@icure/api 8.2.3 → 8.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (337) hide show
  1. package/icc-api/api/IccAuthApi.js +1 -1
  2. package/icc-api/api/IccAuthApi.js.map +1 -1
  3. package/icc-api/api/IccDocumentApi.js.map +1 -1
  4. package/icc-api/api/IccFormApi.js.map +1 -1
  5. package/icc-api/api/IccReceiptApi.js.map +1 -1
  6. package/icc-api/api/IccRestApiPath.js +1 -2
  7. package/icc-api/api/IccRestApiPath.js.map +1 -1
  8. package/icc-api/api/XHR.js +10 -8
  9. package/icc-api/api/XHR.js.map +1 -1
  10. package/icc-api/model/Address.js +1 -1
  11. package/icc-api/model/Address.js.map +1 -1
  12. package/icc-api/model/Amp.js +1 -1
  13. package/icc-api/model/Amp.js.map +1 -1
  14. package/icc-api/model/AmpComponent.js +1 -1
  15. package/icc-api/model/AmpComponent.js.map +1 -1
  16. package/icc-api/model/Ampp.js +1 -1
  17. package/icc-api/model/Ampp.js.map +1 -1
  18. package/icc-api/model/AmppComponent.js +1 -1
  19. package/icc-api/model/AmppComponent.js.map +1 -1
  20. package/icc-api/model/CareTeamMember.js +1 -1
  21. package/icc-api/model/CareTeamMember.js.map +1 -1
  22. package/icc-api/model/CareTeamMembership.js +1 -1
  23. package/icc-api/model/CareTeamMembership.js.map +1 -1
  24. package/icc-api/model/Code.js +1 -1
  25. package/icc-api/model/Code.js.map +1 -1
  26. package/icc-api/model/Contact.js.map +1 -1
  27. package/icc-api/model/Content.js.map +1 -1
  28. package/icc-api/model/DataOwnerTypeEnum.js +1 -1
  29. package/icc-api/model/DataOwnerTypeEnum.js.map +1 -1
  30. package/icc-api/model/DataOwnerWithType.js +1 -1
  31. package/icc-api/model/DataOwnerWithType.js.map +1 -1
  32. package/icc-api/model/DatabaseSynchronization.js +1 -1
  33. package/icc-api/model/DatabaseSynchronization.js.map +1 -1
  34. package/icc-api/model/Dmpp.js +1 -1
  35. package/icc-api/model/Dmpp.js.map +1 -1
  36. package/icc-api/model/Document.js +1 -1
  37. package/icc-api/model/Document.js.map +1 -1
  38. package/icc-api/model/DocumentTemplate.d.ts +1 -1
  39. package/icc-api/model/DocumentTemplate.js +1 -1
  40. package/icc-api/model/DocumentTemplate.js.map +1 -1
  41. package/icc-api/model/Editor.js +1 -1
  42. package/icc-api/model/Editor.js.map +1 -1
  43. package/icc-api/model/EfactInvoice.js +1 -1
  44. package/icc-api/model/EfactInvoice.js.map +1 -1
  45. package/icc-api/model/EmailOrSmsMessage.js +1 -1
  46. package/icc-api/model/EmailOrSmsMessage.js.map +1 -1
  47. package/icc-api/model/FlatRateTarification.js +1 -1
  48. package/icc-api/model/FlatRateTarification.js.map +1 -1
  49. package/icc-api/model/Formula.js +1 -1
  50. package/icc-api/model/Formula.js.map +1 -1
  51. package/icc-api/model/FrontEndMigration.js +1 -1
  52. package/icc-api/model/FrontEndMigration.js.map +1 -1
  53. package/icc-api/model/HealthElement.js +1 -1
  54. package/icc-api/model/HealthElement.js.map +1 -1
  55. package/icc-api/model/HealthcareParty.js +1 -1
  56. package/icc-api/model/HealthcareParty.js.map +1 -1
  57. package/icc-api/model/HealthcarePartyHistoryStatus.js +1 -1
  58. package/icc-api/model/HealthcarePartyHistoryStatus.js.map +1 -1
  59. package/icc-api/model/Ingredient.js +1 -1
  60. package/icc-api/model/Ingredient.js.map +1 -1
  61. package/icc-api/model/Invoice.js +1 -1
  62. package/icc-api/model/Invoice.js.map +1 -1
  63. package/icc-api/model/InvoiceItem.js +1 -1
  64. package/icc-api/model/InvoiceItem.js.map +1 -1
  65. package/icc-api/model/InvoicingCode.js +1 -1
  66. package/icc-api/model/InvoicingCode.js.map +1 -1
  67. package/icc-api/model/MaintenanceTask.js +1 -1
  68. package/icc-api/model/MaintenanceTask.js.map +1 -1
  69. package/icc-api/model/Measure.js.map +1 -1
  70. package/icc-api/model/MedicalHouseContract.js +1 -1
  71. package/icc-api/model/MedicalHouseContract.js.map +1 -1
  72. package/icc-api/model/ModelHelper.js +9 -10
  73. package/icc-api/model/ModelHelper.js.map +1 -1
  74. package/icc-api/model/Partnership.js +1 -1
  75. package/icc-api/model/Partnership.js.map +1 -1
  76. package/icc-api/model/Patient.js +1 -1
  77. package/icc-api/model/Patient.js.map +1 -1
  78. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +1 -1
  79. package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -1
  80. package/icc-api/model/PatientHealthCareParty.js +1 -1
  81. package/icc-api/model/PatientHealthCareParty.js.map +1 -1
  82. package/icc-api/model/Payment.js +1 -1
  83. package/icc-api/model/Payment.js.map +1 -1
  84. package/icc-api/model/PermissionCriterion.js +1 -1
  85. package/icc-api/model/PermissionCriterion.js.map +1 -1
  86. package/icc-api/model/PermissionItem.js +1 -1
  87. package/icc-api/model/PermissionItem.js.map +1 -1
  88. package/icc-api/model/PersonName.js +1 -1
  89. package/icc-api/model/PersonName.js.map +1 -1
  90. package/icc-api/model/PropertyTypeStub.js +1 -1
  91. package/icc-api/model/PropertyTypeStub.js.map +1 -1
  92. package/icc-api/model/Reimbursement.js +1 -1
  93. package/icc-api/model/Reimbursement.js.map +1 -1
  94. package/icc-api/model/RoleSourceEnum.js +1 -1
  95. package/icc-api/model/RoleSourceEnum.js.map +1 -1
  96. package/icc-api/model/SecureDelegation.js +1 -1
  97. package/icc-api/model/SecureDelegation.js.map +1 -1
  98. package/icc-api/model/Service.js.map +1 -1
  99. package/icc-api/model/StandardSubstance.js +1 -1
  100. package/icc-api/model/StandardSubstance.js.map +1 -1
  101. package/icc-api/model/SumehrValidity.js +1 -1
  102. package/icc-api/model/SumehrValidity.js.map +1 -1
  103. package/icc-api/model/Tarification.js +1 -1
  104. package/icc-api/model/Tarification.js.map +1 -1
  105. package/icc-api/model/Telecom.js +1 -1
  106. package/icc-api/model/Telecom.js.map +1 -1
  107. package/icc-api/model/Topic.js +1 -1
  108. package/icc-api/model/Topic.js.map +1 -1
  109. package/icc-api/model/TypedValueObject.js +1 -1
  110. package/icc-api/model/TypedValueObject.js.map +1 -1
  111. package/icc-api/model/User.js +1 -1
  112. package/icc-api/model/User.js.map +1 -1
  113. package/icc-api/model/UserTypeEnum.js +1 -1
  114. package/icc-api/model/UserTypeEnum.js.map +1 -1
  115. package/icc-api/model/VirtualIngredient.js +1 -1
  116. package/icc-api/model/VirtualIngredient.js.map +1 -1
  117. package/icc-api/model/internal/RecoveryData.js +1 -1
  118. package/icc-api/model/internal/RecoveryData.js.map +1 -1
  119. package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -1
  120. package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -1
  121. package/icc-api/model/requests/EntityShareRequest.js +1 -1
  122. package/icc-api/model/requests/EntityShareRequest.js.map +1 -1
  123. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +1 -1
  124. package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -1
  125. package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
  126. package/icc-x-api/auth/BasicAuthService.js.map +1 -1
  127. package/icc-x-api/auth/EnsembleAuthService.js.map +1 -1
  128. package/icc-x-api/auth/JwtAuthService.js.map +1 -1
  129. package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -1
  130. package/icc-x-api/auth/JwtBridgedAuthService.js +1 -1
  131. package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
  132. package/icc-x-api/auth/JwtUtils.js +3 -4
  133. package/icc-x-api/auth/JwtUtils.js.map +1 -1
  134. package/icc-x-api/auth/NoAuthService.js.map +1 -1
  135. package/icc-x-api/auth/SmartAuthProvider.d.ts +1 -1
  136. package/icc-x-api/auth/SmartAuthProvider.js +1 -1
  137. package/icc-x-api/auth/SmartAuthProvider.js.map +1 -1
  138. package/icc-x-api/crypto/AES.js.map +1 -1
  139. package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -1
  140. package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -1
  141. package/icc-x-api/crypto/BaseExchangeDataManager.js +10 -10
  142. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  143. package/icc-x-api/crypto/BaseExchangeKeysManager.js +4 -4
  144. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  145. package/icc-x-api/crypto/CryptoStrategies.d.ts +5 -7
  146. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  147. package/icc-x-api/crypto/DelegationsDeAnonymization.js +1 -1
  148. package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -1
  149. package/icc-x-api/crypto/ExchangeDataManager.js +7 -8
  150. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  151. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
  152. package/icc-x-api/crypto/ExchangeKeysManager.js +1 -1
  153. package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
  154. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +11 -10
  155. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
  156. package/icc-x-api/crypto/HMACUtils.js.map +1 -1
  157. package/icc-x-api/crypto/KeyRecovery.js +5 -5
  158. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  159. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js +3 -3
  160. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js.map +1 -1
  161. package/icc-x-api/crypto/RSA.js +4 -4
  162. package/icc-x-api/crypto/RSA.js.map +1 -1
  163. package/icc-x-api/crypto/RecoveryDataEncryption.js +1 -1
  164. package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
  165. package/icc-x-api/crypto/SecretIdUseOption.js +1 -1
  166. package/icc-x-api/crypto/SecretIdUseOption.js.map +1 -1
  167. package/icc-x-api/crypto/SecureDelegationsEncryption.js +4 -4
  168. package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -1
  169. package/icc-x-api/crypto/SecureDelegationsManager.js +1 -1
  170. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  171. package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +1 -1
  172. package/icc-x-api/crypto/SecurityMetadataDecryptor.js +9 -9
  173. package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -1
  174. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  175. package/icc-x-api/crypto/ShareMetadataBehaviour.js +1 -1
  176. package/icc-x-api/crypto/ShareMetadataBehaviour.js.map +1 -1
  177. package/icc-x-api/crypto/TransferKeysManager.js +1 -1
  178. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  179. package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -2
  180. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
  181. package/icc-x-api/crypto/shamir.d.ts +2 -2
  182. package/icc-x-api/crypto/shamir.js +4 -4
  183. package/icc-x-api/crypto/shamir.js.map +1 -1
  184. package/icc-x-api/crypto/utils.js +14 -15
  185. package/icc-x-api/crypto/utils.js.map +1 -1
  186. package/icc-x-api/icc-accesslog-x-api.js +10 -10
  187. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  188. package/icc-x-api/icc-bekmehr-x-api.js.map +1 -1
  189. package/icc-x-api/icc-calendar-item-x-api.js +7 -7
  190. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  191. package/icc-x-api/icc-classification-x-api.js +5 -5
  192. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  193. package/icc-x-api/icc-code-x-api.js.map +1 -1
  194. package/icc-x-api/icc-contact-x-api.js +12 -12
  195. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  196. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  197. package/icc-x-api/icc-device-x-api.js +2 -2
  198. package/icc-x-api/icc-device-x-api.js.map +1 -1
  199. package/icc-x-api/icc-doctemplate-x-api.js.map +1 -1
  200. package/icc-x-api/icc-document-x-api.js +15 -15
  201. package/icc-x-api/icc-document-x-api.js.map +1 -1
  202. package/icc-x-api/icc-form-x-api.js +7 -7
  203. package/icc-x-api/icc-form-x-api.js.map +1 -1
  204. package/icc-x-api/icc-hcparty-x-api.js +4 -4
  205. package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
  206. package/icc-x-api/icc-helement-x-api.js +10 -10
  207. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  208. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  209. package/icc-x-api/icc-invoice-x-api.js +7 -7
  210. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  211. package/icc-x-api/icc-maintenance-task-x-api.js +7 -7
  212. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  213. package/icc-x-api/icc-message-x-api.js +8 -8
  214. package/icc-x-api/icc-message-x-api.js.map +1 -1
  215. package/icc-x-api/icc-patient-x-api.js +11 -11
  216. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  217. package/icc-x-api/icc-receipt-x-api.js +10 -10
  218. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  219. package/icc-x-api/icc-recovery-x-api.js +4 -4
  220. package/icc-x-api/icc-recovery-x-api.js.map +1 -1
  221. package/icc-x-api/icc-time-table-x-api.js +5 -5
  222. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  223. package/icc-x-api/icc-topic-x-api.js +9 -9
  224. package/icc-x-api/icc-topic-x-api.js.map +1 -1
  225. package/icc-x-api/icc-user-x-api.js +4 -4
  226. package/icc-x-api/icc-user-x-api.js.map +1 -1
  227. package/icc-x-api/index.js +22 -22
  228. package/icc-x-api/index.js.map +1 -1
  229. package/icc-x-api/maintenance/KeyPairUpdateRequest.js +2 -2
  230. package/icc-x-api/maintenance/KeyPairUpdateRequest.js.map +1 -1
  231. package/icc-x-api/storage/IcureStorageFacade.js +1 -1
  232. package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
  233. package/icc-x-api/storage/LocalStorageImpl.js +1 -1
  234. package/icc-x-api/storage/LocalStorageImpl.js.map +1 -1
  235. package/icc-x-api/utils/EntityWithDelegationTypeName.js +4 -4
  236. package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
  237. package/icc-x-api/utils/asn1-packer.js +2 -3
  238. package/icc-x-api/utils/asn1-packer.js.map +1 -1
  239. package/icc-x-api/utils/asn1-parser.js +1 -2
  240. package/icc-x-api/utils/asn1-parser.js.map +1 -1
  241. package/icc-x-api/utils/binary-utils.js +11 -11
  242. package/icc-x-api/utils/binary-utils.js.map +1 -1
  243. package/icc-x-api/utils/code-util.js +1 -2
  244. package/icc-x-api/utils/code-util.js.map +1 -1
  245. package/icc-x-api/utils/collection-utils.js +5 -6
  246. package/icc-x-api/utils/collection-utils.js.map +1 -1
  247. package/icc-x-api/utils/crypto-utils.d.ts +1 -1
  248. package/icc-x-api/utils/crypto-utils.js +17 -18
  249. package/icc-x-api/utils/crypto-utils.js.map +1 -1
  250. package/icc-x-api/utils/formatting-util.js +21 -21
  251. package/icc-x-api/utils/formatting-util.js.map +1 -1
  252. package/icc-x-api/utils/functional-util.js +3 -4
  253. package/icc-x-api/utils/functional-util.js.map +1 -1
  254. package/icc-x-api/utils/graph-utils.js +3 -4
  255. package/icc-x-api/utils/graph-utils.js.map +1 -1
  256. package/icc-x-api/utils/hcp-util.js +4 -4
  257. package/icc-x-api/utils/hcp-util.js.map +1 -1
  258. package/icc-x-api/utils/insurability-util.js +6 -7
  259. package/icc-x-api/utils/insurability-util.js.map +1 -1
  260. package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
  261. package/icc-x-api/utils/net-utils.js +3 -4
  262. package/icc-x-api/utils/net-utils.js.map +1 -1
  263. package/icc-x-api/utils/person-util.js +3 -4
  264. package/icc-x-api/utils/person-util.js.map +1 -1
  265. package/icc-x-api/utils/proxy-utils.js.map +1 -1
  266. package/icc-x-api/utils/simple-lru-cache.js.map +1 -1
  267. package/icc-x-api/utils/uuid-encoder.js +2 -2
  268. package/icc-x-api/utils/uuid-encoder.js.map +1 -1
  269. package/icc-x-api/utils/websocket.d.ts +0 -1
  270. package/icc-x-api/utils/websocket.js +3 -3
  271. package/icc-x-api/utils/websocket.js.map +1 -1
  272. package/package.json +3 -3
  273. package/test/icc-api/api/IccAgendaApi.js.map +1 -1
  274. package/test/icc-api/api/IccCalendarItemApi.js.map +1 -1
  275. package/test/icc-api/api/IccCalendarItemTypeApi.js +2 -2
  276. package/test/icc-api/api/IccCalendarItemTypeApi.js.map +1 -1
  277. package/test/icc-api/api/IccDocumentApi.js.map +1 -1
  278. package/test/icc-api/api/IccKeywordApi.js.map +1 -1
  279. package/test/icc-api/api/IccMedicalLocationApi.js.map +1 -1
  280. package/test/icc-api/api/IccPlaceApi.js.map +1 -1
  281. package/test/icc-api/api/IccUserApi.js +6 -6
  282. package/test/icc-x-api/auth/group-switch-test.js.map +1 -1
  283. package/test/icc-x-api/auth/jwt-concurrency-test.js +1 -2
  284. package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -1
  285. package/test/icc-x-api/auth/jwt-provider-test.js.map +1 -1
  286. package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -1
  287. package/test/icc-x-api/autofix-anonymity-test.js.map +1 -1
  288. package/test/icc-x-api/confidential-entities-test.js +1 -1
  289. package/test/icc-x-api/confidential-entities-test.js.map +1 -1
  290. package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -1
  291. package/test/icc-x-api/crud/entities-crud-test-interface.js +24 -24
  292. package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -1
  293. package/test/icc-x-api/crypto/anonymous-delegations-test.js +2 -2
  294. package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -1
  295. package/test/icc-x-api/crypto/cryptoTest.js.map +1 -1
  296. package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -1
  297. package/test/icc-x-api/crypto/exchange-data-manager-test.js +4 -4
  298. package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -1
  299. package/test/icc-x-api/crypto/full-crypto-test.js +5 -5
  300. package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -1
  301. package/test/icc-x-api/crypto/legacy-metadata-migration-test.js +7 -7
  302. package/test/icc-x-api/crypto/legacy-metadata-migration-test.js.map +1 -1
  303. package/test/icc-x-api/crypto/secure-delegations-manager-test.js +2 -2
  304. package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -1
  305. package/test/icc-x-api/crypto/shamir.js.map +1 -1
  306. package/test/icc-x-api/crypto/soft-deleted-data-owners.js +3 -3
  307. package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +1 -1
  308. package/test/icc-x-api/entity-with-attachments-api-test.js +2 -2
  309. package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -1
  310. package/test/icc-x-api/icc-maintenance-task-x-api-test.js +4 -4
  311. package/test/icc-x-api/icc-message-x-api.js +1 -1
  312. package/test/icc-x-api/icc-message-x-api.js.map +1 -1
  313. package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -1
  314. package/test/icc-x-api/icc-recovery-x-api.js.map +1 -1
  315. package/test/icc-x-api/icc-topic-x-api.js.map +1 -1
  316. package/test/icc-x-api/icc-user-x-api-test.js.map +1 -1
