@naylence/advanced-security 0.3.7-test.112 → 0.3.7-test.114

package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js

@@ -1,40 +0,0 @@
-import { AbstractResourceFactory, createDefaultResource, createResource, } from "@naylence/factory";
-const DEFAULT_UNCONFIGURED_MESSAGE = "Trust store is not configured. Set FAME_CA_CERTS to a PEM value, a file path, a data URI, or an HTTPS bundle URL.";
-export const TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE = "TrustStoreProviderFactory";
-export class TrustStoreProviderFactory extends AbstractResourceFactory {
-    createUnconfiguredProvider(reason) {
-        return new NullTrustStoreProvider(reason ?? DEFAULT_UNCONFIGURED_MESSAGE);
-    }
-    static async createTrustStoreProvider(config, options = {}) {
-        const { dependencies, factoryArgs, ...restOptions } = options;
-        const mergedFactoryArgs = [
-            ...(dependencies ? [dependencies] : []),
-            ...(factoryArgs ?? []),
-        ];
-        const creationOptions = {
-            ...restOptions,
-            factoryArgs: mergedFactoryArgs,
-        };
-        if (config) {
-            const instance = await createResource(TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, config, creationOptions);
-            return instance ?? new NullTrustStoreProvider();
-        }
-        const instance = await createDefaultResource(TRUST_STORE_PROVIDER_FACTORY_BASE_TYPE, null, creationOptions);
-        return instance ?? new NullTrustStoreProvider();
-    }
-}
-export class NullTrustStoreProvider {
-    constructor(reason = DEFAULT_UNCONFIGURED_MESSAGE) {
-        this.reason = reason;
-    }
-    async getTrustStorePem() {
-        throw new Error(this.reason);
-    }
-    async getRoots() {
-        return [];
-    }
-    async initialize() {
-        // No-op for the placeholder provider.
-    }
-}
-//# sourceMappingURL=trust-store-provider-factory.js.map

package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"trust-store-provider-factory.js","sourceRoot":"","sources":["../../../../../../../src/naylence/fame/security/cert/trust-store/trust-store-provider-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,cAAc,GACf,MAAM,mBAAmB,CAAC;AAmB3B,MAAM,4BAA4B,GAChC,mHAAmH,CAAC;AAEtH,MAAM,CAAC,MAAM,sCAAsC,GAAG,2BAA2B,CAAC;AAElF,MAAM,OAAgB,yBAEpB,SAAQ,uBAA8C;IAM5C,0BAA0B,CAAC,MAAe;QAClD,OAAO,IAAI,sBAAsB,CAAC,MAAM,IAAI,4BAA4B,CAAC,CAAC;IAC5E,CAAC;IAEM,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAG1C,MAA2C,EAC3C,UAA2C,EAAE;QAE7C,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,WAAW,EAAE,GAAG,OAAO,CAAC;QAC9D,MAAM,iBAAiB,GAAG;YACxB,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC;SACvB,CAAC;QAEF,MAAM,eAAe,GAA0B;YAC7C,GAAG,WAAW;YACd,WAAW,EAAE,iBAAiB;SAC/B,CAAC;QAEF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GAAG,MAAM,cAAc,CACnC,sCAAsC,EACtC,MAAM,EACN,eAAe,CAChB,CAAC;YACF,OAAO,QAAQ,IAAI,IAAI,sBAAsB,EAAE,CAAC;QAClD,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,qBAAqB,CAC1C,sCAAsC,EACtC,IAAI,EACJ,eAAe,CAChB,CAAC;QAEF,OAAO,QAAQ,IAAI,IAAI,sBAAsB,EAAE,CAAC;IAClD,CAAC;CACF;AAED,MAAM,OAAO,sBAAsB;IAGjC,YAAmB,SAAiB,4BAA4B;QAC9D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAEM,KAAK,CAAC,gBAAgB;QAC3B,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IAEM,KAAK,CAAC,QAAQ;QACnB,OAAO,EAAE,CAAC;IACZ,CAAC;IAEM,KAAK,CAAC,UAAU;QACrB,sCAAsC;IACxC,CAAC;CACF"}

package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=trust-store-provider.js.map

package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"trust-store-provider.js","sourceRoot":"","sources":["../../../../../../../src/naylence/fame/security/cert/trust-store/trust-store-provider.ts"],"names":[],"mappings":""}

package/dist/esm/naylence/fame/security/cert/util.js

@@ -1,515 +0,0 @@
-import { AsnConvert } from "@peculiar/asn1-schema";
-import { Certificate, NameConstraints, SubjectAlternativeName, id_ce_nameConstraints, id_ce_subjectAltName, } from "@peculiar/asn1-x509";
-import { sha256, sha512 } from "@noble/hashes/sha2.js";
-import { etc as edEtc, verify as ed25519Verify } from "@noble/ed25519";
-import { getLogger } from "@naylence/runtime/node";
-const logger = getLogger("naylence.fame.security.cert.util");
-const CACHE_LIMIT = 512;
-const OID_ED25519 = "1.3.101.112";
-const textEncoder = new TextEncoder();
-const trustCache = new Map();
-export function publicKeyFromX5c(x5c, options = {}) {
-    if (!Array.isArray(x5c) || x5c.length === 0) {
-        throw new Error("Empty certificate chain");
-    }
-    const callId = generateCallId();
-    const enforceNameConstraints = options.enforceNameConstraints ?? true;
-    const trustStorePem = normalizeTrustStoreOption(options.trustStorePem ?? null);
-    const returnCertificate = options.returnCertificate ?? false;
-    const { parsed, chainBytes } = parseCertificateChain(x5c);
