@icure/api 8.6.3 → 8.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (93) hide show
  1. package/icc-api/model/CryptoActorStub.d.ts +2 -0
  2. package/icc-api/model/CryptoActorStub.js.map +1 -1
  3. package/icc-api/model/Device.d.ts +1 -0
  4. package/icc-api/model/Device.js.map +1 -1
  5. package/icc-api/model/HealthcareParty.d.ts +1 -0
  6. package/icc-api/model/HealthcareParty.js.map +1 -1
  7. package/icc-api/model/ModelHelper.d.ts +1 -1
  8. package/icc-api/model/ModelHelper.js +15 -2
  9. package/icc-api/model/ModelHelper.js.map +1 -1
  10. package/icc-api/model/Patient.d.ts +1 -0
  11. package/icc-api/model/Patient.js.map +1 -1
  12. package/icc-api/model/User.d.ts +1 -0
  13. package/icc-api/model/User.js.map +1 -1
  14. package/icc-x-api/crypto/AES.js +1 -1
  15. package/icc-x-api/crypto/AES.js.map +1 -1
  16. package/icc-x-api/crypto/BaseExchangeDataManager.js +14 -14
  17. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  18. package/icc-x-api/crypto/BaseExchangeKeysManager.js +1 -1
  19. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  20. package/icc-x-api/crypto/CryptoPrimitives.js +3 -2
  21. package/icc-x-api/crypto/CryptoPrimitives.js.map +1 -1
  22. package/icc-x-api/crypto/CryptoStrategies.d.ts +2 -1
  23. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  24. package/icc-x-api/crypto/ExchangeDataManager.js +3 -3
  25. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  26. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +1 -1
  27. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
  28. package/icc-x-api/crypto/KeyRecovery.js +3 -3
  29. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  30. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js +13 -13
  31. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js.map +1 -1
  32. package/icc-x-api/crypto/RSA.js +2 -2
  33. package/icc-x-api/crypto/RSA.js.map +1 -1
  34. package/icc-x-api/crypto/RecoveryDataEncryption.js +5 -5
  35. package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
  36. package/icc-x-api/crypto/SecureDelegationsManager.js +1 -1
  37. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  38. package/icc-x-api/crypto/ShamirKeysManager.js +1 -1
  39. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  40. package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -2
  41. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
  42. package/icc-x-api/crypto/utils.js +1 -1
  43. package/icc-x-api/crypto/utils.js.map +1 -1
  44. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.d.ts +24 -0
  45. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.js +24 -0
  46. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.js.map +1 -0
  47. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.d.ts +22 -0
  48. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.js +24 -0
  49. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.js.map +1 -0
  50. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.d.ts +21 -0
  51. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.js +24 -0
  52. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.js.map +1 -0
  53. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.d.ts +24 -0
  54. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.js +24 -0
  55. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.js.map +1 -0
  56. package/icc-x-api/filters/VersionFiltering.d.ts +14 -0
  57. package/icc-x-api/filters/VersionFiltering.js +19 -0
  58. package/icc-x-api/filters/VersionFiltering.js.map +1 -0
  59. package/icc-x-api/filters/filters.d.ts +8 -4
  60. package/icc-x-api/filters/filters.js +4 -0
  61. package/icc-x-api/filters/filters.js.map +1 -1
  62. package/icc-x-api/icc-receipt-x-api.js +1 -1
  63. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  64. package/icc-x-api/utils/binary-utils.js +1 -1
  65. package/icc-x-api/utils/binary-utils.js.map +1 -1
  66. package/package.json +1 -1
  67. package/test/icc-api/api/IccAnonymousAccessApi.js +1 -1
  68. package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -1
  69. package/test/icc-api/api/IccDocumentApi.js +13 -12
  70. package/test/icc-api/api/IccDocumentApi.js.map +1 -1
  71. package/test/icc-x-api/crud/comprehensive-crud-test.js +2 -2
  72. package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -1
  73. package/test/icc-x-api/crypto/crypto-utils.js +1 -1
  74. package/test/icc-x-api/crypto/crypto-utils.js.map +1 -1
  75. package/test/icc-x-api/crypto/soft-deleted-data-owners.js +1 -1
  76. package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +1 -1
  77. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +1 -1
  78. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -1
  79. package/test/icc-x-api/filters/healthelement.d.ts +1 -0
  80. package/test/icc-x-api/filters/healthelement.js +333 -0
  81. package/test/icc-x-api/filters/healthelement.js.map +1 -0
  82. package/test/icc-x-api/test-legacy-data-support.js +4 -4
  83. package/test/icc-x-api/test-legacy-data-support.js.map +1 -1
  84. package/test/support/CSM-729.d.ts +1 -0
  85. package/test/support/CSM-729.js +225 -0
  86. package/test/support/CSM-729.js.map +1 -0
  87. package/test/utils/TestCryptoStrategies.js +1 -1
  88. package/test/utils/TestCryptoStrategies.js.map +1 -1
  89. package/test/utils/roles.d.ts +1 -0
  90. package/test/utils/roles.js +1 -0
  91. package/test/utils/roles.js.map +1 -1
  92. package/test/utils/test_utils.js +2 -2
  93. package/test/utils/test_utils.js.map +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"ExchangeDataManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataManager.ts"],"names":[],"mappings":";;;;;;;;;;;AAuBA,4GAmCC;AApDD,mCAAgH;AAEhH,oCAA+D;AAC/D,yEAA6E;AAC7E,+BAAkC;AAClC,6CAAmC;AACnC,gEAA0D;AAO1D;;;GAGG;AACH,SAAsB,gDAAgD;yDACpE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,qBAA4D,EAAE;QAE9D,MAAM,YAAY,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;QACpG,IAAI,gBAAgB,CAAC,oCAAoC,CAAC,YAAY,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,GAAG,IAAI,8BAA8B,CAC5C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,CACd,CAAA;YACD,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YAClC,OAAO,GAAG,CAAA;QACZ,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,kCAAkC,CAC3C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,EACb,kBAAkB,CACnB,CAAA;QACH,CAAC;IACH,CAAC;CAAA;AA+GD,MAAe,2BAA2B;IACxC,YACW,IAA6B,EACnB,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC9B,aAAsB;QAN9B,SAAI,GAAJ,IAAI,CAAyB;QACnB,mBAAc,GAAd,cAAc,CAA2B;QACzC,wBAAmB,GAAnB,mBAAmB,CAA0B;QAC7C,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC9B,kBAAa,GAAb,aAAa,CAAS;IACtC,CAAC;IAEY,WAAW,CAAC,IAAkB;;YAS5C,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CACvC,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9G,CAAA;YACD,MAAM,oBAAoB,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACtH,IAAI,CAAC,oBAAoB;gBAAE,OAAO,SAAS,CAAA;YAC3C,MAAM,4BAA4B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACrI,IAAI,CAAC,4BAA4B;gBAC/B,MAAM,IAAI,KAAK,CAAC,kFAAkF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC3H,MAAM,2BAA2B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACpI,IAAI,CAAC,2BAA2B;gBAC9B,MAAM,IAAI,KAAK,CAAC,iFAAiF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC1H,OAAO;gBACL,mBAAmB,EAAE,4BAA4B;gBACjD,WAAW,EAAE,oBAAoB;gBACjC,kBAAkB,EAAE,2BAA2B;gBAC/C,QAAQ,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAC1C;oBACE,YAAY,EAAE,IAAI;oBAClB,4BAA4B;oBAC5B,oBAAoB;oBACpB,2BAA2B;iBAC5B,EACD,cAAc,EACd,IAAI,CACL;aACF,CAAA;QACH,CAAC;KAAA;IAEe,qBAAqB,CACnC,UAAkB,EAClB,OAIC;;YAED,IAAI,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,oBAAoB;gBAC7D,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAA;YACzG,MAAM,cAAc,GAAgC,EAAE,CAAA;YACtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;YAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBAC/D,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAA;YACvG,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;gBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;YAC9C,CAAC,CAAC,CAAA;YACF,IAAI,UAAU,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE,CAAC;gBACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,MAAM,oBAAoB,GAAG,IAAA,iCAAyB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACrE,MAAM,kBAAkB,GAAG,IAAA,+BAAuB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACjE,IAAI,uBAAiC,CAAA;gBACrC,IAAI,CAAC,oBAAoB,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;oBAC3D,IAAI,CAAC,OAAO,CAAC,mBAAmB;wBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,+CAA+C,CAAC,CAAA;oBACjH,uBAAuB,GAAG,EAAE,CAAA;gBAC9B,CAAC;qBAAM,IAAI,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAClH,uBAAuB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBAC7F,CAAC;qBAAM,CAAC;oBACN,uBAAuB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAC5E,QAAQ,EACR,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,EACxE,IAAI,CAAC,UAAU,CAChB,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,uBAAuB,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB;oBACjE,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,uDAAuD,CAAC,CAAA;gBACzH,KAAK,MAAM,WAAW,IAAI,uBAAuB,EAAE,CAAC;oBAClD,IAAI,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACxC,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,gBAAU,CAAC,IAAI,CAAC,CAAA;oBAC7I,CAAC;yBAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACjD,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAC9E,MAAM,EACN,IAAA,cAAM,EAAC,WAAW,CAAC,EACnB,CAAC,SAAS,CAAC,EACX,gBAAU,CAAC,MAAM,CAClB,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,qFAAqF,CAAC,CAAA;gBAC/G,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAChD,UAAU,EACV,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EACxG,cAAc,EACd,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CACnD,CAAA;YACD,OAAO;gBACL,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;gBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;aAC/C,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,cAAsB,EAAE,qBAA6B;;YAC1E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,qBAAqB,CAAC,CAAA;YACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;YACxE,MAAM,iBAAiB,GAAG,IAAA,2BAAmB,EAAC,KAAK,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAA;YAChF,IAAI,CAAC,iBAAiB;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;YAChG,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,qBAAqB,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,iBAAiB,CAAC,CAAA;YACjI,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,uBAAuB,GAC3B,IAAI,IAAI,cAAc;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,IAAI,CAAC;gBACpE,CAAC,CAAC;oBACE,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBACjF,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;iBAClF,CAAA;YACP,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE,CAAC;gBACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC;oBACxE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,EAAE,CAAC,CAAA;oBACnH,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,OAAO,CAAC,IAAI,CAAC,gDAAgD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;oBAC9F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED,sBAAsB;QACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,2BAA2B,CACzB,UAAkB,EAClB,OAGC;QAED,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,6CAA6C,CAC3C,MAAgB;QAEhB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CACvB,GAAa,EACb,mBAA4B;QAQ5B,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CAAC,UAAwC;QAChE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,oBAAoB,CAAC,UAAwC;QAC3D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAEK,2BAA2B,CAC/B,mBAMG,EACH,oBAA6B;;YAE7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;YACpH,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;gBAC9E,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAA;YAC9E,MAAM,gBAAgB,GAAmC,EAAE,CAAA;YAC3D,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACnE,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;gBAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7H,MAAM,cAAc,GAAgC,EAAE,CAAA;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;oBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;gBAC9C,CAAC,CAAC,CAAA;gBACF,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC9H,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;oBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;oBAC7D,IAAI,YAAY,IAAI,IAAI;wBACtB,MAAM,IAAI,CAAC,IAAI,CAAC,yCAAyC,CAAC;4BACxD,YAAY;4BACZ,iBAAiB,EAAE,cAAc;4BACjC,yBAAyB,EAAE,YAAY,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;4BAClG,cAAc,EAAE,OAAO,CAAC,WAAW;4BACnC,sBAAsB,EAAE,OAAO,CAAC,mBAAmB;4BACnD,qBAAqB,EAAE,OAAO,CAAC,kBAAkB;yBAClD,CAAC,CAAA;gBACN,CAAC;YACH,CAAC;YACD,MAAM,eAAe,GAMf,EAAE,CAAA;YACR,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;gBAC7D,IAAI,YAAY,IAAI,SAAS;oBAC3B,eAAe,CAAC,IAAI,CAAC;wBACnB,YAAY,EAAE,YAAY;wBAC1B,mBAAmB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,mBAAmB,CAAC;wBAC3F,WAAW,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC;wBACnE,kBAAkB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,kBAAkB,CAAC;wBACxF,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAA;YACN,CAAC;YACD,MAAM,IAAI,CAAC,yBAAyB,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;KAAA;CAWF;AAED,MAAM,8BAA+B,SAAQ,2BAA2B;IAAxE;;QACU,WAAM,GAKT,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC5H,4BAAuB,GAAG,IAAI,mBAAK,EAAE,CAAA;IAuM/C,CAAC;IArMO,sBAAsB;;YAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAA;YACtC,MAAM,IAAI,CAAC,MAAM,CAAA;QACnB,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,SAAS,0BAA0B,CAAC,MAInC;gBACC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;oBACjC,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;oBAChC,IAAI,EAAE,EAAE,CAAC;wBACP,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;wBAClC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;4BACtB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,MAAM,CAAC,YAAY;gCACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;gCACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;6BAC1D,CAAA;wBACH,CAAC;oBACH,CAAC;oBACD,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAA6G,CAAC,CAAA;YACnH,CAAC;YAED,OAAO,0BAA0B,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;KAAA;IAEa,yBAAyB,CACrC,UAAkB;;YAElB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3D,IAAI,MAAM,KAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA,EAAE,CAAC;gBAChC,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;oBACzD,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;oBACzC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;iBACxD,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,SAAS,CAAA;YAClB,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;YACtE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAA;YACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,CAAA;YAC5D,IAAI,CAAC;gBACH,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;gBACzE,IAAI,gBAAgB;oBAAE,OAAO,gBAAgB,CAAA;gBAC7C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;oBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;oBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;iBACzE,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAA;gBACF,OAAO,OAAO,CAAA;YAChB,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,GAAG,GAML,EAAE,CAAA;YACN,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;gBAChC,IAAI,IAAI,EAAE,CAAC;oBACT,GAAG,CAAC,EAAE,CAAC,GAAG;wBACR,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,WAAW;wBACxC,mBAAmB,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,mBAAmB;qBACzD,CAAA;gBACH,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEO,SAAS,CACf,YAA0B,EAC1B,SAAkB,EAClB,SAAgI;QAEhI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,MAAM,EAAE,EAAE;YAC9C,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,CAAA;YAC/D,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;gBACvG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;oBACtB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBAC1C,CAAC,CAAC,CAAA;gBACF,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACvB,MAAM,CAAC,kCAAkC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBACrF,CAAC;YACH,CAAC;YACD,IAAI,SAAS;gBAAE,MAAM,CAAC,kCAAkC,GAAG,EAAE,CAAA;YAC7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;IAEa,iBAAiB;;YAM7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAA;YAChF,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAA;YAC7G,MAAM,QAAQ,GAAyC,EAAE,CAAA;YACzD,MAAM,QAAQ,GAA+B,EAAE,CAAA;YAC/C,MAAM,kCAAkC,GAAmC,EAAE,CAAA;YAC7E,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;gBAC/B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;gBACtD,QAAQ,CAAC,QAAQ,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,CAAA;gBAC7E,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,QAAQ,EAAE,CAAC;oBAC5B,kCAAkC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;gBACtE,CAAC;gBACD,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,mBAAmB,EAAE,CAAC;oBACvC,KAAK,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,aAAc,CAAC,mBAAmB,CAAC,EAAE,CAAC;wBAC9G,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;oBAC5B,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,kCAAkC,GAA8D,EAAE,CAAA;YACxG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,kCAAkC,EAAE,kCAAkC,EAAE,CAAA;QACvG,CAAC;KAAA;IAEK,yBAAyB,CAAC,UAAwC;;YACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CAAC,oBAAoB,EAAE,UAAU,CAAC,CAAA;YAC7G,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAA;YAChE,OAAO,QAAQ,CAAA;QACjB,CAAC;KAAA;IAEK,oBAAoB,CAAC,UAAwC;;YACjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,GAAG,GAAa,EAAE,CAAA;YACxB,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE,CAAC;gBACvD,sIAAsI;gBACtI,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,CAAC,sBAAsB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC,CAAA;YAClG,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;KAAA;CACF;AAED,MAAM,kCAAmC,SAAQ,2BAA2B;IAO1E,YACE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,kBAEC;;QAED,KAAK,CAAC,IAAI,EAAE,cAAc,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAA;QAlB5F,aAAQ,GAAsE,IAAI,iCAAc,EAAE,CAAA;QAClG,aAAQ,GAAwB,IAAI,GAAG,EAAE,CAAA;QACzC,uCAAkC,GAAwB,IAAI,GAAG,EAAE,CAAA;QAEnE,eAAU,GAAG,IAAI,mBAAK,EAAE,CAAA;QAevC,IAAI,CAAC,qBAAqB,GAAG,MAAA,kBAAkB,CAAC,YAAY,mCAAI,IAAI,CAAA;IACtE,CAAC;IAEK,sBAAsB;;YAC1B,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,kCAAkC,CAAC,KAAK,EAAE,CAAA;QACjD,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAEL,EAAE,CAAA;gBACN,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;oBAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;oBACtC,IAAI,MAAM,EAAE,CAAC;wBACX,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBACjD,IAAI,CAAC,SAAS;4BAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,mCAAmC,CAAC,CAAA;wBAC1F,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;4BACxB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,SAAS,CAAC,YAAY;gCACpC,WAAW,EAAE,SAAS,CAAC,SAAS,CAAC,WAAW;gCAC5C,mBAAmB,EAAE,SAAS,CAAC,SAAS,CAAC,mBAAmB;6BAC7D,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAML,EAAE,CAAA;gBACN,MAAM,QAAQ,GAAa,EAAE,CAAA;gBAC7B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;oBACrB,MAAM,MAAM,GAAuD,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;oBAC9F,IAAI,MAAM,EAAE,CAAC;wBACX,GAAG,CAAC,EAAE,CAAC,GAAG;4BACR,WAAW,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,WAAW;4BAC1C,mBAAmB,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,mBAAmB;4BAC1D,YAAY,EAAE,MAAM,CAAC,YAAY;yBAClC,CAAA;oBACH,CAAC;yBAAM,IAAI,mBAAmB,EAAE,CAAC;wBAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;oBACnB,CAAC;gBACH,CAAC;gBACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAA;oBAChE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;wBAC7B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;wBAC9C,IAAI,SAAS,EAAE,CAAC;4BACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;4BACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;wBAC5D,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;wBACrD,CAAC;wBACD,GAAG,CAAC,IAAI,CAAC,EAAG,CAAC,GAAG;4BACd,WAAW,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,WAAW;4BACnC,mBAAmB,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,mBAAmB;4BACnD,YAAY,EAAE,IAAI;yBACnB,CAAA;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,IAAI,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACxE,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAA;oBAC9C,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACtE,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;oBAClD,IAAI,CAAC,MAAM;wBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,UAAU,4BAA4B,CAAC,CAAA;oBACnG,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;wBACrB,OAAO;4BACL,YAAY,EAAE,MAAM,CAAC,YAAY;4BACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;4BACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;4BACzD,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;yBACxD,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAA;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;wBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;wBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;qBACzE,CAAC,CAAA;oBACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;oBACrG,MAAM,IAAI,GAAG;wBACX,YAAY,EAAE,OAAO,CAAC,YAAY;wBAClC,SAAS,EAAE;4BACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;4BAChD,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;4BAC9C,QAAQ,EAAE,IAAI;yBACf;wBACD,MAAM;qBACP,CAAA;oBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;oBACrB,OAAO;wBACL,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;wBACvC,mBAAmB,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB;wBACvD,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,kBAAkB;qBACtD,CAAA;gBACH,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAED,iJAAiJ;IACjJ,uEAAuE;IACzD,uBAAuB,CAAC,UAAkB;;YACtD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,UAAU,CAAC,CAAA;YAC1I,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBAClC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC9C,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;oBACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;gBAC5D,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;gBACrD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAEO,UAAU,CAAC,IAA+C;;QAChE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACrD,IAAI,CAAC,aAAa,EAAE,CAAA;QACtB,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAC,CAAA;QAC7E,IAAI,CAAA,MAAA,IAAI,CAAC,SAAS,0CAAE,QAAQ,KAAI,CAAC,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAA;QAChG,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAG,EAAE,IAAI,CAAC,CAAA;IAChD,CAAC;IAEO,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAA;QACtD,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAA;QAC5D,IAAI,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;YAC3G,IAAI,CAAC,kCAAkC,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;IAED,yBAAyB;QACvB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,oBAAoB;QAClB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;gBACrG,MAAM,IAAI,GAAG;oBACX,YAAY,EAAE,OAAO,CAAC,YAAY;oBAClC,SAAS,EAAE;wBACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;wBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;wBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B;oBACD,MAAM;iBACP,CAAA;gBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;YACvB,CAAC;QACH,CAAC;KAAA;CACF","sourcesContent":["import { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { BaseExchangeDataManager } from './BaseExchangeDataManager'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { fingerprintV1, getShaVersionForKey, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EntityWithDelegationTypeName, hex2ua } from '../utils'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { ShaVersion } from './RSA'\nimport { Mutex } from 'async-mutex'\nimport { SimpleLruCache } from '../utils/simple-lru-cache'\n\nexport type ExchangeDataManagerOptionalParameters = {\n // Only for not fully cached implementation (data owner can't request all his exchange data), amount of exchange data which can be cached\n lruCacheSize?: number // default = 2000\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice.\n * Initialises and returns the exchange data manager which is most appropriate for the current data owner.\n */\nexport async function initialiseExchangeDataManagerForCurrentDataOwner(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: ExchangeDataManagerOptionalParameters = {}\n): Promise<ExchangeDataManager> {\n const currentOwner = CryptoActorStubWithType.fromDataOwner(await dataOwnerApi.getCurrentDataOwner())\n if (cryptoStrategies.dataOwnerRequiresAnonymousDelegation(currentOwner)) {\n const res = new FullyCachedExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys\n )\n await res.clearOrRepopulateCache()\n return res\n } else {\n return new LimitedLruCacheExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys,\n optionalParameters\n )\n }\n}\n\ntype CachedExchangeData = {\n exchangeData: ExchangeData\n decrypted?: {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n}\n\n/**\n * @internal this class is intended for internal use only and may be changed without notice.\n * Exchange data manager which automatically handles decryption and cache\n */\nexport interface ExchangeDataManager {\n readonly base: BaseExchangeDataManager\n\n /**\n * Updates all exchange data between the current data owner and another data owner to allow the other data owner to access existing exchange data\n * using a new public key. Note that this will make existing exchange keys from the other data owner to the current data owner unverified, therefore\n * invalid for encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n */\n giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string): Promise<void>\n\n /**\n * Gets any existing and verified exchange data from the current data owner to the provided delegate or creates new data if no verified data is\n * available, then caches it.\n * @param delegateId the id of the delegate.\n * @param options\n * - allowCreationWithoutDelegatorKey if true, when creating new exchange data, even if no verified key is available for the delegator the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * - allowCreationWithoutDelegateKey if true, when creating new exchange data, even if no verified key is available for the delegate the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * @return the access control secret and key of the data to use for encryption.\n */\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }>\n\n /**\n * Retrieve the cached decrypted exchange data key associated with any of the provided hashes/entry keys of secure delegations.\n * @param hashes hashes of access control secrets for a specific entity, as they appear in the key of secure delegation entries\n * @return the exchange data and decrypted key associated to that hash if cached\n */\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey } }>\n\n /**\n * Retrieves the exchange data with the provided id (from the cache if available or from the server otherwise if allowed by\n * and attempts to decrypt it, then caches the result.\n * @param ids ids of the exchange datas to retrieve\n * @param retrieveIfNotCached if false only cached data will be returned, and the access control hases options will be\n * ignored\n * @return a map containing the exchange data id associated with:\n * - exchangeData: the exchange data with the provided id\n * - exchangeKey: the exchange key corresponding to the provided exchange data if it could be decrypted, else undefined\n * - accessControlSecret: the access control secret corresponding to the provided exchange data if it could be decrypted, else undefined\n */\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{ [id: string]: { exchangeKey: CryptoKey | undefined; accessControlSecret: string | undefined; exchangeData: ExchangeData } }>\n\n /**\n * Clears the cache or fully repopulates the cache if the current data owner can retrieve all of his exchange data according to the crypto\n * strategies.\n */\n clearOrRepopulateCache(): Promise<void>\n\n /**\n * If the current data owner requires anonymous delegations this returns the base64 representation of the concatenation of all available access\n * control keys for the current data owner.\n */\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined>\n\n /**\n * If the current data owner requires anonymous delegations this returns the access control keys which may be used in secure delegations for the\n * data owner, which can be used to search for data.\n */\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined>\n\n /**\n * Injects already decrypted exchange data, allowing it to be used by the sdk.\n * @param exchangeDataDetails the exchange data to inject, with the decrypted content and verified status.\n * Note that the SDK won't verify that the provided decrypted content actually matches what is stored in the exchange\n * data.\n * @param reEncryptWithOwnKeys if true all the provided exchange data that is not encrypted with any of the self\n * verified keys of the user will be re-encrypted with them. In case the user is also the delegator and the data is\n * verified the delegator signature will be updated.\n */\n injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void>\n}\n\nabstract class AbstractExchangeDataManager implements ExchangeDataManager {\n constructor(\n readonly base: BaseExchangeDataManager,\n protected readonly encryptionKeys: UserEncryptionKeysManager,\n protected readonly accessControlSecret: AccessControlSecretUtils,\n protected readonly cryptoStrategies: CryptoStrategies,\n protected readonly dataOwnerApi: IccDataOwnerXApi,\n protected readonly primitives: CryptoPrimitives,\n private readonly useParentKeys: boolean\n ) {}\n\n protected async decryptData(data: ExchangeData): Promise<\n | {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n | undefined\n > {\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const encryptionKeys = Object.fromEntries(\n this.encryptionKeys.getSelfVerifiedKeys().map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])\n )\n const decryptedExchangeKey = (await this.base.tryDecryptExchangeKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedExchangeKey) return undefined\n const decryptedAccessControlSecret = (await this.base.tryDecryptAccessControlSecret([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedAccessControlSecret)\n throw new Error(`Decryption key could be decrypted but access control secret could not for data ${JSON.stringify(data)}`)\n const decryptedSharedSignatureKey = (await this.base.tryDecryptSharedSignatureKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedSharedSignatureKey)\n throw new Error(`Decryption key could be decrypted but shared signature key could not for data ${JSON.stringify(data)}`)\n return {\n accessControlSecret: decryptedAccessControlSecret,\n exchangeKey: decryptedExchangeKey,\n sharedSignatureKey: decryptedSharedSignatureKey,\n verified: await this.base.verifyExchangeData(\n {\n exchangeData: data,\n decryptedAccessControlSecret,\n decryptedExchangeKey,\n decryptedSharedSignatureKey,\n },\n encryptionKeys,\n true\n ),\n }\n }\n\n protected async createNewExchangeData(\n delegateId: string,\n options: {\n newDataId?: string\n allowNoDelegatorKeys?: boolean\n allowNoDelegateKeys?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n if (options.allowNoDelegateKeys && options.allowNoDelegatorKeys)\n throw new Error('Illegal arguments: allow no delegator and no delegate keys should never both be true')\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0 && !options.allowNoDelegatorKeys)\n throw new Error('If the sdk is initialized in keyless mode you must create exchange data explicitly')\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n if (delegateId != (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const sha256KeysOfDelegate = hexPublicKeysWithSha256Of(delegate.stub)\n const sha1KeysOfDelegate = hexPublicKeysWithSha1Of(delegate.stub)\n let allVerifiedDelegateKeys: string[]\n if (!sha256KeysOfDelegate.size && !sha1KeysOfDelegate.size) {\n if (!options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate was found.`)\n allVerifiedDelegateKeys = []\n } else if (this.useParentKeys && (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()).includes(delegateId)) {\n allVerifiedDelegateKeys = await this.encryptionKeys.getVerifiedPublicKeysFor(delegate.stub)\n } else {\n allVerifiedDelegateKeys = await this.cryptoStrategies.verifyDelegatePublicKeys(\n delegate,\n [...Array.from(sha256KeysOfDelegate), ...Array.from(sha1KeysOfDelegate)],\n this.primitives\n )\n }\n if (!allVerifiedDelegateKeys.length && !options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate could be verified.`)\n for (const delegateKey of allVerifiedDelegateKeys) {\n if (sha1KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey('spki', hex2ua(delegateKey), ['encrypt'], ShaVersion.Sha1)\n } else if (sha256KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey(\n 'spki',\n hex2ua(delegateKey),\n ['encrypt'],\n ShaVersion.Sha256\n )\n } else throw new Error('Illegal state: verified keys should contain only keys for OAPE-SHA1 or OAPE-SHA256.')\n }\n }\n const newData = await this.base.createExchangeData(\n delegateId,\n Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])),\n encryptionKeys,\n options.newDataId ? { id: options.newDataId } : {}\n )\n return {\n exchangeData: newData.exchangeData,\n accessControlSecret: newData.accessControlSecret,\n exchangeKey: newData.exchangeKey,\n sharedSignatureKey: newData.sharedSignatureKey,\n }\n }\n\n async giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string) {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newKeyFp = fingerprintV1(newDataOwnerPublicKey)\n const other = await this.dataOwnerApi.getCryptoActorStub(otherDataOwner)\n const newKeyHashVersion = getShaVersionForKey(other.stub, newDataOwnerPublicKey)\n if (!newKeyHashVersion) throw new Error(`Public key not found for data owner ${otherDataOwner}`)\n const importedNewKey = await this.primitives.RSA.importKey('spki', hex2ua(newDataOwnerPublicKey), ['encrypt'], newKeyHashVersion)\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const allExchangeDataToUpdate =\n self == otherDataOwner\n ? await this.base.getExchangeDataByDelegatorDelegatePair(self, self)\n : [\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(self, otherDataOwner)),\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(otherDataOwner, self)),\n ]\n for (const dataToUpdate of allExchangeDataToUpdate) {\n if (!Object.keys(dataToUpdate.exchangeKey).find((fp) => fp == newKeyFp)) {\n const updated = await this.base.tryUpdateExchangeData(dataToUpdate, decryptionKeys, { [newKeyFp]: importedNewKey })\n if (!updated) {\n console.warn(`Failed to give access back to exchanged data ${JSON.stringify(dataToUpdate)}`)\n }\n }\n }\n }\n\n clearOrRepopulateCache(): Promise<void> {\n throw new Error('Implemented by concrete class')\n }\n\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n throw new Error('Implemented by concrete class')\n }\n\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n throw new Error('Implemented by concrete class')\n }\n\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n throw new Error('Implemented by concrete class')\n }\n\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n async injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const retrievedExchangeData = await this.base.getExchangeDataByIds(exchangeDataDetails.map((x) => x.exchangeDataId))\n if (retrievedExchangeData.some((x) => x.delegator != self && x.delegate != self))\n throw new Error('Should only inject exchange date from/to the current user')\n const exchangeDataById: { [id: string]: ExchangeData } = {}\n retrievedExchangeData.forEach((x) => (exchangeDataById[x.id!] = x))\n if (reEncryptWithOwnKeys) {\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0) throw new Error(\"Can't re-encrypt injected exchange data with own keys if in keyless mode\")\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n const signatureKeys = Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey]))\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != null)\n await this.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData,\n newEncryptionKeys: encryptionKeys,\n newDelegatorSignatureKeys: exchangeData.delegator == self && details.verified ? signatureKeys : {},\n rawExchangeKey: details.exchangeKey,\n rawAccessControlSecret: details.accessControlSecret,\n rawSharedSignatureKey: details.sharedSignatureKey,\n })\n }\n }\n const importedDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[] = []\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != undefined)\n importedDetails.push({\n exchangeData: exchangeData,\n accessControlSecret: await this.base.importAccessControlSecret(details.accessControlSecret),\n exchangeKey: await this.base.importExchangeKey(details.exchangeKey),\n sharedSignatureKey: await this.base.importSharedSignatureKey(details.sharedSignatureKey),\n verified: details.verified,\n })\n }\n await this.cacheInjectedExchangeData(importedDetails)\n }\n\n protected abstract cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void>\n}\n\nclass FullyCachedExchangeDataManager extends AbstractExchangeDataManager {\n private caches: Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> = Promise.resolve({ dataById: {}, hashToId: {}, delegateToVerifiedEncryptionDataId: {}, entityTypeToAccessControlKeysValue: {} })\n private createExchangeDataMutex = new Mutex()\n\n async clearOrRepopulateCache(): Promise<void> {\n this.caches = this.doRepopulateCache()\n await this.caches\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n function retrieveByHashesFromCaches(caches: {\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n }): { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } } {\n return hashes.reduce((res, hash) => {\n const id = caches.hashToId[hash]\n if (id) {\n const cached = caches.dataById[id]\n if (cached?.decrypted) {\n res[hash] = {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n }\n }\n }\n return res\n }, {} as { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } })\n }\n\n return retrieveByHashesFromCaches(await this.caches)\n }\n\n private async getCachedEncryptionDataTo(\n delegateId: string\n ): Promise<{ exchangeKey: CryptoKey; accessControlSecret: string; exchangeData: ExchangeData; sharedSignatureKey: CryptoKey } | undefined> {\n const caches = await this.caches\n const dataId = caches.delegateToVerifiedEncryptionDataId[delegateId]\n const cached = dataId ? caches.dataById[dataId] : undefined\n if (cached && cached?.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n accessControlSecret: cached.decrypted.accessControlSecret,\n exchangeKey: cached.decrypted.exchangeKey,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else {\n return undefined\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const initialCached = await this.getCachedEncryptionDataTo(delegateId)\n if (initialCached) return initialCached\n const release = await this.createExchangeDataMutex.acquire()\n try {\n const cachedAfterMutex = await this.getCachedEncryptionDataTo(delegateId)\n if (cachedAfterMutex) return cachedAfterMutex\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n this.cacheData(created.exchangeData, true, {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n })\n return created\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const caches = await this.caches\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n for (const id of ids) {\n const data = caches.dataById[id]\n if (data) {\n res[id] = {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted?.exchangeKey,\n accessControlSecret: data.decrypted?.accessControlSecret,\n }\n }\n }\n return res\n }\n\n private cacheData(\n exchangeData: ExchangeData,\n isNewData: boolean,\n decrypted: { accessControlSecret: string; exchangeKey: CryptoKey; verified: boolean; sharedSignatureKey: CryptoKey } | undefined\n ): void {\n this.caches = this.caches.then(async (caches) => {\n caches.dataById[exchangeData.id!] = { exchangeData, decrypted }\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n hashes.forEach((hash) => {\n caches.hashToId[hash] = exchangeData.id!\n })\n if (decrypted.verified) {\n caches.delegateToVerifiedEncryptionDataId[exchangeData.delegate] = exchangeData.id!\n }\n }\n if (isNewData) caches.entityTypeToAccessControlKeysValue = {}\n return caches\n })\n }\n\n private async doRepopulateCache(): Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> {\n const allData = await this.base.getAllExchangeDataForCurrentDataOwnerIfAllowed()\n if (!allData) throw new Error('Impossible to use fully cached exchange data manager for current data owner.')\n const dataById: { [id: string]: CachedExchangeData } = {}\n const hashToId: { [hash: string]: string } = {}\n const delegateToVerifiedEncryptionDataId: { [delegate: string]: string } = {}\n for (const currData of allData) {\n const currDecrypted = await this.decryptData(currData)\n dataById[currData.id!] = { exchangeData: currData, decrypted: currDecrypted }\n if (currDecrypted?.verified) {\n delegateToVerifiedEncryptionDataId[currData.delegate] = currData.id!\n }\n if (currDecrypted?.accessControlSecret) {\n for (const h of await this.accessControlSecret.allSecureDelegationKeysFor(currDecrypted!.accessControlSecret)) {\n hashToId[h] = currData.id!\n }\n }\n }\n const entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string } = {}\n return { dataById, hashToId, delegateToVerifiedEncryptionDataId, entityTypeToAccessControlKeysValue }\n }\n\n async getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n const caches = await this.caches\n const cached = caches.entityTypeToAccessControlKeysValue[entityType]\n if (cached) return cached\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const fullData = await this.accessControlSecret.getEncodedAccessControlKeys(accessControlSecrets, entityType)\n caches.entityTypeToAccessControlKeysValue[entityType] = fullData\n return fullData\n }\n\n async getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n const caches = await this.caches\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const res: string[] = []\n for (const accessControlSecret of accessControlSecrets) {\n // Usage of sfks in secure delegation key should be configurable: it is not necessary for all users and it has some performance impact\n res.push(await this.accessControlSecret.secureDelegationKeyFor(accessControlSecret, entityType))\n }\n return res\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n this.cacheData(details.exchangeData, true, {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n })\n }\n }\n}\n\nclass LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {\n private readonly idToData: SimpleLruCache<string, CachedExchangeData & { hashes: string[] }> = new SimpleLruCache()\n private readonly hashToId: Map<string, string> = new Map()\n private readonly delegateToVerifiedEncryptionDataId: Map<string, string> = new Map()\n private readonly maxCachedExchangeData: number\n private readonly cacheMutex = new Mutex()\n\n constructor(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: {\n lruCacheSize?: number\n }\n ) {\n super(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys)\n this.maxCachedExchangeData = optionalParameters.lruCacheSize ?? 2000\n }\n\n async clearOrRepopulateCache(): Promise<void> {\n this.idToData.clear()\n this.hashToId.clear()\n this.delegateToVerifiedEncryptionDataId.clear()\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string }\n } = {}\n for (const hash of hashes) {\n const dataId = this.hashToId.get(hash)\n if (dataId) {\n const retrieved = this.idToData.getCached(dataId)\n if (!retrieved) throw new Error(`Data with id ${dataId} should have been already cached.`)\n if (retrieved.decrypted) {\n res[hash] = {\n exchangeData: retrieved.exchangeData,\n exchangeKey: retrieved.decrypted.exchangeKey,\n accessControlSecret: retrieved.decrypted.accessControlSecret,\n }\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n const uncached: string[] = []\n for (const id of ids) {\n const cached: (CachedExchangeData & { hashes: string[] }) | null = this.idToData.getCached(id)\n if (cached) {\n res[id] = {\n exchangeKey: cached.decrypted?.exchangeKey,\n accessControlSecret: cached.decrypted?.accessControlSecret,\n exchangeData: cached.exchangeData,\n }\n } else if (retrieveIfNotCached) {\n uncached.push(id)\n }\n }\n if (uncached.length > 0) {\n const retrieved = await this.base.getExchangeDataByIds(uncached)\n for (const data of retrieved) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n res[data.id!] = {\n exchangeKey: decrypted?.exchangeKey,\n accessControlSecret: decrypted?.accessControlSecret,\n exchangeData: data,\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const release = await this.cacheMutex.acquire()\n try {\n let existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n if (!existingId) {\n await this.populateCacheToDelegate(delegateId)\n existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n }\n if (existingId) {\n const cached = this.idToData.getCached(existingId)\n if (!cached) throw new Error(`Illegal state: data with id ${existingId} should have been in cache`)\n if (cached.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else throw new Error(`Illegal state: cached verified data should be decrypted.`)\n } else {\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(created.accessControlSecret)\n const data = {\n exchangeData: created.exchangeData,\n decrypted: {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n },\n hashes,\n }\n this.addToCache(data)\n return {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted.exchangeKey,\n accessControlSecret: data.decrypted.accessControlSecret,\n sharedSignatureKey: data.decrypted.sharedSignatureKey,\n }\n }\n } finally {\n release()\n }\n }\n\n // Loads and adds to the cache all exchange data from the current data owner to the given delegate. Allows to check if there is already data from\n // the current data owner to the delegate which is good for encryption.\n private async populateCacheToDelegate(delegateId: string): Promise<void> {\n const dataToDelegate = await this.base.getExchangeDataByDelegatorDelegatePair(await this.dataOwnerApi.getCurrentDataOwnerId(), delegateId)\n for (const data of dataToDelegate) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n }\n }\n\n private addToCache(data: CachedExchangeData & { hashes: string[] }) {\n if (this.idToData.size >= this.maxCachedExchangeData) {\n this.evictOneEntry()\n }\n data.hashes.forEach((hash) => this.hashToId.set(hash, data.exchangeData.id!))\n if (data.decrypted?.verified && !this.delegateToVerifiedEncryptionDataId.has(data.exchangeData.delegate)) {\n this.delegateToVerifiedEncryptionDataId.set(data.exchangeData.delegate, data.exchangeData.id!)\n }\n this.idToData.set(data.exchangeData.id!, data)\n }\n\n private evictOneEntry() {\n const evicted = this.idToData.evictLeastRecentlyUsed()\n evicted.hashes.forEach((hash) => this.hashToId.delete(hash))\n if (this.delegateToVerifiedEncryptionDataId.get(evicted.exchangeData.delegate) === evicted.exchangeData.id) {\n this.delegateToVerifiedEncryptionDataId.delete(evicted.exchangeData.delegate)\n }\n }\n\n getAccessControlKeysValue(): Promise<string | undefined> {\n return Promise.resolve(undefined)\n }\n\n getAllDelegationKeys(): Promise<string[] | undefined> {\n return Promise.resolve(undefined)\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(details.accessControlSecret)\n const data = {\n exchangeData: details.exchangeData,\n decrypted: {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n },\n hashes,\n }\n this.addToCache(data)\n }\n }\n}\n"]}
1