  317. package/test/icc-x-api/patient-user.js.map +1 -1
  318. package/test/icc-x-api/test-legacy-data-support.js.map +1 -1
  319. package/test/icc-x-api/utils/graph-test.js.map +1 -1
  320. package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -1
  321. package/test/support/CSM-243.js +2 -2
  322. package/test/support/CSM-243.js.map +1 -1
  323. package/test/support/CSM-93.js +1 -1
  324. package/test/support/CSM-93.js.map +1 -1
  325. package/test/utils/FakeDataOwnerApi.js.map +1 -1
  326. package/test/utils/FakeEncryptionKeysManager.js +2 -2
  327. package/test/utils/FakeEncryptionKeysManager.js.map +1 -1
  328. package/test/utils/FakeExchangeDataApi.js.map +1 -1
  329. package/test/utils/FakeExchangeDataManager.js.map +1 -1
  330. package/test/utils/FakeGenericApi.js.map +1 -1
  331. package/test/utils/TestApi.js +2 -2
  332. package/test/utils/TestApi.js.map +1 -1
  333. package/test/utils/TestCryptoStrategies.js.map +1 -1
  334. package/test/utils/TestStorage.js +2 -2
  335. package/test/utils/TestStorage.js.map +1 -1
  336. package/test/utils/test_utils.js +22 -22
  337. package/test/utils/test_utils.js.map +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"NativeCryptoPrimitivesBridge.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/NativeCryptoPrimitivesBridge.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,qCAAsC;AAGtC,oCAA6E;AAE7E;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,iBAAoI;QAC9I,IAAI,CAAC,YAAY,GAAG,iBAAiB,CAAC,YAAY,CAAA;QAClD,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QACxE,IAAI,CAAC,IAAI,GAAG,IAAI,gBAAgB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACvD,CAAC;IASD,WAAW,CAAC,CAAS;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAA;IACzC,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAA;IACvC,CAAC;IAEK,MAAM,CAAC,IAA8B;;YACzC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QAC5F,CAAC;KAAA;IAEK,MAAM,CAAC,IAA8B;;YACzC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;QACxC,CAAC;KAAA;CACF;AAhCD,oEAgCC;AAED,MAAM,kBAAmB,SAAQ,oBAAW;IAC1C,YAA6B,YAAiC;QAC5D,KAAK,EAAE,CAAA;QADoB,iBAAY,GAAZ,YAAY,CAAqB;IAE9D,CAAC;IAES,UAAU,CAAC,GAAgB;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAA;IACzC,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe,EAAmB,MAA2B;QAA7D,QAAG,GAAH,GAAG,CAAY;QAAmB,WAAM,GAAN,MAAM,CAAqB;IAAG,CAAC;IAExF,OAAO,CAAC,SAAoB,EAAE,aAAuC;;YACzE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACxF,CAAC;KAAA;IAED,WAAW,CAAC,UAAuB,EAAE,UAAsB;QACzD,IAAI;YACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;SAC/C;QAAC,OAAO,CAAC,EAAE;YACV,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE;gBACzB,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;aACzD;iBAAM;gBACL,MAAM,CAAC,CAAA;aACR;SACF;IACH,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAmC;;YACrE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,CAAA;QAC1F,CAAC;KAAA;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAIK,SAAS,CAAC,SAAoB,EAAE,MAAqB;;YACzD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACpE,IAAI,MAAM,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAA;YAClC,OAAO;gBACL,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;gBACpD,GAAG,EAAE,IAAI;gBACT,OAAO,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gBAC/B,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAIK,iBAAiB,CAAC,KAAc;;YACpC,IAAI,KAAK,EAAE;gBACT,OAAO,OAAO,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;aAC5D;iBAAM;gBACL,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;gBACxE,OAAO,IAAI,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;aACrC;QACH,CAAC;KAAA;IAED,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IAC9C,CAAC;IAEK,SAAS,CAAC,MAAqB,EAAE,MAA6C;;;YAClF,IAAI,QAAoB,CAAA;YACxB,IAAI,MAAM,KAAK,KAAK,EAAE;gBACpB,IACG,MAAqB,CAAC,GAAG,KAAK,KAAK;oBACpC,CAAE,MAAqB,CAAC,GAAG,KAAK,SAAS,IAAK,MAAqB,CAAC,GAAG,KAAK,SAAS,CAAC;oBACtF,CAAE,MAAqB,CAAC,GAAG;oBAC3B,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAE,MAAqB,CAAC,CAAC,EACzB;oBACA,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAA;iBACF;gBACD,0CAA0C;gBAC1C,QAAQ,GAAG,IAAI,UAAU,CAAC,IAAA,eAAO,EAAE,MAAqB,CAAC,CAAE,CAAC,CAAC,CAAA;aAC9D;iBAAM,IAAI,MAAM,KAAK,KAAK,EAAE;gBAC3B,IAAI,MAAO,YAAY,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7F,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAyB,CAAC,CAAA;aACrD;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,CAAA;YAChF,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;;KACnD;CACF;AAED,SAAS,aAAa,CAAI,SAAoB;IAC5C,IAAI,YAAY,IAAI,SAAS,EAAE;QAC7B,OAAO,SAAS,CAAC,UAAe,CAAA;KACjC;;QAAM,MAAM,IAAI,KAAK,CAAC,sHAAsH,CAAC,CAAA;AAChJ,CAAC;AAED,MAAM,YAAY;IAChB,YAAqB,UAAkB,EAAW,IAAY;QAAzC,eAAU,GAAV,UAAU,CAAQ;QAAW,SAAI,GAAJ,IAAI,CAAQ;IAAG,CAAC;IAElE,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAA;IAC/C,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,gBAAgB;IACpB,YAA6B,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;IAAG,CAAC;IAE5C,SAAS,CAAC,GAAc;;YAC5B,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,WAAW;;YACf,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;YACxE,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,SAAS,CAAC,GAAgB;;YAC9B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAA;YAC9F,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,IAAI,CAAC,GAAc,EAAE,IAAiB;;YAC1C,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACvE,CAAC;KAAA;IAEK,MAAM,CAAC,GAAc,EAAE,IAAiB,EAAE,SAAsB;;YACpE,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACpG,CAAC;KAAA;CACF;AAED,MAAM,aAAa;IACjB,YAAqB,UAAmB;QAAnB,eAAU,GAAV,UAAU,CAAS;IAAG,CAAC;IAE5C,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClE,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IAC3B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe;QAAf,QAAG,GAAH,GAAG,CAAY;IAAG,CAAC;IAE1C,oBAAoB,CAAC,OAA2B;;YACpD,IAAI;gBACF,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;aAC9B;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,KAAK,CAAA;aACb;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,UAAqB,EAAE,aAAyB;;YAC5D,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QACzE,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAqB;;YACvD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;IAKK,SAAS,CAAC,SAAoB,EAAE,MAAgC;;YACpE,IAAI,MAAM,KAAK,KAAK,EAAE;gBACpB,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE;oBAChC,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;iBACpE;qBAAM;oBACL,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;iBACnE;aACF;iBAAM,IAAI,MAAM,KAAK,MAAM,EAAE;gBAC5B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;aACpE;iBAAM,IAAI,MAAM,KAAK,OAAO,EAAE;gBAC7B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;aACtE;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;QACpD,CAAC;KAAA;IAIK,UAAU,CACd,OAA2B,EAC3B,aAA8B,EAC9B,YAA4B;;YAE5B,IAAI,UAAoC,CAAA;YACxC,IAAI,aAAa,KAAK,KAAK,EAAE;gBAC3B,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;aACnF;iBAAM;gBACL,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;aACrF;YACD,IAAI,SAAmC,CAAA;YACvC,IAAI,YAAY,KAAK,KAAK,EAAE;gBAC1B,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;aAChF;iBAAM;gBACL,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;aACjF;YACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;QAClC,CAAC;KAAA;IAEK,eAAe,CAAC,UAAsB;;YAC1C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAA;YACrF,4EAA4E;YAC5E,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;gBACxF,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;aACvF,CAAA;QACH,CAAC;KAAA;IAEK,wBAAwB;;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,qBAAqB,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;YACvF,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC7E,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAED,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE;YACtE,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;SAC5D;aAAM,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,OAAO,CAAC,EAAE;YAC9E,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;SAC7D;;YAAM,MAAM,IAAI,KAAK,CAAC,2DAA2D,SAAS,IAAI,MAAM,EAAE,CAAC,CAAA;IAC1G,CAAC;IAEK,aAAa,CACjB,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;;YAEzB,IAAI,eAA8B,CAAA;YAClC,IAAI,cAA4B,CAAA;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAA;YACtD,IAAI,gBAAgB,IAAI,KAAK,EAAE;gBAC7B,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,cAAkC,EAAE,SAAS,CAAC,CAAA;aACpG;iBAAM;gBACL,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,cAA6B,CAAC,EAAE,SAAS,CAAC,CAAA;aACjH;YACD,IAAI,eAAe,IAAI,KAAK,EAAE;gBAC5B,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAgC,EAAE,SAAS,CAAC,CAAA;aAChG;iBAAM;gBACL,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,aAA4B,CAAC,EAAE,SAAS,CAAC,CAAA;aAC7G;YACD,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBACjG,SAAS,EAAE,IAAI,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;aAC/F,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;;YAC1G,IAAI,QAAuB,CAAA;YAC3B,IAAI,MAAM,IAAI,KAAK,EAAE;gBACnB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;aACjH;iBAAM;gBACL,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;aAC9H;YACD,OAAO,IAAI,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAEK,eAAe,CAAC,MAAsB,EAAE,OAAiC,EAAE,aAAyB;;YACxG,IAAI,QAAsB,CAAA;YAC1B,IAAI,MAAM,IAAI,KAAK,EAAE;gBACnB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;aAC/G;iBAAM;gBACL,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;aAC5H;YACD,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAEK,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;;YACjF,IAAI,WAA0B,CAAA;YAC9B,IAAI,MAAM,IAAI,KAAK,EAAE;gBACnB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;aACnH;iBAAM;gBACL,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;aAChI;YACD,OAAO,IAAI,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC5E,CAAC;KAAA;IAEK,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;;YACnF,IAAI,WAAyB,CAAA;YAC7B,IAAI,MAAM,IAAI,KAAK,EAAE;gBACnB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;aACjH;iBAAM;gBACL,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;aAC9H;YACD,OAAO,IAAI,kBAAkB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC3E,CAAC;KAAA;IAEK,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QAClF,CAAC;KAAA;IAEK,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACzG,CAAC;KAAA;IAEO,gBAAgB,CAAC,UAAsB;QAC7C,OAAO,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,YAAY,CAAA;IAC9G,CAAC;IAEO,uBAAuB,CAAC,UAAsB;QACpD,OAAO;YACL,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAClD,IAAI,EAAE,EAAE,IAAI,EAAE,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;SAC9D,CAAA;IACH,CAAC;IAEO,sBAAsB;QAC5B,OAAO;YACL,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAClD,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;IACH,CAAC;CACF;AAED,MAAM,mBAAmB;IACvB,YAAqB,UAAyB,EAAW,SAA0B;QAA9D,eAAU,GAAV,UAAU,CAAe;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEvF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IAClE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,kBAAkB;IACtB,YAAqB,UAAwB,EAAW,SAA0B;QAA7D,eAAU,GAAV,UAAU,CAAc;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEtF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IACpE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,IAAK,YAEJ;AAFD,WAAK,YAAY;IACf,2CAA2B,CAAA;AAC7B,CAAC,EAFI,YAAY,KAAZ,YAAY,QAEhB;AACD,IAAK,sBAGJ;AAHD,WAAK,sBAAsB;IACzB,uDAA6B,CAAA;IAC7B,2DAAiC,CAAA;AACnC,CAAC,EAHI,sBAAsB,KAAtB,sBAAsB,QAG1B;AACD,IAAK,qBAEJ;AAFD,WAAK,qBAAqB;IACxB,wDAA+B,CAAA;AACjC,CAAC,EAFI,qBAAqB,KAArB,qBAAqB,QAEzB;AAED,IAAK,aAEJ;AAFD,WAAK,aAAa;IAChB,0CAAyB,CAAA;AAC3B,CAAC,EAFI,aAAa,KAAb,aAAa,QAEjB","sourcesContent":["import { CryptoPrimitives } from './CryptoPrimitives'\nimport { HMACUtils } from './HMACUtils'\nimport { ShamirClass } from './shamir'\nimport { AESUtils } from './AES'\nimport { KeyPair, RSAUtils, ShaVersion } from './RSA'\nimport { b64_2ua, hex2ua, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Allows to use the expo-kryptom module as crypto primitives. This is necessary when building expo (react native) apps.\n */\nexport class NativeCryptoPrimitivesBridge implements CryptoPrimitives {\n constructor(expoKryptomModule: { Aes: AesService; Rsa: RsaService; Hmac: HmacService; StrongRandom: StrongRandomService; Digest: DigestService }) {\n this.strongRandom = expoKryptomModule.StrongRandom\n this.digest = expoKryptomModule.Digest\n this.shamir = new StrongRandomShamir(this.strongRandom)\n this.AES = new NativeAesBridge(expoKryptomModule.Aes, this.strongRandom)\n this.HMAC = new NativeHmacBridge(expoKryptomModule.Hmac)\n this.RSA = new NativeRsaBridge(expoKryptomModule.Rsa)\n }\n\n readonly AES: AESUtils\n readonly HMAC: HMACUtils\n readonly RSA: RSAUtils\n readonly shamir: ShamirClass\n private readonly strongRandom: StrongRandomService\n private readonly digest: DigestService\n\n randomBytes(n: number): Uint8Array {\n return this.strongRandom.randomBytes(n)\n }\n\n randomUuid(): string {\n return this.strongRandom.randomUUID()\n }\n\n async sha256(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data)\n }\n\n async sha512(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n throw new Error('Not yet implemented')\n }\n}\n\nclass StrongRandomShamir extends ShamirClass {\n constructor(private readonly strongRandom: StrongRandomService) {\n super()\n }\n\n protected fillRandom(arr: Uint32Array): void {\n const random = this.strongRandom.randomBytes(arr.byteLength)\n // Note that the new Uint32Array does not copy the random array\n arr.set(new Uint32Array(random.buffer))\n }\n}\n\nclass NativeAesBridge implements AESUtils {\n constructor(private readonly aes: AesService, private readonly random: StrongRandomService) {}\n\n async decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey))\n }\n\n decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.decrypt(imported, plainData)\n }\n\n async encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null)\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.encrypt(imported, plainData)\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n const rawKey = await this.aes.exportRawKey(getKryptomKey(cryptoKey))\n if (format == 'raw') return rawKey\n return {\n kty: 'oct',\n alg: rawKey.byteLength == 32 ? 'A256CBC' : 'A128CBC',\n ext: true,\n key_ops: ['encrypt', 'decrypt'],\n k: ua2b64(rawKey).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_'),\n }\n }\n\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n async generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n if (toHex) {\n return Promise.resolve(ua2hex(this.random.randomBytes(32)))\n } else {\n const aesKey = await this.aes.generateKey(AesAlgorithm.AesCbcPkcs7, 256)\n return new AesCryptoKey(aesKey, 256)\n }\n }\n\n generateIV(ivByteLength: number): Uint8Array {\n return this.random.randomBytes(ivByteLength)\n }\n\n async importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n let keyBytes: Uint8Array\n if (format === 'jwk') {\n if (\n (aesKey as JsonWebKey).kty !== 'oct' ||\n ((aesKey as JsonWebKey).alg !== 'A256CBC' && (aesKey as JsonWebKey).alg !== 'A128CBC') ||\n !(aesKey as JsonWebKey).ext ||\n !(aesKey as JsonWebKey).key_ops?.includes('encrypt') ||\n !(aesKey as JsonWebKey).key_ops?.includes('decrypt') ||\n !(aesKey as JsonWebKey).k\n ) {\n throw new Error(\n 'Invalid JWK - must have kty=oct, alg=(A256CBC||A128CBC), ext=true, key_ops=[encrypt, decrypt], and must have non-empty k field'\n )\n }\n // b64_2ua works also with url-safe base64\n keyBytes = new Uint8Array(b64_2ua((aesKey as JsonWebKey).k!))\n } else if (format === 'raw') {\n if (aesKey! instanceof ArrayBuffer && !ArrayBuffer.isView(aesKey))\n throw new Error(\"aesKey must be an ArrayBuffer or an ArrayBufferView when format is 'raw'\")\n keyBytes = new Uint8Array(aesKey as ArrayBufferLike)\n } else throw new Error(`Invalid format ${format}`)\n const imported = await this.aes.importRawKey(keyBytes, AesAlgorithm.AesCbcPkcs7)\n return new AesCryptoKey(imported, keyBytes.length)\n }\n}\n\nfunction getKryptomKey<T>(cryptoKey: CryptoKey) {\n if ('kryptomKey' in cryptoKey) {\n return cryptoKey.kryptomKey as T\n } else throw new Error('Invalid crypto key: only crypto keys generated or loaded with this implementation of crypto primitives are supported')\n}\n\nclass AesCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: AesKey, readonly size: number) {}\n\n get algorithm(): AesKeyAlgorithm {\n return { name: 'AES-CBC', length: this.size }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['encrypt', 'decrypt']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeHmacBridge implements HMACUtils {\n constructor(private readonly hmac: HmacService) {}\n\n async exportKey(key: CryptoKey): Promise<ArrayBuffer> {\n return await this.hmac.exportRawKey(getKryptomKey(key))\n }\n\n async generateKey(): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.generateKey(HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async importKey(key: ArrayBuffer): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.importRawKey(new Uint8Array(key), HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.hmac.sign(new Uint8Array(data), getKryptomKey(key))\n }\n\n async verify(key: CryptoKey, data: ArrayBuffer, signature: ArrayBuffer): Promise<boolean> {\n return await this.hmac.