@quantiya/codevibe-core 1.0.2 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -6
- package/bin/codevibe.js +1 -1
- package/dist/index.js +216 -67
- package/package.json +10 -10
- package/dist/appsync/appsync-client.d.ts +0 -132
- package/dist/appsync/appsync-client.js +0 -575
- package/dist/appsync/index.d.ts +0 -2
- package/dist/appsync/index.js +0 -10
- package/dist/appsync/queries.d.ts +0 -16
- package/dist/appsync/queries.js +0 -189
- package/dist/auth/auth-cli.d.ts +0 -5
- package/dist/auth/auth-cli.js +0 -217
- package/dist/auth/auth-service.d.ts +0 -53
- package/dist/auth/auth-service.js +0 -310
- package/dist/auth/index.d.ts +0 -2
- package/dist/auth/index.js +0 -9
- package/dist/config/config.d.ts +0 -53
- package/dist/config/config.js +0 -123
- package/dist/config/index.d.ts +0 -2
- package/dist/config/index.js +0 -8
- package/dist/crypto/crypto-service.d.ts +0 -118
- package/dist/crypto/crypto-service.js +0 -284
- package/dist/crypto/index.d.ts +0 -1
- package/dist/crypto/index.js +0 -9
- package/dist/index.d.ts +0 -14
- package/dist/keychain/index.d.ts +0 -1
- package/dist/keychain/index.js +0 -8
- package/dist/keychain/keychain-manager.d.ts +0 -125
- package/dist/keychain/keychain-manager.js +0 -375
- package/dist/logger/index.d.ts +0 -1
- package/dist/logger/index.js +0 -8
- package/dist/logger/logger.d.ts +0 -35
- package/dist/logger/logger.js +0 -142
- package/dist/prompt-parser.d.ts +0 -39
- package/dist/prompt-parser.js +0 -236
- package/dist/session/index.d.ts +0 -2
- package/dist/session/index.js +0 -7
- package/dist/session/session-resume.d.ts +0 -55
- package/dist/session/session-resume.js +0 -151
- package/dist/types/auth.d.ts +0 -15
- package/dist/types/auth.js +0 -3
- package/dist/types/encryption.d.ts +0 -54
- package/dist/types/encryption.js +0 -3
- package/dist/types/events.d.ts +0 -74
- package/dist/types/events.js +0 -28
- package/dist/types/index.d.ts +0 -4
- package/dist/types/index.js +0 -22
- package/dist/types/session.d.ts +0 -59
- package/dist/types/session.js +0 -22
|
@@ -1,118 +0,0 @@
|
|
|
1
|
-
import { EncryptedSessionKey, KeyPair } from '../types';
|
|
2
|
-
/**
|
|
3
|
-
* Error class for cryptographic operations
|
|
4
|
-
*/
|
|
5
|
-
export declare class CryptoError extends Error {
|
|
6
|
-
constructor(message: string);
|
|
7
|
-
}
|
|
8
|
-
/**
|
|
9
|
-
* Current encryption version for future algorithm upgrades
|
|
10
|
-
*/
|
|
11
|
-
export declare const ENCRYPTION_VERSION = 1;
|
|
12
|
-
/**
|
|
13
|
-
* Service for end-to-end encryption operations
|
|
14
|
-
*/
|
|
15
|
-
export declare class CryptoService {
|
|
16
|
-
private static instance;
|
|
17
|
-
private constructor();
|
|
18
|
-
static getInstance(): CryptoService;
|
|
19
|
-
/**
|
|
20
|
-
* Generate a new ECDH P-256 key pair
|
|
21
|
-
* @returns Object with privateKey (base64), publicKey (base64 raw)
|
|
22
|
-
*/
|
|
23
|
-
generateKeyPair(): KeyPair;
|
|
24
|
-
/**
|
|
25
|
-
* Generate a random 256-bit session key
|
|
26
|
-
* @returns Base64-encoded session key
|
|
27
|
-
*/
|
|
28
|
-
generateSessionKey(): string;
|
|
29
|
-
/**
|
|
30
|
-
* Derive a shared secret using ECDH and HKDF
|
|
31
|
-
* @param privateKeyBase64 Our private key (base64)
|
|
32
|
-
* @param publicKeyBase64 Other party's public key (base64)
|
|
33
|
-
* @returns 256-bit derived key as Buffer
|
|
34
|
-
*/
|
|
35
|
-
deriveSharedKey(privateKeyBase64: string, publicKeyBase64: string): Buffer;
|
|
36
|
-
/**
|
|
37
|
-
* Encrypt a session key for a target device using ECDH
|
|
38
|
-
* @param sessionKeyBase64 The session key to encrypt (base64)
|
|