-    logger.debug("public_key_from_x5c_called", {
-        call_id: callId,
-        x5c_count: parsed.length,
-        enforce_name_constraints: enforceNameConstraints,
-        has_trust_store: Boolean(trustStorePem),
-        return_cert: returnCertificate,
-    });
-    let cacheKey = null;
-    if (!returnCertificate) {
-        cacheKey = buildCacheKey(chainBytes, trustStorePem, enforceNameConstraints);
-        const cached = getCachedPublicKey(cacheKey);
-        if (cached) {
-            logger.debug("certificate_cache_hit", {
-                call_id: callId,
-                cache_key: cacheKey,
-            });
-            return cached;
-        }
-        logger.debug("certificate_cache_miss", {
-            call_id: callId,
-            cache_key: cacheKey,
-        });
-    }
-    const validation = validateCertificateChain(parsed, enforceNameConstraints, trustStorePem);
-    if (cacheKey) {
-        setCachedPublicKey(cacheKey, validation.publicKey, validation.notAfter);
-    }
-    if (returnCertificate) {
-        return {
-            publicKey: validation.publicKey.slice(),
-            certificate: validation.certificate,
-        };
-    }
-    return validation.publicKey.slice();
-}
-export function validateJwkX5cCertificate(options) {
-    const { jwk, trustStorePem = null, enforceNameConstraints = true, strict = true, } = options;
-    if (!jwk || typeof jwk !== "object") {
-        const error = "Invalid JWK object";
-        if (strict) {
-            throw new Error(error);
-        }
-        return { isValid: false, error };
-    }
-    const x5c = jwk.x5c;
-    if (x5c === undefined) {
-        return { isValid: true };
-    }
-    if (!Array.isArray(x5c) ||
-        x5c.length === 0 ||
-        x5c.some((entry) => typeof entry !== "string")) {
-        const error = "Invalid x5c field in JWK";
-        if (strict) {
-            throw new Error(error);
-        }
-        return { isValid: false, error };
-    }
-    try {
-        publicKeyFromX5c(x5c, {
-            trustStorePem,
-            enforceNameConstraints,
-        });
-        return { isValid: true };
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : String(error ?? "unknown");
-        const normalized = `Certificate validation failed: ${message}`;
-        if (strict) {
-            throw new Error(normalized);
-        }
-        return { isValid: false, error: normalized };
-    }
-}
-function validateCertificateChain(parsed, enforceNameConstraints, trustStorePem) {
-    const leaf = parsed[0];
-    const nowMs = Date.now();
-    const notBefore = leaf.certificate.tbsCertificate.validity.notBefore.getTime();
-    const notAfter = leaf.certificate.tbsCertificate.validity.notAfter.getTime();
-    const notBeforeMs = notBefore.getTime();
-    const notAfterMs = notAfter.getTime();
-    if (nowMs < notBeforeMs || nowMs > notAfterMs) {
-        throw new Error(`Certificate is not currently valid (notBefore: ${notBefore.toISOString()}, notAfter: ${notAfter.toISOString()}, now: ${new Date(nowMs).toISOString()})`);
-    }
-    const issuers = parsed.slice(1);
-    if (enforceNameConstraints && issuers.length > 0) {
-        const leafUris = extractUrisFromCert(leaf.certificate);
-        validateNameConstraints(issuers, leafUris);
-    }
-    if (trustStorePem) {
-        validateTrustAnchor(parsed, trustStorePem);
-    }
-    validateChainContinuity(parsed);
-    const publicKey = leaf.subjectPublicKey.slice();
-    return {
-        publicKey,
-        certificate: leaf.certificate,
-        notAfter,
-    };
-}
-function parseCertificateChain(x5c) {
-    const parsed = [];
-    const derChunks = [];
-    for (let index = 0; index < x5c.length; index += 1) {
-        const entry = x5c[index];
-        if (typeof entry !== "string" || entry.trim().length === 0) {
-            throw new Error(`Invalid certificate at index ${index}`);
-        }
-        let der;
-        try {
-            der = decodeBase64(entry);
-        }
-        catch (error) {
-            const reason = error instanceof Error ? error.message : String(error);
-            throw new Error(`Failed to decode certificate at index ${index}: ${reason}`);
-        }
-        let certificate;
-        try {
-            certificate = AsnConvert.parse(der, Certificate);
-        }
-        catch (error) {
-            const reason = error instanceof Error ? error.message : String(error);
-            throw new Error(`Failed to parse certificate at index ${index}: ${reason}`);
-        }
-        parsed.push(createParsedCertificate(certificate, der));
-        derChunks.push(der);
-    }
-    return { parsed, chainBytes: concatBytes(derChunks) };
-}
-function createParsedCertificate(certificate, raw) {
-    return {
-        raw,
-        certificate,
-        serialNumber: toHex(new Uint8Array(certificate.tbsCertificate.serialNumber)).toUpperCase(),
-        subjectName: serializeName(certificate.tbsCertificate.subject),
-        issuerName: serializeName(certificate.tbsCertificate.issuer),
-        subjectPublicKey: new Uint8Array(certificate.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey).slice(),
-    };
-}
-function extractUrisFromCert(cert) {
-    const extension = findExtension(cert, id_ce_subjectAltName);
-    if (!extension) {
-        return [];
-    }
-    const subjectAlternativeName = AsnConvert.parse(extension.extnValue.buffer, SubjectAlternativeName);
-    const uris = [];
-    for (const generalName of subjectAlternativeName) {
-        if (generalName.uniformResourceIdentifier) {
-            uris.push(generalName.uniformResourceIdentifier);
-        }
-    }
-    return uris;
-}
-function validateNameConstraints(issuers, leafUris) {
-    for (const issuer of issuers) {
-        const extension = findExtension(issuer.certificate, id_ce_nameConstraints);
-        if (!extension) {
-            continue;
-        }
-        const constraints = AsnConvert.parse(extension.extnValue.buffer, NameConstraints);
-        if (!constraints.permittedSubtrees) {
-            continue;
-        }
-        const permittedUris = collectPermittedUris(Array.from(constraints.permittedSubtrees));
-        if (permittedUris.length === 0) {
-            continue;
-        }
-        for (const uri of leafUris) {
-            const allowed = permittedUris.some((prefix) => uri.startsWith(prefix));
-            if (!allowed) {
-                throw new Error(`URI '${uri}' violates name constraints - not in permitted subtrees: ${permittedUris.join(", ")}`);
-            }
-        }
-    }
-}
-function collectPermittedUris(subtrees) {
-    const uris = [];
-    for (const subtree of subtrees) {
-        if (subtree.base.uniformResourceIdentifier &&
-            subtree.base.uniformResourceIdentifier.length > 0) {
-            uris.push(subtree.base.uniformResourceIdentifier);
-        }
-    }
-    return uris;
-}
-function validateTrustAnchor(chain, trustStorePem) {
-    const trustedCerts = parseTrustStore(trustStorePem);
-    if (trustedCerts.length === 0) {
-        throw new Error("No valid certificates found in trust store");
-    }
-    logger.debug("trust_anchor_validation_start", {
-        chain_length: chain.length,
-        trust_store_cert_count: trustedCerts.length,
-    });
-    const chainInfo = chain.map((cert, index) => `[${index}] ${cert.subjectName} (Serial: ${cert.serialNumber})`);
-    const trustedInfo = trustedCerts.map((cert, index) => `[${index}] ${cert.subjectName} (Serial: ${cert.serialNumber})`);
-    logger.debug("certificate_chain_validation", {
-        chain_certificates: chainInfo,
-        trust_store_certificates: trustedInfo,
-    });
-    // Strategy 1: direct trust (exact certificate match)
-    for (let i = 0; i < chain.length; i += 1) {
-        const cert = chain[i];
-        const match = trustedCerts.find((trusted) => trusted.serialNumber === cert.serialNumber &&
-            namesEqual(trusted.certificate.tbsCertificate.subject, cert.certificate.tbsCertificate.subject));
-        if (match) {
-            logger.debug("certificate_chain_trust_validation_passed", {
-                matching_serial: match.serialNumber,
-                validation_strategy: `direct_trust_cert_${i}`,
-            });
-            return;
-        }
-    }
-    const leaf = chain[0];
-    // Strategy 2: leaf issuer in trust store
-    for (const trusted of trustedCerts) {
-        if (namesEqual(trusted.certificate.tbsCertificate.subject, leaf.certificate.tbsCertificate.issuer) &&
-            trusted.serialNumber !== leaf.serialNumber) {
-            verifyCertificateSignature(leaf.certificate, trusted.certificate);
-            logger.debug("certificate_chain_trust_validation_passed", {
-                matching_serial: trusted.serialNumber,
-                validation_strategy: "leaf_issuer_trust",
-            });
-            return;
-        }
-    }
-    // Strategy 3: any intermediate issuer in trust store
-    for (let index = 1; index < chain.length; index += 1) {
-        const intermediate = chain[index];
-        for (const trusted of trustedCerts) {
-            if (namesEqual(trusted.certificate.tbsCertificate.subject, intermediate.certificate.tbsCertificate.issuer) &&
-                trusted.serialNumber !== intermediate.serialNumber) {
-                verifyCertificateSignature(intermediate.certificate, trusted.certificate);
-                logger.debug("certificate_chain_trust_validation_passed", {
-                    matching_serial: trusted.serialNumber,
-                    validation_strategy: `intermediate_issuer_trust_cert_${index}`,
