npm - @naylence/advanced-security - Versions diffs - 0.3.6 → 0.3.7-test.111 - Mend

@naylence/advanced-security 0.3.6 → 0.3.7-test.111

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (285) hide show

package/dist/esm/naylence/fame/factory-manifest.js CHANGED Viewed

@@ -7,6 +7,8 @@
 export const MODULES = [
     "./security/cert/default-ca-service-factory.js",
     "./security/cert/default-certificate-manager-factory.js",
+    "./security/cert/trust-store/browser-trust-store-provider-factory.js",
+    "./security/cert/trust-store/node-trust-store-provider-factory.js",
     "./security/encryption/channel/channel-encryption-manager-factory.js",
     "./security/encryption/composite-encryption-manager-factory.js",
     "./security/encryption/default-secure-channel-manager-factory.js",
@@ -18,4 +20,20 @@ export const MODULES = [
     "./stickiness/aft-replica-stickiness-manager-factory.js",
     "./welcome/advanced-welcome-service-factory.js"
 ];
+export const MODULE_LOADERS = {
+    "./security/cert/default-ca-service-factory.js": () => import("./security/cert/default-ca-service-factory.js"),
+    "./security/cert/default-certificate-manager-factory.js": () => import("./security/cert/default-certificate-manager-factory.js"),
+    "./security/cert/trust-store/browser-trust-store-provider-factory.js": () => import("./security/cert/trust-store/browser-trust-store-provider-factory.js"),
+    "./security/cert/trust-store/node-trust-store-provider-factory.js": () => import("./security/cert/trust-store/node-trust-store-provider-factory.js"),
+    "./security/encryption/channel/channel-encryption-manager-factory.js": () => import("./security/encryption/channel/channel-encryption-manager-factory.js"),
+    "./security/encryption/composite-encryption-manager-factory.js": () => import("./security/encryption/composite-encryption-manager-factory.js"),
+    "./security/encryption/default-secure-channel-manager-factory.js": () => import("./security/encryption/default-secure-channel-manager-factory.js"),
+    "./security/encryption/sealed/x25519-encryption-manager-factory.js": () => import("./security/encryption/sealed/x25519-encryption-manager-factory.js"),
+    "./security/keys/x5c-key-manager-factory.js": () => import("./security/keys/x5c-key-manager-factory.js"),
+    "./security/signing/eddsa-envelope-signer-factory.js": () => import("./security/signing/eddsa-envelope-signer-factory.js"),
+    "./security/signing/eddsa-envelope-verifier-factory.js": () => import("./security/signing/eddsa-envelope-verifier-factory.js"),
+    "./stickiness/aft-load-balancer-stickiness-manager-factory.js": () => import("./stickiness/aft-load-balancer-stickiness-manager-factory.js"),
+    "./stickiness/aft-replica-stickiness-manager-factory.js": () => import("./stickiness/aft-replica-stickiness-manager-factory.js"),
+    "./welcome/advanced-welcome-service-factory.js": () => import("./welcome/advanced-welcome-service-factory.js"),
+};
 //# sourceMappingURL=factory-manifest.js.map

package/dist/esm/naylence/fame/factory-manifest.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,+CAA+C;IAC/C,wDAAwD;IACxD,qEAAqE;IACrE,+DAA+D;IAC/D,iEAAiE;IACjE,mEAAmE;IACnE,4CAA4C;IAC5C,qDAAqD;IACrD,uDAAuD;IACvD,8DAA8D;IAC9D,wDAAwD;IACxD,+CAA+C;CACvC,CAAC"}
1	+ {"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,+CAA+C;IAC/C,wDAAwD;IACxD,qEAAqE;IACrE,kEAAkE;IAClE,qEAAqE;IACrE,+DAA+D;IAC/D,iEAAiE;IACjE,mEAAmE;IACnE,4CAA4C;IAC5C,qDAAqD;IACrD,uDAAuD;IACvD,8DAA8D;IAC9D,wDAAwD;IACxD,+CAA+C;CACvC,CAAC;AAKX,MAAM,CAAC,MAAM,cAAc,GAAmD;IAC5E,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;IAC9G,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,qEAAqE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qEAAqE,CAAC;IAC1J,kEAAkE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,kEAAkE,CAAC;IACpJ,qEAAqE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qEAAqE,CAAC;IAC1J,+DAA+D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+DAA+D,CAAC;IAC9I,iEAAiE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,iEAAiE,CAAC;IAClJ,mEAAmE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,mEAAmE,CAAC;IACtJ,4CAA4C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,4CAA4C,CAAC;IACxG,qDAAqD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qDAAqD,CAAC;IAC1H,uDAAuD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,uDAAuD,CAAC;IAC9H,8DAA8D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,8DAA8D,CAAC;IAC5I,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;CAC/G,CAAC"}