39
|
-
* @param targetPublicKeyBase64 Target device's public key (base64)
|
|
40
|
-
* @returns EncryptedSessionKey containing encrypted key and ephemeral public key
|
|
41
|
-
*/
|
|
42
|
-
encryptSessionKey(sessionKeyBase64: string, targetPublicKeyBase64: string): Omit<EncryptedSessionKey, 'deviceId'>;
|
|
43
|
-
/**
|
|
44
|
-
* Decrypt a session key using our private key
|
|
45
|
-
* @param encryptedSessionKey The encrypted session key data
|
|
46
|
-
* @param privateKeyBase64 Our device's private key (base64)
|
|
47
|
-
* @returns Decrypted session key (base64)
|
|
48
|
-
*/
|
|
49
|
-
decryptSessionKey(encryptedSessionKey: EncryptedSessionKey, privateKeyBase64: string): string;
|
|
50
|
-
/**
|
|
51
|
-
* Encrypt content using AES-256-GCM
|
|
52
|
-
* @param content String content to encrypt
|
|
53
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
54
|
-
* @returns Base64-encoded ciphertext (nonce + ciphertext + tag)
|
|
55
|
-
*/
|
|
56
|
-
encryptContent(content: string, sessionKeyBase64: string): string;
|
|
57
|
-
/**
|
|
58
|
-
* Decrypt content using AES-256-GCM
|
|
59
|
-
* @param encryptedContent Base64-encoded ciphertext
|
|
60
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
61
|
-
* @returns Decrypted string content
|
|
62
|
-
*/
|
|
63
|
-
decryptContent(encryptedContent: string, sessionKeyBase64: string): string;
|
|
64
|
-
/**
|
|
65
|
-
* Encrypt JSON-serializable metadata
|
|
66
|
-
* @param metadata Object to encrypt
|
|
67
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
68
|
-
* @returns Base64-encoded encrypted JSON
|
|
69
|
-
*/
|
|
70
|
-
encryptMetadata(metadata: Record<string, any>, sessionKeyBase64: string): string;
|
|
71
|
-
/**
|
|
72
|
-
* Decrypt encrypted metadata
|
|
73
|
-
* @param encryptedMetadata Base64-encoded encrypted JSON
|
|
74
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
75
|
-
* @returns Decrypted object
|
|
76
|
-
*/
|
|
77
|
-
decryptMetadata(encryptedMetadata: string, sessionKeyBase64: string): Record<string, any>;
|
|
78
|
-
/**
|
|
79
|
-
* Encrypt binary data using AES-256-GCM
|
|
80
|
-
* @param data Binary data to encrypt (Buffer)
|
|
81
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
82
|
-
* @returns Encrypted data (Buffer containing nonce + ciphertext + tag)
|
|
83
|
-
*/
|
|
84
|
-
encryptData(data: Buffer, sessionKeyBase64: string): Buffer;
|
|
85
|
-
/**
|
|
86
|
-
* Decrypt binary data using AES-256-GCM
|
|
87
|
-
* @param encryptedData Encrypted data (Buffer containing nonce + ciphertext + tag)
|
|
88
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
89
|
-
* @returns Decrypted binary data (Buffer)
|
|
90
|
-
*/
|
|
91
|
-
decryptData(encryptedData: Buffer, sessionKeyBase64: string): Buffer;
|
|
92
|
-
/**
|
|
93
|
-
* Encrypt data using AES-256-GCM
|
|
94
|
-
* @param data Data to encrypt
|
|
95
|
-
* @param key Symmetric key (32 bytes)
|
|
96
|
-
* @returns Combined nonce + ciphertext + tag
|
|
97
|
-
*/
|
|
98
|
-
private encrypt;
|
|
99
|
-
/**
|
|
100
|
-
* Decrypt data using AES-256-GCM
|
|
101
|
-
* @param data Combined nonce + ciphertext + tag
|
|
102
|
-
* @param key Symmetric key (32 bytes)
|
|
103
|
-
* @returns Decrypted data
|
|
104
|
-
*/
|
|
105
|
-
private decrypt;
|
|
106
|
-
/**
|
|
107
|
-
* Serialize a private key for storage
|
|
108
|
-
*/
|
|
109
|
-
serializePrivateKey(privateKeyBase64: string): string;
|
|
110
|
-
/**
|
|
111
|
-
* Deserialize a private key from storage
|
|
112
|
-
*/
|
|
113
|
-
deserializePrivateKey(base64: string): string;
|
|
114
|
-
}
|
|
115
|
-
/**
|
|
116
|
-
* Export singleton instance
|
|
117
|
-
