npm - @nmshd/consumption - Versions diffs - 7.4.1 → 7.5.0-openid4vc.1 - Mend

@nmshd/consumption 7.4.1 → 7.5.0-openid4vc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/dist/modules/openid4vc/local/EnmeshedHolderKeyManagmentService.js ADDED Viewed

@@ -0,0 +1,345 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnmshedHolderKeyManagmentService = void 0;
+const core_1 = require("@credo-ts/core");
+const elliptic_1 = require("elliptic");
+const crypto_1 = require("@nmshd/crypto");
+const sjcl_1 = __importDefault(require("sjcl"));
+class EnmshedHolderKeyManagmentService {
+    static { this.backend = "enmeshed"; }
+    constructor(keyStorage) {
+        this.keyStorage = keyStorage;
+        this.backend = EnmshedHolderKeyManagmentService.backend;
+        this.b64url = (bytes) => crypto_1.SodiumWrapper.sodium.to_base64(bytes, crypto_1.SodiumWrapper.sodium.base64_variants.URLSAFE_NO_PADDING);
+        this.b64urlDecode = (b64url) => crypto_1.SodiumWrapper.sodium.from_base64(b64url, crypto_1.SodiumWrapper.sodium.base64_variants.URLSAFE_NO_PADDING);
+        // please note: we cannot use buffer here - because it is not available in the browser
+        // and yes it could be pollyfilled but that extends the bundle size for no good reason
+        this.buf2hex = (bytes) => {
+            return Array.from(bytes)
+                .map((b) => b.toString(16).padStart(2, "0"))
+                .join("");
+        };
+        this.hex2buf = (hex) => {
+            const bytes = new Uint8Array(hex.length / 2);
+            for (let i = 0; i < bytes.length; i++) {
+                bytes[i] = parseInt(hex.substring(i * 2, i * 2 + 2), 16);
+            }
+            return bytes;
+        };
+    }
+    isOperationSupported(agentContext, operation) {
+        agentContext.config.logger.debug(`EKM: Checking if operation is supported: ${JSON.stringify(operation)}`);
+        if (operation.operation === "createKey") {
+            if (operation.type.kty === "OKP") {
+                return true;
+            }
+            if (operation.type.kty === "EC" && operation.type.crv === "P-256") {
+                return true;
+            }
+            return false;
+        }
+        if (operation.operation === "verify" && operation.algorithm === "ES256") {
+            return true;
+        }
+        if (operation.operation === "sign" && (operation.algorithm === "EdDSA" || operation.algorithm === "ES256")) {
+            return true;
+        }
+        if (operation.operation === "randomBytes") {
+            return true;
+        }
+        if (operation.operation === "deleteKey") {
+            return true;
+        }
+        if (operation.operation === "encrypt" && ["A128GCM", "A256GCM"].includes(operation.encryption.algorithm)) {
+            return true;
+        }
+        return false;
+    }
+    async getPublicKey(agentContext, keyId) {
+        const keyPair = await this.keyStorage.getKey(keyId);
+        if (!keyPair) {
+            agentContext.config.logger.error(`EKM: Key with id ${keyId} not found`);
+            throw new Error(`Key with id ${keyId} not found`);
+        }
+        return JSON.parse(keyPair).publicKey;
+    }
+    async createKey(agentContext, options) {
+        options.keyId ??= "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function (c) {
+            // Use libsodium's randombytes_uniform for secure random number generation
+            const r = crypto_1.SodiumWrapper.sodium.randombytes_uniform(16);
+            const v = c === "x" ? r : (r & 0x3) | 0x8;
+            return v.toString(16);
+        });
+        agentContext.config.logger.debug(`EKM: Creating key with id ${options.keyId} and type ${JSON.stringify(options.type)}`);
+        if (options.type.kty === "EC" && options.type.crv === "P-256") {
+            // Use P-256 (aka secp256r1)
+            const ec = new elliptic_1.ec("p256");
+            const key = ec.genKeyPair();
+            // Public JWK
+            const publicJwk = {
+                kty: "EC", // Elliptic Curve
+                crv: "P-256",
+                x: this.b64url(new Uint8Array(key.getPublic().getX().toArray())),
+                y: this.b64url(new Uint8Array(key.getPublic().getY().toArray()))
+            };
+            // Private JWK
+            const privateJwk = {
+                ...publicJwk,
+                d: this.b64url(new Uint8Array(key.getPrivate().toArray()))
+            };
+            const jwkKeyPair = {
+                publicKey: publicJwk,
+                privateKey: privateJwk,
+                keyType: "EC"
+            };
+            agentContext.config.logger.debug(`EKM: Created EC key pair with id ${options.keyId}`);
+            // store the key pair in the keystore
+            await this.keyStorage.storeKey(options.keyId, JSON.stringify(jwkKeyPair));
+            // Credo doesn't trust the key id provided in the key binding jwk anymore, so there are two options: Storing the key id with the credential and making sure that key id is properly fetched - this turned out to be difficult - or the easy way out by storing this alternative key id computed from the public key.