package/dist/esm/naylence/fame/security/cert/browser-csr.js ADDED Viewed

@@ -0,0 +1,103 @@
+import { AsnConvert, OctetString } from "@peculiar/asn1-schema";
+import { Attributes, CertificationRequest, CertificationRequestInfo, } from "@peculiar/asn1-csr";
+import { AlgorithmIdentifier, Attribute, AttributeTypeAndValue, AttributeValue, Extension, Extensions, GeneralName, Name, RelativeDistinguishedName, SubjectAlternativeName, SubjectPublicKeyInfo, id_ce_subjectAltName, } from "@peculiar/asn1-x509";
+const ED25519_OID = "1.3.101.112";
+const OID_COMMON_NAME = "2.5.4.3";
+const LOGICAL_URI_PREFIX = "naylence://";
+function ensureSubtleCrypto() {
+    const instance = globalThis.crypto?.subtle;
+    if (!instance) {
+        throw new Error("WebCrypto subtle API is required to create a CSR");
+    }
+    return instance;
+}
+function buildSubject(commonName) {
+    if (!commonName || typeof commonName !== "string") {
+        throw new Error("commonName must be a non-empty string");
+    }
+    return new Name([
+        new RelativeDistinguishedName([
+            new AttributeTypeAndValue({
+                type: OID_COMMON_NAME,
+                value: new AttributeValue({ utf8String: commonName }),
+            }),
+        ]),
+    ]);
+}
+function arrayBufferToBase64(buffer) {
+    const bytes = new Uint8Array(buffer);
+    if (typeof globalThis.Buffer?.from === "function") {
+        return globalThis.Buffer.from(bytes).toString("base64");
+    }
+    let binary = "";
+    const chunkSize = 0x8000;
+    for (let offset = 0; offset < bytes.length; offset += chunkSize) {
+        const slice = bytes.subarray(offset, offset + chunkSize);
+        binary += String.fromCharCode(...slice);
+    }
+    if (typeof globalThis.btoa !== "function") {
+        throw new Error("Base64 encoding not available in this environment");
+    }
+    return globalThis.btoa(binary);
+}
+function derToPem(der, label) {
+    const base64 = arrayBufferToBase64(der);
+    const lines = [];
+    for (let index = 0; index < base64.length; index += 64) {
+        lines.push(base64.slice(index, index + 64));
+    }
+    return `-----BEGIN ${label}-----\n${lines.join("\n")}\n-----END ${label}-----\n`;
+}
+export async function createEd25519Csr(options) {
+    const subtle = ensureSubtleCrypto();
+    const { privateKey, publicKey, commonName } = options;
+    if (!(privateKey instanceof CryptoKey) || privateKey.type !== "private") {
+        throw new Error("privateKey must be a CryptoKey of type 'private'");
+    }
+    if (!(publicKey instanceof CryptoKey) || publicKey.type !== "public") {
+        throw new Error("publicKey must be a CryptoKey of type 'public'");
+    }
+    const subject = buildSubject(commonName);
+    const spkiDer = await subtle.exportKey("spki", publicKey);
+    const subjectPublicKeyInfo = AsnConvert.parse(spkiDer, SubjectPublicKeyInfo);
+    const attributes = new Attributes();
+    const sanitizedLogicals = Array.isArray(options.logicals)
+        ? options.logicals
+            .map((logical) => logical.trim())
+            .filter((logical) => logical.length > 0)
+        : [];
+    if (sanitizedLogicals.length > 0) {
+        const san = new SubjectAlternativeName(sanitizedLogicals.map((logical) => new GeneralName({
+            uniformResourceIdentifier: `${LOGICAL_URI_PREFIX}${logical}`,
+        })));
+        const extensions = new Extensions([
+            new Extension({
+                extnID: id_ce_subjectAltName,
+                critical: false,
+                extnValue: new OctetString(AsnConvert.serialize(san)),
+            }),
+        ]);
+        attributes.push(new Attribute({
+            type: "1.2.840.113549.1.9.14",
+            values: [AsnConvert.serialize(extensions)],
+        }));
+    }
+    const requestInfo = new CertificationRequestInfo({
+        subject,
+        subjectPKInfo: subjectPublicKeyInfo,
+        attributes,
+    });
+    const requestInfoDer = AsnConvert.serialize(requestInfo);
+    const signature = await subtle.sign("Ed25519", privateKey, requestInfoDer);
+    const certificationRequest = new CertificationRequest({
+        certificationRequestInfo: requestInfo,
+        signatureAlgorithm: new AlgorithmIdentifier({
+            algorithm: ED25519_OID,
+        }),
+        signature,
+    });
+    const csrDer = AsnConvert.serialize(certificationRequest);
+    const csrPem = derToPem(csrDer, "CERTIFICATE REQUEST");
+    return { csrPem, csrDer };
+}
+//# sourceMappingURL=browser-csr.js.map

