@motebit/crypto-android-keystore 1.1.0

package/LICENSE

@@ -0,0 +1,206 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 Motebit, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+"Motebit" is a trademark of Motebit, Inc. The Apache License grants rights to
+this software, not to any Motebit trademarks, logos, or branding. You may not
+use Motebit branding in a way that suggests endorsement or affiliation without
+written permission.

package/NOTICE

@@ -0,0 +1,19 @@
+Motebit
+Copyright 2026 Motebit, Inc.
+
+This product includes software developed at Motebit, Inc. (https://motebit.com).
+
+The permissive-floor packages (the protocol, SDK, cryptographic primitives,
+platform-attestation verifier leaves, scaffolding CLI, and GitHub Action) are
+licensed under the Apache License, Version 2.0. See LICENSE files in each
+`packages/*/` subdirectory and in `spec/` for the full license text.
+
+The remaining packages, apps, and services are licensed under the Business
+Source License 1.1 and convert to the Apache License, Version 2.0 four years
+after each version's first public release. See `LICENSE` at the repository
+root and `LICENSING.md` for the full license boundary.
+
+"Motebit" is a trademark of Motebit, Inc. The licenses granted here cover
+this software only, not Motebit trademarks, logos, or branding. Use of
+Motebit branding in a way that suggests endorsement or affiliation requires
+written permission.

package/README.md

@@ -0,0 +1,60 @@
+# @motebit/crypto-android-keystore
+
+Offline Apache-2.0 verifier for Android Hardware-Backed Keystore Attestation hardware-attestation credentials.
+
+```bash
+npm i @motebit/crypto-android-keystore
+```
+
+Plugs into [`@motebit/crypto`](https://www.npmjs.com/package/@motebit/crypto)'s `HardwareAttestationVerifiers` dispatcher as the `androidKeystore` verifier — called when a credential declares `platform: "android_keystore"` (Android devices with KeyMaster 3+ / KeyMint 1+ — every modern Android device since Android 7).
+
+## Usage
+
+```ts
+import { verify } from "@motebit/crypto";
+import { androidKeystoreVerifier } from "@motebit/crypto-android-keystore";
+
+const result = await verify(credential, {
+  hardwareAttestation: {
+    androidKeystore: androidKeystoreVerifier({
+      // Bytes of the registered Android package's `attestationApplicationId`,
+      // captured at registration time. Must byte-equal what the leaf
+      // attestation extension reports.
+      expectedAttestationApplicationId,
+    }),
+  },
+});
+```
+
+## What it verifies
+
+1. **Cert chain to a pinned Google Hardware Attestation root.** Two roots ship pinned: the legacy RSA-4096 root (for factory-provisioned devices) and the modern ECDSA P-384 root (for RKP-provisioned devices). Verifiers MUST pin both — Google rotated from RSA to ECDSA between Feb–Apr 2026, so a verifier pinning only one drops half its install base.
+2. **The Android Key Attestation extension** (OID `1.3.6.1.4.1.11129.2.1.17`) on the leaf — `attestationVersion ≥ 3` (Keymaster 3 / Android 7+), `attestationSecurityLevel ≥ TRUSTED_ENVIRONMENT` (rejects software-only fallback), `hardwareEnforced.rootOfTrust.verifiedBootState` in caller's allowlist (default `[VERIFIED]`), `hardwareEnforced.attestationApplicationId` byte-equals the registered package binding.
+3. **Optional revocation snapshot.** Caller-supplied snapshot keyed by lowercase-hex serial number, mirroring Google's published shape at `https://android.googleapis.com/attestation/status`. Defaults to empty (no revocation enforcement). The verifier never fetches at runtime — `@motebit/verify` ships an embedded snapshot at release time.
+4. **Identity binding.** The leaf's `attestationChallenge` must byte-equal `SHA-256(canonicalJson({ attested_at, device_id, identity_public_key, motebit_id, platform: "android_keystore", version: "1" }))` — the same body the Kotlin `expo-android-keystore` mint path composes. A malicious client that substitutes any other body fails here.