+            const credoLegacyKeyId = core_1.Kms.PublicJwk.fromPublicJwk(publicJwk).legacyKeyId;
+            await this.keyStorage.storeKey(credoLegacyKeyId, JSON.stringify(jwkKeyPair));
+            return { keyId: options.keyId, publicJwk: publicJwk };
+        }
+        const { keyType, publicKey, privateKey } = crypto_1.SodiumWrapper.sodium.crypto_sign_keypair();
+        agentContext.config.logger.debug(`EKM: Created OKP key pair with id ${options.keyId} and keyType ${keyType}`);
+        const seed = privateKey.slice(0, crypto_1.SodiumWrapper.sodium.crypto_sign_SEEDBYTES);
+        // Public JWK
+        const publicJwk = {
+            kty: "OKP", // Octet Key Pair
+            crv: "Ed25519",
+            x: this.b64url(publicKey)
+        };
+        // Private JWK
+        const privateJwk = {
+            ...publicJwk,
+            d: this.b64url(seed)
+        };
+        const jwkKeyPair = {
+            publicKey: publicJwk,
+            privateKey: privateJwk,
+            keyType: "OKP"
+        };
+        await this.keyStorage.storeKey(options.keyId, JSON.stringify(jwkKeyPair));
+        return { keyId: options.keyId, publicJwk: publicJwk };
+    }
+    importKey(agentContext, options) {
+        agentContext.config.logger.debug(`EKM: Importing key with  ${JSON.stringify(options)}`);
+        throw new Error("Method not implemented.");
+    }
+    async deleteKey(agentContext, options) {
+        const hasKey = await this.keyStorage.hasKey(options.keyId);
+        if (!hasKey)
+            throw new Error(`key with id ${options.keyId} not found. and cannot be deleted`);
+        agentContext.config.logger.debug(`EKM: Deleting key with id ${options.keyId}`);
+        await this.keyStorage.deleteKey(options.keyId);
+        return true;
+    }
+    async sign(agentContext, options) {
+        agentContext.config.logger.debug(`EKM: Signing data with key id ${options.keyId} using algorithm ${options.algorithm}`);
+        const stringifiedKeyPair = await this.keyStorage.getKey(options.keyId);
+        if (!stringifiedKeyPair) {
+            throw new Error(`Key with id ${options.keyId} not found`);
+        }
+        const { privateKey, publicKey } = JSON.parse(stringifiedKeyPair);
+        if (options.algorithm === "ES256") {
+            // Use P-256 (aka secp256r1)
+            const ec = new elliptic_1.ec("p256");
+            if (!privateKey.d) {
+                throw new Error("Private JWK does not contain 'd' parameter");
+            }
+            const priv = this.buf2hex(this.b64urlDecode(privateKey.d));
+            const key = ec.keyFromPrivate(priv, "hex");
+            // we need to hash the data using SHA-256
+            const dataHash = ec.hash().update(options.data).digest();
+            const signature = key.sign(dataHash);
+            const r = new Uint8Array(signature.r.toArray());
+            const s = new Uint8Array(signature.s.toArray());
+            const signatureBytes = new Uint8Array(r.length + s.length);
+            signatureBytes.set(r);
+            signatureBytes.set(s, r.length);
+            return await Promise.resolve({
+                signature: signatureBytes
+            });
+        }
+        const decode = (bytes) => crypto_1.SodiumWrapper.sodium.from_base64(bytes, crypto_1.SodiumWrapper.sodium.base64_variants.URLSAFE_NO_PADDING);
+        // get the private key bytes
+        if (privateKey.d === undefined) {
+            throw new Error("Private key does not contain 'd' parameter");
+        }
+        const privateKeyBytes = decode(privateKey.d);
+        // get the public key bytes
+        if (publicKey.x === undefined) {
+            throw new Error("Public key does not contain 'x' parameter");
+        }
+        const publicKeyBytes = decode(publicKey.x);
+        // combine the key bytes to a full private key
+        const fullPrivateKeyBytes = new Uint8Array(privateKeyBytes.length + publicKeyBytes.length);
+        fullPrivateKeyBytes.set(privateKeyBytes);
+        fullPrivateKeyBytes.set(publicKeyBytes, privateKeyBytes.length);
+        // and use it to sign the data
+        const signature = crypto_1.SodiumWrapper.sodium.crypto_sign_detached(options.data, fullPrivateKeyBytes);
+        return {
+            signature: signature // I hope this cast doesn't paper over something
+        };
+    }
+    verify(agentContext, options) {
+        agentContext.config.logger.debug(`EKM: Verifying signature with key id ${options.key.keyId} using algorithm ${options.algorithm}`);
+        // Use P-256 (aka secp256r1)
+        const ec = new elliptic_1.ec("p256");
+        if (!options.key.publicJwk) {
+            throw new Error("Public JWK is undefined");
+        }
+        if (options.key.publicJwk.kty !== "EC") {
+            throw new Error("Public JWK does not contain 'x' or 'y' parameter");
+        }
+        const x = options.key.publicJwk.x;
+        const y = options.key.publicJwk.y;
+        const pub = { x: this.buf2hex(this.b64urlDecode(x)), y: this.buf2hex(this.b64urlDecode(y)) };
+        const key = ec.keyFromPublic(pub, "hex");
+        const signatureBytes = options.signature;
+        const r = signatureBytes.subarray(0, 32);
+        const s = signatureBytes.subarray(32, 64);
+        const signature = { r: this.buf2hex(r), s: this.buf2hex(s) };
+        // we need to hash the data using SHA-256
+        const dataHash = ec.hash().update(options.data).digest();
+        try {
+            const verified = key.verify(dataHash, signature);
+            return Promise.resolve({ verified: verified });
+        }
+        catch (e) {
+            agentContext.config.logger.error(`EKM: Error during signature verification: ${e}`);
+            throw e;
+        }
+    }
+    async ecdhEs(localKeyId, remotePublicJWK) {
+        const keyPairString = await this.keyStorage.getKey(localKeyId);
+        if (!keyPairString) {
+            throw new Error(`Key with id ${localKeyId} not found`);
+        }
+        const localKeyPair = JSON.parse(keyPairString);
+        if (localKeyPair.keyType !== "EC") {
+            throw new Error("Key type is not EC");
+        }
+        const ec = new elliptic_1.ec("p256");
