@libp2p/keychain 0.6.1

package/dist/src/index.js

@@ -0,0 +1,505 @@
+/* eslint max-nested-callbacks: ["error", 5] */
+import { logger } from '@libp2p/logger';
+import sanitize from 'sanitize-filename';
+import mergeOptions from 'merge-options';
+import { Key } from 'interface-datastore/key';
+import { CMS } from './cms.js';
+import errCode from 'err-code';
+import { codes } from './errors.js';
+import { toString as uint8ArrayToString } from 'uint8arrays/to-string';
+import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string';
+import { generateKeyPair, importKey, unmarshalPrivateKey } from '@libp2p/crypto/keys';
+import { pbkdf2, randomBytes } from '@libp2p/crypto';
+import { peerIdFromKeys } from '@libp2p/peer-id';
+const log = logger('libp2p:keychain');
+const keyPrefix = '/pkcs8/';
+const infoPrefix = '/info/';
+const privates = new WeakMap();
+// NIST SP 800-132
+const NIST = {
+    minKeyLength: 112 / 8,
+    minSaltLength: 128 / 8,
+    minIterationCount: 1000
+};
+const defaultOptions = {
+    // See https://cryptosense.com/parametesr-choice-for-pbkdf2/
+    dek: {
+        keyLength: 512 / 8,
+        iterationCount: 10000,
+        salt: 'you should override this value with a crypto secure random number',
+        hash: 'sha2-512'
+    }
+};
+function validateKeyName(name) {
+    if (name == null) {
+        return false;
+    }
+    if (typeof name !== 'string') {
+        return false;
+    }
+    return name === sanitize(name.trim()) && name.length > 0;
+}
+/**
+ * Throws an error after a delay
+ *
+ * This assumes than an error indicates that the keychain is under attack. Delay returning an
+ * error to make brute force attacks harder.
+ */
+async function randomDelay() {
+    const min = 200;
+    const max = 1000;
+    const delay = Math.random() * (max - min) + min;
+    await new Promise(resolve => setTimeout(resolve, delay));
+}
+/**
+ * Converts a key name into a datastore name
+ */
+function DsName(name) {
+    return new Key(keyPrefix + name);
+}
+/**
+ * Converts a key name into a datastore info name
+ */
+function DsInfoName(name) {
+    return new Key(infoPrefix + name);
+}
+/**
+ * Manages the lifecycle of a key. Keys are encrypted at rest using PKCS #8.
+ *
+ * A key in the store has two entries
+ * - '/info/*key-name*', contains the KeyInfo for the key
+ * - '/pkcs8/*key-name*', contains the PKCS #8 for the key
+ *
+ */
+export class KeyChain {
+    /**
+     * Creates a new instance of a key chain
+     */
+    constructor(components, init) {
+        this.components = components;
+        this.init = mergeOptions(defaultOptions, init);
+        // Enforce NIST SP 800-132
+        if (this.init.pass != null && this.init.pass?.length < 20) {
+            throw new Error('pass must be least 20 characters');
+        }
+        if (this.init.dek?.keyLength != null && this.init.dek.keyLength < NIST.minKeyLength) {
+            throw new Error(`dek.keyLength must be least ${NIST.minKeyLength} bytes`);
+        }
+        if (this.init.dek?.salt?.length != null && this.init.dek.salt.length < NIST.minSaltLength) {
+            throw new Error(`dek.saltLength must be least ${NIST.minSaltLength} bytes`);
+        }
+        if (this.init.dek?.iterationCount != null && this.init.dek.iterationCount < NIST.minIterationCount) {
+            throw new Error(`dek.iterationCount must be least ${NIST.minIterationCount}`);
+        }
+        const dek = this.init.pass != null && this.init.dek?.salt != null
+            ? pbkdf2(this.init.pass, this.init.dek?.salt, this.init.dek?.iterationCount, this.init.dek?.keyLength, this.init.dek?.hash)
+            : '';
+        privates.set(this, { dek });
+    }
+    /**
+     * Gets an object that can encrypt/decrypt protected data
+     * using the Cryptographic Message Syntax (CMS).
+     *
+     * CMS describes an encapsulation syntax for data protection. It
+     * is used to digitally sign, digest, authenticate, or encrypt
+     * arbitrary message content
+     */
+    get cms() {
+        const cached = privates.get(this);
+        if (cached == null) {
+            throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+        }
+        const dek = cached.dek;
+        return new CMS(this, dek);
+    }
+    /**
+     * Generates the options for a keychain.  A random salt is produced.