*/
|
|
118
|
-
export declare const cryptoService: CryptoService;
|
|
@@ -1,284 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
//
|
|
3
|
-
// crypto-service.ts
|
|
4
|
-
// CodeVibe Core
|
|
5
|
-
//
|
|
6
|
-
// End-to-end encryption service using ECDH P-256 and AES-256-GCM
|
|
7
|
-
//
|
|
8
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
9
|
-
if (k2 === undefined) k2 = k;
|
|
10
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
-
}
|
|
14
|
-
Object.defineProperty(o, k2, desc);
|
|
15
|
-
}) : (function(o, m, k, k2) {
|
|
16
|
-
if (k2 === undefined) k2 = k;
|
|
17
|
-
o[k2] = m[k];
|
|
18
|
-
}));
|
|
19
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
-
}) : function(o, v) {
|
|
22
|
-
o["default"] = v;
|
|
23
|
-
});
|
|
24
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
-
var ownKeys = function(o) {
|
|
26
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
-
var ar = [];
|
|
28
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
-
return ar;
|
|
30
|
-
};
|
|
31
|
-
return ownKeys(o);
|
|
32
|
-
};
|
|
33
|
-
return function (mod) {
|
|
34
|
-
if (mod && mod.__esModule) return mod;
|
|
35
|
-
var result = {};
|
|
36
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
-
__setModuleDefault(result, mod);
|
|
38
|
-
return result;
|
|
39
|
-
};
|
|
40
|
-
})();
|
|
41
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
exports.cryptoService = exports.CryptoService = exports.ENCRYPTION_VERSION = exports.CryptoError = void 0;
|
|
43
|
-
const crypto = __importStar(require("crypto"));
|
|
44
|
-
/**
|
|
45
|
-
* Error class for cryptographic operations
|
|
46
|
-
*/
|
|
47
|
-
class CryptoError extends Error {
|
|
48
|
-
constructor(message) {
|
|
49
|
-
super(message);
|
|
50
|
-
this.name = 'CryptoError';
|
|
51
|
-
}
|
|
52
|
-
}
|
|
53
|
-
exports.CryptoError = CryptoError;
|
|
54
|
-
/**
|
|
55
|
-
* Current encryption version for future algorithm upgrades
|
|
56
|
-
*/
|
|
57
|
-
exports.ENCRYPTION_VERSION = 1;
|
|
58
|
-
/**
|
|
59
|
-
* HKDF info string for key derivation
|
|
60
|
-
*/
|
|
61
|
-
const HKDF_INFO = 'CodeVibe E2E v1';
|
|
62
|
-
/**
|
|
63
|
-
* Service for end-to-end encryption operations
|
|
64
|
-
*/
|
|
65
|
-
class CryptoService {
|
|
66
|
-
constructor() { }
|
|
67
|
-
static getInstance() {
|
|
68
|
-
if (!CryptoService.instance) {
|
|
69
|
-
CryptoService.instance = new CryptoService();
|
|
70
|
-
}
|
|
71
|
-
return CryptoService.instance;
|
|
72
|
-
}
|
|
73
|
-
// MARK: - Key Generation
|
|
74
|
-
/**
|
|
75
|
-
* Generate a new ECDH P-256 key pair
|
|
76
|
-
* @returns Object with privateKey (base64), publicKey (base64 raw)
|
|
77
|
-
*/
|
|
78
|
-
generateKeyPair() {
|
|
79
|
-
const ecdh = crypto.createECDH('prime256v1');
|
|
80
|
-
ecdh.generateKeys();
|
|
81
|
-
// Get raw public key (uncompressed format without 0x04 prefix for compatibility)
|
|
82
|
-
const publicKeyRaw = ecdh.getPublicKey();
|
|
83
|
-
const publicKeyBase64 = publicKeyRaw.subarray(1).toString('base64'); // Skip 0x04 prefix
|
|
84
|
-
// Get private key as raw bytes
|
|
85
|
-
const privateKeyRaw = ecdh.getPrivateKey();
|
|
86
|
-
const privateKeyBase64 = privateKeyRaw.toString('base64');
|
|
87
|
-
return {
|
|
88
|
-
privateKey: privateKeyBase64,
|
|
89
|
-
publicKey: publicKeyBase64,
|
|
90
|
-
};
|
|
91
|
-
}
|
|
92
|
-
/**
|
|
93
|
-
* Generate a random 256-bit session key
|
|
94
|
-
* @returns Base64-encoded session key
|
|
95
|
-
*/
|
|
96
|
-
generateSessionKey() {
|
|
97
|
-
const keyData = crypto.randomBytes(32); // 256 bits
|
|
98
|
-
return keyData.toString('base64');
|
|
99
|
-
}
|
|
