11
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.js +10 -10
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.js +4 -4
- package/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.js +5 -5
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js +9 -9
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/icc-user-x-api.js +4 -4
- package/icc-x-api/icc-user-x-api.js.map +1 -1
- package/icc-x-api/index.js +22 -22
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/maintenance/KeyPairUpdateRequest.js +2 -2
- package/icc-x-api/maintenance/KeyPairUpdateRequest.js.map +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
- package/icc-x-api/storage/LocalStorageImpl.js +1 -1
- package/icc-x-api/storage/LocalStorageImpl.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +4 -4
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
- package/icc-x-api/utils/asn1-packer.js +2 -3
- package/icc-x-api/utils/asn1-packer.js.map +1 -1
- package/icc-x-api/utils/asn1-parser.js +1 -2
- package/icc-x-api/utils/asn1-parser.js.map +1 -1
- package/icc-x-api/utils/binary-utils.js +11 -11
- package/icc-x-api/utils/binary-utils.js.map +1 -1
- package/icc-x-api/utils/code-util.js +1 -2
- package/icc-x-api/utils/code-util.js.map +1 -1
- package/icc-x-api/utils/collection-utils.js +5 -6
- package/icc-x-api/utils/collection-utils.js.map +1 -1
- package/icc-x-api/utils/crypto-utils.d.ts +1 -1
- package/icc-x-api/utils/crypto-utils.js +17 -18
- package/icc-x-api/utils/crypto-utils.js.map +1 -1
- package/icc-x-api/utils/formatting-util.js +21 -21
- package/icc-x-api/utils/formatting-util.js.map +1 -1
- package/icc-x-api/utils/functional-util.js +3 -4
- package/icc-x-api/utils/functional-util.js.map +1 -1
- package/icc-x-api/utils/graph-utils.js +3 -4
- package/icc-x-api/utils/graph-utils.js.map +1 -1
- package/icc-x-api/utils/hcp-util.js +4 -4
- package/icc-x-api/utils/hcp-util.js.map +1 -1
- package/icc-x-api/utils/insurability-util.js +6 -7
- package/icc-x-api/utils/insurability-util.js.map +1 -1
- package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
- package/icc-x-api/utils/net-utils.js +3 -4
- package/icc-x-api/utils/net-utils.js.map +1 -1
- package/icc-x-api/utils/person-util.js +3 -4
- package/icc-x-api/utils/person-util.js.map +1 -1
- package/icc-x-api/utils/proxy-utils.js.map +1 -1
- package/icc-x-api/utils/simple-lru-cache.js.map +1 -1
- package/icc-x-api/utils/uuid-encoder.js +2 -2
- package/icc-x-api/utils/uuid-encoder.js.map +1 -1
- package/icc-x-api/utils/websocket.d.ts +0 -1
- package/icc-x-api/utils/websocket.js +3 -3
- package/icc-x-api/utils/websocket.js.map +1 -1
- package/package.json +3 -3
- package/test/icc-api/api/IccAgendaApi.js.map +1 -1
- package/test/icc-api/api/IccCalendarItemApi.js.map +1 -1
- package/test/icc-api/api/IccCalendarItemTypeApi.js +2 -2
- package/test/icc-api/api/IccCalendarItemTypeApi.js.map +1 -1
- package/test/icc-api/api/IccDocumentApi.js.map +1 -1
- package/test/icc-api/api/IccKeywordApi.js.map +1 -1
- package/test/icc-api/api/IccMedicalLocationApi.js.map +1 -1
- package/test/icc-api/api/IccPlaceApi.js.map +1 -1
- package/test/icc-api/api/IccUserApi.js +6 -6
- package/test/icc-x-api/auth/group-switch-test.js.map +1 -1
- package/test/icc-x-api/auth/jwt-concurrency-test.js +1 -2
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -1
- package/test/icc-x-api/auth/jwt-provider-test.js.map +1 -1
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -1
- package/test/icc-x-api/autofix-anonymity-test.js.map +1 -1
- package/test/icc-x-api/confidential-entities-test.js +1 -1
- package/test/icc-x-api/confidential-entities-test.js.map +1 -1
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -1
- package/test/icc-x-api/crud/entities-crud-test-interface.js +24 -24
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -1
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +2 -2
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -1
- package/test/icc-x-api/crypto/cryptoTest.js.map +1 -1
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -1
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +4 -4
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -1
- package/test/icc-x-api/crypto/full-crypto-test.js +5 -5
- package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -1
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js +7 -7
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js.map +1 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +2 -2
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -1
- package/test/icc-x-api/crypto/shamir.js.map +1 -1
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js +3 -3
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +1 -1
- package/test/icc-x-api/entity-with-attachments-api-test.js +2 -2
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -1
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +4 -4
- package/test/icc-x-api/icc-message-x-api.js +1 -1
- package/test/icc-x-api/icc-message-x-api.js.map +1 -1
- package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -1
- package/test/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/test/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/test/icc-x-api/icc-user-x-api-test.js.map +1 -1
- package/test/icc-x-api/patient-user.js.map +1 -1
- package/test/icc-x-api/test-legacy-data-support.js.map +1 -1
- package/test/icc-x-api/utils/graph-test.js.map +1 -1
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -1
- package/test/support/CSM-243.js +2 -2
- package/test/support/CSM-243.js.map +1 -1
- package/test/support/CSM-93.js +1 -1
- package/test/support/CSM-93.js.map +1 -1
- package/test/utils/FakeDataOwnerApi.js.map +1 -1
- package/test/utils/FakeEncryptionKeysManager.js +2 -2
- package/test/utils/FakeEncryptionKeysManager.js.map +1 -1
- package/test/utils/FakeExchangeDataApi.js.map +1 -1
- package/test/utils/FakeExchangeDataManager.js.map +1 -1
- package/test/utils/FakeGenericApi.js.map +1 -1
- package/test/utils/TestApi.js +2 -2
- package/test/utils/TestApi.js.map +1 -1
- package/test/utils/TestCryptoStrategies.js.map +1 -1
- package/test/utils/TestStorage.js +2 -2
- package/test/utils/TestStorage.js.map +1 -1
- package/test/utils/test_utils.js +22 -22
- package/test/utils/test_utils.js.map +1 -1
|
@@ -9,20 +9,19 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.initialiseExchangeDataManagerForCurrentDataOwner =
|
|
12
|
+
exports.initialiseExchangeDataManagerForCurrentDataOwner = initialiseExchangeDataManagerForCurrentDataOwner;
|
|
13
13
|
const utils_1 = require("./utils");
|
|
14
14
|
const utils_2 = require("../utils");
|
|
15
15
|
const CryptoActorStub_1 = require("../../icc-api/model/CryptoActorStub");
|
|
16
16
|
const RSA_1 = require("./RSA");
|
|
17
17
|
const async_mutex_1 = require("async-mutex");
|
|
18
18
|
const simple_lru_cache_1 = require("../utils/simple-lru-cache");
|
|
19
|
-
const console = require("node:console");
|
|
20
19
|
/**
|
|
21
20
|
* @internal this function is for internal use only and may be changed without notice.
|
|
22
21
|
* Initialises and returns the exchange data manager which is most appropriate for the current data owner.
|
|
23
22
|
*/
|
|
24
|
-
function initialiseExchangeDataManagerForCurrentDataOwner(
|
|
25
|
-
return __awaiter(this,
|
|
23
|
+
function initialiseExchangeDataManagerForCurrentDataOwner(base_1, encryptionKeys_1, accessControlSecret_1, cryptoStrategies_1, dataOwnerApi_1, primitives_1, useParentKeys_1) {
|
|
24
|
+
return __awaiter(this, arguments, void 0, function* (base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys, optionalParameters = {}) {
|
|
26
25
|
const currentOwner = CryptoActorStub_1.CryptoActorStubWithType.fromDataOwner(yield dataOwnerApi.getCurrentDataOwner());
|
|
27
26
|
if (cryptoStrategies.dataOwnerRequiresAnonymousDelegation(currentOwner)) {
|
|
28
27
|
const res = new FullyCachedExchangeDataManager(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys);
|
|
@@ -34,7 +33,6 @@ function initialiseExchangeDataManagerForCurrentDataOwner(base, encryptionKeys,
|
|
|
34
33
|
}
|
|
35
34
|
});
|
|
36
35
|
}
|
|
37
|
-
exports.initialiseExchangeDataManagerForCurrentDataOwner = initialiseExchangeDataManagerForCurrentDataOwner;
|
|
38
36
|
class AbstractExchangeDataManager {
|
|
39
37
|
constructor(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys) {
|
|
40
38
|
this.base = base;
|
|
@@ -262,8 +260,8 @@ class FullyCachedExchangeDataManager extends AbstractExchangeDataManager {
|
|
|
262
260
|
});
|
|
263
261
|
}
|
|
264
262
|
getOrCreateEncryptionDataTo(delegateId, options) {
|
|
265
|
-
var _a, _b;
|
|
266
263
|
return __awaiter(this, void 0, void 0, function* () {
|
|
264
|
+
var _a, _b;
|
|
267
265
|
const initialCached = yield this.getCachedEncryptionDataTo(delegateId);
|
|
268
266
|
if (initialCached)
|
|
269
267
|
return initialCached;
|
|
@@ -290,8 +288,8 @@ class FullyCachedExchangeDataManager extends AbstractExchangeDataManager {
|
|
|
290
288
|
});
|
|
291
289
|
}
|
|
292
290
|
getDecryptionDataKeyByIds(ids, retrieveIfNotCached) {
|
|
293
|
-
var _a, _b;
|
|
294
291
|
return __awaiter(this, void 0, void 0, function* () {
|
|
292
|
+
var _a, _b;
|
|
295
293
|
const caches = yield this.caches;
|
|
296
294
|
const res = {};
|
|
297
295
|
for (const id of ids) {
|
|
@@ -430,8 +428,8 @@ class LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {
|
|
|
430
428
|
});
|
|
431
429
|
}
|
|
432
430
|
getDecryptionDataKeyByIds(ids, retrieveIfNotCached) {
|
|
433
|
-
var _a, _b;
|
|
434
431
|
return __awaiter(this, void 0, void 0, function* () {
|
|
432
|
+
var _a, _b;
|
|
435
433
|
const release = yield this.cacheMutex.acquire();
|
|
436
434
|
try {
|
|
437
435
|
const res = {};
|
|
@@ -475,8 +473,8 @@ class LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {
|
|
|
475
473
|
});
|
|
476
474
|
}
|
|
477
475
|
getOrCreateEncryptionDataTo(delegateId, options) {
|
|
478
|
-
var _a, _b;
|
|
479
476
|
return __awaiter(this, void 0, void 0, function* () {
|
|
477
|
+
var _a, _b;
|
|
480
478
|
const release = yield this.cacheMutex.acquire();
|
|
481
479
|
try {
|
|
482
480
|
let existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ExchangeDataManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAMA,mCAAgH;AAEhH,oCAA+D;AAC/D,yEAA6E;AAC7E,+BAAkC;AAClC,6CAAmC;AACnC,gEAA0D;AAC1D,wCAAuC;AAOvC;;;GAGG;AACH,SAAsB,gDAAgD,CACpE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,qBAA4D,EAAE;;QAE9D,MAAM,YAAY,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;QACpG,IAAI,gBAAgB,CAAC,oCAAoC,CAAC,YAAY,CAAC,EAAE;YACvE,MAAM,GAAG,GAAG,IAAI,8BAA8B,CAC5C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,CACd,CAAA;YACD,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YAClC,OAAO,GAAG,CAAA;SACX;aAAM;YACL,OAAO,IAAI,kCAAkC,CAC3C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,EACb,kBAAkB,CACnB,CAAA;SACF;IACH,CAAC;CAAA;AAnCD,4GAmCC;AA+GD,MAAe,2BAA2B;IACxC,YACW,IAA6B,EACnB,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC9B,aAAsB;QAN9B,SAAI,GAAJ,IAAI,CAAyB;QACnB,mBAAc,GAAd,cAAc,CAA2B;QACzC,wBAAmB,GAAnB,mBAAmB,CAA0B;QAC7C,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC9B,kBAAa,GAAb,aAAa,CAAS;IACtC,CAAC;IAEY,WAAW,CAAC,IAAkB;;YAS5C,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CACvC,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9G,CAAA;YACD,MAAM,oBAAoB,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACtH,IAAI,CAAC,oBAAoB;gBAAE,OAAO,SAAS,CAAA;YAC3C,MAAM,4BAA4B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACrI,IAAI,CAAC,4BAA4B;gBAC/B,MAAM,IAAI,KAAK,CAAC,kFAAkF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC3H,MAAM,2BAA2B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACpI,IAAI,CAAC,2BAA2B;gBAC9B,MAAM,IAAI,KAAK,CAAC,iFAAiF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC1H,OAAO;gBACL,mBAAmB,EAAE,4BAA4B;gBACjD,WAAW,EAAE,oBAAoB;gBACjC,kBAAkB,EAAE,2BAA2B;gBAC/C,QAAQ,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAC1C;oBACE,YAAY,EAAE,IAAI;oBAClB,4BAA4B;oBAC5B,oBAAoB;oBACpB,2BAA2B;iBAC5B,EACD,cAAc,EACd,IAAI,CACL;aACF,CAAA;QACH,CAAC;KAAA;IAEe,qBAAqB,CACnC,UAAkB,EAClB,OAIC;;YAED,IAAI,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,oBAAoB;gBAC7D,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAA;YACzG,MAAM,cAAc,GAAgC,EAAE,CAAA;YACtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;YAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBAC/D,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAA;YACvG,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;gBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;YAC9C,CAAC,CAAC,CAAA;YACF,IAAI,UAAU,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE;gBACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,MAAM,oBAAoB,GAAG,IAAA,iCAAyB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACrE,MAAM,kBAAkB,GAAG,IAAA,+BAAuB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACjE,IAAI,uBAAiC,CAAA;gBACrC,IAAI,CAAC,oBAAoB,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE;oBAC1D,IAAI,CAAC,OAAO,CAAC,mBAAmB;wBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,+CAA+C,CAAC,CAAA;oBACjH,uBAAuB,GAAG,EAAE,CAAA;iBAC7B;qBAAM,IAAI,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;oBACjH,uBAAuB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;iBAC5F;qBAAM;oBACL,uBAAuB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAC5E,QAAQ,EACR,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,EACxE,IAAI,CAAC,UAAU,CAChB,CAAA;iBACF;gBACD,IAAI,CAAC,uBAAuB,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB;oBACjE,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,uDAAuD,CAAC,CAAA;gBACzH,KAAK,MAAM,WAAW,IAAI,uBAAuB,EAAE;oBACjD,IAAI,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;wBACvC,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,gBAAU,CAAC,IAAI,CAAC,CAAA;qBAC5I;yBAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;wBAChD,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAC9E,MAAM,EACN,IAAA,cAAM,EAAC,WAAW,CAAC,EACnB,CAAC,SAAS,CAAC,EACX,gBAAU,CAAC,MAAM,CAClB,CAAA;qBACF;;wBAAM,MAAM,IAAI,KAAK,CAAC,qFAAqF,CAAC,CAAA;iBAC9G;aACF;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAChD,UAAU,EACV,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EACxG,cAAc,EACd,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CACnD,CAAA;YACD,OAAO;gBACL,