+     *
+     * @returns {object}
+     */
+    static generateOptions() {
+        const options = Object.assign({}, defaultOptions);
+        const saltLength = Math.ceil(NIST.minSaltLength / 3) * 3; // no base64 padding
+        options.dek.salt = uint8ArrayToString(randomBytes(saltLength), 'base64');
+        return options;
+    }
+    /**
+     * Gets an object that can encrypt/decrypt protected data.
+     * The default options for a keychain.
+     *
+     * @returns {object}
+     */
+    static get options() {
+        return defaultOptions;
+    }
+    /**
+     * Create a new key.
+     *
+     * @param {string} name - The local key name; cannot already exist.
+     * @param {string} type - One of the key types; 'rsa'.
+     * @param {number} [size = 2048] - The key size in bits. Used for rsa keys only
+     */
+    async createKey(name, type, size = 2048) {
+        if (!validateKeyName(name) || name === 'self') {
+            await randomDelay();
+            throw errCode(new Error('Invalid key name'), codes.ERR_INVALID_KEY_NAME);
+        }
+        if (typeof type !== 'string') {
+            await randomDelay();
+            throw errCode(new Error('Invalid key type'), codes.ERR_INVALID_KEY_TYPE);
+        }
+        const dsname = DsName(name);
+        const exists = await this.components.datastore.has(dsname);
+        if (exists) {
+            await randomDelay();
+            throw errCode(new Error('Key name already exists'), codes.ERR_KEY_ALREADY_EXISTS);
+        }
+        switch (type.toLowerCase()) {
+            case 'rsa':
+                if (!Number.isSafeInteger(size) || size < 2048) {
+                    await randomDelay();
+                    throw errCode(new Error('Invalid RSA key size'), codes.ERR_INVALID_KEY_SIZE);
+                }
+                break;
+            default:
+                break;
+        }
+        let keyInfo;
+        try {
+            const keypair = await generateKeyPair(type, size);
+            const kid = await keypair.id();
+            const cached = privates.get(this);
+            if (cached == null) {
+                throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+            }
+            const dek = cached.dek;
+            const pem = await keypair.export(dek);
+            keyInfo = {
+                name: name,
+                id: kid
+            };
+            const batch = this.components.datastore.batch();
+            batch.put(dsname, uint8ArrayFromString(pem));
+            batch.put(DsInfoName(name), uint8ArrayFromString(JSON.stringify(keyInfo)));
+            await batch.commit();
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+        return keyInfo;
+    }
+    /**
+     * List all the keys.
+     *
+     * @returns {Promise<KeyInfo[]>}
+     */
+    async listKeys() {
+        const query = {
+            prefix: infoPrefix
+        };
+        const info = [];
+        for await (const value of this.components.datastore.query(query)) {
+            info.push(JSON.parse(uint8ArrayToString(value.value)));
+        }
+        return info;
+    }
+    /**
+     * Find a key by it's id
+     */
+    async findKeyById(id) {
+        try {
+            const keys = await this.listKeys();
+            return keys.find((k) => k.id === id);
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+    }
+    /**
+     * Find a key by it's name.
+     *
+     * @param {string} name - The local key name.
+     * @returns {Promise<KeyInfo>}
+     */
+    async findKeyByName(name) {
+        if (!validateKeyName(name)) {
+            await randomDelay();
+            throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+        }
+        const dsname = DsInfoName(name);
+        try {
+            const res = await this.components.datastore.get(dsname);
+            return JSON.parse(uint8ArrayToString(res));
+        }
+        catch (err) {
+            await randomDelay();
+            log.error(err);
+            throw errCode(new Error(`Key '${name}' does not exist.`), codes.ERR_KEY_NOT_FOUND);
+        }
+    }
+    /**
+     * Remove an existing key.
+     *
+     * @param {string} name - The local key name; must already exist.
+     * @returns {Promise<KeyInfo>}
+     */
+    async removeKey(name) {
+        if (!validateKeyName(name) || name === 'self') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+        }
+        const dsname = DsName(name);
+        const keyInfo = await this.findKeyByName(name);
+        const batch = this.components.datastore.batch();
+        batch.delete(dsname);
+        batch.delete(DsInfoName(name));
+        await batch.commit();
+        return keyInfo;
+    }
+    /**
+     * Rename a key
+     *
+     * @param {string} oldName - The old local key name; must already exist.
+     * @param {string} newName - The new local key name; must not already exist.