-                });
-                return;
-            }
-        }
-    }
-    logger.warning("certificate_chain_trust_validation_failed", {
-        leaf_subject: leaf.subjectName,
-        leaf_issuer: leaf.issuerName,
-        leaf_serial: leaf.serialNumber,
-        trusted_certificates: trustedInfo,
-        chain_certificates: chainInfo,
-        reason: "no_matching_trust_anchor",
-    });
-    throw new Error("Certificate chain is not rooted in a trusted anchor");
-}
-function parseTrustStore(trustStorePem) {
-    const normalized = normalizePem(trustStorePem);
-    const blocks = extractPemBlocks(normalized);
-    const parsed = [];
-    for (const block of blocks) {
-        try {
-            const der = decodeBase64(block);
-            const certificate = AsnConvert.parse(der, Certificate);
-            parsed.push(createParsedCertificate(certificate, der));
-        }
-        catch (error) {
-            const reason = error instanceof Error ? error.message : String(error);
-            logger.debug("trust_store_certificate_parse_failed", { reason });
-        }
-    }
-    return parsed;
-}
-function extractPemBlocks(pem) {
-    const blocks = [];
-    const regex = /-----BEGIN CERTIFICATE-----([\s\S]*?)-----END CERTIFICATE-----/gu;
-    let match;
-    // eslint-disable-next-line no-cond-assign
-    while ((match = regex.exec(pem)) !== null) {
-        const body = match[1] ?? "";
-        blocks.push(body.replace(/\s+/gu, ""));
-    }
-    return blocks;
-}
-function validateChainContinuity(chain) {
-    if (chain.length <= 1) {
-        return;
-    }
-    logger.debug("validating_chain_continuity", { chain_length: chain.length });
-    for (let index = 0; index < chain.length - 1; index += 1) {
-        const cert = chain[index];
-        const issuer = chain[index + 1];
-        if (!namesEqual(cert.certificate.tbsCertificate.issuer, issuer.certificate.tbsCertificate.subject)) {
-            logger.warning("certificate_chain_continuity_failed", {
-                cert_index: index,
-                cert_subject: cert.subjectName,
-                cert_issuer: cert.issuerName,
-                expected_issuer_subject: issuer.subjectName,
-                reason: "issuer_name_mismatch",
-            });
-            throw new Error(`Certificate chain continuity broken: certificate at index ${index} issuer does not match next certificate subject`);
-        }
-        try {
-            verifyCertificateSignature(cert.certificate, issuer.certificate);
-            logger.debug("chain_continuity_verification_success", {
-                cert_index: index,
-                cert_serial: cert.serialNumber,
-                issuer_serial: issuer.serialNumber,
-            });
-        }
-        catch (error) {
-            const reason = error instanceof Error ? error.message : String(error);
-            logger.warning("certificate_chain_continuity_failed", {
-                cert_index: index,
-                cert_subject: cert.subjectName,
-                issuer_subject: issuer.subjectName,
-                cert_serial: cert.serialNumber,
-                issuer_serial: issuer.serialNumber,
-                error: reason,
-                reason: "signature_verification_failed",
-            });
-            throw new Error(`Certificate chain continuity broken: certificate at index ${index} was not signed by certificate at index ${index + 1}: ${reason}`);
-        }
-    }
-    logger.debug("chain_continuity_validation_passed", {
-        chain_length: chain.length,
-    });
-}
-function verifyCertificateSignature(certificate, issuer) {
-    ensureEd25519Support();
-    const signatureAlgorithm = certificate.signatureAlgorithm.algorithm;
-    const issuerAlgorithm = issuer.tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm;
-    if (signatureAlgorithm !== OID_ED25519 || issuerAlgorithm !== OID_ED25519) {
-        throw new Error(`Unsupported signature algorithm (certificate: ${signatureAlgorithm}, issuer: ${issuerAlgorithm})`);
-    }
-    const signatureBytes = new Uint8Array(certificate.signatureValue);
-    const tbsBytes = new Uint8Array(AsnConvert.serialize(certificate.tbsCertificate));
-    const issuerKey = new Uint8Array(issuer.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey);
-    if (issuerKey.length !== 32) {
-        throw new Error("Issuer Ed25519 public key must be 32 bytes");
-    }
-    const valid = ed25519Verify(signatureBytes, tbsBytes, issuerKey);
-    if (!valid) {
-        throw new Error("Certificate signature verification failed");
-    }
-}
-function ensureEd25519Support() {
-    const etcPatch = edEtc;
-    if (!etcPatch.sha512) {
-        etcPatch.sha512 = (message) => sha512(message);
-    }
-    if (!etcPatch.sha512Sync) {
-        etcPatch.sha512Sync = (...messages) => {