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;gBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;aAC/C,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,cAAsB,EAAE,qBAA6B;;YAC1E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,qBAAqB,CAAC,CAAA;YACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;YACxE,MAAM,iBAAiB,GAAG,IAAA,2BAAmB,EAAC,KAAK,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAA;YAChF,IAAI,CAAC,iBAAiB;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;YAChG,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,qBAAqB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,iBAAiB,CAAC,CAAA;YACjI,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,uBAAuB,GAC3B,IAAI,IAAI,cAAc;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,IAAI,CAAC;gBACpE,CAAC,CAAC;oBACE,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBACjF,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;iBAClF,CAAA;YACP,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE;gBAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE;oBACvE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,EAAE,CAAC,CAAA;oBACnH,IAAI,CAAC,OAAO,EAAE;wBACZ,OAAO,CAAC,IAAI,CAAC,gDAAgD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;qBAC7F;iBACF;aACF;QACH,CAAC;KAAA;IAED,sBAAsB;QACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,2BAA2B,CACzB,UAAkB,EAClB,OAGC;QAED,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,6CAA6C,CAC3C,MAAgB;QAEhB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CACvB,GAAa,EACb,mBAA4B;QAQ5B,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CAAC,UAAwC;QAChE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,oBAAoB,CAAC,UAAwC;QAC3D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAEK,2BAA2B,CAC/B,mBAMG,EACH,oBAA6B;;YAE7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;YACpH,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;gBAC9E,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAA;YAC9E,MAAM,gBAAgB,GAAmC,EAAE,CAAA;YAC3D,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACnE,IAAI,oBAAoB,EAAE;gBACxB,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;gBAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7H,MAAM,cAAc,GAAgC,EAAE,CAAA;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;oBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;gBAC9C,CAAC,CAAC,CAAA;gBACF,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC9H,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE;oBACzC,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;oBAC7D,IAAI,YAAY,IAAI,IAAI;wBACtB,MAAM,IAAI,CAAC,IAAI,CAAC,yCAAyC,CAAC;4BACxD,YAAY;4BACZ,iBAAiB,EAAE,cAAc;4BACjC,yBAAyB,EAAE,YAAY,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;4BAClG,cAAc,EAAE,OAAO,CAAC,WAAW;4BACnC,sBAAsB,EAAE,OAAO,CAAC,mBAAmB;4BACnD,qBAAqB,EAAE,OAAO,CAAC,kBAAkB;yBAClD,CAAC,CAAA;iBACL;aACF;YACD,MAAM,eAAe,GAMf,EAAE,CAAA;YACR,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE;gBACzC,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;gBAC7D,IAAI,YAAY,IAAI,SAAS;oBAC3B,eAAe,CAAC,IAAI,CAAC;wBACnB,YAAY,EAAE,YAAY;wBAC1B,mBAAmB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,mBAAmB,CAAC;wBAC3F,WAAW,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC;wBACnE,kBAAkB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,kBAAkB,CAAC;wBACxF,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAA;aACL;YACD,MAAM,IAAI,CAAC,yBAAyB,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;KAAA;CAWF;AAED,MAAM,8BAA+B,SAAQ,2BAA2B;IAAxE;;QACU,WAAM,GAKT,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC5H,4BAAuB,GAAG,IAAI,mBAAK,EAAE,CAAA;IAuM/C,CAAC;IArMO,sBAAsB;;YAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAA;YACtC,MAAM,IAAI,CAAC,MAAM,CAAA;QACnB,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,SAAS,0BAA0B,CAAC,MAInC;gBACC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;oBACjC,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;oBAChC,IAAI,EAAE,EAAE;wBACN,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;wBAClC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE;4BACrB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,MAAM,CAAC,YAAY;gCACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;gCACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;6BAC1D,CAAA;yBACF;qBACF;oBACD,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAA6G,CAAC,CAAA;YACnH,CAAC;YAED,OAAO,0BAA0B,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;KAAA;IAEa,yBAAyB,CACrC,UAAkB;;YAElB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3D,IAAI,MAAM,KAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA,EAAE;gBAC/B,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;oBACzD,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;oBACzC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;iBACxD,CAAA;aACF;iBAAM;gBACL,OAAO,SAAS,CAAA;aACjB;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;YACtE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAA;YACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,CAAA;YAC5D,IAAI;gBACF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;gBACzE,IAAI,gBAAgB;oBAAE,OAAO,gBAAgB,CAAA;gBAC7C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;oBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;oBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;iBACzE,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAA;gBACF,OAAO,OAAO,CAAA;aACf;oBAAS;gBACR,OAAO,EAAE,CAAA;aACV;;KACF;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,GAAG,GAML,EAAE,CAAA;YACN,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE;gBACpB,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;gBAChC,IAAI,IAAI,EAAE;oBACR,GAAG,CAAC,EAAE,CAAC,GAAG;wBACR,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,WAAW;wBACxC,mBAAmB,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,mBAAmB;qBACzD,CAAA;iBACF;aACF;YACD,OAAO,GAAG,CAAA;;KACX;IAEO,SAAS,CACf,YAA0B,EAC1B,SAAkB,EAClB,SAAgI;QAEhI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,MAAM,EAAE,EAAE;YAC9C,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,CAAA;YAC/D,IAAI,SAAS,EAAE;gBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;gBACvG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;oBACtB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBAC1C,CAAC,CAAC,CAAA;gBACF,IAAI,SAAS,CAAC,QAAQ,EAAE;oBACtB,MAAM,CAAC,kCAAkC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;iBACpF;aACF;YACD,IAAI,SAAS;gBAAE,MAAM,CAAC,kCAAkC,GAAG,EAAE,CAAA;YAC7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;IAEa,iBAAiB;;YAM7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAA;YAChF,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAA;YAC7G,MAAM,QAAQ,GAAyC,EAAE,CAAA;YACzD,MAAM,QAAQ,GAA+B,EAAE,CAAA;YAC/C,MAAM,kCAAkC,GAAmC,EAAE,CAAA;YAC7E,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE;gBAC9B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;gBACtD,QAAQ,CAAC,QAAQ,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,CAAA;gBAC7E,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,QAAQ,EAAE;oBAC3B,kCAAkC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;iBACrE;gBACD,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,mBAAmB,EAAE;oBACtC,KAAK,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,aAAc,CAAC,mBAAmB,CAAC,EAAE;wBAC7G,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;qBAC3B;iBACF;aACF;YACD,MAAM,kCAAkC,GAA8D,EAAE,CAAA;YACxG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,kCAAkC,EAAE,kCAAkC,EAAE,CAAA;QACvG,CAAC;KAAA;IAEK,yBAAyB,CAAC,UAAwC;;YACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CAAC,oBAAoB,EAAE,UAAU,CAAC,CAAA;YAC7G,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAA;YAChE,OAAO,QAAQ,CAAA;QACjB,CAAC;KAAA;IAEK,oBAAoB,CAAC,UAAwC;;YACjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,GAAG,GAAa,EAAE,CAAA;YACxB,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE;gBACtD,sIAAsI;gBACtI,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,CAAC,sBAAsB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC,CAAA;aACjG;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE;gBACzC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B,CAAC,CAAA;aACH;QACH,CAAC;KAAA;CACF;AAED,MAAM,kCAAmC,SAAQ,2BAA2B;IAO1E,YACE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,kBAEC;;QAED,KAAK,CAAC,IAAI,EAAE,cAAc,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAA;QAlB5F,aAAQ,GAAsE,IAAI,iCAAc,EAAE,CAAA;QAClG,aAAQ,GAAwB,IAAI,GAAG,EAAE,CAAA;QACzC,uCAAkC,GAAwB,IAAI,GAAG,EAAE,CAAA;QAEnE,eAAU,GAAG,IAAI,mBAAK,EAAE,CAAA;QAevC,IAAI,CAAC,qBAAqB,GAAG,MAAA,kBAAkB,CAAC,YAAY,mCAAI,IAAI,CAAA;IACtE,CAAC;IAEK,sBAAsB;;YAC1B,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,kCAAkC,CAAC,KAAK,EAAE,CAAA;QACjD,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI;gBACF,MAAM,GAAG,GAEL,EAAE,CAAA;gBACN,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE;oBACzB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;oBACtC,IAAI,MAAM,EAAE;wBACV,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBACjD,IAAI,CAAC,SAAS;4BAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,mCAAmC,CAAC,CAAA;wBAC1F,IAAI,SAAS,CAAC,SAAS,EAAE;4BACvB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,SAAS,CAAC,YAAY;gCACpC,WAAW,EAAE,SAAS,CAAC,SAAS,CAAC,WAAW;gCAC5C,mBAAmB,EAAE,SAAS,CAAC,SAAS,CAAC,mBAAmB;6BAC7D,CAAA;yBACF;qBACF;iBACF;gBACD,OAAO,GAAG,CAAA;aACX;oBAAS;gBACR,OAAO,EAAE,CAAA;aACV;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI;gBACF,MAAM,GAAG,GAML,EAAE,CAAA;gBACN,MAAM,QAAQ,GAAa,EAAE,CAAA;gBAC7B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE;oBACpB,MAAM,MAAM,GAAuD,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;oBAC9F,IAAI,MAAM,EAAE;wBACV,GAAG,CAAC,EAAE,CAAC,GAAG;4BACR,WAAW,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,WAAW;4BAC1C,mBAAmB,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,mBAAmB;4BAC1D,YAAY,EAAE,MAAM,CAAC,YAAY;yBAClC,CAAA;qBACF;yBAAM,IAAI,mBAAmB,EAAE;wBAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;qBAClB;iBACF;gBACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACvB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAA;oBAChE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE;wBAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;wBAC9C,IAAI,SAAS,EAAE;4BACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;4BACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;yBAC3D;6BAAM;4BACL,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;yBACpD;wBACD,GAAG,CAAC,IAAI,CAAC,EAAG,CAAC,GAAG;4BACd,WAAW,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,WAAW;4BACnC,mBAAmB,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,mBAAmB;4BACnD,YAAY,EAAE,IAAI;yBACnB,CAAA;qBACF;iBACF;gBACD,OAAO,GAAG,CAAA;aACX;oBAAS;gBACR,OAAO,EAAE,CAAA;aACV;;KACF;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI;gBACF,IAAI,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACxE,IAAI,CAAC,UAAU,EAAE;oBACf,MAAM,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAA;oBAC9C,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;iBACrE;gBACD,IAAI,UAAU,EAAE;oBACd,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;oBAClD,IAAI,CAAC,MAAM;wBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,UAAU,4BAA4B,CAAC,CAAA;oBACnG,IAAI,MAAM,CAAC,SAAS,EAAE;wBACpB,OAAO;4BACL,YAAY,EAAE,MAAM,CAAC,YAAY;4BACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;4BACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;4BACzD,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;yBACxD,CAAA;qBACF;;wBAAM,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAA;iBACnF;qBAAM;oBACL,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;wBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;wBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;qBACzE,CAAC,CAAA;oBACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;oBACrG,MAAM,IAAI,GAAG;wBACX,YAAY,EAAE,OAAO,CAAC,YAAY;wBAClC,SAAS,EAAE;4BACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;4BAChD,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;4BAC9C,QAAQ,EAAE,IAAI;yBACf;wBACD,MAAM;qBACP,CAAA;oBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;oBACrB,OAAO;wBACL,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;wBACvC,mBAAmB,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB;wBACvD,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,kBAAkB;qBACtD,CAAA;iBACF;aACF;oBAAS;gBACR,OAAO,EAAE,CAAA;aACV;;KACF;IAED,iJAAiJ;IACjJ,uEAAuE;IACzD,uBAAuB,CAAC,UAAkB;;YACtD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,UAAU,CAAC,CAAA;YAC1I,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE;gBACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC9C,IAAI,SAAS,EAAE;oBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;oBACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;iBAC3D;qBAAM;oBACL,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;iBACpD;aACF;QACH,CAAC;KAAA;IAEO,UAAU,CAAC,IAA+C;;QAChE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,EAAE;YACpD,IAAI,CAAC,aAAa,EAAE,CAAA;SACrB;QACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAC,CAAA;QAC7E,IAAI,CAAA,MAAA,IAAI,CAAC,SAAS,0CAAE,QAAQ,KAAI,CAAC,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE;YACxG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAA;SAC/F;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAG,EAAE,IAAI,CAAC,CAAA;IAChD,CAAC;IAEO,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAA;QACtD,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAA;QAC5D,IAAI,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE;YAC1G,IAAI,CAAC,kCAAkC,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;SAC9E;IACH,CAAC;IAED,yBAAyB;QACvB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,oBAAoB;QAClB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE;gBACzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;gBACrG,MAAM,IAAI,GAAG;oBACX,YAAY,EAAE,OAAO,CAAC,YAAY;oBAClC,SAAS,EAAE;wBACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;wBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;wBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B;oBACD,MAAM;iBACP,CAAA;gBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;aACtB;QACH,CAAC;KAAA;CACF","sourcesContent":["import { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { BaseExchangeDataManager } from './BaseExchangeDataManager'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { fingerprintV1, getShaVersionForKey, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EntityWithDelegationTypeName, hex2ua } from '../utils'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { ShaVersion } from './RSA'\nimport { Mutex } from 'async-mutex'\nimport { SimpleLruCache } from '../utils/simple-lru-cache'\nimport * as console from 'node:console'\n\nexport type ExchangeDataManagerOptionalParameters = {\n // Only for not fully cached implementation (data owner can't request all his exchange data), amount of exchange data which can be cached\n lruCacheSize?: number // default = 2000\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice.\n * Initialises and returns the exchange data manager which is most appropriate for the current data owner.\n */\nexport async function initialiseExchangeDataManagerForCurrentDataOwner(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: ExchangeDataManagerOptionalParameters = {}\n): Promise<ExchangeDataManager> {\n const currentOwner = CryptoActorStubWithType.fromDataOwner(await dataOwnerApi.getCurrentDataOwner())\n if (cryptoStrategies.dataOwnerRequiresAnonymousDelegation(currentOwner)) {\n const res = new FullyCachedExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys\n )\n await res.clearOrRepopulateCache()\n return res\n } else {\n return new LimitedLruCacheExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys,\n optionalParameters\n )\n }\n}\n\ntype CachedExchangeData = {\n exchangeData: ExchangeData\n decrypted?: {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n}\n\n/**\n * @internal this class is intended for internal use only and may be changed without notice.\n * Exchange data manager which automatically handles decryption and cache\n */\nexport interface ExchangeDataManager {\n readonly base: BaseExchangeDataManager\n\n /**\n * Updates all exchange data between the current data owner and another data owner to allow the other data owner to access existing exchange data\n * using a new public key. Note that this will make existing exchange keys from the other data owner to the current data owner unverified, therefore\n * invalid for encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n */\n giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string): Promise<void>\n\n /**\n * Gets any existing and verified exchange data from the current data owner to the provided delegate or creates new data if no verified data is\n * available, then caches it.\n * @param delegateId the id of the delegate.\n * @param options\n * - allowCreationWithoutDelegatorKey if true, when creating new exchange data, even if no verified key is available for the delegator the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * - allowCreationWithoutDelegateKey if true, when creating new exchange data, even if no verified key is available for the delegate the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * @return the access control secret and key of the data to use for encryption.\n */\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }>\n\n /**\n * Retrieve the cached decrypted exchange data key associated with any of the provided hashes/entry keys of secure delegations.\n * @param hashes hashes of access control secrets for a specific entity, as they appear in the key of secure delegation entries\n * @return the exchange data and decrypted key associated to that hash if cached\n */\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey } }>\n\n /**\n * Retrieves the exchange data with the provided id (from the cache if available or from the server otherwise if allowed by\n * and attempts to decrypt it, then caches the result.\n * @param ids ids of the exchange datas to retrieve\n * @param retrieveIfNotCached if false only cached data will be returned, and the access control hases options will be\n * ignored\n * @return a map containing the exchange data id associated with:\n * - exchangeData: the exchange data with the provided id\n * - exchangeKey: the exchange key corresponding to the provided exchange data if it could be decrypted, else undefined\n * - accessControlSecret: the access control secret corresponding to the provided exchange data if it could be decrypted, else undefined\n */\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{ [id: string]: { exchangeKey: CryptoKey | undefined; accessControlSecret: string | undefined; exchangeData: ExchangeData } }>\n\n /**\n * Clears the cache or fully repopulates the cache if the current data owner can retrieve all of his exchange data according to the crypto\n * strategies.\n */\n clearOrRepopulateCache(): Promise<void>\n\n /**\n * If the current data owner requires anonymous delegations this returns the base64 representation of the concatenation of all available access\n * control keys for the current data owner.\n */\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined>\n\n /**\n * If the current data owner requires anonymous delegations this returns the access control keys which may be used in secure delegations for the\n * data owner, which can be used to search for data.\n */\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined>\n\n /**\n * Injects already decrypted exchange data, allowing it to be used by the sdk.\n * @param exchangeDataDetails the exchange data to inject, with the decrypted content and verified status.\n * Note that the SDK won't verify that the provided decrypted content actually matches what is stored in the exchange\n * data.\n * @param reEncryptWithOwnKeys if true all the provided exchange data that is not encrypted with any of the self\n * verified keys of the user will be re-encrypted with them. In case the user is also the delegator and the data is\n * verified the delegator signature will be updated.\n */\n injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void>\n}\n\nabstract class AbstractExchangeDataManager implements ExchangeDataManager {\n constructor(\n readonly base: BaseExchangeDataManager,\n protected readonly encryptionKeys: UserEncryptionKeysManager,\n protected readonly accessControlSecret: AccessControlSecretUtils,\n protected readonly cryptoStrategies: CryptoStrategies,\n protected readonly dataOwnerApi: IccDataOwnerXApi,\n protected readonly primitives: CryptoPrimitives,\n private readonly useParentKeys: boolean\n ) {}\n\n protected async decryptData(data: ExchangeData): Promise<\n | {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n | undefined\n > {\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const encryptionKeys = Object.fromEntries(\n this.encryptionKeys.getSelfVerifiedKeys().map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])\n )\n const decryptedExchangeKey = (await this.base.tryDecryptExchangeKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedExchangeKey) return undefined\n const decryptedAccessControlSecret = (await this.base.tryDecryptAccessControlSecret([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedAccessControlSecret)\n throw new Error(`Decryption key could be decrypted but access control secret could not for data ${JSON.stringify(data)}`)\n const decryptedSharedSignatureKey = (await this.base.tryDecryptSharedSignatureKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedSharedSignatureKey)\n throw new Error(`Decryption key could be decrypted but shared signature key could not for data ${JSON.stringify(data)}`)\n return {\n accessControlSecret: decryptedAccessControlSecret,\n exchangeKey: decryptedExchangeKey,\n sharedSignatureKey: decryptedSharedSignatureKey,\n verified: await this.base.verifyExchangeData(\n {\n exchangeData: data,\n decryptedAccessControlSecret,\n decryptedExchangeKey,\n decryptedSharedSignatureKey,\n },\n encryptionKeys,\n true\n ),\n }\n }\n\n protected async createNewExchangeData(\n delegateId: string,\n options: {\n newDataId?: string\n allowNoDelegatorKeys?: boolean\n allowNoDelegateKeys?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n if (options.allowNoDelegateKeys && options.allowNoDelegatorKeys)\n throw new Error('Illegal arguments: allow no delegator and no delegate keys should never both be true')\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0 && !options.allowNoDelegatorKeys)\n throw new Error('If the sdk is initialized in keyless mode you must create exchange data explicitly')\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n if (delegateId != (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const sha256KeysOfDelegate = hexPublicKeysWithSha256Of(delegate.stub)\n const sha1KeysOfDelegate = hexPublicKeysWithSha1Of(delegate.stub)\n let allVerifiedDelegateKeys: string[]\n if (!sha256KeysOfDelegate.size && !sha1KeysOfDelegate.size) {\n if (!options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate was found.`)\n allVerifiedDelegateKeys = []\n } else if (this.useParentKeys && (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()).includes(delegateId)) {\n allVerifiedDelegateKeys = await this.encryptionKeys.getVerifiedPublicKeysFor(delegate.stub)\n } else {\n allVerifiedDelegateKeys = await this.cryptoStrategies.verifyDelegatePublicKeys(\n delegate,\n [...Array.from(sha256KeysOfDelegate), ...Array.from(sha1KeysOfDelegate)],\n this.primitives\n )\n }\n if (!allVerifiedDelegateKeys.length && !options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate could be verified.`)\n for (const delegateKey of allVerifiedDelegateKeys) {\n if (sha1KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey('spki', hex2ua(delegateKey), ['encrypt'], ShaVersion.Sha1)\n } else if (sha256KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey(\n 'spki',\n hex2ua(delegateKey),\n ['encrypt'],\n ShaVersion.Sha256\n )\n } else throw new Error('Illegal state: verified keys should contain only keys for OAPE-SHA1 or OAPE-SHA256.')\n }\n }\n const newData = await this.base.createExchangeData(\n delegateId,\n Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])),\n encryptionKeys,\n options.newDataId ? { id: options.newDataId } : {}\n )\n return {\n exchangeData: newData.exchangeData,\n accessControlSecret: newData.accessControlSecret,\n exchangeKey: newData.exchangeKey,\n sharedSignatureKey: newData.sharedSignatureKey,\n }\n }\n\n async giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string) {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newKeyFp = fingerprintV1(newDataOwnerPublicKey)\n const other = await this.dataOwnerApi.getCryptoActorStub(otherDataOwner)\n const newKeyHashVersion = getShaVersionForKey(other.stub, newDataOwnerPublicKey)\n if (!newKeyHashVersion) throw new Error(`Public key not found for data owner ${otherDataOwner}`)\n const importedNewKey = await this.primitives.RSA.importKey('spki', hex2ua(newDataOwnerPublicKey), ['encrypt'], newKeyHashVersion)\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const allExchangeDataToUpdate =\n self == otherDataOwner\n ? await this.base.getExchangeDataByDelegatorDelegatePair(self, self)\n : [\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(self, otherDataOwner)),\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(otherDataOwner, self)),\n ]\n for (const dataToUpdate of allExchangeDataToUpdate) {\n if (!Object.keys(dataToUpdate.exchangeKey).find((fp) => fp == newKeyFp)) {\n const updated = await this.base.tryUpdateExchangeData(dataToUpdate, decryptionKeys, { [newKeyFp]: importedNewKey })\n if (!updated) {\n console.warn(`Failed to give access back to exchanged data ${JSON.stringify(dataToUpdate)}`)\n }\n }\n }\n }\n\n clearOrRepopulateCache(): Promise<void> {\n throw new Error('Implemented by concrete class')\n }\n\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n throw new Error('Implemented by concrete class')\n }\n\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n throw new Error('Implemented by concrete class')\n }\n\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n throw new Error('Implemented by concrete class')\n }\n\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n async injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const retrievedExchangeData = await this.base.getExchangeDataByIds(exchangeDataDetails.map((x) => x.exchangeDataId))\n if (retrievedExchangeData.some((x) => x.delegator != self && x.delegate != self))\n throw new Error('Should only inject exchange date from/to the current user')\n const exchangeDataById: { [id: string]: ExchangeData } = {}\n retrievedExchangeData.forEach((x) => (exchangeDataById[x.id!] = x))\n if (reEncryptWithOwnKeys) {\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0) throw new Error(\"Can't re-encrypt injected exchange data with own keys if in keyless mode\")\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n const signatureKeys = Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey]))\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != null)\n await this.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData,\n newEncryptionKeys: encryptionKeys,\n newDelegatorSignatureKeys: exchangeData.delegator == self && details.verified ? signatureKeys : {},\n rawExchangeKey: details.exchangeKey,\n rawAccessControlSecret: details.accessControlSecret,\n rawSharedSignatureKey: details.sharedSignatureKey,\n })\n }\n }\n const importedDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[] = []\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != undefined)\n importedDetails.push({\n exchangeData: exchangeData,\n accessControlSecret: await this.base.importAccessControlSecret(details.accessControlSecret),\n exchangeKey: await this.base.importExchangeKey(details.exchangeKey),\n sharedSignatureKey: await this.base.importSharedSignatureKey(details.sharedSignatureKey),\n verified: details.verified,\n })\n }\n await this.cacheInjectedExchangeData(importedDetails)\n }\n\n protected abstract cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void>\n}\n\nclass FullyCachedExchangeDataManager extends AbstractExchangeDataManager {\n private caches: Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> = Promise.resolve({ dataById: {}, hashToId: {}, delegateToVerifiedEncryptionDataId: {}, entityTypeToAccessControlKeysValue: {} })\n private createExchangeDataMutex = new Mutex()\n\n async clearOrRepopulateCache(): Promise<void> {\n this.caches = this.doRepopulateCache()\n await this.caches\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n function retrieveByHashesFromCaches(caches: {\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n }): { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } } {\n return hashes.reduce((res, hash) => {\n const id = caches.hashToId[hash]\n if (id) {\n const cached = caches.dataById[id]\n if (cached?.decrypted) {\n res[hash] = {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n }\n }\n }\n return res\n }, {} as { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } })\n }\n\n return retrieveByHashesFromCaches(await this.caches)\n }\n\n private async getCachedEncryptionDataTo(\n delegateId: string\n ): Promise<{ exchangeKey: CryptoKey; accessControlSecret: string; exchangeData: ExchangeData; sharedSignatureKey: CryptoKey } | undefined> {\n const caches = await this.caches\n const dataId = caches.delegateToVerifiedEncryptionDataId[delegateId]\n const cached = dataId ? caches.dataById[dataId] : undefined\n if (cached && cached?.