100
|
-
// MARK: - Key Derivation
|
|
101
|
-
/**
|
|
102
|
-
* Derive a shared secret using ECDH and HKDF
|
|
103
|
-
* @param privateKeyBase64 Our private key (base64)
|
|
104
|
-
* @param publicKeyBase64 Other party's public key (base64)
|
|
105
|
-
* @returns 256-bit derived key as Buffer
|
|
106
|
-
*/
|
|
107
|
-
deriveSharedKey(privateKeyBase64, publicKeyBase64) {
|
|
108
|
-
try {
|
|
109
|
-
const ecdh = crypto.createECDH('prime256v1');
|
|
110
|
-
const privateKeyRaw = Buffer.from(privateKeyBase64, 'base64');
|
|
111
|
-
ecdh.setPrivateKey(privateKeyRaw);
|
|
112
|
-
// Add 0x04 prefix for uncompressed public key format
|
|
113
|
-
const publicKeyRaw = Buffer.concat([
|
|
114
|
-
Buffer.from([0x04]),
|
|
115
|
-
Buffer.from(publicKeyBase64, 'base64'),
|
|
116
|
-
]);
|
|
117
|
-
const sharedSecret = ecdh.computeSecret(publicKeyRaw);
|
|
118
|
-
// Derive key using HKDF-SHA256
|
|
119
|
-
const derivedKey = crypto.hkdfSync('sha256', sharedSecret, Buffer.alloc(0), // Empty salt
|
|
120
|
-
Buffer.from(HKDF_INFO, 'utf8'), 32 // 256 bits
|
|
121
|
-
);
|
|
122
|
-
return Buffer.from(derivedKey);
|
|
123
|
-
}
|
|
124
|
-
catch (error) {
|
|
125
|
-
throw new CryptoError(`Failed to derive shared key: ${error}`);
|
|
126
|
-
}
|
|
127
|
-
}
|
|
128
|
-
// MARK: - Session Key Encryption
|
|
129
|
-
/**
|
|
130
|
-
* Encrypt a session key for a target device using ECDH
|
|
131
|
-
* @param sessionKeyBase64 The session key to encrypt (base64)
|
|
132
|
-
* @param targetPublicKeyBase64 Target device's public key (base64)
|
|
133
|
-
* @returns EncryptedSessionKey containing encrypted key and ephemeral public key
|
|
134
|
-
*/
|
|
135
|
-
encryptSessionKey(sessionKeyBase64, targetPublicKeyBase64) {
|
|
136
|
-
// Generate ephemeral key pair for this encryption
|
|
137
|
-
const ephemeralKeyPair = this.generateKeyPair();
|
|
138
|
-
// Derive shared key using ephemeral private + target public
|
|
139
|
-
const sharedKey = this.deriveSharedKey(ephemeralKeyPair.privateKey, targetPublicKeyBase64);
|
|
140
|
-
// Encrypt session key with derived key
|
|
141
|
-
const sessionKeyData = Buffer.from(sessionKeyBase64, 'base64');
|
|
142
|
-
const encryptedData = this.encrypt(sessionKeyData, sharedKey);
|
|
143
|
-
return {
|
|
144
|
-
encryptedKey: encryptedData.toString('base64'),
|
|
145
|
-
ephemeralPublicKey: ephemeralKeyPair.publicKey,
|
|
146
|
-
};
|
|
147
|
-
}
|
|
148
|
-
/**
|
|
149
|
-
* Decrypt a session key using our private key
|
|
150
|
-
* @param encryptedSessionKey The encrypted session key data
|
|
151
|
-
* @param privateKeyBase64 Our device's private key (base64)
|
|
152
|
-
* @returns Decrypted session key (base64)
|
|
153
|
-
*/
|
|
154
|
-
decryptSessionKey(encryptedSessionKey, privateKeyBase64) {
|
|
155
|
-
// Derive shared key using our private + ephemeral public
|
|
156
|
-
const sharedKey = this.deriveSharedKey(privateKeyBase64, encryptedSessionKey.ephemeralPublicKey);
|
|
157
|
-
// Decrypt session key
|
|
158
|
-
const encryptedData = Buffer.from(encryptedSessionKey.encryptedKey, 'base64');
|
|
159
|
-
const decryptedData = this.decrypt(encryptedData, sharedKey);
|
|
160
|
-
return decryptedData.toString('base64');
|
|
161
|
-
}
|
|
162
|
-
// MARK: - Content Encryption/Decryption
|
|
163
|
-
/**
|
|
164
|
-
* Encrypt content using AES-256-GCM
|
|
165
|
-
* @param content String content to encrypt
|
|
166
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
167
|
-
* @returns Base64-encoded ciphertext (nonce + ciphertext + tag)
|
|
168
|
-
*/
|
|
169
|
-
encryptContent(content, sessionKeyBase64) {
|
|
170
|
-
