npm - @project-chip/matter.js - Versions diffs - 0.9.2 → 0.9.4 - Mend

@project-chip/matter.js 0.9.2 → 0.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (288) hide show

package/dist/esm/common/FailsafeContext.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"FailsafeContext.d.ts","sourceRoot":"","sources":["../../../src/common/FailsafeContext.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAEvD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAiB,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,aAAa,EAA6B,MAAM,oBAAoB,CAAC;AAC9E,OAAO,EAAE,eAAe,~~EAAE~~,MAAM,kBAAkB,CAAC;~~AAInD~~,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E;;;;;;;;GAQG;AACH,8BAAsB,eAAe;;gBAYrB,OAAO,EAAE,eAAe,CAAC,OAAO;IAyBtC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,EAAE,mBAAmB,EAAE,MAAM;IAQpE,IAAI,WAAW,iEAEd;IAED,IAAI,YAAY,uCAEf;IAED,IAAI,YAAY,8BAEf;IAED,IAAI,gBAAgB,uBAEnB;IAED,IAAI,YAAY,uBAEf;IAED,IAAI,YAAY,wBAEf;IAED,IAAI,WAAW,YAEd;IAEK,kBAAkB;IAwBxB,kBAAkB;IAKlB,kBAAkB;IAIZ,SAAS,CAAC,MAAM,EAAE,MAAM;IAQxB,YAAY,CAAC,MAAM,EAAE,MAAM;IAKjC;;;OAGG;IACH,+BAA+B,CAAC,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM;IAWpE,iBAAiB;IAOjB,KAAK;IAWX,sFAAsF;IACtF,WAAW,CAAC,QAAQ,EAAE,SAAS;IAI/B;;;OAGG;IACG,kBAAkB,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,GAAG,SAAS;IAS9E,+GAA+G;IACzG,WAAW,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,SAAS,CAAC;QACpB,SAAS,EAAE,SAAS,GAAG,SAAS,CAAC;QACjC,aAAa,EAAE,QAAQ,CAAC;QACxB,QAAQ,EAAE,SAAS,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;KAC5B;~~cAoCe~~,QAAQ;IAyDxB,QAAQ,CAAC,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC;IAE5C,8DAA8D;IAC9D,QAAQ,CAAC,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;IAEvC,aAAa,CAAC,MAAM,EAAE,MAAM;IAIlC,QAAQ,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAEpD,QAAQ,CAAC,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;CAC9C;AAED,yBAAiB,eAAe,CAAC;IAC7B,UAAiB,OAAO;QACpB,QAAQ,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,EAAE,aAAa,CAAC;QACvB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,4BAA4B,EAAE,MAAM,CAAC;QACrC,gBAAgB,EAAE,MAAM,GAAG,SAAS,CAAC;KACxC;CACJ"}
1	+ {"version":3,"file":"FailsafeContext.d.ts","sourceRoot":"","sources":["../../../src/common/FailsafeContext.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAEvD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAiB,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,aAAa,EAA6B,MAAM,oBAAoB,CAAC;AAC9E,OAAO,EAAE,eAAe,EAAuB,MAAM,kBAAkB,CAAC;AAKxE,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E;;;;;;;;GAQG;AACH,8BAAsB,eAAe;;gBAYrB,OAAO,EAAE,eAAe,CAAC,OAAO;IAyBtC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,EAAE,mBAAmB,EAAE,MAAM;IAQpE,IAAI,WAAW,iEAEd;IAED,IAAI,YAAY,uCAEf;IAED,IAAI,YAAY,8BAEf;IAED,IAAI,gBAAgB,uBAEnB;IAED,IAAI,YAAY,uBAEf;IAED,IAAI,YAAY,wBAEf;IAED,IAAI,WAAW,YAEd;IAED,IAAI,QAAQ,2BAEX;IAEK,kBAAkB;IAwBxB,kBAAkB;IAKlB,kBAAkB;IAIZ,SAAS,CAAC,MAAM,EAAE,MAAM;IAQxB,YAAY,CAAC,MAAM,EAAE,MAAM;IAKjC;;;OAGG;IACH,+BAA+B,CAAC,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM;IAWpE,iBAAiB;IAOjB,KAAK;IAWX,sFAAsF;IACtF,WAAW,CAAC,QAAQ,EAAE,SAAS;IAI/B;;;OAGG;IACG,kBAAkB,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,GAAG,SAAS;IAS9E,+GAA+G;IACzG,WAAW,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,SAAS,CAAC;QACpB,SAAS,EAAE,SAAS,GAAG,SAAS,CAAC;QACjC,aAAa,EAAE,QAAQ,CAAC;QACxB,QAAQ,EAAE,SAAS,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;KAC5B;cA2Ce,QAAQ;IAyDxB,QAAQ,CAAC,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC;IAE5C,8DAA8D;IAC9D,QAAQ,CAAC,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;IAEvC,aAAa,CAAC,MAAM,EAAE,MAAM;IAIlC,QAAQ,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAEpD,QAAQ,CAAC,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;CAC9C;AAED,yBAAiB,eAAe,CAAC;IAC7B,UAAiB,OAAO;QACpB,QAAQ,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,EAAE,aAAa,CAAC;QACvB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,4BAA4B,EAAE,MAAM,CAAC;QACrC,gBAAgB,EAAE,MAAM,GAAG,SAAS,CAAC;KACxC;CACJ"}

package/dist/esm/common/FailsafeContext.js CHANGED Viewed

@@ -10,7 +10,8 @@ import { Logger } from "../log/Logger.js";
 import { AsyncConstruction } from "../util/AsyncConstruction.js";
 import { AsyncObservable } from "../util/Observable.js";
 import { FailsafeTimer, MatterFabricConflictError } from "./FailsafeTimer.js";
-import { MatterFlowError } from "./MatterError.js";
+import { MatterFlowError, UnexpectedDataError } from "./MatterError.js";
+import { ValidationError } from "./ValidationError.js";
 const logger = Logger.get("FailsafeContext");
 class MatterFabricInvalidAdminSubjectError extends MatterFlowError {
 }
@@ -69,6 +70,9 @@ class FailsafeContext {
   get hasRootCert() {
     return this.#fabricBuilder.hasRootCert();
   }
+  get rootCert() {
+    return this.#fabricBuilder.rootCert;
+  }
   async completeCommission() {
     if (this.#failsafe === void 0) {
       throw new MatterFlowError("armFailSafe should be called first!");
@@ -149,8 +153,18 @@ class FailsafeContext {
   async buildFabric(nocData) {
     const builder = this.#fabricBuilder;
     const { nocValue, icacValue, adminVendorId, ipkValue, caseAdminSubject } = nocData;
-    if (!NodeId.isOperationalNodeId(caseAdminSubject) && !NodeId.isCaseAuthenticatedTag(caseAdminSubject) && CaseAuthenticatedTag.getVersion(NodeId.extractAsCaseAuthenticatedTag(caseAdminSubject)) === 0) {
-      throw new MatterFabricInvalidAdminSubjectError();
+    if (!NodeId.isOperationalNodeId(caseAdminSubject) && !NodeId.isCaseAuthenticatedTag(caseAdminSubject)) {
+      try {
+        if (CaseAuthenticatedTag.getVersion(NodeId.extractAsCaseAuthenticatedTag(caseAdminSubject)) === 0) {
+          throw new MatterFabricInvalidAdminSubjectError();
+        }
+      } catch (error) {
+        if (error instanceof ValidationError || error instanceof UnexpectedDataError) {
+          throw new MatterFabricInvalidAdminSubjectError();
+        } else {
+          throw error;
+        }
+      }
     }
     builder.setOperationalCert(nocValue, icacValue);
     const fabricAlreadyExisting = this.#fabrics.getFabrics().find((fabric) => builder.matchesToFabric(fabric));