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(key))\n }\n}\n\nclass HmacCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: HmacKey) {}\n\n get algorithm(): HmacKeyAlgorithm {\n return { name: 'HMAC', hash: { name: 'SHA-512' }, length: 1024 }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['sign', 'verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeRsaBridge implements RSAUtils {\n constructor(private readonly rsa: RsaService) {}\n\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n async decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.decrypt(encryptedData, getKryptomKey(privateKey))\n }\n\n async encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.encrypt(plainData, getKryptomKey(publicKey))\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'spki' | 'pkcs8'): Promise<JsonWebKey | ArrayBuffer> {\n if (format === 'jwk') {\n if (cryptoKey.type === 'private') {\n return await this.rsa.exportPrivateKeyJwk(getKryptomKey(cryptoKey))\n } else {\n return await this.rsa.exportPublicKeyJwk(getKryptomKey(cryptoKey))\n }\n } else if (format === 'spki') {\n return await this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey))\n } else if (format === 'pkcs8') {\n return await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey))\n } else throw new Error(`Invalid format ${format}`)\n }\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n async exportKeys(\n keyPair: KeyPair<CryptoKey>,\n privKeyFormat: 'jwk' | 'pkcs8',\n pubKeyFormat: 'jwk' | 'spki'\n ): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n let privateKey: JsonWebKey | ArrayBuffer\n if (privKeyFormat === 'jwk') {\n privateKey = await this.rsa.exportPrivateKeyJwk(getKryptomKey(keyPair.privateKey))\n } else {\n privateKey = await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey))\n }\n let publicKey: JsonWebKey | ArrayBuffer\n if (pubKeyFormat === 'jwk') {\n publicKey = await this.rsa.exportPublicKeyJwk(getKryptomKey(keyPair.publicKey))\n } else {\n publicKey = await this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey))\n }\n return { privateKey, publicKey }\n }\n\n async generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(this.kryptomAlgorithm(shaVersion), 2048)\n // In expo-kryptom a private keys and public keys are supertypes of keypair.\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n publicKey: new PublicRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n }\n }\n\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(RsaSignatureAlgorithm.PssWithSha256, 2048)\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n publicKey: new PublicRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n }\n }\n\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n if (keyUsages[0] == 'encrypt' && (format == 'jwk' || format == 'spki')) {\n return this.importPublicKey(format, keydata, hashAlgorithm)\n } else if (keyUsages[0] == 'decrypt' && (format == 'jwk' || format == 'pkcs8')) {\n return this.importPrivateKey(format, keydata, hashAlgorithm)\n } else throw new Error(`Combination of key usages and key format not supported: ${keyUsages} ${format}`)\n }\n\n async importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n let importedPrivate: RsaPrivateKey\n let importedPublic: RsaPublicKey\n const algorithm = this.kryptomAlgorithm(hashAlgorithm)\n if (privateKeyFormat == 'jwk') {\n importedPrivate = await this.rsa.importPrivateKeyJwk(privateKeydata as PrivateRsaKeyJwk, algorithm)\n } else {\n importedPrivate = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(privateKeydata as ArrayBuffer), algorithm)\n }\n if (publicKeyFormat == 'jwk') {\n importedPublic = await this.rsa.importPublicKeyJwk(publicKeyData as PublicRsaKeyJwk, algorithm)\n } else {\n importedPublic = await this.rsa.importPublicKeySpki(new Uint8Array(publicKeyData as ArrayBuffer), algorithm)\n }\n return {\n privateKey: new PrivateRsaCryptoKey(importedPrivate, this.encryptionKeysAlgorithm(hashAlgorithm)),\n publicKey: new PublicRsaCryptoKey(importedPublic, this.encryptionKeysAlgorithm(hashAlgorithm)),\n }\n }\n\n async importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPrivateKey\n if (format == 'jwk') {\n imported = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PrivateRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importPublicKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPublicKey\n if (format == 'jwk') {\n imported = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PublicRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPrivateKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PrivateRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPublicKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PublicRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey))\n }\n\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.rsa.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(publicKey))\n }\n\n private kryptomAlgorithm(shaVersion: ShaVersion): RsaEncryptionAlgorithm {\n return shaVersion == 'sha-256' ? RsaEncryptionAlgorithm.OaepWithSha256 : RsaEncryptionAlgorithm.OaepWithSha1\n }\n\n private encryptionKeysAlgorithm(shaVersion: ShaVersion): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: shaVersion == 'sha-256' ? 'SHA-256' : 'SHA-1' },\n }\n }\n\n private signatureKeysAlgorithm(): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n }\n}\n\nclass PrivateRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPrivateKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'private'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['decrypt'] : ['sign']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass PublicRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPublicKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'public'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['encrypt'] : ['verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nenum AesAlgorithm {\n AesCbcPkcs7 = 'AesCbcPkcs7',\n}\nenum RsaEncryptionAlgorithm {\n OaepWithSha1 = 'OaepWithSha1',\n OaepWithSha256 = 'OaepWithSha256',\n}\nenum RsaSignatureAlgorithm {\n PssWithSha256 = 'PssWithSha256',\n}\ntype RsaAlgorithm = RsaEncryptionAlgorithm | RsaSignatureAlgorithm\nenum HmacAlgorithm {\n HmacSha512 = 'HmacSha512',\n}\n\ninterface HmacKey {\n algorithmIdentifier: HmacAlgorithm\n}\n\ninterface AesKey {\n algorithmIdentifier: AesAlgorithm\n}\n\ninterface RsaKeyPair {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPrivateKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPublicKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ntype PrivateRsaKeyJwk = {\n alg: string\n d: string\n dp: string\n dq: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n p: string\n q: string\n qi: string\n}\n\ntype PublicRsaKeyJwk = {\n alg: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n}\n\ninterface AesService {\n generateKey(algorithmIdentifier: AesAlgorithm, size: number): Promise<AesKey>\n encrypt(data: Uint8Array, key: AesKey, iv: Uint8Array | null): Promise<Uint8Array>\n decrypt(ivAndEncryptedData: Uint8Array, key: AesKey): Promise<Uint8Array>\n exportRawKey(key: AesKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: AesAlgorithm): Promise<AesKey>\n}\n\ninterface RsaService {\n generateKey(algorithmIdentifier: RsaAlgorithm, size: number): Promise<RsaKeyPair>\n encrypt(data: Uint8Array, key: RsaPublicKey): Promise<Uint8Array>\n decrypt(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n signature(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: RsaPublicKey): Promise<boolean>\n exportPrivateKeyPkcs8(key: RsaPrivateKey): Promise<Uint8Array>\n exportPrivateKeyJwk(key: RsaPrivateKey): Promise<PrivateRsaKeyJwk>\n exportPublicKeySpki(key: RsaPublicKey): Promise<Uint8Array>\n exportPublicKeyJwk(key: RsaPublicKey): Promise<PublicRsaKeyJwk>\n importPrivateKeyPkcs8(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPrivateKeyJwk(privateKey: PrivateRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPublicKeySpki(publicKeySpki: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importPublicKeyJwk(publicKey: PublicRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importKeyPair(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaKeyPair>\n}\n\ninterface HmacService {\n generateKey(algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n sign(data: Uint8Array, key: HmacKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: HmacKey): Promise<boolean>\n exportRawKey(key: HmacKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n}\n\ninterface StrongRandomService {\n randomBytes(length: number): Uint8Array\n randomUUID(): string\n}\n\ninterface DigestService {\n sha256(data: Uint8Array): Promise<Uint8Array>\n}\n"]}
1
+ {"version":3,"file":"NativeCryptoPrimitivesBridge.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/NativeCryptoPrimitivesBridge.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,qCAAsC;AAGtC,oCAA6E;AAE7E;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,iBAAoI;QAC9I,IAAI,CAAC,YAAY,GAAG,iBAAiB,CAAC,YAAY,CAAA;QAClD,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QACxE,IAAI,CAAC,IAAI,GAAG,IAAI,gBAAgB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACvD,CAAC;IASD,WAAW,CAAC,CAAS;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAA;IACzC,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAA;IACvC,CAAC;IAEK,MAAM,CAAC,IAA8B;;YACzC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QAC5F,CAAC;KAAA;IAEK,MAAM,CAAC,IAA8B;;YACzC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;QACxC,CAAC;KAAA;CACF;AAhCD,oEAgCC;AAED,MAAM,kBAAmB,SAAQ,oBAAW;IAC1C,YAA6B,YAAiC;QAC5D,KAAK,EAAE,CAAA;QADoB,iBAAY,GAAZ,YAAY,CAAqB;IAE9D,CAAC;IAES,UAAU,CAAC,GAAgB;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAA;IACzC,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe,EAAmB,MAA2B;QAA7D,QAAG,GAAH,GAAG,CAAY;QAAmB,WAAM,GAAN,MAAM,CAAqB;IAAG,CAAC;IAExF,OAAO,CAAC,SAAoB,EAAE,aAAuC;;YACzE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACxF,CAAC;KAAA;IAED,WAAW,CAAC,UAAuB,EAAE,UAAsB;QACzD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;QAChD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAA;YACT,CAAC;QACH,CAAC;IACH,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAmC;;YACrE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,CAAA;QAC1F,CAAC;KAAA;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAIK,SAAS,CAAC,SAAoB,EAAE,MAAqB;;YACzD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACpE,IAAI,MAAM,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAA;YAClC,OAAO;gBACL,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;gBACpD,GAAG,EAAE,IAAI;gBACT,OAAO,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gBAC/B,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAIK,iBAAiB,CAAC,KAAc;;YACpC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,OAAO,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC7D,CAAC;iBAAM,CAAC;gBACN,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;gBACxE,OAAO,IAAI,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;YACtC,CAAC;QACH,CAAC;KAAA;IAED,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IAC9C,CAAC;IAEK,SAAS,CAAC,MAAqB,EAAE,MAA6C;;;YAClF,IAAI,QAAoB,CAAA;YACxB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IACG,MAAqB,CAAC,GAAG,KAAK,KAAK;oBACpC,CAAE,MAAqB,CAAC,GAAG,KAAK,SAAS,IAAK,MAAqB,CAAC,GAAG,KAAK,SAAS,CAAC;oBACtF,CAAE,MAAqB,CAAC,GAAG;oBAC3B,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAE,MAAqB,CAAC,CAAC,EACzB,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAA;gBACH,CAAC;gBACD,0CAA0C;gBAC1C,QAAQ,GAAG,IAAI,UAAU,CAAC,IAAA,eAAO,EAAE,MAAqB,CAAC,CAAE,CAAC,CAAC,CAAA;YAC/D,CAAC;iBAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC5B,IAAI,MAAO,YAAY,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7F,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAyB,CAAC,CAAA;YACtD,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,CAAA;YAChF,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QACpD,CAAC;KAAA;CACF;AAED,SAAS,aAAa,CAAI,SAAoB;IAC5C,IAAI,YAAY,IAAI,SAAS,EAAE,CAAC;QAC9B,OAAO,SAAS,CAAC,UAAe,CAAA;IAClC,CAAC;;QAAM,MAAM,IAAI,KAAK,CAAC,sHAAsH,CAAC,CAAA;AAChJ,CAAC;AAED,MAAM,YAAY;IAChB,YAAqB,UAAkB,EAAW,IAAY;QAAzC,eAAU,GAAV,UAAU,CAAQ;QAAW,SAAI,GAAJ,IAAI,CAAQ;IAAG,CAAC;IAElE,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAA;IAC/C,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,gBAAgB;IACpB,YAA6B,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;IAAG,CAAC;IAE5C,SAAS,CAAC,GAAc;;YAC5B,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,WAAW;;YACf,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;YACxE,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,SAAS,CAAC,GAAgB;;YAC9B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAA;YAC9F,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,IAAI,CAAC,GAAc,EAAE,IAAiB;;YAC1C,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACvE,CAAC;KAAA;IAEK,MAAM,CAAC,GAAc,EAAE,IAAiB,EAAE,SAAsB;;YACpE,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACpG,CAAC;KAAA;CACF;AAED,MAAM,aAAa;IACjB,YAAqB,UAAmB;QAAnB,eAAU,GAAV,UAAU,CAAS;IAAG,CAAC;IAE5C,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClE,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IAC3B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe;QAAf,QAAG,GAAH,GAAG,CAAY;IAAG,CAAC;IAE1C,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,UAAqB,EAAE,aAAyB;;YAC5D,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QACzE,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAqB;;YACvD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;IAKK,SAAS,CAAC,SAAoB,EAAE,MAAgC;;YACpE,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACjC,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACrE,CAAC;qBAAM,CAAC;oBACN,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACpE,CAAC;YACH,CAAC;iBAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC7B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACrE,CAAC;iBAAM,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACvE,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;QACpD,CAAC;KAAA;IAIK,UAAU,CACd,OAA2B,EAC3B,aAA8B,EAC9B,YAA4B;;YAE5B,IAAI,UAAoC,CAAA;YACxC,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;YACpF,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;YACtF,CAAC;YACD,IAAI,SAAmC,CAAA;YACvC,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;gBAC3B,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;YACjF,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;YAClF,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;QAClC,CAAC;KAAA;IAEK,eAAe,CAAC,UAAsB;;YAC1C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAA;YACrF,4EAA4E;YAC5E,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;gBACxF,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;aACvF,CAAA;QACH,CAAC;KAAA;IAEK,wBAAwB;;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,qBAAqB,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;YACvF,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC7E,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAED,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC7D,CAAC;aAAM,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,OAAO,CAAC,EAAE,CAAC;YAC/E,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC9D,CAAC;;YAAM,MAAM,IAAI,KAAK,CAAC,2DAA2D,SAAS,IAAI,MAAM,EAAE,CAAC,CAAA;IAC1G,CAAC;IAEK,aAAa,CACjB,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;;YAEzB,IAAI,eAA8B,CAAA;YAClC,IAAI,cAA4B,CAAA;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAA;YACtD,IAAI,gBAAgB,IAAI,KAAK,EAAE,CAAC;gBAC9B,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,cAAkC,EAAE,SAAS,CAAC,CAAA;YACrG,CAAC;iBAAM,CAAC;gBACN,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,cAA6B,CAAC,EAAE,SAAS,CAAC,CAAA;YAClH,CAAC;YACD,IAAI,eAAe,IAAI,KAAK,EAAE,CAAC;gBAC7B,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAgC,EAAE,SAAS,CAAC,CAAA;YACjG,CAAC;iBAAM,CAAC;gBACN,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,aAA4B,CAAC,EAAE,SAAS,CAAC,CAAA;YAC9G,CAAC;YACD,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBACjG,SAAS,EAAE,IAAI,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;aAC/F,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;;YAC1G,IAAI,QAAuB,CAAA;YAC3B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAEK,eAAe,CAAC,MAAsB,EAAE,OAAiC,EAAE,aAAyB;;YACxG,IAAI,QAAsB,CAAA;YAC1B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAChH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC7H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAEK,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;;YACjF,IAAI,WAA0B,CAAA;YAC9B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACpH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACjI,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC5E,CAAC;KAAA;IAEK,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;;YACnF,IAAI,WAAyB,CAAA;YAC7B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC3E,CAAC;KAAA;IAEK,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QAClF,CAAC;KAAA;IAEK,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACzG,CAAC;KAAA;IAEO,gBAAgB,CAAC,UAAsB;QAC7C,OAAO,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,YAAY,CAAA;IAC9G,CAAC;IAEO,uBAAuB,CAAC,UAAsB;QACpD,OAAO;YACL,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;SAC9D,CAAA;IACH,CAAC;IAEO,sBAAsB;QAC5B,OAAO;YACL,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;IACH,CAAC;CACF;AAED,MAAM,mBAAmB;IACvB,YAAqB,UAAyB,EAAW,SAA0B;QAA9D,eAAU,GAAV,UAAU,CAAe;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEvF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IAClE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,kBAAkB;IACtB,YAAqB,UAAwB,EAAW,SAA0B;QAA7D,eAAU,GAAV,UAAU,CAAc;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEtF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IACpE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,IAAK,YAEJ;AAFD,WAAK,YAAY;IACf,2CAA2B,CAAA;AAC7B,CAAC,EAFI,YAAY,KAAZ,YAAY,QAEhB;AACD,IAAK,sBAGJ;AAHD,WAAK,sBAAsB;IACzB,uDAA6B,CAAA;IAC7B,2DAAiC,CAAA;AACnC,CAAC,EAHI,sBAAsB,KAAtB,sBAAsB,QAG1B;AACD,IAAK,qBAEJ;AAFD,WAAK,qBAAqB;IACxB,wDAA+B,CAAA;AACjC,CAAC,EAFI,qBAAqB,KAArB,qBAAqB,QAEzB;AAED,IAAK,aAEJ;AAFD,WAAK,aAAa;IAChB,0CAAyB,CAAA;AAC3B,CAAC,EAFI,aAAa,KAAb,aAAa,QAEjB","sourcesContent":["import { CryptoPrimitives } from './CryptoPrimitives'\nimport { HMACUtils } from './HMACUtils'\nimport { ShamirClass } from './shamir'\nimport { AESUtils } from './AES'\nimport { KeyPair, RSAUtils, ShaVersion } from './RSA'\nimport { b64_2ua, hex2ua, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Allows to use the expo-kryptom module as crypto primitives. This is necessary when building expo (react native) apps.