@icure/api 8.6.3 → 8.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (93) hide show
  1. package/icc-api/model/CryptoActorStub.d.ts +2 -0
  2. package/icc-api/model/CryptoActorStub.js.map +1 -1
  3. package/icc-api/model/Device.d.ts +1 -0
  4. package/icc-api/model/Device.js.map +1 -1
  5. package/icc-api/model/HealthcareParty.d.ts +1 -0
  6. package/icc-api/model/HealthcareParty.js.map +1 -1
  7. package/icc-api/model/ModelHelper.d.ts +1 -1
  8. package/icc-api/model/ModelHelper.js +15 -2
  9. package/icc-api/model/ModelHelper.js.map +1 -1
  10. package/icc-api/model/Patient.d.ts +1 -0
  11. package/icc-api/model/Patient.js.map +1 -1
  12. package/icc-api/model/User.d.ts +1 -0
  13. package/icc-api/model/User.js.map +1 -1
  14. package/icc-x-api/crypto/AES.js +1 -1
  15. package/icc-x-api/crypto/AES.js.map +1 -1
  16. package/icc-x-api/crypto/BaseExchangeDataManager.js +14 -14
  17. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  18. package/icc-x-api/crypto/BaseExchangeKeysManager.js +1 -1
  19. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  20. package/icc-x-api/crypto/CryptoPrimitives.js +3 -2
  21. package/icc-x-api/crypto/CryptoPrimitives.js.map +1 -1
  22. package/icc-x-api/crypto/CryptoStrategies.d.ts +2 -1
  23. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  24. package/icc-x-api/crypto/ExchangeDataManager.js +3 -3
  25. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  26. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +1 -1
  27. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
  28. package/icc-x-api/crypto/KeyRecovery.js +3 -3
  29. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  30. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js +13 -13
  31. package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js.map +1 -1
  32. package/icc-x-api/crypto/RSA.js +2 -2
  33. package/icc-x-api/crypto/RSA.js.map +1 -1
  34. package/icc-x-api/crypto/RecoveryDataEncryption.js +5 -5
  35. package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
  36. package/icc-x-api/crypto/SecureDelegationsManager.js +1 -1
  37. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  38. package/icc-x-api/crypto/ShamirKeysManager.js +1 -1
  39. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  40. package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -2
  41. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
  42. package/icc-x-api/crypto/utils.js +1 -1
  43. package/icc-x-api/crypto/utils.js.map +1 -1
  44. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.d.ts +24 -0
  45. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.js +24 -0
  46. package/icc-x-api/filters/HealthElementByHcPartyCodeFilter.js.map +1 -0
  47. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.d.ts +22 -0
  48. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.js +24 -0
  49. package/icc-x-api/filters/HealthElementByHcPartyIdentifiersVersioningFilter.js.map +1 -0
  50. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.d.ts +21 -0
  51. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.js +24 -0
  52. package/icc-x-api/filters/HealthElementByHcPartyStatusVersioningFilter.js.map +1 -0
  53. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.d.ts +24 -0
  54. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.js +24 -0
  55. package/icc-x-api/filters/HealthElementByHcPartyTagFilter.js.map +1 -0
  56. package/icc-x-api/filters/VersionFiltering.d.ts +14 -0
  57. package/icc-x-api/filters/VersionFiltering.js +19 -0
  58. package/icc-x-api/filters/VersionFiltering.js.map +1 -0
  59. package/icc-x-api/filters/filters.d.ts +8 -4
  60. package/icc-x-api/filters/filters.js +4 -0
  61. package/icc-x-api/filters/filters.js.map +1 -1
  62. package/icc-x-api/icc-receipt-x-api.js +1 -1
  63. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  64. package/icc-x-api/utils/binary-utils.js +1 -1
  65. package/icc-x-api/utils/binary-utils.js.map +1 -1
  66. package/package.json +1 -1
  67. package/test/icc-api/api/IccAnonymousAccessApi.js +1 -1
  68. package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -1
  69. package/test/icc-api/api/IccDocumentApi.js +13 -12
  70. package/test/icc-api/api/IccDocumentApi.js.map +1 -1
  71. package/test/icc-x-api/crud/comprehensive-crud-test.js +2 -2
  72. package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -1
  73. package/test/icc-x-api/crypto/crypto-utils.js +1 -1
  74. package/test/icc-x-api/crypto/crypto-utils.js.map +1 -1
  75. package/test/icc-x-api/crypto/soft-deleted-data-owners.js +1 -1
  76. package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +1 -1
  77. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +1 -1
  78. package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -1
  79. package/test/icc-x-api/filters/healthelement.d.ts +1 -0
  80. package/test/icc-x-api/filters/healthelement.js +333 -0
  81. package/test/icc-x-api/filters/healthelement.js.map +1 -0
  82. package/test/icc-x-api/test-legacy-data-support.js +4 -4
  83. package/test/icc-x-api/test-legacy-data-support.js.map +1 -1
  84. package/test/support/CSM-729.d.ts +1 -0
  85. package/test/support/CSM-729.js +225 -0
  86. package/test/support/CSM-729.js.map +1 -0
  87. package/test/utils/TestCryptoStrategies.js +1 -1
  88. package/test/utils/TestCryptoStrategies.js.map +1 -1
  89. package/test/utils/roles.d.ts +1 -0
  90. package/test/utils/roles.js +1 -0
  91. package/test/utils/roles.js.map +1 -1
  92. package/test/utils/test_utils.js +2 -2
  93. package/test/utils/test_utils.js.map +1 -1
@@ -32,7 +32,7 @@ class NativeCryptoPrimitivesBridge {
32
32
  }
33
33
  sha256(data) {
34
34
  return __awaiter(this, void 0, void 0, function* () {
35
- return yield this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data);
35
+ return (0, utils_1.ua2ab)(yield this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data));
36
36
  });
37
37
  }
38
38
  sha512(data) {
@@ -60,7 +60,7 @@ class NativeAesBridge {
60
60
  }
61
61
  decrypt(cryptoKey, encryptedData) {
62
62
  return __awaiter(this, void 0, void 0, function* () {
63
- return yield this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey));
63
+ return (0, utils_1.ua2ab)(yield this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey)));
64
64
  });
65
65
  }
66
66
  decryptSome(cryptoKeys, uint8Array) {
@@ -84,7 +84,7 @@ class NativeAesBridge {
84
84
  }
85
85
  encrypt(cryptoKey, plainData) {
86
86
  return __awaiter(this, void 0, void 0, function* () {
87
- return yield this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null);
87
+ return (0, utils_1.ua2ab)(yield this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null));
88
88
  });
89
89
  }
90
90
  encryptWithRawKey(rawKey, plainData) {
@@ -97,7 +97,7 @@ class NativeAesBridge {
97
97
  return __awaiter(this, void 0, void 0, function* () {
98
98
  const rawKey = yield this.aes.exportRawKey(getKryptomKey(cryptoKey));
99
99
  if (format == 'raw')
100
- return rawKey;
100
+ return (0, utils_1.ua2ab)(rawKey);
101
101
  return {
102
102
  kty: 'oct',
103
103
  alg: rawKey.byteLength == 32 ? 'A256CBC' : 'A128CBC',
@@ -183,7 +183,7 @@ class NativeHmacBridge {
183
183
  }
184
184
  exportKey(key) {
185
185
  return __awaiter(this, void 0, void 0, function* () {
186
- return yield this.hmac.exportRawKey(getKryptomKey(key));
186
+ return (0, utils_1.ua2ab)(yield this.hmac.exportRawKey(getKryptomKey(key)));
187
187
  });
188
188
  }
189
189
  generateKey() {
@@ -200,7 +200,7 @@ class NativeHmacBridge {
200
200
  }
201
201
  sign(key, data) {
202
202
  return __awaiter(this, void 0, void 0, function* () {
203
- return yield this.hmac.sign(new Uint8Array(data), getKryptomKey(key));
203
+ return (0, utils_1.ua2ab)(yield this.hmac.sign(new Uint8Array(data), getKryptomKey(key)));
204
204
  });
205
205
  }
206
206
  verify(key, data, signature) {
@@ -248,12 +248,12 @@ class NativeRsaBridge {
248
248
  }
249
249
  decrypt(privateKey, encryptedData) {
250
250
  return __awaiter(this, void 0, void 0, function* () {
251
- return yield this.rsa.decrypt(encryptedData, getKryptomKey(privateKey));
251
+ return (0, utils_1.ua2ab)(yield this.rsa.decrypt(encryptedData, getKryptomKey(privateKey)));
252
252
  });
253
253
  }
254
254
  encrypt(publicKey, plainData) {
255
255
  return __awaiter(this, void 0, void 0, function* () {
256
- return yield this.rsa.encrypt(plainData, getKryptomKey(publicKey));
256
+ return (0, utils_1.ua2ab)(yield this.rsa.encrypt(plainData, getKryptomKey(publicKey)));
257
257
  });
258
258
  }
259
259
  exportKey(cryptoKey, format) {
@@ -267,10 +267,10 @@ class NativeRsaBridge {
267
267
  }
268
268
  }
269
269
  else if (format === 'spki') {
270
- return yield this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey));
270
+ return (0, utils_1.ua2ab)(yield this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey)));
271
271
  }
272
272
  else if (format === 'pkcs8') {
273
- return yield this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey));
273
+ return (0, utils_1.ua2ab)(yield this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey)));
274
274
  }
275
275
  else
276
276
  throw new Error(`Invalid format ${format}`);
@@ -283,14 +283,14 @@ class NativeRsaBridge {
283
283
  privateKey = yield this.rsa.exportPrivateKeyJwk(getKryptomKey(keyPair.privateKey));
284
284
  }
285
285
  else {
286
- privateKey = yield this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey));
286
+ privateKey = (0, utils_1.ua2ab)(yield this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey)));
287
287
  }
288
288
  let publicKey;
289
289
  if (pubKeyFormat === 'jwk') {
290
290
  publicKey = yield this.rsa.exportPublicKeyJwk(getKryptomKey(keyPair.publicKey));
291
291
  }
292
292
  else {
293
- publicKey = yield this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey));
293
+ publicKey = (0, utils_1.ua2ab)(yield this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey)));
294
294
  }
295
295
  return { privateKey, publicKey };
296
296
  });
@@ -397,7 +397,7 @@ class NativeRsaBridge {
397
397
  }
398
398
  sign(privateKey, data) {
399
399
  return __awaiter(this, void 0, void 0, function* () {
400
- return yield this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey));
400
+ return (0, utils_1.ua2ab)(yield this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey)));
401
401
  });
402
402
  }
403
403
  verifySignature(publicKey, signature, data) {
@@ -1 +1 @@
1
- {"version":3,"file":"NativeCryptoPrimitivesBridge.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/NativeCryptoPrimitivesBridge.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,qCAAsC;AAGtC,oCAA6E;AAE7E;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,iBAAoI;QAC9I,IAAI,CAAC,YAAY,GAAG,iBAAiB,CAAC,YAAY,CAAA;QAClD,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QACxE,IAAI,CAAC,IAAI,GAAG,IAAI,gBAAgB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACvD,CAAC;IASD,WAAW,CAAC,CAAS;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAA;IACzC,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAA;IACvC,CAAC;IAEK,MAAM,CAAC,IAA8B;;YACzC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QAC5F,CAAC;KAAA;IAEK,MAAM,CAAC,IAA8B;;YACzC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;QACxC,CAAC;KAAA;CACF;AAhCD,oEAgCC;AAED,MAAM,kBAAmB,SAAQ,oBAAW;IAC1C,YAA6B,YAAiC;QAC5D,KAAK,EAAE,CAAA;QADoB,iBAAY,GAAZ,YAAY,CAAqB;IAE9D,CAAC;IAES,UAAU,CAAC,GAAgB;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAA;IACzC,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe,EAAmB,MAA2B;QAA7D,QAAG,GAAH,GAAG,CAAY;QAAmB,WAAM,GAAN,MAAM,CAAqB;IAAG,CAAC;IAExF,OAAO,CAAC,SAAoB,EAAE,aAAuC;;YACzE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACxF,CAAC;KAAA;IAED,WAAW,CAAC,UAAuB,EAAE,UAAsB;QACzD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;QAChD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAA;YACT,CAAC;QACH,CAAC;IACH,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAmC;;YACrE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,CAAA;QAC1F,CAAC;KAAA;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAIK,SAAS,CAAC,SAAoB,EAAE,MAAqB;;YACzD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACpE,IAAI,MAAM,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAA;YAClC,OAAO;gBACL,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;gBACpD,GAAG,EAAE,IAAI;gBACT,OAAO,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gBAC/B,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAIK,iBAAiB,CAAC,KAAc;;YACpC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,OAAO,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC7D,CAAC;iBAAM,CAAC;gBACN,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;gBACxE,OAAO,IAAI,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;YACtC,CAAC;QACH,CAAC;KAAA;IAED,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IAC9C,CAAC;IAEK,SAAS,CAAC,MAAqB,EAAE,MAA6C;;;YAClF,IAAI,QAAoB,CAAA;YACxB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IACG,MAAqB,CAAC,GAAG,KAAK,KAAK;oBACpC,CAAE,MAAqB,CAAC,GAAG,KAAK,SAAS,IAAK,MAAqB,CAAC,GAAG,KAAK,SAAS,CAAC;oBACtF,CAAE,MAAqB,CAAC,GAAG;oBAC3B,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAE,MAAqB,CAAC,CAAC,EACzB,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAA;gBACH,CAAC;gBACD,0CAA0C;gBAC1C,QAAQ,GAAG,IAAI,UAAU,CAAC,IAAA,eAAO,EAAE,MAAqB,CAAC,CAAE,CAAC,CAAC,CAAA;YAC/D,CAAC;iBAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC5B,IAAI,MAAO,YAAY,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7F,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAyB,CAAC,CAAA;YACtD,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,CAAA;YAChF,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QACpD,CAAC;KAAA;CACF;AAED,SAAS,aAAa,CAAI,SAAoB;IAC5C,IAAI,YAAY,IAAI,SAAS,EAAE,CAAC;QAC9B,OAAO,SAAS,CAAC,UAAe,CAAA;IAClC,CAAC;;QAAM,MAAM,IAAI,KAAK,CAAC,sHAAsH,CAAC,CAAA;AAChJ,CAAC;AAED,MAAM,YAAY;IAChB,YAAqB,UAAkB,EAAW,IAAY;QAAzC,eAAU,GAAV,UAAU,CAAQ;QAAW,SAAI,GAAJ,IAAI,CAAQ;IAAG,CAAC;IAElE,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAA;IAC/C,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,gBAAgB;IACpB,YAA6B,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;IAAG,CAAC;IAE