package/dist/esm/common/FailsafeContext.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/common/FailsafeContext.ts"],
-  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport type { MatterDevice } from \"../MatterDevice.js\";\nimport { CaseAuthenticatedTag } from \"../datatype/CaseAuthenticatedTag.js\";\nimport { NodeId } from \"../datatype/NodeId.js\";\nimport { VendorId } from \"../datatype/VendorId.js\";\nimport { Fabric, FabricBuilder } from \"../fabric/Fabric.js\";\nimport { FabricManager } from \"../fabric/FabricManager.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { SessionManager } from \"../session/SessionManager.js\";\nimport { AsyncConstruction } from \"../util/AsyncConstruction.js\";\nimport { ByteArray } from \"../util/ByteArray.js\";\nimport { AsyncObservable } from \"../util/Observable.js\";\nimport { FailsafeTimer, MatterFabricConflictError } from \"./FailsafeTimer.js\";\nimport { MatterFlowError } from \"./MatterError.js\";\n\nconst logger = Logger.get(\"FailsafeContext\");\n\nexport class MatterFabricInvalidAdminSubjectError extends MatterFlowError {}\n\n/**\n * A \"timed operation\" is a command or sequence of commands that operate with a failsafe timer that will abort the\n * operation if it does not complete within a specific window.\n *\n * FailsafeContext maintains the failsafe timer and tracks information required to rollback state if the operation\n * aborts.\n *\n * Timed operations are exclusive for a node.\n */\nexport abstract class FailsafeContext {\n    #sessions: SessionManager<MatterDevice>;\n    #fabrics: FabricManager;\n    #failsafe?: FailsafeTimer;\n    #construction: AsyncConstruction<FailsafeContext>;\n    #associatedFabric?: Fabric;\n    #csrSessionId?: number;\n    #forUpdateNoc?: boolean;\n    #fabricBuilder = new FabricBuilder();\n\n    #commissioned = AsyncObservable<[], void>();\n\n    constructor(options: FailsafeContext.Options) {\n        const { expiryLengthSeconds, associatedFabric, maxCumulativeFailsafeSeconds } = options;\n\n        this.#sessions = options.sessions;\n        this.#fabrics = options.fabrics;\n        this.#associatedFabric = options.associatedFabric;\n\n        this.#construction = AsyncConstruction(this, async () => {\n            // Ensure derived class construction is complete\n            await Promise.resolve();\n\n            await this.storeEndpointState();\n\n            // If ExpiryLengthSeconds is non-zero and the fail-safe timer was not currently armed, then the fail-safe\n            // timer SHALL be armed for that duration.\n            this.#failsafe = new FailsafeTimer(\n                associatedFabric,\n                expiryLengthSeconds,\n                maxCumulativeFailsafeSeconds,\n                () => this.#failSafeExpired(),\n            );\n            logger.debug(`Arm failSafe timer for ${expiryLengthSeconds}s.`);\n        });\n    }\n\n    async extend(fabric: Fabric | undefined, expiryLengthSeconds: number) {\n        await this.#construction;\n        await this.#failsafe?.reArm(fabric, expiryLengthSeconds);\n        if (expiryLengthSeconds > 0) {\n            logger.debug(`Extend failSafe timer for ${expiryLengthSeconds}s.`);\n        }\n    }\n\n    get fabricIndex() {\n        return this.#fabricBuilder.fabricIndex;\n    }\n\n    get construction() {\n        return this.#construction;\n    }\n\n    get commissioned() {\n        return this.#commissioned;\n    }\n\n    get associatedFabric() {\n        return this.#associatedFabric;\n    }\n\n    get csrSessionId() {\n        return this.#csrSessionId;\n    }\n\n    get forUpdateNoc() {\n        return this.#forUpdateNoc;\n    }\n\n    get hasRootCert() {\n        return this.#fabricBuilder.hasRootCert();\n    }\n\n    async completeCommission() {\n        // 1. The Fail-Safe timer associated with the current Fail-Safe context SHALL be disarmed.\n        if (this.#failsafe === undefined) {\n            throw new MatterFlowError(\"armFailSafe should be called first!\"); // TODO\n        }\n        this.#failsafe.complete();\n\n        if (this.fabricIndex !== undefined) {\n            await this.#fabrics.persistFabrics();\n        }\n\n        this.#failsafe = undefined;\n\n        // 2. The commissioning window at the Server SHALL be closed.\n        await this.commissioned.emit();\n\n        // TODO 3. Any temporary administrative privileges automatically granted to any open PASE session SHALL be revoked (see Section 6.6.2.8, \u201CBootstrapping of the Access Control Cluster\u201D).\n\n        // 4. The Secure Session Context of any PASE session still established at the Server SHALL be cleared.\n        await this.removePaseSession();\n\n        await this.close();\n    }\n\n    getFailSafeContext() {\n        if (this.#failsafe === undefined) throw new MatterFlowError(\"armFailSafe should be called first!\");\n        return this.#failsafe;\n    }\n\n    getNextFabricIndex() {\n        return this.#fabrics.getNextFabricIndex();\n    }\n\n    async addFabric(fabric: Fabric) {\n        this.#fabrics.addFabric(fabric);\n        if (this.#failsafe !== undefined) {\n            this.#associatedFabric = this.#failsafe.associatedFabric = fabric;\n        }\n        return fabric.fabricIndex;\n    }\n\n    async updateFabric(fabric: Fabric) {\n        await this.#fabrics.updateFabric(fabric);\n        await this.#sessions.updateFabricForResumptionRecords(fabric);\n    }\n\n    /**\n     * Handles a CSR from OperationalCredentials cluster and stores additional internal information for further\n     * validity checks.\n     */\n    createCertificateSigningRequest(isForUpdateNoc: boolean, sessionId: number) {\n        if (this.#fabrics.findByKeypair(this.#fabricBuilder.keyPair)) {\n            throw new MatterFlowError(\"Key pair already exists.\"); // becomes Failure as StateResponse\n        }\n\n        const result = this.#fabricBuilder.createCertificateSigningRequest();\n        this.#csrSessionId = sessionId;\n        this.#forUpdateNoc = isForUpdateNoc;\n        return result;\n    }\n\n    async removePaseSession() {\n        const session = this.#sessions.getPaseSession();\n        if (session) {\n            await session.close(true);\n        }\n    }\n\n    async close() {\n        await this.#construction;\n        await this.#construction.close(async () => {\n            if (this.#failsafe) {\n                await this.#failsafe.close();\n                this.#failsafe = undefined;\n                await this.rollback();\n            }\n        });\n    }\n\n    /** Handles adding a trusted root certificate from Operational Credentials cluster. */\n    setRootCert(rootCert: ByteArray) {\n        this.#fabricBuilder.setRootCert(rootCert);\n    }\n\n    /**\n     * Build a new Fabric object based on an existing fabric for the \"UpdateNoc\" case of the Operational Credentials\n     * cluster.\n     */\n    async buildUpdatedFabric(nocValue: ByteArray, icacValue: ByteArray | undefined) {\n        if (this.associatedFabric === undefined) {\n            throw new MatterFlowError(\"No fabric associated with failsafe context, but we prepare an Fabric update.\");\n        }\n        this.#fabricBuilder.initializeFromFabricForUpdate(this.associatedFabric);\n        this.#fabricBuilder.setOperationalCert(nocValue, icacValue);\n        return await this.#fabricBuilder.build(this.associatedFabric.fabricIndex);\n    }\n\n    /** Build a new Fabric object for a new fabric for the \"AddNoc\" case of the Operational Credentials cluster. */\n    async buildFabric(nocData: {\n        nocValue: ByteArray;\n        icacValue: ByteArray | undefined;\n        adminVendorId: VendorId;\n        ipkValue: ByteArray;\n        caseAdminSubject: NodeId;\n    }) {\n        const builder = this.#fabricBuilder;\n\n        const { nocValue, icacValue, adminVendorId, ipkValue, caseAdminSubject } = nocData;\n\n        // Handle error if the CaseAdminSubject field is not a valid ACL subject in the context of AuthMode set to CASE\n        if (\n            !NodeId.isOperationalNodeId(caseAdminSubject) &&\n            !NodeId.isCaseAuthenticatedTag(caseAdminSubject) &&\n            CaseAuthenticatedTag.getVersion(NodeId.extractAsCaseAuthenticatedTag(caseAdminSubject)) === 0\n        ) {\n            throw new MatterFabricInvalidAdminSubjectError();\n        }\n\n        builder.setOperationalCert(nocValue, icacValue);\n        const fabricAlreadyExisting = this.#fabrics.getFabrics().find(fabric => builder.matchesToFabric(fabric));\n\n        if (fabricAlreadyExisting) {\n            throw new MatterFabricConflictError(\n                `Fabric with Id ${builder.fabricId} and Node Id ${builder.nodeId} already exists.`,\n            );\n        }\n\n        return builder\n            .setRootVendorId(adminVendorId)\n            .setIdentityProtectionKey(ipkValue)\n            .setRootNodeId(caseAdminSubject)\n            .build(this.#fabrics.getNextFabricIndex());\n    }\n\n    async #failSafeExpired() {\n        logger.info(\"Failsafe timer expired, Reset fabric builder.\");\n\n        await this.close();\n    }\n\n    protected async rollback() {\n        if (this.fabricIndex !== undefined && !this.#forUpdateNoc) {\n            logger.debug(`Revoking fabric with index ${this.fabricIndex}`);\n            await this.#fabrics.revokeFabric(this.fabricIndex);\n        }\n\n        // On expiry of the fail-safe timer, the following actions SHALL be performed in order:\n        // 1. Terminate any open PASE secure session by clearing any associated Secure Session Context at the Server.\n        await this.removePaseSession();\n\n        // TODO 2. Revoke the temporary administrative privileges granted to any open PASE session (see Section 6.6.2.8, \u201CBootstrapping of the Access Control Cluster\u201D) at the Server.\n\n        // 3. If an AddNOC or UpdateNOC command has been successfully invoked, terminate all CASE sessions associated with the Fabric whose Fabric Index is recorded in the Fail-Safe context (see Section 11.9.6.2, \u201CArmFailSafe Command\u201D) by clearing any associated Secure Session Context at the Server.\n        let fabric: Fabric | undefined = undefined;\n        if (this.fabricIndex !== undefined) {\n            const fabricIndex = this.fabricIndex;\n            fabric = this.#fabrics.getFabrics().find(fabric => fabric.fabricIndex === fabricIndex);\n            if (fabric !== undefined) {\n                const session = this.#sessions.getSessionForNode(fabric, fabric.rootNodeId);\n                if (session !== undefined && session.isSecure) {\n                    await (session as SecureSession<any>).close(false);\n                }\n            }\n        }\n\n        // 4. Reset the configuration of all Network Commissioning Networks attribute to their state prior to the\n        //    Fail-Safe being armed.\n        await this.restoreNetworkState();\n\n        // 5. If an UpdateNOC command had been successfully invoked, revert the state of operational key pair, NOC and\n        //    ICAC for that Fabric to the state prior to the Fail-Safe timer being armed, for the Fabric Index that was\n        //    the subject of the UpdateNOC command.\n        if (this.#forUpdateNoc && this.associatedFabric !== undefined) {\n            // update FabricManager and Resumption records but leave current session intact\n            await this.restoreFabric(this.associatedFabric);\n        }\n\n        // 6. If an AddNOC command had been successfully invoked, achieve the equivalent effect of invoking the RemoveFabric command against the Fabric Index stored in the Fail-Safe Context for the Fabric Index that was the subject of the AddNOC command. This SHALL remove all associations to that Fabric including all fabric-scoped data, and MAY possibly factory-reset the device depending on current device state. This SHALL only apply to Fabrics added during the fail-safe period as the result of the AddNOC command.\n        // 7. Remove any RCACs added by the AddTrustedRootCertificate command that are not currently referenced by any entry in the Fabrics attribute.\n        if (!this.#forUpdateNoc && fabric !== undefined) {\n            const fabricIndex = this.fabricIndex;\n            if (fabricIndex !== undefined) {\n                const fabric = this.#fabrics.getFabrics().find(fabric => fabric.fabricIndex === fabricIndex);\n                if (fabric !== undefined) {\n                    await this.revokeFabric(fabric);\n                }\n            }\n        }\n\n        // 8. Reset the Breadcrumb attribute to zero.\n        await this.restoreBreadcrumb();\n\n        // TODO 9. Optionally: if no factory-reset resulted from the previous steps, it is RECOMMENDED that the\n        //  Node rollback the state of all non fabric-scoped data present in the Fail-Safe context.\n        //  In theory happens automatically by revoking last fabric\n    }\n\n    abstract storeEndpointState(): Promise<void>;\n\n    /** Restore Cluster data when the FailSafe context expired. */\n    abstract restoreNetworkState(): Promise<void>;\n\n    async restoreFabric(fabric: Fabric) {\n        await this.updateFabric(fabric);\n    }\n\n    abstract revokeFabric(fabric: Fabric): Promise<void>;\n\n    abstract restoreBreadcrumb(): Promise<void>;\n}\n\nexport namespace FailsafeContext {\n    export interface Options {\n        sessions: SessionManager<MatterDevice>;\n        fabrics: FabricManager;\n        expiryLengthSeconds: number;\n        maxCumulativeFailsafeSeconds: number;\n        associatedFabric: Fabric | undefined;\n    }\n}\n"],
-  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAOA,SAAS,4BAA4B;AACrC,SAAS,cAAc;AAEvB,SAAiB,qBAAqB;AAEtC,SAAS,cAAc;AAGvB,SAAS,yBAAyB;AAElC,SAAS,uBAAuB;AAChC,SAAS,eAAe,iCAAiC;AACzD,SAAS,uBAAuB;AAEhC,MAAM,SAAS,OAAO,IAAI,iBAAiB;AAEpC,MAAM,6CAA6C,gBAAgB;AAAC;AAWpE,MAAe,gBAAgB;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,iBAAiB,IAAI,cAAc;AAAA,EAEnC,gBAAgB,gBAA0B;AAAA,EAE1C,YAAY,SAAkC;AAC1C,UAAM,EAAE,qBAAqB,kBAAkB,6BAA6B,IAAI;AAEhF,SAAK,YAAY,QAAQ;AACzB,SAAK,WAAW,QAAQ;AACxB,SAAK,oBAAoB,QAAQ;AAEjC,SAAK,gBAAgB,kBAAkB,MAAM,YAAY;AAErD,YAAM,QAAQ,QAAQ;AAEtB,YAAM,KAAK,mBAAmB;AAI9B,WAAK,YAAY,IAAI;AAAA,QACjB;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,KAAK,iBAAiB;AAAA,MAChC;AACA,aAAO,MAAM,0BAA0B,mBAAmB,IAAI;AAAA,IAClE,CAAC;AAAA,EACL;AAAA,EAEA,MAAM,OAAO,QAA4B,qBAA6B;AAClE,UAAM,KAAK;AACX,UAAM,KAAK,WAAW,MAAM,QAAQ,mBAAmB;AACvD,QAAI,sBAAsB,GAAG;AACzB,aAAO,MAAM,6BAA6B,mBAAmB,IAAI;AAAA,IACrE;AAAA,EACJ;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK,eAAe;AAAA,EAC/B;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,mBAAmB;AACnB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK,eAAe,YAAY;AAAA,EAC3C;AAAA,EAEA,MAAM,qBAAqB;AAEvB,QAAI,KAAK,cAAc,QAAW;AAC9B,YAAM,IAAI,gBAAgB,qCAAqC;AAAA,IACnE;AACA,SAAK,UAAU,SAAS;AAExB,QAAI,KAAK,gBAAgB,QAAW;AAChC,YAAM,KAAK,SAAS,eAAe;AAAA,IACvC;AAEA,SAAK,YAAY;AAGjB,UAAM,KAAK,aAAa,KAAK;AAK7B,UAAM,KAAK,kBAAkB;AAE7B,UAAM,KAAK,MAAM;AAAA,EACrB;AAAA,EAEA,qBAAqB;AACjB,QAAI,KAAK,cAAc,OAAW,OAAM,IAAI,gBAAgB,qCAAqC;AACjG,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,qBAAqB;AACjB,WAAO,KAAK,SAAS,mBAAmB;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAU,QAAgB;AAC5B,SAAK,SAAS,UAAU,MAAM;AAC9B,QAAI,KAAK,cAAc,QAAW;AAC9B,WAAK,oBAAoB,KAAK,UAAU,mBAAmB;AAAA,IAC/D;AACA,WAAO,OAAO;AAAA,EAClB;AAAA,EAEA,MAAM,aAAa,QAAgB;AAC/B,UAAM,KAAK,SAAS,aAAa,MAAM;AACvC,UAAM,KAAK,UAAU,iCAAiC,MAAM;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gCAAgC,gBAAyB,WAAmB;AACxE,QAAI,KAAK,SAAS,cAAc,KAAK,eAAe,OAAO,GAAG;AAC1D,YAAM,IAAI,gBAAgB,0BAA0B;AAAA,IACxD;AAEA,UAAM,SAAS,KAAK,eAAe,gCAAgC;AACnE,SAAK,gBAAgB;AACrB,SAAK,gBAAgB;AACrB,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,oBAAoB;AACtB,UAAM,UAAU,KAAK,UAAU,eAAe;AAC9C,QAAI,SAAS;AACT,YAAM,QAAQ,MAAM,IAAI;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ;AACV,UAAM,KAAK;AACX,UAAM,KAAK,cAAc,MAAM,YAAY;AACvC,UAAI,KAAK,WAAW;AAChB,cAAM,KAAK,UAAU,MAAM;AAC3B,aAAK,YAAY;AACjB,cAAM,KAAK,SAAS;AAAA,MACxB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA,EAGA,YAAY,UAAqB;AAC7B,SAAK,eAAe,YAAY,QAAQ;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,mBAAmB,UAAqB,WAAkC;AAC5E,QAAI,KAAK,qBAAqB,QAAW;AACrC,YAAM,IAAI,gBAAgB,8EAA8E;AAAA,IAC5G;AACA,SAAK,eAAe,8BAA8B,KAAK,gBAAgB;AACvE,SAAK,eAAe,mBAAmB,UAAU,SAAS;AAC1D,WAAO,MAAM,KAAK,eAAe,MAAM,KAAK,iBAAiB,WAAW;AAAA,EAC5E;AAAA;AAAA,EAGA,MAAM,YAAY,SAMf;AACC,UAAM,UAAU,KAAK;AAErB,UAAM,EAAE,UAAU,WAAW,eAAe,UAAU,iBAAiB,IAAI;AAG3E,QACI,CAAC,OAAO,oBAAoB,gBAAgB,KAC5C,CAAC,OAAO,uBAAuB,gBAAgB,KAC/C,qBAAqB,WAAW,OAAO,8BAA8B,gBAAgB,CAAC,MAAM,GAC9F;AACE,YAAM,IAAI,qCAAqC;AAAA,IACnD;AAEA,YAAQ,mBAAmB,UAAU,SAAS;AAC9C,UAAM,wBAAwB,KAAK,SAAS,WAAW,EAAE,KAAK,YAAU,QAAQ,gBAAgB,MAAM,CAAC;AAEvG,QAAI,uBAAuB;AACvB,YAAM,IAAI;AAAA,QACN,kBAAkB,QAAQ,QAAQ,gBAAgB,QAAQ,MAAM;AAAA,MACpE;AAAA,IACJ;AAEA,WAAO,QACF,gBAAgB,aAAa,EAC7B,yBAAyB,QAAQ,EACjC,cAAc,gBAAgB,EAC9B,MAAM,KAAK,SAAS,mBAAmB,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB;AACrB,WAAO,KAAK,+CAA+C;AAE3D,UAAM,KAAK,MAAM;AAAA,EACrB;AAAA,EAEA,MAAgB,WAAW;AACvB,QAAI,KAAK,gBAAgB,UAAa,CAAC,KAAK,eAAe;AACvD,aAAO,MAAM,8BAA8B,KAAK,WAAW,EAAE;AAC7D,YAAM,KAAK,SAAS,aAAa,KAAK,WAAW;AAAA,IACrD;AAIA,UAAM,KAAK,kBAAkB;AAK7B,QAAI,SAA6B;AACjC,QAAI,KAAK,gBAAgB,QAAW;AAChC,YAAM,cAAc,KAAK;AACzB,eAAS,KAAK,SAAS,WAAW,EAAE,KAAK,CAAAA,YAAUA,QAAO,gBAAgB,WAAW;AACrF,UAAI,WAAW,QAAW;AACtB,cAAM,UAAU,KAAK,UAAU,kBAAkB,QAAQ,OAAO,UAAU;AAC1E,YAAI,YAAY,UAAa,QAAQ,UAAU;AAC3C,gBAAO,QAA+B,MAAM,KAAK;AAAA,QACrD;AAAA,MACJ;AAAA,IACJ;AAIA,UAAM,KAAK,oBAAoB;AAK/B,QAAI,KAAK,iBAAiB,KAAK,qBAAqB,QAAW;AAE3D,YAAM,KAAK,cAAc,KAAK,gBAAgB;AAAA,IAClD;AAIA,QAAI,CAAC,KAAK,iBAAiB,WAAW,QAAW;AAC7C,YAAM,cAAc,KAAK;AACzB,UAAI,gBAAgB,QAAW;AAC3B,cAAMA,UAAS,KAAK,SAAS,WAAW,EAAE,KAAK,CAAAA,YAAUA,QAAO,gBAAgB,WAAW;AAC3F,YAAIA,YAAW,QAAW;AACtB,gBAAM,KAAK,aAAaA,OAAM;AAAA,QAClC;AAAA,MACJ;AAAA,IACJ;AAGA,UAAM,KAAK,kBAAkB;AAAA,EAKjC;AAAA,EAOA,MAAM,cAAc,QAAgB;AAChC,UAAM,KAAK,aAAa,MAAM;AAAA,EAClC;AAKJ;",
+  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport type { MatterDevice } from \"../MatterDevice.js\";\nimport { CaseAuthenticatedTag } from \"../datatype/CaseAuthenticatedTag.js\";\nimport { NodeId } from \"../datatype/NodeId.js\";\nimport { VendorId } from \"../datatype/VendorId.js\";\nimport { Fabric, FabricBuilder } from \"../fabric/Fabric.js\";\nimport { FabricManager } from \"../fabric/FabricManager.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { SessionManager } from \"../session/SessionManager.js\";\nimport { AsyncConstruction } from \"../util/AsyncConstruction.js\";\nimport { ByteArray } from \"../util/ByteArray.js\";\nimport { AsyncObservable } from \"../util/Observable.js\";\nimport { FailsafeTimer, MatterFabricConflictError } from \"./FailsafeTimer.js\";\nimport { MatterFlowError, UnexpectedDataError } from \"./MatterError.js\";\nimport { ValidationError } from \"./ValidationError.js\";\n\nconst logger = Logger.get(\"FailsafeContext\");\n\nexport class MatterFabricInvalidAdminSubjectError extends MatterFlowError {}\n\n/**\n * A \"timed operation\" is a command or sequence of commands that operate with a failsafe timer that will abort the\n * operation if it does not complete within a specific window.\n *\n * FailsafeContext maintains the failsafe timer and tracks information required to rollback state if the operation\n * aborts.\n *\n * Timed operations are exclusive for a node.\n */\nexport abstract class FailsafeContext {\n    #sessions: SessionManager<MatterDevice>;\n    #fabrics: FabricManager;\n    #failsafe?: FailsafeTimer;\n    #construction: AsyncConstruction<FailsafeContext>;\n    #associatedFabric?: Fabric;\n    #csrSessionId?: number;\n    #forUpdateNoc?: boolean;\n    #fabricBuilder = new FabricBuilder();\n\n    #commissioned = AsyncObservable<[], void>();\n\n    constructor(options: FailsafeContext.Options) {\n        const { expiryLengthSeconds, associatedFabric, maxCumulativeFailsafeSeconds } = options;\n\n        this.#sessions = options.sessions;\n        this.#fabrics = options.fabrics;\n        this.#associatedFabric = options.associatedFabric;\n\n        this.#construction = AsyncConstruction(this, async () => {\n            // Ensure derived class construction is complete\n            await Promise.resolve();\n\n            await this.storeEndpointState();\n\n            // If ExpiryLengthSeconds is non-zero and the fail-safe timer was not currently armed, then the fail-safe\n            // timer SHALL be armed for that duration.\n            this.#failsafe = new FailsafeTimer(\n                associatedFabric,\n                expiryLengthSeconds,\n                maxCumulativeFailsafeSeconds,\n                () => this.#failSafeExpired(),\n            );\n            logger.debug(`Arm failSafe timer for ${expiryLengthSeconds}s.`);\n        });\n    }\n\n    async extend(fabric: Fabric | undefined, expiryLengthSeconds: number) {\n        await this.#construction;\n        await this.#failsafe?.reArm(fabric, expiryLengthSeconds);\n        if (expiryLengthSeconds > 0) {\n            logger.debug(`Extend failSafe timer for ${expiryLengthSeconds}s.`);\n        }\n    }\n\n    get fabricIndex() {\n        return this.#fabricBuilder.fabricIndex;\n    }\n\n    get construction() {\n        return this.#construction;\n    }\n\n    get commissioned() {\n        return this.#commissioned;\n    }\n\n    get associatedFabric() {\n        return this.#associatedFabric;\n    }\n\n    get csrSessionId() {\n        return this.#csrSessionId;\n    }\n\n    get forUpdateNoc() {\n        return this.#forUpdateNoc;\n    }\n\n    get hasRootCert() {\n        return this.#fabricBuilder.hasRootCert();\n    }\n\n    get rootCert() {\n        return this.#fabricBuilder.rootCert;\n    }\n\n    async completeCommission() {\n        // 1. The Fail-Safe timer associated with the current Fail-Safe context SHALL be disarmed.\n        if (this.#failsafe === undefined) {\n            throw new MatterFlowError(\"armFailSafe should be called first!\"); // TODO\n        }\n        this.#failsafe.complete();\n\n        if (this.fabricIndex !== undefined) {\n            await this.#fabrics.persistFabrics();\n        }\n\n        this.#failsafe = undefined;\n\n        // 2. The commissioning window at the Server SHALL be closed.\n        await this.commissioned.emit();\n\n        // TODO 3. Any temporary administrative privileges automatically granted to any open PASE session SHALL be revoked (see Section 6.6.2.8, \u201CBootstrapping of the Access Control Cluster\u201D).\n\n        // 4. The Secure Session Context of any PASE session still established at the Server SHALL be cleared.\n        await this.removePaseSession();\n\n        await this.close();\n    }\n\n    getFailSafeContext() {\n        if (this.#failsafe === undefined) throw new MatterFlowError(\"armFailSafe should be called first!\");\n        return this.#failsafe;\n    }\n\n    getNextFabricIndex() {\n        return this.#fabrics.getNextFabricIndex();\n    }\n\n    async addFabric(fabric: Fabric) {\n        this.#fabrics.addFabric(fabric);\n        if (this.#failsafe !== undefined) {\n            this.#associatedFabric = this.#failsafe.associatedFabric = fabric;\n        }\n        return fabric.fabricIndex;\n    }\n\n    async updateFabric(fabric: Fabric) {\n        await this.#fabrics.updateFabric(fabric);\n        await this.#sessions.updateFabricForResumptionRecords(fabric);\n    }\n\n    /**\n     * Handles a CSR from OperationalCredentials cluster and stores additional internal information for further\n     * validity checks.\n     */\n    createCertificateSigningRequest(isForUpdateNoc: boolean, sessionId: number) {\n        if (this.#fabrics.findByKeypair(this.#fabricBuilder.keyPair)) {\n            throw new MatterFlowError(\"Key pair already exists.\"); // becomes Failure as StateResponse\n        }\n\n        const result = this.#fabricBuilder.createCertificateSigningRequest();\n        this.#csrSessionId = sessionId;\n        this.#forUpdateNoc = isForUpdateNoc;\n        return result;\n    }\n\n    async removePaseSession() {\n        const session = this.#sessions.getPaseSession();\n        if (session) {\n            await session.close(true);\n        }\n    }\n\n    async close() {\n        await this.#construction;\n        await this.#construction.close(async () => {\n            if (this.#failsafe) {\n                await this.#failsafe.close();\n                this.#failsafe = undefined;\n                await this.rollback();\n            }\n        });\n    }\n\n    /** Handles adding a trusted root certificate from Operational Credentials cluster. */\n    setRootCert(rootCert: ByteArray) {\n        this.#fabricBuilder.setRootCert(rootCert);\n    }\n\n    /**\n     * Build a new Fabric object based on an existing fabric for the \"UpdateNoc\" case of the Operational Credentials\n     * cluster.\n     */\n    async buildUpdatedFabric(nocValue: ByteArray, icacValue: ByteArray | undefined) {\n        if (this.associatedFabric === undefined) {\n            throw new MatterFlowError(\"No fabric associated with failsafe context, but we prepare an Fabric update.\");\n        }\n        this.#fabricBuilder.initializeFromFabricForUpdate(this.associatedFabric);\n        this.#fabricBuilder.setOperationalCert(nocValue, icacValue);\n        return await this.#fabricBuilder.build(this.associatedFabric.fabricIndex);\n    }\n\n    /** Build a new Fabric object for a new fabric for the \"AddNoc\" case of the Operational Credentials cluster. */\n    async buildFabric(nocData: {\n        nocValue: ByteArray;\n        icacValue: ByteArray | undefined;\n        adminVendorId: VendorId;\n        ipkValue: ByteArray;\n        caseAdminSubject: NodeId;\n    }) {\n        const builder = this.#fabricBuilder;\n\n        const { nocValue, icacValue, adminVendorId, ipkValue, caseAdminSubject } = nocData;\n\n        // Handle error if the CaseAdminSubject field is not a valid ACL subject in the context of AuthMode set to CASE\n        if (!NodeId.isOperationalNodeId(caseAdminSubject) && !NodeId.isCaseAuthenticatedTag(caseAdminSubject)) {\n            try {\n                if (CaseAuthenticatedTag.getVersion(NodeId.extractAsCaseAuthenticatedTag(caseAdminSubject)) === 0) {\n                    throw new MatterFabricInvalidAdminSubjectError();\n                }\n            } catch (error) {\n                // Validation error can happen when parsing the CaseAuthenticatedTag, then it is invalid too\n                if (error instanceof ValidationError || error instanceof UnexpectedDataError) {\n                    throw new MatterFabricInvalidAdminSubjectError();\n                } else {\n                    throw error;\n                }\n            }\n        }\n\n        builder.setOperationalCert(nocValue, icacValue);\n        const fabricAlreadyExisting = this.#fabrics.getFabrics().find(fabric => builder.matchesToFabric(fabric));\n\n        if (fabricAlreadyExisting) {\n            throw new MatterFabricConflictError(\n                `Fabric with Id ${builder.fabricId} and Node Id ${builder.nodeId} already exists.`,\n            );\n        }\n\n        return builder\n            .setRootVendorId(adminVendorId)\n            .setIdentityProtectionKey(ipkValue)\n            .setRootNodeId(caseAdminSubject)\n            .build(this.#fabrics.getNextFabricIndex());\n    }\n\n    async #failSafeExpired() {\n        logger.info(\"Failsafe timer expired, Reset fabric builder.\");\n\n        await this.close();\n    }\n\n    protected async rollback() {\n        if (this.fabricIndex !== undefined && !this.#forUpdateNoc) {\n            logger.debug(`Revoking fabric with index ${this.fabricIndex}`);\n            await this.#fabrics.revokeFabric(this.fabricIndex);\n        }\n\n        // On expiry of the fail-safe timer, the following actions SHALL be performed in order:\n        // 1. Terminate any open PASE secure session by clearing any associated Secure Session Context at the Server.\n        await this.removePaseSession();\n\n        // TODO 2. Revoke the temporary administrative privileges granted to any open PASE session (see Section 6.6.2.8, \u201CBootstrapping of the Access Control Cluster\u201D) at the Server.\n\n        // 3. If an AddNOC or UpdateNOC command has been successfully invoked, terminate all CASE sessions associated with the Fabric whose Fabric Index is recorded in the Fail-Safe context (see Section 11.9.6.2, \u201CArmFailSafe Command\u201D) by clearing any associated Secure Session Context at the Server.\n        let fabric: Fabric | undefined = undefined;\n        if (this.fabricIndex !== undefined) {\n            const fabricIndex = this.fabricIndex;\n            fabric = this.#fabrics.getFabrics().find(fabric => fabric.fabricIndex === fabricIndex);\n            if (fabric !== undefined) {\n                const session = this.#sessions.getSessionForNode(fabric, fabric.rootNodeId);\n                if (session !== undefined && session.isSecure) {\n                    await (session as SecureSession<any>).close(false);\n                }\n            }\n        }\n\n        // 4. Reset the configuration of all Network Commissioning Networks attribute to their state prior to the\n        //    Fail-Safe being armed.\n        await this.restoreNetworkState();\n\n        // 5. If an UpdateNOC command had been successfully invoked, revert the state of operational key pair, NOC and\n        //    ICAC for that Fabric to the state prior to the Fail-Safe timer being armed, for the Fabric Index that was\n        //    the subject of the UpdateNOC command.\n        if (this.#forUpdateNoc && this.associatedFabric !== undefined) {\n            // update FabricManager and Resumption records but leave current session intact\n            await this.restoreFabric(this.associatedFabric);\n        }\n\n        // 6. If an AddNOC command had been successfully invoked, achieve the equivalent effect of invoking the RemoveFabric command against the Fabric Index stored in the Fail-Safe Context for the Fabric Index that was the subject of the AddNOC command. This SHALL remove all associations to that Fabric including all fabric-scoped data, and MAY possibly factory-reset the device depending on current device state. This SHALL only apply to Fabrics added during the fail-safe period as the result of the AddNOC command.\n        // 7. Remove any RCACs added by the AddTrustedRootCertificate command that are not currently referenced by any entry in the Fabrics attribute.\n        if (!this.#forUpdateNoc && fabric !== undefined) {\n            const fabricIndex = this.fabricIndex;\n            if (fabricIndex !== undefined) {\n                const fabric = this.#fabrics.getFabrics().find(fabric => fabric.fabricIndex === fabricIndex);\n                if (fabric !== undefined) {\n                    await this.revokeFabric(fabric);\n                }\n            }\n        }\n\n        // 8. Reset the Breadcrumb attribute to zero.\n        await this.restoreBreadcrumb();\n\n        // TODO 9. Optionally: if no factory-reset resulted from the previous steps, it is RECOMMENDED that the\n        //  Node rollback the state of all non fabric-scoped data present in the Fail-Safe context.\n        //  In theory happens automatically by revoking last fabric\n    }\n\n    abstract storeEndpointState(): Promise<void>;\n\n    /** Restore Cluster data when the FailSafe context expired. */\n    abstract restoreNetworkState(): Promise<void>;\n\n    async restoreFabric(fabric: Fabric) {\n        await this.updateFabric(fabric);\n    }\n\n    abstract revokeFabric(fabric: Fabric): Promise<void>;\n\n    abstract restoreBreadcrumb(): Promise<void>;\n}\n\nexport namespace FailsafeContext {\n    export interface Options {\n        sessions: SessionManager<MatterDevice>;\n        fabrics: FabricManager;\n        expiryLengthSeconds: number;\n        maxCumulativeFailsafeSeconds: number;\n        associatedFabric: Fabric | undefined;\n    }\n}\n"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAOA,SAAS,4BAA4B;AACrC,SAAS,cAAc;AAEvB,SAAiB,qBAAqB;AAEtC,SAAS,cAAc;AAGvB,SAAS,yBAAyB;AAElC,SAAS,uBAAuB;AAChC,SAAS,eAAe,iCAAiC;AACzD,SAAS,iBAAiB,2BAA2B;AACrD,SAAS,uBAAuB;AAEhC,MAAM,SAAS,OAAO,IAAI,iBAAiB;AAEpC,MAAM,6CAA6C,gBAAgB;AAAC;AAWpE,MAAe,gBAAgB;AAAA,EAClC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,iBAAiB,IAAI,cAAc;AAAA,EAEnC,gBAAgB,gBAA0B;AAAA,EAE1C,YAAY,SAAkC;AAC1C,UAAM,EAAE,qBAAqB,kBAAkB,6BAA6B,IAAI;AAEhF,SAAK,YAAY,QAAQ;AACzB,SAAK,WAAW,QAAQ;AACxB,SAAK,oBAAoB,QAAQ;AAEjC,SAAK,gBAAgB,kBAAkB,MAAM,YAAY;AAErD,YAAM,QAAQ,QAAQ;AAEtB,YAAM,KAAK,mBAAmB;AAI9B,WAAK,YAAY,IAAI;AAAA,QACjB;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,KAAK,iBAAiB;AAAA,MAChC;AACA,aAAO,MAAM,0BAA0B,mBAAmB,IAAI;AAAA,IAClE,CAAC;AAAA,EACL;AAAA,EAEA,MAAM,OAAO,QAA4B,qBAA6B;AAClE,UAAM,KAAK;AACX,UAAM,KAAK,WAAW,MAAM,QAAQ,mBAAmB;AACvD,QAAI,sBAAsB,GAAG;AACzB,aAAO,MAAM,6BAA6B,mBAAmB,IAAI;AAAA,IACrE;AAAA,EACJ;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK,eAAe;AAAA,EAC/B;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,mBAAmB;AACnB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK,eAAe,YAAY;AAAA,EAC3C;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK,eAAe;AAAA,EAC/B;AAAA,EAEA,MAAM,qBAAqB;AAEvB,QAAI,KAAK,cAAc,QAAW;AAC9B,YAAM,IAAI,gBAAgB,qCAAqC;AAAA,IACnE;AACA,SAAK,UAAU,SAAS;AAExB,QAAI,KAAK,gBAAgB,QAAW;AAChC,YAAM,KAAK,SAAS,eAAe;AAAA,IACvC;AAEA,SAAK,YAAY;AAGjB,UAAM,KAAK,aAAa,KAAK;AAK7B,UAAM,KAAK,kBAAkB;AAE7B,UAAM,KAAK,MAAM;AAAA,EACrB;AAAA,EAEA,qBAAqB;AACjB,QAAI,KAAK,cAAc,OAAW,OAAM,IAAI,gBAAgB,qCAAqC;AACjG,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,qBAAqB;AACjB,WAAO,KAAK,SAAS,mBAAmB;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAU,QAAgB;AAC5B,SAAK,SAAS,UAAU,MAAM;AAC9B,QAAI,KAAK,cAAc,QAAW;AAC9B,WAAK,oBAAoB,KAAK,UAAU,mBAAmB;AAAA,IAC/D;AACA,WAAO,OAAO;AAAA,EAClB;AAAA,EAEA,MAAM,aAAa,QAAgB;AAC/B,UAAM,KAAK,SAAS,aAAa,MAAM;AACvC,UAAM,KAAK,UAAU,iCAAiC,MAAM;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gCAAgC,gBAAyB,WAAmB;AACxE,QAAI,KAAK,SAAS,cAAc,KAAK,eAAe,OAAO,GAAG;AAC1D,YAAM,IAAI,gBAAgB,0BAA0B;AAAA,IACxD;AAEA,UAAM,SAAS,KAAK,eAAe,gCAAgC;AACnE,SAAK,gBAAgB;AACrB,SAAK,gBAAgB;AACrB,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,oBAAoB;AACtB,UAAM,UAAU,KAAK,UAAU,eAAe;AAC9C,QAAI,SAAS;AACT,YAAM,QAAQ,MAAM,IAAI;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ;AACV,UAAM,KAAK;AACX,UAAM,KAAK,cAAc,MAAM,YAAY;AACvC,UAAI,KAAK,WAAW;AAChB,cAAM,KAAK,UAAU,MAAM;AAC3B,aAAK,YAAY;AACjB,cAAM,KAAK,SAAS;AAAA,MACxB;AAAA,IACJ,CAAC;AAAA,EACL;AAAA;AAAA,EAGA,YAAY,UAAqB;AAC7B,SAAK,eAAe,YAAY,QAAQ;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,mBAAmB,UAAqB,WAAkC;AAC5E,QAAI,KAAK,qBAAqB,QAAW;AACrC,YAAM,IAAI,gBAAgB,8EAA8E;AAAA,IAC5G;AACA,SAAK,eAAe,8BAA8B,KAAK,gBAAgB;AACvE,SAAK,eAAe,mBAAmB,UAAU,SAAS;AAC1D,WAAO,MAAM,KAAK,eAAe,MAAM,KAAK,iBAAiB,WAAW;AAAA,EAC5E;AAAA;AAAA,EAGA,MAAM,YAAY,SAMf;AACC,UAAM,UAAU,KAAK;AAErB,UAAM,EAAE,UAAU,WAAW,eAAe,UAAU,iBAAiB,IAAI;AAG3E,QAAI,CAAC,OAAO,oBAAoB,gBAAgB,KAAK,CAAC,OAAO,uBAAuB,gBAAgB,GAAG;AACnG,UAAI;AACA,YAAI,qBAAqB,WAAW,OAAO,8BAA8B,gBAAgB,CAAC,MAAM,GAAG;AAC/F,gBAAM,IAAI,qCAAqC;AAAA,QACnD;AAAA,MACJ,SAAS,OAAO;AAEZ,YAAI,iBAAiB,mBAAmB,iBAAiB,qBAAqB;AAC1E,gBAAM,IAAI,qCAAqC;AAAA,QACnD,OAAO;AACH,gBAAM;AAAA,QACV;AAAA,MACJ;AAAA,IACJ;AAEA,YAAQ,mBAAmB,UAAU,SAAS;AAC9C,UAAM,wBAAwB,KAAK,SAAS,WAAW,EAAE,KAAK,YAAU,QAAQ,gBAAgB,MAAM,CAAC;AAEvG,QAAI,uBAAuB;AACvB,YAAM,IAAI;AAAA,QACN,kBAAkB,QAAQ,QAAQ,gBAAgB,QAAQ,MAAM;AAAA,MACpE;AAAA,IACJ;AAEA,WAAO,QACF,gBAAgB,aAAa,EAC7B,yBAAyB,QAAQ,EACjC,cAAc,gBAAgB,EAC9B,MAAM,KAAK,SAAS,mBAAmB,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB;AACrB,WAAO,KAAK,+CAA+C;AAE3D,UAAM,KAAK,MAAM;AAAA,EACrB;AAAA,EAEA,MAAgB,WAAW;AACvB,QAAI,KAAK,gBAAgB,UAAa,CAAC,KAAK,eAAe;AACvD,aAAO,MAAM,8BAA8B,KAAK,WAAW,EAAE;AAC7D,YAAM,KAAK,SAAS,aAAa,KAAK,WAAW;AAAA,IACrD;AAIA,UAAM,KAAK,kBAAkB;AAK7B,QAAI,SAA6B;AACjC,QAAI,KAAK,gBAAgB,QAAW;AAChC,YAAM,cAAc,KAAK;AACzB,eAAS,KAAK,SAAS,WAAW,EAAE,KAAK,CAAAA,YAAUA,QAAO,gBAAgB,WAAW;AACrF,UAAI,WAAW,QAAW;AACtB,cAAM,UAAU,KAAK,UAAU,kBAAkB,QAAQ,OAAO,UAAU;AAC1E,YAAI,YAAY,UAAa,QAAQ,UAAU;AAC3C,gBAAO,QAA+B,MAAM,KAAK;AAAA,QACrD;AAAA,MACJ;AAAA,IACJ;AAIA,UAAM,KAAK,oBAAoB;AAK/B,QAAI,KAAK,iBAAiB,KAAK,qBAAqB,QAAW;AAE3D,YAAM,KAAK,cAAc,KAAK,gBAAgB;AAAA,IAClD;AAIA,QAAI,CAAC,KAAK,iBAAiB,WAAW,QAAW;AAC7C,YAAM,cAAc,KAAK;AACzB,UAAI,gBAAgB,QAAW;AAC3B,cAAMA,UAAS,KAAK,SAAS,WAAW,EAAE,KAAK,CAAAA,YAAUA,QAAO,gBAAgB,WAAW;AAC3F,YAAIA,YAAW,QAAW;AACtB,gBAAM,KAAK,aAAaA,OAAM;AAAA,QAClC;AAAA,MACJ;AAAA,IACJ;AAGA,UAAM,KAAK,kBAAkB;AAAA,EAKjC;AAAA,EAOA,MAAM,cAAc,QAAgB;AAChC,UAAM,KAAK,aAAa,MAAM;AAAA,EAClC;AAKJ;",
   "names": ["fabric"]
 }