package/dist/esm/naylence/fame/security/cert/browser-csr.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"browser-csr.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/browser-csr.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EACN,UAAU,EACV,oBAAoB,EACpB,wBAAwB,GACxB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACN,mBAAmB,EACnB,SAAS,EACT,qBAAqB,EACrB,cAAc,EACd,SAAS,EACT,UAAU,EACV,WAAW,EACX,IAAI,EACJ,yBAAyB,EACzB,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,GACpB,MAAM,qBAAqB,CAAC;AAI7B,MAAM,WAAW,GAAG,aAAa,CAAC;AAClC,MAAM,eAAe,GAAG,SAAS,CAAC;AAClC,MAAM,kBAAkB,GAAG,aAAa,CAAC;AASzC,SAAS,kBAAkB;IAC1B,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC;IAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC;AAED,SAAS,YAAY,CAAC,UAAkB;IACvC,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,IAAI,IAAI,CAAC;QACf,IAAI,yBAAyB,CAAC;YAC7B,IAAI,qBAAqB,CAAC;gBACzB,IAAI,EAAE,eAAe;gBACrB,KAAK,EAAE,IAAI,cAAc,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;aACrD,CAAC;SACF,CAAC;KACF,CAAC,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAmB;IAC/C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IAErC,IAAI,OAAO,UAAU,CAAC,MAAM,EAAE,IAAI,KAAK,UAAU,EAAE,CAAC;QACnD,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,MAAM,SAAS,GAAG,MAAM,CAAC;IACzB,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,MAAM,IAAI,SAAS,EAAE,CAAC;QACjE,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;QACzD,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,OAAO,UAAU,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACtE,CAAC;IAED,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,QAAQ,CAAC,GAAgB,EAAE,KAAa;IAChD,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,IAAI,EAAE,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,cAAc,KAAK,UAAU,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,KAAK,SAAS,CAAC;AAClF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACrC,OAAgC;IAEhC,MAAM,MAAM,GAAG,kBAAkB,EAAE,CAAC;IACpC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;IAEtD,IAAI,CAAC,CAAC,UAAU,YAAY,SAAS,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QACzE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,CAAC,CAAC,SAAS,YAAY,SAAS,CAAC,IAAI,SAAS,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1D,MAAM,oBAAoB,GAAG,UAAU,CAAC,KAAK,CAC5C,OAAO,EACP,oBAAoB,CACpB,CAAC;IAEF,MAAM,UAAU,GAAG,IAAI,UAAU,EAAE,CAAC;IACpC,MAAM,iBAAiB,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QACxD,CAAC,CAAC,OAAO,CAAC,QAAQ;aACf,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;aAChC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QAC1C,CAAC,CAAC,EAAE,CAAC;IAEN,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,sBAAsB,CACrC,iBAAiB,CAAC,GAAG,CACpB,CAAC,OAAO,EAAE,EAAE,CACX,IAAI,WAAW,CAAC;YACf,yBAAyB,EAAE,GAAG,kBAAkB,GAAG,OAAO,EAAE;SAC5D,CAAC,CACH,CACD,CAAC;QAEF,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC;YACjC,IAAI,SAAS,CAAC;gBACb,MAAM,EAAE,oBAAoB;gBAC5B,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;aACrD,CAAC;SACF,CAAC,CAAC;QAEH,UAAU,CAAC,IAAI,CACd,IAAI,SAAS,CAAC;YACb,IAAI,EAAE,uBAAuB;YAC7B,MAAM,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;SAC1C,CAAC,CACF,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,wBAAwB,CAAC;QAChD,OAAO;QACP,aAAa,EAAE,oBAAoB;QACnC,UAAU;KACV,CAAC,CAAC;IAEH,MAAM,cAAc,GAAG,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACzD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;IAE3E,MAAM,oBAAoB,GAAG,IAAI,oBAAoB,CAAC;QACrD,wBAAwB,EAAE,WAAW;QACrC,kBAAkB,EAAE,IAAI,mBAAmB,CAAC;YAC3C,SAAS,EAAE,WAAW;SACtB,CAAC;QACF,SAAS;KACT,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,UAAU,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;IAEvD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC3B,CAAC"}