+        if (localKeyPair.privateKey.d === undefined) {
+            throw new Error("Local private key does not contain 'd' parameter");
+        }
+        const localPriv = ec.keyFromPrivate(this.buf2hex(this.b64urlDecode(localKeyPair.privateKey.d)), "hex");
+        // the remote jwk is base64url encoded - we again decode and transform to hex to receive a fitting public key
+        const remoteBasePoint = ec.keyFromPublic({
+            x: this.buf2hex(this.b64urlDecode(remotePublicJWK.x)),
+            y: this.buf2hex(this.b64urlDecode(remotePublicJWK.y))
+        }, "hex");
+        const sharedSecret = localPriv.derive(remoteBasePoint.getPublic());
+        const sharedBytes = new Uint8Array(sharedSecret.toArray("be"));
+        return sharedBytes;
+    }
+    // UTF-8 encode helper
+    utf8(str) {
+        return new TextEncoder().encode(str);
+    }
+    // Concat Uint8Arrays
+    concat(...arrays) {
+        const total = arrays.reduce((sum, a) => sum + a.length, 0);
+        const out = new Uint8Array(total);
+        let offset = 0;
+        for (const a of arrays) {
+            out.set(a, offset);
+            offset += a.length;
+        }
+        return out;
+    }
+    // Encode a 32-bit big-endian length prefix
+    lenPrefix(data) {
+        const buf = new Uint8Array(4 + data.length);
+        const view = new DataView(buf.buffer);
+        view.setUint32(0, data.length, false); // big-endian
+        buf.set(data, 4);
+        return buf;
+    }
+    concatKdf(sharedSecret, keyLength, algorithmDescriptor, keyAgreement) {
+        if (keyAgreement.apu === undefined) {
+            throw new Error("Key agreement apu is undefined");
+        }
+        if (keyAgreement.apv === undefined) {
+            throw new Error("Key agreement apv is undefined");
+        }
+        const algId = this.lenPrefix(this.utf8(algorithmDescriptor));
+        const partyU = this.lenPrefix(keyAgreement.apu);
+        const partyV = this.lenPrefix(keyAgreement.apv);
+        const suppPubInfo = new Uint8Array(4);
+        new DataView(suppPubInfo.buffer).setUint32(0, keyLength, false);
+        const suppPrivInfo = new Uint8Array(0);
+        const otherInfo = this.concat(algId, partyU, partyV, suppPubInfo, suppPrivInfo);
+        const counter = new Uint8Array([0, 0, 0, 1]);
+        const input = this.concat(counter, sharedSecret, otherInfo);
+        // Hash with SHA-256 (SJCL)
+        const inputHex = this.buf2hex(input);
+        const inputBits = sjcl_1.default.codec.hex.toBits(inputHex);
+        const hashBits = sjcl_1.default.hash.sha256.hash(inputBits);
+        const hashHex = sjcl_1.default.codec.hex.fromBits(hashBits);
+        const hashBuf = this.hex2buf(hashHex);
+        // Truncate to desired key length
+        return hashBuf.subarray(0, keyLength / 8);
+    }
+    async encrypt(agentContext, options) {
+        try {
+            // encryption via A-128-GCM/A-256-GCM
+            // we will call the services side bob and the incoming side alice
+            if (options.key.keyAgreement === undefined) {
+                throw new Error("Key agreement is undefined");
+            }
+            if (options.key.keyAgreement.keyId === undefined) {
+                throw new Error("Key agreement keyId is undefined");
+            }
+            const algorithm = options.encryption.algorithm;
+            const keyLength = options.encryption.algorithm === "A128GCM" ? 128 : 256;
+            // 1. derive the shared secret via ECDH-ES
+            const sharedSecret = await this.ecdhEs(options.key.keyAgreement.keyId, options.key.keyAgreement.externalPublicJwk);
+            agentContext.config.logger.debug(`EKM: Derived shared secret for encryption using ECDH-ES`);
+            // 2. Concat KDF to form the final key
+            const derivedKey = this.concatKdf(sharedSecret, keyLength, algorithm, options.key.keyAgreement);
+            // 3. Encrypt the data via AES-256-GCM using libsodium
+            // create nonce
+            const iv = crypto.getRandomValues(new Uint8Array(12));
+            // transform to bit arrays for sjcl
+            const keyBits = sjcl_1.default.codec.hex.toBits(this.buf2hex(derivedKey));
+            const dataBits = sjcl_1.default.codec.hex.toBits(this.buf2hex(options.data));
+            const ivBits = sjcl_1.default.codec.hex.toBits(this.buf2hex(iv));
+            // do not forget to add the additional authenticated data
+            const aadBits = "aad" in options.encryption && options.encryption.aad ? sjcl_1.default.codec.hex.toBits(this.buf2hex(options.encryption.aad)) : [];
+            // setup aes
+            const aes = new sjcl_1.default.cipher.aes(keyBits);
+            // encrypt
+            const cyphertextBits = sjcl_1.default.mode.gcm.encrypt(aes, dataBits, ivBits, aadBits, 128);
+            // transform back to byte array
+            const cyphertextBuf = this.hex2buf(sjcl_1.default.codec.hex.fromBits(cyphertextBits));
+            // In SJCL, GCM output = ciphertext || tag
+            const cyphertext = cyphertextBuf.subarray(0, cyphertextBuf.length - 16);
+            const tag = cyphertextBuf.subarray(cyphertextBuf.length - 16);
+            const returnValue = {
+                encrypted: cyphertext,
+                iv: iv,
+                tag: tag
+            };
+            return returnValue;
+        }
+        catch (e) {
+            agentContext.config.logger.error(`EKM: Error during encryption: ${e}`);
+            throw e;
+        }
+    }
+    decrypt(agentContext, options) {
+        agentContext.config.logger.debug(`EKM: Decrypting data with key id ${options.key.keyId} using options ${options}`);
+        throw new Error("Method not implemented.");
+    }
+    randomBytes(agentContext, options) {
+        agentContext.config.logger.debug(`EKM: Generating ${options.length} random bytes`);
+        return crypto_1.SodiumWrapper.sodium.randombytes_buf(options.length); // Uint8Array
+    }
+}
+exports.EnmshedHolderKeyManagmentService = EnmshedHolderKeyManagmentService;
+//# sourceMappingURL=EnmeshedHolderKeyManagmentService.js.map