package/dist/esm/crypto/Crypto.d.ts CHANGED Viewed

@@ -119,7 +119,7 @@ export declare const CRYPTO_EC_KEY_BYTES = 32;
 export declare const CRYPTO_AUTH_TAG_LENGTH = 16;
 export declare const CRYPTO_SYMMETRIC_KEY_LENGTH = 16;
 export type CryptoDsaEncoding = "ieee-p1363" | "der";
-export declare class CryptoError extends MatterError {
+export declare class CryptoVerifyError extends MatterError {
 }
 export declare abstract class Crypto {
     static get: () => Crypto;

package/dist/esm/crypto/Crypto.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Crypto.d.ts","sourceRoot":"","sources":["../../../src/crypto/Crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,GAAG,MAAM,gCAAgC,CAAC;AACtD,OAAO,KAAK,KAAK,MAAM,8BAA8B,CAAC;AAEtD,OAAO,EAAE,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AACxE,OAAO,EAAE,SAAS,EAAU,MAAM,sBAAsB,CAAC;AAEzD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEtC,eAAO,MAAM,EAAE;;IAdf;;;;OAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAcF,CAAC;AAEF,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,eAAO,MAAM,wBAAwB,gBAAgB,CAAC;AACtD,eAAO,MAAM,qBAAqB,WAAW,CAAC;AAC9C,eAAO,MAAM,eAAe,eAAe,CAAC;AAC5C,eAAO,MAAM,mBAAmB,KAAK,CAAC;AACtC,eAAO,MAAM,sBAAsB,KAAK,CAAC;AACzC,eAAO,MAAM,2BAA2B,KAAK,CAAC;AAC9C,MAAM,MAAM,iBAAiB,GAAG,YAAY,GAAG,KAAK,CAAC;AAErD,qBAAa,~~WAAY~~,SAAQ,WAAW;CAAG;~~AAE/C~~,8BAAsB,MAAM;IACxB,MAAM,CAAC,GAAG,EAAE,MAAM,MAAM,CAEtB;IAEF,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,SAAS,GAAG,SAAS;IAC/F,MAAM,CAAC,QAAQ,CAAC,OAAO,QAAS,SAAS,QAAQ,SAAS,SAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CACzD;IAEhD,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,SAAS,GAAG,SAAS;IAC/F,MAAM,CAAC,QAAQ,CAAC,OAAO,QAAS,SAAS,QAAQ,SAAS,SAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CACzD;IAEhD,QAAQ,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IACjD,MAAM,CAAC,QAAQ,CAAC,aAAa,WAAY,MAAM,KAAG,SAAS,CAAuC;IAElG,MAAM,CAAC,QAAQ,CAAC,SAAS,QAAO,SAAS,CAAqD;IAE9F,MAAM,CAAC,QAAQ,CAAC,eAAe,QAAO,MAAM,CACkC;IAE9E,MAAM,CAAC,QAAQ,CAAC,eAAe,QAAO,MAAM,CACkC;IAE9E,MAAM,CAAC,QAAQ,CAAC,kBAAkB,QAAO,MAAM,CAC+B;IAE9E,MAAM,CAAC,QAAQ,CAAC,eAAe,SAAU,MAAM,aAAa,MAAM,KAAG,MAAM,CASzE;IAEF,QAAQ,CAAC,qBAAqB,IAAI;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE;IACrE,MAAM,CAAC,QAAQ,CAAC,qBAAqB,QAAO;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE,CACtC;IAEzC,QAAQ,CAAC,8BAA8B,CAAC,aAAa,EAAE,SAAS,GAAG;QAC/D,SAAS,EAAE,SAAS,CAAC;QACrB,YAAY,EAAE,SAAS,CAAC;KAC3B;IACD,MAAM,CAAC,QAAQ,CAAC,8BAA8B,kBAC3B,SAAS,KACzB;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,YAAY,EAAE,SAAS,CAAA;KAAE,CAA+D;IAEnH,QAAQ,CAAC,kBAAkB,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,SAAS;IAC3E,MAAM,CAAC,QAAQ,CAAC,kBAAkB,kBAAmB,SAAS,QAAQ,GAAG,KAAG,SAAS,CAC5B;IAEzD,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,GAAG,SAAS,EAAE,GAAG,SAAS;IACvD,MAAM,CAAC,QAAQ,CAAC,IAAI,SAAU,SAAS,GAAG,SAAS,EAAE,KAAG,SAAS,CAA4B;IAE7F,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAC7G,MAAM,CAAC,QAAQ,CAAC,MAAM,WACV,SAAS,QACX,SAAS,aACJ,MAAM,aACN,MAAM,KAClB,QAAQ,SAAS,CAAC,CAA4D;IAEjF,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IACvG,MAAM,CAAC,QAAQ,CAAC,IAAI,WAAY,SAAS,QAAQ,SAAS,QAAQ,SAAS,WAAW,MAAM,KAAG,QAAQ,SAAS,CAAC,CAC/D;IAElD,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,GAAG,SAAS;IACzD,MAAM,CAAC,QAAQ,CAAC,IAAI,QAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CAAiC;IAEpG,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,GAAG,SAAS,EAAE,EAAE,WAAW,CAAC,EAAE,iBAAiB,GAAG,SAAS;IAChH,MAAM,CAAC,QAAQ,CAAC,IAAI,eACJ,UAAU,QAChB,SAAS,GAAG,SAAS,EAAE,gBACf,iBAAiB,KAChC,SAAS,CAAqD;IAEjE,QAAQ,CAAC,MAAM,CACX,SAAS,EAAE,UAAU,EACrB,IAAI,EAAE,SAAS,EACf,SAAS,EAAE,SAAS,EACpB,WAAW,CAAC,EAAE,iBAAiB,GAChC,IAAI;IACP,MAAM,CAAC,QAAQ,CAAC,MAAM,cACP,UAAU,QACf,SAAS,aACJ,SAAS,gBACN,iBAAiB,KAChC,IAAI,CAAiE;IAExE,QAAQ,CAAC,aAAa,IAAI,UAAU;IACpC,MAAM,CAAC,QAAQ,CAAC,aAAa,QAAO,UAAU,CAAiC;CAClF"}
1	+ {"version":3,"file":"Crypto.d.ts","sourceRoot":"","sources":["../../../src/crypto/Crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,GAAG,MAAM,gCAAgC,CAAC;AACtD,OAAO,KAAK,KAAK,MAAM,8BAA8B,CAAC;AAEtD,OAAO,EAAE,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AACxE,OAAO,EAAE,SAAS,EAAU,MAAM,sBAAsB,CAAC;AAEzD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEtC,eAAO,MAAM,EAAE;;IAdf;;;;OAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAcF,CAAC;AAEF,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,eAAO,MAAM,wBAAwB,gBAAgB,CAAC;AACtD,eAAO,MAAM,qBAAqB,WAAW,CAAC;AAC9C,eAAO,MAAM,eAAe,eAAe,CAAC;AAC5C,eAAO,MAAM,mBAAmB,KAAK,CAAC;AACtC,eAAO,MAAM,sBAAsB,KAAK,CAAC;AACzC,eAAO,MAAM,2BAA2B,KAAK,CAAC;AAC9C,MAAM,MAAM,iBAAiB,GAAG,YAAY,GAAG,KAAK,CAAC;AAErD,qBAAa,iBAAkB,SAAQ,WAAW;CAAG;AAErD,8BAAsB,MAAM;IACxB,MAAM,CAAC,GAAG,EAAE,MAAM,MAAM,CAEtB;IAEF,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,SAAS,GAAG,SAAS;IAC/F,MAAM,CAAC,QAAQ,CAAC,OAAO,QAAS,SAAS,QAAQ,SAAS,SAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CACzD;IAEhD,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,SAAS,GAAG,SAAS;IAC/F,MAAM,CAAC,QAAQ,CAAC,OAAO,QAAS,SAAS,QAAQ,SAAS,SAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CACzD;IAEhD,QAAQ,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS;IACjD,MAAM,CAAC,QAAQ,CAAC,aAAa,WAAY,MAAM,KAAG,SAAS,CAAuC;IAElG,MAAM,CAAC,QAAQ,CAAC,SAAS,QAAO,SAAS,CAAqD;IAE9F,MAAM,CAAC,QAAQ,CAAC,eAAe,QAAO,MAAM,CACkC;IAE9E,MAAM,CAAC,QAAQ,CAAC,eAAe,QAAO,MAAM,CACkC;IAE9E,MAAM,CAAC,QAAQ,CAAC,kBAAkB,QAAO,MAAM,CAC+B;IAE9E,MAAM,CAAC,QAAQ,CAAC,eAAe,SAAU,MAAM,aAAa,MAAM,KAAG,MAAM,CASzE;IAEF,QAAQ,CAAC,qBAAqB,IAAI;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE;IACrE,MAAM,CAAC,QAAQ,CAAC,qBAAqB,QAAO;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,IAAI,EAAE,GAAG,CAAA;KAAE,CACtC;IAEzC,QAAQ,CAAC,8BAA8B,CAAC,aAAa,EAAE,SAAS,GAAG;QAC/D,SAAS,EAAE,SAAS,CAAC;QACrB,YAAY,EAAE,SAAS,CAAC;KAC3B;IACD,MAAM,CAAC,QAAQ,CAAC,8BAA8B,kBAC3B,SAAS,KACzB;QAAE,SAAS,EAAE,SAAS,CAAC;QAAC,YAAY,EAAE,SAAS,CAAA;KAAE,CAA+D;IAEnH,QAAQ,CAAC,kBAAkB,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,GAAG,SAAS;IAC3E,MAAM,CAAC,QAAQ,CAAC,kBAAkB,kBAAmB,SAAS,QAAQ,GAAG,KAAG,SAAS,CAC5B;IAEzD,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,GAAG,SAAS,EAAE,GAAG,SAAS;IACvD,MAAM,CAAC,QAAQ,CAAC,IAAI,SAAU,SAAS,GAAG,SAAS,EAAE,KAAG,SAAS,CAA4B;IAE7F,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAC7G,MAAM,CAAC,QAAQ,CAAC,MAAM,WACV,SAAS,QACX,SAAS,aACJ,MAAM,aACN,MAAM,KAClB,QAAQ,SAAS,CAAC,CAA4D;IAEjF,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IACvG,MAAM,CAAC,QAAQ,CAAC,IAAI,WAAY,SAAS,QAAQ,SAAS,QAAQ,SAAS,WAAW,MAAM,KAAG,QAAQ,SAAS,CAAC,CAC/D;IAElD,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,GAAG,SAAS;IACzD,MAAM,CAAC,QAAQ,CAAC,IAAI,QAAS,SAAS,QAAQ,SAAS,KAAG,SAAS,CAAiC;IAEpG,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,GAAG,SAAS,EAAE,EAAE,WAAW,CAAC,EAAE,iBAAiB,GAAG,SAAS;IAChH,MAAM,CAAC,QAAQ,CAAC,IAAI,eACJ,UAAU,QAChB,SAAS,GAAG,SAAS,EAAE,gBACf,iBAAiB,KAChC,SAAS,CAAqD;IAEjE,QAAQ,CAAC,MAAM,CACX,SAAS,EAAE,UAAU,EACrB,IAAI,EAAE,SAAS,EACf,SAAS,EAAE,SAAS,EACpB,WAAW,CAAC,EAAE,iBAAiB,GAChC,IAAI;IACP,MAAM,CAAC,QAAQ,CAAC,MAAM,cACP,UAAU,QACf,SAAS,aACJ,SAAS,gBACN,iBAAiB,KAChC,IAAI,CAAiE;IAExE,QAAQ,CAAC,aAAa,IAAI,UAAU;IACpC,MAAM,CAAC,QAAQ,CAAC,aAAa,QAAO,UAAU,CAAiC;CAClF"}

package/dist/esm/crypto/Crypto.js CHANGED Viewed

@@ -21,7 +21,7 @@ const CRYPTO_EC_CURVE = "prime256v1";
 const CRYPTO_EC_KEY_BYTES = 32;
 const CRYPTO_AUTH_TAG_LENGTH = 16;
 const CRYPTO_SYMMETRIC_KEY_LENGTH = 16;
-class CryptoError extends MatterError {
+class CryptoVerifyError extends MatterError {
 }
 class Crypto {
   static {
@@ -105,7 +105,7 @@ export {
   CRYPTO_RANDOM_LENGTH,
   CRYPTO_SYMMETRIC_KEY_LENGTH,
   Crypto,
-  CryptoError,
+  CryptoVerifyError,
   ec
 };
 //# sourceMappingURL=Crypto.js.map