+     * @returns {Promise<KeyInfo>}
+     */
+    async renameKey(oldName, newName) {
+        if (!validateKeyName(oldName) || oldName === 'self') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid old key name '${oldName}'`), codes.ERR_OLD_KEY_NAME_INVALID);
+        }
+        if (!validateKeyName(newName) || newName === 'self') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid new key name '${newName}'`), codes.ERR_NEW_KEY_NAME_INVALID);
+        }
+        const oldDsname = DsName(oldName);
+        const newDsname = DsName(newName);
+        const oldInfoName = DsInfoName(oldName);
+        const newInfoName = DsInfoName(newName);
+        const exists = await this.components.datastore.has(newDsname);
+        if (exists) {
+            await randomDelay();
+            throw errCode(new Error(`Key '${newName}' already exists`), codes.ERR_KEY_ALREADY_EXISTS);
+        }
+        try {
+            const pem = await this.components.datastore.get(oldDsname);
+            const res = await this.components.datastore.get(oldInfoName);
+            const keyInfo = JSON.parse(uint8ArrayToString(res));
+            keyInfo.name = newName;
+            const batch = this.components.datastore.batch();
+            batch.put(newDsname, pem);
+            batch.put(newInfoName, uint8ArrayFromString(JSON.stringify(keyInfo)));
+            batch.delete(oldDsname);
+            batch.delete(oldInfoName);
+            await batch.commit();
+            return keyInfo;
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+    }
+    /**
+     * Export an existing key as a PEM encrypted PKCS #8 string
+     */
+    async exportKey(name, password) {
+        if (!validateKeyName(name)) {
+            await randomDelay();
+            throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+        }
+        if (password == null) {
+            await randomDelay();
+            throw errCode(new Error('Password is required'), codes.ERR_PASSWORD_REQUIRED);
+        }
+        const dsname = DsName(name);
+        try {
+            const res = await this.components.datastore.get(dsname);
+            const pem = uint8ArrayToString(res);
+            const cached = privates.get(this);
+            if (cached == null) {
+                throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+            }
+            const dek = cached.dek;
+            const privateKey = await importKey(pem, dek);
+            return await privateKey.export(password);
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+    }
+    /**
+     * Export an existing key as a PeerId
+     */
+    async exportPeerId(name) {
+        const password = 'temporary-password';
+        const pem = await this.exportKey(name, password);
+        const privateKey = await importKey(pem, password);
+        return await peerIdFromKeys(privateKey.public.bytes, privateKey.bytes);
+    }
+    /**
+     * Import a new key from a PEM encoded PKCS #8 string
+     *
+     * @param {string} name - The local key name; must not already exist.
+     * @param {string} pem - The PEM encoded PKCS #8 string
+     * @param {string} password - The password.
+     * @returns {Promise<KeyInfo>}
+     */
+    async importKey(name, pem, password) {
+        if (!validateKeyName(name) || name === 'self') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+        }
+        if (pem == null) {
+            await randomDelay();
+            throw errCode(new Error('PEM encoded key is required'), codes.ERR_PEM_REQUIRED);
+        }
+        const dsname = DsName(name);
+        const exists = await this.components.datastore.has(dsname);
+        if (exists) {
+            await randomDelay();
+            throw errCode(new Error(`Key '${name}' already exists`), codes.ERR_KEY_ALREADY_EXISTS);
+        }
+        let privateKey;
+        try {
+            privateKey = await importKey(pem, password);
+        }
+        catch (err) {
+            await randomDelay();
+            throw errCode(new Error('Cannot read the key, most likely the password is wrong'), codes.ERR_CANNOT_READ_KEY);
+        }
+        let kid;
+        try {
+            kid = await privateKey.id();
+            const cached = privates.get(this);
+            if (cached == null) {
+                throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+            }
+            const dek = cached.dek;
+            pem = await privateKey.export(dek);
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+        const keyInfo = {
+            name: name,
+            id: kid
+        };
+        const batch = this.components.datastore.batch();
+        batch.put(dsname, uint8ArrayFromString(pem));
+        batch.put(DsInfoName(name), uint8ArrayFromString(JSON.stringify(keyInfo)));
+        await batch.commit();
+        return keyInfo;
+    }
+    /**
+     * Import a peer key
+     */
+    async importPeer(name, peer) {
+        try {
+            if (!validateKeyName(name)) {
+                throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+            }
+            if (peer == null) {
+                throw errCode(new Error('PeerId is required'), codes.ERR_MISSING_PRIVATE_KEY);