+ {"version":3,"file":"ExchangeDataManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/ExchangeDataManager.ts"],"names":[],"mappings":";;;;;;;;;;;AAuBA,4GAmCC;AApDD,mCAAgH;AAEhH,oCAAsE;AACtE,yEAA6E;AAC7E,+BAAkC;AAClC,6CAAmC;AACnC,gEAA0D;AAO1D;;;GAGG;AACH,SAAsB,gDAAgD;yDACpE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,qBAA4D,EAAE;QAE9D,MAAM,YAAY,GAAG,yCAAuB,CAAC,aAAa,CAAC,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAC,CAAA;QACpG,IAAI,gBAAgB,CAAC,oCAAoC,CAAC,YAAY,CAAC,EAAE,CAAC;YACxE,MAAM,GAAG,GAAG,IAAI,8BAA8B,CAC5C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,CACd,CAAA;YACD,MAAM,GAAG,CAAC,sBAAsB,EAAE,CAAA;YAClC,OAAO,GAAG,CAAA;QACZ,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,kCAAkC,CAC3C,IAAI,EACJ,cAAc,EACd,mBAAmB,EACnB,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,aAAa,EACb,kBAAkB,CACnB,CAAA;QACH,CAAC;IACH,CAAC;CAAA;AA+GD,MAAe,2BAA2B;IACxC,YACW,IAA6B,EACnB,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC9B,aAAsB;QAN9B,SAAI,GAAJ,IAAI,CAAyB;QACnB,mBAAc,GAAd,cAAc,CAA2B;QACzC,wBAAmB,GAAnB,mBAAmB,CAA0B;QAC7C,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC9B,kBAAa,GAAb,aAAa,CAAS;IACtC,CAAC;IAEY,WAAW,CAAC,IAAkB;;YAS5C,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,cAAc,GAAG,MAAM,CAAC,WAAW,CACvC,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAC9G,CAAA;YACD,MAAM,oBAAoB,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACtH,IAAI,CAAC,oBAAoB;gBAAE,OAAO,SAAS,CAAA;YAC3C,MAAM,4BAA4B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACrI,IAAI,CAAC,4BAA4B;gBAC/B,MAAM,IAAI,KAAK,CAAC,kFAAkF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC3H,MAAM,2BAA2B,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;YACpI,IAAI,CAAC,2BAA2B;gBAC9B,MAAM,IAAI,KAAK,CAAC,iFAAiF,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC1H,OAAO;gBACL,mBAAmB,EAAE,4BAA4B;gBACjD,WAAW,EAAE,oBAAoB;gBACjC,kBAAkB,EAAE,2BAA2B;gBAC/C,QAAQ,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAC1C;oBACE,YAAY,EAAE,IAAI;oBAClB,4BAA4B;oBAC5B,oBAAoB;oBACpB,2BAA2B;iBAC5B,EACD,cAAc,EACd,IAAI,CACL;aACF,CAAA;QACH,CAAC;KAAA;IAEe,qBAAqB,CACnC,UAAkB,EAClB,OAIC;;YAED,IAAI,OAAO,CAAC,mBAAmB,IAAI,OAAO,CAAC,oBAAoB;gBAC7D,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAA;YACzG,MAAM,cAAc,GAAgC,EAAE,CAAA;YACtD,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;YAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBAC/D,MAAM,IAAI,KAAK,CAAC,oFAAoF,CAAC,CAAA;YACvG,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;gBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;YAC9C,CAAC,CAAC,CAAA;YACF,IAAI,UAAU,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC,EAAE,CAAC;gBACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAA;gBACvE,MAAM,oBAAoB,GAAG,IAAA,iCAAyB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACrE,MAAM,kBAAkB,GAAG,IAAA,+BAAuB,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBACjE,IAAI,uBAAiC,CAAA;gBACrC,IAAI,CAAC,oBAAoB,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;oBAC3D,IAAI,CAAC,OAAO,CAAC,mBAAmB;wBAC9B,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,+CAA+C,CAAC,CAAA;oBACjH,uBAAuB,GAAG,EAAE,CAAA;gBAC9B,CAAC;qBAAM,IAAI,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAClH,uBAAuB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBAC7F,CAAC;qBAAM,CAAC;oBACN,uBAAuB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,wBAAwB,CAC5E,QAAQ,EACR,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,EACxE,IAAI,CAAC,UAAU,CAChB,CAAA;gBACH,CAAC;gBACD,IAAI,CAAC,uBAAuB,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB;oBACjE,MAAM,IAAI,KAAK,CAAC,qCAAqC,UAAU,uDAAuD,CAAC,CAAA;gBACzH,KAAK,MAAM,WAAW,IAAI,uBAAuB,EAAE,CAAC;oBAClD,IAAI,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACxC,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAC9E,MAAM,EACN,IAAA,aAAK,EAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,EAC1B,CAAC,SAAS,CAAC,EACX,gBAAU,CAAC,IAAI,CAChB,CAAA;oBACH,CAAC;yBAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;wBACjD,cAAc,CAAC,IAAA,qBAAa,EAAC,WAAW,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAC9E,MAAM,EACN,IAAA,aAAK,EAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,EAC1B,CAAC,SAAS,CAAC,EACX,gBAAU,CAAC,MAAM,CAClB,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,qFAAqF,CAAC,CAAA;gBAC/G,CAAC;YACH,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAChD,UAAU,EACV,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EACxG,cAAc,EACd,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CACnD,CAAA;YACD,OAAO;gBACL,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;gBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;aAC/C,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,cAAsB,EAAE,qBAA6B;;YAC1E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,qBAAqB,CAAC,CAAA;YACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;YACxE,MAAM,iBAAiB,GAAG,IAAA,2BAAmB,EAAC,KAAK,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAA;YAChF,IAAI,CAAC,iBAAiB;gBAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,cAAc,EAAE,CAAC,CAAA;YAChG,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,aAAK,EAAC,IAAA,cAAM,EAAC,qBAAqB,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,iBAAiB,CAAC,CAAA;YACxI,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,CAAA;YAC9D,MAAM,uBAAuB,GAC3B,IAAI,IAAI,cAAc;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,IAAI,CAAC;gBACpE,CAAC,CAAC;oBACE,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBACjF,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;iBAClF,CAAA;YACP,KAAK,MAAM,YAAY,IAAI,uBAAuB,EAAE,CAAC;gBACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,CAAC;oBACxE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,EAAE,CAAC,CAAA;oBACnH,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,OAAO,CAAC,IAAI,CAAC,gDAAgD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;oBAC9F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED,sBAAsB;QACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,2BAA2B,CACzB,UAAkB,EAClB,OAGC;QAED,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,6CAA6C,CAC3C,MAAgB;QAEhB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CACvB,GAAa,EACb,mBAA4B;QAQ5B,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,yBAAyB,CAAC,UAAwC;QAChE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAED,oBAAoB,CAAC,UAAwC;QAC3D,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAClD,CAAC;IAEK,2BAA2B,CAC/B,mBAMG,EACH,oBAA6B;;YAE7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;YACpH,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC;gBAC9E,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAA;YAC9E,MAAM,gBAAgB,GAAmC,EAAE,CAAA;YAC3D,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACnE,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,CAAA;gBAClE,IAAI,gBAAgB,CAAC,MAAM,IAAI,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7H,MAAM,cAAc,GAAgC,EAAE,CAAA;gBACtD,gBAAgB,CAAC,OAAO,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE;oBACjD,cAAc,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,SAAS,CAAA;gBAC9C,CAAC,CAAC,CAAA;gBACF,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAuB,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC9H,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;oBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;oBAC7D,IAAI,YAAY,IAAI,IAAI;wBACtB,MAAM,IAAI,CAAC,IAAI,CAAC,yCAAyC,CAAC;4BACxD,YAAY;4BACZ,iBAAiB,EAAE,cAAc;4BACjC,yBAAyB,EAAE,YAAY,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE;4BAClG,cAAc,EAAE,OAAO,CAAC,WAAW;4BACnC,sBAAsB,EAAE,OAAO,CAAC,mBAAmB;4BACnD,qBAAqB,EAAE,OAAO,CAAC,kBAAkB;yBAClD,CAAC,CAAA;gBACN,CAAC;YACH,CAAC;YACD,MAAM,eAAe,GAMf,EAAE,CAAA;YACR,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,YAAY,GAAG,gBAAgB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;gBAC7D,IAAI,YAAY,IAAI,SAAS;oBAC3B,eAAe,CAAC,IAAI,CAAC;wBACnB,YAAY,EAAE,YAAY;wBAC1B,mBAAmB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,mBAAmB,CAAC;wBAC3F,WAAW,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,WAAW,CAAC;wBACnE,kBAAkB,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,kBAAkB,CAAC;wBACxF,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAA;YACN,CAAC;YACD,MAAM,IAAI,CAAC,yBAAyB,CAAC,eAAe,CAAC,CAAA;QACvD,CAAC;KAAA;CAWF;AAED,MAAM,8BAA+B,SAAQ,2BAA2B;IAAxE;;QACU,WAAM,GAKT,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,kCAAkC,EAAE,EAAE,EAAE,CAAC,CAAA;QAC5H,4BAAuB,GAAG,IAAI,mBAAK,EAAE,CAAA;IAuM/C,CAAC;IArMO,sBAAsB;;YAC1B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAA;YACtC,MAAM,IAAI,CAAC,MAAM,CAAA;QACnB,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,SAAS,0BAA0B,CAAC,MAInC;gBACC,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;oBACjC,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;oBAChC,IAAI,EAAE,EAAE,CAAC;wBACP,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;wBAClC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;4BACtB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,MAAM,CAAC,YAAY;gCACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;gCACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;6BAC1D,CAAA;wBACH,CAAC;oBACH,CAAC;oBACD,OAAO,GAAG,CAAA;gBACZ,CAAC,EAAE,EAA6G,CAAC,CAAA;YACnH,CAAC;YAED,OAAO,0BAA0B,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,CAAA;QACtD,CAAC;KAAA;IAEa,yBAAyB,CACrC,UAAkB;;YAElB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3D,IAAI,MAAM,KAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA,EAAE,CAAC;gBAChC,OAAO;oBACL,YAAY,EAAE,MAAM,CAAC,YAAY;oBACjC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;oBACzD,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;oBACzC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;iBACxD,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,SAAS,CAAA;YAClB,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;YACtE,IAAI,aAAa;gBAAE,OAAO,aAAa,CAAA;YACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,CAAA;YAC5D,IAAI,CAAC;gBACH,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;gBACzE,IAAI,gBAAgB;oBAAE,OAAO,gBAAgB,CAAA;gBAC7C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;oBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;oBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;iBACzE,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAA;gBACF,OAAO,OAAO,CAAA;YAChB,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,GAAG,GAML,EAAE,CAAA;YACN,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;gBAChC,IAAI,IAAI,EAAE,CAAC;oBACT,GAAG,CAAC,EAAE,CAAC,GAAG;wBACR,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,WAAW;wBACxC,mBAAmB,EAAE,MAAA,IAAI,CAAC,SAAS,0CAAE,mBAAmB;qBACzD,CAAA;gBACH,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEO,SAAS,CACf,YAA0B,EAC1B,SAAkB,EAClB,SAAgI;QAEhI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,MAAM,EAAE,EAAE;YAC9C,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,CAAA;YAC/D,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;gBACvG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;oBACtB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBAC1C,CAAC,CAAC,CAAA;gBACF,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;oBACvB,MAAM,CAAC,kCAAkC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,EAAG,CAAA;gBACrF,CAAC;YACH,CAAC;YACD,IAAI,SAAS;gBAAE,MAAM,CAAC,kCAAkC,GAAG,EAAE,CAAA;YAC7D,OAAO,MAAM,CAAA;QACf,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;IAEa,iBAAiB;;YAM7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,8CAA8C,EAAE,CAAA;YAChF,IAAI,CAAC,OAAO;gBAAE,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAA;YAC7G,MAAM,QAAQ,GAAyC,EAAE,CAAA;YACzD,MAAM,QAAQ,GAA+B,EAAE,CAAA;YAC/C,MAAM,kCAAkC,GAAmC,EAAE,CAAA;YAC7E,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;gBAC/B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAA;gBACtD,QAAQ,CAAC,QAAQ,CAAC,EAAG,CAAC,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,CAAA;gBAC7E,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,QAAQ,EAAE,CAAC;oBAC5B,kCAAkC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;gBACtE,CAAC;gBACD,IAAI,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,mBAAmB,EAAE,CAAC;oBACvC,KAAK,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,aAAc,CAAC,mBAAmB,CAAC,EAAE,CAAC;wBAC9G,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,EAAG,CAAA;oBAC5B,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,kCAAkC,GAA8D,EAAE,CAAA;YACxG,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,kCAAkC,EAAE,kCAAkC,EAAE,CAAA;QACvG,CAAC;KAAA;IAEK,yBAAyB,CAAC,UAAwC;;YACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,MAAM,GAAG,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,CAAA;YACpE,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CAAC,oBAAoB,EAAE,UAAU,CAAC,CAAA;YAC7G,MAAM,CAAC,kCAAkC,CAAC,UAAU,CAAC,GAAG,QAAQ,CAAA;YAChE,OAAO,QAAQ,CAAA;QACjB,CAAC;KAAA;IAEK,oBAAoB,CAAC,UAAwC;;YACjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAA;YAChC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;YAClI,MAAM,GAAG,GAAa,EAAE,CAAA;YACxB,KAAK,MAAM,mBAAmB,IAAI,oBAAoB,EAAE,CAAC;gBACvD,sIAAsI;gBACtI,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,CAAC,sBAAsB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC,CAAA;YAClG,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE;oBACzC,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;oBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;KAAA;CACF;AAED,MAAM,kCAAmC,SAAQ,2BAA2B;IAO1E,YACE,IAA6B,EAC7B,cAAyC,EACzC,mBAA6C,EAC7C,gBAAkC,EAClC,YAA8B,EAC9B,UAA4B,EAC5B,aAAsB,EACtB,kBAEC;;QAED,KAAK,CAAC,IAAI,EAAE,cAAc,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAA;QAlB5F,aAAQ,GAAsE,IAAI,iCAAc,EAAE,CAAA;QAClG,aAAQ,GAAwB,IAAI,GAAG,EAAE,CAAA;QACzC,uCAAkC,GAAwB,IAAI,GAAG,EAAE,CAAA;QAEnE,eAAU,GAAG,IAAI,mBAAK,EAAE,CAAA;QAevC,IAAI,CAAC,qBAAqB,GAAG,MAAA,kBAAkB,CAAC,YAAY,mCAAI,IAAI,CAAA;IACtE,CAAC;IAEK,sBAAsB;;YAC1B,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAA;YACrB,IAAI,CAAC,kCAAkC,CAAC,KAAK,EAAE,CAAA;QACjD,CAAC;KAAA;IAEK,6CAA6C,CACjD,MAAgB;;YAEhB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAEL,EAAE,CAAA;gBACN,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;oBAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;oBACtC,IAAI,MAAM,EAAE,CAAC;wBACX,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;wBACjD,IAAI,CAAC,SAAS;4BAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,mCAAmC,CAAC,CAAA;wBAC1F,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;4BACxB,GAAG,CAAC,IAAI,CAAC,GAAG;gCACV,YAAY,EAAE,SAAS,CAAC,YAAY;gCACpC,WAAW,EAAE,SAAS,CAAC,SAAS,CAAC,WAAW;gCAC5C,mBAAmB,EAAE,SAAS,CAAC,SAAS,CAAC,mBAAmB;6BAC7D,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,GAAa,EACb,mBAA4B;;;YAQ5B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,MAAM,GAAG,GAML,EAAE,CAAA;gBACN,MAAM,QAAQ,GAAa,EAAE,CAAA;gBAC7B,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;oBACrB,MAAM,MAAM,GAAuD,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;oBAC9F,IAAI,MAAM,EAAE,CAAC;wBACX,GAAG,CAAC,EAAE,CAAC,GAAG;4BACR,WAAW,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,WAAW;4BAC1C,mBAAmB,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,mBAAmB;4BAC1D,YAAY,EAAE,MAAM,CAAC,YAAY;yBAClC,CAAA;oBACH,CAAC;yBAAM,IAAI,mBAAmB,EAAE,CAAC;wBAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;oBACnB,CAAC;gBACH,CAAC;gBACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAA;oBAChE,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;wBAC7B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;wBAC9C,IAAI,SAAS,EAAE,CAAC;4BACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;4BACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;wBAC5D,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;wBACrD,CAAC;wBACD,GAAG,CAAC,IAAI,CAAC,EAAG,CAAC,GAAG;4BACd,WAAW,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,WAAW;4BACnC,mBAAmB,EAAE,SAAS,aAAT,SAAS,uBAAT,SAAS,CAAE,mBAAmB;4BACnD,YAAY,EAAE,IAAI;yBACnB,CAAA;oBACH,CAAC;gBACH,CAAC;gBACD,OAAO,GAAG,CAAA;YACZ,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAEK,2BAA2B,CAC/B,UAAkB,EAClB,OAGC;;;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAA;YAC/C,IAAI,CAAC;gBACH,IAAI,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACxE,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAA;oBAC9C,UAAU,GAAG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACtE,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;oBAClD,IAAI,CAAC,MAAM;wBAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,UAAU,4BAA4B,CAAC,CAAA;oBACnG,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;wBACrB,OAAO;4BACL,YAAY,EAAE,MAAM,CAAC,YAAY;4BACjC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW;4BACzC,mBAAmB,EAAE,MAAM,CAAC,SAAS,CAAC,mBAAmB;4BACzD,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,kBAAkB;yBACxD,CAAA;oBACH,CAAC;;wBAAM,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAA;gBACpF,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE;wBAC3D,mBAAmB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,+BAA+B,mCAAI,KAAK;wBACtE,oBAAoB,EAAE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gCAAgC,mCAAI,KAAK;qBACzE,CAAC,CAAA;oBACF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;oBACrG,MAAM,IAAI,GAAG;wBACX,YAAY,EAAE,OAAO,CAAC,YAAY;wBAClC,SAAS,EAAE;4BACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;4BAChD,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;4BAC9C,QAAQ,EAAE,IAAI;yBACf;wBACD,MAAM;qBACP,CAAA;oBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;oBACrB,OAAO;wBACL,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;wBACvC,mBAAmB,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB;wBACvD,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,kBAAkB;qBACtD,CAAA;gBACH,CAAC;YACH,CAAC;oBAAS,CAAC;gBACT,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;KAAA;IAED,iJAAiJ;IACjJ,uEAAuE;IACzD,uBAAuB,CAAC,UAAkB;;YACtD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,sCAAsC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,UAAU,CAAC,CAAA;YAC1I,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBAClC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;gBAC9C,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;oBACvG,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAA;gBAC5D,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,UAAU,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAA;gBACrD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAEO,UAAU,CAAC,IAA+C;;QAChE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACrD,IAAI,CAAC,aAAa,EAAE,CAAA;QACtB,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAC,CAAA;QAC7E,IAAI,CAAA,MAAA,IAAI,CAAC,SAAS,0CAAE,QAAQ,KAAI,CAAC,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzG,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,EAAG,CAAC,CAAA;QAChG,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,EAAG,EAAE,IAAI,CAAC,CAAA;IAChD,CAAC;IAEO,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAA;QACtD,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAA;QAC5D,IAAI,IAAI,CAAC,kCAAkC,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;YAC3G,IAAI,CAAC,kCAAkC,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;IAED,yBAAyB;QACvB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED,oBAAoB;QAClB,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAEe,yBAAyB,CACvC,mBAMG;;YAEH,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAA;gBACrG,MAAM,IAAI,GAAG;oBACX,YAAY,EAAE,OAAO,CAAC,YAAY;oBAClC,SAAS,EAAE;wBACT,mBAAmB,EAAE,OAAO,CAAC,mBAAmB;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW;wBAChC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;wBAC9C,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B;oBACD,MAAM;iBACP,CAAA;gBACD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;YACvB,CAAC;QACH,CAAC;KAAA;CACF","sourcesContent":["import { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { BaseExchangeDataManager } from './BaseExchangeDataManager'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { fingerprintV1, getShaVersionForKey, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EntityWithDelegationTypeName, hex2ua, ua2ab } from '../utils'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { ShaVersion } from './RSA'\nimport { Mutex } from 'async-mutex'\nimport { SimpleLruCache } from '../utils/simple-lru-cache'\n\nexport type ExchangeDataManagerOptionalParameters = {\n // Only for not fully cached implementation (data owner can't request all his exchange data), amount of exchange data which can be cached\n lruCacheSize?: number // default = 2000\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice.\n * Initialises and returns the exchange data manager which is most appropriate for the current data owner.\n */\nexport async function initialiseExchangeDataManagerForCurrentDataOwner(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: ExchangeDataManagerOptionalParameters = {}\n): Promise<ExchangeDataManager> {\n const currentOwner = CryptoActorStubWithType.fromDataOwner(await dataOwnerApi.getCurrentDataOwner())\n if (cryptoStrategies.dataOwnerRequiresAnonymousDelegation(currentOwner)) {\n const res = new FullyCachedExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys\n )\n await res.clearOrRepopulateCache()\n return res\n } else {\n return new LimitedLruCacheExchangeDataManager(\n base,\n encryptionKeys,\n accessControlSecret,\n cryptoStrategies,\n dataOwnerApi,\n primitives,\n useParentKeys,\n optionalParameters\n )\n }\n}\n\ntype CachedExchangeData = {\n exchangeData: ExchangeData\n decrypted?: {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n}\n\n/**\n * @internal this class is intended for internal use only and may be changed without notice.\n * Exchange data manager which automatically handles decryption and cache\n */\nexport interface ExchangeDataManager {\n readonly base: BaseExchangeDataManager\n\n /**\n * Updates all exchange data between the current data owner and another data owner to allow the other data owner to access existing exchange data\n * using a new public key. Note that this will make existing exchange keys from the other data owner to the current data owner unverified, therefore\n * invalid for encryption.\n * @param otherDataOwner the other data owner.\n * @param newDataOwnerPublicKey a new public key of the other data owner.\n */\n giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string): Promise<void>\n\n /**\n * Gets any existing and verified exchange data from the current data owner to the provided delegate or creates new data if no verified data is\n * available, then caches it.\n * @param delegateId the id of the delegate.\n * @param options\n * - allowCreationWithoutDelegatorKey if true, when creating new exchange data, even if no verified key is available for the delegator the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * - allowCreationWithoutDelegateKey if true, when creating new exchange data, even if no verified key is available for the delegate the method\n * will create the new exchange data anyway (will not be usable by the delegate without additional steps).\n * @return the access control secret and key of the data to use for encryption.\n */\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }>\n\n /**\n * Retrieve the cached decrypted exchange data key associated with any of the provided hashes/entry keys of secure delegations.\n * @param hashes hashes of access control secrets for a specific entity, as they appear in the key of secure delegation entries\n * @return the exchange data and decrypted key associated to that hash if cached\n */\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey } }>\n\n /**\n * Retrieves the exchange data with the provided id (from the cache if available or from the server otherwise if allowed by\n * and attempts to decrypt it, then caches the result.\n * @param ids ids of the exchange datas to retrieve\n * @param retrieveIfNotCached if false only cached data will be returned, and the access control hases options will be\n * ignored\n * @return a map containing the exchange data id associated with:\n * - exchangeData: the exchange data with the provided id\n * - exchangeKey: the exchange key corresponding to the provided exchange data if it could be decrypted, else undefined\n * - accessControlSecret: the access control secret corresponding to the provided exchange data if it could be decrypted, else undefined\n */\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{ [id: string]: { exchangeKey: CryptoKey | undefined; accessControlSecret: string | undefined; exchangeData: ExchangeData } }>\n\n /**\n * Clears the cache or fully repopulates the cache if the current data owner can retrieve all of his exchange data according to the crypto\n * strategies.