package/dist/esm/crypto/Crypto.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/crypto/Crypto.ts"],
-  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport * as mod from \"@noble/curves/abstract/modular\";\nimport * as utils from \"@noble/curves/abstract/utils\";\nimport { p256 } from \"@noble/curves/p256\";\nimport { MatterError, NoProviderError } from \"../common/MatterError.js\";\nimport { ByteArray, Endian } from \"../util/ByteArray.js\";\nimport { DataReader } from \"../util/DataReader.js\";\nimport { PrivateKey } from \"./Key.js\";\n\nexport const ec = {\n    p256,\n    ...utils,\n    ...mod,\n};\n\nexport const CRYPTO_RANDOM_LENGTH = 32;\nexport const CRYPTO_ENCRYPT_ALGORITHM = \"aes-128-ccm\";\nexport const CRYPTO_HASH_ALGORITHM = \"sha256\";\nexport const CRYPTO_EC_CURVE = \"prime256v1\";\nexport const CRYPTO_EC_KEY_BYTES = 32;\nexport const CRYPTO_AUTH_TAG_LENGTH = 16;\nexport const CRYPTO_SYMMETRIC_KEY_LENGTH = 16;\nexport type CryptoDsaEncoding = \"ieee-p1363\" | \"der\";\n\nexport class CryptoError extends MatterError {}\n\nexport abstract class Crypto {\n    static get: () => Crypto = () => {\n        throw new NoProviderError(\"No provider configured\");\n    };\n\n    abstract encrypt(key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray;\n    static readonly encrypt = (key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray =>\n        Crypto.get().encrypt(key, data, nonce, aad);\n\n    abstract decrypt(key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray;\n    static readonly decrypt = (key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray =>\n        Crypto.get().decrypt(key, data, nonce, aad);\n\n    abstract getRandomData(length: number): ByteArray;\n    static readonly getRandomData = (length: number): ByteArray => Crypto.get().getRandomData(length);\n\n    static readonly getRandom = (): ByteArray => Crypto.get().getRandomData(CRYPTO_RANDOM_LENGTH);\n\n    static readonly getRandomUInt16 = (): number =>\n        new DataReader(Crypto.get().getRandomData(2), Endian.Little).readUInt16();\n\n    static readonly getRandomUInt32 = (): number =>\n        new DataReader(Crypto.get().getRandomData(4), Endian.Little).readUInt32();\n\n    static readonly getRandomBigUInt64 = (): bigint =>\n        new DataReader(Crypto.get().getRandomData(8), Endian.Little).readUInt64();\n\n    static readonly getRandomBigInt = (size: number, maxValue?: bigint): bigint => {\n        const { bytesToNumberBE } = ec;\n        if (maxValue === undefined) {\n            return bytesToNumberBE(Crypto.getRandomData(size));\n        }\n        while (true) {\n            const random = bytesToNumberBE(Crypto.getRandomData(size));\n            if (random < maxValue) return random;\n        }\n    };\n\n    abstract ecdhGeneratePublicKey(): { publicKey: ByteArray; ecdh: any };\n    static readonly ecdhGeneratePublicKey = (): { publicKey: ByteArray; ecdh: any } =>\n        Crypto.get().ecdhGeneratePublicKey();\n\n    abstract ecdhGeneratePublicKeyAndSecret(peerPublicKey: ByteArray): {\n        publicKey: ByteArray;\n        sharedSecret: ByteArray;\n    };\n    static readonly ecdhGeneratePublicKeyAndSecret = (\n        peerPublicKey: ByteArray,\n    ): { publicKey: ByteArray; sharedSecret: ByteArray } => Crypto.get().ecdhGeneratePublicKeyAndSecret(peerPublicKey);\n\n    abstract ecdhGenerateSecret(peerPublicKey: ByteArray, ecdh: any): ByteArray;\n    static readonly ecdhGenerateSecret = (peerPublicKey: ByteArray, ecdh: any): ByteArray =>\n        Crypto.get().ecdhGenerateSecret(peerPublicKey, ecdh);\n\n    abstract hash(data: ByteArray | ByteArray[]): ByteArray;\n    static readonly hash = (data: ByteArray | ByteArray[]): ByteArray => Crypto.get().hash(data);\n\n    abstract pbkdf2(secret: ByteArray, salt: ByteArray, iteration: number, keyLength: number): Promise<ByteArray>;\n    static readonly pbkdf2 = (\n        secret: ByteArray,\n        salt: ByteArray,\n        iteration: number,\n        keyLength: number,\n    ): Promise<ByteArray> => Crypto.get().pbkdf2(secret, salt, iteration, keyLength);\n\n    abstract hkdf(secret: ByteArray, salt: ByteArray, info: ByteArray, length?: number): Promise<ByteArray>;\n    static readonly hkdf = (secret: ByteArray, salt: ByteArray, info: ByteArray, length?: number): Promise<ByteArray> =>\n        Crypto.get().hkdf(secret, salt, info, length);\n\n    abstract hmac(key: ByteArray, data: ByteArray): ByteArray;\n    static readonly hmac = (key: ByteArray, data: ByteArray): ByteArray => Crypto.get().hmac(key, data);\n\n    abstract sign(privateKey: JsonWebKey, data: ByteArray | ByteArray[], dsaEncoding?: CryptoDsaEncoding): ByteArray;\n    static readonly sign = (\n        privateKey: JsonWebKey,\n        data: ByteArray | ByteArray[],\n        dsaEncoding?: CryptoDsaEncoding,\n    ): ByteArray => Crypto.get().sign(privateKey, data, dsaEncoding);\n\n    abstract verify(\n        publicKey: JsonWebKey,\n        data: ByteArray,\n        signature: ByteArray,\n        dsaEncoding?: CryptoDsaEncoding,\n    ): void;\n    static readonly verify = (\n        publicKey: JsonWebKey,\n        data: ByteArray,\n        signature: ByteArray,\n        dsaEncoding?: CryptoDsaEncoding,\n    ): void => Crypto.get().verify(publicKey, data, signature, dsaEncoding);\n\n    abstract createKeyPair(): PrivateKey;\n    static readonly createKeyPair = (): PrivateKey => Crypto.get().createKeyPair();\n}\n\n// Hook for testing frameworks\nif (typeof MatterHooks !== \"undefined\") {\n    MatterHooks.cryptoSetup?.(Crypto);\n}\n"],
-  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,YAAY,SAAS;AACrB,YAAY,WAAW;AACvB,SAAS,YAAY;AACrB,SAAS,aAAa,uBAAuB;AAC7C,SAAoB,cAAc;AAClC,SAAS,kBAAkB;AAGpB,MAAM,KAAK;AAAA,EACd;AAAA,EACA,GAAG;AAAA,EACH,GAAG;AACP;AAEO,MAAM,uBAAuB;AAC7B,MAAM,2BAA2B;AACjC,MAAM,wBAAwB;AAC9B,MAAM,kBAAkB;AACxB,MAAM,sBAAsB;AAC5B,MAAM,yBAAyB;AAC/B,MAAM,8BAA8B;AAGpC,MAAM,oBAAoB,YAAY;AAAC;AAEvC,MAAe,OAAO;AAAA,EACzB;AAAA,SAAO,MAAoB,MAAM;AAC7B,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACtD;AAAA;AAAA,EAGA;AAAA,SAAgB,UAAU,CAAC,KAAgB,MAAiB,OAAkB,QAC1E,OAAO,IAAI,EAAE,QAAQ,KAAK,MAAM,OAAO,GAAG;AAAA;AAAA,EAG9C;AAAA,SAAgB,UAAU,CAAC,KAAgB,MAAiB,OAAkB,QAC1E,OAAO,IAAI,EAAE,QAAQ,KAAK,MAAM,OAAO,GAAG;AAAA;AAAA,EAG9C;AAAA,SAAgB,gBAAgB,CAAC,WAA8B,OAAO,IAAI,EAAE,cAAc,MAAM;AAAA;AAAA,EAEhG;AAAA,SAAgB,YAAY,MAAiB,OAAO,IAAI,EAAE,cAAc,oBAAoB;AAAA;AAAA,EAE5F;AAAA,SAAgB,kBAAkB,MAC9B,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,kBAAkB,MAC9B,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,qBAAqB,MACjC,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,kBAAkB,CAAC,MAAc,aAA8B;AAC3E,YAAM,EAAE,gBAAgB,IAAI;AAC5B,UAAI,aAAa,QAAW;AACxB,eAAO,gBAAgB,OAAO,cAAc,IAAI,CAAC;AAAA,MACrD;AACA,aAAO,MAAM;AACT,cAAM,SAAS,gBAAgB,OAAO,cAAc,IAAI,CAAC;AACzD,YAAI,SAAS,SAAU,QAAO;AAAA,MAClC;AAAA,IACJ;AAAA;AAAA,EAGA;AAAA,SAAgB,wBAAwB,MACpC,OAAO,IAAI,EAAE,sBAAsB;AAAA;AAAA,EAMvC;AAAA,SAAgB,iCAAiC,CAC7C,kBACoD,OAAO,IAAI,EAAE,+BAA+B,aAAa;AAAA;AAAA,EAGjH;AAAA,SAAgB,qBAAqB,CAAC,eAA0B,SAC5D,OAAO,IAAI,EAAE,mBAAmB,eAAe,IAAI;AAAA;AAAA,EAGvD;AAAA,SAAgB,OAAO,CAAC,SAA6C,OAAO,IAAI,EAAE,KAAK,IAAI;AAAA;AAAA,EAG3F;AAAA,SAAgB,SAAS,CACrB,QACA,MACA,WACA,cACqB,OAAO,IAAI,EAAE,OAAO,QAAQ,MAAM,WAAW,SAAS;AAAA;AAAA,EAG/E;AAAA,SAAgB,OAAO,CAAC,QAAmB,MAAiB,MAAiB,WACzE,OAAO,IAAI,EAAE,KAAK,QAAQ,MAAM,MAAM,MAAM;AAAA;AAAA,EAGhD;AAAA,SAAgB,OAAO,CAAC,KAAgB,SAA+B,OAAO,IAAI,EAAE,KAAK,KAAK,IAAI;AAAA;AAAA,EAGlG;AAAA,SAAgB,OAAO,CACnB,YACA,MACA,gBACY,OAAO,IAAI,EAAE,KAAK,YAAY,MAAM,WAAW;AAAA;AAAA,EAQ/D;AAAA,SAAgB,SAAS,CACrB,WACA,MACA,WACA,gBACO,OAAO,IAAI,EAAE,OAAO,WAAW,MAAM,WAAW,WAAW;AAAA;AAAA,EAGtE;AAAA,SAAgB,gBAAgB,MAAkB,OAAO,IAAI,EAAE,cAAc;AAAA;AACjF;AAGA,IAAI,OAAO,gBAAgB,aAAa;AACpC,cAAY,cAAc,MAAM;AACpC;",
+  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport * as mod from \"@noble/curves/abstract/modular\";\nimport * as utils from \"@noble/curves/abstract/utils\";\nimport { p256 } from \"@noble/curves/p256\";\nimport { MatterError, NoProviderError } from \"../common/MatterError.js\";\nimport { ByteArray, Endian } from \"../util/ByteArray.js\";\nimport { DataReader } from \"../util/DataReader.js\";\nimport { PrivateKey } from \"./Key.js\";\n\nexport const ec = {\n    p256,\n    ...utils,\n    ...mod,\n};\n\nexport const CRYPTO_RANDOM_LENGTH = 32;\nexport const CRYPTO_ENCRYPT_ALGORITHM = \"aes-128-ccm\";\nexport const CRYPTO_HASH_ALGORITHM = \"sha256\";\nexport const CRYPTO_EC_CURVE = \"prime256v1\";\nexport const CRYPTO_EC_KEY_BYTES = 32;\nexport const CRYPTO_AUTH_TAG_LENGTH = 16;\nexport const CRYPTO_SYMMETRIC_KEY_LENGTH = 16;\nexport type CryptoDsaEncoding = \"ieee-p1363\" | \"der\";\n\nexport class CryptoVerifyError extends MatterError {}\n\nexport abstract class Crypto {\n    static get: () => Crypto = () => {\n        throw new NoProviderError(\"No provider configured\");\n    };\n\n    abstract encrypt(key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray;\n    static readonly encrypt = (key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray =>\n        Crypto.get().encrypt(key, data, nonce, aad);\n\n    abstract decrypt(key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray;\n    static readonly decrypt = (key: ByteArray, data: ByteArray, nonce: ByteArray, aad?: ByteArray): ByteArray =>\n        Crypto.get().decrypt(key, data, nonce, aad);\n\n    abstract getRandomData(length: number): ByteArray;\n    static readonly getRandomData = (length: number): ByteArray => Crypto.get().getRandomData(length);\n\n    static readonly getRandom = (): ByteArray => Crypto.get().getRandomData(CRYPTO_RANDOM_LENGTH);\n\n    static readonly getRandomUInt16 = (): number =>\n        new DataReader(Crypto.get().getRandomData(2), Endian.Little).readUInt16();\n\n    static readonly getRandomUInt32 = (): number =>\n        new DataReader(Crypto.get().getRandomData(4), Endian.Little).readUInt32();\n\n    static readonly getRandomBigUInt64 = (): bigint =>\n        new DataReader(Crypto.get().getRandomData(8), Endian.Little).readUInt64();\n\n    static readonly getRandomBigInt = (size: number, maxValue?: bigint): bigint => {\n        const { bytesToNumberBE } = ec;\n        if (maxValue === undefined) {\n            return bytesToNumberBE(Crypto.getRandomData(size));\n        }\n        while (true) {\n            const random = bytesToNumberBE(Crypto.getRandomData(size));\n            if (random < maxValue) return random;\n        }\n    };\n\n    abstract ecdhGeneratePublicKey(): { publicKey: ByteArray; ecdh: any };\n    static readonly ecdhGeneratePublicKey = (): { publicKey: ByteArray; ecdh: any } =>\n        Crypto.get().ecdhGeneratePublicKey();\n\n    abstract ecdhGeneratePublicKeyAndSecret(peerPublicKey: ByteArray): {\n        publicKey: ByteArray;\n        sharedSecret: ByteArray;\n    };\n    static readonly ecdhGeneratePublicKeyAndSecret = (\n        peerPublicKey: ByteArray,\n    ): { publicKey: ByteArray; sharedSecret: ByteArray } => Crypto.get().ecdhGeneratePublicKeyAndSecret(peerPublicKey);\n\n    abstract ecdhGenerateSecret(peerPublicKey: ByteArray, ecdh: any): ByteArray;\n    static readonly ecdhGenerateSecret = (peerPublicKey: ByteArray, ecdh: any): ByteArray =>\n        Crypto.get().ecdhGenerateSecret(peerPublicKey, ecdh);\n\n    abstract hash(data: ByteArray | ByteArray[]): ByteArray;\n    static readonly hash = (data: ByteArray | ByteArray[]): ByteArray => Crypto.get().hash(data);\n\n    abstract pbkdf2(secret: ByteArray, salt: ByteArray, iteration: number, keyLength: number): Promise<ByteArray>;\n    static readonly pbkdf2 = (\n        secret: ByteArray,\n        salt: ByteArray,\n        iteration: number,\n        keyLength: number,\n    ): Promise<ByteArray> => Crypto.get().pbkdf2(secret, salt, iteration, keyLength);\n\n    abstract hkdf(secret: ByteArray, salt: ByteArray, info: ByteArray, length?: number): Promise<ByteArray>;\n    static readonly hkdf = (secret: ByteArray, salt: ByteArray, info: ByteArray, length?: number): Promise<ByteArray> =>\n        Crypto.get().hkdf(secret, salt, info, length);\n\n    abstract hmac(key: ByteArray, data: ByteArray): ByteArray;\n    static readonly hmac = (key: ByteArray, data: ByteArray): ByteArray => Crypto.get().hmac(key, data);\n\n    abstract sign(privateKey: JsonWebKey, data: ByteArray | ByteArray[], dsaEncoding?: CryptoDsaEncoding): ByteArray;\n    static readonly sign = (\n        privateKey: JsonWebKey,\n        data: ByteArray | ByteArray[],\n        dsaEncoding?: CryptoDsaEncoding,\n    ): ByteArray => Crypto.get().sign(privateKey, data, dsaEncoding);\n\n    abstract verify(\n        publicKey: JsonWebKey,\n        data: ByteArray,\n        signature: ByteArray,\n        dsaEncoding?: CryptoDsaEncoding,\n    ): void;\n    static readonly verify = (\n        publicKey: JsonWebKey,\n        data: ByteArray,\n        signature: ByteArray,\n        dsaEncoding?: CryptoDsaEncoding,\n    ): void => Crypto.get().verify(publicKey, data, signature, dsaEncoding);\n\n    abstract createKeyPair(): PrivateKey;\n    static readonly createKeyPair = (): PrivateKey => Crypto.get().createKeyPair();\n}\n\n// Hook for testing frameworks\nif (typeof MatterHooks !== \"undefined\") {\n    MatterHooks.cryptoSetup?.(Crypto);\n}\n"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,YAAY,SAAS;AACrB,YAAY,WAAW;AACvB,SAAS,YAAY;AACrB,SAAS,aAAa,uBAAuB;AAC7C,SAAoB,cAAc;AAClC,SAAS,kBAAkB;AAGpB,MAAM,KAAK;AAAA,EACd;AAAA,EACA,GAAG;AAAA,EACH,GAAG;AACP;AAEO,MAAM,uBAAuB;AAC7B,MAAM,2BAA2B;AACjC,MAAM,wBAAwB;AAC9B,MAAM,kBAAkB;AACxB,MAAM,sBAAsB;AAC5B,MAAM,yBAAyB;AAC/B,MAAM,8BAA8B;AAGpC,MAAM,0BAA0B,YAAY;AAAC;AAE7C,MAAe,OAAO;AAAA,EACzB;AAAA,SAAO,MAAoB,MAAM;AAC7B,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACtD;AAAA;AAAA,EAGA;AAAA,SAAgB,UAAU,CAAC,KAAgB,MAAiB,OAAkB,QAC1E,OAAO,IAAI,EAAE,QAAQ,KAAK,MAAM,OAAO,GAAG;AAAA;AAAA,EAG9C;AAAA,SAAgB,UAAU,CAAC,KAAgB,MAAiB,OAAkB,QAC1E,OAAO,IAAI,EAAE,QAAQ,KAAK,MAAM,OAAO,GAAG;AAAA;AAAA,EAG9C;AAAA,SAAgB,gBAAgB,CAAC,WAA8B,OAAO,IAAI,EAAE,cAAc,MAAM;AAAA;AAAA,EAEhG;AAAA,SAAgB,YAAY,MAAiB,OAAO,IAAI,EAAE,cAAc,oBAAoB;AAAA;AAAA,EAE5F;AAAA,SAAgB,kBAAkB,MAC9B,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,kBAAkB,MAC9B,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,qBAAqB,MACjC,IAAI,WAAW,OAAO,IAAI,EAAE,cAAc,CAAC,GAAG,OAAO,MAAM,EAAE,WAAW;AAAA;AAAA,EAE5E;AAAA,SAAgB,kBAAkB,CAAC,MAAc,aAA8B;AAC3E,YAAM,EAAE,gBAAgB,IAAI;AAC5B,UAAI,aAAa,QAAW;AACxB,eAAO,gBAAgB,OAAO,cAAc,IAAI,CAAC;AAAA,MACrD;AACA,aAAO,MAAM;AACT,cAAM,SAAS,gBAAgB,OAAO,cAAc,IAAI,CAAC;AACzD,YAAI,SAAS,SAAU,QAAO;AAAA,MAClC;AAAA,IACJ;AAAA;AAAA,EAGA;AAAA,SAAgB,wBAAwB,MACpC,OAAO,IAAI,EAAE,sBAAsB;AAAA;AAAA,EAMvC;AAAA,SAAgB,iCAAiC,CAC7C,kBACoD,OAAO,IAAI,EAAE,+BAA+B,aAAa;AAAA;AAAA,EAGjH;AAAA,SAAgB,qBAAqB,CAAC,eAA0B,SAC5D,OAAO,IAAI,EAAE,mBAAmB,eAAe,IAAI;AAAA;AAAA,EAGvD;AAAA,SAAgB,OAAO,CAAC,SAA6C,OAAO,IAAI,EAAE,KAAK,IAAI;AAAA;AAAA,EAG3F;AAAA,SAAgB,SAAS,CACrB,QACA,MACA,WACA,cACqB,OAAO,IAAI,EAAE,OAAO,QAAQ,MAAM,WAAW,SAAS;AAAA;AAAA,EAG/E;AAAA,SAAgB,OAAO,CAAC,QAAmB,MAAiB,MAAiB,WACzE,OAAO,IAAI,EAAE,KAAK,QAAQ,MAAM,MAAM,MAAM;AAAA;AAAA,EAGhD;AAAA,SAAgB,OAAO,CAAC,KAAgB,SAA+B,OAAO,IAAI,EAAE,KAAK,KAAK,IAAI;AAAA;AAAA,EAGlG;AAAA,SAAgB,OAAO,CACnB,YACA,MACA,gBACY,OAAO,IAAI,EAAE,KAAK,YAAY,MAAM,WAAW;AAAA;AAAA,EAQ/D;AAAA,SAAgB,SAAS,CACrB,WACA,MACA,WACA,gBACO,OAAO,IAAI,EAAE,OAAO,WAAW,MAAM,WAAW,WAAW;AAAA;AAAA,EAGtE;AAAA,SAAgB,gBAAgB,MAAkB,OAAO,IAAI,EAAE,cAAc;AAAA;AACjF;AAGA,IAAI,OAAO,gBAAgB,aAAa;AACpC,cAAY,cAAc,MAAM;AACpC;",
   "names": []
 }

package/dist/esm/device/LegacyInteractionServer.d.ts CHANGED Viewed

@@ -6,7 +6,7 @@
 import { MatterDevice } from "../MatterDevice.js";
 import { AnyAttributeServer, AttributeServer } from "../cluster/server/AttributeServer.js";
 import { CommandServer } from "../cluster/server/CommandServer.js";
-import { EventServer } from "../cluster/server/EventServer.js";
+import { AnyEventServer } from "../cluster/server/EventServer.js";
 import { Message } from "../codec/MessageCodec.js";
 import { EndpointInterface } from "../endpoint/EndpointInterface.js";
 import { MessageExchange } from "../protocol/MessageExchange.js";
@@ -25,7 +25,7 @@ export declare class LegacyInteractionServer extends InteractionServer {
         version: number;
         value: any;
     }>;
-    protected readEvent(path: EventPath, eventFilters: TypeFromSchema<typeof TlvEventFilter>[] | undefined, event: EventServer<any, any>, exchange: MessageExchange<MatterDevice>, isFabricFiltered: boolean, message: Message, endpoint: EndpointInterface): Promise<EventStorageData<any>[]>;
+    protected readEvent(path: EventPath, eventFilters: TypeFromSchema<typeof TlvEventFilter>[] | undefined, event: AnyEventServer<any, any>, exchange: MessageExchange<MatterDevice>, isFabricFiltered: boolean, message: Message, endpoint: EndpointInterface): Promise<EventStorageData<any>[]>;
     protected writeAttribute(path: AttributePath, attribute: AttributeServer<any>, value: any, exchange: MessageExchange<MatterDevice>, message: Message, endpoint: EndpointInterface, receivedWithinTimedInteraction?: boolean, isListWrite?: boolean): Promise<void>;
     protected invokeCommand(path: CommandPath, command: CommandServer<any, any>, exchange: MessageExchange<MatterDevice>, commandFields: any, message: Message, endpoint: EndpointInterface, receivedWithinTimedInteraction?: boolean): Promise<{
         code: import("../protocol/interaction/StatusCode.js").StatusCode;

package/dist/esm/device/LegacyInteractionServer.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"LegacyInteractionServer.d.ts","sourceRoot":"","sources":["../../../src/device/LegacyInteractionServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,OAAO,EAAE,kBAAkB,EAAE,eAAe,~~EAAE~~,MAAM,sCAAsC,CAAC;~~AAC3F~~,OAAO,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AACnE,OAAO,EAAE,~~WAAW~~,EAAE,MAAM,kCAAkC,CAAC;~~AAC/D~~,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAGnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAGrE,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAEjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,yCAAyC,CAAC;AAE3E,OAAO,EAAE,cAAc,EAAE,MAAM,gDAAgD,CAAC;AAChF,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAGxH,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAIrD;;;GAGG;AACH,qBAAa,uBAAwB,SAAQ,iBAAiB;;gBAI9C,MAAM,EAAE,iBAAiB,CAAC,aAAa;cA+C1B,aAAa,CAClC,IAAI,EAAE,aAAa,EACnB,SAAS,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAClC,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,gBAAgB,EAAE,OAAO,EACzB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB;;;;~~cAMN~~,SAAS,CAC9B,IAAI,EAAE,SAAS,EACf,YAAY,EAAE,cAAc,CAAC,OAAO,cAAc,CAAC,EAAE,GAAG,SAAS,EACjE,KAAK,EAAE,~~WAAW~~,CAAC,GAAG,EAAE,GAAG,CAAC,~~EAC5B~~,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,gBAAgB,EAAE,OAAO,EACzB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,GAC5B,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;cAKV,cAAc,CACnC,IAAI,EAAE,aAAa,EACnB,SAAS,EAAE,eAAe,CAAC,GAAG,CAAC,EAC/B,KAAK,EAAE,GAAG,EACV,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,EAC3B,8BAA8B,CAAC,EAAE,OAAO,EACxC,WAAW,CAAC,EAAE,OAAO;cAeA,aAAa,CAClC,IAAI,EAAE,WAAW,EACjB,OAAO,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,EAChC,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,aAAa,EAAE,GAAG,EAClB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,EAC3B,8BAA8B,UAAQ;;;;;;CAa7C"}
1	+ {"version":3,"file":"LegacyInteractionServer.d.ts","sourceRoot":"","sources":["../../../src/device/LegacyInteractionServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAA+B,MAAM,sCAAsC,CAAC;AACxH,OAAO,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAGnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAGrE,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAEjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,yCAAyC,CAAC;AAE3E,OAAO,EAAE,cAAc,EAAE,MAAM,gDAAgD,CAAC;AAChF,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,8CAA8C,CAAC;AAGxH,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAIrD;;;GAGG;AACH,qBAAa,uBAAwB,SAAQ,iBAAiB;;gBAI9C,MAAM,EAAE,iBAAiB,CAAC,aAAa;cA+C1B,aAAa,CAClC,IAAI,EAAE,aAAa,EACnB,SAAS,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAClC,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,gBAAgB,EAAE,OAAO,EACzB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB;;;;cAiBN,SAAS,CAC9B,IAAI,EAAE,SAAS,EACf,YAAY,EAAE,cAAc,CAAC,OAAO,cAAc,CAAC,EAAE,GAAG,SAAS,EACjE,KAAK,EAAE,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,EAC/B,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,gBAAgB,EAAE,OAAO,EACzB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,GAC5B,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;cAKV,cAAc,CACnC,IAAI,EAAE,aAAa,EACnB,SAAS,EAAE,eAAe,CAAC,GAAG,CAAC,EAC/B,KAAK,EAAE,GAAG,EACV,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,EAC3B,8BAA8B,CAAC,EAAE,OAAO,EACxC,WAAW,CAAC,EAAE,OAAO;cAeA,aAAa,CAClC,IAAI,EAAE,WAAW,EACjB,OAAO,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,EAChC,QAAQ,EAAE,eAAe,CAAC,YAAY,CAAC,EACvC,aAAa,EAAE,GAAG,EAClB,OAAO,EAAE,OAAO,EAChB,QAAQ,EAAE,iBAAiB,EAC3B,8BAA8B,UAAQ;;;;;;CAa7C"}

package/dist/esm/device/LegacyInteractionServer.js CHANGED Viewed

@@ -4,6 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 import { AccessControlCluster } from "../cluster/definitions/index.js";
+import { FabricScopedAttributeServer } from "../cluster/server/AttributeServer.js";
 import { InternalError } from "../common/MatterError.js";
 import { EndpointNumber } from "../datatype/EndpointNumber.js";
 import { Diagnostic } from "../log/Diagnostic.js";
@@ -54,7 +55,18 @@ class LegacyInteractionServer extends InteractionServer {
   }
   async readAttribute(path, attribute, exchange, isFabricFiltered, message, endpoint) {
     this.#assertAccess(path, exchange, attribute.readAcl);
-    return super.readAttribute(path, attribute, exchange, isFabricFiltered, message, endpoint);
+    const data = await super.readAttribute(path, attribute, exchange, isFabricFiltered, message, endpoint);
+    if (attribute instanceof FabricScopedAttributeServer && !isFabricFiltered) {
+      const { value, version } = data;
+      return {
+        value: attribute.sanitizeFabricSensitiveFields(
+          value,
+          exchange.session.fabric
+        ),
+        version
+      };
+    }
+    return data;
   }
   async readEvent(path, eventFilters, event, exchange, isFabricFiltered, message, endpoint) {
     this.#assertAccess(path, exchange, event.readAcl);