5C,SAAS,CAAC,GAAc;;YAC5B,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,WAAW;;YACf,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;YACxE,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,SAAS,CAAC,GAAgB;;YAC9B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAA;YAC9F,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,IAAI,CAAC,GAAc,EAAE,IAAiB;;YAC1C,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACvE,CAAC;KAAA;IAEK,MAAM,CAAC,GAAc,EAAE,IAAiB,EAAE,SAAsB;;YACpE,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACpG,CAAC;KAAA;CACF;AAED,MAAM,aAAa;IACjB,YAAqB,UAAmB;QAAnB,eAAU,GAAV,UAAU,CAAS;IAAG,CAAC;IAE5C,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClE,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IAC3B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe;QAAf,QAAG,GAAH,GAAG,CAAY;IAAG,CAAC;IAE1C,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,UAAqB,EAAE,aAAyB;;YAC5D,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QACzE,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAqB;;YACvD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACpE,CAAC;KAAA;IAKK,SAAS,CAAC,SAAoB,EAAE,MAAgC;;YACpE,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACjC,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACrE,CAAC;qBAAM,CAAC;oBACN,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACpE,CAAC;YACH,CAAC;iBAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC7B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACrE,CAAC;iBAAM,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACvE,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;QACpD,CAAC;KAAA;IAIK,UAAU,CACd,OAA2B,EAC3B,aAA8B,EAC9B,YAA4B;;YAE5B,IAAI,UAAoC,CAAA;YACxC,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;YACpF,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;YACtF,CAAC;YACD,IAAI,SAAmC,CAAA;YACvC,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;gBAC3B,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;YACjF,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;YAClF,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;QAClC,CAAC;KAAA;IAEK,eAAe,CAAC,UAAsB;;YAC1C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAA;YACrF,4EAA4E;YAC5E,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;gBACxF,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;aACvF,CAAA;QACH,CAAC;KAAA;IAEK,wBAAwB;;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,qBAAqB,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;YACvF,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC7E,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAED,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC7D,CAAC;aAAM,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,OAAO,CAAC,EAAE,CAAC;YAC/E,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC9D,CAAC;;YAAM,MAAM,IAAI,KAAK,CAAC,2DAA2D,SAAS,IAAI,MAAM,EAAE,CAAC,CAAA;IAC1G,CAAC;IAEK,aAAa,CACjB,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;;YAEzB,IAAI,eAA8B,CAAA;YAClC,IAAI,cAA4B,CAAA;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAA;YACtD,IAAI,gBAAgB,IAAI,KAAK,EAAE,CAAC;gBAC9B,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,cAAkC,EAAE,SAAS,CAAC,CAAA;YACrG,CAAC;iBAAM,CAAC;gBACN,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,cAA6B,CAAC,EAAE,SAAS,CAAC,CAAA;YAClH,CAAC;YACD,IAAI,eAAe,IAAI,KAAK,EAAE,CAAC;gBAC7B,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAgC,EAAE,SAAS,CAAC,CAAA;YACjG,CAAC;iBAAM,CAAC;gBACN,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,aAA4B,CAAC,EAAE,SAAS,CAAC,CAAA;YAC9G,CAAC;YACD,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBACjG,SAAS,EAAE,IAAI,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;aAC/F,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;;YAC1G,IAAI,QAAuB,CAAA;YAC3B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAEK,eAAe,CAAC,MAAsB,EAAE,OAAiC,EAAE,aAAyB;;YACxG,IAAI,QAAsB,CAAA;YAC1B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAChH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC7H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAEK,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;;YACjF,IAAI,WAA0B,CAAA;YAC9B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACpH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACjI,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC5E,CAAC;KAAA;IAEK,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;;YACnF,IAAI,WAAyB,CAAA;YAC7B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC3E,CAAC;KAAA;IAEK,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAA;QAClF,CAAC;KAAA;IAEK,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACzG,CAAC;KAAA;IAEO,gBAAgB,CAAC,UAAsB;QAC7C,OAAO,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,YAAY,CAAA;IAC9G,CAAC;IAEO,uBAAuB,CAAC,UAAsB;QACpD,OAAO;YACL,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;SAC9D,CAAA;IACH,CAAC;IAEO,sBAAsB;QAC5B,OAAO;YACL,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;IACH,CAAC;CACF;AAED,MAAM,mBAAmB;IACvB,YAAqB,UAAyB,EAAW,SAA0B;QAA9D,eAAU,GAAV,UAAU,CAAe;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEvF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IAClE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,kBAAkB;IACtB,YAAqB,UAAwB,EAAW,SAA0B;QAA7D,eAAU,GAAV,UAAU,CAAc;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEtF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IACpE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,IAAK,YAEJ;AAFD,WAAK,YAAY;IACf,2CAA2B,CAAA;AAC7B,CAAC,EAFI,YAAY,KAAZ,YAAY,QAEhB;AACD,IAAK,sBAGJ;AAHD,WAAK,sBAAsB;IACzB,uDAA6B,CAAA;IAC7B,2DAAiC,CAAA;AACnC,CAAC,EAHI,sBAAsB,KAAtB,sBAAsB,QAG1B;AACD,IAAK,qBAEJ;AAFD,WAAK,qBAAqB;IACxB,wDAA+B,CAAA;AACjC,CAAC,EAFI,qBAAqB,KAArB,qBAAqB,QAEzB;AAED,IAAK,aAEJ;AAFD,WAAK,aAAa;IAChB,0CAAyB,CAAA;AAC3B,CAAC,EAFI,aAAa,KAAb,aAAa,QAEjB","sourcesContent":["import { CryptoPrimitives } from './CryptoPrimitives'\nimport { HMACUtils } from './HMACUtils'\nimport { ShamirClass } from './shamir'\nimport { AESUtils } from './AES'\nimport { KeyPair, RSAUtils, ShaVersion } from './RSA'\nimport { b64_2ua, hex2ua, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Allows to use the expo-kryptom module as crypto primitives. This is necessary when building expo (react native) apps.\n */\nexport class NativeCryptoPrimitivesBridge implements CryptoPrimitives {\n constructor(expoKryptomModule: { Aes: AesService; Rsa: RsaService; Hmac: HmacService; StrongRandom: StrongRandomService; Digest: DigestService }) {\n this.strongRandom = expoKryptomModule.StrongRandom\n this.digest = expoKryptomModule.Digest\n this.shamir = new StrongRandomShamir(this.strongRandom)\n this.AES = new NativeAesBridge(expoKryptomModule.Aes, this.strongRandom)\n this.HMAC = new NativeHmacBridge(expoKryptomModule.Hmac)\n this.RSA = new NativeRsaBridge(expoKryptomModule.Rsa)\n }\n\n readonly AES: AESUtils\n readonly HMAC: HMACUtils\n readonly RSA: RSAUtils\n readonly shamir: ShamirClass\n private readonly strongRandom: StrongRandomService\n private readonly digest: DigestService\n\n randomBytes(n: number): Uint8Array {\n return this.strongRandom.randomBytes(n)\n }\n\n randomUuid(): string {\n return this.strongRandom.randomUUID()\n }\n\n async sha256(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data)\n }\n\n async sha512(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n throw new Error('Not yet implemented')\n }\n}\n\nclass StrongRandomShamir extends ShamirClass {\n constructor(private readonly strongRandom: StrongRandomService) {\n super()\n }\n\n protected fillRandom(arr: Uint32Array): void {\n const random = this.strongRandom.randomBytes(arr.byteLength)\n // Note that the new Uint32Array does not copy the random array\n arr.set(new Uint32Array(random.buffer))\n }\n}\n\nclass NativeAesBridge implements AESUtils {\n constructor(private readonly aes: AesService, private readonly random: StrongRandomService) {}\n\n async decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey))\n }\n\n decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.decrypt(imported, plainData)\n }\n\n async encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return await this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null)\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.encrypt(imported, plainData)\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n const rawKey = await this.aes.exportRawKey(getKryptomKey(cryptoKey))\n if (format == 'raw') return rawKey\n return {\n kty: 'oct',\n alg: rawKey.byteLength == 32 ? 'A256CBC' : 'A128CBC',\n ext: true,\n key_ops: ['encrypt', 'decrypt'],\n k: ua2b64(rawKey).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_'),\n }\n }\n\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n async generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n if (toHex) {\n return Promise.resolve(ua2hex(this.random.randomBytes(32)))\n } else {\n const aesKey = await this.aes.generateKey(AesAlgorithm.AesCbcPkcs7, 256)\n return new AesCryptoKey(aesKey, 256)\n }\n }\n\n generateIV(ivByteLength: number): Uint8Array {\n return this.random.randomBytes(ivByteLength)\n }\n\n async importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n let keyBytes: Uint8Array\n if (format === 'jwk') {\n if (\n (aesKey as JsonWebKey).kty !== 'oct' ||\n ((aesKey as JsonWebKey).alg !== 'A256CBC' && (aesKey as JsonWebKey).alg !== 'A128CBC') ||\n !(aesKey as JsonWebKey).ext ||\n !(aesKey as JsonWebKey).key_ops?.includes('encrypt') ||\n !(aesKey as JsonWebKey).key_ops?.includes('decrypt') ||\n !(aesKey as JsonWebKey).k\n ) {\n throw new Error(\n 'Invalid JWK - must have kty=oct, alg=(A256CBC||A128CBC), ext=true, key_ops=[encrypt, decrypt], and must have non-empty k field'\n )\n }\n // b64_2ua works also with url-safe base64\n keyBytes = new Uint8Array(b64_2ua((aesKey as JsonWebKey).k!))\n } else if (format === 'raw') {\n if (aesKey! instanceof ArrayBuffer && !ArrayBuffer.isView(aesKey))\n throw new Error(\"aesKey must be an ArrayBuffer or an ArrayBufferView when format is 'raw'\")\n keyBytes = new Uint8Array(aesKey as ArrayBufferLike)\n } else throw new Error(`Invalid format ${format}`)\n const imported = await this.aes.importRawKey(keyBytes, AesAlgorithm.AesCbcPkcs7)\n return new AesCryptoKey(imported, keyBytes.length)\n }\n}\n\nfunction getKryptomKey<T>(cryptoKey: CryptoKey) {\n if ('kryptomKey' in cryptoKey) {\n return cryptoKey.kryptomKey as T\n } else throw new Error('Invalid crypto key: only crypto keys generated or loaded with this implementation of crypto primitives are supported')\n}\n\nclass AesCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: AesKey, readonly size: number) {}\n\n get algorithm(): AesKeyAlgorithm {\n return { name: 'AES-CBC', length: this.size }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['encrypt', 'decrypt']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeHmacBridge implements HMACUtils {\n constructor(private readonly hmac: HmacService) {}\n\n async exportKey(key: CryptoKey): Promise<ArrayBuffer> {\n return await this.hmac.exportRawKey(getKryptomKey(key))\n }\n\n async generateKey(): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.generateKey(HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async importKey(key: ArrayBuffer): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.importRawKey(new Uint8Array(key), HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.hmac.sign(new Uint8Array(data), getKryptomKey(key))\n }\n\n async verify(key: CryptoKey, data: ArrayBuffer, signature: ArrayBuffer): Promise<boolean> {\n return await this.hmac.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(key))\n }\n}\n\nclass HmacCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: HmacKey) {}\n\n get algorithm(): HmacKeyAlgorithm {\n return { name: 'HMAC', hash: { name: 'SHA-512' }, length: 1024 }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['sign', 'verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeRsaBridge implements RSAUtils {\n constructor(private readonly rsa: RsaService) {}\n\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n async decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.decrypt(encryptedData, getKryptomKey(privateKey))\n }\n\n async encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return await this.rsa.encrypt(plainData, getKryptomKey(publicKey))\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'spki' | 'pkcs8'): Promise<JsonWebKey | ArrayBuffer> {\n if (format === 'jwk') {\n if (cryptoKey.type === 'private') {\n return await this.rsa.exportPrivateKeyJwk(getKryptomKey(cryptoKey))\n } else {\n return await this.rsa.exportPublicKeyJwk(getKryptomKey(cryptoKey))\n }\n } else if (format === 'spki') {\n return await this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey))\n } else if (format === 'pkcs8') {\n return await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey))\n } else throw new Error(`Invalid format ${format}`)\n }\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n async exportKeys(\n keyPair: KeyPair<CryptoKey>,\n privKeyFormat: 'jwk' | 'pkcs8',\n pubKeyFormat: 'jwk' | 'spki'\n ): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n let privateKey: JsonWebKey | ArrayBuffer\n if (privKeyFormat === 'jwk') {\n privateKey = await this.rsa.exportPrivateKeyJwk(getKryptomKey(keyPair.privateKey))\n } else {\n privateKey = await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey))\n }\n let publicKey: JsonWebKey | ArrayBuffer\n if (pubKeyFormat === 'jwk') {\n publicKey = await this.rsa.exportPublicKeyJwk(getKryptomKey(keyPair.publicKey))\n } else {\n publicKey = await this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey))\n }\n return { privateKey, publicKey }\n }\n\n async generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(this.kryptomAlgorithm(shaVersion), 2048)\n // In expo-kryptom a private keys and public keys are supertypes of keypair.