const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
|
|
171
|
-
const contentData = Buffer.from(content, 'utf8');
|
|
172
|
-
const encryptedData = this.encrypt(contentData, sessionKey);
|
|
173
|
-
return encryptedData.toString('base64');
|
|
174
|
-
}
|
|
175
|
-
/**
|
|
176
|
-
* Decrypt content using AES-256-GCM
|
|
177
|
-
* @param encryptedContent Base64-encoded ciphertext
|
|
178
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
179
|
-
* @returns Decrypted string content
|
|
180
|
-
*/
|
|
181
|
-
decryptContent(encryptedContent, sessionKeyBase64) {
|
|
182
|
-
const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
|
|
183
|
-
const encryptedData = Buffer.from(encryptedContent, 'base64');
|
|
184
|
-
const decryptedData = this.decrypt(encryptedData, sessionKey);
|
|
185
|
-
return decryptedData.toString('utf8');
|
|
186
|
-
}
|
|
187
|
-
/**
|
|
188
|
-
* Encrypt JSON-serializable metadata
|
|
189
|
-
* @param metadata Object to encrypt
|
|
190
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
191
|
-
* @returns Base64-encoded encrypted JSON
|
|
192
|
-
*/
|
|
193
|
-
encryptMetadata(metadata, sessionKeyBase64) {
|
|
194
|
-
const jsonString = JSON.stringify(metadata);
|
|
195
|
-
return this.encryptContent(jsonString, sessionKeyBase64);
|
|
196
|
-
}
|
|
197
|
-
/**
|
|
198
|
-
* Decrypt encrypted metadata
|
|
199
|
-
* @param encryptedMetadata Base64-encoded encrypted JSON
|
|
200
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
201
|
-
* @returns Decrypted object
|
|
202
|
-
*/
|
|
203
|
-
decryptMetadata(encryptedMetadata, sessionKeyBase64) {
|
|
204
|
-
const jsonString = this.decryptContent(encryptedMetadata, sessionKeyBase64);
|
|
205
|
-
return JSON.parse(jsonString);
|
|
206
|
-
}
|
|
207
|
-
// MARK: - Binary Data Encryption (for attachments)
|
|
208
|
-
/**
|
|
209
|
-
* Encrypt binary data using AES-256-GCM
|
|
210
|
-
* @param data Binary data to encrypt (Buffer)
|
|
211
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
212
|
-
* @returns Encrypted data (Buffer containing nonce + ciphertext + tag)
|
|
213
|
-
*/
|
|
214
|
-
encryptData(data, sessionKeyBase64) {
|
|
215
|
-
const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
|
|
216
|
-
return this.encrypt(data, sessionKey);
|
|
217
|
-
}
|
|
218
|
-
/**
|
|
219
|
-
* Decrypt binary data using AES-256-GCM
|
|
220
|
-
* @param encryptedData Encrypted data (Buffer containing nonce + ciphertext + tag)
|
|
221
|
-
* @param sessionKeyBase64 Session key (base64)
|
|
222
|
-
* @returns Decrypted binary data (Buffer)
|
|
223
|
-
*/
|
|
224
|
-
decryptData(encryptedData, sessionKeyBase64) {
|
|
225
|
-
const sessionKey = Buffer.from(sessionKeyBase64, 'base64');
|
|
226
|
-
return this.decrypt(encryptedData, sessionKey);
|
|
227
|
-
}
|
|
228
|
-
// MARK: - Low-level Encryption
|
|
229
|
-
/**
|
|
230
|
-
* Encrypt data using AES-256-GCM
|
|
231
|
-
* @param data Data to encrypt
|
|
232
|
-
* @param key Symmetric key (32 bytes)
|
|
233
|
-
* @returns Combined nonce + ciphertext + tag
|
|
234
|
-
*/
|
|
235
|
-
encrypt(data, key) {
|
|
236
|
-
// Generate random 12-byte nonce (IV)
|
|
237
|
-
const nonce = crypto.randomBytes(12);
|
|
238
|
-
const cipher = crypto.createCipheriv('aes-256-gcm', key, nonce);
|
|
239
|
-
const ciphertext = Buffer.concat([cipher.update(data), cipher.final()]);
|
|
240
|
-
const tag = cipher.getAuthTag();
|
|
241
|
-
// Combine: nonce (12 bytes) + ciphertext + tag (16 bytes)
|
|
242
|
-
return Buffer.concat([nonce, ciphertext, tag]);
|
|
243
|
-
}
|
|
244
|
-
/**
|
|
245
|
-
* Decrypt data using AES-256-GCM
|
|
246
|
-