package/dist/esm/device/LegacyInteractionServer.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/device/LegacyInteractionServer.ts"],
-  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport { MatterDevice } from \"../MatterDevice.js\";\nimport { AccessLevel } from \"../cluster/Cluster.js\";\nimport { AccessControlCluster } from \"../cluster/definitions/index.js\";\nimport { AnyAttributeServer, AttributeServer } from \"../cluster/server/AttributeServer.js\";\nimport { CommandServer } from \"../cluster/server/CommandServer.js\";\nimport { EventServer } from \"../cluster/server/EventServer.js\";\nimport { Message } from \"../codec/MessageCodec.js\";\nimport { InternalError } from \"../common/MatterError.js\";\nimport { EndpointNumber } from \"../datatype/EndpointNumber.js\";\nimport { EndpointInterface } from \"../endpoint/EndpointInterface.js\";\nimport { Diagnostic } from \"../log/Diagnostic.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { MessageExchange } from \"../protocol/MessageExchange.js\";\nimport { AccessControlManager, AccessDeniedError } from \"../protocol/interaction/AccessControlManager.js\";\nimport { EventStorageData } from \"../protocol/interaction/EventHandler.js\";\nimport { InteractionEndpointStructure } from \"../protocol/interaction/InteractionEndpointStructure.js\";\nimport { TlvEventFilter } from \"../protocol/interaction/InteractionProtocol.js\";\nimport { AttributePath, CommandPath, EventPath, InteractionServer } from \"../protocol/interaction/InteractionServer.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { Session } from \"../session/Session.js\";\nimport { TypeFromSchema } from \"../tlv/TlvSchema.js\";\n\nconst logger = Logger.get(\"LegacyInteractionServer\");\n\n/**\n * Interactionserver for the legacy API code paths which includes ACL checks before calling the actual\n * attribute/command handlers.\n */\nexport class LegacyInteractionServer extends InteractionServer {\n    #endpointStructure: InteractionEndpointStructure;\n    #aclManager?: AccessControlManager;\n\n    constructor(config: InteractionServer.Configuration) {\n        const { endpointStructure } = config;\n        super(config);\n        this.#endpointStructure = endpointStructure;\n    }\n\n    #getAclManager(session: Session<MatterDevice>) {\n        if (this.#aclManager !== undefined) {\n            return this.#aclManager;\n        }\n        const rootEndpoint = this.#endpointStructure.getEndpoint(EndpointNumber(0));\n        if (rootEndpoint === undefined) {\n            throw new InternalError(\"Root endpoint must exist.\");\n        }\n        const aclCluster = rootEndpoint.getClusterServer(AccessControlCluster);\n        if (aclCluster === undefined) {\n            throw new InternalError(\"Access control cluster must exist on root endpoint.\");\n        }\n        const aclManager = (this.#aclManager = new AccessControlManager(aclCluster.attributes.acl.get(session, false)));\n        aclCluster.subscribeAclAttribute(() => {\n            const completeVal = aclCluster.attributes.acl.get(session, false);\n            logger.info(\"ACL updated\", completeVal);\n            aclManager.updateAccessControlList(completeVal);\n        });\n        return aclManager;\n    }\n\n    #assertAccess(\n        path: AttributePath | EventPath | CommandPath,\n        exchange: MessageExchange<MatterDevice>,\n        desiredAccessLevel: AccessLevel,\n    ) {\n        const { endpointId, clusterId } = path;\n        const endpoint = this.#endpointStructure.getEndpoint(endpointId);\n        if (endpoint === undefined) {\n            throw new InternalError(\"Endpoint not found for ACL check. This should never happen.\");\n        }\n        const aclManager = this.#getAclManager(exchange.session);\n        if (\n            !aclManager.allowsPrivilege(exchange.session as SecureSession<any>, endpoint, clusterId, desiredAccessLevel)\n        ) {\n            throw new AccessDeniedError(\n                `Access to ${endpointId}/${Diagnostic.hex(clusterId)} denied on ${exchange.session.name}.`,\n            );\n        }\n    }\n\n    protected override async readAttribute(\n        path: AttributePath,\n        attribute: AnyAttributeServer<any>,\n        exchange: MessageExchange<MatterDevice>,\n        isFabricFiltered: boolean,\n        message: Message,\n        endpoint: EndpointInterface,\n    ) {\n        this.#assertAccess(path, exchange, attribute.readAcl);\n        return super.readAttribute(path, attribute, exchange, isFabricFiltered, message, endpoint);\n    }\n\n    protected override async readEvent(\n        path: EventPath,\n        eventFilters: TypeFromSchema<typeof TlvEventFilter>[] | undefined,\n        event: EventServer<any, any>,\n        exchange: MessageExchange<MatterDevice>,\n        isFabricFiltered: boolean,\n        message: Message,\n        endpoint: EndpointInterface,\n    ): Promise<EventStorageData<any>[]> {\n        this.#assertAccess(path, exchange, event.readAcl);\n        return super.readEvent(path, eventFilters, event, exchange, isFabricFiltered, message, endpoint);\n    }\n\n    protected override async writeAttribute(\n        path: AttributePath,\n        attribute: AttributeServer<any>,\n        value: any,\n        exchange: MessageExchange<MatterDevice>,\n        message: Message,\n        endpoint: EndpointInterface,\n        receivedWithinTimedInteraction?: boolean,\n        isListWrite?: boolean,\n    ) {\n        this.#assertAccess(path, exchange, attribute.writeAcl);\n        return super.writeAttribute(\n            path,\n            attribute,\n            value,\n            exchange,\n            message,\n            endpoint,\n            receivedWithinTimedInteraction,\n            isListWrite,\n        );\n    }\n\n    protected override async invokeCommand(\n        path: CommandPath,\n        command: CommandServer<any, any>,\n        exchange: MessageExchange<MatterDevice>,\n        commandFields: any,\n        message: Message,\n        endpoint: EndpointInterface,\n        receivedWithinTimedInteraction = false,\n    ) {\n        this.#assertAccess(path, exchange, command.invokeAcl);\n        return super.invokeCommand(\n            path,\n            command,\n            exchange,\n            commandFields,\n            message,\n            endpoint,\n            receivedWithinTimedInteraction,\n        );\n    }\n}\n"],
-  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAQA,SAAS,4BAA4B;AAKrC,SAAS,qBAAqB;AAC9B,SAAS,sBAAsB;AAE/B,SAAS,kBAAkB;AAC3B,SAAS,cAAc;AAEvB,SAAS,sBAAsB,yBAAyB;AAIxD,SAAgD,yBAAyB;AAKzE,MAAM,SAAS,OAAO,IAAI,yBAAyB;AAM5C,MAAM,gCAAgC,kBAAkB;AAAA,EAC3D;AAAA,EACA;AAAA,EAEA,YAAY,QAAyC;AACjD,UAAM,EAAE,kBAAkB,IAAI;AAC9B,UAAM,MAAM;AACZ,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEA,eAAe,SAAgC;AAC3C,QAAI,KAAK,gBAAgB,QAAW;AAChC,aAAO,KAAK;AAAA,IAChB;AACA,UAAM,eAAe,KAAK,mBAAmB,YAAY,eAAe,CAAC,CAAC;AAC1E,QAAI,iBAAiB,QAAW;AAC5B,YAAM,IAAI,cAAc,2BAA2B;AAAA,IACvD;AACA,UAAM,aAAa,aAAa,iBAAiB,oBAAoB;AACrE,QAAI,eAAe,QAAW;AAC1B,YAAM,IAAI,cAAc,qDAAqD;AAAA,IACjF;AACA,UAAM,aAAc,KAAK,cAAc,IAAI,qBAAqB,WAAW,WAAW,IAAI,IAAI,SAAS,KAAK,CAAC;AAC7G,eAAW,sBAAsB,MAAM;AACnC,YAAM,cAAc,WAAW,WAAW,IAAI,IAAI,SAAS,KAAK;AAChE,aAAO,KAAK,eAAe,WAAW;AACtC,iBAAW,wBAAwB,WAAW;AAAA,IAClD,CAAC;AACD,WAAO;AAAA,EACX;AAAA,EAEA,cACI,MACA,UACA,oBACF;AACE,UAAM,EAAE,YAAY,UAAU,IAAI;AAClC,UAAM,WAAW,KAAK,mBAAmB,YAAY,UAAU;AAC/D,QAAI,aAAa,QAAW;AACxB,YAAM,IAAI,cAAc,6DAA6D;AAAA,IACzF;AACA,UAAM,aAAa,KAAK,eAAe,SAAS,OAAO;AACvD,QACI,CAAC,WAAW,gBAAgB,SAAS,SAA+B,UAAU,WAAW,kBAAkB,GAC7G;AACE,YAAM,IAAI;AAAA,QACN,aAAa,UAAU,IAAI,WAAW,IAAI,SAAS,CAAC,cAAc,SAAS,QAAQ,IAAI;AAAA,MAC3F;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAyB,cACrB,MACA,WACA,UACA,kBACA,SACA,UACF;AACE,SAAK,cAAc,MAAM,UAAU,UAAU,OAAO;AACpD,WAAO,MAAM,cAAc,MAAM,WAAW,UAAU,kBAAkB,SAAS,QAAQ;AAAA,EAC7F;AAAA,EAEA,MAAyB,UACrB,MACA,cACA,OACA,UACA,kBACA,SACA,UACgC;AAChC,SAAK,cAAc,MAAM,UAAU,MAAM,OAAO;AAChD,WAAO,MAAM,UAAU,MAAM,cAAc,OAAO,UAAU,kBAAkB,SAAS,QAAQ;AAAA,EACnG;AAAA,EAEA,MAAyB,eACrB,MACA,WACA,OACA,UACA,SACA,UACA,gCACA,aACF;AACE,SAAK,cAAc,MAAM,UAAU,UAAU,QAAQ;AACrD,WAAO,MAAM;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAyB,cACrB,MACA,SACA,UACA,eACA,SACA,UACA,iCAAiC,OACnC;AACE,SAAK,cAAc,MAAM,UAAU,QAAQ,SAAS;AACpD,WAAO,MAAM;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;",
+  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport { MatterDevice } from \"../MatterDevice.js\";\nimport { AccessLevel } from \"../cluster/Cluster.js\";\nimport { AccessControlCluster } from \"../cluster/definitions/index.js\";\nimport { AnyAttributeServer, AttributeServer, FabricScopedAttributeServer } from \"../cluster/server/AttributeServer.js\";\nimport { CommandServer } from \"../cluster/server/CommandServer.js\";\nimport { AnyEventServer } from \"../cluster/server/EventServer.js\";\nimport { Message } from \"../codec/MessageCodec.js\";\nimport { InternalError } from \"../common/MatterError.js\";\nimport { EndpointNumber } from \"../datatype/EndpointNumber.js\";\nimport { EndpointInterface } from \"../endpoint/EndpointInterface.js\";\nimport { Diagnostic } from \"../log/Diagnostic.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { MessageExchange } from \"../protocol/MessageExchange.js\";\nimport { AccessControlManager, AccessDeniedError } from \"../protocol/interaction/AccessControlManager.js\";\nimport { EventStorageData } from \"../protocol/interaction/EventHandler.js\";\nimport { InteractionEndpointStructure } from \"../protocol/interaction/InteractionEndpointStructure.js\";\nimport { TlvEventFilter } from \"../protocol/interaction/InteractionProtocol.js\";\nimport { AttributePath, CommandPath, EventPath, InteractionServer } from \"../protocol/interaction/InteractionServer.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { Session } from \"../session/Session.js\";\nimport { TypeFromSchema } from \"../tlv/TlvSchema.js\";\n\nconst logger = Logger.get(\"LegacyInteractionServer\");\n\n/**\n * Interactionserver for the legacy API code paths which includes ACL checks before calling the actual\n * attribute/command handlers.\n */\nexport class LegacyInteractionServer extends InteractionServer {\n    #endpointStructure: InteractionEndpointStructure;\n    #aclManager?: AccessControlManager;\n\n    constructor(config: InteractionServer.Configuration) {\n        const { endpointStructure } = config;\n        super(config);\n        this.#endpointStructure = endpointStructure;\n    }\n\n    #getAclManager(session: Session<MatterDevice>) {\n        if (this.#aclManager !== undefined) {\n            return this.#aclManager;\n        }\n        const rootEndpoint = this.#endpointStructure.getEndpoint(EndpointNumber(0));\n        if (rootEndpoint === undefined) {\n            throw new InternalError(\"Root endpoint must exist.\");\n        }\n        const aclCluster = rootEndpoint.getClusterServer(AccessControlCluster);\n        if (aclCluster === undefined) {\n            throw new InternalError(\"Access control cluster must exist on root endpoint.\");\n        }\n        const aclManager = (this.#aclManager = new AccessControlManager(aclCluster.attributes.acl.get(session, false)));\n        aclCluster.subscribeAclAttribute(() => {\n            const completeVal = aclCluster.attributes.acl.get(session, false);\n            logger.info(\"ACL updated\", completeVal);\n            aclManager.updateAccessControlList(completeVal);\n        });\n        return aclManager;\n    }\n\n    #assertAccess(\n        path: AttributePath | EventPath | CommandPath,\n        exchange: MessageExchange<MatterDevice>,\n        desiredAccessLevel: AccessLevel,\n    ) {\n        const { endpointId, clusterId } = path;\n        const endpoint = this.#endpointStructure.getEndpoint(endpointId);\n        if (endpoint === undefined) {\n            throw new InternalError(\"Endpoint not found for ACL check. This should never happen.\");\n        }\n        const aclManager = this.#getAclManager(exchange.session);\n        if (\n            !aclManager.allowsPrivilege(exchange.session as SecureSession<any>, endpoint, clusterId, desiredAccessLevel)\n        ) {\n            throw new AccessDeniedError(\n                `Access to ${endpointId}/${Diagnostic.hex(clusterId)} denied on ${exchange.session.name}.`,\n            );\n        }\n    }\n\n    protected override async readAttribute(\n        path: AttributePath,\n        attribute: AnyAttributeServer<any>,\n        exchange: MessageExchange<MatterDevice>,\n        isFabricFiltered: boolean,\n        message: Message,\n        endpoint: EndpointInterface,\n    ) {\n        this.#assertAccess(path, exchange, attribute.readAcl);\n        const data = await super.readAttribute(path, attribute, exchange, isFabricFiltered, message, endpoint);\n        if (attribute instanceof FabricScopedAttributeServer && !isFabricFiltered) {\n            const { value, version } = data;\n            return {\n                value: attribute.sanitizeFabricSensitiveFields(\n                    value,\n                    (exchange.session as SecureSession<MatterDevice>).fabric,\n                ),\n                version,\n            };\n        }\n        return data;\n    }\n\n    protected override async readEvent(\n        path: EventPath,\n        eventFilters: TypeFromSchema<typeof TlvEventFilter>[] | undefined,\n        event: AnyEventServer<any, any>,\n        exchange: MessageExchange<MatterDevice>,\n        isFabricFiltered: boolean,\n        message: Message,\n        endpoint: EndpointInterface,\n    ): Promise<EventStorageData<any>[]> {\n        this.#assertAccess(path, exchange, event.readAcl);\n        return super.readEvent(path, eventFilters, event, exchange, isFabricFiltered, message, endpoint);\n    }\n\n    protected override async writeAttribute(\n        path: AttributePath,\n        attribute: AttributeServer<any>,\n        value: any,\n        exchange: MessageExchange<MatterDevice>,\n        message: Message,\n        endpoint: EndpointInterface,\n        receivedWithinTimedInteraction?: boolean,\n        isListWrite?: boolean,\n    ) {\n        this.#assertAccess(path, exchange, attribute.writeAcl);\n        return super.writeAttribute(\n            path,\n            attribute,\n            value,\n            exchange,\n            message,\n            endpoint,\n            receivedWithinTimedInteraction,\n            isListWrite,\n        );\n    }\n\n    protected override async invokeCommand(\n        path: CommandPath,\n        command: CommandServer<any, any>,\n        exchange: MessageExchange<MatterDevice>,\n        commandFields: any,\n        message: Message,\n        endpoint: EndpointInterface,\n        receivedWithinTimedInteraction = false,\n    ) {\n        this.#assertAccess(path, exchange, command.invokeAcl);\n        return super.invokeCommand(\n            path,\n            command,\n            exchange,\n            commandFields,\n            message,\n            endpoint,\n            receivedWithinTimedInteraction,\n        );\n    }\n}\n"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAQA,SAAS,4BAA4B;AACrC,SAA8C,mCAAmC;AAIjF,SAAS,qBAAqB;AAC9B,SAAS,sBAAsB;AAE/B,SAAS,kBAAkB;AAC3B,SAAS,cAAc;AAEvB,SAAS,sBAAsB,yBAAyB;AAIxD,SAAgD,yBAAyB;AAKzE,MAAM,SAAS,OAAO,IAAI,yBAAyB;AAM5C,MAAM,gCAAgC,kBAAkB;AAAA,EAC3D;AAAA,EACA;AAAA,EAEA,YAAY,QAAyC;AACjD,UAAM,EAAE,kBAAkB,IAAI;AAC9B,UAAM,MAAM;AACZ,SAAK,qBAAqB;AAAA,EAC9B;AAAA,EAEA,eAAe,SAAgC;AAC3C,QAAI,KAAK,gBAAgB,QAAW;AAChC,aAAO,KAAK;AAAA,IAChB;AACA,UAAM,eAAe,KAAK,mBAAmB,YAAY,eAAe,CAAC,CAAC;AAC1E,QAAI,iBAAiB,QAAW;AAC5B,YAAM,IAAI,cAAc,2BAA2B;AAAA,IACvD;AACA,UAAM,aAAa,aAAa,iBAAiB,oBAAoB;AACrE,QAAI,eAAe,QAAW;AAC1B,YAAM,IAAI,cAAc,qDAAqD;AAAA,IACjF;AACA,UAAM,aAAc,KAAK,cAAc,IAAI,qBAAqB,WAAW,WAAW,IAAI,IAAI,SAAS,KAAK,CAAC;AAC7G,eAAW,sBAAsB,MAAM;AACnC,YAAM,cAAc,WAAW,WAAW,IAAI,IAAI,SAAS,KAAK;AAChE,aAAO,KAAK,eAAe,WAAW;AACtC,iBAAW,wBAAwB,WAAW;AAAA,IAClD,CAAC;AACD,WAAO;AAAA,EACX;AAAA,EAEA,cACI,MACA,UACA,oBACF;AACE,UAAM,EAAE,YAAY,UAAU,IAAI;AAClC,UAAM,WAAW,KAAK,mBAAmB,YAAY,UAAU;AAC/D,QAAI,aAAa,QAAW;AACxB,YAAM,IAAI,cAAc,6DAA6D;AAAA,IACzF;AACA,UAAM,aAAa,KAAK,eAAe,SAAS,OAAO;AACvD,QACI,CAAC,WAAW,gBAAgB,SAAS,SAA+B,UAAU,WAAW,kBAAkB,GAC7G;AACE,YAAM,IAAI;AAAA,QACN,aAAa,UAAU,IAAI,WAAW,IAAI,SAAS,CAAC,cAAc,SAAS,QAAQ,IAAI;AAAA,MAC3F;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAyB,cACrB,MACA,WACA,UACA,kBACA,SACA,UACF;AACE,SAAK,cAAc,MAAM,UAAU,UAAU,OAAO;AACpD,UAAM,OAAO,MAAM,MAAM,cAAc,MAAM,WAAW,UAAU,kBAAkB,SAAS,QAAQ;AACrG,QAAI,qBAAqB,+BAA+B,CAAC,kBAAkB;AACvE,YAAM,EAAE,OAAO,QAAQ,IAAI;AAC3B,aAAO;AAAA,QACH,OAAO,UAAU;AAAA,UACb;AAAA,UACC,SAAS,QAAwC;AAAA,QACtD;AAAA,QACA;AAAA,MACJ;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AAAA,EAEA,MAAyB,UACrB,MACA,cACA,OACA,UACA,kBACA,SACA,UACgC;AAChC,SAAK,cAAc,MAAM,UAAU,MAAM,OAAO;AAChD,WAAO,MAAM,UAAU,MAAM,cAAc,OAAO,UAAU,kBAAkB,SAAS,QAAQ;AAAA,EACnG;AAAA,EAEA,MAAyB,eACrB,MACA,WACA,OACA,UACA,SACA,UACA,gCACA,aACF;AACE,SAAK,cAAc,MAAM,UAAU,UAAU,QAAQ;AACrD,WAAO,MAAM;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,MAAyB,cACrB,MACA,SACA,UACA,eACA,SACA,UACA,iCAAiC,OACnC;AACE,SAAK,cAAc,MAAM,UAAU,QAAQ,SAAS;AACpD,WAAO,MAAM;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AACJ;",
   "names": []
 }

package/dist/esm/fabric/Fabric.d.ts CHANGED Viewed

@@ -114,6 +114,7 @@ export declare class FabricBuilder {
     get fabricIndex(): FabricIndex | undefined;
     createCertificateSigningRequest(): Uint8Array;
     setRootCert(rootCert: ByteArray): this;
+    get rootCert(): Uint8Array | undefined;
     hasRootCert(): boolean;
     setOperationalCert(operationalCert: ByteArray, intermediateCACert?: ByteArray): this;
     setRootVendorId(rootVendorId: VendorId): this;

package/dist/esm/fabric/Fabric.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Fabric.d.ts","sourceRoot":"","sources":["../../../src/fabric/Fabric.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,qDAAqD,CAAC;AACzF,OAAO,EAAiB,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AAEvF,OAAO,EAAE,aAAa,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AAErE,OAAO,EAAE,SAAS,EAAU,MAAM,sBAAsB,CAAC;AAEzD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAOnD,qBAAa,cAAe,SAAQ,WAAW;CAAG;AAElD,MAAM,MAAM,gBAAgB,GAAG;IAC3B,WAAW,EAAE,WAAW,CAAC;IACzB,QAAQ,EAAE,QAAQ,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,SAAS,CAAC;IACzB,aAAa,EAAE,SAAS,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,YAAY,EAAE,QAAQ,CAAC;IACvB,QAAQ,EAAE,SAAS,CAAC;IACpB,qBAAqB,EAAE,SAAS,CAAC;IACjC,gCAAgC,EAAE,SAAS,CAAC;IAC5C,kBAAkB,EAAE,SAAS,GAAG,SAAS,CAAC;IAC1C,eAAe,EAAE,SAAS,CAAC;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,qBAAqB,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAC/C,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC,CAAC;CACtE,CAAC;AAwCF,MAAM,MAAM,wBAAwB,GAAG;IACnC,WAAW,EAAE,WAAW,CAAC;IACzB,QAAQ,EAAE,QAAQ,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,QAAQ,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,qBAAa,MAAM;;IAUX,QAAQ,CAAC,WAAW,EAAE,WAAW;IACjC,QAAQ,CAAC,QAAQ,EAAE,QAAQ;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,UAAU,EAAE,MAAM;IAC3B,QAAQ,CAAC,aAAa,EAAE,SAAS;IACjC,QAAQ,CAAC,aAAa,EAAE,SAAS;IAEjC,QAAQ,CAAC,YAAY,EAAE,QAAQ;IAC/B,QAAQ,CAAC,QAAQ,EAAE,SAAS;IAC5B,QAAQ,CAAC,qBAAqB,EAAE,SAAS;IACzC,QAAQ,CAAC,gCAAgC,EAAE,SAAS;IACpD,QAAQ,CAAC,kBAAkB,EAAE,SAAS,GAAG,SAAS;IAClD,QAAQ,CAAC,eAAe,EAAE,SAAS;IAC5B,KAAK,EAAE,MAAM;IACpB,QAAQ,CAAC,qBAAqB;gBAdrB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,SAAS,EACxB,aAAa,EAAE,SAAS,EACjC,OAAO,EAAE,GAAG,EACH,YAAY,EAAE,QAAQ,EACtB,QAAQ,EAAE,SAAS,EACnB,qBAAqB,EAAE,SAAS,EAChC,gCAAgC,EAAE,SAAS,EAC3C,kBAAkB,EAAE,SAAS,GAAG,SAAS,EACzC,eAAe,EAAE,SAAS,EAC5B,KAAK,EAAE,MAAM,EACX,qBAAqB,yBAAoC,EAClE,iBAAiB,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;IAMvE,eAAe,IAAI,gBAAgB;IAqBnC,MAAM,CAAC,uBAAuB,CAAC,YAAY,EAAE,gBAAgB,GAAG,MAAM;IAqBhE,QAAQ,CAAC,KAAK,EAAE,MAAM;IAK5B,IAAI,SAAS,eAEZ;IAED,IAAI,CAAC,IAAI,EAAE,SAAS;IAIpB,iBAAiB,CAAC,eAAe,EAAE,SAAS,EAAE,kBAAkB,CAAC,EAAE,SAAS;IAuB5E,+BAA+B,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,SAAS;IAI5E,cAAc,CAAC,OAAO,EAAE,GAAG;IAI3B,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS;IASlD,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC;IAItC,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC;IAOzC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,YAAY,CAAC,IAAI,CAAC;IAIpD,oBAAoB,CAAC,QAAQ,EAAE,MAAM,YAAY,CAAC,IAAI,CAAC;IAOvD,IAAI,eAAe,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,EAAE,OAAO,KAAK,YAAY,CAAC,IAAI,CAAC,EAGvE;IAEK,MAAM,CAAC,gBAAgB,CAAC,EAAE,MAAM;IAStC,OAAO,CAAC,QAAQ,UAAO;IAIvB,yBAAyB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM,GAAG,CAAC,GAAG,SAAS;IAQ9G,yBAAyB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAQxG,4BAA4B,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM;IAQ9F,yBAAyB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM;IAI3F,uBAAuB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;IAKjE,wBAAwB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,MAAM,EAAE;IAO7E,cAAc,CAAC,aAAa,EAAE,MAAM;;;;;;;;;;;IAQpC,OAAO,CAAC,iBAAiB;IAoBzB,kBAAkB;;;;;;;;;;;IAKlB,IAAI,mBAAmB,IAAI,wBAAwB,CASlD;CACJ;AAED,qBAAa,aAAa;;IAetB,IAAI,SAAS,eAEZ;IAED,IAAI,WAAW,4BAEd;IAED,+BAA+B;IAI/B,WAAW,CAAC,QAAQ,EAAE,SAAS;~~IAO~~/B,WAAW;IAIX,kBAAkB,CAAC,eAAe,EAAE,SAAS,EAAE,kBAAkB,CAAC,EAAE,SAAS;IAgD7E,eAAe,CAAC,YAAY,EAAE,QAAQ;IAKtC,aAAa,CAAC,UAAU,EAAE,MAAM;IAKhC,wBAAwB,CAAC,GAAG,EAAE,SAAS;IAKvC,6BAA6B,CAAC,MAAM,EAAE,MAAM;IAS5C,eAAe,CAAC,MAAM,EAAE,MAAM;IAO9B,IAAI,MAAM,uBAET;IAED,IAAI,QAAQ,yBAEX;IAED,IAAI,OAAO,eAEV;IAEK,KAAK,CAAC,WAAW,EAAE,WAAW;CAsCvC"}
1	+ {"version":3,"file":"Fabric.d.ts","sourceRoot":"","sources":["../../../src/fabric/Fabric.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH,OAAO,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,qDAAqD,CAAC;AACzF,OAAO,EAAiB,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AAEvF,OAAO,EAAE,aAAa,EAAE,GAAG,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AAErE,OAAO,EAAE,SAAS,EAAU,MAAM,sBAAsB,CAAC;AAEzD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAOnD,qBAAa,cAAe,SAAQ,WAAW;CAAG;AAElD,MAAM,MAAM,gBAAgB,GAAG;IAC3B,WAAW,EAAE,WAAW,CAAC;IACzB,QAAQ,EAAE,QAAQ,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,SAAS,CAAC;IACzB,aAAa,EAAE,SAAS,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,YAAY,EAAE,QAAQ,CAAC;IACvB,QAAQ,EAAE,SAAS,CAAC;IACpB,qBAAqB,EAAE,SAAS,CAAC;IACjC,gCAAgC,EAAE,SAAS,CAAC;IAC5C,kBAAkB,EAAE,SAAS,GAAG,SAAS,CAAC;IAC1C,eAAe,EAAE,SAAS,CAAC;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,qBAAqB,CAAC,EAAE,oBAAoB,EAAE,CAAC;IAC/C,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC,CAAC;CACtE,CAAC;AAwCF,MAAM,MAAM,wBAAwB,GAAG;IACnC,WAAW,EAAE,WAAW,CAAC;IACzB,QAAQ,EAAE,QAAQ,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,QAAQ,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,qBAAa,MAAM;;IAUX,QAAQ,CAAC,WAAW,EAAE,WAAW;IACjC,QAAQ,CAAC,QAAQ,EAAE,QAAQ;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM;IACvB,QAAQ,CAAC,UAAU,EAAE,MAAM;IAC3B,QAAQ,CAAC,aAAa,EAAE,SAAS;IACjC,QAAQ,CAAC,aAAa,EAAE,SAAS;IAEjC,QAAQ,CAAC,YAAY,EAAE,QAAQ;IAC/B,QAAQ,CAAC,QAAQ,EAAE,SAAS;IAC5B,QAAQ,CAAC,qBAAqB,EAAE,SAAS;IACzC,QAAQ,CAAC,gCAAgC,EAAE,SAAS;IACpD,QAAQ,CAAC,kBAAkB,EAAE,SAAS,GAAG,SAAS;IAClD,QAAQ,CAAC,eAAe,EAAE,SAAS;IAC5B,KAAK,EAAE,MAAM;IACpB,QAAQ,CAAC,qBAAqB;gBAdrB,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,SAAS,EACxB,aAAa,EAAE,SAAS,EACjC,OAAO,EAAE,GAAG,EACH,YAAY,EAAE,QAAQ,EACtB,QAAQ,EAAE,SAAS,EACnB,qBAAqB,EAAE,SAAS,EAChC,gCAAgC,EAAE,SAAS,EAC3C,kBAAkB,EAAE,SAAS,GAAG,SAAS,EACzC,eAAe,EAAE,SAAS,EAC5B,KAAK,EAAE,MAAM,EACX,qBAAqB,yBAAoC,EAClE,iBAAiB,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;IAMvE,eAAe,IAAI,gBAAgB;IAqBnC,MAAM,CAAC,uBAAuB,CAAC,YAAY,EAAE,gBAAgB,GAAG,MAAM;IAqBhE,QAAQ,CAAC,KAAK,EAAE,MAAM;IAK5B,IAAI,SAAS,eAEZ;IAED,IAAI,CAAC,IAAI,EAAE,SAAS;IAIpB,iBAAiB,CAAC,eAAe,EAAE,SAAS,EAAE,kBAAkB,CAAC,EAAE,SAAS;IAuB5E,+BAA+B,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,SAAS;IAI5E,cAAc,CAAC,OAAO,EAAE,GAAG;IAI3B,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS;IASlD,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC;IAItC,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC;IAOzC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,YAAY,CAAC,IAAI,CAAC;IAIpD,oBAAoB,CAAC,QAAQ,EAAE,MAAM,YAAY,CAAC,IAAI,CAAC;IAOvD,IAAI,eAAe,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,EAAE,OAAO,KAAK,YAAY,CAAC,IAAI,CAAC,EAGvE;IAEK,MAAM,CAAC,gBAAgB,CAAC,EAAE,MAAM;IAStC,OAAO,CAAC,QAAQ,UAAO;IAIvB,yBAAyB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM,GAAG,CAAC,GAAG,SAAS;IAQ9G,yBAAyB,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAQxG,4BAA4B,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM;IAQ9F,yBAAyB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,cAAc,EAAE,MAAM;IAI3F,uBAAuB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;IAKjE,wBAAwB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,MAAM,EAAE;IAO7E,cAAc,CAAC,aAAa,EAAE,MAAM;;;;;;;;;;;IAQpC,OAAO,CAAC,iBAAiB;IAoBzB,kBAAkB;;;;;;;;;;;IAKlB,IAAI,mBAAmB,IAAI,wBAAwB,CASlD;CACJ;AAED,qBAAa,aAAa;;IAetB,IAAI,SAAS,eAEZ;IAED,IAAI,WAAW,4BAEd;IAED,+BAA+B;IAI/B,WAAW,CAAC,QAAQ,EAAE,SAAS;IAS/B,IAAI,QAAQ,2BAEX;IAED,WAAW;IAIX,kBAAkB,CAAC,eAAe,EAAE,SAAS,EAAE,kBAAkB,CAAC,EAAE,SAAS;IAgD7E,eAAe,CAAC,YAAY,EAAE,QAAQ;IAKtC,aAAa,CAAC,UAAU,EAAE,MAAM;IAKhC,wBAAwB,CAAC,GAAG,EAAE,SAAS;IAKvC,6BAA6B,CAAC,MAAM,EAAE,MAAM;IAS5C,eAAe,CAAC,MAAM,EAAE,MAAM;IAO9B,IAAI,MAAM,uBAET;IAED,IAAI,QAAQ,yBAEX;IAED,IAAI,OAAO,eAEV;IAEK,KAAK,CAAC,WAAW,EAAE,WAAW;CAsCvC"}