\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n publicKey: new PublicRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n }\n }\n\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(RsaSignatureAlgorithm.PssWithSha256, 2048)\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n publicKey: new PublicRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n }\n }\n\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n if (keyUsages[0] == 'encrypt' && (format == 'jwk' || format == 'spki')) {\n return this.importPublicKey(format, keydata, hashAlgorithm)\n } else if (keyUsages[0] == 'decrypt' && (format == 'jwk' || format == 'pkcs8')) {\n return this.importPrivateKey(format, keydata, hashAlgorithm)\n } else throw new Error(`Combination of key usages and key format not supported: ${keyUsages} ${format}`)\n }\n\n async importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n let importedPrivate: RsaPrivateKey\n let importedPublic: RsaPublicKey\n const algorithm = this.kryptomAlgorithm(hashAlgorithm)\n if (privateKeyFormat == 'jwk') {\n importedPrivate = await this.rsa.importPrivateKeyJwk(privateKeydata as PrivateRsaKeyJwk, algorithm)\n } else {\n importedPrivate = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(privateKeydata as ArrayBuffer), algorithm)\n }\n if (publicKeyFormat == 'jwk') {\n importedPublic = await this.rsa.importPublicKeyJwk(publicKeyData as PublicRsaKeyJwk, algorithm)\n } else {\n importedPublic = await this.rsa.importPublicKeySpki(new Uint8Array(publicKeyData as ArrayBuffer), algorithm)\n }\n return {\n privateKey: new PrivateRsaCryptoKey(importedPrivate, this.encryptionKeysAlgorithm(hashAlgorithm)),\n publicKey: new PublicRsaCryptoKey(importedPublic, this.encryptionKeysAlgorithm(hashAlgorithm)),\n }\n }\n\n async importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPrivateKey\n if (format == 'jwk') {\n imported = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PrivateRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importPublicKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPublicKey\n if (format == 'jwk') {\n imported = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PublicRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPrivateKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PrivateRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPublicKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PublicRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey))\n }\n\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.rsa.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(publicKey))\n }\n\n private kryptomAlgorithm(shaVersion: ShaVersion): RsaEncryptionAlgorithm {\n return shaVersion == 'sha-256' ? RsaEncryptionAlgorithm.OaepWithSha256 : RsaEncryptionAlgorithm.OaepWithSha1\n }\n\n private encryptionKeysAlgorithm(shaVersion: ShaVersion): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: shaVersion == 'sha-256' ? 'SHA-256' : 'SHA-1' },\n }\n }\n\n private signatureKeysAlgorithm(): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n }\n}\n\nclass PrivateRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPrivateKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'private'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['decrypt'] : ['sign']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass PublicRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPublicKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'public'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['encrypt'] : ['verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nenum AesAlgorithm {\n AesCbcPkcs7 = 'AesCbcPkcs7',\n}\nenum RsaEncryptionAlgorithm {\n OaepWithSha1 = 'OaepWithSha1',\n OaepWithSha256 = 'OaepWithSha256',\n}\nenum RsaSignatureAlgorithm {\n PssWithSha256 = 'PssWithSha256',\n}\ntype RsaAlgorithm = RsaEncryptionAlgorithm | RsaSignatureAlgorithm\nenum HmacAlgorithm {\n HmacSha512 = 'HmacSha512',\n}\n\ninterface HmacKey {\n algorithmIdentifier: HmacAlgorithm\n}\n\ninterface AesKey {\n algorithmIdentifier: AesAlgorithm\n}\n\ninterface RsaKeyPair {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPrivateKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPublicKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ntype PrivateRsaKeyJwk = {\n alg: string\n d: string\n dp: string\n dq: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n p: string\n q: string\n qi: string\n}\n\ntype PublicRsaKeyJwk = {\n alg: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n}\n\ninterface AesService {\n generateKey(algorithmIdentifier: AesAlgorithm, size: number): Promise<AesKey>\n encrypt(data: Uint8Array, key: AesKey, iv: Uint8Array | null): Promise<Uint8Array>\n decrypt(ivAndEncryptedData: Uint8Array, key: AesKey): Promise<Uint8Array>\n exportRawKey(key: AesKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: AesAlgorithm): Promise<AesKey>\n}\n\ninterface RsaService {\n generateKey(algorithmIdentifier: RsaAlgorithm, size: number): Promise<RsaKeyPair>\n encrypt(data: Uint8Array, key: RsaPublicKey): Promise<Uint8Array>\n decrypt(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n signature(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: RsaPublicKey): Promise<boolean>\n exportPrivateKeyPkcs8(key: RsaPrivateKey): Promise<Uint8Array>\n exportPrivateKeyJwk(key: RsaPrivateKey): Promise<PrivateRsaKeyJwk>\n exportPublicKeySpki(key: RsaPublicKey): Promise<Uint8Array>\n exportPublicKeyJwk(key: RsaPublicKey): Promise<PublicRsaKeyJwk>\n importPrivateKeyPkcs8(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPrivateKeyJwk(privateKey: PrivateRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPublicKeySpki(publicKeySpki: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importPublicKeyJwk(publicKey: PublicRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importKeyPair(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaKeyPair>\n}\n\ninterface HmacService {\n generateKey(algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n sign(data: Uint8Array, key: HmacKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: HmacKey): Promise<boolean>\n exportRawKey(key: HmacKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n}\n\ninterface StrongRandomService {\n randomBytes(length: number): Uint8Array\n randomUUID(): string\n}\n\ninterface DigestService {\n sha256(data: Uint8Array): Promise<Uint8Array>\n}\n"]}
1
+ {"version":3,"file":"NativeCryptoPrimitivesBridge.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/NativeCryptoPrimitivesBridge.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,qCAAsC;AAGtC,oCAAoF;AAEpF;;GAEG;AACH,MAAa,4BAA4B;IACvC,YAAY,iBAAoI;QAC9I,IAAI,CAAC,YAAY,GAAG,iBAAiB,CAAC,YAAY,CAAA;QAClD,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACvD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;QACxE,IAAI,CAAC,IAAI,GAAG,IAAI,gBAAgB,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAA;QACxD,IAAI,CAAC,GAAG,GAAG,IAAI,eAAe,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAA;IACvD,CAAC;IASD,WAAW,CAAC,CAAS;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAA;IACzC,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAA;IACvC,CAAC;IAEK,MAAM,CAAC,IAA8B;;YACzC,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,YAAY,WAAW,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;QACnG,CAAC;KAAA;IAEK,MAAM,CAAC,IAA8B;;YACzC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;QACxC,CAAC;KAAA;CACF;AAhCD,oEAgCC;AAED,MAAM,kBAAmB,SAAQ,oBAAW;IAC1C,YAA6B,YAAiC;QAC5D,KAAK,EAAE,CAAA;QADoB,iBAAY,GAAZ,YAAY,CAAqB;IAE9D,CAAC;IAES,UAAU,CAAC,GAAgB;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC5D,+DAA+D;QAC/D,GAAG,CAAC,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAA;IACzC,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe,EAAmB,MAA2B;QAA7D,QAAG,GAAH,GAAG,CAAY;QAAmB,WAAM,GAAN,MAAM,CAAqB;IAAG,CAAC;IAExF,OAAO,CAAC,SAAoB,EAAE,aAAuC;;YACzE,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/F,CAAC;KAAA;IAED,WAAW,CAAC,UAAuB,EAAE,UAAsB;QACzD,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;QAChD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAA;YAC1D,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAA;YACT,CAAC;QACH,CAAC;IACH,CAAC;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAmC;;YACrE,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,CAAC,CAAA;QACjG,CAAC;KAAA;IAEK,iBAAiB,CAAC,MAAc,EAAE,SAAmC;;YACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,CAAA;YAC5D,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAC1C,CAAC;KAAA;IAIK,SAAS,CAAC,SAAoB,EAAE,MAAqB;;YACzD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;YACpE,IAAI,MAAM,IAAI,KAAK;gBAAE,OAAO,IAAA,aAAK,EAAC,MAAM,CAAC,CAAA;YACzC,OAAO;gBACL,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;gBACpD,GAAG,EAAE,IAAI;gBACT,OAAO,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gBAC/B,CAAC,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAIK,iBAAiB,CAAC,KAAc;;YACpC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,OAAO,CAAC,OAAO,CAAC,IAAA,cAAM,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC7D,CAAC;iBAAM,CAAC;gBACN,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;gBACxE,OAAO,IAAI,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;YACtC,CAAC;QACH,CAAC;KAAA;IAED,UAAU,CAAC,YAAoB;QAC7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IAC9C,CAAC;IAEK,SAAS,CAAC,MAAqB,EAAE,MAA6C;;;YAClF,IAAI,QAAoB,CAAA;YACxB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IACG,MAAqB,CAAC,GAAG,KAAK,KAAK;oBACpC,CAAE,MAAqB,CAAC,GAAG,KAAK,SAAS,IAAK,MAAqB,CAAC,GAAG,KAAK,SAAS,CAAC;oBACtF,CAAE,MAAqB,CAAC,GAAG;oBAC3B,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAC,CAAA,MAAC,MAAqB,CAAC,OAAO,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;oBACpD,CAAE,MAAqB,CAAC,CAAC,EACzB,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAA;gBACH,CAAC;gBACD,0CAA0C;gBAC1C,QAAQ,GAAG,IAAI,UAAU,CAAC,IAAA,eAAO,EAAE,MAAqB,CAAC,CAAE,CAAC,CAAC,CAAA;YAC/D,CAAC;iBAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC5B,IAAI,MAAO,YAAY,WAAW,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAA;gBAC7F,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAyB,CAAC,CAAA;YACtD,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,WAAW,CAAC,CAAA;YAChF,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QACpD,CAAC;KAAA;CACF;AAED,SAAS,aAAa,CAAI,SAAoB;IAC5C,IAAI,YAAY,IAAI,SAAS,EAAE,CAAC;QAC9B,OAAO,SAAS,CAAC,UAAe,CAAA;IAClC,CAAC;;QAAM,MAAM,IAAI,KAAK,CAAC,sHAAsH,CAAC,CAAA;AAChJ,CAAC;AAED,MAAM,YAAY;IAChB,YAAqB,UAAkB,EAAW,IAAY;QAAzC,eAAU,GAAV,UAAU,CAAQ;QAAW,SAAI,GAAJ,IAAI,CAAQ;IAAG,CAAC;IAElE,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,CAAA;IAC/C,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAC/B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,gBAAgB;IACpB,YAA6B,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;IAAG,CAAC;IAE5C,SAAS,CAAC,GAAc;;YAC5B,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAChE,CAAC;KAAA;IAEK,WAAW;;YACf,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;YACxE,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,SAAS,CAAC,GAAgB;;YAC9B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAA;YAC9F,OAAO,IAAI,aAAa,CAAC,UAAU,CAAC,CAAA;QACtC,CAAC;KAAA;IAEK,IAAI,CAAC,GAAc,EAAE,IAAiB;;YAC1C,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAC9E,CAAC;KAAA;IAEK,MAAM,CAAC,GAAc,EAAE,IAAiB,EAAE,SAAsB;;YACpE,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAA;QACpG,CAAC;KAAA;CACF;AAED,MAAM,aAAa;IACjB,YAAqB,UAAmB;QAAnB,eAAU,GAAV,UAAU,CAAS;IAAG,CAAC;IAE5C,IAAI,SAAS;QACX,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IAClE,CAAC;IACD,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,IAAI,MAAM;QACR,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IAC3B,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,eAAe;IACnB,YAA6B,GAAe;QAAf,QAAG,GAAH,GAAG,CAAY;IAAG,CAAC;IAE1C,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,UAAqB,EAAE,aAAyB;;YAC5D,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QAChF,CAAC;KAAA;IAEK,OAAO,CAAC,SAAoB,EAAE,SAAqB;;YACvD,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC3E,CAAC;KAAA;IAKK,SAAS,CAAC,SAAoB,EAAE,MAAgC;;YACpE,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,IAAI,SAAS,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACjC,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACrE,CAAC;qBAAM,CAAC;oBACN,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;gBACpE,CAAC;YACH,CAAC;iBAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC7B,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAC9E,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,EAAE,CAAC,CAAA;QACpD,CAAC;KAAA;IAIK,UAAU,CACd,OAA2B,EAC3B,aAA8B,EAC9B,YAA4B;;YAE5B,IAAI,UAAoC,CAAA;YACxC,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBAC5B,UAAU,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;YACpF,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;YAC7F,CAAC;YACD,IAAI,SAAmC,CAAA;YACvC,IAAI,YAAY,KAAK,KAAK,EAAE,CAAC;gBAC3B,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;YACjF,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YACzF,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;QAClC,CAAC;KAAA;IAEK,eAAe,CAAC,UAAsB;;YAC1C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAA;YACrF,4EAA4E;YAC5E,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;gBACxF,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;aACvF,CAAA;QACH,CAAC;KAAA;IAEK,wBAAwB;;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,qBAAqB,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;YACvF,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBAC7E,SAAS,EAAE,IAAI,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC;aAC5E,CAAA;QACH,CAAC;KAAA;IAED,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC7D,CAAC;aAAM,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,MAAM,IAAI,KAAK,IAAI,MAAM,IAAI,OAAO,CAAC,EAAE,CAAC;YAC/E,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC,CAAA;QAC9D,CAAC;;YAAM,MAAM,IAAI,KAAK,CAAC,2DAA2D,SAAS,IAAI,MAAM,EAAE,CAAC,CAAA;IAC1G,CAAC;IAEK,aAAa,CACjB,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;;YAEzB,IAAI,eAA8B,CAAA;YAClC,IAAI,cAA4B,CAAA;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAA;YACtD,IAAI,gBAAgB,IAAI,KAAK,EAAE,CAAC;gBAC9B,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,cAAkC,EAAE,SAAS,CAAC,CAAA;YACrG,CAAC;iBAAM,CAAC;gBACN,eAAe,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,cAA6B,CAAC,EAAE,SAAS,CAAC,CAAA;YAClH,CAAC;YACD,IAAI,eAAe,IAAI,KAAK,EAAE,CAAC;gBAC7B,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,aAAgC,EAAE,SAAS,CAAC,CAAA;YACjG,CAAC;iBAAM,CAAC;gBACN,cAAc,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,aAA4B,CAAC,EAAE,SAAS,CAAC,CAAA;YAC9G,CAAC;YACD,OAAO;gBACL,UAAU,EAAE,IAAI,mBAAmB,CAAC,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBACjG,SAAS,EAAE,IAAI,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;aAC/F,CAAA;QACH,CAAC;KAAA;IAEK,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;;YAC1G,IAAI,QAAuB,CAAA;YAC3B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAEK,eAAe,CAAC,MAAsB,EAAE,OAAiC,EAAE,aAAyB;;YACxG,IAAI,QAAsB,CAAA;YAC1B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAChH,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC,CAAA;YAC7H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAEK,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;;YACjF,IAAI,WAA0B,CAAA;YAC9B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAA2B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACpH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YACjI,CAAC;YACD,OAAO,IAAI,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC5E,CAAC;KAAA;IAEK,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;;YACnF,IAAI,WAAyB,CAAA;YAC7B,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;gBACpB,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,OAA0B,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAClH,CAAC;iBAAM,CAAC;gBACN,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,UAAU,CAAC,OAAsB,CAAC,EAAE,qBAAqB,CAAC,aAAa,CAAC,CAAA;YAC/H,CAAC;YACD,OAAO,IAAI,kBAAkB,CAAC,WAAW,EAAE,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAA;QAC3E,CAAC;KAAA;IAEK,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,IAAA,aAAK,EAAC,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QACzF,CAAC;KAAA;IAEK,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAA;QACzG,CAAC;KAAA;IAEO,gBAAgB,CAAC,UAAsB;QAC7C,OAAO,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,YAAY,CAAA;IAC9G,CAAC;IAEO,uBAAuB,CAAC,UAAsB;QACpD,OAAO;YACL,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,UAAU,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;SAC9D,CAAA;IACH,CAAC;IAEO,sBAAsB;QAC5B,OAAO;YACL,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;IACH,CAAC;CACF;AAED,MAAM,mBAAmB;IACvB,YAAqB,UAAyB,EAAW,SAA0B;QAA9D,eAAU,GAAV,UAAU,CAAe;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEvF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;IAClE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,MAAM,kBAAkB;IACtB,YAAqB,UAAwB,EAAW,SAA0B;QAA7D,eAAU,GAAV,UAAU,CAAc;QAAW,cAAS,GAAT,SAAS,CAAiB;IAAG,CAAC;IAEtF,IAAI,WAAW;QACb,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,IAAI;QACN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;IACpE,CAAC;IAED,MAAM;QACJ,OAAO,EAAE,CAAA;IACX,CAAC;CACF;AAED,IAAK,YAEJ;AAFD,WAAK,YAAY;IACf,2CAA2B,CAAA;AAC7B,CAAC,EAFI,YAAY,KAAZ,YAAY,QAEhB;AACD,IAAK,sBAGJ;AAHD,WAAK,sBAAsB;IACzB,uDAA6B,CAAA;IAC7B,2DAAiC,CAAA;AACnC,CAAC,EAHI,sBAAsB,KAAtB,sBAAsB,QAG1B;AACD,IAAK,qBAEJ;AAFD,WAAK,qBAAqB;IACxB,wDAA+B,CAAA;AACjC,CAAC,EAFI,qBAAqB,KAArB,qBAAqB,QAEzB;AAED,IAAK,aAEJ;AAFD,WAAK,aAAa;IAChB,0CAAyB,CAAA;AAC3B,CAAC,EAFI,aAAa,KAAb,aAAa,QAEjB","sourcesContent":["import { CryptoPrimitives } from './CryptoPrimitives'\nimport { HMACUtils } from './HMACUtils'\nimport { ShamirClass } from './shamir'\nimport { AESUtils } from './AES'\nimport { KeyPair, RSAUtils, ShaVersion } from './RSA'\nimport { b64_2ua, hex2ua, ua2ab, ua2b64, ua2hex, ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Allows to use the expo-kryptom module as crypto primitives. This is necessary when building expo (react native) apps.\n */\nexport class NativeCryptoPrimitivesBridge implements CryptoPrimitives {\n constructor(expoKryptomModule: { Aes: AesService; Rsa: RsaService; Hmac: HmacService; StrongRandom: StrongRandomService; Digest: DigestService }) {\n this.strongRandom = expoKryptomModule.StrongRandom\n this.digest = expoKryptomModule.Digest\n this.shamir = new StrongRandomShamir(this.strongRandom)\n this.AES = new NativeAesBridge(expoKryptomModule.Aes, this.strongRandom)\n this.HMAC = new NativeHmacBridge(expoKryptomModule.Hmac)\n this.RSA = new NativeRsaBridge(expoKryptomModule.Rsa)\n }\n\n readonly AES: AESUtils\n readonly HMAC: HMACUtils\n readonly RSA: RSAUtils\n readonly shamir: ShamirClass\n private readonly strongRandom: StrongRandomService\n private readonly digest: DigestService\n\n randomBytes(n: number): Uint8Array {\n return this.strongRandom.randomBytes(n)\n }\n\n randomUuid(): string {\n return this.strongRandom.randomUUID()\n }\n\n async sha256(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return ua2ab(await this.digest.sha256(data instanceof ArrayBuffer ? new Uint8Array(data) : data))\n }\n\n async sha512(data: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n throw new Error('Not yet implemented')\n }\n}\n\nclass StrongRandomShamir extends ShamirClass {\n constructor(private readonly strongRandom: StrongRandomService) {\n super()\n }\n\n protected fillRandom(arr: Uint32Array): void {\n const random = this.strongRandom.randomBytes(arr.byteLength)\n // Note that the new Uint32Array does not copy the random array\n arr.set(new Uint32Array(random.buffer))\n }\n}\n\nclass NativeAesBridge implements AESUtils {\n constructor(private readonly aes: AesService, private readonly random: StrongRandomService) {}\n\n async decrypt(cryptoKey: CryptoKey, encryptedData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return ua2ab(await this.aes.decrypt(new Uint8Array(encryptedData), getKryptomKey(cryptoKey)))\n }\n\n decryptSome(cryptoKeys: CryptoKey[], uint8Array: Uint8Array): Promise<ArrayBuffer> {\n try {\n return this.decrypt(cryptoKeys[0], uint8Array)\n } catch (e) {\n if (cryptoKeys.length > 1) {\n return this.decryptSome(cryptoKeys.slice(1), uint8Array)\n } else {\n throw e\n }\n }\n }\n\n async decryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.decrypt(imported, plainData)\n }\n\n async encrypt(cryptoKey: CryptoKey, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n return ua2ab(await this.aes.encrypt(new Uint8Array(plainData), getKryptomKey(cryptoKey), null))\n }\n\n async encryptWithRawKey(rawKey: string, plainData: ArrayBuffer | Uint8Array): Promise<ArrayBuffer> {\n const imported = await this.importKey('raw', hex2ua(rawKey))\n return this.encrypt(imported, plainData)\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'raw'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'raw'): Promise<ArrayBuffer | JsonWebKey> {\n const rawKey = await this.aes.exportRawKey(getKryptomKey(cryptoKey))\n if (format == 'raw') return ua2ab(rawKey)\n return {\n kty: 'oct',\n alg: rawKey.byteLength == 32 ? 'A256CBC' : 'A128CBC',\n ext: true,\n key_ops: ['encrypt', 'decrypt'],\n k: ua2b64(rawKey).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_'),\n }\n }\n\n generateCryptoKey(toHex: false): Promise<CryptoKey>\n generateCryptoKey(toHex: true): Promise<string>\n async generateCryptoKey(toHex: boolean): Promise<string | CryptoKey> {\n if (toHex) {\n return Promise.resolve(ua2hex(this.random.randomBytes(32)))\n } else {\n const aesKey = await this.aes.generateKey(AesAlgorithm.AesCbcPkcs7, 256)\n return new AesCryptoKey(aesKey, 256)\n }\n }\n\n generateIV(ivByteLength: number): Uint8Array {\n return this.random.randomBytes(ivByteLength)\n }\n\n async importKey(format: 'jwk' | 'raw', aesKey: JsonWebKey | ArrayBuffer | Uint8Array): Promise<CryptoKey> {\n let keyBytes: Uint8Array\n if (format === 'jwk') {\n if (\n (aesKey as JsonWebKey).kty !== 'oct' ||\n ((aesKey as JsonWebKey).alg !== 'A256CBC' && (aesKey as JsonWebKey).alg !== 'A128CBC') ||\n !(aesKey as JsonWebKey).ext ||\n !(aesKey as JsonWebKey).key_ops?.includes('encrypt') ||\n !(aesKey as JsonWebKey).key_ops?.includes('decrypt') ||\n !(aesKey as JsonWebKey).k\n ) {\n throw new Error(\n 'Invalid JWK - must have kty=oct, alg=(A256CBC||A128CBC), ext=true, key_ops=[encrypt, decrypt], and must have non-empty k field'\n )\n }\n // b64_2ua works also with url-safe base64\n keyBytes = new Uint8Array(b64_2ua((aesKey as JsonWebKey).k!))\n } else if (format === 'raw') {\n if (aesKey! instanceof ArrayBuffer && !ArrayBuffer.isView(aesKey))\n throw new Error(\"aesKey must be an ArrayBuffer or an ArrayBufferView when format is 'raw'\")\n keyBytes = new Uint8Array(aesKey as ArrayBufferLike)\n } else throw new Error(`Invalid format ${format}`)\n const imported = await this.aes.importRawKey(keyBytes, AesAlgorithm.AesCbcPkcs7)\n return new AesCryptoKey(imported, keyBytes.length)\n }\n}\n\nfunction getKryptomKey<T>(cryptoKey: CryptoKey) {\n if ('kryptomKey' in cryptoKey) {\n return cryptoKey.kryptomKey as T\n } else throw new Error('Invalid crypto key: only crypto keys generated or loaded with this implementation of crypto primitives are supported')\n}\n\nclass AesCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: AesKey, readonly size: number) {}\n\n get algorithm(): AesKeyAlgorithm {\n return { name: 'AES-CBC', length: this.size }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['encrypt', 'decrypt']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeHmacBridge implements HMACUtils {\n constructor(private readonly hmac: HmacService) {}\n\n async exportKey(key: CryptoKey): Promise<ArrayBuffer> {\n return ua2ab(await this.hmac.exportRawKey(getKryptomKey(key)))\n }\n\n async generateKey(): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.generateKey(HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async importKey(key: ArrayBuffer): Promise<CryptoKey> {\n const kryptomKey = await this.hmac.importRawKey(new Uint8Array(key), HmacAlgorithm.HmacSha512)\n return new HmacCryptoKey(kryptomKey)\n }\n\n async sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return ua2ab(await this.hmac.sign(new Uint8Array(data), getKryptomKey(key)))\n }\n\n async verify(key: CryptoKey, data: ArrayBuffer, signature: ArrayBuffer): Promise<boolean> {\n return await this.hmac.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(key))\n }\n}\n\nclass HmacCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: HmacKey) {}\n\n get algorithm(): HmacKeyAlgorithm {\n return { name: 'HMAC', hash: { name: 'SHA-512' }, length: 1024 }\n }\n get extractable(): boolean {\n return true\n }\n get type(): KeyType {\n return 'secret'\n }\n get usages(): KeyUsage[] {\n return ['sign', 'verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass NativeRsaBridge implements RSAUtils {\n constructor(private readonly rsa: RsaService) {}\n\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n async decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return ua2ab(await this.rsa.decrypt(encryptedData, getKryptomKey(privateKey)))\n }\n\n async encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return ua2ab(await this.rsa.encrypt(plainData, getKryptomKey(publicKey)))\n }\n\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n async exportKey(cryptoKey: CryptoKey, format: 'jwk' | 'spki' | 'pkcs8'): Promise<JsonWebKey | ArrayBuffer> {\n if (format === 'jwk') {\n if (cryptoKey.type === 'private') {\n return await this.rsa.exportPrivateKeyJwk(getKryptomKey(cryptoKey))\n } else {\n return await this.rsa.exportPublicKeyJwk(getKryptomKey(cryptoKey))\n }\n } else if (format === 'spki') {\n return ua2ab(await this.rsa.exportPublicKeySpki(getKryptomKey(cryptoKey)))\n } else if (format === 'pkcs8') {\n return ua2ab(await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(cryptoKey)))\n } else throw new Error(`Invalid format ${format}`)\n }\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n async exportKeys(\n keyPair: KeyPair<CryptoKey>,\n privKeyFormat: 'jwk' | 'pkcs8',\n pubKeyFormat: 'jwk' | 'spki'\n ): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n let privateKey: JsonWebKey | ArrayBuffer\n if (privKeyFormat === 'jwk') {\n privateKey = await this.rsa.exportPrivateKeyJwk(getKryptomKey(keyPair.privateKey))\n } else {\n privateKey = ua2ab(await this.rsa.exportPrivateKeyPkcs8(getKryptomKey(keyPair.privateKey)))\n }\n let publicKey: JsonWebKey | ArrayBuffer\n if (pubKeyFormat === 'jwk') {\n publicKey = await this.rsa.exportPublicKeyJwk(getKryptomKey(keyPair.publicKey))\n } else {\n publicKey = ua2ab(await this.rsa.exportPublicKeySpki(getKryptomKey(keyPair.publicKey)))\n }\n return { privateKey, publicKey }\n }\n\n async generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(this.kryptomAlgorithm(shaVersion), 2048)\n // In expo-kryptom a private keys and public keys are supertypes of keypair.