package/dist/esm/naylence/fame/security/cert/ca-server-cli.js ADDED Viewed

@@ -0,0 +1,30 @@
+#!/usr/bin/env node
+import { pathToFileURL } from "node:url";
+import { main } from "./ca-server.js";
+function isDirectExecution() {
+    if (typeof process === "undefined") {
+        return false;
+    }
+    const entry = process.argv?.[1];
+    if (typeof entry !== "string" || entry.length === 0) {
+        return false;
+    }
+    const entryUrl = pathToFileURL(entry).href;
+    return import.meta.url === entryUrl;
+}
+function registerSignalHandlers() {
+    const handleShutdown = (signal) => {
+        console.log("[INFO] ca_server_shutting_down", { signal });
+        process.exit(0);
+    };
+    process.on("SIGTERM", () => handleShutdown("SIGTERM"));
+    process.on("SIGINT", () => handleShutdown("SIGINT"));
+}
+if (isDirectExecution()) {
+    registerSignalHandlers();
+    main().catch((error) => {
+        console.error("Fatal error:", error);
+        process.exit(1);
+    });
+}
+//# sourceMappingURL=ca-server-cli.js.map

package/dist/esm/naylence/fame/security/cert/ca-server-cli.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ca-server-cli.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server-cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAEtC,SAAS,iBAAiB;IACxB,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC;IAC3C,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,QAAQ,CAAC;AACtC,CAAC;AAED,SAAS,sBAAsB;IAC7B,MAAM,cAAc,GAAG,CAAC,MAAsB,EAAE,EAAE;QAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,IAAI,iBAAiB,EAAE,EAAE,CAAC;IACxB,sBAAsB,EAAE,CAAC;IAEzB,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/esm/naylence/fame/security/cert/ca-server.js CHANGED Viewed