-            if (messages.length === 1) {
-                return sha512(messages[0]);
-            }
-            const combined = edEtc.concatBytes(...messages);
-            return sha512(combined);
-        };
-    }
-}
-function findExtension(certificate, oid) {
-    const extensions = certificate.tbsCertificate.extensions;
-    if (!extensions) {
-        return null;
-    }
-    for (const extension of extensions) {
-        if (extension.extnID === oid) {
-            return extension;
-        }
-    }
-    return null;
-}
-function namesEqual(a, b) {
-    const left = new Uint8Array(AsnConvert.serialize(a));
-    const right = new Uint8Array(AsnConvert.serialize(b));
-    if (left.length !== right.length) {
-        return false;
-    }
-    for (let i = 0; i < left.length; i += 1) {
-        if (left[i] !== right[i]) {
-            return false;
-        }
-    }
-    return true;
-}
-function serializeName(name) {
-    const rdns = Array.from(name);
-    return rdns
-        .map((rdn) => Array.from(rdn)
-        .map((attr) => `${oidToLabel(attr.type)}=${attr.value.toString()}`)
-        .join("+"))
-        .join(",");
-}
-function oidToLabel(oid) {
-    switch (oid) {
-        case "2.5.4.3":
-            return "CN";
-        case "2.5.4.6":
-            return "C";
-        case "2.5.4.7":
-            return "L";
-        case "2.5.4.8":
-            return "ST";
-        case "2.5.4.10":
-            return "O";
-        case "2.5.4.11":
-            return "OU";
-        default:
-            return oid;
-    }
-}
-function concatBytes(chunks) {
-    const totalLength = chunks.reduce((sum, chunk) => sum + chunk.length, 0);
-    const result = new Uint8Array(totalLength);
-    let offset = 0;
-    for (const chunk of chunks) {
-        result.set(chunk, offset);
-        offset += chunk.length;
-    }
-    return result;
-}
-function decodeBase64(input) {
-    if (typeof Buffer !== "undefined") {
-        const normalized = input.replace(/\s+/gu, "");
-        return new Uint8Array(Buffer.from(normalized, "base64"));
-    }
-    if (typeof atob === "function") {
-        const normalized = input.replace(/\s+/gu, "");
-        const binary = atob(normalized);
-        const bytes = new Uint8Array(binary.length);
-        for (let i = 0; i < binary.length; i += 1) {
-            bytes[i] = binary.charCodeAt(i);
-        }
-        return bytes;
-    }
-    throw new Error("No base64 decoder available in this environment");
-}
-function toHex(data) {
-    return Array.from(data)
-        .map((byte) => byte.toString(16).padStart(2, "0"))
-        .join("");
-}
-function buildCacheKey(chainBytes, trustStorePem, enforceNameConstraints) {
-    const chainHash = toHex(sha256(chainBytes));
-    const trustHash = trustStorePem
-        ? toHex(sha256(textEncoder.encode(trustStorePem)))
-        : "no-trust";
-    const constraintFlag = enforceNameConstraints ? "nc1" : "nc0";
-    return `${chainHash}|${trustHash}|${constraintFlag}`;
-}
-function getCachedPublicKey(cacheKey) {
-    const entry = trustCache.get(cacheKey);
-    if (!entry) {
-        return null;
-    }
-    if (Date.now() > entry.expiresAt) {
-        trustCache.delete(cacheKey);
-        logger.debug("certificate_cache_expired", { cache_key: cacheKey });
-        return null;
-    }
-    return entry.value.slice();
-}
-function setCachedPublicKey(cacheKey, value, notAfter) {
-    while (trustCache.size >= CACHE_LIMIT) {
-        const firstKey = trustCache.keys().next().value;
-        if (firstKey === undefined) {
-            break;
-        }
-        trustCache.delete(firstKey);
-        logger.debug("certificate_cache_evicted", { cache_key: firstKey });
-    }
-    trustCache.set(cacheKey, {
-        value: value.slice(),
-        expiresAt: notAfter.getTime(),
-    });
-    logger.debug("certificate_cache_stored", {
-        cache_key: cacheKey,
-        expires_at: notAfter.toISOString(),
-        cache_size: trustCache.size,
-    });
-}
-function normalizeTrustStoreOption(value) {
-    if (!value) {
-        return null;
-    }
-    const trimmed = value.trim();
-    if (trimmed.length === 0) {
-        return null;
-    }
-    if (!trimmed.includes("-----BEGIN CERTIFICATE-----")) {
-        throw new Error("trustStorePem must contain PEM-encoded certificates when provided");
-    }
-    return normalizePem(trimmed);
-}
-function normalizePem(pem) {
-    return pem.replace(/\r/gu, "").trim();
-}
-function generateCallId() {
-    return Math.random().toString(36).slice(2, 10);
-}
-//# sourceMappingURL=util.js.map