+
+## Why pinned
+
+A verifier that dynamically fetched Google's attestation roots has no sovereign story. The pinned roots are the self-attesting contract — third parties audit `DEFAULT_ANDROID_KEYSTORE_TRUST_ANCHORS` and know which trust anchors this library accepts. Source of truth: `roots.json` in [`android/keyattestation`](https://github.com/android/keyattestation), Google's canonical Kotlin reference verifier.
+
+## Why a hand-rolled DER walker
+
+The `KeyDescription` ASN.1 structure has ~50 optional context-tagged fields in `AuthorizationList`, two of which carry policy-relevant material (`[704] rootOfTrust` and `[709] attestationApplicationId`). A schema-driven parser would have to declare all 50 fields just to skip past the ones we ignore. Walking the DER directly costs ~150 lines and stays scoped to exactly what verification needs — same trade-off [`@motebit/crypto-tpm`](https://www.npmjs.com/package/@motebit/crypto-tpm) made for `TPMS_ATTEST` parsing.
+
+## Privacy posture
+
+Closer to FIDO Yubico-batch than to TPM EK. The leaf X.509 subject is the fixed string `CN=Android Keystore Key` — not device-identifying. The optional ID-attestation family (`attestationIdSerial`, `attestationIdImei`, etc.) only fires when the caller invokes `setDevicePropertiesAttestationIncluded(true)`; motebit does not. Default `setAttestationChallenge()` produces batch-shareable chains with the device-identifying material confined to (a) the caller-controlled challenge and (b) `verifiedBootKey` (boot-image identity, not user identity).
+
+## Related
+
+- [`@motebit/crypto`](https://www.npmjs.com/package/@motebit/crypto) — dispatcher (pure permissive-floor; zero deps)
+- [`@motebit/crypto-appattest`](https://www.npmjs.com/package/@motebit/crypto-appattest) — iOS sibling
+- [`@motebit/crypto-tpm`](https://www.npmjs.com/package/@motebit/crypto-tpm) — Windows / Linux TPM sibling
+- [`@motebit/crypto-webauthn`](https://www.npmjs.com/package/@motebit/crypto-webauthn) — browser sibling
+- [`@motebit/verify`](https://www.npmjs.com/package/@motebit/verify) — canonical CLI bundling all four leaves with motebit defaults
+
+## License
+
+Apache-2.0 — see [LICENSE](./LICENSE) and [NOTICE](./NOTICE).
+
+"Motebit" is a trademark. The Apache License grants rights to this software, not to any Motebit trademarks, logos, or branding. You may not use Motebit branding in a way that suggests endorsement or affiliation without written permission.

package/dist/asn1.d.ts

@@ -0,0 +1,82 @@
+/**
+ * Minimal DER reader for the Android Key Attestation extension.
+ *
+ * Why hand-rolled: the `KeyDescription` ASN.1 schema (Android Open
+ * Source Project, `attestation_record.cpp` / `keymint_attest.asn1`)
+ * has ~50 optional context-tagged fields in `AuthorizationList`. Two
+ * of them carry the policy-relevant material — `[704] rootOfTrust`
+ * and `[709] attestationApplicationId` — and the rest are
+ * key-shape parameters we do not gate on. A schema-driven parser
+ * (e.g. `@peculiar/asn1-schema`) would have to declare all 50 fields
+ * just to skip past the ones we ignore, or use Any-typed slots and
+ * lose type safety. Walking the DER directly costs ~150 lines and
+ * stays scoped to exactly what verification needs — same trade-off
+ * `@motebit/crypto-tpm` made for `TPMS_ATTEST` parsing.
+ *
+ * Specs referenced:
+ *   - Android Open Source Project, `attestation_record.cpp`:
+ *     https://source.android.com/docs/security/features/keystore/attestation
+ *   - X.690 (DER encoding rules) — high-tag-number form for tags ≥ 31,
+ *     long-form length encoding for content > 127 bytes.
+ *
+ * The parser is fail-closed: any structural anomaly throws a typed
+ * error rather than silently skipping. Callers wrap the parse call in
+ * try/catch and convert the throw into a structured `errors[]` entry.
+ */
+/**
+ * Android `attestationSecurityLevel` / `keymintSecurityLevel` ENUMERATED.
+ * Values are stable across KeyMaster and KeyMint versions.