\n */\nexport class NativeCryptoPrimitivesBridge implements CryptoPrimitives {\n constructor(expoKryptomModule: { Aes: AesService; Rsa: RsaService; Hmac: HmacService; StrongRandom: StrongRandomService; Digest: DigestService }) {\n this.strongRandom = expoKryptomModule.StrongRandom\n this.digest = expoKryptomModule.Digest\n this.shamir = new StrongRandomShamir(this.strongRandom)\n this.AES = new NativeAesBridge(expoKryptomModule.Aes, this.strongRandom)\n this.HMAC = new NativeHmacBridge(expoKryptomModule.Hmac)\n this.RSA = new NativeRsaBridge(expoKryptomModule.Rsa)\n }\n\n readonly AES: AESUtils\n readonly HMAC: HMACUtils\n readonly RSA: RSAUtils\n readonly shamir: ShamirClass\n private readonly strongRandom: StrongRandomService\n private readonly digest: DigestService\n\n randomBytes(n: number): Uint8Array {\n return this.strongRandom.randomBytes(n)\n }\n\n randomUuid(): string {\n return this.strongRandom.randomUUID()\n }\n\n async sha256(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data)\n }\n\n async sha512(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n throw new Error('Not yet implemented')\n }\n}\n\nclass StrongRandomShamir extends ShamirClass {\n constructor(private readonly strongRandom: StrongRandomService) {\n super()\n }\n\n protected fillRandom(arr: Uint32Array): void {\n const random = this.strongRandom.randomBytes(arr.byteLength)\n // Note that the new Uint32Array does not copy the random array\n arr.set(new Uint32Array(random.buffer))\n }\n}\n\nclass NativeAesBridge implements AESUtils {\n constructor(private readonly aes: AesService, private readonly random: StrongRandomService) {}\n\n async decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey))\n }\n\n decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.decrypt(imported, plainData)\n }\n\n async encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null)\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.encrypt(imported, plainData)\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n const rawKey = await this.aes.exportRawKey(getKryptomKey(cryptoKey))\n if (format == 'raw') return rawKey\n return {\n kty: 'oct',\n alg: rawKey.byteLength == 32 ? 'A256CBC' : 'A128CBC',\n ext: true,\n key_ops: ['encrypt', 'decrypt'],\n k: ua2b64(rawKey).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_'),\n }\n }\n\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n async generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n if (toHex) {\n return Promise.resolve(ua2hex(this.random.randomBytes(32)))\n } else {\n const aesKey = await this.aes.generateKey(AesAlgorithm.AesCbcPkcs7, 256)\n return new AesCryptoKey(aesKey, 256)\n }\n }\n\n generateIV(ivByteLength: number): Uint8Array {\n return this.random.randomBytes(ivByteLength)\n }\n\n async importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n let keyBytes: Uint8Array\n if (format === 'jwk') {\n if (\n (aesKey as JsonWebKey).kty !== 'oct' ||\n ((aesKey as JsonWebKey).alg !== 'A256CBC' && (aesKey as JsonWebKey).alg !== 'A128CBC') ||\n !(aesKey as JsonWebKey).ext ||\n !(aesKey as JsonWebKey).key_ops?.includes('encrypt') ||\n !(aesKey as JsonWebKey).key_ops?.includes('decrypt') ||\n !(aesKey as JsonWebKey).k\n ) {\n throw new Error(\n 'Invalid JWK - must have kty=oct, alg=(A256CBC||A128CBC), ext=true, key_ops=[encrypt, decrypt], and must have non-empty k field'\n )\n }\n // b64_2ua works also with url-safe base64\n keyBytes = new Uint8Array(b64_2ua((aesKey as JsonWebKey).k!))\n } else if (format === 'raw') {\n if (aesKey! instanceof ArrayBuffer && !ArrayBuffer.isView(aesKey))\n throw new Error(\"aesKey must be an ArrayBuffer or an ArrayBufferView when format is 'raw'\")\n keyBytes = new Uint8Array(aesKey as ArrayBufferLike)\n } else throw new Error(`Invalid format ${format}`)\n const imported = await this.aes.importRawKey(keyBytes, AesAlgorithm.AesCbcPkcs7)\n return new AesCryptoKey(imported, keyBytes.length)\n }\n}\n\nfunction getKryptomKey<T>(cryptoKey: CryptoKey) {\n if ('kryptomKey' in cryptoKey) {\n return cryptoKey.kryptomKey as T\n } else throw new Error('Invalid crypto key: only crypto keys generated or loaded with this implementation of crypto primitives are supported')\n}\n\nclass AesCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: AesKey, readonly size: number) {}\n\n get algorithm(): AesKeyAlgorithm {\n return { name: 'AES-CBC', length: this.size }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['encrypt', 'decrypt']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeHmacBridge implements HMACUtils {\n constructor(private readonly hmac: HmacService) {}\n\n async exportKey(key: CryptoKey): Promise<ArrayBuffer> {\n return await this.hmac.exportRawKey(getKryptomKey(key))\n }\n\n async generateKey(): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.generateKey(HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async importKey(key: ArrayBuffer): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.importRawKey(new Uint8Array(key), HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.hmac.sign(new Uint8Array(data), getKryptomKey(key))\n }\n\n async verify(key: CryptoKey, data: ArrayBuffer, signature: ArrayBuffer): Promise<boolean> {\n return await this.hmac.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(key))\n }\n}\n\nclass HmacCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: HmacKey) {}\n\n get algorithm(): HmacKeyAlgorithm {\n return { name: 'HMAC', hash: { name: 'SHA-512' }, length: 1024 }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['sign', 'verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeRsaBridge implements RSAUtils {\n constructor(private readonly rsa: RsaService) {}\n\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n async decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.decrypt(encryptedData, getKryptomKey(privateKey))\n }\n\n async encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.encrypt(plainData, getKryptomKey(publicKey))\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'spki' | 'pkcs8'): Promise<JsonWebKey | ArrayBuffer> {\n if (format === 'jwk') {\n if (cryptoKey.type === 'private') {\n return await this.rsa.exportPrivateKeyJwk(getKryptomKey(cryptoKey))\n } else {\n return await this.rsa.exportPublicKeyJwk(getKryptomKey(cryptoKey))\n }\n } else if (format === 'spki') {\n return await this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey))\n } else if (format === 'pkcs8') {\n return await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey))\n } else throw new Error(`Invalid format ${format}`)\n }\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n async exportKeys(\n keyPair: KeyPair<CryptoKey>,\n privKeyFormat: 'jwk' | 'pkcs8',\n pubKeyFormat: 'jwk' | 'spki'\n ): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n let privateKey: JsonWebKey | ArrayBuffer\n if (privKeyFormat === 'jwk') {\n privateKey = await this.rsa.exportPrivateKeyJwk(getKryptomKey(keyPair.privateKey))\n } else {\n privateKey = await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey))\n }\n let publicKey: JsonWebKey | ArrayBuffer\n if (pubKeyFormat === 'jwk') {\n publicKey = await this.rsa.exportPublicKeyJwk(getKryptomKey(keyPair.publicKey))\n } else {\n publicKey = await this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey))\n }\n return { privateKey, publicKey }\n }\n\n async generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(this.kryptomAlgorithm(shaVersion), 2048)\n // In expo-kryptom a private keys and public keys are supertypes of keypair.\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n publicKey: new PublicRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n }\n }\n\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(RsaSignatureAlgorithm.PssWithSha256, 2048)\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n publicKey: new PublicRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n }\n }\n\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n if (keyUsages[0] == 'encrypt' && (format == 'jwk' || format == 'spki')) {\n return this.importPublicKey(format, keydata, hashAlgorithm)\n } else if (keyUsages[0] == 'decrypt' && (format == 'jwk' || format == 'pkcs8')) {\n return this.importPrivateKey(format, keydata, hashAlgorithm)\n } else throw new Error(`Combination of key usages and key format not supported: ${keyUsages} ${format}`)\n }\n\n async importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n let importedPrivate: RsaPrivateKey\n let importedPublic: RsaPublicKey\n const algorithm = this.kryptomAlgorithm(hashAlgorithm)\n if (privateKeyFormat == 'jwk') {\n importedPrivate = await this.rsa.importPrivateKeyJwk(privateKeydata as PrivateRsaKeyJwk, algorithm)\n } else {\n importedPrivate = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(privateKeydata as ArrayBuffer), algorithm)\n }\n if (publicKeyFormat == 'jwk') {\n importedPublic = await this.rsa.importPublicKeyJwk(publicKeyData as PublicRsaKeyJwk, algorithm)\n } else {\n importedPublic = await this.rsa.importPublicKeySpki(new Uint8Array(publicKeyData as ArrayBuffer), algorithm)\n }\n return {\n privateKey: new PrivateRsaCryptoKey(importedPrivate, this.encryptionKeysAlgorithm(hashAlgorithm)),\n publicKey: new PublicRsaCryptoKey(importedPublic, this.encryptionKeysAlgorithm(hashAlgorithm)),\n }\n }\n\n async importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPrivateKey\n if (format == 'jwk') {\n imported = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PrivateRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importPublicKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPublicKey\n if (format == 'jwk') {\n imported = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PublicRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPrivateKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PrivateRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPublicKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PublicRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey))\n }\n\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.rsa.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(publicKey))\n }\n\n private kryptomAlgorithm(shaVersion: ShaVersion): RsaEncryptionAlgorithm {\n return shaVersion == 'sha-256' ? RsaEncryptionAlgorithm.OaepWithSha256 : RsaEncryptionAlgorithm.OaepWithSha1\n }\n\n private encryptionKeysAlgorithm(shaVersion: ShaVersion): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: shaVersion == 'sha-256' ? 'SHA-256' : 'SHA-1' },\n }\n }\n\n private signatureKeysAlgorithm(): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n }\n}\n\nclass PrivateRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPrivateKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'private'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['decrypt'] : ['sign']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass PublicRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPublicKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'public'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['encrypt'] : ['verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nenum AesAlgorithm {\n AesCbcPkcs7 = 'AesCbcPkcs7',\n}\nenum RsaEncryptionAlgorithm {\n OaepWithSha1 = 'OaepWithSha1',\n OaepWithSha256 = 'OaepWithSha256',\n}\nenum RsaSignatureAlgorithm {\n PssWithSha256 = 'PssWithSha256',\n}\ntype RsaAlgorithm = RsaEncryptionAlgorithm | RsaSignatureAlgorithm\nenum HmacAlgorithm {\n HmacSha512 = 'HmacSha512',\n}\n\ninterface HmacKey {\n algorithmIdentifier: HmacAlgorithm\n}\n\ninterface AesKey {\n algorithmIdentifier: AesAlgorithm\n}\n\ninterface RsaKeyPair {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPrivateKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPublicKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ntype PrivateRsaKeyJwk = {\n alg: string\n d: string\n dp: string\n dq: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n p: string\n q: string\n qi: string\n}\n\ntype PublicRsaKeyJwk = {\n alg: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n}\n\ninterface AesService {\n generateKey(algorithmIdentifier: AesAlgorithm, size: number): Promise<AesKey>\n encrypt(data: Uint8Array, key: AesKey, iv: Uint8Array | null): Promise<Uint8Array>\n decrypt(ivAndEncryptedData: Uint8Array, key: AesKey): Promise<Uint8Array>\n exportRawKey(key: AesKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: AesAlgorithm): Promise<AesKey>\n}\n\ninterface RsaService {\n generateKey(algorithmIdentifier: RsaAlgorithm, size: number): Promise<RsaKeyPair>\n encrypt(data: Uint8Array, key: RsaPublicKey): Promise<Uint8Array>\n decrypt(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n signature(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: RsaPublicKey): Promise<boolean>\n exportPrivateKeyPkcs8(key: RsaPrivateKey): Promise<Uint8Array>\n exportPrivateKeyJwk(key: RsaPrivateKey): Promise<PrivateRsaKeyJwk>\n exportPublicKeySpki(key: RsaPublicKey): Promise<Uint8Array>\n exportPublicKeyJwk(key: RsaPublicKey): Promise<PublicRsaKeyJwk>\n importPrivateKeyPkcs8(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPrivateKeyJwk(privateKey: PrivateRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPublicKeySpki(publicKeySpki: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importPublicKeyJwk(publicKey: PublicRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importKeyPair(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaKeyPair>\n}\n\ninterface HmacService {\n generateKey(algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n sign(data: Uint8Array, key: HmacKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: HmacKey): Promise<boolean>\n exportRawKey(key: HmacKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n}\n\ninterface StrongRandomService {\n randomBytes(length: number): Uint8Array\n randomUUID(): string\n}\n\ninterface DigestService {\n sha256(data: Uint8Array): Promise<Uint8Array>\n}\n"]}
@@ -15,7 +15,7 @@ var ShaVersion;
15
15
  (function (ShaVersion) {
16
16
  ShaVersion["Sha1"] = "sha-1";
17
17
  ShaVersion["Sha256"] = "sha-256";
18
- })(ShaVersion = exports.ShaVersion || (exports.ShaVersion = {}));
18
+ })(ShaVersion || (exports.ShaVersion = ShaVersion = {}));
19
19
  class RSAUtilsImpl {
20
20
  constructor(crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : {}) {
21
21
  /********* RSA Config **********/
@@ -26,19 +26,19 @@ class RSAUtilsImpl {
26
26
  this.rsaHashedParams = {
27
27
  name: 'RSA-OAEP',
28
28
  modulusLength: 2048,
29
- publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
29
+ publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)
30
30
  hash: { name: 'sha-1' },
31
31
  };
32
32
  this.rsaWithSha256HashedParams = {
33
33
  name: 'RSA-OAEP',
34
34
  modulusLength: 2048,
35
- publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
35
+ publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)
36
36
  hash: { name: 'SHA-256' },
37
37
  };
38
38
  this.signatureKeysGenerationParams = {
39
39
  name: 'RSA-PSS',
40
40
  modulusLength: 2048,
41
- publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
41
+ publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)
42
42
  hash: { name: 'SHA-256' },
43
43
  };
44
44
  this.crypto = crypto;
@@ -1 +1 @@
1
- {"version":3,"file":"RSA.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RSA.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAA4C;AAO5C,IAAY,UAGX;AAHD,WAAY,UAAU;IACpB,4BAAc,CAAA;IACd,gCAAkB,CAAA;AACpB,CAAC,EAHW,UAAU,GAAV,kBAAU,KAAV,kBAAU,QAGrB;AAkID,MAAa,YAAY;IA2BvB,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QA1BvI,iCAAiC;QACjC,qBAAqB;QACrB,sBAAsB;QACtB,cAAS,GAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;QACrC,mDAAmD;QACnD,oBAAe,GAAQ;YACrB,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAClD,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE;SACxB,CAAA;QACD,8BAAyB,GAAQ;YAC/B,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAClD,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QACgB,kCAA6B,GAAG;YAC/C,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;YAClD,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QAKC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;;OAGG;IACH,eAAe,CAAC,UAAsB;QACpC,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;QAE5D,OAAO,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACG,wBAAwB;;YAC5B,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,6BAA6B,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC3G,CAAC;KAAA;IAeD,UAAU,CAAC,OAA2B,EAAE,aAAqB,EAAE,YAAoB;QACjF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,YAAmB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;QACvF,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAoB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;QAE1F,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAgBD,SAAS,CAAC,SAAoB,EAAE,MAAc;QAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAAM,EAAE,EAAE;YAC/E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC9E,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,SAAoB,EAAE,SAAqB;QACjD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA,CAAC,0BAA0B;QACzJ,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,UAAqB,EAAE,aAAyB;QACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACtH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;QAC3E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;IAC/H,CAAC;IAED,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;QAC7E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,yBAAyB,CAAC,UAAsB;QAC9C,IAAI,UAAU,KAAK,OAAO,EAAE;YAC1B,OAAO,IAAI,CAAC,eAAe,CAAA;SAC5B;aAAM,IAAI,UAAU,KAAK,SAAS,EAAE;YACnC,OAAO,IAAI,CAAC,yBAAyB,CAAA;SACtC;aAAM;YACL,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;SACzD;IACH,CAAC;IAED;;;;;;OAMG;IACH,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;QACpG,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACxH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CACX,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;QAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAuB,EAAE,cAAqB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QACrI,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,eAAsB,EAAE,aAAoB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QAElI,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACG,oBAAoB,CAAC,OAA2B;;YACpD,IAAI;gBACF,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;aAC9B;YAAC,OAAO,CAAC,EAAE;gBACV,OAAO,KAAK,CAAA;aACb;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;;;OAMG;IACG,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;QACzG,CAAC;KAAA;CACF;AAjPD,oCAiPC;AAEY,QAAA,GAAG,GAAa,IAAI,YAAY,EAAE,CAAA","sourcesContent":["import { ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Represents an RSA KeyPair in a generic format.