\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n publicKey: new PublicRsaCryptoKey(generated, this.encryptionKeysAlgorithm(shaVersion)),\n }\n }\n\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n const generated = await this.rsa.generateKey(RsaSignatureAlgorithm.PssWithSha256, 2048)\n return {\n privateKey: new PrivateRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n publicKey: new PublicRsaCryptoKey(generated, this.signatureKeysAlgorithm()),\n }\n }\n\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n if (keyUsages[0] == 'encrypt' && (format == 'jwk' || format == 'spki')) {\n return this.importPublicKey(format, keydata, hashAlgorithm)\n } else if (keyUsages[0] == 'decrypt' && (format == 'jwk' || format == 'pkcs8')) {\n return this.importPrivateKey(format, keydata, hashAlgorithm)\n } else throw new Error(`Combination of key usages and key format not supported: ${keyUsages} ${format}`)\n }\n\n async importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n let importedPrivate: RsaPrivateKey\n let importedPublic: RsaPublicKey\n const algorithm = this.kryptomAlgorithm(hashAlgorithm)\n if (privateKeyFormat == 'jwk') {\n importedPrivate = await this.rsa.importPrivateKeyJwk(privateKeydata as PrivateRsaKeyJwk, algorithm)\n } else {\n importedPrivate = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(privateKeydata as ArrayBuffer), algorithm)\n }\n if (publicKeyFormat == 'jwk') {\n importedPublic = await this.rsa.importPublicKeyJwk(publicKeyData as PublicRsaKeyJwk, algorithm)\n } else {\n importedPublic = await this.rsa.importPublicKeySpki(new Uint8Array(publicKeyData as ArrayBuffer), algorithm)\n }\n return {\n privateKey: new PrivateRsaCryptoKey(importedPrivate, this.encryptionKeysAlgorithm(hashAlgorithm)),\n publicKey: new PublicRsaCryptoKey(importedPublic, this.encryptionKeysAlgorithm(hashAlgorithm)),\n }\n }\n\n async importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPrivateKey\n if (format == 'jwk') {\n imported = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PrivateRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importPublicKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n let imported: RsaPublicKey\n if (format == 'jwk') {\n imported = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, this.kryptomAlgorithm(hashAlgorithm))\n } else {\n imported = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), this.kryptomAlgorithm(hashAlgorithm))\n }\n return new PublicRsaCryptoKey(imported, this.encryptionKeysAlgorithm(hashAlgorithm))\n }\n\n async importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPrivateKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPrivateKeyJwk(keydata as PrivateRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPrivateKeyPkcs8(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PrivateRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n let importedKey: RsaPublicKey\n if (format == 'jwk') {\n importedKey = await this.rsa.importPublicKeyJwk(keydata as PublicRsaKeyJwk, RsaSignatureAlgorithm.PssWithSha256)\n } else {\n importedKey = await this.rsa.importPublicKeySpki(new Uint8Array(keydata as ArrayBuffer), RsaSignatureAlgorithm.PssWithSha256)\n }\n return new PublicRsaCryptoKey(importedKey, this.signatureKeysAlgorithm())\n }\n\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return ua2ab(await this.rsa.signature(new Uint8Array(data), getKryptomKey(privateKey)))\n }\n\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.rsa.verify(new Uint8Array(signature), new Uint8Array(data), getKryptomKey(publicKey))\n }\n\n private kryptomAlgorithm(shaVersion: ShaVersion): RsaEncryptionAlgorithm {\n return shaVersion == 'sha-256' ? RsaEncryptionAlgorithm.OaepWithSha256 : RsaEncryptionAlgorithm.OaepWithSha1\n }\n\n private encryptionKeysAlgorithm(shaVersion: ShaVersion): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: shaVersion == 'sha-256' ? 'SHA-256' : 'SHA-1' },\n }\n }\n\n private signatureKeysAlgorithm(): RsaHashedKeyAlgorithm {\n return {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n }\n}\n\nclass PrivateRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPrivateKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'private'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['decrypt'] : ['sign']\n }\n\n toJSON() {\n return {}\n }\n}\n\nclass PublicRsaCryptoKey implements CryptoKey {\n constructor(readonly kryptomKey: RsaPublicKey, readonly algorithm: RsaKeyAlgorithm) {}\n\n get extractable(): boolean {\n return true\n }\n\n get type(): KeyType {\n return 'public'\n }\n\n get usages(): KeyUsage[] {\n return this.algorithm.name != 'RSA-PSS' ? ['encrypt'] : ['verify']\n }\n\n toJSON() {\n return {}\n }\n}\n\nenum AesAlgorithm {\n AesCbcPkcs7 = 'AesCbcPkcs7',\n}\nenum RsaEncryptionAlgorithm {\n OaepWithSha1 = 'OaepWithSha1',\n OaepWithSha256 = 'OaepWithSha256',\n}\nenum RsaSignatureAlgorithm {\n PssWithSha256 = 'PssWithSha256',\n}\ntype RsaAlgorithm = RsaEncryptionAlgorithm | RsaSignatureAlgorithm\nenum HmacAlgorithm {\n HmacSha512 = 'HmacSha512',\n}\n\ninterface HmacKey {\n algorithmIdentifier: HmacAlgorithm\n}\n\ninterface AesKey {\n algorithmIdentifier: AesAlgorithm\n}\n\ninterface RsaKeyPair {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPrivateKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ninterface RsaPublicKey {\n algorithmIdentifier: RsaAlgorithm\n}\n\ntype PrivateRsaKeyJwk = {\n alg: string\n d: string\n dp: string\n dq: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n p: string\n q: string\n qi: string\n}\n\ntype PublicRsaKeyJwk = {\n alg: string\n e: string\n ext: boolean\n key_ops: string[]\n n: string\n}\n\ninterface AesService {\n generateKey(algorithmIdentifier: AesAlgorithm, size: number): Promise<AesKey>\n encrypt(data: Uint8Array, key: AesKey, iv: Uint8Array | null): Promise<Uint8Array>\n decrypt(ivAndEncryptedData: Uint8Array, key: AesKey): Promise<Uint8Array>\n exportRawKey(key: AesKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: AesAlgorithm): Promise<AesKey>\n}\n\ninterface RsaService {\n generateKey(algorithmIdentifier: RsaAlgorithm, size: number): Promise<RsaKeyPair>\n encrypt(data: Uint8Array, key: RsaPublicKey): Promise<Uint8Array>\n decrypt(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n signature(data: Uint8Array, key: RsaPrivateKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: RsaPublicKey): Promise<boolean>\n exportPrivateKeyPkcs8(key: RsaPrivateKey): Promise<Uint8Array>\n exportPrivateKeyJwk(key: RsaPrivateKey): Promise<PrivateRsaKeyJwk>\n exportPublicKeySpki(key: RsaPublicKey): Promise<Uint8Array>\n exportPublicKeyJwk(key: RsaPublicKey): Promise<PublicRsaKeyJwk>\n importPrivateKeyPkcs8(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPrivateKeyJwk(privateKey: PrivateRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPrivateKey>\n importPublicKeySpki(publicKeySpki: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importPublicKeyJwk(publicKey: PublicRsaKeyJwk, algorithmIdentifier: RsaAlgorithm): Promise<RsaPublicKey>\n importKeyPair(privateKeyPkcs8: Uint8Array, algorithmIdentifier: RsaAlgorithm): Promise<RsaKeyPair>\n}\n\ninterface HmacService {\n generateKey(algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n sign(data: Uint8Array, key: HmacKey): Promise<Uint8Array>\n verify(signature: Uint8Array, data: Uint8Array, key: HmacKey): Promise<boolean>\n exportRawKey(key: HmacKey): Promise<Uint8Array>\n importRawKey(rawKey: Uint8Array, algorithmIdentifier: HmacAlgorithm): Promise<HmacKey>\n}\n\ninterface StrongRandomService {\n randomBytes(length: number): Uint8Array\n randomUUID(): string\n}\n\ninterface DigestService {\n sha256(data: Uint8Array): Promise<Uint8Array>\n}\n"]}
@@ -85,7 +85,7 @@ class RSAUtilsImpl {
85
85
  */
86
86
  encrypt(publicKey, plainData) {
87
87
  return new Promise((resolve, reject) => {
88
- this.crypto.subtle.encrypt(this.rsaParams, publicKey, plainData.buffer ? plainData.buffer : plainData).then(resolve, reject); //Node prefers arrayBuffer
88
+ this.crypto.subtle.encrypt(this.rsaParams, publicKey, (0, utils_1.ua2ab)(plainData)).then(resolve, reject);
89
89
  });
90
90
  }
91
91
  /**
@@ -95,7 +95,7 @@ class RSAUtilsImpl {
95
95
  */
96
96
  decrypt(privateKey, encryptedData) {
97
97
  return new Promise((resolve, reject) => {
98
- this.crypto.subtle.decrypt(this.rsaParams, privateKey, encryptedData).then(resolve, reject);
98
+ this.crypto.subtle.decrypt(this.rsaParams, privateKey, (0, utils_1.ua2ab)(encryptedData)).then(resolve, reject);
99
99
  });
100
100
  }
101
101
  /**
@@ -1 +1 @@
1
- {"version":3,"file":"RSA.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RSA.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAA4C;AAO5C,IAAY,UAGX;AAHD,WAAY,UAAU;IACpB,4BAAc,CAAA;IACd,gCAAkB,CAAA;AACpB,CAAC,EAHW,UAAU,0BAAV,UAAU,QAGrB;AAkID,MAAa,YAAY;IA2BvB,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QA1BvI,iCAAiC;QACjC,qBAAqB;QACrB,sBAAsB;QACtB,cAAS,GAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;QACrC,mDAAmD;QACnD,oBAAe,GAAQ;YACrB,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE;SACxB,CAAA;QACD,8BAAyB,GAAQ;YAC/B,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QACgB,kCAA6B,GAAG;YAC/C,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QAKC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;;OAGG;IACH,eAAe,CAAC,UAAsB;QACpC,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;QAE5D,OAAO,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACG,wBAAwB;;YAC5B,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,6BAA6B,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC3G,CAAC;KAAA;IAeD,UAAU,CAAC,OAA2B,EAAE,aAAqB,EAAE,YAAoB;QACjF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,YAAmB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;QACvF,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAoB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;QAE1F,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAgBD,SAAS,CAAC,SAAoB,EAAE,MAAc;QAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAAM,EAAE,EAAE;YAC/E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC9E,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,SAAoB,EAAE,SAAqB;QACjD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA,CAAC,0BAA0B;QACzJ,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,UAAqB,EAAE,aAAyB;QACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC7F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACtH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;QAC3E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;IAC/H,CAAC;IAED,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;QAC7E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,yBAAyB,CAAC,UAAsB;QAC9C,IAAI,UAAU,KAAK,OAAO,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,eAAe,CAAA;QAC7B,CAAC;aAAM,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC,yBAAyB,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;QACpG,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACxH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CACX,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;QAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAuB,EAAE,cAAqB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QACrI,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,eAAsB,EAAE,aAAoB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QAElI,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACG,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;;;OAMG;IACG,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;QACzG,CAAC;KAAA;CACF;AAjPD,oCAiPC;AAEY,QAAA,GAAG,GAAa,IAAI,YAAY,EAAE,CAAA","sourcesContent":["import { ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Represents an RSA KeyPair in a generic format.\n */\nexport type KeyPair<T> = { publicKey: T; privateKey: T }\n\nexport enum ShaVersion {\n Sha1 = 'sha-1',\n Sha256 = 'sha-256',\n}\n\nexport interface RSAUtils {\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>>\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>>\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>>\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer>\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(format: 'jwk' | 'spki' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, keyUsages: KeyUsage[], hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: 'jwk' | 'pkcs8',\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: 'jwk' | 'spki',\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>>\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean>\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean>\n}\n\nexport class RSAUtilsImpl implements RSAUtils {\n /********* RSA Config **********/\n //TODO bigger modulus\n //TODO PSS for signing\n rsaParams: any = { name: 'RSA-OAEP' }\n // RSA params for 'import' and 'generate' function.\n rsaHashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'sha-1' },\n }\n rsaWithSha256HashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n private readonly signatureKeysGenerationParams = {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n\n private crypto: Crypto\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const rsaParams = this.paramsForCreationOrImport(shaVersion)\n\n return new Promise<KeyPair<CryptoKey>>((resolve, reject) => {\n this.crypto.subtle.generateKey(rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n return await this.crypto.subtle.generateKey(this.signatureKeysGenerationParams, true, ['sign', 'verify'])\n }\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n const pubPromise = this.crypto.subtle.exportKey(pubKeyFormat as any, keyPair.publicKey)\n const privPromise = this.crypto.subtle.exportKey(privKeyFormat as any, keyPair.privateKey)\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer> {\n return new Promise((resolve: (value: JsonWebKey | ArrayBuffer) => any, reject) => {\n this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.encrypt(this.rsaParams, publicKey, plainData.buffer ? plainData.buffer : plainData).then(resolve, reject) //Node prefers arrayBuffer\n })\n }\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.decrypt(this.rsaParams, privateKey, encryptedData).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['sign'])\n }\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['verify'])\n }\n\n paramsForCreationOrImport(shaVersion: ShaVersion) {\n if (shaVersion === 'sha-1') {\n return this.rsaHashedParams\n } else if (shaVersion === 'sha-256') {\n return this.rsaWithSha256HashedParams\n } else {\n throw new Error('Unexpected error, invalid SHA version')\n }\n }\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, ['decrypt']).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n const privPromise = this.crypto.subtle.importKey(privateKeyFormat as any, privateKeydata as any, rsaParams, extractable, ['decrypt'])\n const pubPromise = this.crypto.subtle.importKey(publicKeyFormat as any, publicKeyData as any, rsaParams, extractable, ['encrypt'])\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.crypto.subtle.sign({ name: 'RSA-PSS', saltLength: 32 }, privateKey, data)\n }\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.crypto.subtle.verify({ name: 'RSA-PSS', saltLength: 32 }, publicKey, signature, data)\n }\n}\n\nexport const RSA: RSAUtils = new RSAUtilsImpl()\n"]}
1