\n */\n clearOrRepopulateCache(): Promise<void>\n\n /**\n * If the current data owner requires anonymous delegations this returns the base64 representation of the concatenation of all available access\n * control keys for the current data owner.\n */\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined>\n\n /**\n * If the current data owner requires anonymous delegations this returns the access control keys which may be used in secure delegations for the\n * data owner, which can be used to search for data.\n */\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined>\n\n /**\n * Injects already decrypted exchange data, allowing it to be used by the sdk.\n * @param exchangeDataDetails the exchange data to inject, with the decrypted content and verified status.\n * Note that the SDK won't verify that the provided decrypted content actually matches what is stored in the exchange\n * data.\n * @param reEncryptWithOwnKeys if true all the provided exchange data that is not encrypted with any of the self\n * verified keys of the user will be re-encrypted with them. In case the user is also the delegator and the data is\n * verified the delegator signature will be updated.\n */\n injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void>\n}\n\nabstract class AbstractExchangeDataManager implements ExchangeDataManager {\n constructor(\n readonly base: BaseExchangeDataManager,\n protected readonly encryptionKeys: UserEncryptionKeysManager,\n protected readonly accessControlSecret: AccessControlSecretUtils,\n protected readonly cryptoStrategies: CryptoStrategies,\n protected readonly dataOwnerApi: IccDataOwnerXApi,\n protected readonly primitives: CryptoPrimitives,\n private readonly useParentKeys: boolean\n ) {}\n\n protected async decryptData(data: ExchangeData): Promise<\n | {\n accessControlSecret: string\n exchangeKey: CryptoKey\n verified: boolean\n sharedSignatureKey: CryptoKey\n }\n | undefined\n > {\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const encryptionKeys = Object.fromEntries(\n this.encryptionKeys.getSelfVerifiedKeys().map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])\n )\n const decryptedExchangeKey = (await this.base.tryDecryptExchangeKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedExchangeKey) return undefined\n const decryptedAccessControlSecret = (await this.base.tryDecryptAccessControlSecret([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedAccessControlSecret)\n throw new Error(`Decryption key could be decrypted but access control secret could not for data ${JSON.stringify(data)}`)\n const decryptedSharedSignatureKey = (await this.base.tryDecryptSharedSignatureKeys([data], decryptionKeys)).successfulDecryptions[0]\n if (!decryptedSharedSignatureKey)\n throw new Error(`Decryption key could be decrypted but shared signature key could not for data ${JSON.stringify(data)}`)\n return {\n accessControlSecret: decryptedAccessControlSecret,\n exchangeKey: decryptedExchangeKey,\n sharedSignatureKey: decryptedSharedSignatureKey,\n verified: await this.base.verifyExchangeData(\n {\n exchangeData: data,\n decryptedAccessControlSecret,\n decryptedExchangeKey,\n decryptedSharedSignatureKey,\n },\n encryptionKeys,\n true\n ),\n }\n }\n\n protected async createNewExchangeData(\n delegateId: string,\n options: {\n newDataId?: string\n allowNoDelegatorKeys?: boolean\n allowNoDelegateKeys?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n if (options.allowNoDelegateKeys && options.allowNoDelegatorKeys)\n throw new Error('Illegal arguments: allow no delegator and no delegate keys should never both be true')\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0 && !options.allowNoDelegatorKeys)\n throw new Error('If the sdk is initialized in keyless mode you must create exchange data explicitly')\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n if (delegateId != (await this.dataOwnerApi.getCurrentDataOwnerId())) {\n const delegate = await this.dataOwnerApi.getCryptoActorStub(delegateId)\n const sha256KeysOfDelegate = hexPublicKeysWithSha256Of(delegate.stub)\n const sha1KeysOfDelegate = hexPublicKeysWithSha1Of(delegate.stub)\n let allVerifiedDelegateKeys: string[]\n if (!sha256KeysOfDelegate.size && !sha1KeysOfDelegate.size) {\n if (!options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate was found.`)\n allVerifiedDelegateKeys = []\n } else if (this.useParentKeys && (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds()).includes(delegateId)) {\n allVerifiedDelegateKeys = await this.encryptionKeys.getVerifiedPublicKeysFor(delegate.stub)\n } else {\n allVerifiedDelegateKeys = await this.cryptoStrategies.verifyDelegatePublicKeys(\n delegate,\n [...Array.from(sha256KeysOfDelegate), ...Array.from(sha1KeysOfDelegate)],\n this.primitives\n )\n }\n if (!allVerifiedDelegateKeys.length && !options.allowNoDelegateKeys)\n throw new Error(`Could not create exchange data to ${delegateId} as no public key for the delegate could be verified.`)\n for (const delegateKey of allVerifiedDelegateKeys) {\n if (sha1KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey(\n 'spki',\n ua2ab(hex2ua(delegateKey)),\n ['encrypt'],\n ShaVersion.Sha1\n )\n } else if (sha256KeysOfDelegate.has(delegateKey)) {\n encryptionKeys[fingerprintV1(delegateKey)] = await this.primitives.RSA.importKey(\n 'spki',\n ua2ab(hex2ua(delegateKey)),\n ['encrypt'],\n ShaVersion.Sha256\n )\n } else throw new Error('Illegal state: verified keys should contain only keys for OAPE-SHA1 or OAPE-SHA256.')\n }\n }\n const newData = await this.base.createExchangeData(\n delegateId,\n Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey])),\n encryptionKeys,\n options.newDataId ? { id: options.newDataId } : {}\n )\n return {\n exchangeData: newData.exchangeData,\n accessControlSecret: newData.accessControlSecret,\n exchangeKey: newData.exchangeKey,\n sharedSignatureKey: newData.sharedSignatureKey,\n }\n }\n\n async giveAccessBackTo(otherDataOwner: string, newDataOwnerPublicKey: string) {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const newKeyFp = fingerprintV1(newDataOwnerPublicKey)\n const other = await this.dataOwnerApi.getCryptoActorStub(otherDataOwner)\n const newKeyHashVersion = getShaVersionForKey(other.stub, newDataOwnerPublicKey)\n if (!newKeyHashVersion) throw new Error(`Public key not found for data owner ${otherDataOwner}`)\n const importedNewKey = await this.primitives.RSA.importKey('spki', ua2ab(hex2ua(newDataOwnerPublicKey)), ['encrypt'], newKeyHashVersion)\n const decryptionKeys = this.encryptionKeys.getDecryptionKeys()\n const allExchangeDataToUpdate =\n self == otherDataOwner\n ? await this.base.getExchangeDataByDelegatorDelegatePair(self, self)\n : [\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(self, otherDataOwner)),\n ...(await this.base.getExchangeDataByDelegatorDelegatePair(otherDataOwner, self)),\n ]\n for (const dataToUpdate of allExchangeDataToUpdate) {\n if (!Object.keys(dataToUpdate.exchangeKey).find((fp) => fp == newKeyFp)) {\n const updated = await this.base.tryUpdateExchangeData(dataToUpdate, decryptionKeys, { [newKeyFp]: importedNewKey })\n if (!updated) {\n console.warn(`Failed to give access back to exchanged data ${JSON.stringify(dataToUpdate)}`)\n }\n }\n }\n }\n\n clearOrRepopulateCache(): Promise<void> {\n throw new Error('Implemented by concrete class')\n }\n\n getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n throw new Error('Implemented by concrete class')\n }\n\n getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n throw new Error('Implemented by concrete class')\n }\n\n getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n throw new Error('Implemented by concrete class')\n }\n\n getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n throw new Error('Implemented by concrete class')\n }\n\n async injectDecryptedExchangeData(\n exchangeDataDetails: {\n exchangeDataId: string\n accessControlSecret: ArrayBuffer\n exchangeKey: ArrayBuffer\n sharedSignatureKey: ArrayBuffer\n verified: boolean\n }[],\n reEncryptWithOwnKeys: boolean\n ): Promise<void> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const retrievedExchangeData = await this.base.getExchangeDataByIds(exchangeDataDetails.map((x) => x.exchangeDataId))\n if (retrievedExchangeData.some((x) => x.delegator != self && x.delegate != self))\n throw new Error('Should only inject exchange date from/to the current user')\n const exchangeDataById: { [id: string]: ExchangeData } = {}\n retrievedExchangeData.forEach((x) => (exchangeDataById[x.id!] = x))\n if (reEncryptWithOwnKeys) {\n const selfVerifiedKeys = this.encryptionKeys.getSelfVerifiedKeys()\n if (selfVerifiedKeys.length <= 0) throw new Error(\"Can't re-encrypt injected exchange data with own keys if in keyless mode\")\n const encryptionKeys: { [fp: string]: CryptoKey } = {}\n selfVerifiedKeys.forEach(({ fingerprint, pair }) => {\n encryptionKeys[fingerprint] = pair.publicKey\n })\n const signatureKeys = Object.fromEntries(selfVerifiedKeys.map((x): [string, CryptoKey] => [x.fingerprint, x.pair.privateKey]))\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != null)\n await this.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData,\n newEncryptionKeys: encryptionKeys,\n newDelegatorSignatureKeys: exchangeData.delegator == self && details.verified ? signatureKeys : {},\n rawExchangeKey: details.exchangeKey,\n rawAccessControlSecret: details.accessControlSecret,\n rawSharedSignatureKey: details.sharedSignatureKey,\n })\n }\n }\n const importedDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[] = []\n for (const details of exchangeDataDetails) {\n const exchangeData = exchangeDataById[details.exchangeDataId]\n if (exchangeData != undefined)\n importedDetails.push({\n exchangeData: exchangeData,\n accessControlSecret: await this.base.importAccessControlSecret(details.accessControlSecret),\n exchangeKey: await this.base.importExchangeKey(details.exchangeKey),\n sharedSignatureKey: await this.base.importSharedSignatureKey(details.sharedSignatureKey),\n verified: details.verified,\n })\n }\n await this.cacheInjectedExchangeData(importedDetails)\n }\n\n protected abstract cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void>\n}\n\nclass FullyCachedExchangeDataManager extends AbstractExchangeDataManager {\n private caches: Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> = Promise.resolve({ dataById: {}, hashToId: {}, delegateToVerifiedEncryptionDataId: {}, entityTypeToAccessControlKeysValue: {} })\n private createExchangeDataMutex = new Mutex()\n\n async clearOrRepopulateCache(): Promise<void> {\n this.caches = this.doRepopulateCache()\n await this.caches\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n function retrieveByHashesFromCaches(caches: {\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n }): { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } } {\n return hashes.reduce((res, hash) => {\n const id = caches.hashToId[hash]\n if (id) {\n const cached = caches.dataById[id]\n if (cached?.decrypted) {\n res[hash] = {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n }\n }\n }\n return res\n }, {} as { [hash: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } })\n }\n\n return retrieveByHashesFromCaches(await this.caches)\n }\n\n private async getCachedEncryptionDataTo(\n delegateId: string\n ): Promise<{ exchangeKey: CryptoKey; accessControlSecret: string; exchangeData: ExchangeData; sharedSignatureKey: CryptoKey } | undefined> {\n const caches = await this.caches\n const dataId = caches.delegateToVerifiedEncryptionDataId[delegateId]\n const cached = dataId ? caches.dataById[dataId] : undefined\n if (cached && cached?.