\n */\nexport type KeyPair<T> = { publicKey: T; privateKey: T }\n\nexport enum ShaVersion {\n Sha1 = 'sha-1',\n Sha256 = 'sha-256',\n}\n\nexport interface RSAUtils {\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>>\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>>\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>>\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer>\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(format: 'jwk' | 'spki' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, keyUsages: KeyUsage[], hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: 'jwk' | 'pkcs8',\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: 'jwk' | 'spki',\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>>\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean>\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean>\n}\n\nexport class RSAUtilsImpl implements RSAUtils {\n /********* RSA Config **********/\n //TODO bigger modulus\n //TODO PSS for signing\n rsaParams: any = { name: 'RSA-OAEP' }\n // RSA params for 'import' and 'generate' function.\n rsaHashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'sha-1' },\n }\n rsaWithSha256HashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n private readonly signatureKeysGenerationParams = {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n\n private crypto: Crypto\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const rsaParams = this.paramsForCreationOrImport(shaVersion)\n\n return new Promise<KeyPair<CryptoKey>>((resolve, reject) => {\n this.crypto.subtle.generateKey(rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n return await this.crypto.subtle.generateKey(this.signatureKeysGenerationParams, true, ['sign', 'verify'])\n }\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n const pubPromise = this.crypto.subtle.exportKey(pubKeyFormat as any, keyPair.publicKey)\n const privPromise = this.crypto.subtle.exportKey(privKeyFormat as any, keyPair.privateKey)\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer> {\n return new Promise((resolve: (value: JsonWebKey | ArrayBuffer) => any, reject) => {\n this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.encrypt(this.rsaParams, publicKey, plainData.buffer ? plainData.buffer : plainData).then(resolve, reject) //Node prefers arrayBuffer\n })\n }\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.decrypt(this.rsaParams, privateKey, encryptedData).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['sign'])\n }\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['verify'])\n }\n\n paramsForCreationOrImport(shaVersion: ShaVersion) {\n if (shaVersion === 'sha-1') {\n return this.rsaHashedParams\n } else if (shaVersion === 'sha-256') {\n return this.rsaWithSha256HashedParams\n } else {\n throw new Error('Unexpected error, invalid SHA version')\n }\n }\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, ['decrypt']).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n const privPromise = this.crypto.subtle.importKey(privateKeyFormat as any, privateKeydata as any, rsaParams, extractable, ['decrypt'])\n const pubPromise = this.crypto.subtle.importKey(publicKeyFormat as any, publicKeyData as any, rsaParams, extractable, ['encrypt'])\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.crypto.subtle.sign({ name: 'RSA-PSS', saltLength: 32 }, privateKey, data)\n }\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.crypto.subtle.verify({ name: 'RSA-PSS', saltLength: 32 }, publicKey, signature, data)\n }\n}\n\nexport const RSA: RSAUtils = new RSAUtilsImpl()\n"]}
1
+ {"version":3,"file":"RSA.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RSA.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAA4C;AAO5C,IAAY,UAGX;AAHD,WAAY,UAAU;IACpB,4BAAc,CAAA;IACd,gCAAkB,CAAA;AACpB,CAAC,EAHW,UAAU,0BAAV,UAAU,QAGrB;AAkID,MAAa,YAAY;IA2BvB,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QA1BvI,iCAAiC;QACjC,qBAAqB;QACrB,sBAAsB;QACtB,cAAS,GAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;QACrC,mDAAmD;QACnD,oBAAe,GAAQ;YACrB,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE;SACxB,CAAA;QACD,8BAAyB,GAAQ;YAC/B,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QACgB,kCAA6B,GAAG;YAC/C,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QAKC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;;OAGG;IACH,eAAe,CAAC,UAAsB;QACpC,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;QAE5D,OAAO,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACG,wBAAwB;;YAC5B,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,6BAA6B,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC3G,CAAC;KAAA;IAeD,UAAU,CAAC,OAA2B,EAAE,aAAqB,EAAE,YAAoB;QACjF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,YAAmB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;QACvF,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAoB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;QAE1F,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAgBD,SAAS,CAAC,SAAoB,EAAE,MAAc;QAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAAM,EAAE,EAAE;YAC/E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC9E,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,SAAoB,EAAE,SAAqB;QACjD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA,CAAC,0BAA0B;QACzJ,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,UAAqB,EAAE,aAAyB;QACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACtH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;QAC3E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;IAC/H,CAAC;IAED,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;QAC7E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,yBAAyB,CAAC,UAAsB;QAC9C,IAAI,UAAU,KAAK,OAAO,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,eAAe,CAAA;QAC7B,CAAC;aAAM,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC,yBAAyB,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;QACpG,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACxH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CACX,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;QAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAuB,EAAE,cAAqB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QACrI,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,eAAsB,EAAE,aAAoB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QAElI,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACG,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;;;OAMG;IACG,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;QACzG,CAAC;KAAA;CACF;AAjPD,oCAiPC;AAEY,QAAA,GAAG,GAAa,IAAI,YAAY,EAAE,CAAA","sourcesContent":["import { ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Represents an RSA KeyPair in a generic format.\n */\nexport type KeyPair<T> = { publicKey: T; privateKey: T }\n\nexport enum ShaVersion {\n Sha1 = 'sha-1',\n Sha256 = 'sha-256',\n}\n\nexport interface RSAUtils {\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>>\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>>\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>>\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer>\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(format: 'jwk' | 'spki' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, keyUsages: KeyUsage[], hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: 'jwk' | 'pkcs8',\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: 'jwk' | 'spki',\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>>\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean>\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean>\n}\n\nexport class RSAUtilsImpl implements RSAUtils {\n /********* RSA Config **********/\n //TODO bigger modulus\n //TODO PSS for signing\n rsaParams: any = { name: 'RSA-OAEP' }\n // RSA params for 'import' and 'generate' function.\n rsaHashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'sha-1' },\n }\n rsaWithSha256HashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n private readonly signatureKeysGenerationParams = {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n\n private crypto: Crypto\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const rsaParams = this.paramsForCreationOrImport(shaVersion)\n\n return new Promise<KeyPair<CryptoKey>>((resolve, reject) => {\n this.crypto.subtle.generateKey(rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n return await this.crypto.subtle.generateKey(this.signatureKeysGenerationParams, true, ['sign', 'verify'])\n }\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n const pubPromise = this.crypto.subtle.exportKey(pubKeyFormat as any, keyPair.publicKey)\n const privPromise = this.crypto.subtle.exportKey(privKeyFormat as any, keyPair.privateKey)\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer> {\n return new Promise((resolve: (value: JsonWebKey | ArrayBuffer) => any, reject) => {\n this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.encrypt(this.rsaParams, publicKey, plainData.buffer ? plainData.buffer : plainData).then(resolve, reject) //Node prefers arrayBuffer\n })\n }\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.decrypt(this.rsaParams, privateKey, encryptedData).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['sign'])\n }\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['verify'])\n }\n\n paramsForCreationOrImport(shaVersion: ShaVersion) {\n if (shaVersion === 'sha-1') {\n return this.rsaHashedParams\n } else if (shaVersion === 'sha-256') {\n return this.rsaWithSha256HashedParams\n } else {\n throw new Error('Unexpected error, invalid SHA version')\n }\n }\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, ['decrypt']).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n const privPromise = this.crypto.subtle.importKey(privateKeyFormat as any, privateKeydata as any, rsaParams, extractable, ['decrypt'])\n const pubPromise = this.crypto.subtle.importKey(publicKeyFormat as any, publicKeyData as any, rsaParams, extractable, ['encrypt'])\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.crypto.subtle.sign({ name: 'RSA-PSS', saltLength: 32 }, privateKey, data)\n }\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.crypto.subtle.verify({ name: 'RSA-PSS', saltLength: 32 }, publicKey, signature, data)\n }\n}\n\nexport const RSA: RSAUtils = new RSAUtilsImpl()\n"]}
@@ -34,7 +34,7 @@ var RecoveryDataUseFailureReason;
34
34
  * with an unsupported SDK version.
35
35
  */
36
36
  RecoveryDataUseFailureReason["InvalidContent"] = "INVALID_CONTENT";
37
- })(RecoveryDataUseFailureReason = exports.RecoveryDataUseFailureReason || (exports.RecoveryDataUseFailureReason = {}));
37
+ })(RecoveryDataUseFailureReason || (exports.RecoveryDataUseFailureReason = RecoveryDataUseFailureReason = {}));
38
38
  /**
39
39
  * @internal this class is for internal use only and may change without notice.
40
40
  */
@@ -1 +1 @@
1
- {"version":3,"file":"RecoveryDataEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RecoveryDataEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,4EAAwE;AACxE,oCAA6G;AAC7G,+CAA2C;AAC3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAK9B,IAAY,4BAmBX;AAnBD,WAAY,4BAA4B;IACtC;;OAEG;IACH,mDAAmB,CAAA;IACnB;;;OAGG;IACH,6DAA6B,CAAA;IAC7B;;OAEG;IACH,4DAA4B,CAAA;IAC5B;;;OAGG;IACH,kEAAkC,CAAA;AACpC,CAAC,EAnBW,4BAA4B,GAA5B,oCAA4B,KAA5B,oCAA4B,QAmBvC;AAaD;;GAEG;AACH,MAAa,sBAAsB;IACjC,YAA6B,UAA4B,EAAmB,eAAmC;QAAlF,eAAU,GAAV,UAAU,CAAkB;QAAmB,oBAAe,GAAf,eAAe,CAAoB;IAAG,CAAC;IAE7G,eAAe,CAAC,WAAmB;;YACvC,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;QAClE,CAAC;KAAA;IAEK,oCAAoC,CACxC,SAAiB,EACjB,QAAyF,EACzF,eAAmC;;YAEnC,MAAM,OAAO,GAA+B,EAAE,CAAA;YAC9C,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAC1D,MAAM,OAAO,GAAuD,EAAE,CAAA;gBACtE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE;oBACvC,OAAO,CAAC,IAAI,CAAC;wBACX,IAAI,EAAE;4BACJ,UAAU,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BACjF,SAAS,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;yBAC/E;wBACD,SAAS;qBACV,CAAC,CAAA;iBACH;gBACD,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAA;aAC9B;YACD,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAA;QAC/G,CAAC;KAAA;IAEK,iCAAiC,CACrC,WAAmB,EACnB,mBAA4B;;YAE5B,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACnH,IAAI,SAAS,IAAI,qBAAqB,EAAE;gBACtC,OAAO,qBAAqB,CAAA;aAC7B;iBAAM;gBACL,MAAM,iBAAiB,GAAG,qBAAqB,CAAC,aAA2C,CAAA;gBAC3F,MAAM,aAAa,GAA8E,EAAE,CAAA;gBACnG,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE;oBACnE,MAAM,YAAY,GAAoD,EAAE,CAAA;oBACxE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE;wBACvC,YAAY,CAAC,IAAA,cAAM,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG;4BAC9C,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;4BAC1G,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;yBACxG,CAAA;qBACF;oBACD,aAAa,CAAC,UAAU,CAAC,GAAG,YAAY,CAAA;iBACzC;gBACD,IAAI,mBAAmB,EAAE;oBACvB,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACjG,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,EAAE,CAAC,CAAA;oBACrE,CAAC,CAAC,CAAA;iBACH;gBACD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;aAClC;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,SAAiB,EACjB,gBAKG,EACH,eAAmC;;YAEnC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAClC,SAAS,EACT,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EACvC,eAAe,EACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,sBAAsB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,sBAAsB,CAAC;gBACxD,qBAAqB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,qBAAqB,CAAC;gBACtD,cAAc,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,cAAc,CAAC;aACzC,CAAC,CAAC,CACJ,CAAA;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,WAAmB;;YAKnB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;YACxH,IAAI,SAAS,IAAI,qBAAqB;gBAAE,OAAO,qBAAqB,CAAA;YACpE,OAAO;gBACL,OAAO,EAAG,qBAAqB,CAAC,aAAiD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5F,cAAc,EAAE,CAAC,CAAC,cAAc;oBAChC,sBAAsB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,sBAAsB,CAAC;oBACzD,qBAAqB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,qBAAqB,CAAC;oBACvD,cAAc,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,cAAc,CAAC;iBAC1C,CAAC,CAAC;aACJ,CAAA;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,WAAmB,EACnB,YAA+B;;YAE/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CACnE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAC5B,CAAC,CAAC,EAAE,EAAE;gBACJ,IAAI,CAAC,YAAY,QAAQ,EAAE;oBACzB,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE;wBACxB,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,OAAO,EAAE,CAAA;qBACzD;yBAAM,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE;wBAC/B,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,YAAY,EAAE,CAAA;qBAC9D;iBACF;gBACD,MAAM,CAAC,CAAA;YACT,CAAC,CACF,CAAA;YACD,IAAI,SAAS,IAAI,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAA;YAClC,IAAI,YAAY,CAAC,IAAI,KAAK,YAAY;gBAAE,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,WAAW,EAAE,CAAA;YACpG,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAA;YACrF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,IAAA,iBAAS,EAAC,IAAA,WAAG,EAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC;iBAClH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAA,eAAO,EAAC,CAAC,CAAC,CAAC,CAAC;iBACnC,IAAI,CACH,CAAC,CAAC,EAAoC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,EACzD,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,4BAA4B,CAAC,cAAc,EAAE,CAAC,CACjE,CAAA;YACH,IAAI,SAAS,IAAI,gBAAgB;gBAAE,OAAO,gBAAgB,CAAA;YAC1D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,CAAC,OAAO,EAAE,CAAA;QAClE,CAAC;KAAA;IACK,kBAAkB,CACtB,SAAiB,EACjB,IAAuB,EACvB,eAAmC,EACnC,OAA4B;;YAE5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAA;YACtE,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAA;YACtF,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAA;YACrD,MAAM,aAAa,GAAG,IAAA,WAAG,EAAC,IAAA,iBAAS,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACvH,MAAM,iBAAiB,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3F,MAAM,IAAI,GAAiB,IAAI,2BAAY,CAAC;gBAC1C,EAAE;gBACF,aAAa;gBACb,iBAAiB;gBACjB,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAA;YACnD,OAAO,cAAc,CAAA;QACvB,CAAC;KAAA;CACF;AAvJD,wDAuJC","sourcesContent":["import { KeyPair, ShaVersion } from './RSA'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccRecoveryDataApi } from '../../icc-api/api/internal/IccRecoveryDataApi'\nimport { IccExchangeDataApi } from '../../icc-api/api/internal/IccExchangeDataApi'\nimport { RecoveryData } from '../../icc-api/model/internal/RecoveryData'\nimport { a2b, b2a, b64_2ua, hex2ua, string2ua, ua2b64, ua2hex, ua2string, ua2utf8, utf8_2ua } from '../utils'\nimport { XHR } from '../../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { KeyPairUpdateRequest } from '../maintenance/KeyPairUpdateRequest'\nimport { get } from 'lodash'\n\nexport enum RecoveryDataUseFailureReason {\n /**\n * The recovery data matching the provided recovery key does not exist. It could have been deleted, or it could have been expired.\n */\n Missing = 'MISSING',\n /**\n * The recovery data exists but it is not available to the current user. The user may have used a recovery key that he created while logged in as\n * a different user.\n */\n Unauthorized = 'UNAUTHORIZED',\n /**\n * The recovery data exists and is available to the current user, but it is not of the expected type.\n */\n InvalidType = 'INVALID_TYPE',\n /**\n * The recovery data exists and is available to the current user, but its content could not be interpreted. The data may have been created\n * with an unsupported SDK version.\n */\n InvalidContent = 'INVALID_CONTENT',\n}\n\n// accessControlSecret, sharedSignatureKey, and exchangeKey all raw bytes b64 encoded\ntype ExchangeDataRecoveryDataContent = {\n exchangeDataId: string\n rawAccessControlSecret: string\n rawSharedSignatureKey: string\n rawExchangeKey: string\n}[]\n// delegateId -> { pair: { privateKey: base64pkcs8, publicKey: base64spki }, algorithm: ShaVersion }[]\ntype KeyPairRecoveryDataContent = { [delegateId: string]: { pair: KeyPair<string>; algorithm: ShaVersion }[] }\ntype RecoveryDataContent = KeyPairRecoveryDataContent | ExchangeDataRecoveryDataContent\n\n/**\n * @internal this class is for internal use only and may change without notice.