+ */
+export declare const SECURITY_LEVEL_SOFTWARE = 0;
+export declare const SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;
+export declare const SECURITY_LEVEL_STRONG_BOX = 2;
+/**
+ * Android `verifiedBootState` ENUMERATED — published in
+ * https://source.android.com/docs/security/features/verifiedboot.
+ *   - VERIFIED (0): full chain of trust to a Google-signed bootloader
+ *   - SELF_SIGNED (1): user-installed root of trust (GrapheneOS,
+ *     CalyxOS, etc.)
+ *   - UNVERIFIED (2): unlocked bootloader; no boot-image guarantee
+ *   - FAILED (3): verification attempted and failed
+ */
+export declare const VERIFIED_BOOT_STATE_VERIFIED = 0;
+export declare const VERIFIED_BOOT_STATE_SELF_SIGNED = 1;
+export declare const VERIFIED_BOOT_STATE_UNVERIFIED = 2;
+export declare const VERIFIED_BOOT_STATE_FAILED = 3;
+export interface RootOfTrust {
+    /** SHA-256 of the boot-image verification public key. */
+    readonly verifiedBootKey: Uint8Array;
+    readonly deviceLocked: boolean;
+    readonly verifiedBootState: number;
+    /** Optional — present on KeyMint 2+ devices. */
+    readonly verifiedBootHash: Uint8Array | null;
+}
+export interface AuthorizationList {
+    readonly rootOfTrust: RootOfTrust | null;
+    /** Raw bytes of `[709] attestationApplicationId` — caller decides
+     *  whether to JSON-decode further (it's a wrapped sequence of the
+     *  package name + signing-cert SHA-256 set). */
+    readonly attestationApplicationId: Uint8Array | null;
+}
+export interface KeyDescription {
+    readonly attestationVersion: number;
+    readonly attestationSecurityLevel: number;
+    readonly keyMintVersion: number;
+    readonly keyMintSecurityLevel: number;
+    /** The challenge the caller passed to `setAttestationChallenge` —
+     *  for motebit this is `SHA256(canonical body naming the
+     *  identity)`. */
+    readonly attestationChallenge: Uint8Array;
+    readonly uniqueId: Uint8Array;
+    readonly softwareEnforced: AuthorizationList;
+    readonly hardwareEnforced: AuthorizationList;
+}
+/**
+ * Parse the Android Key Attestation extension value into a typed
+ * `KeyDescription`. `extValue` is the `extnValue` OCTET STRING's
+ * inner content — the bytes inside the OCTET STRING wrapper that
+ * `@peculiar/x509`'s `cert.getExtension(OID).value` returns as a
+ * Uint8Array.
+ */
+export declare function parseKeyDescription(extValue: Uint8Array): KeyDescription;
+//# sourceMappingURL=asn1.d.ts.map

package/dist/asn1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"asn1.d.ts","sourceRoot":"","sources":["../src/asn1.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AA+BH;;;GAGG;AACH,eAAO,MAAM,uBAAuB,IAAI,CAAC;AACzC,eAAO,MAAM,kCAAkC,IAAI,CAAC;AACpD,eAAO,MAAM,yBAAyB,IAAI,CAAC;AAE3C;;;;;;;;GAQG;AACH,eAAO,MAAM,4BAA4B,IAAI,CAAC;AAC9C,eAAO,MAAM,+BAA+B,IAAI,CAAC;AACjD,eAAO,MAAM,8BAA8B,IAAI,CAAC;AAChD,eAAO,MAAM,0BAA0B,IAAI,CAAC;AAE5C,MAAM,WAAW,WAAW;IAC1B,yDAAyD;IACzD,QAAQ,CAAC,eAAe,EAAE,UAAU,CAAC;IACrC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;IAC/B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,gDAAgD;IAChD,QAAQ,CAAC,gBAAgB,EAAE,UAAU,GAAG,IAAI,CAAC;CAC9C;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,WAAW,EAAE,WAAW,GAAG,IAAI,CAAC;IACzC;;oDAEgD;IAChD,QAAQ,CAAC,wBAAwB,EAAE,UAAU,GAAG,IAAI,CAAC;CACtD;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,wBAAwB,EAAE,MAAM,CAAC;IAC1C,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,oBAAoB,EAAE,MAAM,CAAC;IACtC;;sBAEkB;IAClB,QAAQ,CAAC,oBAAoB,EAAE,UAAU,CAAC;IAC1C,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAC;IAC9B,QAAQ,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;CAC9C;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,UAAU,GAAG,cAAc,CAsBxE"}

package/dist/asn1.js

@@ -0,0 +1,257 @@
+/**
+ * Minimal DER reader for the Android Key Attestation extension.