+ {"version":3,"file":"RSA.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RSA.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAmD;AAOnD,IAAY,UAGX;AAHD,WAAY,UAAU;IACpB,4BAAc,CAAA;IACd,gCAAkB,CAAA;AACpB,CAAC,EAHW,UAAU,0BAAV,UAAU,QAGrB;AAkID,MAAa,YAAY;IA2BvB,YAAY,SAAiB,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,EAAa;QA1BvI,iCAAiC;QACjC,qBAAqB;QACrB,sBAAsB;QACtB,cAAS,GAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;QACrC,mDAAmD;QACnD,oBAAe,GAAQ;YACrB,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE;SACxB,CAAA;QACD,8BAAyB,GAAQ;YAC/B,IAAI,EAAE,UAAU;YAChB,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QACgB,kCAA6B,GAAG;YAC/C,IAAI,EAAE,SAAS;YACf,aAAa,EAAE,IAAI;YACnB,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,EAAE,oFAAoF;YACxI,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;SAC1B,CAAA;QAKC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAED;;;OAGG;IACH,eAAe,CAAC,UAAsB;QACpC,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAe,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;QAE5D,OAAO,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACzD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACG,wBAAwB;;YAC5B,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,6BAA6B,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;QAC3G,CAAC;KAAA;IAeD,UAAU,CAAC,OAA2B,EAAE,aAAqB,EAAE,YAAoB;QACjF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,YAAmB,EAAE,OAAO,CAAC,SAAS,CAAC,CAAA;QACvF,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,aAAoB,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;QAE1F,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAgBD,SAAS,CAAC,SAAoB,EAAE,MAAc;QAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAiD,EAAE,MAAM,EAAE,EAAE;YAC/E,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC9E,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,SAAoB,EAAE,SAAqB;QACjD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAA,aAAK,EAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QAC/F,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,UAAqB,EAAE,aAAyB;QACtD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAoC,EAAE,MAAM,EAAE,EAAE;YAClE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,IAAA,aAAK,EAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACpG,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CACP,MAAgC,EAChC,OAAiC,EACjC,SAAqB,EACrB,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACtH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,kBAAkB,CAAC,MAAuB,EAAE,OAAiC;QAC3E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAA;IAC/H,CAAC;IAED,qBAAqB,CAAC,MAAsB,EAAE,OAAiC;QAC7E,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,IAAI,CAAC,6BAA6B,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,yBAAyB,CAAC,UAAsB;QAC9C,IAAI,UAAU,KAAK,OAAO,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,eAAe,CAAA;QAC7B,CAAC;aAAM,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC,yBAAyB,CAAA;QACvC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,gBAAgB,CAAC,MAAuB,EAAE,OAAiC,EAAE,aAAyB;QACpG,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAkC,EAAE,MAAM,EAAE,EAAE;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;YAC/D,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAa,EAAE,OAAc,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;QACxH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CACX,gBAAwB,EACxB,cAAwC,EACxC,eAAuB,EACvB,aAAuC,EACvC,aAAyB;QAEzB,MAAM,WAAW,GAAG,IAAI,CAAA;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAA;QAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,gBAAuB,EAAE,cAAqB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QACrI,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,eAAsB,EAAE,aAAoB,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,SAAS,CAAC,CAAC,CAAA;QAElI,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,OAAO;YAClE,OAAO;gBACL,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;gBACrB,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;aACvB,CAAA;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACG,oBAAoB,CAAC,OAA2B;;YACpD,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,YAAY,CAAA;gBACzB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,CAAC,CAAA;gBAC3E,MAAM,aAAa,GAAG,IAAA,eAAO,EAAC,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;gBACpG,OAAO,aAAa,KAAK,IAAI,CAAA;YAC/B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,IAAI,CAAC,UAAqB,EAAE,IAAiB;;YACjD,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,CAAA;QAC7F,CAAC;KAAA;IAED;;;;;;OAMG;IACG,eAAe,CAAC,SAAoB,EAAE,SAAsB,EAAE,IAAiB;;YACnF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;QACzG,CAAC;KAAA;CACF;AAjPD,oCAiPC;AAEY,QAAA,GAAG,GAAa,IAAI,YAAY,EAAE,CAAA","sourcesContent":["import { ua2ab, ua2utf8, utf8_2ua } from '../utils'\n\n/**\n * Represents an RSA KeyPair in a generic format.\n */\nexport type KeyPair<T> = { publicKey: T; privateKey: T }\n\nexport enum ShaVersion {\n Sha1 = 'sha-1',\n Sha256 = 'sha-256',\n}\n\nexport interface RSAUtils {\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>>\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>>\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>>\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer>\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer>\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(format: 'jwk' | 'spki' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, keyUsages: KeyUsage[], hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey>\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey>\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: 'jwk' | 'pkcs8',\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: 'jwk' | 'spki',\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>>\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean>\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean>\n}\n\nexport class RSAUtilsImpl implements RSAUtils {\n /********* RSA Config **********/\n //TODO bigger modulus\n //TODO PSS for signing\n rsaParams: any = { name: 'RSA-OAEP' }\n // RSA params for 'import' and 'generate' function.\n rsaHashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'sha-1' },\n }\n rsaWithSha256HashedParams: any = {\n name: 'RSA-OAEP',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n private readonly signatureKeysGenerationParams = {\n name: 'RSA-PSS',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537 (Fermat F4), read http://en.wikipedia.org/wiki/65537_(number)\n hash: { name: 'SHA-256' },\n }\n\n private crypto: Crypto\n\n constructor(crypto: Crypto = typeof window !== 'undefined' ? window.crypto : typeof self !== 'undefined' ? self.crypto : ({} as Crypto)) {\n this.crypto = crypto\n }\n\n /**\n * Generates a key pair for encryption/decryption of data.\n * @param shaVersion the version of the SHA algorithm to use.\n */\n generateKeyPair(shaVersion: ShaVersion): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const keyUsages: KeyUsage[] = ['decrypt', 'encrypt']\n const rsaParams = this.paramsForCreationOrImport(shaVersion)\n\n return new Promise<KeyPair<CryptoKey>>((resolve, reject) => {\n this.crypto.subtle.generateKey(rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n /**\n * Generates a key pair for signing data and signature verification.\n */\n async generateSignatureKeyPair(): Promise<KeyPair<CryptoKey>> {\n return await this.crypto.subtle.generateKey(this.signatureKeysGenerationParams, true, ['sign', 'verify'])\n }\n\n /**\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param keyPair is {publicKey: CryptoKey, privateKey: CryptoKey}\n * @param privKeyFormat will be 'pkcs8' or 'jwk'\n * @param pubKeyFormat will be 'spki' or 'jwk'\n * @returns {Promise} will the AES Key\n */\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'jwk', pubKeyFormat: 'jwk'): Promise<KeyPair<JsonWebKey>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: 'pkcs8', pubKeyFormat: 'spki'): Promise<KeyPair<ArrayBuffer>>\n exportKeys(keyPair: KeyPair<CryptoKey>, privKeyFormat: string, pubKeyFormat: string): Promise<KeyPair<JsonWebKey | ArrayBuffer>> {\n const pubPromise = this.crypto.subtle.exportKey(pubKeyFormat as any, keyPair.publicKey)\n const privPromise = this.crypto.subtle.exportKey(privKeyFormat as any, keyPair.privateKey)\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Format:\n *\n * 'JWK': Json Web key (ref. http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11)\n * 'spki': for private key\n * 'pkcs8': for private Key\n *\n * @param cryptoKey public or private\n * @param format either 'jwk' or 'spki' or 'pkcs8'\n * @returns {Promise|*} will be RSA key (public or private)\n */\n exportKey(cryptoKey: CryptoKey, format: 'jwk'): Promise<JsonWebKey>\n exportKey(cryptoKey: CryptoKey, format: 'spki'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: 'pkcs8'): Promise<ArrayBuffer>\n exportKey(cryptoKey: CryptoKey, format: string): Promise<JsonWebKey | ArrayBuffer> {\n return new Promise((resolve: (value: JsonWebKey | ArrayBuffer) => any, reject) => {\n this.crypto.subtle.exportKey(format as any, cryptoKey).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param publicKey (CryptoKey)\n * @param plainData (Uint8Array)\n */\n encrypt(publicKey: CryptoKey, plainData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.encrypt(this.rsaParams, publicKey, ua2ab(plainData)).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param privateKey (CryptoKey)\n * @param encryptedData (Uint8Array)\n */\n decrypt(privateKey: CryptoKey, encryptedData: Uint8Array): Promise<ArrayBuffer> {\n return new Promise((resolve: (value: ArrayBuffer) => any, reject) => {\n this.crypto.subtle.decrypt(this.rsaParams, privateKey, ua2ab(encryptedData)).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param format 'jwk', 'spki', or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param keyUsages Array of usages. For example, ['encrypt'] for public key.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importKey(\n format: 'jwk' | 'spki' | 'pkcs8',\n keydata: JsonWebKey | ArrayBuffer,\n keyUsages: KeyUsage[],\n hashAlgorithm: ShaVersion\n ): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, keyUsages).then(resolve, reject)\n })\n }\n\n importSignatureKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['sign'])\n }\n\n importVerificationKey(format: 'jwk' | 'spki', keydata: JsonWebKey | ArrayBuffer): Promise<CryptoKey> {\n const extractable = true\n return this.crypto.subtle.importKey(format as any, keydata as any, this.signatureKeysGenerationParams, extractable, ['verify'])\n }\n\n paramsForCreationOrImport(shaVersion: ShaVersion) {\n if (shaVersion === 'sha-1') {\n return this.rsaHashedParams\n } else if (shaVersion === 'sha-256') {\n return this.rsaWithSha256HashedParams\n } else {\n throw new Error('Unexpected error, invalid SHA version')\n }\n }\n\n /**\n *\n * @param format 'jwk' or 'pkcs8'\n * @param keydata should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {*}\n */\n importPrivateKey(format: 'jwk' | 'pkcs8', keydata: JsonWebKey | ArrayBuffer, hashAlgorithm: ShaVersion): Promise<CryptoKey> {\n const extractable = true\n return new Promise((resolve: (value: CryptoKey) => any, reject) => {\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n this.crypto.subtle.importKey(format as any, keydata as any, rsaParams, extractable, ['decrypt']).then(resolve, reject)\n })\n }\n\n /**\n *\n * @param privateKeyFormat 'jwk' or 'pkcs8'\n * @param privateKeydata should be the key data based on the format.\n * @param publicKeyFormat 'jwk' or 'spki'\n * @param publicKeyData should be the key data based on the format.\n * @param hashAlgorithm 'sha-1' or 'sha-256'\n * @returns {Promise|*}\n */\n importKeyPair(\n privateKeyFormat: string,\n privateKeydata: JsonWebKey | ArrayBuffer,\n publicKeyFormat: string,\n publicKeyData: JsonWebKey | ArrayBuffer,\n hashAlgorithm: ShaVersion\n ): Promise<KeyPair<CryptoKey>> {\n const extractable = true\n const rsaParams = this.paramsForCreationOrImport(hashAlgorithm)\n const privPromise = this.crypto.subtle.importKey(privateKeyFormat as any, privateKeydata as any, rsaParams, extractable, ['decrypt'])\n const pubPromise = this.crypto.subtle.importKey(publicKeyFormat as any, publicKeyData as any, rsaParams, extractable, ['encrypt'])\n\n return Promise.all([pubPromise, privPromise]).then(function (results) {\n return {\n publicKey: results[0],\n privateKey: results[1],\n }\n })\n }\n\n /**\n * Tries to encrypt then decrypt data using a keypair. If both operations succeed without throwing an error and the decrypted data matches the\n * original data returns true, else false.\n * @param keyPair a key pair.\n * @return if the key pair could be successfully used to encrypt then decrypt data.\n */\n async checkKeyPairValidity(keyPair: KeyPair<CryptoKey>): Promise<boolean> {\n try {\n const text = 'shibboleth'\n const encryptedText = await this.encrypt(keyPair.publicKey, utf8_2ua(text))\n const decryptedText = ua2utf8(await this.decrypt(keyPair.privateKey, new Uint8Array(encryptedText)))\n return decryptedText === text\n } catch (e) {\n return false\n }\n }\n\n /**\n * Generates a signature for some data. The signature algorithm used is RSA-PSS with SHA-256.\n * @param privateKey private key to use for signature\n * @param data the data to sign\n * @return the signature.\n */\n async sign(privateKey: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer> {\n return await this.crypto.subtle.sign({ name: 'RSA-PSS', saltLength: 32 }, privateKey, data)\n }\n\n /**\n * Verifies if a signature matches the data. The signature algorithm used is RSA-PSS with sha-256.\n * @param publicKey public key to use for signature verification.\n * @param signature the signature to verify\n * @param data the data that was signed\n * @return if the signature matches the data and key.\n */\n async verifySignature(publicKey: CryptoKey, signature: ArrayBuffer, data: ArrayBuffer): Promise<boolean> {\n return await this.crypto.subtle.verify({ name: 'RSA-PSS', saltLength: 32 }, publicKey, signature, data)\n }\n}\n\nexport const RSA: RSAUtils = new RSAUtilsImpl()\n"]}
@@ -80,8 +80,8 @@ class RecoveryDataEncryption {
80
80
  const delegateKeys = {};
81
81
  for (const { pair, algorithm } of pairs) {
82
82
  delegateKeys[(0, utils_1.ua2hex)((0, utils_1.b64_2ua)(pair.publicKey))] = {
83
- privateKey: yield this.primitives.RSA.importKey('pkcs8', (0, utils_1.b64_2ua)(pair.privateKey), ['decrypt'], algorithm),
84
- publicKey: yield this.primitives.RSA.importKey('spki', (0, utils_1.b64_2ua)(pair.publicKey), ['encrypt'], algorithm),
83
+ privateKey: yield this.primitives.RSA.importKey('pkcs8', (0, utils_1.ua2ab)((0, utils_1.b64_2ua)(pair.privateKey)), ['decrypt'], algorithm),