\n */\nexport class RecoveryDataEncryption {\n constructor(private readonly primitives: CryptoPrimitives, private readonly baseRecoveryApi: IccRecoveryDataApi) {}\n\n async recoveryKeyToId(recoveryKey: string): Promise<string> {\n return ua2hex(await this.primitives.sha256(hex2ua(recoveryKey)))\n }\n\n async createAndSaveKeyPairsRecoveryDataFor(\n recipient: string,\n keyPairs: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] },\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n const content: KeyPairRecoveryDataContent = {}\n for (const [delegateId, pairs] of Object.entries(keyPairs)) {\n const entries: { pair: KeyPair<string>; algorithm: ShaVersion }[] = []\n for (const { pair, algorithm } of pairs) {\n entries.push({\n pair: {\n privateKey: ua2b64(await this.primitives.RSA.exportKey(pair.privateKey, 'pkcs8')),\n publicKey: ua2b64(await this.primitives.RSA.exportKey(pair.publicKey, 'spki')),\n },\n algorithm,\n })\n }\n content[delegateId] = entries\n }\n return await this.createRecoveryData(recipient, RecoveryData.Type.KEYPAIR_RECOVERY, lifetimeSeconds, content)\n }\n\n async getAndDecryptKeyPairsRecoveryData(\n recoveryKey: string,\n autoDeleteOnSuccess: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.KEYPAIR_RECOVERY)\n if ('failure' in getRecoveryDataResult) {\n return getRecoveryDataResult\n } else {\n const recoveredKeysData = getRecoveryDataResult.decryptedJson as KeyPairRecoveryDataContent\n const recoveredKeys: { [delegateId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } = {}\n for (const [delegateId, pairs] of Object.entries(recoveredKeysData)) {\n const delegateKeys: { [publicKeySpki: string]: KeyPair<CryptoKey> } = {}\n for (const { pair, algorithm } of pairs) {\n delegateKeys[ua2hex(b64_2ua(pair.publicKey))] = {\n privateKey: await this.primitives.RSA.importKey('pkcs8', b64_2ua(pair.privateKey), ['decrypt'], algorithm),\n publicKey: await this.primitives.RSA.importKey('spki', b64_2ua(pair.publicKey), ['encrypt'], algorithm),\n }\n }\n recoveredKeys[delegateId] = delegateKeys\n }\n if (autoDeleteOnSuccess) {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Failed to auto-delete recovery data, ignoring. ${e}`)\n })\n }\n return { success: recoveredKeys }\n }\n }\n\n async createAndSaveExchangeDataRecoveryData(\n recipient: string,\n exchangeDataInfo: {\n exchangeDataId: string\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n rawExchangeKey: ArrayBuffer\n }[],\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n return await this.createRecoveryData(\n recipient,\n RecoveryData.Type.EXCHANGE_KEY_RECOVERY,\n lifetimeSeconds,\n exchangeDataInfo.map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: ua2b64(x.rawAccessControlSecret),\n rawSharedSignatureKey: ua2b64(x.rawSharedSignatureKey),\n rawExchangeKey: ua2b64(x.rawExchangeKey),\n }))\n )\n }\n\n async getAndDecryptExchangeDataRecoveryData(\n recoveryKey: string\n ): Promise<\n | { success: { exchangeDataId: string; rawAccessControlSecret: ArrayBuffer; rawSharedSignatureKey: ArrayBuffer; rawExchangeKey: ArrayBuffer }[] }\n | { failure: RecoveryDataUseFailureReason }\n > {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.EXCHANGE_KEY_RECOVERY)\n if ('failure' in getRecoveryDataResult) return getRecoveryDataResult\n return {\n success: (getRecoveryDataResult.decryptedJson as ExchangeDataRecoveryDataContent).map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: b64_2ua(x.rawAccessControlSecret),\n rawSharedSignatureKey: b64_2ua(x.rawSharedSignatureKey),\n rawExchangeKey: b64_2ua(x.rawExchangeKey),\n })),\n }\n }\n\n async getRecoveryDataAndDecrypt(\n recoveryKey: string,\n expectedType: RecoveryData.Type\n ): Promise<{ recoveryData: RecoveryData; decryptedJson: any } | { failure: RecoveryDataUseFailureReason }> {\n const id = await this.recoveryKeyToId(recoveryKey)\n const getResult = await this.baseRecoveryApi.getRecoveryData(id).then(\n (r) => ({ recoveryData: r }),\n (e) => {\n if (e instanceof XHRError) {\n if (e.statusCode === 404) {\n return { failure: RecoveryDataUseFailureReason.Missing }\n } else if (e.statusCode === 403) {\n return { failure: RecoveryDataUseFailureReason.Unauthorized }\n }\n }\n throw e\n }\n )\n if ('failure' in getResult) return getResult\n const { recoveryData } = getResult\n if (recoveryData.type !== expectedType) return { failure: RecoveryDataUseFailureReason.InvalidType }\n const decryptionKey = await this.primitives.AES.importKey('raw', hex2ua(recoveryKey))\n const decryptionResult = await this.primitives.AES.decrypt(decryptionKey, string2ua(a2b(recoveryData.encryptedSelf)))\n .then((d) => JSON.parse(ua2utf8(d)))\n .then(\n (r): { success: RecoveryDataContent } => ({ success: r }),\n () => ({ failure: RecoveryDataUseFailureReason.InvalidContent })\n )\n if ('failure' in decryptionResult) return decryptionResult\n return { recoveryData, decryptedJson: decryptionResult.success }\n }\n async createRecoveryData(\n recipient: string,\n type: RecoveryData.Type,\n lifetimeSeconds: number | undefined,\n content: RecoveryDataContent\n ): Promise<string> {\n const recoveryKey = await this.primitives.AES.generateCryptoKey(false)\n const recoveryKeyHex = ua2hex(await this.primitives.AES.exportKey(recoveryKey, 'raw'))\n const id = await this.recoveryKeyToId(recoveryKeyHex)\n const encryptedSelf = b2a(ua2string(await this.primitives.AES.encrypt(recoveryKey, utf8_2ua(JSON.stringify(content)))))\n const expirationInstant = lifetimeSeconds ? Date.now() + lifetimeSeconds * 1000 : undefined\n const data: RecoveryData = new RecoveryData({\n id,\n encryptedSelf,\n expirationInstant,\n recipient,\n type,\n })\n await this.baseRecoveryApi.createRecoveryData(data)\n return recoveryKeyHex\n }\n}\n"]}
1
+ {"version":3,"file":"RecoveryDataEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RecoveryDataEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,4EAAwE;AACxE,oCAA6G;AAC7G,+CAA2C;AAC3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAK9B,IAAY,4BAmBX;AAnBD,WAAY,4BAA4B;IACtC;;OAEG;IACH,mDAAmB,CAAA;IACnB;;;OAGG;IACH,6DAA6B,CAAA;IAC7B;;OAEG;IACH,4DAA4B,CAAA;IAC5B;;;OAGG;IACH,kEAAkC,CAAA;AACpC,CAAC,EAnBW,4BAA4B,4CAA5B,4BAA4B,QAmBvC;AAaD;;GAEG;AACH,MAAa,sBAAsB;IACjC,YAA6B,UAA4B,EAAmB,eAAmC;QAAlF,eAAU,GAAV,UAAU,CAAkB;QAAmB,oBAAe,GAAf,eAAe,CAAoB;IAAG,CAAC;IAE7G,eAAe,CAAC,WAAmB;;YACvC,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;QAClE,CAAC;KAAA;IAEK,oCAAoC,CACxC,SAAiB,EACjB,QAAyF,EACzF,eAAmC;;YAEnC,MAAM,OAAO,GAA+B,EAAE,CAAA;YAC9C,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,MAAM,OAAO,GAAuD,EAAE,CAAA;gBACtE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;oBACxC,OAAO,CAAC,IAAI,CAAC;wBACX,IAAI,EAAE;4BACJ,UAAU,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BACjF,SAAS,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;yBAC/E;wBACD,SAAS;qBACV,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAA;YAC/B,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAA;QAC/G,CAAC;KAAA;IAEK,iCAAiC,CACrC,WAAmB,EACnB,mBAA4B;;YAE5B,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACnH,IAAI,SAAS,IAAI,qBAAqB,EAAE,CAAC;gBACvC,OAAO,qBAAqB,CAAA;YAC9B,CAAC;iBAAM,CAAC;gBACN,MAAM,iBAAiB,GAAG,qBAAqB,CAAC,aAA2C,CAAA;gBAC3F,MAAM,aAAa,GAA8E,EAAE,CAAA;gBACnG,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACpE,MAAM,YAAY,GAAoD,EAAE,CAAA;oBACxE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;wBACxC,YAAY,CAAC,IAAA,cAAM,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG;4BAC9C,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;4BAC1G,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;yBACxG,CAAA;oBACH,CAAC;oBACD,aAAa,CAAC,UAAU,CAAC,GAAG,YAAY,CAAA;gBAC1C,CAAC;gBACD,IAAI,mBAAmB,EAAE,CAAC;oBACxB,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACjG,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,EAAE,CAAC,CAAA;oBACrE,CAAC,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;YACnC,CAAC;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,SAAiB,EACjB,gBAKG,EACH,eAAmC;;YAEnC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAClC,SAAS,EACT,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EACvC,eAAe,EACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,sBAAsB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,sBAAsB,CAAC;gBACxD,qBAAqB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,qBAAqB,CAAC;gBACtD,cAAc,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,cAAc,CAAC;aACzC,CAAC,CAAC,CACJ,CAAA;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,WAAmB;;YAKnB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;YACxH,IAAI,SAAS,IAAI,qBAAqB;gBAAE,OAAO,qBAAqB,CAAA;YACpE,OAAO;gBACL,OAAO,EAAG,qBAAqB,CAAC,aAAiD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5F,cAAc,EAAE,CAAC,CAAC,cAAc;oBAChC,sBAAsB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,sBAAsB,CAAC;oBACzD,qBAAqB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,qBAAqB,CAAC;oBACvD,cAAc,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,cAAc,CAAC;iBAC1C,CAAC,CAAC;aACJ,CAAA;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,WAAmB,EACnB,YAA+B;;YAE/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CACnE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAC5B,CAAC,CAAC,EAAE,EAAE;gBACJ,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC;oBAC1B,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBACzB,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,OAAO,EAAE,CAAA;oBAC1D,CAAC;yBAAM,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBAChC,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,YAAY,EAAE,CAAA;oBAC/D,CAAC;gBACH,CAAC;gBACD,MAAM,CAAC,CAAA;YACT,CAAC,CACF,CAAA;YACD,IAAI,SAAS,IAAI,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAA;YAClC,IAAI,YAAY,CAAC,IAAI,KAAK,YAAY;gBAAE,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,WAAW,EAAE,CAAA;YACpG,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAA;YACrF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,IAAA,iBAAS,EAAC,IAAA,WAAG,EAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC;iBAClH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAA,eAAO,EAAC,CAAC,CAAC,CAAC,CAAC;iBACnC,IAAI,CACH,CAAC,CAAC,EAAoC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,EACzD,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,4BAA4B,CAAC,cAAc,EAAE,CAAC,CACjE,CAAA;YACH,IAAI,SAAS,IAAI,gBAAgB;gBAAE,OAAO,gBAAgB,CAAA;YAC1D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,CAAC,OAAO,EAAE,CAAA;QAClE,CAAC;KAAA;IACK,kBAAkB,CACtB,SAAiB,EACjB,IAAuB,EACvB,eAAmC,EACnC,OAA4B;;YAE5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAA;YACtE,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAA;YACtF,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAA;YACrD,MAAM,aAAa,GAAG,IAAA,WAAG,EAAC,IAAA,iBAAS,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACvH,MAAM,iBAAiB,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3F,MAAM,IAAI,GAAiB,IAAI,2BAAY,CAAC;gBAC1C,EAAE;gBACF,aAAa;gBACb,iBAAiB;gBACjB,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAA;YACnD,OAAO,cAAc,CAAA;QACvB,CAAC;KAAA;CACF;AAvJD,wDAuJC","sourcesContent":["import { KeyPair, ShaVersion } from './RSA'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccRecoveryDataApi } from '../../icc-api/api/internal/IccRecoveryDataApi'\nimport { IccExchangeDataApi } from '../../icc-api/api/internal/IccExchangeDataApi'\nimport { RecoveryData } from '../../icc-api/model/internal/RecoveryData'\nimport { a2b, b2a, b64_2ua, hex2ua, string2ua, ua2b64, ua2hex, ua2string, ua2utf8, utf8_2ua } from '../utils'\nimport { XHR } from '../../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { KeyPairUpdateRequest } from '../maintenance/KeyPairUpdateRequest'\nimport { get } from 'lodash'\n\nexport enum RecoveryDataUseFailureReason {\n /**\n * The recovery data matching the provided recovery key does not exist. It could have been deleted, or it could have been expired.\n */\n Missing = 'MISSING',\n /**\n * The recovery data exists but it is not available to the current user. The user may have used a recovery key that he created while logged in as\n * a different user.\n */\n Unauthorized = 'UNAUTHORIZED',\n /**\n * The recovery data exists and is available to the current user, but it is not of the expected type.\n */\n InvalidType = 'INVALID_TYPE',\n /**\n * The recovery data exists and is available to the current user, but its content could not be interpreted. The data may have been created\n * with an unsupported SDK version.\n */\n InvalidContent = 'INVALID_CONTENT',\n}\n\n// accessControlSecret, sharedSignatureKey, and exchangeKey all raw bytes b64 encoded\ntype ExchangeDataRecoveryDataContent = {\n exchangeDataId: string\n rawAccessControlSecret: string\n rawSharedSignatureKey: string\n rawExchangeKey: string\n}[]\n// delegateId -> { pair: { privateKey: base64pkcs8, publicKey: base64spki }, algorithm: ShaVersion }[]\ntype KeyPairRecoveryDataContent = { [delegateId: string]: { pair: KeyPair<string>; algorithm: ShaVersion }[] }\ntype RecoveryDataContent = KeyPairRecoveryDataContent | ExchangeDataRecoveryDataContent\n\n/**\n * @internal this class is for internal use only and may change without notice.\n */\nexport class RecoveryDataEncryption {\n constructor(private readonly primitives: CryptoPrimitives, private readonly baseRecoveryApi: IccRecoveryDataApi) {}\n\n async recoveryKeyToId(recoveryKey: string): Promise<string> {\n return ua2hex(await this.primitives.sha256(hex2ua(recoveryKey)))\n }\n\n async createAndSaveKeyPairsRecoveryDataFor(\n recipient: string,\n keyPairs: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] },\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n const content: KeyPairRecoveryDataContent = {}\n for (const [delegateId, pairs] of Object.entries(keyPairs)) {\n const entries: { pair: KeyPair<string>; algorithm: ShaVersion }[] = []\n for (const { pair, algorithm } of pairs) {\n entries.push({\n pair: {\n privateKey: ua2b64(await this.primitives.RSA.exportKey(pair.privateKey, 'pkcs8')),\n publicKey: ua2b64(await this.primitives.RSA.exportKey(pair.publicKey, 'spki')),\n },\n algorithm,\n })\n }\n content[delegateId] = entries\n }\n return await this.createRecoveryData(recipient, RecoveryData.Type.KEYPAIR_RECOVERY, lifetimeSeconds, content)\n }\n\n async getAndDecryptKeyPairsRecoveryData(\n recoveryKey: string,\n autoDeleteOnSuccess: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.KEYPAIR_RECOVERY)\n if ('failure' in getRecoveryDataResult) {\n return getRecoveryDataResult\n } else {\n const recoveredKeysData = getRecoveryDataResult.decryptedJson as KeyPairRecoveryDataContent\n const recoveredKeys: { [delegateId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } = {}\n for (const [delegateId, pairs] of Object.entries(recoveredKeysData)) {\n const delegateKeys: { [publicKeySpki: string]: KeyPair<CryptoKey> } = {}\n for (const { pair, algorithm } of pairs) {\n delegateKeys[ua2hex(b64_2ua(pair.publicKey))] = {\n privateKey: await this.primitives.RSA.importKey('pkcs8', b64_2ua(pair.privateKey), ['decrypt'], algorithm),\n publicKey: await this.primitives.RSA.importKey('spki', b64_2ua(pair.publicKey), ['encrypt'], algorithm),\n }\n }\n recoveredKeys[delegateId] = delegateKeys\n }\n if (autoDeleteOnSuccess) {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Failed to auto-delete recovery data, ignoring. ${e}`)\n })\n }\n return { success: recoveredKeys }\n }\n }\n\n async createAndSaveExchangeDataRecoveryData(\n recipient: string,\n exchangeDataInfo: {\n exchangeDataId: string\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n rawExchangeKey: ArrayBuffer\n }[],\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n return await this.createRecoveryData(\n recipient,\n RecoveryData.Type.EXCHANGE_KEY_RECOVERY,\n lifetimeSeconds,\n exchangeDataInfo.map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: ua2b64(x.rawAccessControlSecret),\n rawSharedSignatureKey: ua2b64(x.rawSharedSignatureKey),\n rawExchangeKey: ua2b64(x.rawExchangeKey),\n }))\n )\n }\n\n async getAndDecryptExchangeDataRecoveryData(\n recoveryKey: string\n ): Promise<\n | { success: { exchangeDataId: string; rawAccessControlSecret: ArrayBuffer; rawSharedSignatureKey: ArrayBuffer; rawExchangeKey: ArrayBuffer }[] }\n | { failure: RecoveryDataUseFailureReason }\n > {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.EXCHANGE_KEY_RECOVERY)\n if ('failure' in getRecoveryDataResult) return getRecoveryDataResult\n return {\n success: (getRecoveryDataResult.decryptedJson as ExchangeDataRecoveryDataContent).map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: b64_2ua(x.rawAccessControlSecret),\n rawSharedSignatureKey: b64_2ua(x.rawSharedSignatureKey),\n rawExchangeKey: b64_2ua(x.rawExchangeKey),\n })),\n }\n }\n\n async getRecoveryDataAndDecrypt(\n recoveryKey: string,\n expectedType: RecoveryData.Type\n ): Promise<{ recoveryData: RecoveryData; decryptedJson: any } | { failure: RecoveryDataUseFailureReason }> {\n const id = await this.recoveryKeyToId(recoveryKey)\n const getResult = await this.baseRecoveryApi.getRecoveryData(id).then(\n (r) => ({ recoveryData: r }),\n (e) => {\n if (e instanceof XHRError) {\n if (e.statusCode === 404) {\n return { failure: RecoveryDataUseFailureReason.Missing }\n } else if (e.statusCode === 403) {\n return { failure: RecoveryDataUseFailureReason.Unauthorized }\n }\n }\n throw e\n }\n )\n if ('failure' in getResult) return getResult\n const { recoveryData } = getResult\n if (recoveryData.type !== expectedType) return { failure: RecoveryDataUseFailureReason.InvalidType }\n const decryptionKey = await this.primitives.AES.importKey('raw', hex2ua(recoveryKey))\n const decryptionResult = await this.primitives.AES.decrypt(decryptionKey, string2ua(a2b(recoveryData.encryptedSelf)))\n .then((d) => JSON.parse(ua2utf8(d)))\n .then(\n (r): { success: RecoveryDataContent } => ({ success: r }),\n () => ({ failure: RecoveryDataUseFailureReason.InvalidContent })\n )\n if ('failure' in decryptionResult) return decryptionResult\n return { recoveryData, decryptedJson: decryptionResult.success }\n }\n async createRecoveryData(\n recipient: string,\n type: RecoveryData.Type,\n lifetimeSeconds: number | undefined,\n content: RecoveryDataContent\n ): Promise<string> {\n const recoveryKey = await this.primitives.AES.generateCryptoKey(false)\n const recoveryKeyHex = ua2hex(await this.primitives.AES.exportKey(recoveryKey, 'raw'))\n const id = await this.recoveryKeyToId(recoveryKeyHex)\n const encryptedSelf = b2a(ua2string(await this.primitives.AES.encrypt(recoveryKey, utf8_2ua(JSON.stringify(content)))))\n const expirationInstant = lifetimeSeconds ? Date.now() + lifetimeSeconds * 1000 : undefined\n const data: RecoveryData = new RecoveryData({\n id,\n encryptedSelf,\n expirationInstant,\n recipient,\n type,\n })\n await this.baseRecoveryApi.createRecoveryData(data)\n return recoveryKeyHex\n }\n}\n"]}
@@ -56,5 +56,5 @@ var SecretIdUseOption;
56
56
  * the new entity.