@@ -1,11 +1,13 @@
-#!/usr/bin/env node
 /**
  * CA Server - Certificate Authority HTTP endpoint
  *
  * Provides certificate issuance via HTTP using Fastify.
  * Mirrors the Python ca_server.py implementation.
  */
+import { sha256 } from "@noble/hashes/sha256.js";
 import Fastify from "fastify";
+import { realpathSync } from "node:fs";
+import { resolve } from "node:path";
 import { CAServiceFactory } from "./ca-service-factory.js";
 // Simple console logger for CA server
 const logger = {
@@ -97,6 +99,30 @@ function createCaRouter(fastify, caService, prefix = "/fame/v1/ca") {
     fastify.get("/health", async () => {
         return { status: "healthy", service: "ca-server" };
     });
+    const trustBundlePath = "/.well-known/naylence/trust-bundle.json";
+    fastify.get(trustBundlePath, async (request, reply) => {
+        const bundle = await caService.getTrustBundle();
+        if (!bundle) {
+            return reply.status(404).send({
+                error: "trust_bundle_unavailable",
+            });
+        }
+        const payload = JSON.stringify(bundle);
+        const etag = `"${computeEtag(payload)}"`;
+        const requestEtag = request.headers["if-none-match"];
+        if (typeof requestEtag === "string" && requestEtag.replace(/W\//u, "") === etag.replace(/W\//u, "")) {
+            return reply
+                .status(304)
+                .header("ETag", etag)
+                .header("Cache-Control", trustBundleCacheControl())
+                .send();
+        }
+        return reply
+            .header("Content-Type", "application/json")
+            .header("Cache-Control", trustBundleCacheControl())
+            .header("ETag", etag)
+            .send(bundle);
+    });
 }
 /**
  * Create Fastify application with CA service lifespan management.
@@ -133,21 +159,65 @@ async function main() {
         process.exit(1);
     }
 }
-// Signal handlers
-process.on("SIGTERM", () => {
-    logger.info("ca_server_shutting_down", { signal: "SIGTERM" });
-    process.exit(0);
-});
-process.on("SIGINT", () => {
-    logger.info("ca_server_shutting_down", { signal: "SIGINT" });
-    process.exit(0);
-});
-// Run if executed directly
-if (import.meta.url === `file://${process.argv[1]}`) {
-    main().catch((error) => {
-        console.error("Fatal error:", error);
-        process.exit(1);
-    });
+export { createApp, main };
+const isTopLevelInvocation = (() => {
+    if (typeof process === "undefined") {
+        return false;
+    }
+    const entry = process.argv[1] ?? null;
+    if (!entry) {
+        if (process.env.FAME_CA_DEBUG === "1") {
+            console.log("[CA DEBUG] missing process argv entry", JSON.stringify({ argv: process.argv }));
+        }
+        return false;
+    }
+    try {
+        const entryPath = resolveToRealPath(entry);
+        if (!entryPath) {
+            if (process.env.FAME_CA_DEBUG === "1") {
+                console.log("[CA DEBUG] failed to resolve entry path", JSON.stringify({ entry }));
+            }
+            return false;
+        }
+        if (process.env.FAME_CA_DEBUG === "1") {
+            console.log("[CA DEBUG] invocation check", JSON.stringify({
+                argv: process.argv,
+                entryPath,
+            }));
+        }
+        return /(?:^|[\\/])ca-server\.js$/u.test(entryPath);
+    }
+    catch (error) {
+        if (process.env.FAME_CA_DEBUG === "1") {
+            console.log("[CA DEBUG] invocation check error", JSON.stringify({ error: error instanceof Error ? error.message : String(error) }));
+        }
+        return false;
+    }
+})();
+if (isTopLevelInvocation) {
+    void main();
+}
+function computeEtag(payload) {
+    const encoder = new TextEncoder();
+    const digest = sha256(encoder.encode(payload));
+    return Array.from(digest)
+        .map((byte) => byte.toString(16).padStart(2, "0"))
+        .join("");
+}
+function trustBundleCacheControl() {
+    return "public, max-age=3600, stale-while-revalidate=86400";
+}
+function resolveToRealPath(pathLike) {
+    try {
+        return realpathSync(pathLike);
+    }
+    catch {
+        try {
+            return realpathSync.native?.(pathLike) ?? resolve(pathLike);
+        }
+        catch {
+            return resolve(pathLike);
+        }
+    }
 }
-export { createApp };
 //# sourceMappingURL=ca-server.js.map