+            }
+            if (peer.privateKey == null) {
+                throw errCode(new Error('PeerId.privKey is required'), codes.ERR_MISSING_PRIVATE_KEY);
+            }
+            const privateKey = await unmarshalPrivateKey(peer.privateKey);
+            const dsname = DsName(name);
+            const exists = await this.components.datastore.has(dsname);
+            if (exists) {
+                await randomDelay();
+                throw errCode(new Error(`Key '${name}' already exists`), codes.ERR_KEY_ALREADY_EXISTS);
+            }
+            const cached = privates.get(this);
+            if (cached == null) {
+                throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+            }
+            const dek = cached.dek;
+            const pem = await privateKey.export(dek);
+            const keyInfo = {
+                name: name,
+                id: peer.toString()
+            };
+            const batch = this.components.datastore.batch();
+            batch.put(dsname, uint8ArrayFromString(pem));
+            batch.put(DsInfoName(name), uint8ArrayFromString(JSON.stringify(keyInfo)));
+            await batch.commit();
+            return keyInfo;
+        }
+        catch (err) {
+            await randomDelay();
+            throw err;
+        }
+    }
+    /**
+     * Gets the private key as PEM encoded PKCS #8 string
+     */
+    async getPrivateKey(name) {
+        if (!validateKeyName(name)) {
+            await randomDelay();
+            throw errCode(new Error(`Invalid key name '${name}'`), codes.ERR_INVALID_KEY_NAME);
+        }
+        try {
+            const dsname = DsName(name);
+            const res = await this.components.datastore.get(dsname);
+            return uint8ArrayToString(res);
+        }
+        catch (err) {
+            await randomDelay();
+            log.error(err);
+            throw errCode(new Error(`Key '${name}' does not exist.`), codes.ERR_KEY_NOT_FOUND);
+        }
+    }
+    /**
+     * Rotate keychain password and re-encrypt all associated keys
+     */
+    async rotateKeychainPass(oldPass, newPass) {
+        if (typeof oldPass !== 'string') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid old pass type '${typeof oldPass}'`), codes.ERR_INVALID_OLD_PASS_TYPE);
+        }
+        if (typeof newPass !== 'string') {
+            await randomDelay();
+            throw errCode(new Error(`Invalid new pass type '${typeof newPass}'`), codes.ERR_INVALID_NEW_PASS_TYPE);
+        }
+        if (newPass.length < 20) {
+            await randomDelay();
+            throw errCode(new Error(`Invalid pass length ${newPass.length}`), codes.ERR_INVALID_PASS_LENGTH);
+        }
+        log('recreating keychain');
+        const cached = privates.get(this);
+        if (cached == null) {
+            throw errCode(new Error('dek missing'), codes.ERR_INVALID_PARAMETERS);
+        }
+        const oldDek = cached.dek;
+        this.init.pass = newPass;
+        const newDek = newPass != null && this.init.dek?.salt != null
+            ? pbkdf2(newPass, this.init.dek.salt, this.init.dek?.iterationCount, this.init.dek?.keyLength, this.init.dek?.hash)
+            : '';
+        privates.set(this, { dek: newDek });
+        const keys = await this.listKeys();
+        for (const key of keys) {
+            const res = await this.components.datastore.get(DsName(key.name));
+            const pem = uint8ArrayToString(res);
+            const privateKey = await importKey(pem, oldDek);
+            const password = newDek.toString();
+            const keyAsPEM = await privateKey.export(password);
+            // Update stored key
+            const batch = this.components.datastore.batch();
+            const keyInfo = {
+                name: key.name,
+                id: key.id
+            };
+            batch.put(DsName(key.name), uint8ArrayFromString(keyAsPEM));
+            batch.put(DsInfoName(key.name), uint8ArrayFromString(JSON.stringify(keyInfo)));
+            await batch.commit();
+        }
+        log('keychain reconstructed');
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AACvC,OAAO,QAAQ,MAAM,mBAAmB,CAAA;AACxC,OAAO,YAAY,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAA;AAC7C,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAC9B,OAAO,OAAO,MAAM,UAAU,CAAA;AAC9B,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,QAAQ,IAAI,kBAAkB,EAAE,MAAM,uBAAuB,CAAA;AACtE,OAAO,EAAE,UAAU,IAAI,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAC5E,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAA;AAErF,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AAEpD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAGhD,MAAM,GAAG,GAAG,MAAM,CAAC,iBAAiB,CAAC,CAAA;AA6BrC,MAAM,SAAS,GAAG,SAAS,CAAA;AAC3B,MAAM,UAAU,GAAG,QAAQ,CAAA;AAC3B,MAAM,QAAQ,GAAG,IAAI,OAAO,EAA2B,CAAA;AAEvD,kBAAkB;AAClB,MAAM,IAAI,GAAG;IACX,YAAY,EAAE,GAAG,GAAG,CAAC;IACrB,aAAa,EAAE,GAAG,GAAG,CAAC;IACtB,iBAAiB,EAAE,IAAI;CACxB,CAAA;AAED,MAAM,cAAc,GAAG;IACrB,4DAA4D;IAC5D,GAAG,EAAE;QACH,SAAS,EAAE,GAAG,GAAG,CAAC;QAClB,cAAc,EAAE,KAAK;QACrB,IAAI,EAAE,mEAAmE;QACzE,IAAI,EAAE,UAAU;KACjB;CACF,CAAA;AAED,SAAS,eAAe,CAAE,IAAY;IACpC,IAAI,IAAI,IAAI,IAAI,EAAE;QAChB,OAAO,KAAK,CAAA;KACb;IACD,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;QAC5B,OAAO,KAAK,CAAA;KACb;IACD,OAAO,IAAI,KAAK,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAA;AAC1D,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,WAAW;IACxB,MAAM,GAAG,GAAG,GAAG,CAAA;IACf,MAAM,GAAG,GAAG,IAAI,CAAA;IAChB,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,GAAG,CAAA;IAE/C,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAA;AAC1D,CAAC;AAED;;GAEG;AACH,SAAS,MAAM,CAAE,IAAY;IAC3B,OAAO,IAAI,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAA;AAClC,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAE,IAAY;IAC/B,OAAO,IAAI,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;AACnC,CAAC;AAMD;;;;;;;GAOG;AACH,MAAM,OAAO,QAAQ;IAInB;;OAEG;IACH,YAAa,UAA8B,EAAE,IAAkB;QAC7D,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC,cAAc,EAAE,IAAI,CAAC,CAAA;QAE9C,0BAA0B;QAC1B,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,EAAE,EAAE;YACzD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;SACpD;QACD,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE;YACnF,MAAM,IAAI,KAAK,CAAC,+BAA+B,IAAI,CAAC,YAAY,QAAQ,CAAC,CAAA;SAC1E;QACD,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,MAAM,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,EAAE;YACzF,MAAM,IAAI,KAAK,CAAC,gCAAgC,IAAI,CAAC,aAAa,QAAQ,CAAC,CAAA;SAC5E;QACD,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC,iBAAiB,EAAE;YAClG,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAA;SAC9E;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,IAAI;YAC/D,CAAC,CAAC,MAAM,CACN,IAAI,CAAC,IAAI,CAAC,IAAI,EACd,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EACnB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,EAC7B,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EACxB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC;YACtB,CAAC,CAAC,EAAE,CAAA;QAEN,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;IAC7B,CAAC;IAED;;;;;;;OAOG;IACH,IAAI,GAAG;QACL,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;YAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;SACtE;QAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;QAEtB,OAAO,IAAI,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC3B,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,eAAe;QACpB,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,cAAc,CAAC,CAAA;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,CAAA,CAAC,oBAAoB;QAC7E,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,kBAAkB,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,CAAA;QACxE,OAAO,OAAO,CAAA;IAChB,CAAC;IAED;;;;;OAKG;IACH,MAAM,KAAK,OAAO;QAChB,OAAO,cAAc,CAAA;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CAAE,IAAY,EAAE,IAAc,EAAE,IAAI,GAAG,IAAI;QACxD,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,IAAI,KAAK,MAAM,EAAE;YAC7C,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACzE;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACzE;QAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAC1D,IAAI,MAAM,EAAE;YACV,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;SAClF;QAED,QAAQ,IAAI,CAAC,WAAW,EAAE,EAAE;YAC1B,KAAK,KAAK;gBACR,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;oBAC9C,MAAM,WAAW,EAAE,CAAA;oBACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;iBAC7E;gBACD,MAAK;YACP;gBACE,MAAK;SACR;QAED,IAAI,OAAO,CAAA;QACX,IAAI;YACF,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YACjD,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,CAAA;YAC9B,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;gBAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;aACtE;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;YACtB,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACrC,OAAO,GAAG;gBACR,IAAI,EAAE,IAAI;gBACV,EAAE,EAAE,GAAG;aACR,CAAA;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC/C,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAA;YAC5C,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAE1E,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;SACrB;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,QAAQ;QACZ,MAAM,KAAK,GAAG;YACZ,MAAM,EAAE,UAAU;SACnB,CAAA;QAED,MAAM,IAAI,GAAG,EAAE,CAAA;QACf,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;YAChE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SACvD;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAE,EAAU;QAC3B,IAAI;YACF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAA;YAClC,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAA;SACrC;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAE,IAAY;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;YAC1B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACnF;QAED,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAA;QAC/B,IAAI;YACF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACvD,OAAO,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAA;SAC3C;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACd,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,mBAAmB,CAAC,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAA;SACnF;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAE,IAAY;QAC3B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,IAAI,KAAK,MAAM,EAAE;YAC7C,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACnF;QACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QAC3B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;QAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;QAC/C,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACpB,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAA;QAC9B,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;QACpB,OAAO,OAAO,CAAA;IAChB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CAAE,OAAe,EAAE,OAAe;QAC/C,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,OAAO,KAAK,MAAM,EAAE;YACnD,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,yBAAyB,OAAO,GAAG,CAAC,EAAE,KAAK,CAAC,wBAAwB,CAAC,CAAA;SAC9F;QACD,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,OAAO,KAAK,MAAM,EAAE;YACnD,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,yBAAyB,OAAO,GAAG,CAAC,EAAE,KAAK,CAAC,wBAAwB,CAAC,CAAA;SAC9F;QACD,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,CAAA;QACjC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,CAAA;QACjC,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,CAAA;QACvC,MAAM,WAAW,GAAG,UAAU,CAAC,OAAO,CAAC,CAAA;QAEvC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;QAC7D,IAAI,MAAM,EAAE;YACV,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,OAAO,kBAAkB,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;SAC1F;QAED,IAAI;YACF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;YAC1D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAE5D,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAA;YACnD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;YACtB,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC/C,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;YACzB,KAAK,CAAC,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YACrE,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YACvB,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;YACzB,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;YACpB,OAAO,OAAO,CAAA;SACf;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAE,IAAY,EAAE,QAAgB;QAC7C,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;YAC1B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACnF;QACD,IAAI,QAAQ,IAAI,IAAI,EAAE;YACpB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,EAAE,KAAK,CAAC,qBAAqB,CAAC,CAAA;SAC9E;QAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI;YACF,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACvD,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAA;YACnC,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;gBAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;aACtE;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;YACtB,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;YAC5C,OAAO,MAAM,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;SACzC;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAE,IAAY;QAC9B,MAAM,QAAQ,GAAG,oBAAoB,CAAA;QACrC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QAChD,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAEjD,OAAO,MAAM,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,SAAS,CAAE,IAAY,EAAE,GAAW,EAAE,QAAgB;QAC1D,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,IAAI,KAAK,MAAM,EAAE;YAC7C,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACnF;QACD,IAAI,GAAG,IAAI,IAAI,EAAE;YACf,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,6BAA6B,CAAC,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAA;SAChF;QACD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QAC1D,IAAI,MAAM,EAAE;YACV,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,kBAAkB,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;SACvF;QAED,IAAI,UAAU,CAAA;QACd,IAAI;YACF,UAAU,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;SAC5C;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,wDAAwD,CAAC,EAAE,KAAK,CAAC,mBAAmB,CAAC,CAAA;SAC9G;QAED,IAAI,GAAG,CAAA;QACP,IAAI;YACF,GAAG,GAAG,MAAM,UAAU,CAAC,EAAE,EAAE,CAAA;YAC3B,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;gBAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;aACtE;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;YACtB,GAAG,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;SACnC;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;QAED,MAAM,OAAO,GAAG;YACd,IAAI,EAAE,IAAI;YACV,EAAE,EAAE,GAAG;SACR,CAAA;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;QAC/C,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAA;QAC5C,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;QAC1E,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;QAEpB,OAAO,OAAO,CAAA;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAE,IAAY,EAAE,IAAY;QAC1C,IAAI;YACF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;gBAC1B,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;aACnF;YACD,IAAI,IAAI,IAAI,IAAI,EAAE;gBAChB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,oBAAoB,CAAC,EAAE,KAAK,CAAC,uBAAuB,CAAC,CAAA;aAC9E;YACD,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,EAAE;gBAC3B,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,EAAE,KAAK,CAAC,uBAAuB,CAAC,CAAA;aACtF;YAED,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAE7D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;YAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YAC1D,IAAI,MAAM,EAAE;gBACV,MAAM,WAAW,EAAE,CAAA;gBACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,kBAAkB,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;aACvF;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;gBAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;aACtE;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;YACtB,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACxC,MAAM,OAAO,GAAY;gBACvB,IAAI,EAAE,IAAI;gBACV,EAAE,EAAE,IAAI,CAAC,QAAQ,EAAE;aACpB,CAAA;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC/C,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAA;YAC5C,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAC1E,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;YACpB,OAAO,OAAO,CAAA;SACf;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,GAAG,CAAA;SACV;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAE,IAAY;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE;YAC1B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,qBAAqB,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAA;SACnF;QAED,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;YAC3B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACvD,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAA;SAC/B;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,WAAW,EAAE,CAAA;YACnB,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACd,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,QAAQ,IAAI,mBAAmB,CAAC,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAA;SACnF;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAE,OAAe,EAAE,OAAe;QACxD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,0BAA0B,OAAO,OAAO,GAAG,CAAC,EAAE,KAAK,CAAC,yBAAyB,CAAC,CAAA;SACvG;QACD,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC/B,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,0BAA0B,OAAO,OAAO,GAAG,CAAC,EAAE,KAAK,CAAC,yBAAyB,CAAC,CAAA;SACvG;QACD,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE;YACvB,MAAM,WAAW,EAAE,CAAA;YACnB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,uBAAuB,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,uBAAuB,CAAC,CAAA;SACjG;QACD,GAAG,CAAC,qBAAqB,CAAC,CAAA;QAC1B,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAEjC,IAAI,MAAM,IAAI,IAAI,EAAE;YAClB,MAAM,OAAO,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,sBAAsB,CAAC,CAAA;SACtE;QAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAA;QACzB,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,OAAO,CAAA;QACxB,MAAM,MAAM,GAAG,OAAO,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,IAAI;YAC3D,CAAC,CAAC,MAAM,CACN,OAAO,EACP,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAClB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,EAC7B,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EACxB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC;YACtB,CAAC,CAAC,EAAE,CAAA;QACN,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAA;QACnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAA;QAClC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE;YACtB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAA;YACjE,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAA;YACnC,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;YAC/C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;YAClC,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;YAElD,oBAAoB;YACpB,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC/C,MAAM,OAAO,GAAG;gBACd,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,EAAE,EAAE,GAAG,CAAC,EAAE;aACX,CAAA;YACD,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAA;YAC3D,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAC9E,MAAM,KAAK,CAAC,MAAM,EAAE,CAAA;SACrB;QACD,GAAG,CAAC,wBAAwB,CAAC,CAAA;IAC/B,CAAC;CACF"}

package/dist/src/util.d.ts

@@ -0,0 +1,21 @@
+import 'node-forge/lib/x509.js';
+/**
+ * Gets a self-signed X.509 certificate for the key.
+ *
+ * The output Uint8Array contains the PKCS #7 message in DER.
+ *
+ * TODO: move to libp2p-crypto package
+ */
+export declare const certificateForKey: (key: any, privateKey: forge.pki.rsa.PrivateKey) => any;
+/**
+ * Finds the first item in a collection that is matched in the
+ * `asyncCompare` function.
+ *
+ * `asyncCompare` is an async function that must
+ * resolve to either `true` or `false`.
+ *
+ * @param {Array} array
+ * @param {function(*)} asyncCompare - An async function that returns a boolean
+ */
+export declare function findAsync<T>(array: T[], asyncCompare: (val: T) => Promise<any>): Promise<T>;
+//# sourceMappingURL=util.d.ts.map

package/dist/src/util.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,wBAAwB,CAAA;AAM/B;;;;;;GAMG;AACH,eAAO,MAAM,iBAAiB,QAAS,GAAG,8CAmDzC,CAAA;AAED;;;;;;;;;GASG;AACH,wBAAsB,SAAS,CAAE,CAAC,EAAG,KAAK,EAAE,CAAC,EAAE,EAAE,YAAY,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,cAKtF"}

package/dist/src/util.js

@@ -0,0 +1,79 @@
+import 'node-forge/lib/x509.js';
+// @ts-expect-error types are missing
+import forge from 'node-forge/lib/forge.js';
+const pki = forge.pki;
+/**
+ * Gets a self-signed X.509 certificate for the key.
+ *
+ * The output Uint8Array contains the PKCS #7 message in DER.