package/dist/modules/openid4vc/local/EnmeshedHolderKeyManagmentService.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EnmeshedHolderKeyManagmentService.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/EnmeshedHolderKeyManagmentService.ts"],"names":[],"mappings":";;;;;;AAAA,yCAAmD;AACnD,uCAAoC;AAEpC,0CAA8C;AAC9C,gDAAwB;AASxB,MAAa,gCAAgC;aAClB,YAAO,GAAG,UAAU,AAAb,CAAc;IAsB5C,YAAoC,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;QApB1C,YAAO,GAAG,gCAAgC,CAAC,OAAO,CAAC;QAElD,WAAM,GAAG,CAAC,KAAiB,EAAE,EAAE,CAAC,sBAAa,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAG,sBAAa,CAAC,MAAc,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;QACxI,iBAAY,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,sBAAa,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAG,sBAAa,CAAC,MAAc,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;QAE/J,sFAAsF;QACtF,sFAAsF;QACrE,YAAO,GAAG,CAAC,KAAiB,EAAE,EAAE;YAC7C,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;iBACnB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;iBAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC,CAAC;QACe,YAAO,GAAG,CAAC,GAAW,EAAE,EAAE;YACvC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7D,CAAC;YACD,OAAO,KAAK,CAAC;QACjB,CAAC,CAAC;IAE2D,CAAC;IAEvD,oBAAoB,CAAC,YAA0B,EAAE,SAA2B;QAC/E,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC1G,IAAI,SAAS,CAAC,SAAS,KAAK,WAAW,EAAE,CAAC;YACtC,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC;YAChB,CAAC;YACD,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;gBAChE,OAAO,IAAI,CAAC;YAChB,CAAC;YACD,OAAO,KAAK,CAAC;QACjB,CAAC;QACD,IAAI,SAAS,CAAC,SAAS,KAAK,QAAQ,IAAI,SAAS,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;YACtE,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,IAAI,SAAS,CAAC,SAAS,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,KAAK,OAAO,IAAI,SAAS,CAAC,SAAS,KAAK,OAAO,CAAC,EAAE,CAAC;YACzG,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,IAAI,SAAS,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,IAAI,SAAS,CAAC,SAAS,KAAK,WAAW,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,IAAI,SAAS,CAAC,SAAS,KAAK,SAAS,IAAI,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACvG,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IACM,KAAK,CAAC,YAAY,CAAC,YAA0B,EAAE,KAAa;QAC/D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,KAAK,YAAY,CAAC,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,eAAe,KAAK,YAAY,CAAC,CAAC;QACtD,CAAC;QAED,OAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAgB,CAAC,SAA6B,CAAC;IAC7E,CAAC;IACM,KAAK,CAAC,SAAS,CAAoC,YAA0B,EAAE,OAAsC;QACxH,OAAO,CAAC,KAAK,KAAK,sCAAsC,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC;YACjF,0EAA0E;YAC1E,MAAM,CAAC,GAAG,sBAAa,CAAC,MAAM,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;YACvD,MAAM,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;YAC1C,OAAO,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;QAEH,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,OAAO,CAAC,KAAK,aAAa,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAExH,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;YAC5D,4BAA4B;YAC5B,MAAM,EAAE,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC;YAC1B,MAAM,GAAG,GAAG,EAAE,CAAC,UAAU,EAAE,CAAC;YAE5B,aAAa;YACb,MAAM,SAAS,GAAG;gBACd,GAAG,EAAE,IAAI,EAAE,iBAAiB;gBAC5B,GAAG,EAAE,OAAO;gBACZ,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;gBAChE,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;aACnE,CAAC;YAEF,cAAc;YACd,MAAM,UAAU,GAAG;gBACf,GAAG,SAAS;gBACZ,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;aAC7D,CAAC;YAEF,MAAM,UAAU,GAAG;gBACf,SAAS,EAAE,SAAS;gBACpB,UAAU,EAAE,UAAU;gBACtB,OAAO,EAAE,IAAI;aAChB,CAAC;YAEF,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;YACtF,qCAAqC;YACrC,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;YAE1E,oTAAoT;YACpT,MAAM,gBAAgB,GAAG,UAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAgB,CAAC,CAAC,WAAW,CAAC;YACnF,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;YAE7E,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,SAA6B,EAAkC,CAAC;QAC9G,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,sBAAa,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;QACtF,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,OAAO,CAAC,KAAK,gBAAgB,OAAO,EAAE,CAAC,CAAC;QAC9G,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAG,sBAAa,CAAC,MAAc,CAAC,qBAAqB,CAAC,CAAC;QAEtF,aAAa;QACb,MAAM,SAAS,GAAG;YACd,GAAG,EAAE,KAAK,EAAE,iBAAiB;YAC7B,GAAG,EAAE,SAAS;YACd,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;SAC5B,CAAC;QAEF,cAAc;QACd,MAAM,UAAU,GAAG;YACf,GAAG,SAAS;YACZ,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;SACvB,CAAC;QAEF,MAAM,UAAU,GAAG;YACf,SAAS,EAAE,SAAS;YACpB,UAAU,EAAE,UAAU;YACtB,OAAO,EAAE,KAAK;SACjB,CAAC;QAEF,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;QAC1E,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,SAAS,EAAE,SAA6B,EAAkC,CAAC;IAC9G,CAAC;IAEM,SAAS,CAAgC,YAA0B,EAAE,OAAqC;QAC7G,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACxF,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC/C,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,YAA0B,EAAE,OAAgC;QAC/E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAC3D,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,OAAO,CAAC,KAAK,mCAAmC,CAAC,CAAC;QAE9F,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QAC/E,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,YAA0B,EAAE,OAA2B;QACrE,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,OAAO,CAAC,KAAK,oBAAoB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QAExH,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACvE,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,eAAe,OAAO,CAAC,KAAK,YAAY,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAe,CAAC;QAE/E,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;YAChC,4BAA4B;YAC5B,MAAM,EAAE,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC;YAC1B,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3D,MAAM,GAAG,GAAG,EAAE,CAAC,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAE3C,yCAAyC;YACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;YACzD,MAAM,SAAS,GAAG,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACrC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAChD,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAChD,MAAM,cAAc,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;YAC3D,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACtB,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;YAEhC,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC;gBACzB,SAAS,EAAE,cAAc;aACP,CAAC,CAAC;QAC5B,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,KAAa,EAAE,EAAE,CAAC,sBAAa,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,EAAG,sBAAa,CAAC,MAAc,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;QAC5I,4BAA4B;QAC5B,IAAI,UAAU,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,eAAe,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAE7C,2BAA2B;QAC3B,IAAI,SAAS,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QACjE,CAAC;QACD,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAE3C,8CAA8C;QAC9C,MAAM,mBAAmB,GAAG,IAAI,UAAU,CAAC,eAAe,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QAC3F,mBAAmB,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACzC,mBAAmB,CAAC,GAAG,CAAC,cAAc,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC;QAEhE,8BAA8B;QAC9B,MAAM,SAAS,GAAG,sBAAa,CAAC,MAAM,CAAC,oBAAoB,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;QAE/F,OAAO;YACH,SAAS,EAAE,SAAoC,CAAC,gDAAgD;SACnG,CAAC;IACN,CAAC;IAEM,MAAM,CAAC,YAA0B,EAAE,OAA6B;QACnE,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,wCAAwC,OAAO,CAAC,GAAG,CAAC,KAAK,oBAAoB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;QACnI,4BAA4B;QAC5B,MAAM,EAAE,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC;QAC1B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC/C,CAAC;QACD,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,KAAK,IAAI,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC;QAElC,MAAM,GAAG,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7F,MAAM,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAEzC,MAAM,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC;QACzC,MAAM,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACzC,MAAM,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAE7D,yCAAyC;QACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;QACzD,IAAI,CAAC;YACD,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACjD,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAyB,CAAC,CAAC;QAC1E,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,EAAE,CAAC,CAAC;YACnF,MAAM,CAAC,CAAC;QACZ,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,MAAM,CAAC,UAAkB,EAAE,eAAoB;QACzD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC/D,IAAI,CAAC,aAAa,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,eAAe,UAAU,YAAY,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAe,CAAC;QAC7D,IAAI,YAAY,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,EAAE,GAAG,IAAI,aAAE,CAAC,MAAM,CAAC,CAAC;QAE1B,IAAI,YAAY,CAAC,UAAU,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,SAAS,GAAG,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACvG,6GAA6G;QAC7G,MAAM,eAAe,GAAG,EAAE,CAAC,aAAa,CACpC;YACI,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACrD,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;SACxD,EACD,KAAK,CACR,CAAC;QAEF,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC,CAAC;QACnE,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,OAAO,WAAW,CAAC;IACvB,CAAC;IAED,sBAAsB;IACd,IAAI,CAAC,GAAW;QACpB,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzC,CAAC;IAED,qBAAqB;IACb,MAAM,CAAC,GAAG,MAAoB;QAClC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC3D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACrB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YACnB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;QACvB,CAAC;QACD,OAAO,GAAG,CAAC;IACf,CAAC;IAED,2CAA2C;IACnC,SAAS,CAAC,IAAgB;QAC9B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5C,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,aAAa;QACpD,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACjB,OAAO,GAAG,CAAC;IACf,CAAC;IAEO,SAAS,CAAC,YAAwB,EAAE,SAAiB,EAAE,mBAA2B,EAAE,YAAiB;QACzG,IAAI,YAAY,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACtD,CAAC;QACD,IAAI,YAAY,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAEhD,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACtC,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QAChE,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;QAChF,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;QAE5D,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAEtC,iCAAiC;QACjC,OAAO,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC;IAC9C,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,YAA0B,EAAE,OAA8B;QAC3E,IAAI,CAAC;YACD,qCAAqC;YACrC,iEAAiE;YACjE,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBACzC,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAClD,CAAC;YACD,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACxD,CAAC;YAED,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC;YAC/C,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YAEzE,0CAA0C;YAC1C,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC;YACnH,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;YAC5F,sCAAsC;YACtC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAChG,sDAAsD;YAEtD,eAAe;YACf,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;YACtD,mCAAmC;YACnC,MAAM,OAAO,GAAG,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YACnE,MAAM,MAAM,GAAG,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;YACvD,yDAAyD;YACzD,MAAM,OAAO,GAAG,KAAK,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzI,YAAY;YACZ,MAAM,GAAG,GAAG,IAAI,cAAI,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACzC,UAAU;YACV,MAAM,cAAc,GAAG,cAAI,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;YAElF,+BAA+B;YAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,cAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;YAC5E,0CAA0C;YAC1C,MAAM,UAAU,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,EAAE,aAAa,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;YAE9D,MAAM,WAAW,GAAG;gBAChB,SAAS,EAAE,UAAU;gBACrB,EAAE,EAAE,EAAE;gBACN,GAAG,EAAE,GAAG;aACX,CAAC;YAEF,OAAO,WAAW,CAAC;QACvB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,EAAE,CAAC,CAAC;YACvE,MAAM,CAAC,CAAC;QACZ,CAAC;IACL,CAAC;IAEM,OAAO,CAAC,YAA0B,EAAE,OAA8B;QACrE,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,OAAO,CAAC,GAAG,CAAC,KAAK,kBAAkB,OAAO,EAAE,CAAC,CAAC;QACnH,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC/C,CAAC;IACM,WAAW,CAAC,YAA0B,EAAE,OAAkC;QAC7E,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,OAAO,CAAC,MAAM,eAAe,CAAC,CAAC;QACnF,OAAO,sBAAa,CAAC,MAAM,CAAC,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa;IAC9E,CAAC;;AArYL,4EAsYC"}