package/dist/esm/naylence/fame/security/cert/ca-server.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ca-server.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server.ts"],"names":[],"mappings":"~~;AACA~~;;;;;GAKG;AAEH,OAAO,OAAO,MAAM,SAAS,CAAC;~~AAE9B~~,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,sCAAsC;AACtC,MAAM,MAAM,GAAG;IACb,IAAI,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACtD,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACzD,OAAO,CAAC,IAAI,CAAC,aAAa,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,OAAO,CAAC,KAAK,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACtE,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAC9C,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAe9C;;;GAGG;AACH,SAAS,cAAc,CACrB,OAAwB,EACxB,SAAoB,EACpB,SAAiB,aAAa;IAE9B,+BAA+B;IAC/B,OAAO,CAAC,IAAI,CACV,GAAG,MAAM,OAAO,EAChB;QACE,MAAM,EAAE;YACN,IAAI,EAAE;gBACJ,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,CAAC,SAAS,EAAE,cAAc,CAAC;gBACrC,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC3B,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAChC,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACjC,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;iBACvD;aACF;SACF;KACF,EACD,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACvB,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;YAEhC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC5B,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,+BAA+B;iBACzC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;gBACvC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,aAAa,EAAE,UAAU,CAAC,aAAa;gBACvC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC,CAAC;YAEH,2CAA2C;YAC3C,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzB,sEAAsE;gBACtE,MAAM,CAAC,OAAO,CAAC,oCAAoC,EAAE;oBACnD,qBAAqB,EAAE,IAAI;iBAC5B,CAAC,CAAC;YACL,CAAC;YAED,mEAAmE;YACnE,MAAM,aAAa,GAAG;gBACpB,MAAM,EAAE,UAAU,CAAC,OAAO;gBAC1B,WAAW,EAAE,UAAU,CAAC,YAAY;gBACpC,YAAY,EAAE,UAAU,CAAC,aAAa;gBACtC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC;YAEF,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAgC;gBAC5C,eAAe,EAAE,MAAM,CAAC,cAAc;gBACtC,qBAAqB,EAAE,MAAM,CAAC,mBAAmB;gBACjD,UAAU,EAAE,MAAM,CAAC,SAAS;aAC7B,CAAC;YAEF,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACtC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;YAEH,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CACF,CAAC;IAEF,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,IAAI,EAAE;QAChC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,SAAS;IAItB,qEAAqE;IACrE,MAAM,OAAO,GAAG,OAAO,CAAC;QACtB,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IAEH,sEAAsE;IACtE,MAAM,EAAE,uCAAuC,EAAE,GAAG,MAAM,MAAM,CAC9D,uBAAuB,CACxB,CAAC;IACF,MAAM,uCAAuC,EAAE,CAAC;IAEhD,wDAAwD;IACxD,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,CAAC;IAE3D,qBAAqB;IACrB,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEnC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;AACrC,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;QAElC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,SAAS,CAAC;QAC7D,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;QAExE,MAAM,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAEjC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,sCAAsC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CACT,mCAAmC,IAAI,IAAI,IAAI,oBAAoB,CACpE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;YACvC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,~~kBAAkB~~;~~AAClB~~,~~OAAO~~,CAAC,EAAE,CAAC,~~SAAS~~,EAAE,GAAG,EAAE;~~IACzB~~,~~MAAM~~,CAAC,IAAI,CAAC,~~yBAAyB~~,~~EAAE~~,EAAE,~~MAAM~~,EAAE,~~SAAS~~,EAAE,CAAC,CAAC;~~IAC9D~~,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;~~AAClB~~,~~CAAC~~,CAAC,CAAC;~~AAEH~~,OAAO,CAAC,~~EAAE~~,CAAC,~~QAAQ~~,~~EAAE~~,GAAG,EAAE;~~IACxB~~,~~MAAM~~,CAAC,IAAI,CAAC,~~yBAAyB~~,~~EAAE~~,EAAE,~~MAAM~~,EAAE,~~QAAQ~~,~~EAAE~~,CAAC,CAAC;~~IAC7D~~,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;~~AAClB~~,CAAC,CAAC,CAAC;~~AAEH~~,~~2BAA2B~~;~~AAC3B~~,IAAI,~~MAAM~~,CAAC,IAAI,CAAC,GAAG,KAAK,~~UAAU~~,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;~~IACpD~~,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,~~KAAK~~,EAAE,~~EAAE~~;~~QACrB~~,OAAO,CAAC,~~KAAK~~,CAAC,~~cAAc~~,~~EAAE~~,KAAK,CAAC,CAAC;~~QACrC~~,~~OAAO~~,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;~~IAClB~~,CAAC,CAAC,CAAC;~~AACL~~,CAAC;AAED,OAAO,~~EAAE~~,SAAS,EAAE,CAAC"}