+ *
+ * TODO: move to libp2p-crypto package
+ */
+export const certificateForKey = (key, privateKey) => {
+    const publicKey = pki.rsa.setPublicKey(privateKey.n, privateKey.e);
+    const cert = pki.createCertificate();
+    cert.publicKey = publicKey;
+    cert.serialNumber = '01';
+    cert.validity.notBefore = new Date();
+    cert.validity.notAfter = new Date();
+    cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 10); // eslint-disable-line @typescript-eslint/restrict-plus-operands
+    const attrs = [{
+            name: 'organizationName',
+            value: 'ipfs'
+        }, {
+            shortName: 'OU',
+            value: 'keystore'
+        }, {
+            name: 'commonName',
+            value: key.id
+        }];
+    cert.setSubject(attrs);
+    cert.setIssuer(attrs);
+    cert.setExtensions([{
+            name: 'basicConstraints',
+            cA: true
+        }, {
+            name: 'keyUsage',
+            keyCertSign: true,
+            digitalSignature: true,
+            nonRepudiation: true,
+            keyEncipherment: true,
+            dataEncipherment: true
+        }, {
+            name: 'extKeyUsage',
+            serverAuth: true,
+            clientAuth: true,
+            codeSigning: true,
+            emailProtection: true,
+            timeStamping: true
+        }, {
+            name: 'nsCertType',
+            client: true,
+            server: true,
+            email: true,
+            objsign: true,
+            sslCA: true,
+            emailCA: true,
+            objCA: true
+        }]);
+    // self-sign certificate
+    cert.sign(privateKey);
+    return cert;
+};
+/**
+ * Finds the first item in a collection that is matched in the
+ * `asyncCompare` function.
+ *
+ * `asyncCompare` is an async function that must
+ * resolve to either `true` or `false`.
+ *
+ * @param {Array} array
+ * @param {function(*)} asyncCompare - An async function that returns a boolean
+ */
+export async function findAsync(array, asyncCompare) {
+    const promises = array.map(asyncCompare);
+    const results = await Promise.all(promises);
+    const index = results.findIndex(result => result);
+    return array[index];
+}
+//# sourceMappingURL=util.js.map

package/dist/src/util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,wBAAwB,CAAA;AAC/B,qCAAqC;AACrC,OAAO,KAAK,MAAM,yBAAyB,CAAA;AAE3C,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAA;AAErB;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,GAAQ,EAAE,UAAoC,EAAE,EAAE;IAClF,MAAM,SAAS,GAAG,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAA;IAClE,MAAM,IAAI,GAAG,GAAG,CAAC,iBAAiB,EAAE,CAAA;IACpC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC1B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;IACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAA;IACpC,IAAI,CAAC,QAAQ,CAAC,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAA;IACnC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAA,CAAC,gEAAgE;IAC/I,MAAM,KAAK,GAAG,CAAC;YACb,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,MAAM;SACd,EAAE;YACD,SAAS,EAAE,IAAI;YACf,KAAK,EAAE,UAAU;SAClB,EAAE;YACD,IAAI,EAAE,YAAY;YAClB,KAAK,EAAE,GAAG,CAAC,EAAE;SACd,CAAC,CAAA;IACF,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAA;IACtB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IACrB,IAAI,CAAC,aAAa,CAAC,CAAC;YAClB,IAAI,EAAE,kBAAkB;YACxB,EAAE,EAAE,IAAI;SACT,EAAE;YACD,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,IAAI;YACtB,cAAc,EAAE,IAAI;YACpB,eAAe,EAAE,IAAI;YACrB,gBAAgB,EAAE,IAAI;SACvB,EAAE;YACD,IAAI,EAAE,aAAa;YACnB,UAAU,EAAE,IAAI;YAChB,UAAU,EAAE,IAAI;YAChB,WAAW,EAAE,IAAI;YACjB,eAAe,EAAE,IAAI;YACrB,YAAY,EAAE,IAAI;SACnB,EAAE;YACD,IAAI,EAAE,YAAY;YAClB,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,IAAI;YACZ,KAAK,EAAE,IAAI;YACX,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,IAAI;YACX,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC,CAAA;IACH,wBAAwB;IACxB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IAErB,OAAO,IAAI,CAAA;AACb,CAAC,CAAA;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAM,KAAU,EAAE,YAAsC;IACrF,MAAM,QAAQ,GAAG,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;IACxC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IACjD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAA;AACrB,CAAC"}