package/dist/modules/openid4vc/local/EnmeshedStorageService.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { AgentContext, BaseRecord, BaseRecordConstructor, Query, QueryOptions, StorageService } from "@credo-ts/core";
+import { AccountController } from "@nmshd/transport";
+import { OwnIdentityAttribute } from "../../attributes";
+import { AttributesController } from "../../attributes/AttributesController";
+import { KeyStorage } from "./KeyStorage";
+export declare class EnmeshedStorageService<T extends BaseRecord> implements StorageService<T> {
+    private readonly accountController;
+    private readonly attributeController;
+    private readonly keyStorage;
+    storage: Map<string, T>;
+    supportsCursorPagination: boolean;
+    constructor(accountController: AccountController, attributeController: AttributesController, keyStorage: KeyStorage);
+    save(_agentContext: AgentContext, record: T): Promise<void>;
+    saveWithDisplay(agentContext: AgentContext, value: string | Record<string, any>, type: string, displayInformation?: Record<string, any>[]): Promise<OwnIdentityAttribute>;
+    update(_agentContext: AgentContext, _record: T): Promise<void>;
+    delete(_agentContext: AgentContext, _record: T): Promise<void>;
+    deleteById(_agentContext: AgentContext, _recordClass: BaseRecordConstructor<T>, _id: string): Promise<void>;
+    getById(_agentContext: AgentContext, _recordClass: BaseRecordConstructor<T>, id: string): Promise<T>;
+    getAll(_agentContext: AgentContext, recordClass: BaseRecordConstructor<T>): Promise<T[]>;
+    private recordTypeToCredentialType;
+    findByQuery(agentContext: AgentContext, recordClass: BaseRecordConstructor<T>, query: Query<T>, queryOptions?: QueryOptions): Promise<T[]>;
+    private matchesQuery;
+}
+export declare function decodeRecord(type: string, encoded: string | Record<string, any>): BaseRecord<any, any>;
+//# sourceMappingURL=EnmeshedStorageService.d.ts.map

package/dist/modules/openid4vc/local/EnmeshedStorageService.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EnmeshedStorageService.d.ts","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/EnmeshedStorageService.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,YAAY,EACZ,UAAU,EACV,qBAAqB,EAIrB,KAAK,EACL,YAAY,EAEZ,cAAc,EAEjB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAE1C,qBACa,sBAAsB,CAAC,CAAC,SAAS,UAAU,CAAE,YAAW,cAAc,CAAC,CAAC,CAAC;IAI9E,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,UAAU;IALxB,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAwB;IAC/C,wBAAwB,UAAS;gBAEnB,iBAAiB,EAAE,iBAAiB,EACpC,mBAAmB,EAAE,oBAAoB,EACzC,UAAU,EAAE,UAAU;IAGpC,IAAI,CAAC,aAAa,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IASrD,eAAe,CACxB,YAAY,EAAE,YAAY,EAC1B,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACnC,IAAI,EAAE,MAAM,EACZ,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,GAC3C,OAAO,CAAC,oBAAoB,CAAC;IAkBzB,MAAM,CAAC,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9D,MAAM,CAAC,aAAa,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9D,UAAU,CAAC,aAAa,EAAE,YAAY,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI3G,OAAO,CAAC,aAAa,EAAE,YAAY,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAM9F,MAAM,CAAC,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,qBAAqB,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;IAiBrG,OAAO,CAAC,0BAA0B;IAarB,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,qBAAqB,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC;IAoBvJ,OAAO,CAAC,YAAY;CAQvB;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAWtG"}

package/dist/modules/openid4vc/local/EnmeshedStorageService.js ADDED Viewed

@@ -0,0 +1,139 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EnmeshedStorageService = void 0;
+exports.decodeRecord = decodeRecord;
+const core_1 = require("@credo-ts/core");
+const content_1 = require("@nmshd/content");
+const transport_1 = require("@nmshd/transport");
+const AttributesController_1 = require("../../attributes/AttributesController");
+const KeyStorage_1 = require("./KeyStorage");
+let EnmeshedStorageService = class EnmeshedStorageService {
+    constructor(accountController, attributeController, keyStorage) {
+        this.accountController = accountController;
+        this.attributeController = attributeController;
+        this.keyStorage = keyStorage;
+        this.storage = new Map();
+        this.supportsCursorPagination = false;
+    }
+    save(_agentContext, record) {
+        if (record.id !== "STORAGE_VERSION_RECORD_ID" && record.type !== "DidRecord") {
+            throw new Error("Only storage of STORAGE_VERSION_RECORD_ID and DidRecord implemented because others previously not needed");
+        }
+        this.storage.set(record.id, record);
+        return Promise.resolve();
+    }
+    async saveWithDisplay(agentContext, value, type, displayInformation) {
+        const owner = this.accountController.identity.address;
+        const identityAttribute = content_1.IdentityAttribute.from({
+            value: {
+                "@type": "VerifiableCredential",
+                value: value,
+                type: type,
+                displayInformation: displayInformation
+            },
+            owner: owner
+        });
+        const result = await this.attributeController.createOwnIdentityAttribute({
+            content: identityAttribute
+        });
+        agentContext.config.logger.debug(`Saved record: ${JSON.stringify(result)}`);
+        return await Promise.resolve(result);
+    }
+    update(_agentContext, _record) {
+        throw new Error("Storage update not implemented because previously not needed");
+    }
+    delete(_agentContext, _record) {
+        throw new Error("Storage delete not implemented because previously not needed");
+    }
+    deleteById(_agentContext, _recordClass, _id) {
+        throw new Error("Storage delete not implemented because previously not needed");