package/dist/esm/fabric/Fabric.js CHANGED Viewed

@@ -287,10 +287,15 @@ class FabricBuilder {
   }
   setRootCert(rootCert) {
     const decodedRootCertificate = TlvRootCertificate.decode(rootCert);
+    CertificateManager.verifyRootCertificate(decodedRootCertificate);
     this.#rootCert = rootCert;
     this.#rootPublicKey = decodedRootCertificate.ellipticCurvePublicKey;
     return this;
   }
+  // TODO Remove when legacy API gets removed because then no longer needed
+  get rootCert() {
+    return this.#rootCert;
+  }
   hasRootCert() {
     return this.#rootCert !== void 0;
   }

package/dist/esm/fabric/Fabric.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/fabric/Fabric.ts"],
-  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport {\n    CertificateManager,\n    TlvIntermediateCertificate,\n    TlvOperationalCertificate,\n    TlvRootCertificate,\n} from \"../certificate/CertificateManager.js\";\nimport { Cluster } from \"../cluster/Cluster.js\";\nimport { GroupKeyManagement } from \"../cluster/definitions/GroupKeyManagementCluster.js\";\nimport { InternalError, MatterError, MatterFlowError } from \"../common/MatterError.js\";\nimport { Crypto } from \"../crypto/Crypto.js\";\nimport { BinaryKeyPair, Key, PrivateKey } from \"../crypto/Key.js\";\nimport { CaseAuthenticatedTag } from \"../datatype/CaseAuthenticatedTag.js\";\nimport { FabricId } from \"../datatype/FabricId.js\";\nimport { FabricIndex } from \"../datatype/FabricIndex.js\";\nimport { NodeId } from \"../datatype/NodeId.js\";\nimport { VendorId } from \"../datatype/VendorId.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { SupportedStorageTypes } from \"../storage/StringifyTools.js\";\nimport { TypeFromSchema } from \"../tlv/TlvSchema.js\";\nimport { ByteArray, Endian } from \"../util/ByteArray.js\";\nimport { DataWriter } from \"../util/DataWriter.js\";\nimport { MaybePromise } from \"../util/Promises.js\";\n\nconst logger = Logger.get(\"Fabric\");\n\nconst COMPRESSED_FABRIC_ID_INFO = ByteArray.fromString(\"CompressedFabric\");\nconst GROUP_SECURITY_INFO = ByteArray.fromString(\"GroupKey v1.0\");\n\nexport class PublicKeyError extends MatterError {}\n\nexport type FabricJsonObject = {\n    fabricIndex: FabricIndex;\n    fabricId: FabricId;\n    nodeId: NodeId;\n    rootNodeId: NodeId;\n    operationalId: ByteArray;\n    rootPublicKey: ByteArray;\n    keyPair: BinaryKeyPair;\n    rootVendorId: VendorId;\n    rootCert: ByteArray;\n    identityProtectionKey: ByteArray;\n    operationalIdentityProtectionKey: ByteArray;\n    intermediateCACert: ByteArray | undefined;\n    operationalCert: ByteArray;\n    label: string;\n    caseAuthenticatedTags?: CaseAuthenticatedTag[];\n    scopedClusterData: Map<number, Map<string, SupportedStorageTypes>>;\n};\n\ntype OperationalGroupKeySet = TypeFromSchema<typeof GroupKeyManagement.TlvGroupKeySetStruct> & {\n    operationalEpochKey0: ByteArray;\n    groupSessionId0: number | null;\n    operationalEpochKey1: ByteArray | null;\n    groupSessionId1: number | null;\n    operationalEpochKey2: ByteArray | null;\n    groupSessionId2: number | null;\n};\n\nnamespace OperationalGroupKeySet {\n    export const asTlvGroupSet = (\n        operationalGroupSet: OperationalGroupKeySet,\n    ): TypeFromSchema<typeof GroupKeyManagement.TlvGroupKeySetStruct> => {\n        const {\n            groupKeySetId,\n            epochKey0,\n            epochStartTime0,\n            epochKey1,\n            epochStartTime1,\n            epochKey2,\n            epochStartTime2,\n            groupKeySecurityPolicy,\n            groupKeyMulticastPolicy,\n        } = operationalGroupSet;\n        return {\n            groupKeySetId,\n            epochKey0,\n            epochStartTime0,\n            epochKey1,\n            epochStartTime1,\n            epochKey2,\n            epochStartTime2,\n            groupKeySecurityPolicy,\n            groupKeyMulticastPolicy,\n        };\n    };\n}\n\nexport type ExposedFabricInformation = {\n    fabricIndex: FabricIndex;\n    fabricId: FabricId;\n    nodeId: NodeId;\n    rootNodeId: NodeId;\n    rootVendorId: VendorId;\n    label: string;\n};\n\nexport class Fabric {\n    readonly #sessions = new Array<SecureSession<any>>();\n    readonly #scopedClusterData: Map<number, any>;\n\n    readonly #keyPair: Key;\n\n    #removeCallbacks = new Array<() => MaybePromise<void>>();\n    #persistCallback: ((isUpdate?: boolean) => MaybePromise<void>) | undefined;\n\n    constructor(\n        readonly fabricIndex: FabricIndex,\n        readonly fabricId: FabricId,\n        readonly nodeId: NodeId,\n        readonly rootNodeId: NodeId,\n        readonly operationalId: ByteArray,\n        readonly rootPublicKey: ByteArray,\n        keyPair: Key,\n        readonly rootVendorId: VendorId,\n        readonly rootCert: ByteArray,\n        readonly identityProtectionKey: ByteArray,\n        readonly operationalIdentityProtectionKey: ByteArray,\n        readonly intermediateCACert: ByteArray | undefined,\n        readonly operationalCert: ByteArray,\n        public label: string,\n        readonly caseAuthenticatedTags = new Array<CaseAuthenticatedTag>(),\n        scopedClusterData?: Map<number, Map<string, SupportedStorageTypes>>,\n    ) {\n        this.#keyPair = keyPair;\n        this.#scopedClusterData = scopedClusterData ?? new Map<number, Map<string, SupportedStorageTypes>>();\n    }\n\n    toStorageObject(): FabricJsonObject {\n        return {\n            fabricIndex: this.fabricIndex,\n            fabricId: this.fabricId,\n            nodeId: this.nodeId,\n            rootNodeId: this.rootNodeId,\n            operationalId: this.operationalId,\n            rootPublicKey: this.rootPublicKey,\n            keyPair: this.#keyPair.keyPair,\n            rootVendorId: this.rootVendorId,\n            rootCert: this.rootCert,\n            identityProtectionKey: this.identityProtectionKey,\n            operationalIdentityProtectionKey: this.operationalIdentityProtectionKey,\n            intermediateCACert: this.intermediateCACert,\n            operationalCert: this.operationalCert,\n            label: this.label,\n            caseAuthenticatedTags: this.caseAuthenticatedTags,\n            scopedClusterData: this.#scopedClusterData,\n        };\n    }\n\n    static createFromStorageObject(fabricObject: FabricJsonObject): Fabric {\n        return new Fabric(\n            fabricObject.fabricIndex,\n            fabricObject.fabricId,\n            fabricObject.nodeId,\n            fabricObject.rootNodeId,\n            fabricObject.operationalId,\n            fabricObject.rootPublicKey,\n            PrivateKey(fabricObject.keyPair),\n            fabricObject.rootVendorId,\n            fabricObject.rootCert,\n            fabricObject.identityProtectionKey,\n            fabricObject.operationalIdentityProtectionKey,\n            fabricObject.intermediateCACert,\n            fabricObject.operationalCert,\n            fabricObject.label,\n            fabricObject.caseAuthenticatedTags,\n            fabricObject.scopedClusterData,\n        );\n    }\n\n    async setLabel(label: string) {\n        this.label = label;\n        await this.persist();\n    }\n\n    get publicKey() {\n        return this.#keyPair.publicKey;\n    }\n\n    sign(data: ByteArray) {\n        return Crypto.sign(this.#keyPair, data);\n    }\n\n    verifyCredentials(operationalCert: ByteArray, intermediateCACert?: ByteArray) {\n        if (intermediateCACert === undefined) {\n            // Validate NOC Certificate against Root Certificate\n            CertificateManager.verifyNodeOperationalCertificate(\n                TlvRootCertificate.decode(this.rootCert),\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        } else {\n            const decodedIcaCert = TlvIntermediateCertificate.decode(intermediateCACert);\n            // Validate NOC Certificate against ICA Certificate\n            CertificateManager.verifyNodeOperationalCertificate(\n                decodedIcaCert,\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n\n            // Validate ICACertificate against Root Certificate\n            CertificateManager.verifyIntermediateCaCertificate(\n                TlvRootCertificate.decode(this.rootCert),\n                decodedIcaCert,\n            );\n        }\n    }\n\n    matchesFabricIdAndRootPublicKey(fabricId: FabricId, rootPublicKey: ByteArray) {\n        return this.fabricId === fabricId && this.rootPublicKey?.equals(rootPublicKey);\n    }\n\n    matchesKeyPair(keyPair: Key) {\n        return this.#keyPair.publicKey.equals(keyPair.publicKey) && this.#keyPair.privateKey.equals(keyPair.privateKey);\n    }\n\n    getDestinationId(nodeId: NodeId, random: ByteArray) {\n        const writer = new DataWriter(Endian.Little);\n        writer.writeByteArray(random);\n        writer.writeByteArray(this.rootPublicKey);\n        writer.writeUInt64(this.fabricId);\n        writer.writeUInt64(nodeId);\n        return Crypto.hmac(this.operationalIdentityProtectionKey, writer.toByteArray());\n    }\n\n    addSession(session: SecureSession<any>) {\n        this.#sessions.push(session);\n    }\n\n    removeSession(session: SecureSession<any>) {\n        const index = this.#sessions.indexOf(session);\n        if (index >= 0) {\n            this.#sessions.splice(index, 1);\n        }\n    }\n\n    addRemoveCallback(callback: () => MaybePromise<void>) {\n        this.#removeCallbacks.push(callback);\n    }\n\n    deleteRemoveCallback(callback: () => MaybePromise<void>) {\n        const index = this.#removeCallbacks.indexOf(callback);\n        if (index >= 0) {\n            this.#removeCallbacks.splice(index, 1);\n        }\n    }\n\n    set persistCallback(callback: (isUpdate?: boolean) => MaybePromise<void>) {\n        // TODO Remove \"isUpdate\" parameter as soon as the fabric scoped data are removed from here/legacy API gets removed\n        this.#persistCallback = callback;\n    }\n\n    async remove(currentSessionId?: number) {\n        for (const callback of this.#removeCallbacks) {\n            await callback();\n        }\n        for (const session of [...this.#sessions]) {\n            await session.destroy(false, session.id === currentSessionId); // Delay Close for current session only\n        }\n    }\n\n    persist(isUpdate = true) {\n        return this.#persistCallback?.(isUpdate);\n    }\n\n    getScopedClusterDataValue<T>(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string): T | undefined {\n        const dataMap = this.#scopedClusterData.get(cluster.id);\n        if (dataMap === undefined) {\n            return undefined;\n        }\n        return dataMap.get(clusterDataKey);\n    }\n\n    setScopedClusterDataValue<T>(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string, value: T) {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            this.#scopedClusterData.set(cluster.id, new Map<string, SupportedStorageTypes>());\n        }\n        this.#scopedClusterData.get(cluster.id).set(clusterDataKey, value);\n        return this.persist(false);\n    }\n\n    deleteScopedClusterDataValue(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string) {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            return;\n        }\n        this.#scopedClusterData.get(cluster.id).delete(clusterDataKey);\n        return this.persist(false);\n    }\n\n    hasScopedClusterDataValue(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string) {\n        return this.#scopedClusterData.has(cluster.id) && this.#scopedClusterData.get(cluster.id).has(clusterDataKey);\n    }\n\n    deleteScopedClusterData(cluster: Cluster<any, any, any, any, any>) {\n        this.#scopedClusterData.delete(cluster.id);\n        return this.persist(false);\n    }\n\n    getScopedClusterDataKeys(cluster: Cluster<any, any, any, any, any>): string[] {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            return [];\n        }\n        return Array.from(this.#scopedClusterData.get(cluster.id).keys());\n    }\n\n    getGroupKeySet(groupKeySetId: number) {\n        if (groupKeySetId === 0) {\n            return OperationalGroupKeySet.asTlvGroupSet(this.getGroupSetForIpk());\n        }\n        // TODO add correct group handling later, right now only IPK exists\n        return undefined;\n    }\n\n    private getGroupSetForIpk(): OperationalGroupKeySet {\n        return {\n            groupKeySetId: 0,\n            epochKey0: this.identityProtectionKey,\n            operationalEpochKey0: this.operationalIdentityProtectionKey,\n            epochStartTime0: 0, // or do we need to track Fabric creation date?\n            groupSessionId0: null,\n            epochKey1: null,\n            operationalEpochKey1: null,\n            epochStartTime1: null,\n            groupSessionId1: null,\n            epochKey2: null,\n            operationalEpochKey2: null,\n            epochStartTime2: null,\n            groupSessionId2: null,\n            groupKeySecurityPolicy: GroupKeyManagement.GroupKeySecurityPolicy.TrustFirst,\n            groupKeyMulticastPolicy: GroupKeyManagement.GroupKeyMulticastPolicy.PerGroupId,\n        };\n    }\n\n    getAllGroupKeySets() {\n        // TODO add correct group handling later, right now only IPK exists\n        return [OperationalGroupKeySet.asTlvGroupSet(this.getGroupSetForIpk())];\n    }\n\n    get externalInformation(): ExposedFabricInformation {\n        return {\n            fabricIndex: this.fabricIndex,\n            fabricId: this.fabricId,\n            nodeId: this.nodeId,\n            rootNodeId: this.rootNodeId,\n            rootVendorId: this.rootVendorId,\n            label: this.label,\n        };\n    }\n}\n\nexport class FabricBuilder {\n    #keyPair = Crypto.createKeyPair();\n    #rootVendorId?: VendorId;\n    #rootCert?: ByteArray;\n    #intermediateCACert?: ByteArray;\n    #operationalCert?: ByteArray;\n    #fabricId?: FabricId;\n    #nodeId?: NodeId;\n    #rootNodeId?: NodeId;\n    #rootPublicKey?: ByteArray;\n    #identityProtectionKey?: ByteArray;\n    #fabricIndex?: FabricIndex;\n    #label = \"\";\n    #caseAuthenticatedTags = new Array<CaseAuthenticatedTag>();\n\n    get publicKey() {\n        return this.#keyPair.publicKey;\n    }\n\n    get fabricIndex() {\n        return this.#fabricIndex;\n    }\n\n    createCertificateSigningRequest() {\n        return CertificateManager.createCertificateSigningRequest(this.#keyPair);\n    }\n\n    setRootCert(rootCert: ByteArray) {\n        const decodedRootCertificate = TlvRootCertificate.decode(rootCert);\n        this.#rootCert = rootCert;\n        this.#rootPublicKey = decodedRootCertificate.ellipticCurvePublicKey;\n        return this;\n    }\n\n    hasRootCert() {\n        return this.#rootCert !== undefined;\n    }\n\n    setOperationalCert(operationalCert: ByteArray, intermediateCACert?: ByteArray) {\n        if (intermediateCACert !== undefined && intermediateCACert.length === 0) {\n            intermediateCACert = undefined;\n        }\n        const {\n            subject: { nodeId, fabricId, caseAuthenticatedTags },\n            ellipticCurvePublicKey,\n        } = TlvOperationalCertificate.decode(operationalCert);\n        logger.debug(\n            `FabricBuilder setOperationalCert: nodeId=${nodeId}, fabricId=${fabricId}, caseAuthenticatedTags=${caseAuthenticatedTags}`,\n        );\n\n        if (!ellipticCurvePublicKey.equals(this.#keyPair.publicKey)) {\n            throw new PublicKeyError(\"Operational Certificate does not match public key.\");\n        }\n\n        if (this.#rootCert === undefined) {\n            throw new MatterFlowError(\"Root Certificate needs to be set first.\");\n        }\n\n        if (intermediateCACert !== undefined) {\n            const decodedIntermediateCACert = TlvIntermediateCertificate.decode(intermediateCACert);\n            CertificateManager.verifyIntermediateCaCertificate(\n                TlvRootCertificate.decode(this.#rootCert),\n                decodedIntermediateCACert,\n            );\n            CertificateManager.verifyNodeOperationalCertificate(\n                decodedIntermediateCACert,\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        } else {\n            CertificateManager.verifyNodeOperationalCertificate(\n                TlvRootCertificate.decode(this.#rootCert),\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        }\n\n        this.#operationalCert = operationalCert;\n        this.#intermediateCACert = intermediateCACert;\n        this.#fabricId = FabricId(fabricId);\n        this.#nodeId = nodeId;\n        if (caseAuthenticatedTags !== undefined) {\n            CaseAuthenticatedTag.validateNocTagList(caseAuthenticatedTags);\n            this.#caseAuthenticatedTags = caseAuthenticatedTags;\n        }\n        return this;\n    }\n\n    setRootVendorId(rootVendorId: VendorId) {\n        this.#rootVendorId = rootVendorId;\n        return this;\n    }\n\n    setRootNodeId(rootNodeId: NodeId) {\n        this.#rootNodeId = rootNodeId;\n        return this;\n    }\n\n    setIdentityProtectionKey(key: ByteArray) {\n        this.#identityProtectionKey = key;\n        return this;\n    }\n\n    initializeFromFabricForUpdate(fabric: Fabric) {\n        this.#rootVendorId = fabric.rootVendorId;\n        this.#rootNodeId = fabric.rootNodeId;\n        this.#identityProtectionKey = fabric.identityProtectionKey;\n        this.#rootCert = fabric.rootCert;\n        this.#rootPublicKey = fabric.rootPublicKey;\n        this.#label = fabric.label;\n    }\n\n    matchesToFabric(fabric: Fabric) {\n        if (this.#fabricId === undefined || this.#rootPublicKey === undefined) {\n            throw new MatterFlowError(\"Node Operational Data needs to be set first.\");\n        }\n        return fabric.matchesFabricIdAndRootPublicKey(this.#fabricId, this.#rootPublicKey);\n    }\n\n    get nodeId() {\n        return this.#nodeId;\n    }\n\n    get fabricId() {\n        return this.#fabricId;\n    }\n\n    get keyPair() {\n        return this.#keyPair;\n    }\n\n    async build(fabricIndex: FabricIndex) {\n        if (this.#fabricIndex !== undefined) throw new InternalError(\"FabricBuilder can only be built once\");\n        if (this.#rootNodeId === undefined) throw new InternalError(\"rootNodeId needs to be set\");\n        if (this.#rootVendorId === undefined) throw new InternalError(\"vendorId needs to be set\");\n        if (this.#rootCert === undefined || this.#rootPublicKey === undefined)\n            throw new InternalError(\"rootCert needs to be set\");\n        if (this.#identityProtectionKey === undefined) throw new InternalError(\"identityProtectionKey needs to be set\");\n        if (this.#operationalCert === undefined || this.#fabricId === undefined || this.#nodeId === undefined)\n            throw new InternalError(\"operationalCert needs to be set\");\n\n        this.#fabricIndex = fabricIndex;\n        const saltWriter = new DataWriter(Endian.Big);\n        saltWriter.writeUInt64(this.#fabricId);\n        const operationalId = await Crypto.hkdf(\n            this.#rootPublicKey.slice(1),\n            saltWriter.toByteArray(),\n            COMPRESSED_FABRIC_ID_INFO,\n            8,\n        );\n\n        return new Fabric(\n            this.#fabricIndex,\n            this.#fabricId,\n            this.#nodeId,\n            this.#rootNodeId,\n            operationalId,\n            this.#rootPublicKey,\n            this.#keyPair,\n            this.#rootVendorId,\n            this.#rootCert,\n            this.#identityProtectionKey, // Epoch Key\n            await Crypto.hkdf(this.#identityProtectionKey, operationalId, GROUP_SECURITY_INFO),\n            this.#intermediateCACert,\n            this.#operationalCert,\n            this.#label,\n            this.#caseAuthenticatedTags,\n        );\n    }\n}\n"],
-  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP,SAAS,0BAA0B;AACnC,SAAS,eAAe,aAAa,uBAAuB;AAC5D,SAAS,cAAc;AACvB,SAA6B,kBAAkB;AAC/C,SAAS,4BAA4B;AACrC,SAAS,gBAAgB;AAIzB,SAAS,cAAc;AAIvB,SAAS,WAAW,cAAc;AAClC,SAAS,kBAAkB;AAG3B,MAAM,SAAS,OAAO,IAAI,QAAQ;AAElC,MAAM,4BAA4B,UAAU,WAAW,kBAAkB;AACzE,MAAM,sBAAsB,UAAU,WAAW,eAAe;AAEzD,MAAM,uBAAuB,YAAY;AAAC;AA8BjD,IAAU;AAAA,CAAV,CAAUA,4BAAV;AACW,EAAMA,wBAAA,gBAAgB,CACzB,wBACiE;AACjE,UAAM;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ,IAAI;AACJ,WAAO;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AAAA,GA1BM;AAsCH,MAAM,OAAO;AAAA,EAShB,YACa,aACA,UACA,QACA,YACA,eACA,eACT,SACS,cACA,UACA,uBACA,kCACA,oBACA,iBACF,OACE,wBAAwB,IAAI,MAA4B,GACjE,mBACF;AAhBW;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACF;AACE;AAGT,SAAK,WAAW;AAChB,SAAK,qBAAqB,qBAAqB,oBAAI,IAAgD;AAAA,EACvG;AAAA,EA5BS,YAAY,IAAI,MAA0B;AAAA,EAC1C;AAAA,EAEA;AAAA,EAET,mBAAmB,IAAI,MAAgC;AAAA,EACvD;AAAA,EAwBA,kBAAoC;AAChC,WAAO;AAAA,MACH,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,MACf,QAAQ,KAAK;AAAA,MACb,YAAY,KAAK;AAAA,MACjB,eAAe,KAAK;AAAA,MACpB,eAAe,KAAK;AAAA,MACpB,SAAS,KAAK,SAAS;AAAA,MACvB,cAAc,KAAK;AAAA,MACnB,UAAU,KAAK;AAAA,MACf,uBAAuB,KAAK;AAAA,MAC5B,kCAAkC,KAAK;AAAA,MACvC,oBAAoB,KAAK;AAAA,MACzB,iBAAiB,KAAK;AAAA,MACtB,OAAO,KAAK;AAAA,MACZ,uBAAuB,KAAK;AAAA,MAC5B,mBAAmB,KAAK;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,OAAO,wBAAwB,cAAwC;AACnE,WAAO,IAAI;AAAA,MACP,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,WAAW,aAAa,OAAO;AAAA,MAC/B,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,IACjB;AAAA,EACJ;AAAA,EAEA,MAAM,SAAS,OAAe;AAC1B,SAAK,QAAQ;AACb,UAAM,KAAK,QAAQ;AAAA,EACvB;AAAA,EAEA,IAAI,YAAY;AACZ,WAAO,KAAK,SAAS;AAAA,EACzB;AAAA,EAEA,KAAK,MAAiB;AAClB,WAAO,OAAO,KAAK,KAAK,UAAU,IAAI;AAAA,EAC1C;AAAA,EAEA,kBAAkB,iBAA4B,oBAAgC;AAC1E,QAAI,uBAAuB,QAAW;AAElC,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,QAAQ;AAAA,QACvC,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ,OAAO;AACH,YAAM,iBAAiB,2BAA2B,OAAO,kBAAkB;AAE3E,yBAAmB;AAAA,QACf;AAAA,QACA,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAGA,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,QAAQ;AAAA,QACvC;AAAA,MACJ;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,gCAAgC,UAAoB,eAA0B;AAC1E,WAAO,KAAK,aAAa,YAAY,KAAK,eAAe,OAAO,aAAa;AAAA,EACjF;AAAA,EAEA,eAAe,SAAc;AACzB,WAAO,KAAK,SAAS,UAAU,OAAO,QAAQ,SAAS,KAAK,KAAK,SAAS,WAAW,OAAO,QAAQ,UAAU;AAAA,EAClH;AAAA,EAEA,iBAAiB,QAAgB,QAAmB;AAChD,UAAM,SAAS,IAAI,WAAW,OAAO,MAAM;AAC3C,WAAO,eAAe,MAAM;AAC5B,WAAO,eAAe,KAAK,aAAa;AACxC,WAAO,YAAY,KAAK,QAAQ;AAChC,WAAO,YAAY,MAAM;AACzB,WAAO,OAAO,KAAK,KAAK,kCAAkC,OAAO,YAAY,CAAC;AAAA,EAClF;AAAA,EAEA,WAAW,SAA6B;AACpC,SAAK,UAAU,KAAK,OAAO;AAAA,EAC/B;AAAA,EAEA,cAAc,SAA6B;AACvC,UAAM,QAAQ,KAAK,UAAU,QAAQ,OAAO;AAC5C,QAAI,SAAS,GAAG;AACZ,WAAK,UAAU,OAAO,OAAO,CAAC;AAAA,IAClC;AAAA,EACJ;AAAA,EAEA,kBAAkB,UAAoC;AAClD,SAAK,iBAAiB,KAAK,QAAQ;AAAA,EACvC;AAAA,EAEA,qBAAqB,UAAoC;AACrD,UAAM,QAAQ,KAAK,iBAAiB,QAAQ,QAAQ;AACpD,QAAI,SAAS,GAAG;AACZ,WAAK,iBAAiB,OAAO,OAAO,CAAC;AAAA,IACzC;AAAA,EACJ;AAAA,EAEA,IAAI,gBAAgB,UAAsD;AAEtE,SAAK,mBAAmB;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,kBAA2B;AACpC,eAAW,YAAY,KAAK,kBAAkB;AAC1C,YAAM,SAAS;AAAA,IACnB;AACA,eAAW,WAAW,CAAC,GAAG,KAAK,SAAS,GAAG;AACvC,YAAM,QAAQ,QAAQ,OAAO,QAAQ,OAAO,gBAAgB;AAAA,IAChE;AAAA,EACJ;AAAA,EAEA,QAAQ,WAAW,MAAM;AACrB,WAAO,KAAK,mBAAmB,QAAQ;AAAA,EAC3C;AAAA,EAEA,0BAA6B,SAA2C,gBAAuC;AAC3G,UAAM,UAAU,KAAK,mBAAmB,IAAI,QAAQ,EAAE;AACtD,QAAI,YAAY,QAAW;AACvB,aAAO;AAAA,IACX;AACA,WAAO,QAAQ,IAAI,cAAc;AAAA,EACrC;AAAA,EAEA,0BAA6B,SAA2C,gBAAwB,OAAU;AACtG,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C,WAAK,mBAAmB,IAAI,QAAQ,IAAI,oBAAI,IAAmC,CAAC;AAAA,IACpF;AACA,SAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,IAAI,gBAAgB,KAAK;AACjE,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,6BAA6B,SAA2C,gBAAwB;AAC5F,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C;AAAA,IACJ;AACA,SAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,OAAO,cAAc;AAC7D,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,0BAA0B,SAA2C,gBAAwB;AACzF,WAAO,KAAK,mBAAmB,IAAI,QAAQ,EAAE,KAAK,KAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,IAAI,cAAc;AAAA,EAChH;AAAA,EAEA,wBAAwB,SAA2C;AAC/D,SAAK,mBAAmB,OAAO,QAAQ,EAAE;AACzC,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,yBAAyB,SAAqD;AAC1E,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C,aAAO,CAAC;AAAA,IACZ;AACA,WAAO,MAAM,KAAK,KAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,KAAK,CAAC;AAAA,EACpE;AAAA,EAEA,eAAe,eAAuB;AAClC,QAAI,kBAAkB,GAAG;AACrB,aAAO,uBAAuB,cAAc,KAAK,kBAAkB,CAAC;AAAA,IACxE;AAEA,WAAO;AAAA,EACX;AAAA,EAEQ,oBAA4C;AAChD,WAAO;AAAA,MACH,eAAe;AAAA,MACf,WAAW,KAAK;AAAA,MAChB,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB;AAAA;AAAA,MACjB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,sBAAsB;AAAA,MACtB,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,sBAAsB;AAAA,MACtB,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,wBAAwB,mBAAmB,uBAAuB;AAAA,MAClE,yBAAyB,mBAAmB,wBAAwB;AAAA,IACxE;AAAA,EACJ;AAAA,EAEA,qBAAqB;AAEjB,WAAO,CAAC,uBAAuB,cAAc,KAAK,kBAAkB,CAAC,CAAC;AAAA,EAC1E;AAAA,EAEA,IAAI,sBAAgD;AAChD,WAAO;AAAA,MACH,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,MACf,QAAQ,KAAK;AAAA,MACb,YAAY,KAAK;AAAA,MACjB,cAAc,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,IAChB;AAAA,EACJ;AACJ;AAEO,MAAM,cAAc;AAAA,EACvB,WAAW,OAAO,cAAc;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAS;AAAA,EACT,yBAAyB,IAAI,MAA4B;AAAA,EAEzD,IAAI,YAAY;AACZ,WAAO,KAAK,SAAS;AAAA,EACzB;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,kCAAkC;AAC9B,WAAO,mBAAmB,gCAAgC,KAAK,QAAQ;AAAA,EAC3E;AAAA,EAEA,YAAY,UAAqB;AAC7B,UAAM,yBAAyB,mBAAmB,OAAO,QAAQ;AACjE,SAAK,YAAY;AACjB,SAAK,iBAAiB,uBAAuB;AAC7C,WAAO;AAAA,EACX;AAAA,EAEA,cAAc;AACV,WAAO,KAAK,cAAc;AAAA,EAC9B;AAAA,EAEA,mBAAmB,iBAA4B,oBAAgC;AAC3E,QAAI,uBAAuB,UAAa,mBAAmB,WAAW,GAAG;AACrE,2BAAqB;AAAA,IACzB;AACA,UAAM;AAAA,MACF,SAAS,EAAE,QAAQ,UAAU,sBAAsB;AAAA,MACnD;AAAA,IACJ,IAAI,0BAA0B,OAAO,eAAe;AACpD,WAAO;AAAA,MACH,4CAA4C,MAAM,cAAc,QAAQ,2BAA2B,qBAAqB;AAAA,IAC5H;AAEA,QAAI,CAAC,uBAAuB,OAAO,KAAK,SAAS,SAAS,GAAG;AACzD,YAAM,IAAI,eAAe,oDAAoD;AAAA,IACjF;AAEA,QAAI,KAAK,cAAc,QAAW;AAC9B,YAAM,IAAI,gBAAgB,yCAAyC;AAAA,IACvE;AAEA,QAAI,uBAAuB,QAAW;AAClC,YAAM,4BAA4B,2BAA2B,OAAO,kBAAkB;AACtF,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,SAAS;AAAA,QACxC;AAAA,MACJ;AACA,yBAAmB;AAAA,QACf;AAAA,QACA,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ,OAAO;AACH,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,SAAS;AAAA,QACxC,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ;AAEA,SAAK,mBAAmB;AACxB,SAAK,sBAAsB;AAC3B,SAAK,YAAY,SAAS,QAAQ;AAClC,SAAK,UAAU;AACf,QAAI,0BAA0B,QAAW;AACrC,2BAAqB,mBAAmB,qBAAqB;AAC7D,WAAK,yBAAyB;AAAA,IAClC;AACA,WAAO;AAAA,EACX;AAAA,EAEA,gBAAgB,cAAwB;AACpC,SAAK,gBAAgB;AACrB,WAAO;AAAA,EACX;AAAA,EAEA,cAAc,YAAoB;AAC9B,SAAK,cAAc;AACnB,WAAO;AAAA,EACX;AAAA,EAEA,yBAAyB,KAAgB;AACrC,SAAK,yBAAyB;AAC9B,WAAO;AAAA,EACX;AAAA,EAEA,8BAA8B,QAAgB;AAC1C,SAAK,gBAAgB,OAAO;AAC5B,SAAK,cAAc,OAAO;AAC1B,SAAK,yBAAyB,OAAO;AACrC,SAAK,YAAY,OAAO;AACxB,SAAK,iBAAiB,OAAO;AAC7B,SAAK,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,gBAAgB,QAAgB;AAC5B,QAAI,KAAK,cAAc,UAAa,KAAK,mBAAmB,QAAW;AACnE,YAAM,IAAI,gBAAgB,8CAA8C;AAAA,IAC5E;AACA,WAAO,OAAO,gCAAgC,KAAK,WAAW,KAAK,cAAc;AAAA,EACrF;AAAA,EAEA,IAAI,SAAS;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACV,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,MAAM,aAA0B;AAClC,QAAI,KAAK,iBAAiB,OAAW,OAAM,IAAI,cAAc,sCAAsC;AACnG,QAAI,KAAK,gBAAgB,OAAW,OAAM,IAAI,cAAc,4BAA4B;AACxF,QAAI,KAAK,kBAAkB,OAAW,OAAM,IAAI,cAAc,0BAA0B;AACxF,QAAI,KAAK,cAAc,UAAa,KAAK,mBAAmB;AACxD,YAAM,IAAI,cAAc,0BAA0B;AACtD,QAAI,KAAK,2BAA2B,OAAW,OAAM,IAAI,cAAc,uCAAuC;AAC9G,QAAI,KAAK,qBAAqB,UAAa,KAAK,cAAc,UAAa,KAAK,YAAY;AACxF,YAAM,IAAI,cAAc,iCAAiC;AAE7D,SAAK,eAAe;AACpB,UAAM,aAAa,IAAI,WAAW,OAAO,GAAG;AAC5C,eAAW,YAAY,KAAK,SAAS;AACrC,UAAM,gBAAgB,MAAM,OAAO;AAAA,MAC/B,KAAK,eAAe,MAAM,CAAC;AAAA,MAC3B,WAAW,YAAY;AAAA,MACvB;AAAA,MACA;AAAA,IACJ;AAEA,WAAO,IAAI;AAAA,MACP,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA;AAAA,MACL,MAAM,OAAO,KAAK,KAAK,wBAAwB,eAAe,mBAAmB;AAAA,MACjF,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,IACT;AAAA,EACJ;AACJ;",