+ *
+ * Why hand-rolled: the `KeyDescription` ASN.1 schema (Android Open
+ * Source Project, `attestation_record.cpp` / `keymint_attest.asn1`)
+ * has ~50 optional context-tagged fields in `AuthorizationList`. Two
+ * of them carry the policy-relevant material — `[704] rootOfTrust`
+ * and `[709] attestationApplicationId` — and the rest are
+ * key-shape parameters we do not gate on. A schema-driven parser
+ * (e.g. `@peculiar/asn1-schema`) would have to declare all 50 fields
+ * just to skip past the ones we ignore, or use Any-typed slots and
+ * lose type safety. Walking the DER directly costs ~150 lines and
+ * stays scoped to exactly what verification needs — same trade-off
+ * `@motebit/crypto-tpm` made for `TPMS_ATTEST` parsing.
+ *
+ * Specs referenced:
+ *   - Android Open Source Project, `attestation_record.cpp`:
+ *     https://source.android.com/docs/security/features/keystore/attestation
+ *   - X.690 (DER encoding rules) — high-tag-number form for tags ≥ 31,
+ *     long-form length encoding for content > 127 bytes.
+ *
+ * The parser is fail-closed: any structural anomaly throws a typed
+ * error rather than silently skipping. Callers wrap the parse call in
+ * try/catch and convert the throw into a structured `errors[]` entry.
+ */
+/** Raw DER tag-class identifiers (top 2 bits of the tag byte). */
+const TAG_CLASS_UNIVERSAL = 0;
+const TAG_CLASS_CONTEXT = 2;
+/** Universal-class ASN.1 tag numbers we read. */
+const UTAG_BOOLEAN = 1;
+const UTAG_INTEGER = 2;
+const UTAG_OCTET_STRING = 4;
+const UTAG_ENUMERATED = 10;
+const UTAG_SEQUENCE = 16;
+/**
+ * AuthorizationList context-tag numbers we care about. All other tags
+ * in the AuthorizationList SEQUENCE are skipped. These are the only
+ * two whose values gate canonical motebit verification — additional
+ * tags (`purpose`, `algorithm`, `keySize`, `ec_curve`, etc.) describe
+ * key-shape parameters and are out of scope for v1.
+ */
+const AUTH_LIST_TAG_ROOT_OF_TRUST = 704;
+const AUTH_LIST_TAG_ATTESTATION_APPLICATION_ID = 709;
+/**
+ * Android `attestationSecurityLevel` / `keymintSecurityLevel` ENUMERATED.
+ * Values are stable across KeyMaster and KeyMint versions.
+ */
+export const SECURITY_LEVEL_SOFTWARE = 0;
+export const SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;
+export const SECURITY_LEVEL_STRONG_BOX = 2;
+/**
+ * Android `verifiedBootState` ENUMERATED — published in
+ * https://source.android.com/docs/security/features/verifiedboot.
+ *   - VERIFIED (0): full chain of trust to a Google-signed bootloader
+ *   - SELF_SIGNED (1): user-installed root of trust (GrapheneOS,
+ *     CalyxOS, etc.)
+ *   - UNVERIFIED (2): unlocked bootloader; no boot-image guarantee
+ *   - FAILED (3): verification attempted and failed
+ */
+export const VERIFIED_BOOT_STATE_VERIFIED = 0;
+export const VERIFIED_BOOT_STATE_SELF_SIGNED = 1;
+export const VERIFIED_BOOT_STATE_UNVERIFIED = 2;
+export const VERIFIED_BOOT_STATE_FAILED = 3;
+/**
+ * Parse the Android Key Attestation extension value into a typed
+ * `KeyDescription`. `extValue` is the `extnValue` OCTET STRING's
+ * inner content — the bytes inside the OCTET STRING wrapper that
+ * `@peculiar/x509`'s `cert.getExtension(OID).value` returns as a
+ * Uint8Array.