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n accessControlSecret: cached.decrypted.accessControlSecret,\n exchangeKey: cached.decrypted.exchangeKey,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else {\n return undefined\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const initialCached = await this.getCachedEncryptionDataTo(delegateId)\n if (initialCached) return initialCached\n const release = await this.createExchangeDataMutex.acquire()\n try {\n const cachedAfterMutex = await this.getCachedEncryptionDataTo(delegateId)\n if (cachedAfterMutex) return cachedAfterMutex\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n this.cacheData(created.exchangeData, true, {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n })\n return created\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const caches = await this.caches\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n for (const id of ids) {\n const data = caches.dataById[id]\n if (data) {\n res[id] = {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted?.exchangeKey,\n accessControlSecret: data.decrypted?.accessControlSecret,\n }\n }\n }\n return res\n }\n\n private cacheData(\n exchangeData: ExchangeData,\n isNewData: boolean,\n decrypted: { accessControlSecret: string; exchangeKey: CryptoKey; verified: boolean; sharedSignatureKey: CryptoKey } | undefined\n ): void {\n this.caches = this.caches.then(async (caches) => {\n caches.dataById[exchangeData.id!] = { exchangeData, decrypted }\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n hashes.forEach((hash) => {\n caches.hashToId[hash] = exchangeData.id!\n })\n if (decrypted.verified) {\n caches.delegateToVerifiedEncryptionDataId[exchangeData.delegate] = exchangeData.id!\n }\n }\n if (isNewData) caches.entityTypeToAccessControlKeysValue = {}\n return caches\n })\n }\n\n private async doRepopulateCache(): Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> {\n const allData = await this.base.getAllExchangeDataForCurrentDataOwnerIfAllowed()\n if (!allData) throw new Error('Impossible to use fully cached exchange data manager for current data owner.')\n const dataById: { [id: string]: CachedExchangeData } = {}\n const hashToId: { [hash: string]: string } = {}\n const delegateToVerifiedEncryptionDataId: { [delegate: string]: string } = {}\n for (const currData of allData) {\n const currDecrypted = await this.decryptData(currData)\n dataById[currData.id!] = { exchangeData: currData, decrypted: currDecrypted }\n if (currDecrypted?.verified) {\n delegateToVerifiedEncryptionDataId[currData.delegate] = currData.id!\n }\n if (currDecrypted?.accessControlSecret) {\n for (const h of await this.accessControlSecret.allSecureDelegationKeysFor(currDecrypted!.accessControlSecret)) {\n hashToId[h] = currData.id!\n }\n }\n }\n const entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string } = {}\n return { dataById, hashToId, delegateToVerifiedEncryptionDataId, entityTypeToAccessControlKeysValue }\n }\n\n async getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n const caches = await this.caches\n const cached = caches.entityTypeToAccessControlKeysValue[entityType]\n if (cached) return cached\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const fullData = await this.accessControlSecret.getEncodedAccessControlKeys(accessControlSecrets, entityType)\n caches.entityTypeToAccessControlKeysValue[entityType] = fullData\n return fullData\n }\n\n async getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n const caches = await this.caches\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const res: string[] = []\n for (const accessControlSecret of accessControlSecrets) {\n // Usage of sfks in secure delegation key should be configurable: it is not necessary for all users and it has some performance impact\n res.push(await this.accessControlSecret.secureDelegationKeyFor(accessControlSecret, entityType))\n }\n return res\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n this.cacheData(details.exchangeData, true, {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n })\n }\n }\n}\n\nclass LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {\n private readonly idToData: SimpleLruCache<string, CachedExchangeData & { hashes: string[] }> = new SimpleLruCache()\n private readonly hashToId: Map<string, string> = new Map()\n private readonly delegateToVerifiedEncryptionDataId: Map<string, string> = new Map()\n private readonly maxCachedExchangeData: number\n private readonly cacheMutex = new Mutex()\n\n constructor(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: {\n lruCacheSize?: number\n }\n ) {\n super(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys)\n this.maxCachedExchangeData = optionalParameters.lruCacheSize ?? 2000\n }\n\n async clearOrRepopulateCache(): Promise<void> {\n this.idToData.clear()\n this.hashToId.clear()\n this.delegateToVerifiedEncryptionDataId.clear()\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string }\n } = {}\n for (const hash of hashes) {\n const dataId = this.hashToId.get(hash)\n if (dataId) {\n const retrieved = this.idToData.getCached(dataId)\n if (!retrieved) throw new Error(`Data with id ${dataId} should have been already cached.`)\n if (retrieved.decrypted) {\n res[hash] = {\n exchangeData: retrieved.exchangeData,\n exchangeKey: retrieved.decrypted.exchangeKey,\n accessControlSecret: retrieved.decrypted.accessControlSecret,\n }\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n const uncached: string[] = []\n for (const id of ids) {\n const cached: (CachedExchangeData & { hashes: string[] }) | null = this.idToData.getCached(id)\n if (cached) {\n res[id] = {\n exchangeKey: cached.decrypted?.exchangeKey,\n accessControlSecret: cached.decrypted?.accessControlSecret,\n exchangeData: cached.exchangeData,\n }\n } else if (retrieveIfNotCached) {\n uncached.push(id)\n }\n }\n if (uncached.length > 0) {\n const retrieved = await this.base.getExchangeDataByIds(uncached)\n for (const data of retrieved) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n res[data.id!] = {\n exchangeKey: decrypted?.exchangeKey,\n accessControlSecret: decrypted?.accessControlSecret,\n exchangeData: data,\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const release = await this.cacheMutex.acquire()\n try {\n let existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n if (!existingId) {\n await this.populateCacheToDelegate(delegateId)\n existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n }\n if (existingId) {\n const cached = this.idToData.getCached(existingId)\n if (!cached) throw new Error(`Illegal state: data with id ${existingId} should have been in cache`)\n if (cached.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else throw new Error(`Illegal state: cached verified data should be decrypted.`)\n } else {\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(created.accessControlSecret)\n const data = {\n exchangeData: created.exchangeData,\n decrypted: {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n },\n hashes,\n }\n this.addToCache(data)\n return {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted.exchangeKey,\n accessControlSecret: data.decrypted.accessControlSecret,\n sharedSignatureKey: data.decrypted.sharedSignatureKey,\n }\n }\n } finally {\n release()\n }\n }\n\n // Loads and adds to the cache all exchange data from the current data owner to the given delegate. Allows to check if there is already data from\n // the current data owner to the delegate which is good for encryption.\n private async populateCacheToDelegate(delegateId: string): Promise<void> {\n const dataToDelegate = await this.base.getExchangeDataByDelegatorDelegatePair(await this.dataOwnerApi.getCurrentDataOwnerId(), delegateId)\n for (const data of dataToDelegate) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n }\n }\n\n private addToCache(data: CachedExchangeData & { hashes: string[] }) {\n if (this.idToData.size >= this.maxCachedExchangeData) {\n this.evictOneEntry()\n }\n data.hashes.forEach((hash) => this.hashToId.set(hash, data.exchangeData.id!))\n if (data.decrypted?.verified && !this.delegateToVerifiedEncryptionDataId.has(data.exchangeData.delegate)) {\n this.delegateToVerifiedEncryptionDataId.set(data.exchangeData.delegate, data.exchangeData.id!)\n }\n this.idToData.set(data.exchangeData.id!, data)\n }\n\n private evictOneEntry() {\n const evicted = this.idToData.evictLeastRecentlyUsed()\n evicted.hashes.forEach((hash) => this.hashToId.delete(hash))\n if (this.delegateToVerifiedEncryptionDataId.get(evicted.exchangeData.delegate) === evicted.exchangeData.id) {\n this.delegateToVerifiedEncryptionDataId.delete(evicted.exchangeData.delegate)\n }\n }\n\n getAccessControlKeysValue(): Promise<string | undefined> {\n return Promise.resolve(undefined)\n }\n\n getAllDelegationKeys(): Promise<string[] | undefined> {\n return Promise.resolve(undefined)\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(details.accessControlSecret)\n const data = {\n exchangeData: details.exchangeData,\n decrypted: {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n },\n hashes,\n }\n this.addToCache(data)\n }\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"ExchangeDataManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataManager.ts"],"names":[],"mappings":";;;;;;;;;;;AAuBA,4GAmCC;AApDD,mCAAgH;AAEhH,oCAA+D;AAC/D,yEAA6E;AAC7E,+BAAkC;AAClC,6CAAmC;AACnC,gEAA0D;AAO1D;;;GAGG;AACH,SAAsB,gDAAgD;yDACpE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,qBAA4D,EAAE;QAE9D,MAAM,YAAY,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;QACpG,IAAI,gBAAgB,CAAC,oCAAoC,CAAC,YAAY,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,GAAG,IAAI,8BAA8B,CAC5C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,CACd,CAAA;YACD,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YAClC,OAAO,GAAG,CAAA;QACZ,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,kCAAkC,CAC3C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,EACb,kBAAkB,CACnB,CAAA;QACH,CAAC;IACH,CAAC;CAAA;AA+GD,MAAe,2BAA2B;IACxC,YACW,IAA6B,EACnB,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC9B,aAAsB;QAN9B,SAAI,GAAJ,IAAI,CAAyB;QACnB,mBAAc,GAAd,cAAc,CAA2B;QACzC,wBAAmB,GAAnB,mBAAmB,CAA0B;QAC7C,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC9B,kBAAa,GAAb,aAAa,CAAS;IACtC,CAAC;IAEY,WAAW,CAAC,IAAkB;;YAS5C,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CACvC,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9G,CAAA;YACD,MAAM,oBAAoB,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACtH,IAAI,CAAC,oBAAoB;gBAAE,OAAO,SAAS,CAAA;YAC3C,MAAM,4BAA4B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACrI,IAAI,CAAC,4BAA4B;gBAC/B,MAAM,IAAI,KAAK,CAAC,kFAAkF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC3H,MAAM,2BAA2B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACpI,IAAI,CAAC,2BAA2B;gBAC9B,MAAM,IAAI,KAAK,CAAC,iFAAiF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC1H,OAAO;gBACL,mBAAmB,EAAE,4BAA4B;gBACjD,WAAW,EAAE,oBAAoB;gBACjC,kBAAkB,EAAE,2BAA2B;gBAC/C,QAAQ,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAC1C;oBACE,YAAY,EAAE,IAAI;oBAClB,4BAA4B;oBAC5B,oBAAoB;oBACpB,2BAA2B;iBAC5B,EACD,cAAc,EACd,IAAI,CACL;aACF,CAAA;QACH,CAAC;KAAA;IAEe,qBAAqB,CACnC,UAAkB,EAClB,OAIC;;YAED,IAAI,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,oBAAoB;gBAC7D,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAA;YACzG,MAAM,cAAc,GAAgC,EAAE,CAAA;YACtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;YAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBAC/D,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAA;YACvG,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;gBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;YAC9C,CAAC,CAAC,CAAA;YACF,IAAI,UAAU,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE,CAAC;gBACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,MAAM,oBAAoB,GAAG,IAAA,iCAAyB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACrE,MAAM,kBAAkB,GAAG,IAAA,+BAAuB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACjE,IAAI,uBAAiC,CAAA;gBACrC,IAAI,CAAC,oBAAoB,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;oBAC3D,IAAI,CAAC,OAAO,CAAC,mBAAmB;wBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,+CAA+C,CAAC,CAAA;oBACjH,uBAAuB,GAAG,EAAE,CAAA;gBAC9B,CAAC;qBAAM,IAAI,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAClH,uBAAuB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBAC7F,CAAC;qBAAM,CAAC;oBACN,uBAAuB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAC5E,QAAQ,EACR,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,EACxE,IAAI,CAAC,UAAU,CAChB,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,uBAAuB,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB;oBACjE,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,uDAAuD,CAAC,CAAA;gBACzH,KAAK,MAAM,WAAW,IAAI,uBAAuB,EAAE,CAAC;oBAClD,IAAI,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACxC,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,gBAAU,CAAC,IAAI,CAAC,CAAA;oBAC7I,CAAC;yBAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACjD,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAC9E,MAAM,EACN,IAAA,cAAM,EAAC,WAAW,CAAC,EACnB,CAAC,SAAS,CAAC,EACX,gBAAU,CAAC,MAAM,CAClB,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,qFAAqF,CAAC,CAAA;gBAC/G,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAChD,UAAU,EACV,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EACxG,cAAc,EACd,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CACnD,CAAA;YACD,OAAO;gBACL,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;gBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;aAC/C,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,cAAsB,EAAE,qBAA6B;;YAC1E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,qBAAqB,CAAC,CAAA;YACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;YACxE,MAAM,iBAAiB,GAAG,IAAA,2BAAmB,EAAC,KAAK,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAA;YAChF,IAAI,CAAC,iBAAiB;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;YAChG,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,qBAAqB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,iBAAiB,CAAC,CAAA;YACjI,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,uBAAuB,GAC3B,IAAI,IAAI,cAAc;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,IAAI,CAAC;gBACpE,CAAC,CAAC;oBACE,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBACjF,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;iBAClF,CAAA;YACP,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE,CAAC;gBACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC;oBACxE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,EAAE,CAAC,CAAA;oBACnH,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,OAAO,CAAC,IAAI,CAAC,gDAAgD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;oBAC9F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED,sBAAsB;QACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,2BAA2B,CACzB,UAAkB,EAClB,OAGC;QAED,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,6CAA6C,CAC3C,MAAgB;QAEhB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CACvB,GAAa,EACb,mBAA4B;QAQ5B,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CAAC,UAAwC;QAChE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,oBAAoB,CAAC,UAAwC;QAC3D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAEK,2BAA2B,CAC/B,mBAMG,EACH,oBAA6B;;YAE7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;YACpH,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;gBAC9E,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAA;YAC9E,MAAM,gBAAgB,GAAmC,EAAE,CAAA;YAC3D,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACnE,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;gBAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7H,MAAM,cAAc,GAAgC,EAAE,CAAA;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;oBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;gBAC9C,CAAC,CAAC,CAAA;gBACF,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC9H,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;oBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;oBAC7D,IAAI,YAAY,IAAI,IAAI;wBACtB,MAAM,IAAI,CAAC,IAAI,CAAC,yCAAyC,CAAC;4BACxD,YAAY;4BACZ,iBAAiB,EAAE,cAAc;4BACjC,yBAAyB,EAAE,YAAY,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;4BAClG,cAAc,EAAE,OAAO,CAAC,WAAW;4BACnC,sBAAsB,EAAE,OAAO,CAAC,mBAAmB;4BACnD,qBAAqB,EAAE,OAAO,CAAC,kBAAkB;yBAClD,CAAC,CAAA;gBACN,CAAC;YACH,CAAC;YACD,MAAM,eAAe,GAMf,EAAE,CAAA;YACR,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;gBAC7D,IAAI,YAAY,IAAI,SAAS;oBAC3B,eAAe,CAAC,IAAI,CAAC;wBACnB,YAAY,EAAE,YAAY;wBAC1B,mBAAmB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,mBAAmB,CAAC;wBAC3F,WAAW,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC;wBACnE,kBAAkB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,kBAAkB,CAAC;wBACxF,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAA;YACN,CAAC;YACD,MAAM,IAAI,CAAC,yBAAyB,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;KAAA;CAWF;AAED,MAAM,8BAA+B,SAAQ,2BAA2B;IAAxE;;QACU,WAAM,GAKT,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC5H,4BAAuB,GAAG,IAAI,mBAAK,EAAE,CAAA;IAuM/C,CAAC;IArMO,sBAAsB;;YAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAA;YACtC,MAAM,IAAI,CAAC,MAAM,CAAA;QACnB,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,SAAS,0BAA0B,CAAC,MAInC;gBACC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;oBACjC,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;oBAChC,IAAI,EAAE,EAAE,CAAC;wBACP,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;wBAClC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;4BACtB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,MAAM,CAAC,YAAY;gCACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;gCACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;6BAC1D,CAAA;wBACH,CAAC;oBACH,CAAC;oBACD,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAA6G,CAAC,CAAA;YACnH,CAAC;YAED,OAAO,0BAA0B,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;KAAA;IAEa,yBAAyB,CACrC,UAAkB;;YAElB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3D,IAAI,MAAM,KAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA,EAAE,CAAC;gBAChC,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;oBACzD,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;oBACzC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;iBACxD,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,SAAS,CAAA;YAClB,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;YACtE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAA;YACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,CAAA;YAC5D,IAAI,CAAC;gBACH,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;gBACzE,IAAI,gBAAgB;oBAAE,OAAO,gBAAgB,CAAA;gBAC7C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;oBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;oBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;iBACzE,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAA;gBACF,OAAO,OAAO,CAAA;YAChB,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,GAAG,GAML,EAAE,CAAA;YACN,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;gBAChC,IAAI,IAAI,EAAE,CAAC;oBACT,GAAG,CAAC,EAAE,CAAC,GAAG;wBACR,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,WAAW;wBACxC,mBAAmB,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,mBAAmB;qBACzD,CAAA;gBACH,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEO,SAAS,CACf,YAA0B,EAC1B,SAAkB,EAClB,SAAgI;QAEhI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,MAAM,EAAE,EAAE;YAC9C,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,CAAA;YAC/D,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;gBACvG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;oBACtB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBAC1C,CAAC,CAAC,CAAA;gBACF,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACvB,MAAM,CAAC,kCAAkC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBACrF,CAAC;YACH,CAAC;YACD,IAAI,SAAS;gBAAE,MAAM,CAAC,kCAAkC,GAAG,EAAE,CAAA;YAC7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;IAEa,iBAAiB;;YAM7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAA;YAChF,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAA;YAC7G,MAAM,QAAQ,GAAyC,EAAE,CAAA;YACzD,MAAM,QAAQ,GAA+B,EAAE,CAAA;YAC/C,MAAM,kCAAkC,GAAmC,EAAE,CAAA;YAC7E,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;gBAC/B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;gBACtD,QAAQ,CAAC,QAAQ,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,CAAA;gBAC7E,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,QAAQ,EAAE,CAAC;oBAC5B,kCAAkC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;gBACtE,CAAC;gBACD,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,mBAAmB,EAAE,CAAC;oBACvC,KAAK,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,aAAc,CAAC,mBAAmB,CAAC,EAAE,CAAC;wBAC9G,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;oBAC5B,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,kCAAkC,GAA8D,EAAE,CAAA;YACxG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,kCAAkC,EAAE,kCAAkC,EAAE,CAAA;QACvG,CAAC;KAAA;IAEK,yBAAyB,CAAC,UAAwC;;YACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CAAC,oBAAoB,EAAE,UAAU,CAAC,CAAA;YAC7G,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAA;YAChE,OAAO,QAAQ,CAAA;QACjB,CAAC;KAAA;IAEK,oBAAoB,CAAC,UAAwC;;YACjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,GAAG,GAAa,EAAE,CAAA;YACxB,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE,CAAC;gBACvD,sIAAsI;gBACtI,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,CAAC,sBAAsB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC,CAAA;YAClG,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;KAAA;CACF;AAED,MAAM,kCAAmC,SAAQ,2BAA2B;IAO1E,YACE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,kBAEC;;QAED,KAAK,CAAC,IAAI,EAAE,cAAc,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAA;QAlB5F,aAAQ,GAAsE,IAAI,iCAAc,EAAE,CAAA;QAClG,aAAQ,GAAwB,IAAI,GAAG,EAAE,CAAA;QACzC,uCAAkC,GAAwB,IAAI,GAAG,EAAE,CAAA;QAEnE,eAAU,GAAG,IAAI,mBAAK,EAAE,CAAA;QAevC,IAAI,CAAC,qBAAqB,GAAG,MAAA,kBAAkB,CAAC,YAAY,mCAAI,IAAI,CAAA;IACtE,CAAC;IAEK,sBAAsB;;YAC1B,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,kCAAkC,CAAC,KAAK,EAAE,CAAA;QACjD,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAEL,EAAE,CAAA;gBACN,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;oBAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;oBACtC,IAAI,MAAM,EAAE,CAAC;wBACX,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBACjD,IAAI,CAAC,SAAS;4BAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,mCAAmC,CAAC,CAAA;wBAC1F,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;4BACxB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,SAAS,CAAC,YAAY;gCACpC,WAAW,EAAE,SAAS,CAAC,SAAS,CAAC,WAAW;gCAC5C,mBAAmB,EAAE,SAAS,CAAC,SAAS,CAAC,mBAAmB;6BAC7D,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAML,EAAE,CAAA;gBACN,MAAM,QAAQ,GAAa,EAAE,CAAA;gBAC7B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;oBACrB,MAAM,MAAM,GAAuD,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;oBAC9F,IAAI,MAAM,EAAE,CAAC;wBACX,GAAG,CAAC,EAAE,CAAC,GAAG;4BACR,WAAW,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,WAAW;4BAC1C,mBAAmB,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,mBAAmB;4BAC1D,YAAY,EAAE,MAAM,CAAC,YAAY;yBAClC,CAAA;oBACH,CAAC;yBAAM,IAAI,mBAAmB,EAAE,CAAC;wBAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;oBACnB,CAAC;gBACH,CAAC;gBACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAA;oBAChE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;wBAC7B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;wBAC9C,IAAI,SAAS,EAAE,CAAC;4BACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;4BACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;wBAC5D,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;wBACrD,CAAC;wBACD,GAAG,CAAC,IAAI,CAAC,EAAG,CAAC,GAAG;4BACd,WAAW,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,WAAW;4BACnC,mBAAmB,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,mBAAmB;4BACnD,YAAY,EAAE,IAAI;yBACnB,CAAA;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,IAAI,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACxE,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAA;oBAC9C,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACtE,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;oBAClD,IAAI,CAAC,MAAM;wBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,UAAU,4BAA4B,CAAC,CAAA;oBACnG,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;wBACrB,OAAO;4BACL,YAAY,EAAE,MAAM,CAAC,YAAY;4BACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;4BACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;4BACzD,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;yBACxD,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAA;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;wBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;wBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;qBACzE,CAAC,CAAA;oBACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;oBACrG,MAAM,IAAI,GAAG;wBACX,YAAY,EAAE,OAAO,CAAC,YAAY;wBAClC,SAAS,EAAE;4BACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;4BAChD,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;4BAC9C,QAAQ,EAAE,IAAI;yBACf;wBACD,MAAM;qBACP,CAAA;oBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;oBACrB,OAAO;wBACL,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;wBACvC,mBAAmB,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB;wBACvD,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,kBAAkB;qBACtD,CAAA;gBACH,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAED,iJAAiJ;IACjJ,uEAAuE;IACzD,uBAAuB,CAAC,UAAkB;;YACtD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,UAAU,CAAC,CAAA;YAC1I,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBAClC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC9C,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;oBACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;gBAC5D,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;gBACrD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAEO,UAAU,CAAC,IAA+C;;QAChE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACrD,IAAI,CAAC,aAAa,EAAE,CAAA;QACtB,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAC,CAAA;QAC7E,IAAI,CAAA,MAAA,IAAI,CAAC,SAAS,0CAAE,QAAQ,KAAI,CAAC,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAA;QAChG,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAG,EAAE,IAAI,CAAC,CAAA;IAChD,CAAC;IAEO,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAA;QACtD,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAA;QAC5D,IAAI,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;YAC3G,IAAI,CAAC,kCAAkC,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;IAED,yBAAyB;QACvB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,oBAAoB;QAClB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;gBACrG,MAAM,IAAI,GAAG;oBACX,YAAY,EAAE,OAAO,CAAC,YAAY;oBAClC,SAAS,EAAE;wBACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;wBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;wBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B;oBACD,MAAM;iBACP,CAAA;gBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;YACvB,CAAC;QACH,CAAC;KAAA;CACF","sourcesContent":["import { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { BaseExchangeDataManager } from './BaseExchangeDataManager'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { fingerprintV1, getShaVersionForKey, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EntityWithDelegationTypeName, hex2ua } from '../utils'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { ShaVersion } from './RSA'\nimport { Mutex } from 'async-mutex'\nimport { SimpleLruCache } from '../utils/simple-lru-cache'\n\nexport type ExchangeDataManagerOptionalParameters = {\n // Only for not fully cached implementation (data owner can't request all his exchange data), amount of exchange data which can be cached\n lruCacheSize?: number // default = 2000\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice.\n * Initialises and returns the exchange data manager which is most appropriate for the current data owner.\n */\nexport async function initialiseExchangeDataManagerForCurrentDataOwner(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: ExchangeDataManagerOptionalParameters = {}\n): Promise<ExchangeDataManager> {\n const currentOwner = CryptoActorStubWithType.fromDataOwner(await dataOwnerApi.getCurrentDataOwner())\n if (cryptoStrategies.dataOwnerRequiresAnonymousDelegation(currentOwner)) {\n const res = new FullyCachedExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys\n )\n await res.clearOrRepopulateCache()\n return res\n } else {\n return new LimitedLruCacheExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys,\n optionalParameters\n )\n }\n}\n\ntype CachedExchangeData = {\n exchangeData: ExchangeData\n decrypted?: {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n}\n\n/**\n * @internal this class is intended for internal use only and may be changed without notice.\n * Exchange data manager which automatically handles decryption and cache\n */\nexport interface ExchangeDataManager {\n readonly base: BaseExchangeDataManager\n\n /**\n * Updates all exchange data between the current data owner and another data owner to allow the other data owner to access existing exchange data\n * using a new public key. Note that this will make existing exchange keys from the other data owner to the current data owner unverified, therefore\n * invalid for encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n */\n giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string): Promise<void>\n\n /**\n * Gets any existing and verified exchange data from the current data owner to the provided delegate or creates new data if no verified data is\n * available, then caches it.\n * @param delegateId the id of the delegate.\n * @param options\n * - allowCreationWithoutDelegatorKey if true, when creating new exchange data, even if no verified key is available for the delegator the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * - allowCreationWithoutDelegateKey if true, when creating new exchange data, even if no verified key is available for the delegate the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * @return the access control secret and key of the data to use for encryption.\n */\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }>\n\n /**\n * Retrieve the cached decrypted exchange data key associated with any of the provided hashes/entry keys of secure delegations.\n * @param hashes hashes of access control secrets for a specific entity, as they appear in the key of secure delegation entries\n * @return the exchange data and decrypted key associated to that hash if cached\n */\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey } }>\n\n /**\n * Retrieves the exchange data with the provided id (from the cache if available or from the server otherwise if allowed by\n * and attempts to decrypt it, then caches the result.\n * @param ids ids of the exchange datas to retrieve\n * @param retrieveIfNotCached if false only cached data will be returned, and the access control hases options will be\n * ignored\n * @return a map containing the exchange data id associated with:\n * - exchangeData: the exchange data with the provided id\n * - exchangeKey: the exchange key corresponding to the provided exchange data if it could be decrypted, else undefined\n * - accessControlSecret: the access control secret corresponding to the provided exchange data if it could be decrypted, else undefined\n */\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{ [id: string]: { exchangeKey: CryptoKey | undefined; accessControlSecret: string | undefined; exchangeData: ExchangeData } }>\n\n /**\n * Clears the cache or fully repopulates the cache if the current data owner can retrieve all of his exchange data according to the crypto\n * strategies.\n */\n clearOrRepopulateCache(): Promise<void>\n\n /**\n * If the current data owner requires anonymous delegations this returns the base64 representation of the concatenation of all available access\n * control keys for the current data owner.\n */\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined>\n\n /**\n * If the current data owner requires anonymous delegations this returns the access control keys which may be used in secure delegations for the\n * data owner, which can be used to search for data.\n */\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined>\n\n /**\n * Injects already decrypted exchange data, allowing it to be used by the sdk.\n * @param exchangeDataDetails the exchange data to inject, with the decrypted content and verified status.\n * Note that the SDK won't verify that the provided decrypted content actually matches what is stored in the exchange\n * data.\n * @param reEncryptWithOwnKeys if true all the provided exchange data that is not encrypted with any of the self\n * verified keys of the user will be re-encrypted with them. In case the user is also the delegator and the data is\n * verified the delegator signature will be updated.\n */\n injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void>\n}\n\nabstract class AbstractExchangeDataManager implements ExchangeDataManager {\n constructor(\n readonly base: BaseExchangeDataManager,\n protected readonly encryptionKeys: UserEncryptionKeysManager,\n protected readonly accessControlSecret: AccessControlSecretUtils,\n protected readonly cryptoStrategies: CryptoStrategies,\n protected readonly dataOwnerApi: IccDataOwnerXApi,\n protected readonly primitives: CryptoPrimitives,\n private readonly useParentKeys: boolean\n ) {}\n\n protected async decryptData(data: ExchangeData): Promise<\n | {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n | undefined\n > {\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const encryptionKeys = Object.fromEntries(\n this.encryptionKeys.getSelfVerifiedKeys().map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])\n )\n const decryptedExchangeKey = (await this.base.tryDecryptExchangeKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedExchangeKey) return undefined\n const decryptedAccessControlSecret = (await this.base.tryDecryptAccessControlSecret([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedAccessControlSecret)\n throw new Error(`Decryption key could be decrypted but access control secret could not for data ${JSON.stringify(data)}`)\n const decryptedSharedSignatureKey = (await this.base.tryDecryptSharedSignatureKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedSharedSignatureKey)\n throw new Error(`Decryption key could be decrypted but shared signature key could not for data ${JSON.stringify(data)}`)\n return {\n accessControlSecret: decryptedAccessControlSecret,\n exchangeKey: decryptedExchangeKey,\n sharedSignatureKey: decryptedSharedSignatureKey,\n verified: await this.base.verifyExchangeData(\n {\n exchangeData: data,\n decryptedAccessControlSecret,\n decryptedExchangeKey,\n decryptedSharedSignatureKey,\n },\n encryptionKeys,\n true\n ),\n }\n }\n\n protected async createNewExchangeData(\n delegateId: string,\n options: {\n newDataId?: string\n allowNoDelegatorKeys?: boolean\n allowNoDelegateKeys?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n if (options.allowNoDelegateKeys && options.allowNoDelegatorKeys)\n throw new Error('Illegal arguments: allow no delegator and no delegate keys should never both be true')\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0 && !options.allowNoDelegatorKeys)\n throw new Error('If the sdk is initialized in keyless mode you must create exchange data explicitly')\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n if (delegateId != (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const sha256KeysOfDelegate = hexPublicKeysWithSha256Of(delegate.stub)\n const sha1KeysOfDelegate = hexPublicKeysWithSha1Of(delegate.stub)\n let allVerifiedDelegateKeys: string[]\n if (!sha256KeysOfDelegate.size && !sha1KeysOfDelegate.size) {\n if (!options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate was found.`)\n allVerifiedDelegateKeys = []\n } else if (this.useParentKeys && (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()).includes(delegateId)) {\n allVerifiedDelegateKeys = await this.encryptionKeys.getVerifiedPublicKeysFor(delegate.stub)\n } else {\n allVerifiedDelegateKeys = await this.cryptoStrategies.verifyDelegatePublicKeys(\n delegate,\n [...Array.from(sha256KeysOfDelegate), ...Array.from(sha1KeysOfDelegate)],\n this.primitives\n )\n }\n if (!allVerifiedDelegateKeys.length && !options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate could be verified.`)\n for (const delegateKey of allVerifiedDelegateKeys) {\n if (sha1KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey('spki', hex2ua(delegateKey), ['encrypt'], ShaVersion.Sha1)\n } else if (sha256KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey(\n 'spki',\n hex2ua(delegateKey),\n ['encrypt'],\n ShaVersion.Sha256\n )\n } else throw new Error('Illegal state: verified keys should contain only keys for OAPE-SHA1 or OAPE-SHA256.')\n }\n }\n const newData = await this.base.createExchangeData(\n delegateId,\n Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])),\n encryptionKeys,\n options.newDataId ? { id: options.newDataId } : {}\n )\n return {\n exchangeData: newData.exchangeData,\n accessControlSecret: newData.accessControlSecret,\n exchangeKey: newData.exchangeKey,\n sharedSignatureKey: newData.sharedSignatureKey,\n }\n }\n\n async giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string) {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newKeyFp = fingerprintV1(newDataOwnerPublicKey)\n const other = await this.dataOwnerApi.getCryptoActorStub(otherDataOwner)\n const newKeyHashVersion = getShaVersionForKey(other.stub, newDataOwnerPublicKey)\n if (!newKeyHashVersion) throw new Error(`Public key not found for data owner ${otherDataOwner}`)\n const importedNewKey = await this.primitives.RSA.importKey('spki', hex2ua(newDataOwnerPublicKey), ['encrypt'], newKeyHashVersion)\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const allExchangeDataToUpdate =\n self == otherDataOwner\n ? await this.base.getExchangeDataByDelegatorDelegatePair(self, self)\n : [\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(self, otherDataOwner)),\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(otherDataOwner, self)),\n ]\n for (const dataToUpdate of allExchangeDataToUpdate) {\n if (!Object.keys(dataToUpdate.exchangeKey).find((fp) => fp == newKeyFp)) {\n const updated = await this.base.tryUpdateExchangeData(dataToUpdate, decryptionKeys, { [newKeyFp]: importedNewKey })\n if (!updated) {\n console.warn(`Failed to give access back to exchanged data ${JSON.stringify(dataToUpdate)}`)\n }\n }\n }\n }\n\n clearOrRepopulateCache(): Promise<void> {\n throw new Error('Implemented by concrete class')\n }\n\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n throw new Error('Implemented by concrete class')\n }\n\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n throw new Error('Implemented by concrete class')\n }\n\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n throw new Error('Implemented by concrete class')\n }\n\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n async injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const retrievedExchangeData = await this.base.getExchangeDataByIds(exchangeDataDetails.map((x) => x.exchangeDataId))\n if (retrievedExchangeData.some((x) => x.delegator != self && x.delegate != self))\n throw new Error('Should only inject exchange date from/to the current user')\n const exchangeDataById: { [id: string]: ExchangeData } = {}\n retrievedExchangeData.forEach((x) => (exchangeDataById[x.id!] = x))\n if (reEncryptWithOwnKeys) {\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0) throw new Error(\"Can't re-encrypt injected exchange data with own keys if in keyless mode\")\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n const signatureKeys = Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey]))\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != null)\n await this.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData,\n newEncryptionKeys: encryptionKeys,\n newDelegatorSignatureKeys: exchangeData.delegator == self && details.verified ? signatureKeys : {},\n rawExchangeKey: details.exchangeKey,\n rawAccessControlSecret: details.accessControlSecret,\n rawSharedSignatureKey: details.sharedSignatureKey,\n })\n }\n }\n const importedDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[] = []\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != undefined)\n importedDetails.push({\n exchangeData: exchangeData,\n accessControlSecret: await this.base.importAccessControlSecret(details.accessControlSecret),\n exchangeKey: await this.base.importExchangeKey(details.exchangeKey),\n sharedSignatureKey: await this.base.importSharedSignatureKey(details.sharedSignatureKey),\n verified: details.verified,\n })\n }\n await this.cacheInjectedExchangeData(importedDetails)\n }\n\n protected abstract cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void>\n}\n\nclass FullyCachedExchangeDataManager extends AbstractExchangeDataManager {\n private caches: Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> = Promise.resolve({ dataById: {}, hashToId: {}, delegateToVerifiedEncryptionDataId: {}, entityTypeToAccessControlKeysValue: {} })\n private createExchangeDataMutex = new Mutex()\n\n async clearOrRepopulateCache(): Promise<void> {\n this.caches = this.doRepopulateCache()\n await this.caches\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n function retrieveByHashesFromCaches(caches: {\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n }): { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } } {\n return hashes.reduce((res, hash) => {\n const id = caches.hashToId[hash]\n if (id) {\n const cached = caches.dataById[id]\n if (cached?.decrypted) {\n res[hash] = {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n }\n }\n }\n return res\n }, {} as { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } })\n }\n\n return retrieveByHashesFromCaches(await this.caches)\n }\n\n private async getCachedEncryptionDataTo(\n delegateId: string\n ): Promise<{ exchangeKey: CryptoKey; accessControlSecret: string; exchangeData: ExchangeData; sharedSignatureKey: CryptoKey } | undefined> {\n const caches = await this.caches\n const dataId = caches.delegateToVerifiedEncryptionDataId[delegateId]\n const cached = dataId ? caches.dataById[dataId] : undefined\n if (cached && cached?.