+  "sourcesContent": ["/**\n * @license\n * Copyright 2022-2024 Matter.js Authors\n * SPDX-License-Identifier: Apache-2.0\n */\n\nimport {\n    CertificateManager,\n    TlvIntermediateCertificate,\n    TlvOperationalCertificate,\n    TlvRootCertificate,\n} from \"../certificate/CertificateManager.js\";\nimport { Cluster } from \"../cluster/Cluster.js\";\nimport { GroupKeyManagement } from \"../cluster/definitions/GroupKeyManagementCluster.js\";\nimport { InternalError, MatterError, MatterFlowError } from \"../common/MatterError.js\";\nimport { Crypto } from \"../crypto/Crypto.js\";\nimport { BinaryKeyPair, Key, PrivateKey } from \"../crypto/Key.js\";\nimport { CaseAuthenticatedTag } from \"../datatype/CaseAuthenticatedTag.js\";\nimport { FabricId } from \"../datatype/FabricId.js\";\nimport { FabricIndex } from \"../datatype/FabricIndex.js\";\nimport { NodeId } from \"../datatype/NodeId.js\";\nimport { VendorId } from \"../datatype/VendorId.js\";\nimport { Logger } from \"../log/Logger.js\";\nimport { SecureSession } from \"../session/SecureSession.js\";\nimport { SupportedStorageTypes } from \"../storage/StringifyTools.js\";\nimport { TypeFromSchema } from \"../tlv/TlvSchema.js\";\nimport { ByteArray, Endian } from \"../util/ByteArray.js\";\nimport { DataWriter } from \"../util/DataWriter.js\";\nimport { MaybePromise } from \"../util/Promises.js\";\n\nconst logger = Logger.get(\"Fabric\");\n\nconst COMPRESSED_FABRIC_ID_INFO = ByteArray.fromString(\"CompressedFabric\");\nconst GROUP_SECURITY_INFO = ByteArray.fromString(\"GroupKey v1.0\");\n\nexport class PublicKeyError extends MatterError {}\n\nexport type FabricJsonObject = {\n    fabricIndex: FabricIndex;\n    fabricId: FabricId;\n    nodeId: NodeId;\n    rootNodeId: NodeId;\n    operationalId: ByteArray;\n    rootPublicKey: ByteArray;\n    keyPair: BinaryKeyPair;\n    rootVendorId: VendorId;\n    rootCert: ByteArray;\n    identityProtectionKey: ByteArray;\n    operationalIdentityProtectionKey: ByteArray;\n    intermediateCACert: ByteArray | undefined;\n    operationalCert: ByteArray;\n    label: string;\n    caseAuthenticatedTags?: CaseAuthenticatedTag[];\n    scopedClusterData: Map<number, Map<string, SupportedStorageTypes>>;\n};\n\ntype OperationalGroupKeySet = TypeFromSchema<typeof GroupKeyManagement.TlvGroupKeySetStruct> & {\n    operationalEpochKey0: ByteArray;\n    groupSessionId0: number | null;\n    operationalEpochKey1: ByteArray | null;\n    groupSessionId1: number | null;\n    operationalEpochKey2: ByteArray | null;\n    groupSessionId2: number | null;\n};\n\nnamespace OperationalGroupKeySet {\n    export const asTlvGroupSet = (\n        operationalGroupSet: OperationalGroupKeySet,\n    ): TypeFromSchema<typeof GroupKeyManagement.TlvGroupKeySetStruct> => {\n        const {\n            groupKeySetId,\n            epochKey0,\n            epochStartTime0,\n            epochKey1,\n            epochStartTime1,\n            epochKey2,\n            epochStartTime2,\n            groupKeySecurityPolicy,\n            groupKeyMulticastPolicy,\n        } = operationalGroupSet;\n        return {\n            groupKeySetId,\n            epochKey0,\n            epochStartTime0,\n            epochKey1,\n            epochStartTime1,\n            epochKey2,\n            epochStartTime2,\n            groupKeySecurityPolicy,\n            groupKeyMulticastPolicy,\n        };\n    };\n}\n\nexport type ExposedFabricInformation = {\n    fabricIndex: FabricIndex;\n    fabricId: FabricId;\n    nodeId: NodeId;\n    rootNodeId: NodeId;\n    rootVendorId: VendorId;\n    label: string;\n};\n\nexport class Fabric {\n    readonly #sessions = new Array<SecureSession<any>>();\n    readonly #scopedClusterData: Map<number, any>;\n\n    readonly #keyPair: Key;\n\n    #removeCallbacks = new Array<() => MaybePromise<void>>();\n    #persistCallback: ((isUpdate?: boolean) => MaybePromise<void>) | undefined;\n\n    constructor(\n        readonly fabricIndex: FabricIndex,\n        readonly fabricId: FabricId,\n        readonly nodeId: NodeId,\n        readonly rootNodeId: NodeId,\n        readonly operationalId: ByteArray,\n        readonly rootPublicKey: ByteArray,\n        keyPair: Key,\n        readonly rootVendorId: VendorId,\n        readonly rootCert: ByteArray,\n        readonly identityProtectionKey: ByteArray,\n        readonly operationalIdentityProtectionKey: ByteArray,\n        readonly intermediateCACert: ByteArray | undefined,\n        readonly operationalCert: ByteArray,\n        public label: string,\n        readonly caseAuthenticatedTags = new Array<CaseAuthenticatedTag>(),\n        scopedClusterData?: Map<number, Map<string, SupportedStorageTypes>>,\n    ) {\n        this.#keyPair = keyPair;\n        this.#scopedClusterData = scopedClusterData ?? new Map<number, Map<string, SupportedStorageTypes>>();\n    }\n\n    toStorageObject(): FabricJsonObject {\n        return {\n            fabricIndex: this.fabricIndex,\n            fabricId: this.fabricId,\n            nodeId: this.nodeId,\n            rootNodeId: this.rootNodeId,\n            operationalId: this.operationalId,\n            rootPublicKey: this.rootPublicKey,\n            keyPair: this.#keyPair.keyPair,\n            rootVendorId: this.rootVendorId,\n            rootCert: this.rootCert,\n            identityProtectionKey: this.identityProtectionKey,\n            operationalIdentityProtectionKey: this.operationalIdentityProtectionKey,\n            intermediateCACert: this.intermediateCACert,\n            operationalCert: this.operationalCert,\n            label: this.label,\n            caseAuthenticatedTags: this.caseAuthenticatedTags,\n            scopedClusterData: this.#scopedClusterData,\n        };\n    }\n\n    static createFromStorageObject(fabricObject: FabricJsonObject): Fabric {\n        return new Fabric(\n            fabricObject.fabricIndex,\n            fabricObject.fabricId,\n            fabricObject.nodeId,\n            fabricObject.rootNodeId,\n            fabricObject.operationalId,\n            fabricObject.rootPublicKey,\n            PrivateKey(fabricObject.keyPair),\n            fabricObject.rootVendorId,\n            fabricObject.rootCert,\n            fabricObject.identityProtectionKey,\n            fabricObject.operationalIdentityProtectionKey,\n            fabricObject.intermediateCACert,\n            fabricObject.operationalCert,\n            fabricObject.label,\n            fabricObject.caseAuthenticatedTags,\n            fabricObject.scopedClusterData,\n        );\n    }\n\n    async setLabel(label: string) {\n        this.label = label;\n        await this.persist();\n    }\n\n    get publicKey() {\n        return this.#keyPair.publicKey;\n    }\n\n    sign(data: ByteArray) {\n        return Crypto.sign(this.#keyPair, data);\n    }\n\n    verifyCredentials(operationalCert: ByteArray, intermediateCACert?: ByteArray) {\n        if (intermediateCACert === undefined) {\n            // Validate NOC Certificate against Root Certificate\n            CertificateManager.verifyNodeOperationalCertificate(\n                TlvRootCertificate.decode(this.rootCert),\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        } else {\n            const decodedIcaCert = TlvIntermediateCertificate.decode(intermediateCACert);\n            // Validate NOC Certificate against ICA Certificate\n            CertificateManager.verifyNodeOperationalCertificate(\n                decodedIcaCert,\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n\n            // Validate ICACertificate against Root Certificate\n            CertificateManager.verifyIntermediateCaCertificate(\n                TlvRootCertificate.decode(this.rootCert),\n                decodedIcaCert,\n            );\n        }\n    }\n\n    matchesFabricIdAndRootPublicKey(fabricId: FabricId, rootPublicKey: ByteArray) {\n        return this.fabricId === fabricId && this.rootPublicKey?.equals(rootPublicKey);\n    }\n\n    matchesKeyPair(keyPair: Key) {\n        return this.#keyPair.publicKey.equals(keyPair.publicKey) && this.#keyPair.privateKey.equals(keyPair.privateKey);\n    }\n\n    getDestinationId(nodeId: NodeId, random: ByteArray) {\n        const writer = new DataWriter(Endian.Little);\n        writer.writeByteArray(random);\n        writer.writeByteArray(this.rootPublicKey);\n        writer.writeUInt64(this.fabricId);\n        writer.writeUInt64(nodeId);\n        return Crypto.hmac(this.operationalIdentityProtectionKey, writer.toByteArray());\n    }\n\n    addSession(session: SecureSession<any>) {\n        this.#sessions.push(session);\n    }\n\n    removeSession(session: SecureSession<any>) {\n        const index = this.#sessions.indexOf(session);\n        if (index >= 0) {\n            this.#sessions.splice(index, 1);\n        }\n    }\n\n    addRemoveCallback(callback: () => MaybePromise<void>) {\n        this.#removeCallbacks.push(callback);\n    }\n\n    deleteRemoveCallback(callback: () => MaybePromise<void>) {\n        const index = this.#removeCallbacks.indexOf(callback);\n        if (index >= 0) {\n            this.#removeCallbacks.splice(index, 1);\n        }\n    }\n\n    set persistCallback(callback: (isUpdate?: boolean) => MaybePromise<void>) {\n        // TODO Remove \"isUpdate\" parameter as soon as the fabric scoped data are removed from here/legacy API gets removed\n        this.#persistCallback = callback;\n    }\n\n    async remove(currentSessionId?: number) {\n        for (const callback of this.#removeCallbacks) {\n            await callback();\n        }\n        for (const session of [...this.#sessions]) {\n            await session.destroy(false, session.id === currentSessionId); // Delay Close for current session only\n        }\n    }\n\n    persist(isUpdate = true) {\n        return this.#persistCallback?.(isUpdate);\n    }\n\n    getScopedClusterDataValue<T>(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string): T | undefined {\n        const dataMap = this.#scopedClusterData.get(cluster.id);\n        if (dataMap === undefined) {\n            return undefined;\n        }\n        return dataMap.get(clusterDataKey);\n    }\n\n    setScopedClusterDataValue<T>(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string, value: T) {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            this.#scopedClusterData.set(cluster.id, new Map<string, SupportedStorageTypes>());\n        }\n        this.#scopedClusterData.get(cluster.id).set(clusterDataKey, value);\n        return this.persist(false);\n    }\n\n    deleteScopedClusterDataValue(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string) {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            return;\n        }\n        this.#scopedClusterData.get(cluster.id).delete(clusterDataKey);\n        return this.persist(false);\n    }\n\n    hasScopedClusterDataValue(cluster: Cluster<any, any, any, any, any>, clusterDataKey: string) {\n        return this.#scopedClusterData.has(cluster.id) && this.#scopedClusterData.get(cluster.id).has(clusterDataKey);\n    }\n\n    deleteScopedClusterData(cluster: Cluster<any, any, any, any, any>) {\n        this.#scopedClusterData.delete(cluster.id);\n        return this.persist(false);\n    }\n\n    getScopedClusterDataKeys(cluster: Cluster<any, any, any, any, any>): string[] {\n        if (!this.#scopedClusterData.has(cluster.id)) {\n            return [];\n        }\n        return Array.from(this.#scopedClusterData.get(cluster.id).keys());\n    }\n\n    getGroupKeySet(groupKeySetId: number) {\n        if (groupKeySetId === 0) {\n            return OperationalGroupKeySet.asTlvGroupSet(this.getGroupSetForIpk());\n        }\n        // TODO add correct group handling later, right now only IPK exists\n        return undefined;\n    }\n\n    private getGroupSetForIpk(): OperationalGroupKeySet {\n        return {\n            groupKeySetId: 0,\n            epochKey0: this.identityProtectionKey,\n            operationalEpochKey0: this.operationalIdentityProtectionKey,\n            epochStartTime0: 0, // or do we need to track Fabric creation date?\n            groupSessionId0: null,\n            epochKey1: null,\n            operationalEpochKey1: null,\n            epochStartTime1: null,\n            groupSessionId1: null,\n            epochKey2: null,\n            operationalEpochKey2: null,\n            epochStartTime2: null,\n            groupSessionId2: null,\n            groupKeySecurityPolicy: GroupKeyManagement.GroupKeySecurityPolicy.TrustFirst,\n            groupKeyMulticastPolicy: GroupKeyManagement.GroupKeyMulticastPolicy.PerGroupId,\n        };\n    }\n\n    getAllGroupKeySets() {\n        // TODO add correct group handling later, right now only IPK exists\n        return [OperationalGroupKeySet.asTlvGroupSet(this.getGroupSetForIpk())];\n    }\n\n    get externalInformation(): ExposedFabricInformation {\n        return {\n            fabricIndex: this.fabricIndex,\n            fabricId: this.fabricId,\n            nodeId: this.nodeId,\n            rootNodeId: this.rootNodeId,\n            rootVendorId: this.rootVendorId,\n            label: this.label,\n        };\n    }\n}\n\nexport class FabricBuilder {\n    #keyPair = Crypto.createKeyPair();\n    #rootVendorId?: VendorId;\n    #rootCert?: ByteArray;\n    #intermediateCACert?: ByteArray;\n    #operationalCert?: ByteArray;\n    #fabricId?: FabricId;\n    #nodeId?: NodeId;\n    #rootNodeId?: NodeId;\n    #rootPublicKey?: ByteArray;\n    #identityProtectionKey?: ByteArray;\n    #fabricIndex?: FabricIndex;\n    #label = \"\";\n    #caseAuthenticatedTags = new Array<CaseAuthenticatedTag>();\n\n    get publicKey() {\n        return this.#keyPair.publicKey;\n    }\n\n    get fabricIndex() {\n        return this.#fabricIndex;\n    }\n\n    createCertificateSigningRequest() {\n        return CertificateManager.createCertificateSigningRequest(this.#keyPair);\n    }\n\n    setRootCert(rootCert: ByteArray) {\n        const decodedRootCertificate = TlvRootCertificate.decode(rootCert);\n        CertificateManager.verifyRootCertificate(decodedRootCertificate);\n        this.#rootCert = rootCert;\n        this.#rootPublicKey = decodedRootCertificate.ellipticCurvePublicKey;\n        return this;\n    }\n\n    // TODO Remove when legacy API gets removed because then no longer needed\n    get rootCert() {\n        return this.#rootCert;\n    }\n\n    hasRootCert() {\n        return this.#rootCert !== undefined;\n    }\n\n    setOperationalCert(operationalCert: ByteArray, intermediateCACert?: ByteArray) {\n        if (intermediateCACert !== undefined && intermediateCACert.length === 0) {\n            intermediateCACert = undefined;\n        }\n        const {\n            subject: { nodeId, fabricId, caseAuthenticatedTags },\n            ellipticCurvePublicKey,\n        } = TlvOperationalCertificate.decode(operationalCert);\n        logger.debug(\n            `FabricBuilder setOperationalCert: nodeId=${nodeId}, fabricId=${fabricId}, caseAuthenticatedTags=${caseAuthenticatedTags}`,\n        );\n\n        if (!ellipticCurvePublicKey.equals(this.#keyPair.publicKey)) {\n            throw new PublicKeyError(\"Operational Certificate does not match public key.\");\n        }\n\n        if (this.#rootCert === undefined) {\n            throw new MatterFlowError(\"Root Certificate needs to be set first.\");\n        }\n\n        if (intermediateCACert !== undefined) {\n            const decodedIntermediateCACert = TlvIntermediateCertificate.decode(intermediateCACert);\n            CertificateManager.verifyIntermediateCaCertificate(\n                TlvRootCertificate.decode(this.#rootCert),\n                decodedIntermediateCACert,\n            );\n            CertificateManager.verifyNodeOperationalCertificate(\n                decodedIntermediateCACert,\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        } else {\n            CertificateManager.verifyNodeOperationalCertificate(\n                TlvRootCertificate.decode(this.#rootCert),\n                TlvOperationalCertificate.decode(operationalCert),\n            );\n        }\n\n        this.#operationalCert = operationalCert;\n        this.#intermediateCACert = intermediateCACert;\n        this.#fabricId = FabricId(fabricId);\n        this.#nodeId = nodeId;\n        if (caseAuthenticatedTags !== undefined) {\n            CaseAuthenticatedTag.validateNocTagList(caseAuthenticatedTags);\n            this.#caseAuthenticatedTags = caseAuthenticatedTags;\n        }\n        return this;\n    }\n\n    setRootVendorId(rootVendorId: VendorId) {\n        this.#rootVendorId = rootVendorId;\n        return this;\n    }\n\n    setRootNodeId(rootNodeId: NodeId) {\n        this.#rootNodeId = rootNodeId;\n        return this;\n    }\n\n    setIdentityProtectionKey(key: ByteArray) {\n        this.#identityProtectionKey = key;\n        return this;\n    }\n\n    initializeFromFabricForUpdate(fabric: Fabric) {\n        this.#rootVendorId = fabric.rootVendorId;\n        this.#rootNodeId = fabric.rootNodeId;\n        this.#identityProtectionKey = fabric.identityProtectionKey;\n        this.#rootCert = fabric.rootCert;\n        this.#rootPublicKey = fabric.rootPublicKey;\n        this.#label = fabric.label;\n    }\n\n    matchesToFabric(fabric: Fabric) {\n        if (this.#fabricId === undefined || this.#rootPublicKey === undefined) {\n            throw new MatterFlowError(\"Node Operational Data needs to be set first.\");\n        }\n        return fabric.matchesFabricIdAndRootPublicKey(this.#fabricId, this.#rootPublicKey);\n    }\n\n    get nodeId() {\n        return this.#nodeId;\n    }\n\n    get fabricId() {\n        return this.#fabricId;\n    }\n\n    get keyPair() {\n        return this.#keyPair;\n    }\n\n    async build(fabricIndex: FabricIndex) {\n        if (this.#fabricIndex !== undefined) throw new InternalError(\"FabricBuilder can only be built once\");\n        if (this.#rootNodeId === undefined) throw new InternalError(\"rootNodeId needs to be set\");\n        if (this.#rootVendorId === undefined) throw new InternalError(\"vendorId needs to be set\");\n        if (this.#rootCert === undefined || this.#rootPublicKey === undefined)\n            throw new InternalError(\"rootCert needs to be set\");\n        if (this.#identityProtectionKey === undefined) throw new InternalError(\"identityProtectionKey needs to be set\");\n        if (this.#operationalCert === undefined || this.#fabricId === undefined || this.#nodeId === undefined)\n            throw new InternalError(\"operationalCert needs to be set\");\n\n        this.#fabricIndex = fabricIndex;\n        const saltWriter = new DataWriter(Endian.Big);\n        saltWriter.writeUInt64(this.#fabricId);\n        const operationalId = await Crypto.hkdf(\n            this.#rootPublicKey.slice(1),\n            saltWriter.toByteArray(),\n            COMPRESSED_FABRIC_ID_INFO,\n            8,\n        );\n\n        return new Fabric(\n            this.#fabricIndex,\n            this.#fabricId,\n            this.#nodeId,\n            this.#rootNodeId,\n            operationalId,\n            this.#rootPublicKey,\n            this.#keyPair,\n            this.#rootVendorId,\n            this.#rootCert,\n            this.#identityProtectionKey, // Epoch Key\n            await Crypto.hkdf(this.#identityProtectionKey, operationalId, GROUP_SECURITY_INFO),\n            this.#intermediateCACert,\n            this.#operationalCert,\n            this.#label,\n            this.#caseAuthenticatedTags,\n        );\n    }\n}\n"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP,SAAS,0BAA0B;AACnC,SAAS,eAAe,aAAa,uBAAuB;AAC5D,SAAS,cAAc;AACvB,SAA6B,kBAAkB;AAC/C,SAAS,4BAA4B;AACrC,SAAS,gBAAgB;AAIzB,SAAS,cAAc;AAIvB,SAAS,WAAW,cAAc;AAClC,SAAS,kBAAkB;AAG3B,MAAM,SAAS,OAAO,IAAI,QAAQ;AAElC,MAAM,4BAA4B,UAAU,WAAW,kBAAkB;AACzE,MAAM,sBAAsB,UAAU,WAAW,eAAe;AAEzD,MAAM,uBAAuB,YAAY;AAAC;AA8BjD,IAAU;AAAA,CAAV,CAAUA,4BAAV;AACW,EAAMA,wBAAA,gBAAgB,CACzB,wBACiE;AACjE,UAAM;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ,IAAI;AACJ,WAAO;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AAAA,GA1BM;AAsCH,MAAM,OAAO;AAAA,EAShB,YACa,aACA,UACA,QACA,YACA,eACA,eACT,SACS,cACA,UACA,uBACA,kCACA,oBACA,iBACF,OACE,wBAAwB,IAAI,MAA4B,GACjE,mBACF;AAhBW;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACF;AACE;AAGT,SAAK,WAAW;AAChB,SAAK,qBAAqB,qBAAqB,oBAAI,IAAgD;AAAA,EACvG;AAAA,EA5BS,YAAY,IAAI,MAA0B;AAAA,EAC1C;AAAA,EAEA;AAAA,EAET,mBAAmB,IAAI,MAAgC;AAAA,EACvD;AAAA,EAwBA,kBAAoC;AAChC,WAAO;AAAA,MACH,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,MACf,QAAQ,KAAK;AAAA,MACb,YAAY,KAAK;AAAA,MACjB,eAAe,KAAK;AAAA,MACpB,eAAe,KAAK;AAAA,MACpB,SAAS,KAAK,SAAS;AAAA,MACvB,cAAc,KAAK;AAAA,MACnB,UAAU,KAAK;AAAA,MACf,uBAAuB,KAAK;AAAA,MAC5B,kCAAkC,KAAK;AAAA,MACvC,oBAAoB,KAAK;AAAA,MACzB,iBAAiB,KAAK;AAAA,MACtB,OAAO,KAAK;AAAA,MACZ,uBAAuB,KAAK;AAAA,MAC5B,mBAAmB,KAAK;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,OAAO,wBAAwB,cAAwC;AACnE,WAAO,IAAI;AAAA,MACP,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,WAAW,aAAa,OAAO;AAAA,MAC/B,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,MACb,aAAa;AAAA,IACjB;AAAA,EACJ;AAAA,EAEA,MAAM,SAAS,OAAe;AAC1B,SAAK,QAAQ;AACb,UAAM,KAAK,QAAQ;AAAA,EACvB;AAAA,EAEA,IAAI,YAAY;AACZ,WAAO,KAAK,SAAS;AAAA,EACzB;AAAA,EAEA,KAAK,MAAiB;AAClB,WAAO,OAAO,KAAK,KAAK,UAAU,IAAI;AAAA,EAC1C;AAAA,EAEA,kBAAkB,iBAA4B,oBAAgC;AAC1E,QAAI,uBAAuB,QAAW;AAElC,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,QAAQ;AAAA,QACvC,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ,OAAO;AACH,YAAM,iBAAiB,2BAA2B,OAAO,kBAAkB;AAE3E,yBAAmB;AAAA,QACf;AAAA,QACA,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAGA,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,QAAQ;AAAA,QACvC;AAAA,MACJ;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,gCAAgC,UAAoB,eAA0B;AAC1E,WAAO,KAAK,aAAa,YAAY,KAAK,eAAe,OAAO,aAAa;AAAA,EACjF;AAAA,EAEA,eAAe,SAAc;AACzB,WAAO,KAAK,SAAS,UAAU,OAAO,QAAQ,SAAS,KAAK,KAAK,SAAS,WAAW,OAAO,QAAQ,UAAU;AAAA,EAClH;AAAA,EAEA,iBAAiB,QAAgB,QAAmB;AAChD,UAAM,SAAS,IAAI,WAAW,OAAO,MAAM;AAC3C,WAAO,eAAe,MAAM;AAC5B,WAAO,eAAe,KAAK,aAAa;AACxC,WAAO,YAAY,KAAK,QAAQ;AAChC,WAAO,YAAY,MAAM;AACzB,WAAO,OAAO,KAAK,KAAK,kCAAkC,OAAO,YAAY,CAAC;AAAA,EAClF;AAAA,EAEA,WAAW,SAA6B;AACpC,SAAK,UAAU,KAAK,OAAO;AAAA,EAC/B;AAAA,EAEA,cAAc,SAA6B;AACvC,UAAM,QAAQ,KAAK,UAAU,QAAQ,OAAO;AAC5C,QAAI,SAAS,GAAG;AACZ,WAAK,UAAU,OAAO,OAAO,CAAC;AAAA,IAClC;AAAA,EACJ;AAAA,EAEA,kBAAkB,UAAoC;AAClD,SAAK,iBAAiB,KAAK,QAAQ;AAAA,EACvC;AAAA,EAEA,qBAAqB,UAAoC;AACrD,UAAM,QAAQ,KAAK,iBAAiB,QAAQ,QAAQ;AACpD,QAAI,SAAS,GAAG;AACZ,WAAK,iBAAiB,OAAO,OAAO,CAAC;AAAA,IACzC;AAAA,EACJ;AAAA,EAEA,IAAI,gBAAgB,UAAsD;AAEtE,SAAK,mBAAmB;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,kBAA2B;AACpC,eAAW,YAAY,KAAK,kBAAkB;AAC1C,YAAM,SAAS;AAAA,IACnB;AACA,eAAW,WAAW,CAAC,GAAG,KAAK,SAAS,GAAG;AACvC,YAAM,QAAQ,QAAQ,OAAO,QAAQ,OAAO,gBAAgB;AAAA,IAChE;AAAA,EACJ;AAAA,EAEA,QAAQ,WAAW,MAAM;AACrB,WAAO,KAAK,mBAAmB,QAAQ;AAAA,EAC3C;AAAA,EAEA,0BAA6B,SAA2C,gBAAuC;AAC3G,UAAM,UAAU,KAAK,mBAAmB,IAAI,QAAQ,EAAE;AACtD,QAAI,YAAY,QAAW;AACvB,aAAO;AAAA,IACX;AACA,WAAO,QAAQ,IAAI,cAAc;AAAA,EACrC;AAAA,EAEA,0BAA6B,SAA2C,gBAAwB,OAAU;AACtG,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C,WAAK,mBAAmB,IAAI,QAAQ,IAAI,oBAAI,IAAmC,CAAC;AAAA,IACpF;AACA,SAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,IAAI,gBAAgB,KAAK;AACjE,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,6BAA6B,SAA2C,gBAAwB;AAC5F,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C;AAAA,IACJ;AACA,SAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,OAAO,cAAc;AAC7D,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,0BAA0B,SAA2C,gBAAwB;AACzF,WAAO,KAAK,mBAAmB,IAAI,QAAQ,EAAE,KAAK,KAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,IAAI,cAAc;AAAA,EAChH;AAAA,EAEA,wBAAwB,SAA2C;AAC/D,SAAK,mBAAmB,OAAO,QAAQ,EAAE;AACzC,WAAO,KAAK,QAAQ,KAAK;AAAA,EAC7B;AAAA,EAEA,yBAAyB,SAAqD;AAC1E,QAAI,CAAC,KAAK,mBAAmB,IAAI,QAAQ,EAAE,GAAG;AAC1C,aAAO,CAAC;AAAA,IACZ;AACA,WAAO,MAAM,KAAK,KAAK,mBAAmB,IAAI,QAAQ,EAAE,EAAE,KAAK,CAAC;AAAA,EACpE;AAAA,EAEA,eAAe,eAAuB;AAClC,QAAI,kBAAkB,GAAG;AACrB,aAAO,uBAAuB,cAAc,KAAK,kBAAkB,CAAC;AAAA,IACxE;AAEA,WAAO;AAAA,EACX;AAAA,EAEQ,oBAA4C;AAChD,WAAO;AAAA,MACH,eAAe;AAAA,MACf,WAAW,KAAK;AAAA,MAChB,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB;AAAA;AAAA,MACjB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,sBAAsB;AAAA,MACtB,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,WAAW;AAAA,MACX,sBAAsB;AAAA,MACtB,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,wBAAwB,mBAAmB,uBAAuB;AAAA,MAClE,yBAAyB,mBAAmB,wBAAwB;AAAA,IACxE;AAAA,EACJ;AAAA,EAEA,qBAAqB;AAEjB,WAAO,CAAC,uBAAuB,cAAc,KAAK,kBAAkB,CAAC,CAAC;AAAA,EAC1E;AAAA,EAEA,IAAI,sBAAgD;AAChD,WAAO;AAAA,MACH,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,MACf,QAAQ,KAAK;AAAA,MACb,YAAY,KAAK;AAAA,MACjB,cAAc,KAAK;AAAA,MACnB,OAAO,KAAK;AAAA,IAChB;AAAA,EACJ;AACJ;AAEO,MAAM,cAAc;AAAA,EACvB,WAAW,OAAO,cAAc;AAAA,EAChC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAS;AAAA,EACT,yBAAyB,IAAI,MAA4B;AAAA,EAEzD,IAAI,YAAY;AACZ,WAAO,KAAK,SAAS;AAAA,EACzB;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,kCAAkC;AAC9B,WAAO,mBAAmB,gCAAgC,KAAK,QAAQ;AAAA,EAC3E;AAAA,EAEA,YAAY,UAAqB;AAC7B,UAAM,yBAAyB,mBAAmB,OAAO,QAAQ;AACjE,uBAAmB,sBAAsB,sBAAsB;AAC/D,SAAK,YAAY;AACjB,SAAK,iBAAiB,uBAAuB;AAC7C,WAAO;AAAA,EACX;AAAA;AAAA,EAGA,IAAI,WAAW;AACX,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,cAAc;AACV,WAAO,KAAK,cAAc;AAAA,EAC9B;AAAA,EAEA,mBAAmB,iBAA4B,oBAAgC;AAC3E,QAAI,uBAAuB,UAAa,mBAAmB,WAAW,GAAG;AACrE,2BAAqB;AAAA,IACzB;AACA,UAAM;AAAA,MACF,SAAS,EAAE,QAAQ,UAAU,sBAAsB;AAAA,MACnD;AAAA,IACJ,IAAI,0BAA0B,OAAO,eAAe;AACpD,WAAO;AAAA,MACH,4CAA4C,MAAM,cAAc,QAAQ,2BAA2B,qBAAqB;AAAA,IAC5H;AAEA,QAAI,CAAC,uBAAuB,OAAO,KAAK,SAAS,SAAS,GAAG;AACzD,YAAM,IAAI,eAAe,oDAAoD;AAAA,IACjF;AAEA,QAAI,KAAK,cAAc,QAAW;AAC9B,YAAM,IAAI,gBAAgB,yCAAyC;AAAA,IACvE;AAEA,QAAI,uBAAuB,QAAW;AAClC,YAAM,4BAA4B,2BAA2B,OAAO,kBAAkB;AACtF,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,SAAS;AAAA,QACxC;AAAA,MACJ;AACA,yBAAmB;AAAA,QACf;AAAA,QACA,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ,OAAO;AACH,yBAAmB;AAAA,QACf,mBAAmB,OAAO,KAAK,SAAS;AAAA,QACxC,0BAA0B,OAAO,eAAe;AAAA,MACpD;AAAA,IACJ;AAEA,SAAK,mBAAmB;AACxB,SAAK,sBAAsB;AAC3B,SAAK,YAAY,SAAS,QAAQ;AAClC,SAAK,UAAU;AACf,QAAI,0BAA0B,QAAW;AACrC,2BAAqB,mBAAmB,qBAAqB;AAC7D,WAAK,yBAAyB;AAAA,IAClC;AACA,WAAO;AAAA,EACX;AAAA,EAEA,gBAAgB,cAAwB;AACpC,SAAK,gBAAgB;AACrB,WAAO;AAAA,EACX;AAAA,EAEA,cAAc,YAAoB;AAC9B,SAAK,cAAc;AACnB,WAAO;AAAA,EACX;AAAA,EAEA,yBAAyB,KAAgB;AACrC,SAAK,yBAAyB;AAC9B,WAAO;AAAA,EACX;AAAA,EAEA,8BAA8B,QAAgB;AAC1C,SAAK,gBAAgB,OAAO;AAC5B,SAAK,cAAc,OAAO;AAC1B,SAAK,yBAAyB,OAAO;AACrC,SAAK,YAAY,OAAO;AACxB,SAAK,iBAAiB,OAAO;AAC7B,SAAK,SAAS,OAAO;AAAA,EACzB;AAAA,EAEA,gBAAgB,QAAgB;AAC5B,QAAI,KAAK,cAAc,UAAa,KAAK,mBAAmB,QAAW;AACnE,YAAM,IAAI,gBAAgB,8CAA8C;AAAA,IAC5E;AACA,WAAO,OAAO,gCAAgC,KAAK,WAAW,KAAK,cAAc;AAAA,EACrF;AAAA,EAEA,IAAI,SAAS;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,UAAU;AACV,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,MAAM,aAA0B;AAClC,QAAI,KAAK,iBAAiB,OAAW,OAAM,IAAI,cAAc,sCAAsC;AACnG,QAAI,KAAK,gBAAgB,OAAW,OAAM,IAAI,cAAc,4BAA4B;AACxF,QAAI,KAAK,kBAAkB,OAAW,OAAM,IAAI,cAAc,0BAA0B;AACxF,QAAI,KAAK,cAAc,UAAa,KAAK,mBAAmB;AACxD,YAAM,IAAI,cAAc,0BAA0B;AACtD,QAAI,KAAK,2BAA2B,OAAW,OAAM,IAAI,cAAc,uCAAuC;AAC9G,QAAI,KAAK,qBAAqB,UAAa,KAAK,cAAc,UAAa,KAAK,YAAY;AACxF,YAAM,IAAI,cAAc,iCAAiC;AAE7D,SAAK,eAAe;AACpB,UAAM,aAAa,IAAI,WAAW,OAAO,GAAG;AAC5C,eAAW,YAAY,KAAK,SAAS;AACrC,UAAM,gBAAgB,MAAM,OAAO;AAAA,MAC/B,KAAK,eAAe,MAAM,CAAC;AAAA,MAC3B,WAAW,YAAY;AAAA,MACvB;AAAA,MACA;AAAA,IACJ;AAEA,WAAO,IAAI;AAAA,MACP,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL;AAAA,MACA,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA;AAAA,MACL,MAAM,OAAO,KAAK,KAAK,wBAAwB,eAAe,mBAAmB;AAAA,MACjF,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AAAA,IACT;AAAA,EACJ;AACJ;",
   "names": ["OperationalGroupKeySet"]
 }