+ */
+export function parseKeyDescription(extValue) {
+    const seq = readDerNode(extValue, 0);
+    if (seq.node.tagClass !== TAG_CLASS_UNIVERSAL || seq.node.tagNumber !== UTAG_SEQUENCE) {
+        throw new Error(`KeyDescription: outer tag is not SEQUENCE (got class=${seq.node.tagClass} tagNumber=${seq.node.tagNumber})`);
+    }
+    const children = readSequenceChildren(seq.node.contentBytes);
+    if (children.length < 8) {
+        throw new Error(`KeyDescription: SEQUENCE has ${children.length} fields, expected ≥ 8`);
+    }
+    return {
+        attestationVersion: readUniversalInteger(children[0], "attestationVersion"),
+        attestationSecurityLevel: readUniversalEnumerated(children[1], "attestationSecurityLevel"),
+        keyMintVersion: readUniversalInteger(children[2], "keyMintVersion"),
+        keyMintSecurityLevel: readUniversalEnumerated(children[3], "keyMintSecurityLevel"),
+        attestationChallenge: readUniversalOctetString(children[4], "attestationChallenge"),
+        uniqueId: readUniversalOctetString(children[5], "uniqueId"),
+        softwareEnforced: parseAuthorizationList(children[6], "softwareEnforced"),
+        hardwareEnforced: parseAuthorizationList(children[7], "hardwareEnforced"),
+    };
+}
+/**
+ * Parse an `AuthorizationList` SEQUENCE into the two fields we care
+ * about. All other context-tagged fields are intentionally skipped —
+ * the AOSP spec defines ~50 optional context tags carrying key-shape
+ * parameters; motebit verification gates only on `rootOfTrust` and
+ * `attestationApplicationId`.
+ */
+function parseAuthorizationList(node, fieldName) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_SEQUENCE) {
+        throw new Error(`${fieldName}: not a SEQUENCE`);
+    }
+    let rootOfTrust = null;
+    let attestationApplicationId = null;
+    for (const child of readSequenceChildren(node.contentBytes)) {
+        if (child.tagClass !== TAG_CLASS_CONTEXT)
+            continue;
+        if (child.tagNumber === AUTH_LIST_TAG_ROOT_OF_TRUST) {
+            // [704] EXPLICIT RootOfTrust — the outer context-tag wraps the
+            // inner SEQUENCE. Read the SEQUENCE and parse its fields.
+            const inner = readDerNode(child.contentBytes, 0).node;
+            rootOfTrust = parseRootOfTrust(inner);
+        }
+        else if (child.tagNumber === AUTH_LIST_TAG_ATTESTATION_APPLICATION_ID) {
+            // [709] EXPLICIT OCTET STRING.
+            const inner = readDerNode(child.contentBytes, 0).node;
+            if (inner.tagClass !== TAG_CLASS_UNIVERSAL || inner.tagNumber !== UTAG_OCTET_STRING) {
+                throw new Error(`${fieldName}.attestationApplicationId: inner tag is not OCTET STRING (got class=${inner.tagClass} tagNumber=${inner.tagNumber})`);
+            }
+            attestationApplicationId = inner.contentBytes.slice();
+        }
+        // All other context tags are key-shape parameters — skip silently.
+    }
+    return { rootOfTrust, attestationApplicationId };
+}
+function parseRootOfTrust(node) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_SEQUENCE) {
+        throw new Error("rootOfTrust: not a SEQUENCE");
+    }
+    const children = readSequenceChildren(node.contentBytes);
+    if (children.length < 3) {
+        throw new Error(`rootOfTrust: SEQUENCE has ${children.length} fields, expected ≥ 3`);
+    }
+    const verifiedBootKey = readUniversalOctetString(children[0], "rootOfTrust.verifiedBootKey");
+    const deviceLocked = readUniversalBoolean(children[1], "rootOfTrust.deviceLocked");
+    const verifiedBootState = readUniversalEnumerated(children[2], "rootOfTrust.verifiedBootState");
+    const verifiedBootHash = children.length >= 4
+        ? readUniversalOctetString(children[3], "rootOfTrust.verifiedBootHash")
+        : null;
+    return { verifiedBootKey, deviceLocked, verifiedBootState, verifiedBootHash };
+}
+// ── Universal-tag readers ─────────────────────────────────────────────
+function readUniversalInteger(node, fieldName) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_INTEGER) {
+        throw new Error(`${fieldName}: not an INTEGER`);
+    }
+    // Attestation versions are small (current is 400 = KeyMint 4.0).