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n accessControlSecret: cached.decrypted.accessControlSecret,\n exchangeKey: cached.decrypted.exchangeKey,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else {\n return undefined\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const initialCached = await this.getCachedEncryptionDataTo(delegateId)\n if (initialCached) return initialCached\n const release = await this.createExchangeDataMutex.acquire()\n try {\n const cachedAfterMutex = await this.getCachedEncryptionDataTo(delegateId)\n if (cachedAfterMutex) return cachedAfterMutex\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n this.cacheData(created.exchangeData, true, {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n })\n return created\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const caches = await this.caches\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n for (const id of ids) {\n const data = caches.dataById[id]\n if (data) {\n res[id] = {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted?.exchangeKey,\n accessControlSecret: data.decrypted?.accessControlSecret,\n }\n }\n }\n return res\n }\n\n private cacheData(\n exchangeData: ExchangeData,\n isNewData: boolean,\n decrypted: { accessControlSecret: string; exchangeKey: CryptoKey; verified: boolean; sharedSignatureKey: CryptoKey } | undefined\n ): void {\n this.caches = this.caches.then(async (caches) => {\n caches.dataById[exchangeData.id!] = { exchangeData, decrypted }\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n hashes.forEach((hash) => {\n caches.hashToId[hash] = exchangeData.id!\n })\n if (decrypted.verified) {\n caches.delegateToVerifiedEncryptionDataId[exchangeData.delegate] = exchangeData.id!\n }\n }\n if (isNewData) caches.entityTypeToAccessControlKeysValue = {}\n return caches\n })\n }\n\n private async doRepopulateCache(): Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> {\n const allData = await this.base.getAllExchangeDataForCurrentDataOwnerIfAllowed()\n if (!allData) throw new Error('Impossible to use fully cached exchange data manager for current data owner.')\n const dataById: { [id: string]: CachedExchangeData } = {}\n const hashToId: { [hash: string]: string } = {}\n const delegateToVerifiedEncryptionDataId: { [delegate: string]: string } = {}\n for (const currData of allData) {\n const currDecrypted = await this.decryptData(currData)\n dataById[currData.id!] = { exchangeData: currData, decrypted: currDecrypted }\n if (currDecrypted?.verified) {\n delegateToVerifiedEncryptionDataId[currData.delegate] = currData.id!\n }\n if (currDecrypted?.accessControlSecret) {\n for (const h of await this.accessControlSecret.allSecureDelegationKeysFor(currDecrypted!.accessControlSecret)) {\n hashToId[h] = currData.id!\n }\n }\n }\n const entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string } = {}\n return { dataById, hashToId, delegateToVerifiedEncryptionDataId, entityTypeToAccessControlKeysValue }\n }\n\n async getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n const caches = await this.caches\n const cached = caches.entityTypeToAccessControlKeysValue[entityType]\n if (cached) return cached\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const fullData = await this.accessControlSecret.getEncodedAccessControlKeys(accessControlSecrets, entityType)\n caches.entityTypeToAccessControlKeysValue[entityType] = fullData\n return fullData\n }\n\n async getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n const caches = await this.caches\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const res: string[] = []\n for (const accessControlSecret of accessControlSecrets) {\n // Usage of sfks in secure delegation key should be configurable: it is not necessary for all users and it has some performance impact\n res.push(await this.accessControlSecret.secureDelegationKeyFor(accessControlSecret, entityType))\n }\n return res\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n this.cacheData(details.exchangeData, true, {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n })\n }\n }\n}\n\nclass LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {\n private readonly idToData: SimpleLruCache<string, CachedExchangeData & { hashes: string[] }> = new SimpleLruCache()\n private readonly hashToId: Map<string, string> = new Map()\n private readonly delegateToVerifiedEncryptionDataId: Map<string, string> = new Map()\n private readonly maxCachedExchangeData: number\n private readonly cacheMutex = new Mutex()\n\n constructor(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: {\n lruCacheSize?: number\n }\n ) {\n super(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys)\n this.maxCachedExchangeData = optionalParameters.lruCacheSize ?? 2000\n }\n\n async clearOrRepopulateCache(): Promise<void> {\n this.idToData.clear()\n this.hashToId.clear()\n this.delegateToVerifiedEncryptionDataId.clear()\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string }\n } = {}\n for (const hash of hashes) {\n const dataId = this.hashToId.get(hash)\n if (dataId) {\n const retrieved = this.idToData.getCached(dataId)\n if (!retrieved) throw new Error(`Data with id ${dataId} should have been already cached.`)\n if (retrieved.decrypted) {\n res[hash] = {\n exchangeData: retrieved.exchangeData,\n exchangeKey: retrieved.decrypted.exchangeKey,\n accessControlSecret: retrieved.decrypted.accessControlSecret,\n }\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n const uncached: string[] = []\n for (const id of ids) {\n const cached: (CachedExchangeData & { hashes: string[] }) | null = this.idToData.getCached(id)\n if (cached) {\n res[id] = {\n exchangeKey: cached.decrypted?.exchangeKey,\n accessControlSecret: cached.decrypted?.accessControlSecret,\n exchangeData: cached.exchangeData,\n }\n } else if (retrieveIfNotCached) {\n uncached.push(id)\n }\n }\n if (uncached.length > 0) {\n const retrieved = await this.base.getExchangeDataByIds(uncached)\n for (const data of retrieved) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n res[data.id!] = {\n exchangeKey: decrypted?.exchangeKey,\n accessControlSecret: decrypted?.accessControlSecret,\n exchangeData: data,\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const release = await this.cacheMutex.acquire()\n try {\n let existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n if (!existingId) {\n await this.populateCacheToDelegate(delegateId)\n existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n }\n if (existingId) {\n const cached = this.idToData.getCached(existingId)\n if (!cached) throw new Error(`Illegal state: data with id ${existingId} should have been in cache`)\n if (cached.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else throw new Error(`Illegal state: cached verified data should be decrypted.`)\n } else {\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(created.accessControlSecret)\n const data = {\n exchangeData: created.exchangeData,\n decrypted: {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n },\n hashes,\n }\n this.addToCache(data)\n return {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted.exchangeKey,\n accessControlSecret: data.decrypted.accessControlSecret,\n sharedSignatureKey: data.decrypted.sharedSignatureKey,\n }\n }\n } finally {\n release()\n }\n }\n\n // Loads and adds to the cache all exchange data from the current data owner to the given delegate. Allows to check if there is already data from\n // the current data owner to the delegate which is good for encryption.\n private async populateCacheToDelegate(delegateId: string): Promise<void> {\n const dataToDelegate = await this.base.getExchangeDataByDelegatorDelegatePair(await this.dataOwnerApi.getCurrentDataOwnerId(), delegateId)\n for (const data of dataToDelegate) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n }\n }\n\n private addToCache(data: CachedExchangeData & { hashes: string[] }) {\n if (this.idToData.size >= this.maxCachedExchangeData) {\n this.evictOneEntry()\n }\n data.hashes.forEach((hash) => this.hashToId.set(hash, data.exchangeData.id!))\n if (data.decrypted?.verified && !this.delegateToVerifiedEncryptionDataId.has(data.exchangeData.delegate)) {\n this.delegateToVerifiedEncryptionDataId.set(data.exchangeData.delegate, data.exchangeData.id!)\n }\n this.idToData.set(data.exchangeData.id!, data)\n }\n\n private evictOneEntry() {\n const evicted = this.idToData.evictLeastRecentlyUsed()\n evicted.hashes.forEach((hash) => this.hashToId.delete(hash))\n if (this.delegateToVerifiedEncryptionDataId.get(evicted.exchangeData.delegate) === evicted.exchangeData.id) {\n this.delegateToVerifiedEncryptionDataId.delete(evicted.exchangeData.delegate)\n }\n }\n\n getAccessControlKeysValue(): Promise<string | undefined> {\n return Promise.resolve(undefined)\n }\n\n getAllDelegationKeys(): Promise<string[] | undefined> {\n return Promise.resolve(undefined)\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(details.accessControlSecret)\n const data = {\n exchangeData: details.exchangeData,\n decrypted: {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n },\n hashes,\n }\n this.addToCache(data)\n }\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ExchangeDataMapManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataMapManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oFAA6E;AAE7E,mGAA+F;AAE/F;;;GAGG;AACH,MAAa,sBAAsB;IACjC,YAA6B,GAA0B;QAA1B,QAAG,GAAH,GAAG,CAAuB;QAE/C,yBAAoB,GAA0C,IAAI,oDAAuB,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IAFvD,CAAC;IAI3D;;;;;OAKG;IACG,sBAAsB,CAAC,KAA+D;;YAC1F,MAAM,eAAe,GAA6D,EAAE,CAAA;YACpF,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;
|
|
1
|
+
{"version":3,"file":"ExchangeDataMapManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataMapManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oFAA6E;AAE7E,mGAA+F;AAE/F;;;GAGG;AACH,MAAa,sBAAsB;IACjC,YAA6B,GAA0B;QAA1B,QAAG,GAAH,GAAG,CAAuB;QAE/C,yBAAoB,GAA0C,IAAI,oDAAuB,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IAFvD,CAAC;IAI3D;;;;;OAKG;IACG,sBAAsB,CAAC,KAA+D;;YAC1F,MAAM,eAAe,GAA6D,EAAE,CAAA;YACpF,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3C,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACzD,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;gBACxB,CAAC;YACH,CAAC;YACD,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5C,MAAM,IAAI,CAAC,GAAG,CAAC,0BAA0B,CAAC,IAAI,2DAA4B,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC,CAAA;gBACvG,MAAM,OAAO,CAAC,GAAG,CACf,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,CAAO,KAAK,EAAE,EAAE;oBAC/C,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;gBACnF,CAAC,CAAA,CAAC,CACH,CAAA;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;OAGG;IACG,uBAAuB,CAAC,sBAAgC;;YAC5D,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,yBAAyB,CAAC,sBAAsB,CAAC,CAAA;YACzF,MAAM,OAAO,CAAC,GAAG,CACf,gBAAgB,CAAC,GAAG,CAAC,CAAO,KAAK,EAAE,EAAE;gBACnC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;YACtF,CAAC,CAAA,CAAC,CACH,CAAA;YACD,OAAO,gBAAgB,CAAA;QACzB,CAAC;KAAA;CACF;AAzCD,wDAyCC","sourcesContent":["import { IccExchangeDataMapApi } from '../../icc-api/api/internal/IccExchangeDataMapApi'\nimport { LruTemporisedAsyncCache } from '../utils/lru-temporised-async-cache'\nimport { ExchangeDataMap } from '../../icc-api/model/internal/ExchangeDataMap'\nimport { ExchangeDataMapCreationBatch } from '../../icc-api/model/ExchangeDataMapCreationBatch'\n\n/**\n * @internal this class is intended for internal use only and may be modified without notice\n * This class manages the Exchange Data Map entities, caching with an LRU cache on retrieval.\n */\nexport class ExchangeDataMapManager {\n constructor(private readonly api: IccExchangeDataMapApi) {}\n\n private exchangeDataMapCache: LruTemporisedAsyncCache<string, null> = new LruTemporisedAsyncCache(1000, () => -1)\n\n /**\n * This function creates a batch of Exchange Data Map, ignoring the one that already exist and are already present in the cache.\n * The ones that are not are created and their ids are cached.\n * @param batch a map where each key is the hex-encoded access control key to another map that associates the encoded id of an\n * Exchange Data entity to the fingerprint of the key used to encrypt it.\n */\n async createExchangeDataMaps(batch: { [accessControlKey: string]: { [fp: string]: string } }): Promise<void> {\n const entriesToCreate: { [accessControlKey: string]: { [fp: string]: string } } = {}\n for (const [k, v] of Object.entries(batch)) {\n if (!(await this.exchangeDataMapCache.getIfCachedJob(k))) {\n entriesToCreate[k] = v\n }\n }\n if (Object.keys(entriesToCreate).length > 0) {\n await this.api.createExchangeDataMapBatch(new ExchangeDataMapCreationBatch({ batch: entriesToCreate }))\n await Promise.all(\n Object.keys(entriesToCreate).map(async (entry) => {\n await this.exchangeDataMapCache.get(entry, () => Promise.resolve({ item: null }))\n })\n )\n }\n }\n\n /**\n * Retrieves a batch of Exchange Data Maps.\n * @param accessControlKeyHashes the hex-encoded hashes of the Exchange Data Maps to retrieve.\n */\n async getExchangeDataMapBatch(accessControlKeyHashes: string[]): Promise<ExchangeDataMap[]> {\n const exchangeDataMaps = await this.api.getExchangeDataMapByBatch(accessControlKeyHashes)\n await Promise.all(\n exchangeDataMaps.map(async (entry) => {\n await this.exchangeDataMapCache.get(entry.id, () => Promise.resolve({ item: null }))\n })\n )\n return exchangeDataMaps\n }\n}\n"]}
|
|
@@ -37,8 +37,8 @@ class ExchangeKeysManager {
|
|
|
37
37
|
* @return all available exchange keys from the delegator-delegate pair.