package/dist/esm/naylence/fame/security/cert/util.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EACL,WAAW,EAGX,eAAe,EACf,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,GAErB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,GAAG,IAAI,KAAK,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACvE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEnD,MAAM,MAAM,GAAG,SAAS,CAAC,kCAAkC,CAAC,CAAC;AAE7D,MAAM,WAAW,GAAG,GAAG,CAAC;AACxB,MAAM,WAAW,GAAG,aAAa,CAAC;AAClC,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;AAgBtC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAsB,CAAC;AA4BjD,MAAM,UAAU,gBAAgB,CAC9B,GAAa,EACb,UAAmC,EAAE;IAErC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,MAAM,sBAAsB,GAAG,OAAO,CAAC,sBAAsB,IAAI,IAAI,CAAC;IACtE,MAAM,aAAa,GAAG,yBAAyB,CAC7C,OAAO,CAAC,aAAa,IAAI,IAAI,CAC9B,CAAC;IACF,MAAM,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,IAAI,KAAK,CAAC;IAE7D,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;IAE1D,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;QACzC,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,MAAM,CAAC,MAAM;QACxB,wBAAwB,EAAE,sBAAsB;QAChD,eAAe,EAAE,OAAO,CAAC,aAAa,CAAC;QACvC,WAAW,EAAE,iBAAiB;KAC/B,CAAC,CAAC;IAEH,IAAI,QAAQ,GAAkB,IAAI,CAAC;IACnC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,QAAQ,GAAG,aAAa,CAAC,UAAU,EAAE,aAAa,EAAE,sBAAsB,CAAC,CAAC;QAC5E,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;gBACpC,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,QAAQ;aACpB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE;YACrC,OAAO,EAAE,MAAM;YACf,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,UAAU,GAAG,wBAAwB,CACzC,MAAM,EACN,sBAAsB,EACtB,aAAa,CACd,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO;YACL,SAAS,EAAE,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE;YACvC,WAAW,EAAE,UAAU,CAAC,WAAW;SACpC,CAAC;IACJ,CAAC;IAED,OAAO,UAAU,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,OAAyC;IAEzC,MAAM,EACJ,GAAG,EACH,aAAa,GAAG,IAAI,EACpB,sBAAsB,GAAG,IAAI,EAC7B,MAAM,GAAG,IAAI,GACd,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,oBAAoB,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,MAAM,GAAG,GAAI,GAAyB,CAAC,GAAG,CAAC;IAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;QACtB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QACnB,GAAG,CAAC,MAAM,KAAK,CAAC;QAChB,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,EAC9C,CAAC;QACD,MAAM,KAAK,GAAG,0BAA0B,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC;IAED,IAAI,CAAC;QACH,gBAAgB,CAAC,GAAe,EAAE;YAChC,aAAa;YACb,sBAAsB;SACvB,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,SAAS,CAAC,CAAC;QACtE,MAAM,UAAU,GAAG,kCAAkC,OAAO,EAAE,CAAC;QAC/D,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAC/B,MAA2B,EAC3B,sBAA+B,EAC/B,aAA4B;IAM5B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,SAAS,GACb,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IAC/D,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC7E,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAEtC,IAAI,KAAK,GAAG,WAAW,IAAI,KAAK,GAAG,UAAU,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CACb,kDAAkD,SAAS,CAAC,WAAW,EAAE,eAAe,QAAQ,CAAC,WAAW,EAAE,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,GAAG,CACzJ,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,sBAAsB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC7C,CAAC;IAED,IAAI,aAAa,EAAE,CAAC;QAClB,mBAAmB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC7C,CAAC;IAED,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;IAChD,OAAO;QACL,SAAS;QACT,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAa;IAI1C,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,MAAM,SAAS,GAAiB,EAAE,CAAC;IAEnC,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,GAAG,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACnD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;QACzB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CAAC,gCAAgC,KAAK,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,GAAe,CAAC;QACpB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,IAAI,KAAK,CACb,yCAAyC,KAAK,KAAK,MAAM,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,WAAwB,CAAC;QAC7B,IAAI,CAAC;YACH,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,IAAI,KAAK,CACb,wCAAwC,KAAK,KAAK,MAAM,EAAE,CAC3D,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACvD,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;AACxD,CAAC;AAED,SAAS,uBAAuB,CAC9B,WAAwB,EACxB,GAAe;IAEf,OAAO;QACL,GAAG;QACH,WAAW;QACX,YAAY,EAAE,KAAK,CACjB,IAAI,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,YAAY,CAAC,CACxD,CAAC,WAAW,EAAE;QACf,WAAW,EAAE,aAAa,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC;QAC9D,UAAU,EAAE,aAAa,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC;QAC5D,gBAAgB,EAAE,IAAI,UAAU,CAC9B,WAAW,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CACjE,CAAC,KAAK,EAAE;KACV,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAiB;IAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC5D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,sBAAsB,GAAG,UAAU,CAAC,KAAK,CAC7C,SAAS,CAAC,SAAS,CAAC,MAAM,EAC1B,sBAAsB,CACvB,CAAC;IAEF,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,WAAW,IAAI,sBAAsB,EAAE,CAAC;QACjD,IAAI,WAAW,CAAC,yBAAyB,EAAE,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,uBAAuB,CAC9B,OAA4B,EAC5B,QAAkB;IAElB,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,WAAW,EAAE,qBAAqB,CAAC,CAAC;QAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,SAAS;QACX,CAAC;QAED,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAClC,SAAS,CAAC,SAAS,CAAC,MAAM,EAC1B,eAAe,CAChB,CAAC;QACF,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QAED,MAAM,aAAa,GAAG,oBAAoB,CACxC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAC1C,CAAC;QACF,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;YACvE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CACb,QAAQ,GAAG,4DAA4D,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClG,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAkC;IAC9D,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IACE,OAAO,CAAC,IAAI,CAAC,yBAAyB;YACtC,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,MAAM,GAAG,CAAC,EACjD,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAA0B,EAC1B,aAAqB;IAErB,MAAM,YAAY,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IACpD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;QAC5C,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,sBAAsB,EAAE,YAAY,CAAC,MAAM;KAC5C,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CACzB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CACd,IAAI,KAAK,KAAK,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,YAAY,GAAG,CAClE,CAAC;IACF,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAClC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CACd,IAAI,KAAK,KAAK,IAAI,CAAC,WAAW,aAAa,IAAI,CAAC,YAAY,GAAG,CAClE,CAAC;IAEF,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE;QAC3C,kBAAkB,EAAE,SAAS;QAC7B,wBAAwB,EAAE,WAAW;KACtC,CAAC,CAAC;IAEH,qDAAqD;IACrD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAC7B,CAAC,OAAO,EAAE,EAAE,CACV,OAAO,CAAC,YAAY,KAAK,IAAI,CAAC,YAAY;YAC1C,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CACxC,CACJ,CAAC;QACF,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBACxD,eAAe,EAAE,KAAK,CAAC,YAAY;gBACnC,mBAAmB,EAAE,qBAAqB,CAAC,EAAE;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IAEvB,yCAAyC;IACzC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,IACE,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CACvC;YACD,OAAO,CAAC,YAAY,KAAK,IAAI,CAAC,YAAY,EAC1C,CAAC;YACD,0BAA0B,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YAClE,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBACxD,eAAe,EAAE,OAAO,CAAC,YAAY;gBACrC,mBAAmB,EAAE,mBAAmB;aACzC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,qDAAqD;IACrD,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACrD,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAE,CAAC;QACnC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,IACE,UAAU,CACR,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAC1C,YAAY,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,CAC/C;gBACD,OAAO,CAAC,YAAY,KAAK,YAAY,CAAC,YAAY,EAClD,CAAC;gBACD,0BAA0B,CACxB,YAAY,CAAC,WAAW,EACxB,OAAO,CAAC,WAAW,CACpB,CAAC;gBACF,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;oBACxD,eAAe,EAAE,OAAO,CAAC,YAAY;oBACrC,mBAAmB,EAAE,kCAAkC,KAAK,EAAE;iBAC/D,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,CAAC,OAAO,CAAC,2CAA2C,EAAE;QAC1D,YAAY,EAAE,IAAI,CAAC,WAAW;QAC9B,WAAW,EAAE,IAAI,CAAC,UAAU;QAC5B,WAAW,EAAE,IAAI,CAAC,YAAY;QAC9B,oBAAoB,EAAE,WAAW;QACjC,kBAAkB,EAAE,SAAS;QAC7B,MAAM,EAAE,0BAA0B;KACnC,CAAC,CAAC;IAEH,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,eAAe,CAAC,aAAqB;IAC5C,MAAM,UAAU,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAC5C,MAAM,MAAM,GAAwB,EAAE,CAAC;IAEvC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,WAAW,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YACvD,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,CAAC,KAAK,CAAC,sCAAsC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,KAAK,GACT,kEAAkE,CAAC;IACrE,IAAI,KAA6B,CAAC;IAElC,0CAA0C;IAC1C,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC1C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,uBAAuB,CAAC,KAA0B;IACzD,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACtB,OAAO;IACT,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAE5E,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACzD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAE,CAAC;QAEjC,IACE,CAAC,UAAU,CACT,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,MAAM,EACtC,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAC1C,EACD,CAAC;YACD,MAAM,CAAC,OAAO,CAAC,qCAAqC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,WAAW,EAAE,IAAI,CAAC,UAAU;gBAC5B,uBAAuB,EAAE,MAAM,CAAC,WAAW;gBAC3C,MAAM,EAAE,sBAAsB;aAC/B,CAAC,CAAC;YACH,MAAM,IAAI,KAAK,CACb,6DAA6D,KAAK,iDAAiD,CACpH,