84
+ publicKey: yield this.primitives.RSA.importKey('spki', (0, utils_1.ua2ab)((0, utils_1.b64_2ua)(pair.publicKey)), ['encrypt'], algorithm),
85
85
  };
86
86
  }
87
87
  recoveredKeys[delegateId] = delegateKeys;
@@ -113,9 +113,9 @@ class RecoveryDataEncryption {
113
113
  return {
114
114
  success: getRecoveryDataResult.decryptedJson.map((x) => ({
115
115
  exchangeDataId: x.exchangeDataId,
116
- rawAccessControlSecret: (0, utils_1.b64_2ua)(x.rawAccessControlSecret),
117
- rawSharedSignatureKey: (0, utils_1.b64_2ua)(x.rawSharedSignatureKey),
118
- rawExchangeKey: (0, utils_1.b64_2ua)(x.rawExchangeKey),
116
+ rawAccessControlSecret: (0, utils_1.ua2ab)((0, utils_1.b64_2ua)(x.rawAccessControlSecret)),
117
+ rawSharedSignatureKey: (0, utils_1.ua2ab)((0, utils_1.b64_2ua)(x.rawSharedSignatureKey)),
118
+ rawExchangeKey: (0, utils_1.ua2ab)((0, utils_1.b64_2ua)(x.rawExchangeKey)),
119
119
  })),
120
120
  };
121
121
  });
@@ -1 +1 @@
1
- {"version":3,"file":"RecoveryDataEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RecoveryDataEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,4EAAwE;AACxE,oCAA6G;AAC7G,+CAA2C;AAC3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAK9B,IAAY,4BAmBX;AAnBD,WAAY,4BAA4B;IACtC;;OAEG;IACH,mDAAmB,CAAA;IACnB;;;OAGG;IACH,6DAA6B,CAAA;IAC7B;;OAEG;IACH,4DAA4B,CAAA;IAC5B;;;OAGG;IACH,kEAAkC,CAAA;AACpC,CAAC,EAnBW,4BAA4B,4CAA5B,4BAA4B,QAmBvC;AAaD;;GAEG;AACH,MAAa,sBAAsB;IACjC,YAA6B,UAA4B,EAAmB,eAAmC;QAAlF,eAAU,GAAV,UAAU,CAAkB;QAAmB,oBAAe,GAAf,eAAe,CAAoB;IAAG,CAAC;IAE7G,eAAe,CAAC,WAAmB;;YACvC,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;QAClE,CAAC;KAAA;IAEK,oCAAoC,CACxC,SAAiB,EACjB,QAAyF,EACzF,eAAmC;;YAEnC,MAAM,OAAO,GAA+B,EAAE,CAAA;YAC9C,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,MAAM,OAAO,GAAuD,EAAE,CAAA;gBACtE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;oBACxC,OAAO,CAAC,IAAI,CAAC;wBACX,IAAI,EAAE;4BACJ,UAAU,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BACjF,SAAS,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;yBAC/E;wBACD,SAAS;qBACV,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAA;YAC/B,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAA;QAC/G,CAAC;KAAA;IAEK,iCAAiC,CACrC,WAAmB,EACnB,mBAA4B;;YAE5B,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACnH,IAAI,SAAS,IAAI,qBAAqB,EAAE,CAAC;gBACvC,OAAO,qBAAqB,CAAA;YAC9B,CAAC;iBAAM,CAAC;gBACN,MAAM,iBAAiB,GAAG,qBAAqB,CAAC,aAA2C,CAAA;gBAC3F,MAAM,aAAa,GAA8E,EAAE,CAAA;gBACnG,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACpE,MAAM,YAAY,GAAoD,EAAE,CAAA;oBACxE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;wBACxC,YAAY,CAAC,IAAA,cAAM,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG;4BAC9C,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;4BAC1G,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;yBACxG,CAAA;oBACH,CAAC;oBACD,aAAa,CAAC,UAAU,CAAC,GAAG,YAAY,CAAA;gBAC1C,CAAC;gBACD,IAAI,mBAAmB,EAAE,CAAC;oBACxB,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACjG,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,EAAE,CAAC,CAAA;oBACrE,CAAC,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;YACnC,CAAC;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,SAAiB,EACjB,gBAKG,EACH,eAAmC;;YAEnC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAClC,SAAS,EACT,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EACvC,eAAe,EACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,sBAAsB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,sBAAsB,CAAC;gBACxD,qBAAqB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,qBAAqB,CAAC;gBACtD,cAAc,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,cAAc,CAAC;aACzC,CAAC,CAAC,CACJ,CAAA;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,WAAmB;;YAKnB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;YACxH,IAAI,SAAS,IAAI,qBAAqB;gBAAE,OAAO,qBAAqB,CAAA;YACpE,OAAO;gBACL,OAAO,EAAG,qBAAqB,CAAC,aAAiD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5F,cAAc,EAAE,CAAC,CAAC,cAAc;oBAChC,sBAAsB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,sBAAsB,CAAC;oBACzD,qBAAqB,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,qBAAqB,CAAC;oBACvD,cAAc,EAAE,IAAA,eAAO,EAAC,CAAC,CAAC,cAAc,CAAC;iBAC1C,CAAC,CAAC;aACJ,CAAA;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,WAAmB,EACnB,YAA+B;;YAE/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CACnE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAC5B,CAAC,CAAC,EAAE,EAAE;gBACJ,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC;oBAC1B,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBACzB,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,OAAO,EAAE,CAAA;oBAC1D,CAAC;yBAAM,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBAChC,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,YAAY,EAAE,CAAA;oBAC/D,CAAC;gBACH,CAAC;gBACD,MAAM,CAAC,CAAA;YACT,CAAC,CACF,CAAA;YACD,IAAI,SAAS,IAAI,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAA;YAClC,IAAI,YAAY,CAAC,IAAI,KAAK,YAAY;gBAAE,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,WAAW,EAAE,CAAA;YACpG,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAA;YACrF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,IAAA,iBAAS,EAAC,IAAA,WAAG,EAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC;iBAClH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAA,eAAO,EAAC,CAAC,CAAC,CAAC,CAAC;iBACnC,IAAI,CACH,CAAC,CAAC,EAAoC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,EACzD,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,4BAA4B,CAAC,cAAc,EAAE,CAAC,CACjE,CAAA;YACH,IAAI,SAAS,IAAI,gBAAgB;gBAAE,OAAO,gBAAgB,CAAA;YAC1D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,CAAC,OAAO,EAAE,CAAA;QAClE,CAAC;KAAA;IACK,kBAAkB,CACtB,SAAiB,EACjB,IAAuB,EACvB,eAAmC,EACnC,OAA4B;;YAE5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAA;YACtE,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAA;YACtF,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAA;YACrD,MAAM,aAAa,GAAG,IAAA,WAAG,EAAC,IAAA,iBAAS,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACvH,MAAM,iBAAiB,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3F,MAAM,IAAI,GAAiB,IAAI,2BAAY,CAAC;gBAC1C,EAAE;gBACF,aAAa;gBACb,iBAAiB;gBACjB,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAA;YACnD,OAAO,cAAc,CAAA;QACvB,CAAC;KAAA;CACF;AAvJD,wDAuJC","sourcesContent":["import { KeyPair, ShaVersion } from './RSA'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccRecoveryDataApi } from '../../icc-api/api/internal/IccRecoveryDataApi'\nimport { IccExchangeDataApi } from '../../icc-api/api/internal/IccExchangeDataApi'\nimport { RecoveryData } from '../../icc-api/model/internal/RecoveryData'\nimport { a2b, b2a, b64_2ua, hex2ua, string2ua, ua2b64, ua2hex, ua2string, ua2utf8, utf8_2ua } from '../utils'\nimport { XHR } from '../../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { KeyPairUpdateRequest } from '../maintenance/KeyPairUpdateRequest'\nimport { get } from 'lodash'\n\nexport enum RecoveryDataUseFailureReason {\n /**\n * The recovery data matching the provided recovery key does not exist. It could have been deleted, or it could have been expired.\n */\n Missing = 'MISSING',\n /**\n * The recovery data exists but it is not available to the current user. The user may have used a recovery key that he created while logged in as\n * a different user.\n */\n Unauthorized = 'UNAUTHORIZED',\n /**\n * The recovery data exists and is available to the current user, but it is not of the expected type.\n */\n InvalidType = 'INVALID_TYPE',\n /**\n * The recovery data exists and is available to the current user, but its content could not be interpreted. The data may have been created\n * with an unsupported SDK version.\n */\n InvalidContent = 'INVALID_CONTENT',\n}\n\n// accessControlSecret, sharedSignatureKey, and exchangeKey all raw bytes b64 encoded\ntype ExchangeDataRecoveryDataContent = {\n exchangeDataId: string\n rawAccessControlSecret: string\n rawSharedSignatureKey: string\n rawExchangeKey: string\n}[]\n// delegateId -> { pair: { privateKey: base64pkcs8, publicKey: base64spki }, algorithm: ShaVersion }[]\ntype KeyPairRecoveryDataContent = { [delegateId: string]: { pair: KeyPair<string>; algorithm: ShaVersion }[] }\ntype RecoveryDataContent = KeyPairRecoveryDataContent | ExchangeDataRecoveryDataContent\n\n/**\n * @internal this class is for internal use only and may change without notice.\n */\nexport class RecoveryDataEncryption {\n constructor(private readonly primitives: CryptoPrimitives, private readonly baseRecoveryApi: IccRecoveryDataApi) {}\n\n async recoveryKeyToId(recoveryKey: string): Promise<string> {\n return ua2hex(await this.primitives.sha256(hex2ua(recoveryKey)))\n }\n\n async createAndSaveKeyPairsRecoveryDataFor(\n recipient: string,\n keyPairs: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] },\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n const content: KeyPairRecoveryDataContent = {}\n for (const [delegateId, pairs] of Object.entries(keyPairs)) {\n const entries: { pair: KeyPair<string>; algorithm: ShaVersion }[] = []\n for (const { pair, algorithm } of pairs) {\n entries.push({\n pair: {\n privateKey: ua2b64(await this.primitives.RSA.exportKey(pair.privateKey, 'pkcs8')),\n publicKey: ua2b64(await this.primitives.RSA.exportKey(pair.publicKey, 'spki')),\n },\n algorithm,\n })\n }\n content[delegateId] = entries\n }\n return await this.createRecoveryData(recipient, RecoveryData.Type.KEYPAIR_RECOVERY, lifetimeSeconds, content)\n }\n\n async getAndDecryptKeyPairsRecoveryData(\n recoveryKey: string,\n autoDeleteOnSuccess: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.KEYPAIR_RECOVERY)\n if ('failure' in getRecoveryDataResult) {\n return getRecoveryDataResult\n } else {\n const recoveredKeysData = getRecoveryDataResult.decryptedJson as KeyPairRecoveryDataContent\n const recoveredKeys: { [delegateId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } = {}\n for (const [delegateId, pairs] of Object.entries(recoveredKeysData)) {\n const delegateKeys: { [publicKeySpki: string]: KeyPair<CryptoKey> } = {}\n for (const { pair, algorithm } of pairs) {\n delegateKeys[ua2hex(b64_2ua(pair.publicKey))] = {\n privateKey: await this.primitives.RSA.importKey('pkcs8', b64_2ua(pair.privateKey), ['decrypt'], algorithm),\n publicKey: await this.primitives.RSA.importKey('spki', b64_2ua(pair.publicKey), ['encrypt'], algorithm),\n }\n }\n recoveredKeys[delegateId] = delegateKeys\n }\n if (autoDeleteOnSuccess) {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Failed to auto-delete recovery data, ignoring. ${e}`)\n })\n }\n return { success: recoveredKeys }\n }\n }\n\n async createAndSaveExchangeDataRecoveryData(\n recipient: string,\n exchangeDataInfo: {\n exchangeDataId: string\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n rawExchangeKey: ArrayBuffer\n }[],\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n return await this.createRecoveryData(\n recipient,\n RecoveryData.Type.EXCHANGE_KEY_RECOVERY,\n lifetimeSeconds,\n exchangeDataInfo.map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: ua2b64(x.rawAccessControlSecret),\n rawSharedSignatureKey: ua2b64(x.rawSharedSignatureKey),\n rawExchangeKey: ua2b64(x.rawExchangeKey),\n }))\n )\n }\n\n async getAndDecryptExchangeDataRecoveryData(\n recoveryKey: string\n ): Promise<\n | { success: { exchangeDataId: string; rawAccessControlSecret: ArrayBuffer; rawSharedSignatureKey: ArrayBuffer; rawExchangeKey: ArrayBuffer }[] }\n | { failure: RecoveryDataUseFailureReason }\n > {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.EXCHANGE_KEY_RECOVERY)\n if ('failure' in getRecoveryDataResult) return getRecoveryDataResult\n return {\n success: (getRecoveryDataResult.decryptedJson as ExchangeDataRecoveryDataContent).map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: b64_2ua(x.rawAccessControlSecret),\n rawSharedSignatureKey: b64_2ua(x.rawSharedSignatureKey),\n rawExchangeKey: b64_2ua(x.rawExchangeKey),\n })),\n }\n }\n\n async getRecoveryDataAndDecrypt(\n recoveryKey: string,\n expectedType: RecoveryData.Type\n ): Promise<{ recoveryData: RecoveryData; decryptedJson: any } | { failure: RecoveryDataUseFailureReason }> {\n const id = await this.recoveryKeyToId(recoveryKey)\n const getResult = await this.baseRecoveryApi.getRecoveryData(id).then(\n (r) => ({ recoveryData: r }),\n (e) => {\n if (e instanceof XHRError) {\n if (e.statusCode === 404) {\n return { failure: RecoveryDataUseFailureReason.Missing }\n } else if (e.statusCode === 403) {\n return { failure: RecoveryDataUseFailureReason.Unauthorized }\n }\n }\n throw e\n }\n )\n if ('failure' in getResult) return getResult\n const { recoveryData } = getResult\n if (recoveryData.type !== expectedType) return { failure: RecoveryDataUseFailureReason.InvalidType }\n const decryptionKey = await this.primitives.AES.importKey('raw', hex2ua(recoveryKey))\n const decryptionResult = await this.primitives.AES.decrypt(decryptionKey, string2ua(a2b(recoveryData.encryptedSelf)))\n .then((d) => JSON.parse(ua2utf8(d)))\n .then(\n (r): { success: RecoveryDataContent } => ({ success: r }),\n () => ({ failure: RecoveryDataUseFailureReason.InvalidContent })\n )\n if ('failure' in decryptionResult) return decryptionResult\n return { recoveryData, decryptedJson: decryptionResult.success }\n }\n async createRecoveryData(\n recipient: string,\n type: RecoveryData.Type,\n lifetimeSeconds: number | undefined,\n content: RecoveryDataContent\n ): Promise<string> {\n const recoveryKey = await this.primitives.AES.generateCryptoKey(false)\n const recoveryKeyHex = ua2hex(await this.primitives.AES.exportKey(recoveryKey, 'raw'))\n const id = await this.recoveryKeyToId(recoveryKeyHex)\n const encryptedSelf = b2a(ua2string(await this.primitives.AES.encrypt(recoveryKey, utf8_2ua(JSON.stringify(content)))))\n const expirationInstant = lifetimeSeconds ? Date.now() + lifetimeSeconds * 1000 : undefined\n const data: RecoveryData = new RecoveryData({\n id,\n encryptedSelf,\n expirationInstant,\n recipient,\n type,\n })\n await this.baseRecoveryApi.createRecoveryData(data)\n return recoveryKeyHex\n }\n}\n"]}
1