|
|
38
38
|
*/
|
|
39
39
|
getDecryptionExchangeKeysFor(delegatorId, delegateId) {
|
|
40
|
-
var _a;
|
|
41
40
|
return __awaiter(this, void 0, void 0, function* () {
|
|
41
|
+
var _a;
|
|
42
42
|
const cache = yield this.cache;
|
|
43
43
|
const entry = (_a = cache[delegatorId]) === null || _a === void 0 ? void 0 : _a[delegateId];
|
|
44
44
|
if (entry != undefined) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ExchangeKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAgBA;;;;;;;GAOG;AACH,MAAa,mBAAmB;IAG9B,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,uBAAuB,CAAA;IACrC,CAAC;IAED,YACmB,UAAqC,EACrC,uBAAgD,EAChD,YAA8B;QAF9B,eAAU,GAAV,UAAU,CAA2B;QACrC,4BAAuB,GAAvB,uBAAuB,CAAyB;QAChD,iBAAY,GAAZ,YAAY,CAAkB;QATzC,UAAK,GAAyE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAA;IAUrI,CAAC;IAEJ;;;;;;;OAOG;IACG,4BAA4B,CAAC,WAAmB,EAAE,UAAkB;;;YACxE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAA;YAC9B,MAAM,KAAK,GAAG,MAAA,KAAK,CAAC,WAAW,CAAC,0CAAG,UAAU,CAAC,CAAA;YAC9C,IAAI,KAAK,IAAI,SAAS,EAAE;
|
|
1
|
+
{"version":3,"file":"ExchangeKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAgBA;;;;;;;GAOG;AACH,MAAa,mBAAmB;IAG9B,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,uBAAuB,CAAA;IACrC,CAAC;IAED,YACmB,UAAqC,EACrC,uBAAgD,EAChD,YAA8B;QAF9B,eAAU,GAAV,UAAU,CAA2B;QACrC,4BAAuB,GAAvB,uBAAuB,CAAyB;QAChD,iBAAY,GAAZ,YAAY,CAAkB;QATzC,UAAK,GAAyE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAA;IAUrI,CAAC;IAEJ;;;;;;;OAOG;IACG,4BAA4B,CAAC,WAAmB,EAAE,UAAkB;;;YACxE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAA;YAC9B,MAAM,KAAK,GAAG,MAAA,KAAK,CAAC,WAAW,CAAC,0CAAG,UAAU,CAAC,CAAA;YAC9C,IAAI,KAAK,IAAI,SAAS,EAAE,CAAC;gBACvB,IAAI,WAAW,IAAI,KAAK,EAAE,CAAC;oBACzB,OAAO,MAAM,KAAK,CAAC,SAAS,CAAA;gBAC9B,CAAC;qBAAM,CAAC;oBACN,MAAM,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;oBAC3D,KAAK,CAAC,WAAW,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,CAAA;oBAChE,OAAO,MAAM,gBAAgB,CAAA;gBAC/B,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEa,YAAY,CAAC,aAAyC;;YAClE,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAA;YAC1D,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAA;QACtG,CAAC;KAAA;IAED;;OAEG;IACH,WAAW;QACT,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,CAAA,CAAC,sDAAsD;IACvF,CAAC;IAEa,UAAU;;YACtB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAA;YAC3E,MAAM,kCAAkC,GAAG,MAAM,CAAC,WAAW,CAC3D,MAAM,OAAO,CAAC,GAAG,CACf,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CACrB,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAC/C,CACE,GAAG,EAOH,EAAE,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CACjB,CACF,CACF,CACF,CAAA;YACD,MAAM,aAAa,GAAkG,EAAE,CAAA;YACvH,KAAK,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,kCAAkC,CAAC,EAAE,CAAC;gBACnF,KAAK,MAAM,CAAC,SAAS,EAAE,sBAAsB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;oBACnF,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE,CAAC;wBAC9B,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;oBAC/B,CAAC;oBACD,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC;wBACzC,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE,EAAE,CAAA;oBACzD,CAAC;oBACD,MAAM,wBAAwB,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,CAAA;oBACpE,KAAK,MAAM,gBAAgB,IAAI,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,EAAE,CAAC;wBACrE,wBAAwB,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;oBAC3D,CAAC;gBACH,CAAC;gBACD,KAAK,MAAM,qBAAqB,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;oBACtE,KAAK,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,CAAC;wBACjF,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE,CAAC;4BAC9B,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;wBAC/B,CAAC;wBACD,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;4BACxC,aAAa,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE,EAAE,CAAA;wBACxD,CAAC;wBACD,aAAa,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;oBACrE,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,aAAa,CAAA;QACtB,CAAC;KAAA;CACF;AAhGD,kDAgGC","sourcesContent":["import { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { BaseExchangeKeysManager } from './BaseExchangeKeysManager'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { IcureStorageFacade } from '../storage/IcureStorageFacade'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\n\ntype CacheValue =\n | {\n encrypted: { [fp: string]: string }[]\n }\n | {\n decrypted: Promise<CryptoKey[]>\n }\n\n/**\n * @internal This class is meant only for internal use and may be changed without notice.\n * More powerful version of {@link BaseExchangeKeysManager} with a simplified interface. Has the following functionalities:\n * - Caches results\n * - Automatically creates new exchange keys if none is available\n * - Automatically choose the public keys to use during the creation of new exchange keys\n * - Automatically retrieves the private keys to use during decryption.\n */\nexport class ExchangeKeysManager {\n private cache: Promise<{ [delegator: string]: { [delegate: string]: CacheValue } }> = Promise.reject(new Error('Cache not initialized'))\n\n get base(): BaseExchangeKeysManager {\n return this.baseExchangeKeysManager\n }\n\n constructor(\n private readonly keyManager: UserEncryptionKeysManager,\n private readonly baseExchangeKeysManager: BaseExchangeKeysManager,\n private readonly dataOwnerApi: IccDataOwnerXApi\n ) {}\n\n /**\n * Get all keys currently available for a delegator-delegate pair. At least one of the two data owners must be part of the hierarchy for the current\n * data owner.\n * @param delegatorId id of a delegator\n * @param delegateId id of a delegate\n * @throws if neither the delegator nor the delegate is part of the hierarchy of the current data owner.\n * @return all available exchange keys from the delegator-delegate pair.\n */\n async getDecryptionExchangeKeysFor(delegatorId: string, delegateId: string): Promise<CryptoKey[]> {\n const cache = await this.cache\n const entry = cache[delegatorId]?.[delegateId]\n if (entry != undefined) {\n if ('decrypted' in entry) {\n return await entry.decrypted\n } else {\n const decryptedPromise = this.decryptChunk(entry.encrypted)\n cache[delegatorId][delegateId] = { decrypted: decryptedPromise }\n return await decryptedPromise\n }\n } else {\n return []\n }\n }\n\n private async decryptChunk(encryptedKeys: { [fp: string]: string }[]): Promise<CryptoKey[]> {\n const decryptionKeys = this.keyManager.getDecryptionKeys()\n return (await this.base.tryDecryptExchangeKeys(encryptedKeys, decryptionKeys)).successfulDecryptions\n }\n\n /**\n * Reloads all exchange keys for the cache.\n */\n reloadCache(): void {\n this.cache = this.doGetCache() // Intentionally not awaited to make login feel faster\n }\n\n private async doGetCache() {\n const hierarchy = await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()\n const encryptedKeysDataByHierarchyMember = Object.fromEntries(\n await Promise.all(\n hierarchy.map((doId) =>\n this.base.getAllExchangeKeysWith(doId, null).then(\n (\n res\n ): [\n string,\n {\n keysToOwner: { [p: string]: { [p: string]: { [p: string]: string } } }\n keysFromOwner: { [p: string]: { [p: string]: { [p: string]: string } } }\n }\n ] => [doId, res]\n )\n )\n )\n )\n const encryptedKeys: { [delegator: string]: { [delegate: string]: { encrypted: { [pubFp: string]: string }[] } } } = {}\n for (const [dataOwner, info] of Object.entries(encryptedKeysDataByHierarchyMember)) {\n for (const [delegator, encryptedByDelegatorFp] of Object.entries(info.keysToOwner)) {\n if (!encryptedKeys[delegator]) {\n encryptedKeys[delegator] = {}\n }\n if (!encryptedKeys[delegator][dataOwner]) {\n encryptedKeys[delegator][dataOwner] = { encrypted: [] }\n }\n const keysForDelegatorDelegate = encryptedKeys[delegator][dataOwner]\n for (const encryptedEntries of Object.values(encryptedByDelegatorFp)) {\n keysForDelegatorDelegate.encrypted.push(encryptedEntries)\n }\n }\n for (const encryptedByDelegateId of Object.values(info.keysFromOwner)) {\n for (const [delegate, encryptedEntries] of Object.entries(encryptedByDelegateId)) {\n if (!encryptedKeys[dataOwner]) {\n encryptedKeys[dataOwner] = {}\n }\n if (!encryptedKeys[dataOwner][delegate]) {\n encryptedKeys[dataOwner][delegate] = { encrypted: [] }\n }\n encryptedKeys[dataOwner][delegate].encrypted.push(encryptedEntries)\n }\n }\n }\n return encryptedKeys\n }\n}\n"]}
|
|
@@ -71,8 +71,9 @@ class ExtendedApisUtilsImpl {
|
|
|
71
71
|
});
|
|
72
72
|
}
|
|
73
73
|
entityWithInitialisedEncryptedMetadata(entity, entityType, owningEntity, owningEntitySecretIds, initialiseEncryptionKey, autoDelegations, alternateRootDelegation) {
|
|
74
|
-
|
|
75
|
-
|
|
74
|
+
var arguments_1 = arguments;
|
|
75
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
76
|
+
this.throwDetailedExceptionForInvalidParameter('entity.id', entity.id, 'entityWithInitialisedEncryptedMetadata', arguments_1);
|
|
76
77
|
this.checkEmptyEncryptionMetadata(entity);
|
|
77
78
|
const newRawKey = initialiseEncryptionKey ? yield this.primitives.AES.generateCryptoKey(true) : undefined;
|
|
78
79
|
const newSecretId = this.primitives.randomUuid();
|
|
@@ -84,8 +85,8 @@ class ExtendedApisUtilsImpl {
|
|
|
84
85
|
});
|
|
85
86
|
}
|
|
86
87
|
bulkShareOrUpdateEncryptedEntityMetadata(entitiesType, entitiesUpdates, doRequestBulkShareOrUpdate) {
|
|
87
|
-
var _a;
|
|
88
88
|
return __awaiter(this, void 0, void 0, function* () {
|
|
89
|
+
var _a;
|
|
89
90
|
const { allRequestsByEntityId, orderedRequestsInfoByEntityId, unmodifiedEntitiesIds } = yield this.prepareBulkShareRequests(entitiesType, entitiesUpdates);
|
|
90
91
|
const results = Object.keys(allRequestsByEntityId).length > 0 ? yield doRequestBulkShareOrUpdate({ requestsByEntityId: allRequestsByEntityId }) : [];
|
|
91
92
|
const updatedEntities = [];
|
|
@@ -116,8 +117,8 @@ class ExtendedApisUtilsImpl {
|
|
|
116
117
|
});
|
|
117
118
|
}
|
|
118
119
|
bulkShareOrUpdateEncryptedEntityMetadataNoEntities(entitiesType, entitiesUpdates, doRequestBulkShareOrUpdate) {
|
|
119
|
-
var _a;
|
|
120
120
|
return __awaiter(this, void 0, void 0, function* () {
|
|
121
|
+
var _a;
|
|
121
122
|
const { allRequestsByEntityId, orderedRequestsInfoByEntityId, unmodifiedEntitiesIds } = yield this.prepareBulkShareRequests(entitiesType, entitiesUpdates);
|
|
122
123
|
const results = yield doRequestBulkShareOrUpdate({ requestsByEntityId: allRequestsByEntityId });
|
|
123
124
|
const updateErrors = [];
|
|
@@ -146,8 +147,8 @@ class ExtendedApisUtilsImpl {
|
|
|
146
147
|
});
|
|
147
148
|
}
|
|
148
149
|
prepareBulkShareRequests(entitiesType, entitiesUpdates) {
|
|
149
|
-
var _a, _b, _c;
|
|
150
150
|
return __awaiter(this, void 0, void 0, function* () {
|
|
151
|
+
var _a, _b, _c;
|
|
151
152
|
if (new Set(entitiesUpdates.map((e) => e.entity.id)).size !== entitiesUpdates.length) {
|
|
152
153
|
throw new Error('Duplicate requests: the same entity id is present more than once in the input');
|
|
153
154
|
}
|
|
@@ -204,8 +205,8 @@ class ExtendedApisUtilsImpl {
|
|
|
204
205
|
});
|
|
205
206
|
}
|
|
206
207
|
simpleShareOrUpdateEncryptedEntityMetadata(entity, delegates, doRequestBulkShareOrUpdate) {
|
|
207
|
-
var _a, _b;
|
|
208
208
|
return __awaiter(this, void 0, void 0, function* () {
|
|
209
|
+
var _a, _b;
|
|
209
210
|
const availableEncryptionKeys = yield this.encryptionKeysOf(entity);
|
|
210
211
|
const availableOwningEntityIds = yield this.owningEntityIdsOf(entity);
|
|
211
212
|
const dataForDelegates = {};
|
|
@@ -264,8 +265,8 @@ class ExtendedApisUtilsImpl {
|
|
|
264
265
|
});
|
|
265
266
|
}
|
|
266
267
|
makeMigrationRequestForMemberOfHierarchy(entity, selfId, currMemberId, userRequestForDelegate, legacySecretIds, legacyEncryptionKeys, legacyOwningEntityIds) {
|
|
267
|
-
var _a, _b, _c;
|
|
268
268
|
return __awaiter(this, void 0, void 0, function* () {
|
|
269
|
+
var _a, _b, _c;
|
|
269
270
|
// This implementation is very specific from migration from delegations to secure delegations. If in future we will have to migrate from secure delegations to something else, this method may need significant changes in its logic.
|
|
270
271
|
const subHierarchy = this.useParentKeys ? yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIdsFrom(currMemberId) : [currMemberId];
|
|
271
272
|
const subHierarchySet = new Set(subHierarchy);
|
|
@@ -369,8 +370,8 @@ class ExtendedApisUtilsImpl {
|
|
|
369
370
|
});
|
|
370
371
|
}
|
|
371
372
|
tryDecryptEntities(entities, entityType, constructor) {
|
|
372
|
-
var _a;
|
|
373
373
|
return __awaiter(this, void 0, void 0, function* () {
|
|
374
|
+
var _a;
|
|
374
375
|
const nothingToDecryptResults = new Map();
|
|
375
376
|
for (const entity of entities) {
|
|
376
377
|
const nothingToDecrypt = yield (0, utils_1.decryptObject)(entity, (encrypted) => __awaiter(this, void 0, void 0, function* () {
|
|
@@ -418,8 +419,8 @@ class ExtendedApisUtilsImpl {
|
|
|
418
419
|
});
|
|
419
420
|
}
|
|
420
421
|
tryEncryptEntities(entities, entityType, fieldsToEncrypt, encodeBinaryData, requireEncryption, constructor) {
|
|
421
|
-
var _a;
|
|
422
422
|
return __awaiter(this, void 0, void 0, function* () {
|
|
423
|
+
var _a;
|
|
423
424
|
const entitiesWithInitialisedEncryptionKeys = [];
|
|
424
425
|
for (const entity of entities) {
|
|
425
426
|
entitiesWithInitialisedEncryptionKeys.push((_a = (yield this.ensureEncryptionKeysInitialised(entity, entityType))) !== null && _a !== void 0 ? _a : entity);
|
|
@@ -469,8 +470,8 @@ class ExtendedApisUtilsImpl {
|
|
|
469
470
|
});
|
|
470
471
|
}
|
|
471
472
|
ensureEncryptionKeysInitialised(entity, entityType) {
|
|
472
|
-
var _a, _b, _c;
|
|
473
473
|
return __awaiter(this, void 0, void 0, function* () {
|
|
474
|
+
var _a, _b, _c;
|
|
474
475
|
if (this.securityMetadataDecryptor.hasAnyEncryptionKeys(entity))
|
|
475
476
|
return undefined;
|
|
476
477
|
if (!entity.rev) {
|