1	+ {"version":3,"file":"ca-server.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,sCAAsC;AACtC,MAAM,MAAM,GAAG;IACb,IAAI,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACtD,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACzD,OAAO,CAAC,IAAI,CAAC,aAAa,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,OAAO,CAAC,KAAK,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACtE,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAC9C,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAe9C;;;GAGG;AACH,SAAS,cAAc,CACrB,OAAwB,EACxB,SAAoB,EACpB,SAAiB,aAAa;IAE9B,+BAA+B;IAC/B,OAAO,CAAC,IAAI,CACV,GAAG,MAAM,OAAO,EAChB;QACE,MAAM,EAAE;YACN,IAAI,EAAE;gBACJ,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,CAAC,SAAS,EAAE,cAAc,CAAC;gBACrC,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC3B,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAChC,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACjC,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;iBACvD;aACF;SACF;KACF,EACD,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACvB,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;YAEhC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC5B,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,+BAA+B;iBACzC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;gBACvC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,aAAa,EAAE,UAAU,CAAC,aAAa;gBACvC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC,CAAC;YAEH,2CAA2C;YAC3C,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzB,sEAAsE;gBACtE,MAAM,CAAC,OAAO,CAAC,oCAAoC,EAAE;oBACnD,qBAAqB,EAAE,IAAI;iBAC5B,CAAC,CAAC;YACL,CAAC;YAED,mEAAmE;YACnE,MAAM,aAAa,GAAG;gBACpB,MAAM,EAAE,UAAU,CAAC,OAAO;gBAC1B,WAAW,EAAE,UAAU,CAAC,YAAY;gBACpC,YAAY,EAAE,UAAU,CAAC,aAAa;gBACtC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC;YAEF,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAgC;gBAC5C,eAAe,EAAE,MAAM,CAAC,cAAc;gBACtC,qBAAqB,EAAE,MAAM,CAAC,mBAAmB;gBACjD,UAAU,EAAE,MAAM,CAAC,SAAS;aAC7B,CAAC;YAEF,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACtC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;YAEH,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CACF,CAAC;IAEF,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,IAAI,EAAE;QAChC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,yCAAyC,CAAC;IAElE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACpD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,KAAK,EAAE,0BAA0B;aAClC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,IAAI,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC;QACzC,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAErD,IAAI,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC;YACpG,OAAO,KAAK;iBACT,MAAM,CAAC,GAAG,CAAC;iBACX,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC;iBACpB,MAAM,CAAC,eAAe,EAAE,uBAAuB,EAAE,CAAC;iBAClD,IAAI,EAAE,CAAC;QACZ,CAAC;QAED,OAAO,KAAK;aACT,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC;aAC1C,MAAM,CAAC,eAAe,EAAE,uBAAuB,EAAE,CAAC;aAClD,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC;aACpB,IAAI,CAAC,MAAoC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,SAAS;IAItB,qEAAqE;IACrE,MAAM,OAAO,GAAG,OAAO,CAAC;QACtB,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IAEH,sEAAsE;IACtE,MAAM,EAAE,uCAAuC,EAAE,GAAG,MAAM,MAAM,CAC9D,uBAAuB,CACxB,CAAC;IACF,MAAM,uCAAuC,EAAE,CAAC;IAEhD,wDAAwD;IACxD,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,CAAC;IAE3D,qBAAqB;IACrB,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEnC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;AACrC,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;QAElC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,SAAS,CAAC;QAC7D,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;QAExE,MAAM,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAEjC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,sCAAsC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CACT,mCAAmC,IAAI,IAAI,IAAI,oBAAoB,CACpE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;YACvC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;AAE3B,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE;IACjC,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CACT,uCAAuC,EACvC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CACvC,CAAC;QACJ,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CACT,yCAAyC,EACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC,CAC1B,CAAC;YACJ,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CACT,6BAA6B,EAC7B,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,SAAS;aACV,CAAC,CACH,CAAC;QACJ,CAAC;QACD,OAAO,4BAA4B,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACtD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CACT,mCAAmC,EACnC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAClF,CAAC;QACJ,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC,EAAE,CAAC;AAEL,IAAI,oBAAoB,EAAE,CAAC;IACzB,KAAK,IAAI,EAAE,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAAC,OAAe;IAClC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;SACtB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACjD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,oDAAoD,CAAC;AAC9D,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,OAAO,YAAY,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;AACH,CAAC"}