+    // We do not need a bigint reader for v1.
+    let n = 0;
+    for (const b of node.contentBytes) {
+        n = (n << 8) | b;
+        if (n > Number.MAX_SAFE_INTEGER) {
+            throw new Error(`${fieldName}: INTEGER exceeds Number.MAX_SAFE_INTEGER`);
+        }
+    }
+    return n;
+}
+function readUniversalEnumerated(node, fieldName) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_ENUMERATED) {
+        throw new Error(`${fieldName}: not an ENUMERATED`);
+    }
+    // ENUMERATED encodes the same as INTEGER.
+    let n = 0;
+    for (const b of node.contentBytes) {
+        n = (n << 8) | b;
+    }
+    return n;
+}
+function readUniversalOctetString(node, fieldName) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_OCTET_STRING) {
+        throw new Error(`${fieldName}: not an OCTET STRING`);
+    }
+    return node.contentBytes.slice();
+}
+function readUniversalBoolean(node, fieldName) {
+    if (node.tagClass !== TAG_CLASS_UNIVERSAL || node.tagNumber !== UTAG_BOOLEAN) {
+        throw new Error(`${fieldName}: not a BOOLEAN`);
+    }
+    if (node.contentBytes.length !== 1) {
+        throw new Error(`${fieldName}: BOOLEAN content length ${node.contentBytes.length} ≠ 1`);
+    }
+    return node.contentBytes[0] !== 0;
+}
+/**
+ * Read one DER tag-length-value triple from `bytes` starting at
+ * `offset`. Handles X.690 high-tag-number form (multi-byte tag) and
+ * long-form length encoding.
+ */
+function readDerNode(bytes, offset) {
+    if (offset >= bytes.length) {
+        throw new Error(`DER: read past end (offset=${offset}, length=${bytes.length})`);
+    }
+    let i = offset;
+    const tagByte = bytes[i++];
+    const tagClass = (tagByte >> 6) & 0x03;
+    const constructed = (tagByte & 0x20) !== 0;
+    let tagNumber = tagByte & 0x1f;
+    if (tagNumber === 0x1f) {
+        // High-tag-number form: subsequent bytes encode tag in base-128,
+        // with high bit set on every byte except the last.
+        tagNumber = 0;
+        let b;
+        let safety = 0;
+        do {
+            if (i >= bytes.length)
+                throw new Error("DER: truncated high-tag-number form");
+            if (++safety > 4) {
+                // 4 bytes covers tag numbers up to 2^28 — far beyond anything
+                // AOSP defines; refuse to decode arbitrarily large tags.
+                throw new Error("DER: high-tag-number form exceeds 4 bytes");
+            }
+            b = bytes[i++];
+            tagNumber = (tagNumber << 7) | (b & 0x7f);
+        } while ((b & 0x80) !== 0);
+    }
+    if (i >= bytes.length)
+        throw new Error("DER: truncated length");
+    const lenByte = bytes[i++];
+    let length;
+    if ((lenByte & 0x80) === 0) {
+        length = lenByte;
+    }
+    else {
+        const lenBytes = lenByte & 0x7f;
+        if (lenBytes === 0) {
+            throw new Error("DER: indefinite-length encoding not allowed in DER");
+        }
+        if (lenBytes > 4) {
+            // A 4-byte length is 4 GiB — far beyond anything we'd see in a
+            // cert extension; refuse rather than overflow.