package/dist/esm/fabric/FabricManager.d.ts CHANGED Viewed

@@ -29,6 +29,7 @@ export declare class FabricManager {
         added: Observable<[fabric: Fabric], void>;
         updated: Observable<[fabric: Fabric], void>;
         deleted: Observable<[fabric: Fabric], void>;
+        failsafeClosed: Observable<[], void>;
     };
     getNextFabricIndex(): FabricIndex;
     persistFabrics(): MaybePromise<void>;

package/dist/esm/fabric/FabricManager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"FabricManager.d.ts","sourceRoot":"","sources":["../../../src/fabric/FabricManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAiB,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAoB,MAAM,aAAa,CAAC;AAEvD,qDAAqD;AACrD,qBAAa,mBAAoB,SAAQ,WAAW;CAAG;AACvD,qBAAa,oBAAqB,SAAQ,WAAW;CAAG;AAExD,oBAAY,YAAY;IACpB,KAAK,IAAA;IACL,OAAO,IAAA;IACP,OAAO,IAAA;CACV;AAED,qBAAa,aAAa;;~~gBAWV~~,aAAa,EAAE,cAAc;IAInC,eAAe;IAOrB,IAAI,MAAM~~;;;;~~MAET;IAED,kBAAkB;IAWlB,cAAc,IAAI,YAAY,CAAC,IAAI,CAAC;IAWpC,SAAS,CAAC,MAAM,EAAE,MAAM;IAoBlB,YAAY,CAAC,WAAW,EAAE,WAAW;IAW3C,UAAU;IAIV,2BAA2B,CAAC,aAAa,EAAE,SAAS,EAAE,eAAe,EAAE,SAAS;IAUhF,aAAa,CAAC,OAAO,EAAE,GAAG;IASpB,YAAY,CAAC,MAAM,EAAE,MAAM;IAY3B,YAAY,CAAC,WAAW,EAAE,WAAW;CAO9C"}
1	+ {"version":3,"file":"FabricManager.d.ts","sourceRoot":"","sources":["../../../src/fabric/FabricManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAiB,WAAW,EAAmB,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,GAAG,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,MAAM,EAAoB,MAAM,aAAa,CAAC;AAEvD,qDAAqD;AACrD,qBAAa,mBAAoB,SAAQ,WAAW;CAAG;AACvD,qBAAa,oBAAqB,SAAQ,WAAW;CAAG;AAExD,oBAAY,YAAY;IACpB,KAAK,IAAA;IACL,OAAO,IAAA;IACP,OAAO,IAAA;CACV;AAED,qBAAa,aAAa;;gBAYV,aAAa,EAAE,cAAc;IAInC,eAAe;IAOrB,IAAI,MAAM;;;;;MAET;IAED,kBAAkB;IAWlB,cAAc,IAAI,YAAY,CAAC,IAAI,CAAC;IAWpC,SAAS,CAAC,MAAM,EAAE,MAAM;IAoBlB,YAAY,CAAC,WAAW,EAAE,WAAW;IAW3C,UAAU;IAIV,2BAA2B,CAAC,aAAa,EAAE,SAAS,EAAE,eAAe,EAAE,SAAS;IAUhF,aAAa,CAAC,OAAO,EAAE,GAAG;IASpB,YAAY,CAAC,MAAM,EAAE,MAAM;IAY3B,YAAY,CAAC,WAAW,EAAE,WAAW;CAO9C"}

package/dist/esm/fabric/FabricManager.js CHANGED Viewed

@@ -26,7 +26,8 @@ class FabricManager {
   #events = {
     added: Observable(),
     updated: Observable(),
-    deleted: Observable()
+    deleted: Observable(),
+    failsafeClosed: Observable()
   };
   constructor(fabricStorage) {
     this.#fabricStorage = fabricStorage;