+ {"version":3,"file":"RecoveryDataEncryption.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/RecoveryDataEncryption.ts"],"names":[],"mappings":";;;;;;;;;;;;AAIA,4EAAwE;AACxE,oCAAoH;AACpH,+CAA2C;AAC3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAK9B,IAAY,4BAmBX;AAnBD,WAAY,4BAA4B;IACtC;;OAEG;IACH,mDAAmB,CAAA;IACnB;;;OAGG;IACH,6DAA6B,CAAA;IAC7B;;OAEG;IACH,4DAA4B,CAAA;IAC5B;;;OAGG;IACH,kEAAkC,CAAA;AACpC,CAAC,EAnBW,4BAA4B,4CAA5B,4BAA4B,QAmBvC;AAaD;;GAEG;AACH,MAAa,sBAAsB;IACjC,YAA6B,UAA4B,EAAmB,eAAmC;QAAlF,eAAU,GAAV,UAAU,CAAkB;QAAmB,oBAAe,GAAf,eAAe,CAAoB;IAAG,CAAC;IAE7G,eAAe,CAAC,WAAmB;;YACvC,OAAO,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAC,CAAA;QAClE,CAAC;KAAA;IAEK,oCAAoC,CACxC,SAAiB,EACjB,QAAyF,EACzF,eAAmC;;YAEnC,MAAM,OAAO,GAA+B,EAAE,CAAA;YAC9C,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,MAAM,OAAO,GAAuD,EAAE,CAAA;gBACtE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;oBACxC,OAAO,CAAC,IAAI,CAAC;wBACX,IAAI,EAAE;4BACJ,UAAU,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;4BACjF,SAAS,EAAE,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;yBAC/E;wBACD,SAAS;qBACV,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAA;YAC/B,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,eAAe,EAAE,OAAO,CAAC,CAAA;QAC/G,CAAC;KAAA;IAEK,iCAAiC,CACrC,WAAmB,EACnB,mBAA4B;;YAE5B,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACnH,IAAI,SAAS,IAAI,qBAAqB,EAAE,CAAC;gBACvC,OAAO,qBAAqB,CAAA;YAC9B,CAAC;iBAAM,CAAC;gBACN,MAAM,iBAAiB,GAAG,qBAAqB,CAAC,aAA2C,CAAA;gBAC3F,MAAM,aAAa,GAA8E,EAAE,CAAA;gBACnG,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;oBACpE,MAAM,YAAY,GAAoD,EAAE,CAAA;oBACxE,KAAK,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,KAAK,EAAE,CAAC;wBACxC,YAAY,CAAC,IAAA,cAAM,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG;4BAC9C,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,IAAA,aAAK,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;4BACjH,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,aAAK,EAAC,IAAA,eAAO,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC;yBAC/G,CAAA;oBACH,CAAC;oBACD,aAAa,CAAC,UAAU,CAAC,GAAG,YAAY,CAAA;gBAC1C,CAAC;gBACD,IAAI,mBAAmB,EAAE,CAAC;oBACxB,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACjG,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,EAAE,CAAC,CAAA;oBACrE,CAAC,CAAC,CAAA;gBACJ,CAAC;gBACD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;YACnC,CAAC;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,SAAiB,EACjB,gBAKG,EACH,eAAmC;;YAEnC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAClC,SAAS,EACT,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EACvC,eAAe,EACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,sBAAsB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,sBAAsB,CAAC;gBACxD,qBAAqB,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,qBAAqB,CAAC;gBACtD,cAAc,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,cAAc,CAAC;aACzC,CAAC,CAAC,CACJ,CAAA;QACH,CAAC;KAAA;IAEK,qCAAqC,CACzC,WAAmB;;YAKnB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,WAAW,EAAE,2BAAY,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;YACxH,IAAI,SAAS,IAAI,qBAAqB;gBAAE,OAAO,qBAAqB,CAAA;YACpE,OAAO;gBACL,OAAO,EAAG,qBAAqB,CAAC,aAAiD,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5F,cAAc,EAAE,CAAC,CAAC,cAAc;oBAChC,sBAAsB,EAAE,IAAA,aAAK,EAAC,IAAA,eAAO,EAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC;oBAChE,qBAAqB,EAAE,IAAA,aAAK,EAAC,IAAA,eAAO,EAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC;oBAC9D,cAAc,EAAE,IAAA,aAAK,EAAC,IAAA,eAAO,EAAC,CAAC,CAAC,cAAc,CAAC,CAAC;iBACjD,CAAC,CAAC;aACJ,CAAA;QACH,CAAC;KAAA;IAEK,yBAAyB,CAC7B,WAAmB,EACnB,YAA+B;;YAE/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CACnE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAC5B,CAAC,CAAC,EAAE,EAAE;gBACJ,IAAI,CAAC,YAAY,QAAQ,EAAE,CAAC;oBAC1B,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBACzB,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,OAAO,EAAE,CAAA;oBAC1D,CAAC;yBAAM,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;wBAChC,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,YAAY,EAAE,CAAA;oBAC/D,CAAC;gBACH,CAAC;gBACD,MAAM,CAAC,CAAA;YACT,CAAC,CACF,CAAA;YACD,IAAI,SAAS,IAAI,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC5C,MAAM,EAAE,YAAY,EAAE,GAAG,SAAS,CAAA;YAClC,IAAI,YAAY,CAAC,IAAI,KAAK,YAAY;gBAAE,OAAO,EAAE,OAAO,EAAE,4BAA4B,CAAC,WAAW,EAAE,CAAA;YACpG,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,IAAA,cAAM,EAAC,WAAW,CAAC,CAAC,CAAA;YACrF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,IAAA,iBAAS,EAAC,IAAA,WAAG,EAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC;iBAClH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAA,eAAO,EAAC,CAAC,CAAC,CAAC,CAAC;iBACnC,IAAI,CACH,CAAC,CAAC,EAAoC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,EACzD,GAAG,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,4BAA4B,CAAC,cAAc,EAAE,CAAC,CACjE,CAAA;YACH,IAAI,SAAS,IAAI,gBAAgB;gBAAE,OAAO,gBAAgB,CAAA;YAC1D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,CAAC,OAAO,EAAE,CAAA;QAClE,CAAC;KAAA;IACK,kBAAkB,CACtB,SAAiB,EACjB,IAAuB,EACvB,eAAmC,EACnC,OAA4B;;YAE5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAA;YACtE,MAAM,cAAc,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAA;YACtF,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,CAAA;YACrD,MAAM,aAAa,GAAG,IAAA,WAAG,EAAC,IAAA,iBAAS,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,IAAA,gBAAQ,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACvH,MAAM,iBAAiB,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAA;YAC3F,MAAM,IAAI,GAAiB,IAAI,2BAAY,CAAC;gBAC1C,EAAE;gBACF,aAAa;gBACb,iBAAiB;gBACjB,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAA;YACnD,OAAO,cAAc,CAAA;QACvB,CAAC;KAAA;CACF;AAvJD,wDAuJC","sourcesContent":["import { KeyPair, ShaVersion } from './RSA'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { IccRecoveryDataApi } from '../../icc-api/api/internal/IccRecoveryDataApi'\nimport { IccExchangeDataApi } from '../../icc-api/api/internal/IccExchangeDataApi'\nimport { RecoveryData } from '../../icc-api/model/internal/RecoveryData'\nimport { a2b, b2a, b64_2ua, hex2ua, string2ua, ua2ab, ua2b64, ua2hex, ua2string, ua2utf8, utf8_2ua } from '../utils'\nimport { XHR } from '../../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { KeyPairUpdateRequest } from '../maintenance/KeyPairUpdateRequest'\nimport { get } from 'lodash'\n\nexport enum RecoveryDataUseFailureReason {\n /**\n * The recovery data matching the provided recovery key does not exist. It could have been deleted, or it could have been expired.\n */\n Missing = 'MISSING',\n /**\n * The recovery data exists but it is not available to the current user. The user may have used a recovery key that he created while logged in as\n * a different user.\n */\n Unauthorized = 'UNAUTHORIZED',\n /**\n * The recovery data exists and is available to the current user, but it is not of the expected type.\n */\n InvalidType = 'INVALID_TYPE',\n /**\n * The recovery data exists and is available to the current user, but its content could not be interpreted. The data may have been created\n * with an unsupported SDK version.\n */\n InvalidContent = 'INVALID_CONTENT',\n}\n\n// accessControlSecret, sharedSignatureKey, and exchangeKey all raw bytes b64 encoded\ntype ExchangeDataRecoveryDataContent = {\n exchangeDataId: string\n rawAccessControlSecret: string\n rawSharedSignatureKey: string\n rawExchangeKey: string\n}[]\n// delegateId -> { pair: { privateKey: base64pkcs8, publicKey: base64spki }, algorithm: ShaVersion }[]\ntype KeyPairRecoveryDataContent = { [delegateId: string]: { pair: KeyPair<string>; algorithm: ShaVersion }[] }\ntype RecoveryDataContent = KeyPairRecoveryDataContent | ExchangeDataRecoveryDataContent\n\n/**\n * @internal this class is for internal use only and may change without notice.\n */\nexport class RecoveryDataEncryption {\n constructor(private readonly primitives: CryptoPrimitives, private readonly baseRecoveryApi: IccRecoveryDataApi) {}\n\n async recoveryKeyToId(recoveryKey: string): Promise<string> {\n return ua2hex(await this.primitives.sha256(hex2ua(recoveryKey)))\n }\n\n async createAndSaveKeyPairsRecoveryDataFor(\n recipient: string,\n keyPairs: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] },\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n const content: KeyPairRecoveryDataContent = {}\n for (const [delegateId, pairs] of Object.entries(keyPairs)) {\n const entries: { pair: KeyPair<string>; algorithm: ShaVersion }[] = []\n for (const { pair, algorithm } of pairs) {\n entries.push({\n pair: {\n privateKey: ua2b64(await this.primitives.RSA.exportKey(pair.privateKey, 'pkcs8')),\n publicKey: ua2b64(await this.primitives.RSA.exportKey(pair.publicKey, 'spki')),\n },\n algorithm,\n })\n }\n content[delegateId] = entries\n }\n return await this.createRecoveryData(recipient, RecoveryData.Type.KEYPAIR_RECOVERY, lifetimeSeconds, content)\n }\n\n async getAndDecryptKeyPairsRecoveryData(\n recoveryKey: string,\n autoDeleteOnSuccess: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.KEYPAIR_RECOVERY)\n if ('failure' in getRecoveryDataResult) {\n return getRecoveryDataResult\n } else {\n const recoveredKeysData = getRecoveryDataResult.decryptedJson as KeyPairRecoveryDataContent\n const recoveredKeys: { [delegateId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } = {}\n for (const [delegateId, pairs] of Object.entries(recoveredKeysData)) {\n const delegateKeys: { [publicKeySpki: string]: KeyPair<CryptoKey> } = {}\n for (const { pair, algorithm } of pairs) {\n delegateKeys[ua2hex(b64_2ua(pair.publicKey))] = {\n privateKey: await this.primitives.RSA.importKey('pkcs8', ua2ab(b64_2ua(pair.privateKey)), ['decrypt'], algorithm),\n publicKey: await this.primitives.RSA.importKey('spki', ua2ab(b64_2ua(pair.publicKey)), ['encrypt'], algorithm),\n }\n }\n recoveredKeys[delegateId] = delegateKeys\n }\n if (autoDeleteOnSuccess) {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Failed to auto-delete recovery data, ignoring. ${e}`)\n })\n }\n return { success: recoveredKeys }\n }\n }\n\n async createAndSaveExchangeDataRecoveryData(\n recipient: string,\n exchangeDataInfo: {\n exchangeDataId: string\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n rawExchangeKey: ArrayBuffer\n }[],\n lifetimeSeconds: number | undefined\n ): Promise<string> {\n return await this.createRecoveryData(\n recipient,\n RecoveryData.Type.EXCHANGE_KEY_RECOVERY,\n lifetimeSeconds,\n exchangeDataInfo.map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: ua2b64(x.rawAccessControlSecret),\n rawSharedSignatureKey: ua2b64(x.rawSharedSignatureKey),\n rawExchangeKey: ua2b64(x.rawExchangeKey),\n }))\n )\n }\n\n async getAndDecryptExchangeDataRecoveryData(\n recoveryKey: string\n ): Promise<\n | { success: { exchangeDataId: string; rawAccessControlSecret: ArrayBuffer; rawSharedSignatureKey: ArrayBuffer; rawExchangeKey: ArrayBuffer }[] }\n | { failure: RecoveryDataUseFailureReason }\n > {\n const getRecoveryDataResult = await this.getRecoveryDataAndDecrypt(recoveryKey, RecoveryData.Type.EXCHANGE_KEY_RECOVERY)\n if ('failure' in getRecoveryDataResult) return getRecoveryDataResult\n return {\n success: (getRecoveryDataResult.decryptedJson as ExchangeDataRecoveryDataContent).map((x) => ({\n exchangeDataId: x.exchangeDataId,\n rawAccessControlSecret: ua2ab(b64_2ua(x.rawAccessControlSecret)),\n rawSharedSignatureKey: ua2ab(b64_2ua(x.rawSharedSignatureKey)),\n rawExchangeKey: ua2ab(b64_2ua(x.rawExchangeKey)),\n })),\n }\n }\n\n async getRecoveryDataAndDecrypt(\n recoveryKey: string,\n expectedType: RecoveryData.Type\n ): Promise<{ recoveryData: RecoveryData; decryptedJson: any } | { failure: RecoveryDataUseFailureReason }> {\n const id = await this.recoveryKeyToId(recoveryKey)\n const getResult = await this.baseRecoveryApi.getRecoveryData(id).then(\n (r) => ({ recoveryData: r }),\n (e) => {\n if (e instanceof XHRError) {\n if (e.statusCode === 404) {\n return { failure: RecoveryDataUseFailureReason.Missing }\n } else if (e.statusCode === 403) {\n return { failure: RecoveryDataUseFailureReason.Unauthorized }\n }\n }\n throw e\n }\n )\n if ('failure' in getResult) return getResult\n const { recoveryData } = getResult\n if (recoveryData.type !== expectedType) return { failure: RecoveryDataUseFailureReason.InvalidType }\n const decryptionKey = await this.primitives.AES.importKey('raw', hex2ua(recoveryKey))\n const decryptionResult = await this.primitives.AES.decrypt(decryptionKey, string2ua(a2b(recoveryData.encryptedSelf)))\n .then((d) => JSON.parse(ua2utf8(d)))\n .then(\n (r): { success: RecoveryDataContent } => ({ success: r }),\n () => ({ failure: RecoveryDataUseFailureReason.InvalidContent })\n )\n if ('failure' in decryptionResult) return decryptionResult\n return { recoveryData, decryptedJson: decryptionResult.success }\n }\n async createRecoveryData(\n recipient: string,\n type: RecoveryData.Type,\n lifetimeSeconds: number | undefined,\n content: RecoveryDataContent\n ): Promise<string> {\n const recoveryKey = await this.primitives.AES.generateCryptoKey(false)\n const recoveryKeyHex = ua2hex(await this.primitives.AES.exportKey(recoveryKey, 'raw'))\n const id = await this.recoveryKeyToId(recoveryKeyHex)\n const encryptedSelf = b2a(ua2string(await this.primitives.AES.encrypt(recoveryKey, utf8_2ua(JSON.stringify(content)))))\n const expirationInstant = lifetimeSeconds ? Date.now() + lifetimeSeconds * 1000 : undefined\n const data: RecoveryData = new RecoveryData({\n id,\n encryptedSelf,\n expirationInstant,\n recipient,\n type,\n })\n await this.baseRecoveryApi.createRecoveryData(data)\n return recoveryKeyHex\n }\n}\n"]}
@@ -192,7 +192,7 @@ class SecureDelegationsManager {
192
192
  const currFp = (0, utils_1.fingerprintV2)(keyHex);
193
193
  const shaVersion = delegateInfo.availablePublicKeysHexWithSha1.includes(keyHex) ? RSA_1.ShaVersion.Sha1 : RSA_1.ShaVersion.Sha256;
194
194
  if (fingerprintsOfVerifiedExchangeData.has(currFp)) {
195
- delegateVerifiedKeys[currFp] = yield this.primitives.RSA.importKey('spki', (0, utils_2.hex2ua)(keyHex), ['encrypt'], shaVersion);
195
+ delegateVerifiedKeys[currFp] = yield this.primitives.RSA.importKey('spki', (0, utils_2.ua2ab)((0, utils_2.hex2ua)(keyHex)), ['encrypt'], shaVersion);
196
196
  }
197
197
  }
198
198
  if (!Object.keys(delegateVerifiedKeys).length)