+    }
+    getById(_agentContext, _recordClass, id) {
+        const record = this.storage.get(id);
+        if (!record)
+            throw new Error(`Record with id ${id} not found`);
+        return Promise.resolve(record);
+    }
+    async getAll(_agentContext, recordClass) {
+        // so far only encountered in the credential context
+        const recordType = recordClass.type;
+        const correspondingCredentialType = this.recordTypeToCredentialType(recordType);
+        const attributes = await this.attributeController.getLocalAttributes({
+            "@type": "OwnIdentityAttribute",
+            "content.value.@type": "VerifiableCredential",
+            "content.value.type": correspondingCredentialType
+        });
+        return attributes.map((attribute) => {
+            const attributeValue = attribute.content.value;
+            return decodeRecord(correspondingCredentialType, attributeValue.value);
+        });
+    }
+    recordTypeToCredentialType(recordType) {
+        switch (recordType) {
+            case core_1.SdJwtVcRecord.name:
+                return core_1.ClaimFormat.SdJwtDc;
+            case core_1.MdocRecord.name:
+                return core_1.ClaimFormat.MsoMdoc;
+            case core_1.W3cCredentialRecord.name:
+                return core_1.ClaimFormat.SdJwtW3cVc;
+            default:
+                throw new Error("Record type not supported.");
+        }
+    }
+    async findByQuery(agentContext, recordClass, query, queryOptions) {
+        // so far only encountered in the credential context
+        agentContext.config.logger.debug(`Finding records by query ${JSON.stringify(query)} and options ${JSON.stringify(queryOptions)}`);
+        const records = [];
+        for (const record of await this.getAll(agentContext, recordClass)) {
+            if (this.matchesQuery(record, query)) {
+                records.push(record);
+            }
+        }
+        if (records.length === 0) {
+            // try to recover over local storage - temporary fix
+            for (const record of this.storage.values()) {
+                if (this.matchesQuery(record, query)) {
+                    records.push(record);
+                }
+            }
+        }
+        return records;
+    }
+    matchesQuery(record, query) {
+        return Object.entries(query).every(([key, value]) => {
+            if (key === "$or") {
+                return value.some((subquery) => this.matchesQuery(record, subquery));
+            }
+            return record.getTags()[key] === value;
+        });
+    }
+};
+exports.EnmeshedStorageService = EnmeshedStorageService;
+exports.EnmeshedStorageService = EnmeshedStorageService = __decorate([
+    (0, core_1.injectable)(),
+    __metadata("design:paramtypes", [transport_1.AccountController,
+        AttributesController_1.AttributesController,
+        KeyStorage_1.KeyStorage])
+], EnmeshedStorageService);
+function decodeRecord(type, encoded) {
+    switch (type) {
+        case core_1.ClaimFormat.SdJwtDc:
+            return new core_1.SdJwtVcRecord({ credentialInstances: [{ compactSdJwtVc: encoded }] });
+        case core_1.ClaimFormat.MsoMdoc:
+            return new core_1.MdocRecord({ credentialInstances: [{ issuerSignedBase64Url: encoded }] });
+        case core_1.ClaimFormat.SdJwtW3cVc:
+            return new core_1.W3cCredentialRecord({ credentialInstances: [{ credential: encoded }] });
+        default:
+            throw new Error("Credential type not supported.");
+    }
+}
+//# sourceMappingURL=EnmeshedStorageService.js.map

package/dist/modules/openid4vc/local/EnmeshedStorageService.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EnmeshedStorageService.js","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/EnmeshedStorageService.ts"],"names":[],"mappings":";;;;;;;;;;;;AA2IA,oCAWC;AAtJD,yCAYwB;AACxB,4CAAyE;AACzE,gDAAqD;AAErD,gFAA6E;AAC7E,6CAA0C;AAGnC,IAAM,sBAAsB,GAA5B,MAAM,sBAAsB;IAG/B,YACqB,iBAAoC,EACpC,mBAAyC,EACzC,UAAsB;QAFtB,sBAAiB,GAAjB,iBAAiB,CAAmB;QACpC,wBAAmB,GAAnB,mBAAmB,CAAsB;QACzC,eAAU,GAAV,UAAU,CAAY;QALpC,YAAO,GAAmB,IAAI,GAAG,EAAa,CAAC;QAC/C,6BAAwB,GAAG,KAAK,CAAC;IAKrC,CAAC;IAEG,IAAI,CAAC,aAA2B,EAAE,MAAS;QAC9C,IAAI,MAAM,CAAC,EAAE,KAAK,2BAA2B,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YAC3E,MAAM,IAAI,KAAK,CAAC,0GAA0G,CAAC,CAAC;QAChI,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QACpC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,eAAe,CACxB,YAA0B,EAC1B,KAAmC,EACnC,IAAY,EACZ,kBAA0C;QAE1C,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC;QACtD,MAAM,iBAAiB,GAAG,2BAAiB,CAAC,IAAI,CAAC;YAC7C,KAAK,EAAE;gBACH,OAAO,EAAE,sBAAsB;gBAC/B,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,IAAI;gBACV,kBAAkB,EAAE,kBAAkB;aACzC;YACD,KAAK,EAAE,KAAK;SACf,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,0BAA0B,CAAC;YACrE,OAAO,EAAE,iBAAiB;SAC7B,CAAC,CAAC;QACH,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC5E,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAEM,MAAM,CAAC,aAA2B,EAAE,OAAU;QACjD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IACpF,CAAC;IAEM,MAAM,CAAC,aAA2B,EAAE,OAAU;QACjD,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IACpF,CAAC;IAEM,UAAU,CAAC,aAA2B,EAAE,YAAsC,EAAE,GAAW;QAC9F,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IACpF,CAAC;IAEM,OAAO,CAAC,aAA2B,EAAE,YAAsC,EAAE,EAAU;QAC1F,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACpC,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;QAC/D,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAEM,KAAK,CAAC,MAAM,CAAC,aAA2B,EAAE,WAAqC;QAClF,oDAAoD;QACpD,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC;QACpC,MAAM,2BAA2B,GAAG,IAAI,CAAC,0BAA0B,CAAC,UAAU,CAAC,CAAC;QAEhF,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,kBAAkB,CAAC;YACjE,OAAO,EAAE,sBAAsB;YAC/B,qBAAqB,EAAE,sBAAsB;YAC7C,oBAAoB,EAAE,2BAA2B;SACpD,CAAC,CAAC;QAEH,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;YAChC,MAAM,cAAc,GAAG,SAAS,CAAC,OAAO,CAAC,KAA6B,CAAC;YACvE,OAAO,YAAY,CAAC,2BAA2B,EAAE,cAAc,CAAC,KAAK,CAAM,CAAC;QAChF,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,0BAA0B,CAAC,UAAkB;QACjD,QAAQ,UAAU,EAAE,CAAC;YACjB,KAAK,oBAAa,CAAC,IAAI;gBACnB,OAAO,kBAAW,CAAC,OAAO,CAAC;YAC/B,