57
57
  */
58
58
  SecretIdUseOption.UseNone = { kind: 'SecretIdUseOption.UseNone' };
59
- })(SecretIdUseOption = exports.SecretIdUseOption || (exports.SecretIdUseOption = {}));
59
+ })(SecretIdUseOption || (exports.SecretIdUseOption = SecretIdUseOption = {}));
60
60
  //# sourceMappingURL=SecretIdUseOption.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"SecretIdUseOption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecretIdUseOption.ts"],"names":[],"mappings":";;;AAQA;;;GAGG;AACH,IAAiB,iBAAiB,CAoDjC;AApDD,WAAiB,iBAAiB;IAChC;;;;;OAKG;IACU,oCAAkB,GAA8D,EAAE,IAAI,EAAE,sCAAsC,EAAE,CAAA;IAE7I;;;;;OAKG;IACU,oCAAkB,GAA8D,EAAE,IAAI,EAAE,sCAAsC,EAAE,CAAA;IAE7I;;;;;OAKG;IACU,wCAAsB,GAAkE;QACnG,IAAI,EAAE,0CAA0C;KACjD,CAAA;IAED;;;;;OAKG;IACU,wCAAsB,GAAkE;QACnG,IAAI,EAAE,0CAA0C;KACjD,CAAA;IAED;;;;OAIG;IACH,MAAa,GAAG;QACd,YAA4B,SAAmB;YAAnB,cAAS,GAAT,SAAS,CAAU;QAAG,CAAC;KACpD;IAFY,qBAAG,MAEf,CAAA;IAED;;;;OAIG;IACU,yBAAO,GAAmD,EAAE,IAAI,EAAE,2BAA2B,EAAE,CAAA;AAC9G,CAAC,EApDgB,iBAAiB,GAAjB,yBAAiB,KAAjB,yBAAiB,QAoDjC","sourcesContent":["export type SecretIdUseOption =\n | typeof SecretIdUseOption.UseAnyConfidential\n | typeof SecretIdUseOption.UseAllConfidential\n | typeof SecretIdUseOption.UseAnySharedWithParent\n | typeof SecretIdUseOption.UseAllSharedWithParent\n | typeof SecretIdUseOption.UseNone\n | SecretIdUseOption.Use\n\n/**\n * Configuration for which secret id to use for linking to a owning entity (e.g. which secret id of patient to use\n * when linking a contact to the patient)\n */\nexport namespace SecretIdUseOption {\n /**\n * This will use any one secret id that is not known by any parent hcp of the current data owner.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use any one available\n * secret id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAnyConfidential: { readonly kind: 'SecretIdUseOption.UseAnyConfidential' } = { kind: 'SecretIdUseOption.UseAnyConfidential' }\n\n /**\n * This will use all secret ids that aren't known by any parent hcp of the current data owner.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use all available secret\n * id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAllConfidential: { readonly kind: 'SecretIdUseOption.UseAllConfidential' } = { kind: 'SecretIdUseOption.UseAllConfidential' }\n\n /**\n * This will use one secret id that is known by the topmost ancestor in the current data owner hierarchy.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use any one available\n * secret id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAnySharedWithParent: { readonly kind: 'SecretIdUseOption.UseAnySharedWithParent' } = {\n kind: 'SecretIdUseOption.UseAnySharedWithParent',\n }\n\n /**\n * This will use all secret id that is known by the topmost ancestor in the current data owner hierarchy.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use all available secret\n * id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAllSharedWithParent: { readonly kind: 'SecretIdUseOption.UseAllSharedWithParent' } = {\n kind: 'SecretIdUseOption.UseAllSharedWithParent',\n }\n\n /**\n * Specify explicitly which secret ids to use. The secretIds can also be empty, in which case the value is\n * equivalent to [UseNone].\n * Note that the SDK will not check that the secret id you used is actually a secret id of the owning entity.\n */\n export class Use {\n constructor(public readonly secretIds: string[]) {}\n }\n\n /**\n * Instructs the SDK to use no secret id of the owning entity.\n * The new entity will still have a link to the owning entity, but there will be no link from the owning entity to\n * the new entity.\n */\n export const UseNone: { readonly kind: 'SecretIdUseOption.UseNone' } = { kind: 'SecretIdUseOption.UseNone' }\n}\n"]}
1
+ {"version":3,"file":"SecretIdUseOption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecretIdUseOption.ts"],"names":[],"mappings":";;;AAQA;;;GAGG;AACH,IAAiB,iBAAiB,CAoDjC;AApDD,WAAiB,iBAAiB;IAChC;;;;;OAKG;IACU,oCAAkB,GAA8D,EAAE,IAAI,EAAE,sCAAsC,EAAE,CAAA;IAE7I;;;;;OAKG;IACU,oCAAkB,GAA8D,EAAE,IAAI,EAAE,sCAAsC,EAAE,CAAA;IAE7I;;;;;OAKG;IACU,wCAAsB,GAAkE;QACnG,IAAI,EAAE,0CAA0C;KACjD,CAAA;IAED;;;;;OAKG;IACU,wCAAsB,GAAkE;QACnG,IAAI,EAAE,0CAA0C;KACjD,CAAA;IAED;;;;OAIG;IACH,MAAa,GAAG;QACd,YAA4B,SAAmB;YAAnB,cAAS,GAAT,SAAS,CAAU;QAAG,CAAC;KACpD;IAFY,qBAAG,MAEf,CAAA;IAED;;;;OAIG;IACU,yBAAO,GAAmD,EAAE,IAAI,EAAE,2BAA2B,EAAE,CAAA;AAC9G,CAAC,EApDgB,iBAAiB,iCAAjB,iBAAiB,QAoDjC","sourcesContent":["export type SecretIdUseOption =\n | typeof SecretIdUseOption.UseAnyConfidential\n | typeof SecretIdUseOption.UseAllConfidential\n | typeof SecretIdUseOption.UseAnySharedWithParent\n | typeof SecretIdUseOption.UseAllSharedWithParent\n | typeof SecretIdUseOption.UseNone\n | SecretIdUseOption.Use\n\n/**\n * Configuration for which secret id to use for linking to a owning entity (e.g. which secret id of patient to use\n * when linking a contact to the patient)\n */\nexport namespace SecretIdUseOption {\n /**\n * This will use any one secret id that is not known by any parent hcp of the current data owner.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use any one available\n * secret id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAnyConfidential: { readonly kind: 'SecretIdUseOption.UseAnyConfidential' } = { kind: 'SecretIdUseOption.UseAnyConfidential' }\n\n /**\n * This will use all secret ids that aren't known by any parent hcp of the current data owner.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use all available secret\n * id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAllConfidential: { readonly kind: 'SecretIdUseOption.UseAllConfidential' } = { kind: 'SecretIdUseOption.UseAllConfidential' }\n\n /**\n * This will use one secret id that is known by the topmost ancestor in the current data owner hierarchy.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use any one available\n * secret id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAnySharedWithParent: { readonly kind: 'SecretIdUseOption.UseAnySharedWithParent' } = {\n kind: 'SecretIdUseOption.UseAnySharedWithParent',\n }\n\n /**\n * This will use all secret id that is known by the topmost ancestor in the current data owner hierarchy.\n * If the api is initialized in a mode where the parent hcp keys are unused, this means \"use all available secret\n * id\".\n * Guarantees that a secret id is used: if no secret id is found, the initialization method will fail.\n */\n export const UseAllSharedWithParent: { readonly kind: 'SecretIdUseOption.UseAllSharedWithParent' } = {\n kind: 'SecretIdUseOption.UseAllSharedWithParent',\n }\n\n /**\n * Specify explicitly which secret ids to use. The secretIds can also be empty, in which case the value is\n * equivalent to [UseNone].\n * Note that the SDK will not check that the secret id you used is actually a secret id of the owning entity.\n */\n export class Use {\n constructor(public readonly secretIds: string[]) {}\n }\n\n /**\n * Instructs the SDK to use no secret id of the owning entity.\n * The new entity will still have a link to the owning entity, but there will be no link from the owning entity to\n * the new entity.\n */\n export const UseNone: { readonly kind: 'SecretIdUseOption.UseNone' } = { kind: 'SecretIdUseOption.UseNone' }\n}\n"]}
@@ -49,8 +49,8 @@ class SecureDelegationsEncryption {
49
49
  * undefined otherwise (there was no encrypted id of the exchange data, or it could not be decrypted as no key was available).
50
50
  */
51
51
  decryptExchangeDataId(encryptedExchangeIds) {
52
- var _a;
53
52
  return __awaiter(this, void 0, void 0, function* () {
53
+ var _a;
54
54
  const decryptionKeys = this.userKeys.getDecryptionKeys();
55
55
  const decryptionKeysV2 = Object.fromEntries(Object.entries(decryptionKeys).map(([fp, keyPair]) => [(0, utils_2.fingerprintIsV1)(fp) ? (0, utils_2.fingerprintV1toV2)(fp) : fp, keyPair]));
56
56
  for (const [fp, encryptedId] of Object.entries(encryptedExchangeIds)) {
@@ -98,8 +98,8 @@ class SecureDelegationsEncryption {
98
98
  });
99
99
  }
100
100
  decryptEncryptionKeys(delegation, key) {
101
- var _a;
102
101
  return __awaiter(this, void 0, void 0, function* () {
102
+ var _a;
103
103
  const res = [];
104
104
  for (const encrypted of (_a = delegation.encryptionKeys) !== null && _a !== void 0 ? _a : []) {
105
105
  res.push(yield this.decryptEncryptionKey(encrypted, key));
@@ -131,8 +131,8 @@ class SecureDelegationsEncryption {
131
131
  });
132
132
  }
133
133
  decryptSecretIds(delegation, key) {
134
- var _a;
135
134
  return __awaiter(this, void 0, void 0, function* () {
135
+ var _a;
136
136
  const res = [];
137
137
  for (const encrypted of (_a = delegation.secretIds) !== null && _a !== void 0 ? _a : []) {
138
138
  res.push(yield this.decryptSecretId(encrypted, key));
@@ -164,8 +164,8 @@ class SecureDelegationsEncryption {
164
164
  });
165
165
  }
166
166
  decryptOwningEntityIds(delegation, key) {
167
- var _a;
168
167
  return __awaiter(this, void 0, void 0, function* () {
168
+ var _a;
169
169
  const res = [];
170
170
  for (const encrypted of (_a = delegation.owningEntityIds) !== null && _a !== void 0 ? _a : []) {
171
171
  res.push(yield this.decryptOwningEntityId(encrypted, key));
@@ -1 +1 @@
1
- {"version":3,"file":"SecureDelegationsEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oCAAyF;AAGzF,mCAA4D;AAE5D;;GAEG;AACH,MAAa,2BAA2B;IACtC,YAA6B,QAAmC,EAAmB,UAA4B;QAAlF,aAAQ,GAAR,QAAQ,CAA2B;QAAmB,eAAU,GAAV,UAAU,CAAkB;QAE/G;;;;WAIG;QACc,8BAAyB,GAAW,MAAM,CAAA;QAC1C,6BAAwB,GAAe,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,CAAC,CAAA;IARkB,CAAC;IAUnH;;;;OAIG;IACK,kBAAkB,CAAC,KAA+B;QACxD,MAAM,aAAa,GAAG,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAA;QACjF,IAAI,aAAa,CAAC,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QAC7E,IAAI,MAAM,GAAG,IAAI,CAAA;QACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YAC7D,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,CAAA;SACzE;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACG,qBAAqB,CAAC,oBAA8C;;;YACxE,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAA;YACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,WAAW,CACzC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,uBAAe,EAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAA,yBAAiB,EAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CACnH,CAAA;YACD,KAAK,MAAM,CAAC,EAAE,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE;gBACpE,MAAM,GAAG,GAAG,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAG,EAAE,CAAC,mCAAI,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAG,EAAE,CAAC,CAAA;gBAC1D,IAAI,GAAG;oBAAE,OAAO,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAA,eAAO,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;aACjG;YACD,OAAO,SAAS,CAAA;;KACjB;IAED;;;OAGG;IACG,qBAAqB,CAAC,cAAsB,EAAE,UAAuC;;YACzF,MAAM,GAAG,GAAG,EAA8B,CAAA;YAC1C,KAAK,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;gBAClD,GAAG,CAAC,EAAE,CAAC,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,cAAc,CAAC,CAAC,CAAC,CAAA;aACnF;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,oBAAoB,CAAC,MAAc,EAAE,GAAc;;YACvD,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,kBAAU,EAAC,IAAI,CAAC,wBAAwB,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;QAClH,CAAC;KAAA;IAEK,qBAAqB,CAAC,OAAiB,EAAE,GAAc;;YAC3D,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE;gBAC5B,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAA;aACvD;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,oBAAoB,CAAC,SAAiB,EAAE,GAAc;;YAC1D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAA;YAC9E,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE;gBACzC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAA;aAC1C;YACD,OAAO,IAAA,cAAM,EAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAA;QACxE,CAAC;KAAA;IAEK,qBAAqB,CAAC,UAA4B,EAAE,GAAc;;;YACtE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,cAAc,mCAAI,EAAE,EAAE;gBACvD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;aAC1D;YACD,OAAO,GAAG,CAAA;;KACX;IAEK,eAAe,CAAC,QAAgB,EAAE,GAAc;;YACpD,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;IAEK,gBAAgB,CAAC,SAAmB,EAAE,GAAc;;YACxD,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE;gBAChC,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAA;aACpD;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,eAAe,CAAC,SAAiB,EAAE,GAAc;;YACrD,MAAM,gBAAgB,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAC5F,IAAI,gBAAgB,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,yBAAyB,EAAE;gBAC3G,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;aACpC;YACD,OAAO,gBAAgB,CAAC,SAAS,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAA;QAC1E,CAAC;KAAA;IAEK,gBAAgB,CAAC,UAA4B,EAAE,GAAc;;;YACjE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,SAAS,mCAAI,EAAE,EAAE;gBAClD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;aACrD;YACD,OAAO,GAAG,CAAA;;KACX;IAEK,qBAAqB,CAAC,cAAsB,EAAE,GAAc;;YAChE,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,GAAG,cAAc,CAAC,CAAC,CAAC,CAAA;QAClH,CAAC;KAAA;IAEK,sBAAsB,CAAC,eAAyB,EAAE,GAAc;;YACpE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE;gBAC5C,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC,CAAA;aAChE;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,qBAAqB,CAAC,SAAiB,EAAE,GAAc;;YAC3D,MAAM,sBAAsB,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAClG,IAAI,sBAAsB,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,yBAAyB,EAAE;gBACjH,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;aAC5C;YACD,OAAO,sBAAsB,CAAC,SAAS,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAA;QAChF,CAAC;KAAA;IAEK,sBAAsB,CAAC,UAA4B,EAAE,GAAc;;;YACvE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,eAAe,mCAAI,EAAE,EAAE;gBACxD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;aAC3D;YACD,OAAO,GAAG,CAAA;;KACX;CACF;AA3ID,kEA2IC","sourcesContent":["import { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { b64_2ua, concat_uas, hex2ua, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { fingerprintV1toV2, fingerprintIsV1 } from './utils'\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n */\nexport class SecureDelegationsEncryption {\n constructor(private readonly userKeys: UserEncryptionKeysManager, private readonly primitives: CryptoPrimitives) {}\n\n /**\n * WARNING: this values should be ALWAYS be the string 'Cure' and its utf-8 bytes. If changed, it would not be possible to decrypt old secretIds and owningEntityIds\n * anymore.\n * @private\n */\n private readonly decryptionValidatorPrefix: string = 'Cure'\n private readonly decryptionValidatorBytes: Uint8Array = utf8_2ua(this.decryptionValidatorPrefix)\n\n /**\n * Check if a Uint8Array or an Array buffer contains the decryption validator prefix.\n * @param bytes an ArrayBuffer or Uint8Array to verify.\n * @return true if the buffer contains the prefix, false otherwise.\n */\n private prefixVerification(bytes: ArrayBuffer | Uint8Array): boolean {\n const arrayToVerify = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes)\n if (arrayToVerify.length < this.decryptionValidatorBytes.length) return false\n let result = true\n for (let i = 0; i < this.decryptionValidatorBytes.length; i++) {\n result = result && this.decryptionValidatorBytes[i] === arrayToVerify[i]\n }\n return result\n }\n\n /**\n * If the secure delegation has an encrypted exchange data id attempts to decrypt it with the available keys for the current user.\n * @param encryptedExchangeIds a map that associates an encrypted exchange data id to the fingerprint of the public key used to encrypt it.\n * @return the id of the exchange data used for the encryption of the provided secure delegation if it was encrypted and could be decrypted,\n * undefined otherwise (there was no encrypted id of the exchange data, or it could not be decrypted as no key was available).