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n accessControlSecret: cached.decrypted.accessControlSecret,\n exchangeKey: cached.decrypted.exchangeKey,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else {\n return undefined\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const initialCached = await this.getCachedEncryptionDataTo(delegateId)\n if (initialCached) return initialCached\n const release = await this.createExchangeDataMutex.acquire()\n try {\n const cachedAfterMutex = await this.getCachedEncryptionDataTo(delegateId)\n if (cachedAfterMutex) return cachedAfterMutex\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n this.cacheData(created.exchangeData, true, {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n })\n return created\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const caches = await this.caches\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n for (const id of ids) {\n const data = caches.dataById[id]\n if (data) {\n res[id] = {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted?.exchangeKey,\n accessControlSecret: data.decrypted?.accessControlSecret,\n }\n }\n }\n return res\n }\n\n private cacheData(\n exchangeData: ExchangeData,\n isNewData: boolean,\n decrypted: { accessControlSecret: string; exchangeKey: CryptoKey; verified: boolean; sharedSignatureKey: CryptoKey } | undefined\n ): void {\n this.caches = this.caches.then(async (caches) => {\n caches.dataById[exchangeData.id!] = { exchangeData, decrypted }\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n hashes.forEach((hash) => {\n caches.hashToId[hash] = exchangeData.id!\n })\n if (decrypted.verified) {\n caches.delegateToVerifiedEncryptionDataId[exchangeData.delegate] = exchangeData.id!\n }\n }\n if (isNewData) caches.entityTypeToAccessControlKeysValue = {}\n return caches\n })\n }\n\n private async doRepopulateCache(): Promise<{\n dataById: { [id: string]: CachedExchangeData }\n hashToId: { [hash: string]: string }\n delegateToVerifiedEncryptionDataId: { [delegate: string]: string }\n entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string }\n }> {\n const allData = await this.base.getAllExchangeDataForCurrentDataOwnerIfAllowed()\n if (!allData) throw new Error('Impossible to use fully cached exchange data manager for current data owner.')\n const dataById: { [id: string]: CachedExchangeData } = {}\n const hashToId: { [hash: string]: string } = {}\n const delegateToVerifiedEncryptionDataId: { [delegate: string]: string } = {}\n for (const currData of allData) {\n const currDecrypted = await this.decryptData(currData)\n dataById[currData.id!] = { exchangeData: currData, decrypted: currDecrypted }\n if (currDecrypted?.verified) {\n delegateToVerifiedEncryptionDataId[currData.delegate] = currData.id!\n }\n if (currDecrypted?.accessControlSecret) {\n for (const h of await this.accessControlSecret.allSecureDelegationKeysFor(currDecrypted!.accessControlSecret)) {\n hashToId[h] = currData.id!\n }\n }\n }\n const entityTypeToAccessControlKeysValue: { [entityType in EntityWithDelegationTypeName]?: string } = {}\n return { dataById, hashToId, delegateToVerifiedEncryptionDataId, entityTypeToAccessControlKeysValue }\n }\n\n async getAccessControlKeysValue(entityType: EntityWithDelegationTypeName): Promise<string | undefined> {\n const caches = await this.caches\n const cached = caches.entityTypeToAccessControlKeysValue[entityType]\n if (cached) return cached\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const fullData = await this.accessControlSecret.getEncodedAccessControlKeys(accessControlSecrets, entityType)\n caches.entityTypeToAccessControlKeysValue[entityType] = fullData\n return fullData\n }\n\n async getAllDelegationKeys(entityType: EntityWithDelegationTypeName): Promise<string[] | undefined> {\n const caches = await this.caches\n const accessControlSecrets = Object.values(caches.dataById).flatMap((x) => (x.decrypted ? [x.decrypted.accessControlSecret] : []))\n const res: string[] = []\n for (const accessControlSecret of accessControlSecrets) {\n // Usage of sfks in secure delegation key should be configurable: it is not necessary for all users and it has some performance impact\n res.push(await this.accessControlSecret.secureDelegationKeyFor(accessControlSecret, entityType))\n }\n return res\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n this.cacheData(details.exchangeData, true, {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n })\n }\n }\n}\n\nclass LimitedLruCacheExchangeDataManager extends AbstractExchangeDataManager {\n private readonly idToData: SimpleLruCache<string, CachedExchangeData & { hashes: string[] }> = new SimpleLruCache()\n private readonly hashToId: Map<string, string> = new Map()\n private readonly delegateToVerifiedEncryptionDataId: Map<string, string> = new Map()\n private readonly maxCachedExchangeData: number\n private readonly cacheMutex = new Mutex()\n\n constructor(\n base: BaseExchangeDataManager,\n encryptionKeys: UserEncryptionKeysManager,\n accessControlSecret: AccessControlSecretUtils,\n cryptoStrategies: CryptoStrategies,\n dataOwnerApi: IccDataOwnerXApi,\n primitives: CryptoPrimitives,\n useParentKeys: boolean,\n optionalParameters: {\n lruCacheSize?: number\n }\n ) {\n super(base, encryptionKeys, accessControlSecret, cryptoStrategies, dataOwnerApi, primitives, useParentKeys)\n this.maxCachedExchangeData = optionalParameters.lruCacheSize ?? 2000\n }\n\n async clearOrRepopulateCache(): Promise<void> {\n this.idToData.clear()\n this.hashToId.clear()\n this.delegateToVerifiedEncryptionDataId.clear()\n }\n\n async getCachedDecryptionDataKeyByAccessControlHash(\n hashes: string[]\n ): Promise<{ [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string } }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: { exchangeData: ExchangeData; exchangeKey: CryptoKey; accessControlSecret: string }\n } = {}\n for (const hash of hashes) {\n const dataId = this.hashToId.get(hash)\n if (dataId) {\n const retrieved = this.idToData.getCached(dataId)\n if (!retrieved) throw new Error(`Data with id ${dataId} should have been already cached.`)\n if (retrieved.decrypted) {\n res[hash] = {\n exchangeData: retrieved.exchangeData,\n exchangeKey: retrieved.decrypted.exchangeKey,\n accessControlSecret: retrieved.decrypted.accessControlSecret,\n }\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getDecryptionDataKeyByIds(\n ids: string[],\n retrieveIfNotCached: boolean\n ): Promise<{\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n }> {\n const release = await this.cacheMutex.acquire()\n try {\n const res: {\n [p: string]: {\n exchangeKey: CryptoKey | undefined\n accessControlSecret: string | undefined\n exchangeData: ExchangeData\n }\n } = {}\n const uncached: string[] = []\n for (const id of ids) {\n const cached: (CachedExchangeData & { hashes: string[] }) | null = this.idToData.getCached(id)\n if (cached) {\n res[id] = {\n exchangeKey: cached.decrypted?.exchangeKey,\n accessControlSecret: cached.decrypted?.accessControlSecret,\n exchangeData: cached.exchangeData,\n }\n } else if (retrieveIfNotCached) {\n uncached.push(id)\n }\n }\n if (uncached.length > 0) {\n const retrieved = await this.base.getExchangeDataByIds(uncached)\n for (const data of retrieved) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n res[data.id!] = {\n exchangeKey: decrypted?.exchangeKey,\n accessControlSecret: decrypted?.accessControlSecret,\n exchangeData: data,\n }\n }\n }\n return res\n } finally {\n release()\n }\n }\n\n async getOrCreateEncryptionDataTo(\n delegateId: string,\n options?: {\n allowCreationWithoutDelegatorKey?: boolean\n allowCreationWithoutDelegateKey?: boolean\n }\n ): Promise<{ exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey; sharedSignatureKey: CryptoKey }> {\n const release = await this.cacheMutex.acquire()\n try {\n let existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n if (!existingId) {\n await this.populateCacheToDelegate(delegateId)\n existingId = this.delegateToVerifiedEncryptionDataId.get(delegateId)\n }\n if (existingId) {\n const cached = this.idToData.getCached(existingId)\n if (!cached) throw new Error(`Illegal state: data with id ${existingId} should have been in cache`)\n if (cached.decrypted) {\n return {\n exchangeData: cached.exchangeData,\n exchangeKey: cached.decrypted.exchangeKey,\n accessControlSecret: cached.decrypted.accessControlSecret,\n sharedSignatureKey: cached.decrypted.sharedSignatureKey,\n }\n } else throw new Error(`Illegal state: cached verified data should be decrypted.`)\n } else {\n const created = await this.createNewExchangeData(delegateId, {\n allowNoDelegateKeys: options?.allowCreationWithoutDelegateKey ?? false,\n allowNoDelegatorKeys: options?.allowCreationWithoutDelegatorKey ?? false,\n })\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(created.accessControlSecret)\n const data = {\n exchangeData: created.exchangeData,\n decrypted: {\n accessControlSecret: created.accessControlSecret,\n exchangeKey: created.exchangeKey,\n sharedSignatureKey: created.sharedSignatureKey,\n verified: true,\n },\n hashes,\n }\n this.addToCache(data)\n return {\n exchangeData: data.exchangeData,\n exchangeKey: data.decrypted.exchangeKey,\n accessControlSecret: data.decrypted.accessControlSecret,\n sharedSignatureKey: data.decrypted.sharedSignatureKey,\n }\n }\n } finally {\n release()\n }\n }\n\n // Loads and adds to the cache all exchange data from the current data owner to the given delegate. Allows to check if there is already data from\n // the current data owner to the delegate which is good for encryption.\n private async populateCacheToDelegate(delegateId: string): Promise<void> {\n const dataToDelegate = await this.base.getExchangeDataByDelegatorDelegatePair(await this.dataOwnerApi.getCurrentDataOwnerId(), delegateId)\n for (const data of dataToDelegate) {\n const decrypted = await this.decryptData(data)\n if (decrypted) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(decrypted.accessControlSecret)\n this.addToCache({ exchangeData: data, hashes, decrypted })\n } else {\n this.addToCache({ exchangeData: data, hashes: [] })\n }\n }\n }\n\n private addToCache(data: CachedExchangeData & { hashes: string[] }) {\n if (this.idToData.size >= this.maxCachedExchangeData) {\n this.evictOneEntry()\n }\n data.hashes.forEach((hash) => this.hashToId.set(hash, data.exchangeData.id!))\n if (data.decrypted?.verified && !this.delegateToVerifiedEncryptionDataId.has(data.exchangeData.delegate)) {\n this.delegateToVerifiedEncryptionDataId.set(data.exchangeData.delegate, data.exchangeData.id!)\n }\n this.idToData.set(data.exchangeData.id!, data)\n }\n\n private evictOneEntry() {\n const evicted = this.idToData.evictLeastRecentlyUsed()\n evicted.hashes.forEach((hash) => this.hashToId.delete(hash))\n if (this.delegateToVerifiedEncryptionDataId.get(evicted.exchangeData.delegate) === evicted.exchangeData.id) {\n this.delegateToVerifiedEncryptionDataId.delete(evicted.exchangeData.delegate)\n }\n }\n\n getAccessControlKeysValue(): Promise<string | undefined> {\n return Promise.resolve(undefined)\n }\n\n getAllDelegationKeys(): Promise<string[] | undefined> {\n return Promise.resolve(undefined)\n }\n\n protected async cacheInjectedExchangeData(\n exchangeDataDetails: {\n exchangeData: ExchangeData\n accessControlSecret: string\n exchangeKey: CryptoKey\n sharedSignatureKey: CryptoKey\n verified: boolean\n }[]\n ): Promise<void> {\n for (const details of exchangeDataDetails) {\n const hashes = await this.accessControlSecret.allSecureDelegationKeysFor(details.accessControlSecret)\n const data = {\n exchangeData: details.exchangeData,\n decrypted: {\n accessControlSecret: details.accessControlSecret,\n exchangeKey: details.exchangeKey,\n sharedSignatureKey: details.sharedSignatureKey,\n verified: details.verified,\n },\n hashes,\n }\n this.addToCache(data)\n }\n }\n}\n"]}
@@ -337,7 +337,7 @@ class ExtendedApisUtilsImpl {
337
337
  return { data: result.success, wasDecrypted: true };
338
338
  }
339
339
  else {
340
- return { data: content, wasDecrypted: false };
340
+ return { data: (0, utils_1.ua2ab)(content), wasDecrypted: false };
341
341
  }
342
342
  });
343
343
  }