+            throw new Error(`DER: long-form length exceeds 4 bytes (got ${lenBytes})`);
+        }
+        length = 0;
+        for (let j = 0; j < lenBytes; j++) {
+            if (i >= bytes.length)
+                throw new Error("DER: truncated long-form length");
+            length = (length << 8) | bytes[i++];
+        }
+    }
+    if (i + length > bytes.length) {
+        throw new Error(`DER: content runs past buffer (start=${i}, length=${length}, buffer=${bytes.length})`);
+    }
+    return {
+        node: { tagClass, constructed, tagNumber, contentBytes: bytes.subarray(i, i + length) },
+        nextOffset: i + length,
+    };
+}
+function readSequenceChildren(seqContent) {
+    const out = [];
+    let offset = 0;
+    while (offset < seqContent.length) {
+        const r = readDerNode(seqContent, offset);
+        out.push(r.node);
+        offset = r.nextOffset;
+    }
+    return out;
+}
+//# sourceMappingURL=asn1.js.map

package/dist/asn1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"asn1.js","sourceRoot":"","sources":["../src/asn1.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,kEAAkE;AAClE,MAAM,mBAAmB,GAAG,CAAC,CAAC;AAC9B,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAE5B,iDAAiD;AACjD,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,YAAY,GAAG,CAAC,CAAC;AACvB,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAC5B,MAAM,eAAe,GAAG,EAAE,CAAC;AAC3B,MAAM,aAAa,GAAG,EAAE,CAAC;AAEzB;;;;;;GAMG;AACH,MAAM,2BAA2B,GAAG,GAAG,CAAC;AACxC,MAAM,wCAAwC,GAAG,GAAG,CAAC;AAUrD;;;GAGG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC;AACzC,MAAM,CAAC,MAAM,kCAAkC,GAAG,CAAC,CAAC;AACpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC;AAE3C;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC;AAC9C,MAAM,CAAC,MAAM,+BAA+B,GAAG,CAAC,CAAC;AACjD,MAAM,CAAC,MAAM,8BAA8B,GAAG,CAAC,CAAC;AAChD,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,CAAC;AAiC5C;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAoB;IACtD,MAAM,GAAG,GAAG,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IACrC,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,GAAG,CAAC,IAAI,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;QACtF,MAAM,IAAI,KAAK,CACb,wDAAwD,GAAG,CAAC,IAAI,CAAC,QAAQ,cAAc,GAAG,CAAC,IAAI,CAAC,SAAS,GAAG,CAC7G,CAAC;IACJ,CAAC;IACD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC7D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,gCAAgC,QAAQ,CAAC,MAAM,uBAAuB,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO;QACL,kBAAkB,EAAE,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,oBAAoB,CAAC;QAC5E,wBAAwB,EAAE,uBAAuB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,0BAA0B,CAAC;QAC3F,cAAc,EAAE,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,gBAAgB,CAAC;QACpE,oBAAoB,EAAE,uBAAuB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,sBAAsB,CAAC;QACnF,oBAAoB,EAAE,wBAAwB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,sBAAsB,CAAC;QACpF,QAAQ,EAAE,wBAAwB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,UAAU,CAAC;QAC5D,gBAAgB,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,kBAAkB,CAAC;QAC1E,gBAAgB,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,kBAAkB,CAAC;KAC3E,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,sBAAsB,CAAC,IAAa,EAAE,SAAiB;IAC9D,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,kBAAkB,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,WAAW,GAAuB,IAAI,CAAC;IAC3C,IAAI,wBAAwB,GAAsB,IAAI,CAAC;IAEvD,KAAK,MAAM,KAAK,IAAI,oBAAoB,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;QAC5D,IAAI,KAAK,CAAC,QAAQ,KAAK,iBAAiB;YAAE,SAAS;QACnD,IAAI,KAAK,CAAC,SAAS,KAAK,2BAA2B,EAAE,CAAC;YACpD,+DAA+D;YAC/D,0DAA0D;YAC1D,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACtD,WAAW,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,KAAK,CAAC,SAAS,KAAK,wCAAwC,EAAE,CAAC;YACxE,+BAA+B;YAC/B,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACtD,IAAI,KAAK,CAAC,QAAQ,KAAK,mBAAmB,IAAI,KAAK,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBACpF,MAAM,IAAI,KAAK,CACb,GAAG,SAAS,uEAAuE,KAAK,CAAC,QAAQ,cAAc,KAAK,CAAC,SAAS,GAAG,CAClI,CAAC;YACJ,CAAC;YACD,wBAAwB,GAAG,KAAK,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QACxD,CAAC;QACD,mEAAmE;IACrE,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAa;IACrC,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IACD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACzD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,CAAC,MAAM,uBAAuB,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,eAAe,GAAG,wBAAwB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,6BAA6B,CAAC,CAAC;IAC9F,MAAM,YAAY,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,0BAA0B,CAAC,CAAC;IACpF,MAAM,iBAAiB,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,+BAA+B,CAAC,CAAC;IACjG,MAAM,gBAAgB,GACpB,QAAQ,CAAC,MAAM,IAAI,CAAC;QAClB,CAAC,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC,CAAE,EAAE,8BAA8B,CAAC;QACxE,CAAC,CAAC,IAAI,CAAC;IACX,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC;AAChF,CAAC;AAED,yEAAyE;AAEzE,SAAS,oBAAoB,CAAC,IAAa,EAAE,SAAiB;IAC5D,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,YAAY,EAAE,CAAC;QAC7E,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,kBAAkB,CAAC,CAAC;IAClD,CAAC;IACD,iEAAiE;IACjE,yCAAyC;IACzC,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QAClC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACjB,IAAI,CAAC,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,2CAA2C,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAa,EAAE,SAAiB;IAC/D,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,eAAe,EAAE,CAAC;QAChF,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,qBAAqB,CAAC,CAAC;IACrD,CAAC;IACD,0CAA0C;IAC1C,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QAClC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,wBAAwB,CAAC,IAAa,EAAE,SAAiB;IAChE,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;QAClF,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,uBAAuB,CAAC,CAAC;IACvD,CAAC;IACD,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;AACnC,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAa,EAAE,SAAiB;IAC5D,IAAI,IAAI,CAAC,QAAQ,KAAK,mBAAmB,IAAI,IAAI,CAAC,SAAS,KAAK,YAAY,EAAE,CAAC;QAC7E,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,iBAAiB,CAAC,CAAC;IACjD,CAAC;IACD,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,GAAG,SAAS,4BAA4B,IAAI,CAAC,YAAY,CAAC,MAAM,MAAM,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AACpC,CAAC;AASD;;;;GAIG;AACH,SAAS,WAAW,CAAC,KAAiB,EAAE,MAAc;IACpD,IAAI,MAAM,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,MAAM,YAAY,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,CAAC,GAAG,MAAM,CAAC;IACf,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,EAAE,CAAE,CAAC;IAC5B,MAAM,QAAQ,GAAG,CAAC,OAAO,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;IACvC,MAAM,WAAW,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAC3C,IAAI,SAAS,GAAG,OAAO,GAAG,IAAI,CAAC;IAE/B,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,iEAAiE;QACjE,mDAAmD;QACnD,SAAS,GAAG,CAAC,CAAC;QACd,IAAI,CAAS,CAAC;QACd,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,GAAG,CAAC;YACF,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YAC9E,IAAI,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjB,8DAA8D;gBAC9D,yDAAyD;gBACzD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;YAC/D,CAAC;YACD,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAE,CAAC;YAChB,SAAS,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC5C,CAAC,QAAQ,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE;IAC7B,CAAC;IAED,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,EAAE,CAAE,CAAC;IAC5B,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,GAAG,OAAO,CAAC;IACnB,CAAC;SAAM,CAAC;QACN,MAAM,QAAQ,GAAG,OAAO,GAAG,IAAI,CAAC;QAChC,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACjB,+DAA+D;YAC/D,+CAA+C;YAC/C,MAAM,IAAI,KAAK,CAAC,8CAA8C,QAAQ,GAAG,CAAC,CAAC;QAC7E,CAAC;QACD,MAAM,GAAG,CAAC,CAAC;QACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM;gBAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;YAC1E,MAAM,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAE,CAAC;QACvC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,wCAAwC,CAAC,YAAY,MAAM,YAAY,KAAK,CAAC,MAAM,GAAG,CACvF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,YAAY,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,EAAE;QACvF,UAAU,EAAE,CAAC,GAAG,MAAM;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,UAAsB;IAClD,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,OAAO,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,WAAW,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAC1C,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjB,MAAM,GAAG,CAAC,CAAC,UAAU,CAAC;IACxB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}