\n */\n async decryptExchangeDataId(encryptedExchangeIds: { [fp: string]: string }): Promise<string | undefined> {\n const decryptionKeys = this.userKeys.getDecryptionKeys()\n const decryptionKeysV2 = Object.fromEntries(\n Object.entries(decryptionKeys).map(([fp, keyPair]) => [fingerprintIsV1(fp) ? fingerprintV1toV2(fp) : fp, keyPair])\n )\n for (const [fp, encryptedId] of Object.entries(encryptedExchangeIds)) {\n const key = decryptionKeys?.[fp] ?? decryptionKeysV2?.[fp]\n if (key) return ua2utf8(await this.primitives.RSA.decrypt(key.privateKey, b64_2ua(encryptedId)))\n }\n return undefined\n }\n\n /**\n * Encrypts the exchange data id for a secure delegation. To avoid leaks of sensitive data the provided public keys should be only keys of users\n * which DO NOT REQUIRE anonymous delegations\n */\n async encryptExchangeDataId(exchangeDataId: string, publicKeys: { [fp: string]: CryptoKey }): Promise<{ [fp: string]: string }> {\n const res = {} as { [fp: string]: string }\n for (const [fp, key] of Object.entries(publicKeys)) {\n res[fp] = ua2b64(await this.primitives.RSA.encrypt(key, utf8_2ua(exchangeDataId)))\n }\n return res\n }\n\n async encryptEncryptionKey(hexKey: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, concat_uas(this.decryptionValidatorBytes, hex2ua(hexKey))))\n }\n\n async encryptEncryptionKeys(hexKeys: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const hexKey of hexKeys) {\n res.push(await this.encryptEncryptionKey(hexKey, key))\n }\n return res\n }\n\n async decryptEncryptionKey(encrypted: string, key: CryptoKey): Promise<string> {\n const probableKey = await this.primitives.AES.decrypt(key, b64_2ua(encrypted))\n if (!this.prefixVerification(probableKey)) {\n throw new Error('Invalid encryption key')\n }\n return ua2hex(probableKey.slice(this.decryptionValidatorBytes.length))\n }\n\n async decryptEncryptionKeys(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.encryptionKeys ?? []) {\n res.push(await this.decryptEncryptionKey(encrypted, key))\n }\n return res\n }\n\n async encryptSecretId(secretId: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, utf8_2ua(this.decryptionValidatorPrefix + secretId)))\n }\n\n async encryptSecretIds(secretIds: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const secretId of secretIds) {\n res.push(await this.encryptSecretId(secretId, key))\n }\n return res\n }\n\n async decryptSecretId(encrypted: string, key: CryptoKey): Promise<string> {\n const probableSecretId = ua2utf8(await this.primitives.AES.decrypt(key, b64_2ua(encrypted)))\n if (probableSecretId.substring(0, this.decryptionValidatorPrefix.length) !== this.decryptionValidatorPrefix) {\n throw new Error('Invalid secretID')\n }\n return probableSecretId.substring(this.decryptionValidatorPrefix.length)\n }\n\n async decryptSecretIds(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.secretIds ?? []) {\n res.push(await this.decryptSecretId(encrypted, key))\n }\n return res\n }\n\n async encryptOwningEntityId(owningEntityId: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, utf8_2ua(this.decryptionValidatorPrefix + owningEntityId)))\n }\n\n async encryptOwningEntityIds(owningEntityIds: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const owningEntityId of owningEntityIds) {\n res.push(await this.encryptOwningEntityId(owningEntityId, key))\n }\n return res\n }\n\n async decryptOwningEntityId(encrypted: string, key: CryptoKey): Promise<string> {\n const probableOwningEntityId = ua2utf8(await this.primitives.AES.decrypt(key, b64_2ua(encrypted)))\n if (probableOwningEntityId.substring(0, this.decryptionValidatorPrefix.length) !== this.decryptionValidatorPrefix) {\n throw new Error('Invalid Owning Entity id')\n }\n return probableOwningEntityId.substring(this.decryptionValidatorPrefix.length)\n }\n\n async decryptOwningEntityIds(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.owningEntityIds ?? []) {\n res.push(await this.decryptOwningEntityId(encrypted, key))\n }\n return res\n }\n}\n"]}
1
+ {"version":3,"file":"SecureDelegationsEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,oCAAyF;AAGzF,mCAA4D;AAE5D;;GAEG;AACH,MAAa,2BAA2B;IACtC,YAA6B,QAAmC,EAAmB,UAA4B;QAAlF,aAAQ,GAAR,QAAQ,CAA2B;QAAmB,eAAU,GAAV,UAAU,CAAkB;QAE/G;;;;WAIG;QACc,8BAAyB,GAAW,MAAM,CAAA;QAC1C,6BAAwB,GAAe,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,CAAC,CAAA;IARkB,CAAC;IAUnH;;;;OAIG;IACK,kBAAkB,CAAC,KAA+B;QACxD,MAAM,aAAa,GAAG,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,CAAA;QACjF,IAAI,aAAa,CAAC,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM;YAAE,OAAO,KAAK,CAAA;QAC7E,IAAI,MAAM,GAAG,IAAI,CAAA;QACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9D,MAAM,GAAG,MAAM,IAAI,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,CAAC,CAAA;QAC1E,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACG,qBAAqB,CAAC,oBAA8C;;;YACxE,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAA;YACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,WAAW,CACzC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,uBAAe,EAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAA,yBAAiB,EAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CACnH,CAAA;YACD,KAAK,MAAM,CAAC,EAAE,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBACrE,MAAM,GAAG,GAAG,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAG,EAAE,CAAC,mCAAI,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAG,EAAE,CAAC,CAAA;gBAC1D,IAAI,GAAG;oBAAE,OAAO,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,IAAA,eAAO,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;YAClG,CAAC;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;KAAA;IAED;;;OAGG;IACG,qBAAqB,CAAC,cAAsB,EAAE,UAAuC;;YACzF,MAAM,GAAG,GAAG,EAA8B,CAAA;YAC1C,KAAK,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnD,GAAG,CAAC,EAAE,CAAC,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,cAAc,CAAC,CAAC,CAAC,CAAA;YACpF,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,oBAAoB,CAAC,MAAc,EAAE,GAAc;;YACvD,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,kBAAU,EAAC,IAAI,CAAC,wBAAwB,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;QAClH,CAAC;KAAA;IAEK,qBAAqB,CAAC,OAAiB,EAAE,GAAc;;YAC3D,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAA;YACxD,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,oBAAoB,CAAC,SAAiB,EAAE,GAAc;;YAC1D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAA;YAC9E,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAA;YAC3C,CAAC;YACD,OAAO,IAAA,cAAM,EAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAA;QACxE,CAAC;KAAA;IAEK,qBAAqB,CAAC,UAA4B,EAAE,GAAc;;;YACtE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,cAAc,mCAAI,EAAE,EAAE,CAAC;gBACxD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;YAC3D,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,eAAe,CAAC,QAAgB,EAAE,GAAc;;YACpD,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;IAEK,gBAAgB,CAAC,SAAmB,EAAE,GAAc;;YACxD,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;gBACjC,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAA;YACrD,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,eAAe,CAAC,SAAiB,EAAE,GAAc;;YACrD,MAAM,gBAAgB,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAC5F,IAAI,gBAAgB,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,yBAAyB,EAAE,CAAC;gBAC5G,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,OAAO,gBAAgB,CAAC,SAAS,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAA;QAC1E,CAAC;KAAA;IAEK,gBAAgB,CAAC,UAA4B,EAAE,GAAc;;;YACjE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,SAAS,mCAAI,EAAE,EAAE,CAAC;gBACnD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;YACtD,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,qBAAqB,CAAC,cAAsB,EAAE,GAAc;;YAChE,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,yBAAyB,GAAG,cAAc,CAAC,CAAC,CAAC,CAAA;QAClH,CAAC;KAAA;IAEK,sBAAsB,CAAC,eAAyB,EAAE,GAAc;;YACpE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;gBAC7C,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC,CAAA;YACjE,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEK,qBAAqB,CAAC,SAAiB,EAAE,GAAc;;YAC3D,MAAM,sBAAsB,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,eAAO,EAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAClG,IAAI,sBAAsB,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,yBAAyB,EAAE,CAAC;gBAClH,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YACD,OAAO,sBAAsB,CAAC,SAAS,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAA;QAChF,CAAC;KAAA;IAEK,sBAAsB,CAAC,UAA4B,EAAE,GAAc;;;YACvE,MAAM,GAAG,GAAG,EAAE,CAAA;YACd,KAAK,MAAM,SAAS,IAAI,MAAA,UAAU,CAAC,eAAe,mCAAI,EAAE,EAAE,CAAC;gBACzD,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAA;YAC5D,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;CACF;AA3ID,kEA2IC","sourcesContent":["import { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { b64_2ua, concat_uas, hex2ua, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { fingerprintV1toV2, fingerprintIsV1 } from './utils'\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n */\nexport class SecureDelegationsEncryption {\n constructor(private readonly userKeys: UserEncryptionKeysManager, private readonly primitives: CryptoPrimitives) {}\n\n /**\n * WARNING: this values should be ALWAYS be the string 'Cure' and its utf-8 bytes. If changed, it would not be possible to decrypt old secretIds and owningEntityIds\n * anymore.\n * @private\n */\n private readonly decryptionValidatorPrefix: string = 'Cure'\n private readonly decryptionValidatorBytes: Uint8Array = utf8_2ua(this.decryptionValidatorPrefix)\n\n /**\n * Check if a Uint8Array or an Array buffer contains the decryption validator prefix.\n * @param bytes an ArrayBuffer or Uint8Array to verify.\n * @return true if the buffer contains the prefix, false otherwise.\n */\n private prefixVerification(bytes: ArrayBuffer | Uint8Array): boolean {\n const arrayToVerify = bytes instanceof Uint8Array ? bytes : new Uint8Array(bytes)\n if (arrayToVerify.length < this.decryptionValidatorBytes.length) return false\n let result = true\n for (let i = 0; i < this.decryptionValidatorBytes.length; i++) {\n result = result && this.decryptionValidatorBytes[i] === arrayToVerify[i]\n }\n return result\n }\n\n /**\n * If the secure delegation has an encrypted exchange data id attempts to decrypt it with the available keys for the current user.\n * @param encryptedExchangeIds a map that associates an encrypted exchange data id to the fingerprint of the public key used to encrypt it.\n * @return the id of the exchange data used for the encryption of the provided secure delegation if it was encrypted and could be decrypted,\n * undefined otherwise (there was no encrypted id of the exchange data, or it could not be decrypted as no key was available).\n */\n async decryptExchangeDataId(encryptedExchangeIds: { [fp: string]: string }): Promise<string | undefined> {\n const decryptionKeys = this.userKeys.getDecryptionKeys()\n const decryptionKeysV2 = Object.fromEntries(\n Object.entries(decryptionKeys).map(([fp, keyPair]) => [fingerprintIsV1(fp) ? fingerprintV1toV2(fp) : fp, keyPair])\n )\n for (const [fp, encryptedId] of Object.entries(encryptedExchangeIds)) {\n const key = decryptionKeys?.[fp] ?? decryptionKeysV2?.[fp]\n if (key) return ua2utf8(await this.primitives.RSA.decrypt(key.privateKey, b64_2ua(encryptedId)))\n }\n return undefined\n }\n\n /**\n * Encrypts the exchange data id for a secure delegation. To avoid leaks of sensitive data the provided public keys should be only keys of users\n * which DO NOT REQUIRE anonymous delegations\n */\n async encryptExchangeDataId(exchangeDataId: string, publicKeys: { [fp: string]: CryptoKey }): Promise<{ [fp: string]: string }> {\n const res = {} as { [fp: string]: string }\n for (const [fp, key] of Object.entries(publicKeys)) {\n res[fp] = ua2b64(await this.primitives.RSA.encrypt(key, utf8_2ua(exchangeDataId)))\n }\n return res\n }\n\n async encryptEncryptionKey(hexKey: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, concat_uas(this.decryptionValidatorBytes, hex2ua(hexKey))))\n }\n\n async encryptEncryptionKeys(hexKeys: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const hexKey of hexKeys) {\n res.push(await this.encryptEncryptionKey(hexKey, key))\n }\n return res\n }\n\n async decryptEncryptionKey(encrypted: string, key: CryptoKey): Promise<string> {\n const probableKey = await this.primitives.AES.decrypt(key, b64_2ua(encrypted))\n if (!this.prefixVerification(probableKey)) {\n throw new Error('Invalid encryption key')\n }\n return ua2hex(probableKey.slice(this.decryptionValidatorBytes.length))\n }\n\n async decryptEncryptionKeys(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.encryptionKeys ?? []) {\n res.push(await this.decryptEncryptionKey(encrypted, key))\n }\n return res\n }\n\n async encryptSecretId(secretId: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, utf8_2ua(this.decryptionValidatorPrefix + secretId)))\n }\n\n async encryptSecretIds(secretIds: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const secretId of secretIds) {\n res.push(await this.encryptSecretId(secretId, key))\n }\n return res\n }\n\n async decryptSecretId(encrypted: string, key: CryptoKey): Promise<string> {\n const probableSecretId = ua2utf8(await this.primitives.AES.decrypt(key, b64_2ua(encrypted)))\n if (probableSecretId.substring(0, this.decryptionValidatorPrefix.length) !== this.decryptionValidatorPrefix) {\n throw new Error('Invalid secretID')\n }\n return probableSecretId.substring(this.decryptionValidatorPrefix.length)\n }\n\n async decryptSecretIds(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.secretIds ?? []) {\n res.push(await this.decryptSecretId(encrypted, key))\n }\n return res\n }\n\n async encryptOwningEntityId(owningEntityId: string, key: CryptoKey): Promise<string> {\n return ua2b64(await this.primitives.AES.encrypt(key, utf8_2ua(this.decryptionValidatorPrefix + owningEntityId)))\n }\n\n async encryptOwningEntityIds(owningEntityIds: string[], key: CryptoKey): Promise<string[]> {\n const res = []\n for (const owningEntityId of owningEntityIds) {\n res.push(await this.encryptOwningEntityId(owningEntityId, key))\n }\n return res\n }\n\n async decryptOwningEntityId(encrypted: string, key: CryptoKey): Promise<string> {\n const probableOwningEntityId = ua2utf8(await this.primitives.AES.decrypt(key, b64_2ua(encrypted)))\n if (probableOwningEntityId.substring(0, this.decryptionValidatorPrefix.length) !== this.decryptionValidatorPrefix) {\n throw new Error('Invalid Owning Entity id')\n }\n return probableOwningEntityId.substring(this.decryptionValidatorPrefix.length)\n }\n\n async decryptOwningEntityIds(delegation: SecureDelegation, key: CryptoKey): Promise<string[]> {\n const res = []\n for (const encrypted of delegation.owningEntityIds ?? []) {\n res.push(await this.decryptOwningEntityId(encrypted, key))\n }\n return res\n }\n}\n"]}
@@ -83,8 +83,8 @@ class SecureDelegationsManager {
83
83
  * the entity to allow the delegate to access the provided data.
84
84
  */
85
85
  makeShareOrUpdateRequestParams(entityWithType, delegateId, shareSecretIds, shareEncryptionKeys, shareOwningEntityIds, newDelegationPermissions) {
86
- var _a, _b;
87
86
  return __awaiter(this, void 0, void 0, function* () {
87
+ var _a, _b;
88
88
  const exchangeDataInfo = yield this.exchangeDataManager.getOrCreateEncryptionDataTo(delegateId);
89
89
  const secureDelegationKey = yield this.accessControlSecretUtils.secureDelegationKeyFor(exchangeDataInfo.accessControlSecret, entityWithType.type);
90
90
  const existingSecureDelegation = (_b = (_a = entityWithType.entity.securityMetadata) === null || _a === void 0 ? void 0 : _a.secureDelegations) === null || _b === void 0 ? void 0 : _b[secureDelegationKey];