KAAK,iBAAU,CAAC,IAAI;gBAChB,OAAO,kBAAW,CAAC,OAAO,CAAC;YAC/B,KAAK,0BAAmB,CAAC,IAAI;gBACzB,OAAO,kBAAW,CAAC,UAAU,CAAC;YAClC;gBACI,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QACtD,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,YAA0B,EAAE,WAAqC,EAAE,KAAe,EAAE,YAA2B;QACpI,oDAAoD;QACpD,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,gBAAgB,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAClI,MAAM,OAAO,GAAQ,EAAE,CAAC;QACxB,KAAK,MAAM,MAAM,IAAI,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,EAAE,CAAC;YAChE,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;gBACnC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACzB,CAAC;QACL,CAAC;QACD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,oDAAoD;YACpD,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;gBACzC,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC;oBACnC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACzB,CAAC;YACL,CAAC;QACL,CAAC;QACD,OAAO,OAAO,CAAC;IACnB,CAAC;IAEO,YAAY,CAAC,MAAkB,EAAE,KAAe;QACpD,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YAChD,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBAChB,OAAQ,KAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;YACpF,CAAC;YACD,OAAO,MAAM,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC;QAC3C,CAAC,CAAC,CAAC;IACP,CAAC;CACJ,CAAA;AArHY,wDAAsB;iCAAtB,sBAAsB;IADlC,IAAA,iBAAU,GAAE;qCAK+B,6BAAiB;QACf,2CAAoB;QAC7B,uBAAU;GANlC,sBAAsB,CAqHlC;AAED,SAAgB,YAAY,CAAC,IAAY,EAAE,OAAqC;IAC5E,QAAQ,IAAI,EAAE,CAAC;QACX,KAAK,kBAAW,CAAC,OAAO;YACpB,OAAO,IAAI,oBAAa,CAAC,EAAE,mBAAmB,EAAE,CAAC,EAAE,cAAc,EAAE,OAAiB,EAAE,CAAC,EAAE,CAAC,CAAC;QAC/F,KAAK,kBAAW,CAAC,OAAO;YACpB,OAAO,IAAI,iBAAU,CAAC,EAAE,mBAAmB,EAAE,CAAC,EAAE,qBAAqB,EAAE,OAAiB,EAAE,CAAC,EAAE,CAAC,CAAC;QACnG,KAAK,kBAAW,CAAC,UAAU;YACvB,OAAO,IAAI,0BAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC,EAAE,UAAU,EAAE,OAAiB,EAAE,CAAC,EAAE,CAAC,CAAC;QACjG;YACI,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IAC1D,CAAC;AACL,CAAC"}

package/dist/modules/openid4vc/local/Holder.d.ts ADDED Viewed

@@ -0,0 +1,43 @@
+import { X509Module } from "@credo-ts/core";
+import { OpenId4VciCredentialResponse, OpenId4VcModule, type OpenId4VciResolvedCredentialOffer, type OpenId4VpResolvedAuthorizationRequest } from "@credo-ts/openid4vc";
+import { TokenContentVerifiablePresentation, VerifiableCredential } from "@nmshd/content";
+import { AccountController } from "@nmshd/transport";
+import { AttributesController, OwnIdentityAttribute } from "../../attributes";
+import { BaseAgent } from "./BaseAgent";
+import { KeyStorage } from "./KeyStorage";
+import { OpenId4VciCredentialResponseJSON } from "./OpenId4VciCredentialResponseJSON";
+declare function getOpenIdHolderModules(): {
+    readonly openid4vc: OpenId4VcModule<null, null>;
+    readonly x509: X509Module;
+};
+export declare class Holder extends BaseAgent<ReturnType<typeof getOpenIdHolderModules>> {
+    client: {
+        clientId: string;
+        redirectUri: string;
+    };
+    constructor(keyStorage: KeyStorage, accountController: AccountController, attributeController: AttributesController, fetchInstance: typeof fetch);
+    resolveCredentialOffer(credentialOffer: string): Promise<OpenId4VciResolvedCredentialOffer>;
+    requestCredentials(resolvedCredentialOffer: OpenId4VciResolvedCredentialOffer, credentialConfigurationIds: string[], access: {
+        accessToken: string;
+    } | {
+        pinCode?: string;
+    }): Promise<OpenId4VciCredentialResponse[]>;
+    storeCredentials(credentialResponses: OpenId4VciCredentialResponseJSON[]): Promise<OwnIdentityAttribute[]>;
+    resolveAuthorizationRequest(request: string): Promise<OpenId4VpResolvedAuthorizationRequest>;
+    acceptAuthorizationRequest(resolvedAuthorizationRequest: OpenId4VpResolvedAuthorizationRequest, credential: OwnIdentityAttribute): Promise<{
+        readonly status: number;
+        readonly body: string | Record<string, unknown> | null;
+    } | {
+        readonly status: number;
+        readonly body: Record<string, unknown>;
+    } | undefined>;
+    createPresentationTokenContent(credential: VerifiableCredential, nonce: string): Promise<TokenContentVerifiablePresentation>;
+    verifyPresentationTokenContent(tokenContent: TokenContentVerifiablePresentation, expectedNonce: string): Promise<{
+        isValid: boolean;
+        error?: Error;
+    }>;
+    exit(): Promise<void>;
+    restart(): Promise<void>;
+}
+export {};
+//# sourceMappingURL=Holder.d.ts.map

package/dist/modules/openid4vc/local/Holder.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Holder.d.ts","sourceRoot":"","sources":["../../../../src/modules/openid4vc/local/Holder.ts"],"names":[],"mappings":"AAAA,OAAO,EAYH,UAAU,EACb,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,4BAA4B,EAAE,eAAe,EAAE,KAAK,iCAAiC,EAAE,KAAK,qCAAqC,EAAE,MAAM,qBAAqB,CAAC;AACxK,OAAO,EAAE,kCAAkC,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAC1F,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,gCAAgC,EAAE,MAAM,oCAAoC,CAAC;AAEtF,iBAAS,sBAAsB;;;EAW9B;AAED,qBAAa,MAAO,SAAQ,SAAS,CAAC,UAAU,CAAC,OAAO,sBAAsB,CAAC,CAAC;IACrE,MAAM;;;MAGX;gBAEiB,UAAU,EAAE,UAAU,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,aAAa,EAAE,OAAO,KAAK;IAI1I,sBAAsB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,iCAAiC,CAAC;IAI3F,kBAAkB,CAC3B,uBAAuB,EAAE,iCAAiC,EAC1D,0BAA0B,EAAE,MAAM,EAAE,EACpC,MAAM,EAAE;QAAE,WAAW,EAAE,MAAM,CAAA;KAAE,GAAG;QAAE,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,GACvD,OAAO,CAAC,4BAA4B,EAAE,CAAC;IAkE7B,gBAAgB,CAAC,mBAAmB,EAAE,gCAAgC,EAAE,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC;IAsB1G,2BAA2B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,qCAAqC,CAAC;IAK5F,0BAA0B,CACnC,4BAA4B,EAAE,qCAAqC,EACnE,UAAU,EAAE,oBAAoB,GACjC,OAAO,CACJ;QACI,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;KAC1D,GACD;QACI,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAC1C,GACD,SAAS,CACd;IA8CY,8BAA8B,CAAC,UAAU,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,kCAAkC,CAAC;IAoB5H,8BAA8B,CAAC,YAAY,EAAE,kCAAkC,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,KAAK,CAAA;KAAE,CAAC;IAerJ,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAIrB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CAGxC"}