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,0BAA0B,CAAC,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YACjE,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,aAAa,EAAE,MAAM,CAAC,YAAY;aACnC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,CAAC,OAAO,CAAC,qCAAqC,EAAE;gBACpD,UAAU,EAAE,KAAK;gBACjB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,cAAc,EAAE,MAAM,CAAC,WAAW;gBAClC,WAAW,EAAE,IAAI,CAAC,YAAY;gBAC9B,aAAa,EAAE,MAAM,CAAC,YAAY;gBAClC,KAAK,EAAE,MAAM;gBACb,MAAM,EAAE,+BAA+B;aACxC,CAAC,CAAC;YACH,MAAM,IAAI,KAAK,CACb,6DAA6D,KAAK,2CAA2C,KAAK,GAAG,CAAC,KAAK,MAAM,EAAE,CACpI,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;QACjD,YAAY,EAAE,KAAK,CAAC,MAAM;KAC3B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CACjC,WAAwB,EACxB,MAAmB;IAEnB,oBAAoB,EAAE,CAAC;IAEvB,MAAM,kBAAkB,GAAG,WAAW,CAAC,kBAAkB,CAAC,SAAS,CAAC;IACpE,MAAM,eAAe,GACnB,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC,SAAS,CAAC,SAAS,CAAC;IAEjE,IAAI,kBAAkB,KAAK,WAAW,IAAI,eAAe,KAAK,WAAW,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CACb,iDAAiD,kBAAkB,aAAa,eAAe,GAAG,CACnG,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IAClE,MAAM,QAAQ,GAAG,IAAI,UAAU,CAC7B,UAAU,CAAC,SAAS,CAAC,WAAW,CAAC,cAAc,CAAC,CACjD,CAAC;IACF,MAAM,SAAS,GAAG,IAAI,UAAU,CAC9B,MAAM,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAC5D,CAAC;IAEF,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,cAAc,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACjE,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB;IAC3B,MAAM,QAAQ,GAAG,KAGhB,CAAC;IAEF,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrB,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QACzB,QAAQ,CAAC,UAAU,GAAG,CAAC,GAAG,QAAsB,EAAc,EAAE;YAC9D,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,CAAC;YAC9B,CAAC;YACD,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC;YAChD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,WAAwB,EACxB,GAAW;IAEX,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC;IACzD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,SAAS,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7B,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAO,EAAE,CAAO;IAClC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtD,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACxC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,IAAU;IAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,IAAI;SACR,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACX,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;SACZ,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,CAAC;SAClE,IAAI,CAAC,GAAG,CAAC,CACb;SACA,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,SAAS;YACZ,OAAO,IAAI,CAAC;QACd,KAAK,SAAS;YACZ,OAAO,GAAG,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,GAAG,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,IAAI,CAAC;QACd,KAAK,UAAU;YACb,OAAO,GAAG,CAAC;QACb,KAAK,UAAU;YACb,OAAO,IAAI,CAAC;QACd;YACE,OAAO,GAAG,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAoB;IACvC,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IAC3C,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;IACzB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC9C,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1C,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,KAAK,CAAC,IAAgB;IAC7B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;SACpB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACjD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CACpB,UAAsB,EACtB,aAA4B,EAC5B,sBAA+B;IAE/B,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,aAAa;QAC7B,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,UAAU,CAAC;IACf,MAAM,cAAc,GAAG,sBAAsB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;IAC9D,OAAO,GAAG,SAAS,IAAI,SAAS,IAAI,cAAc,EAAE,CAAC;AACvD,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QACjC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;QACnE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,kBAAkB,CACzB,QAAgB,EAChB,KAAiB,EACjB,QAAc;IAEd,OAAO,UAAU,CAAC,IAAI,IAAI,WAAW,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QAChD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM;QACR,CAAC;QACD,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE;QACvB,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE;QACpB,SAAS,EAAE,QAAQ,CAAC,OAAO,EAAE;KAC9B,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;QACvC,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,QAAQ,CAAC,WAAW,EAAE;QAClC,UAAU,EAAE,UAAU,CAAC,IAAI;KAC5B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAoB;IACrD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,6BAA6B,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CACb,mEAAmE,CACpE,CAAC;IACJ,CAAC;IAED,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,cAAc;IACrB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACjD,CAAC"}