* @param data Combined nonce + ciphertext + tag
|
|
247
|
-
* @param key Symmetric key (32 bytes)
|
|
248
|
-
* @returns Decrypted data
|
|
249
|
-
*/
|
|
250
|
-
decrypt(data, key) {
|
|
251
|
-
// Extract: nonce (12 bytes) + ciphertext + tag (16 bytes)
|
|
252
|
-
const nonce = data.subarray(0, 12);
|
|
253
|
-
const tag = data.subarray(data.length - 16);
|
|
254
|
-
const ciphertext = data.subarray(12, data.length - 16);
|
|
255
|
-
const decipher = crypto.createDecipheriv('aes-256-gcm', key, nonce);
|
|
256
|
-
decipher.setAuthTag(tag);
|
|
257
|
-
try {
|
|
258
|
-
const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
|
|
259
|
-
return decrypted;
|
|
260
|
-
}
|
|
261
|
-
catch (error) {
|
|
262
|
-
throw new CryptoError('Decryption failed: Invalid ciphertext or authentication tag');
|
|
263
|
-
}
|
|
264
|
-
}
|
|
265
|
-
// MARK: - Key Serialization
|
|
266
|
-
/**
|
|
267
|
-
* Serialize a private key for storage
|
|
268
|
-
*/
|
|
269
|
-
serializePrivateKey(privateKeyBase64) {
|
|
270
|
-
return privateKeyBase64;
|
|
271
|
-
}
|
|
272
|
-
/**
|
|
273
|
-
* Deserialize a private key from storage
|
|
274
|
-
*/
|
|
275
|
-
deserializePrivateKey(base64) {
|
|
276
|
-
return base64;
|
|
277
|
-
}
|
|
278
|
-
}
|
|
279
|
-
exports.CryptoService = CryptoService;
|
|
280
|
-
/**
|
|
281
|
-
* Export singleton instance
|
|
282
|
-
*/
|
|
283
|
-
exports.cryptoService = CryptoService.getInstance();
|
|
284
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3J5cHRvLXNlcnZpY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY3J5cHRvL2NyeXB0by1zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSxFQUFFO0FBQ0Ysb0JBQW9CO0FBQ3BCLGdCQUFnQjtBQUNoQixFQUFFO0FBQ0YsaUVBQWlFO0FBQ2pFLEVBQUU7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUVGLCtDQUFpQztBQUdqQzs7R0FFRztBQUNILE1BQWEsV0FBWSxTQUFRLEtBQUs7SUFDcEMsWUFBWSxPQUFlO1FBQ3pCLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNmLElBQUksQ0FBQyxJQUFJLEdBQUcsYUFBYSxDQUFDO0lBQzVCLENBQUM7Q0FDRjtBQUxELGtDQUtDO0FBRUQ7O0dBRUc7QUFDVSxRQUFBLGtCQUFrQixHQUFHLENBQUMsQ0FBQztBQUVwQzs7R0FFRztBQUNILE1BQU0sU0FBUyxHQUFHLGlCQUFpQixDQUFDO0FBRXBDOztHQUVHO0FBQ0gsTUFBYSxhQUFhO0lBR3hCLGdCQUF1QixDQUFDO0lBRXhCLE1BQU0sQ0FBQyxXQUFXO1FBQ2hCLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDNUIsYUFBYSxDQUFDLFFBQVEsR0FBRyxJQUFJLGFBQWEsRUFBRSxDQUFDO1FBQy9DLENBQUM7UUFDRCxPQUFPLGFBQWEsQ0FBQyxRQUFRLENBQUM7SUFDaEMsQ0FBQztJQUVELHlCQUF5QjtJQUV6Qjs7O09BR0c7SUFDSCxlQUFlO1FBQ2IsTUFBTSxJQUFJLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUM3QyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7UUFFcEIsaUZBQWlGO1FBQ2pGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUN6QyxNQUFNLGVBQWUsR0FBRyxZQUFZLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLG1CQUFtQjtRQUV4RiwrQkFBK0I7UUFDL0IsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1FBQzNDLE1BQU0sZ0JBQWdCLEdBQUcsYUFBYSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUUxRCxPQUFPO1lBQ0wsVUFBVSxFQUFFLGdCQUFnQjtZQUM1QixTQUFTLEVBQUUsZUFBZTtTQUMzQixDQUFDO0lBQ0osQ0FBQztJQUVEOzs7T0FHRztJQUNILGtCQUFrQjtRQUNoQixNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsV0FBVztRQUNuRCxPQUFPLE9BQU8sQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVELHlCQUF5QjtJQUV6Qjs7Ozs7T0FLRztJQUNILGVBQWUsQ0FBQyxnQkFBd0IsRUFBRSxlQUF1QjtRQUMvRCxJQUFJLENBQUM7WUFDSCxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQzdDLE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLENBQUM7WUFDOUQsSUFBSSxDQUFDLGFBQWEsQ0FBQyxhQUFhLENBQUMsQ0FBQztZQUVsQyxxREFBcUQ7WUFDckQsTUFBTSxZQUFZLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQztnQkFDakMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNuQixNQUFNLENBQUMsSUFBSSxDQUFDLGVBQWUsRUFBRSxRQUFRLENBQUM7YUFDdkMsQ0FBQyxDQUFDO1lBRUgsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLENBQUMsQ0FBQztZQUV0RCwrQkFBK0I7WUFDL0IsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FDaEMsUUFBUSxFQUNSLFlBQVksRUFDWixNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxFQUFFLGFBQWE7WUFDOUIsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsTUFBTSxDQUFDLEVBQzlCLEVBQUUsQ0FBQyxXQUFXO2FBQ2YsQ0FBQztZQUVGLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUNqQyxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sSUFBSSxXQUFXLENBQUMsZ0NBQWdDLEtBQUssRUFBRSxDQUFDLENBQUM7UUFDakUsQ0FBQztJQUNILENBQUM7SUFFRCxpQ0FBaUM7SUFFakM7Ozs7O09BS0c7SUFDSCxpQkFBaUIsQ0FDZixnQkFBd0IsRUFDeEIscUJBQTZCO1FBRTdCLGtEQUFrRDtRQUNsRCxNQUFNLGdCQUFnQixHQUFHLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztRQUVoRCw0REFBNEQ7UUFDNUQsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FDcEMsZ0JBQWdCLENBQUMsVUFBVSxFQUMzQixxQkFBcUIsQ0FDdEIsQ0FBQztRQUVGLHVDQUF1QztRQUN2QyxNQUFNLGNBQWMsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQy9ELE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBRTlELE9BQU87WUFDTCxZQUFZLEVBQUUsYUFBYSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7WUFDOUMsa0JBQWtCLEVBQUUsZ0JBQWdCLENBQUMsU0FBUztTQUMvQyxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsaUJBQWlCLENBQ2YsbUJBQXdDLEVBQ3hDLGdCQUF3QjtRQUV4Qix5REFBeUQ7UUFDekQsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGVBQWUsQ0FDcEMsZ0JBQWdCLEVBQ2hCLG1CQUFtQixDQUFDLGtCQUFrQixDQUN2QyxDQUFDO1FBRUYsc0JBQXNCO1FBQ3RCLE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQzlFLE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsYUFBYSxFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBRTdELE9BQU8sYUFBYSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBRUQsd0NBQXdDO0lBRXhDOzs7OztPQUtHO0lBQ0gsY0FBYyxDQUFDLE9BQWUsRUFBRSxnQkFBd0I7UUFDdEQsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsQ0FBQztRQUMzRCxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztRQUNqRCxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUM1RCxPQUFPLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDMUMsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsY0FBYyxDQUFDLGdCQUF3QixFQUFFLGdCQUF3QjtRQUMvRCxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQzNELE1BQU0sYUFBYSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDOUQsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDOUQsT0FBTyxhQUFhLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILGVBQWUsQ0FDYixRQUE2QixFQUM3QixnQkFBd0I7UUFFeEIsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUM1QyxPQUFPLElBQUksQ0FBQyxjQUFjLENBQUMsVUFBVSxFQUFFLGdCQUFnQixDQUFDLENBQUM7SUFDM0QsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsZUFBZSxDQUNiLGlCQUF5QixFQUN6QixnQkFBd0I7UUFFeEIsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGNBQWMsQ0FBQyxpQkFBaUIsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO1FBQzVFLE9BQU8sSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQsbURBQW1EO0lBRW5EOzs7OztPQUtHO0lBQ0gsV0FBVyxDQUFDLElBQVksRUFBRSxnQkFBd0I7UUFDaEQsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsQ0FBQztRQUMzRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILFdBQVcsQ0FBQyxhQUFxQixFQUFFLGdCQUF3QjtRQUN6RCxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQzNELE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxhQUFhLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDakQsQ0FBQztJQUVELCtCQUErQjtJQUUvQjs7Ozs7T0FLRztJQUNLLE9BQU8sQ0FBQyxJQUFZLEVBQUUsR0FBVztRQUN2QyxxQ0FBcUM7UUFDckMsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUVyQyxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsY0FBYyxDQUFDLGFBQWEsRUFBRSxHQUFHLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDaEUsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEVBQUUsTUFBTSxDQUFDLEtBQUssRUFBRSxDQUFDLENBQUMsQ0FBQztRQUN4RSxNQUFNLEdBQUcsR0FBRyxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFaEMsMERBQTBEO1FBQzFELE9BQU8sTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEtBQUssRUFBRSxVQUFVLEVBQUUsR0FBRyxDQUFDLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSyxPQUFPLENBQUMsSUFBWSxFQUFFLEdBQVc7UUFDdkMsMERBQTBEO1FBQzFELE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQ25DLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyxFQUFFLENBQUMsQ0FBQztRQUM1QyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsRUFBRSxJQUFJLENBQUMsTUFBTSxHQUFHLEVBQUUsQ0FBQyxDQUFDO1FBRXZELE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxhQUFhLEVBQUUsR0FBRyxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ3BFLFFBQVEsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFekIsSUFBSSxDQUFDO1lBQ0gsTUFBTSxTQUFTLEdBQUcsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLEVBQUUsUUFBUSxDQUFDLEtBQUssRUFBRSxDQUFDLENBQUMsQ0FBQztZQUNqRixPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sSUFBSSxXQUFXLENBQUMsNkRBQTZELENBQUMsQ0FBQztRQUN2RixDQUFDO0lBQ0gsQ0FBQztJQUVELDRCQUE0QjtJQUU1Qjs7T0FFRztJQUNILG1CQUFtQixDQUFDLGdCQUF3QjtRQUMxQyxPQUFPLGdCQUFnQixDQUFDO0lBQzFCLENBQUM7SUFFRDs7T0FFRztJQUNILHFCQUFxQixDQUFDLE1BQWM7UUFDbEMsT0FBTyxNQUFNLENBQUM7SUFDaEIsQ0FBQztDQUNGO0FBbFJELHNDQWtSQztBQUVEOztHQUVHO0FBQ1UsUUFBQSxhQUFhLEdBQUcsYUFBYSxDQUFDLFdBQVcsRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLy9cbi8vIGNyeXB0by1zZXJ2aWNlLnRzXG4vLyBDb2RlVmliZSBDb3JlXG4vL1xuLy8gRW5kLXRvLWVuZCBlbmNyeXB0aW9uIHNlcnZpY2UgdXNpbmcgRUNESCBQLTI1NiBhbmQgQUVTLTI1Ni1HQ01cbi8vXG5cbmltcG9ydCAqIGFzIGNyeXB0byBmcm9tICdjcnlwdG8nO1xuaW1wb3J0IHsgRW5jcnlwdGVkU2Vzc2lvbktleSwgS2V5UGFpciB9IGZyb20gJy4uL3R5cGVzJztcblxuLyoqXG4gKiBFcnJvciBjbGFzcyBmb3IgY3J5cHRvZ3JhcGhpYyBvcGVyYXRpb25zXG4gKi9cbmV4cG9ydCBjbGFzcyBDcnlwdG9FcnJvciBleHRlbmRzIEVycm9yIHtcbiAgY29uc3RydWN0b3IobWVzc2FnZTogc3RyaW5nKSB7XG4gICAgc3VwZXIobWVzc2FnZSk7XG4gICAgdGhpcy5uYW1lID0gJ0NyeXB0b0Vycm9yJztcbiAgfVxufVxuXG4vKipcbiAqIEN1cnJlbnQgZW5jcnlwdGlvbiB2ZXJzaW9uIGZvciBmdXR1cmUgYWxnb3JpdGhtIHVwZ3JhZGVzXG4gKi9cbmV4cG9ydCBjb25zdCBFTkNSWVBUSU9OX1ZFUlNJT04gPSAxO1xuXG4vKipcbiAqIEhLREYgaW5mbyBzdHJpbmcgZm9yIGtleSBkZXJpdmF0aW9uXG4gKi9cbmNvbnN0IEhLREZfSU5GTyA9ICdDb2RlVmliZSBFMkUgdjEnO1xuXG4vKipcbiAqIFNlcnZpY2UgZm9yIGVuZC10by1lbmQgZW5jcnlwdGlvbiBvcGVyYXRpb25zXG4gKi9cbmV4cG9ydCBjbGFzcyBDcnlwdG9TZXJ2aWNlIHtcbiAgcHJpdmF0ZSBzdGF0aWMgaW5zdGFuY2U6IENyeXB0b1NlcnZpY2U7XG5cbiAgcHJpdmF0ZSBjb25zdHJ1Y3RvcigpIHt9XG5cbiAgc3RhdGljIGdldEluc3RhbmNlKCk6IENyeXB0b1NlcnZpY2Uge1xuICAgIGlmICghQ3J5cHRvU2VydmljZS5pbnN0YW5jZSkge1xuICAgICAgQ3J5cHRvU2VydmljZS5pbnN0YW5jZSA9IG5ldyBDcnlwdG9TZXJ2aWNlKCk7XG4gICAgfVxuICAgIHJldHVybiBDcnlwdG9TZXJ2aWNlLmluc3RhbmNlO1xuICB9XG5cbiAgLy8gTUFSSzogLSBLZXkgR2VuZXJhdGlvblxuXG4gIC8qKlxuICAgKiBHZW5lcmF0ZSBhIG5ldyBFQ0RIIFAtMjU2IGtleSBwYWlyXG4gICAqIEByZXR1cm5zIE9iamVjdCB3aXRoIHByaXZhdGVLZXkgKGJhc2U2NCksIHB1YmxpY0tleSAoYmFzZTY0IHJhdylcbiAgICovXG4gIGdlbmVyYXRlS2V5UGFpcigpOiBLZXlQYWlyIHtcbiAgICBjb25zdCBlY2RoID0gY3J5cHRvLmNyZWF0ZUVDREgoJ3ByaW1lMjU2djEnKTtcbiAgICBlY2RoLmdlbmVyYXRlS2V5cygpO1xuXG4gICAgLy8gR2V0IHJhdyBwdWJsaWMga2V5ICh1bmNvbXByZXNzZWQgZm9ybWF0IHdpdGhvdXQgMHgwNCBwcmVmaXggZm9yIGNvbXBhdGliaWxpdHkpXG4gICAgY29uc3QgcHVibGljS2V5UmF3ID0gZWNkaC5nZXRQdWJsaWNLZXkoKTtcbiAgICBjb25zdCBwdWJsaWNLZXlCYXNlNjQgPSBwdWJsaWNLZXlSYXcuc3ViYXJyYXkoMSkudG9TdHJpbmcoJ2Jhc2U2NCcpOyAvLyBTa2lwIDB4MDQgcHJlZml4XG5cbiAgICAvLyBHZXQgcHJpdmF0ZSBrZXkgYXMgcmF3IGJ5dGVzXG4gICAgY29uc3QgcHJpdmF0ZUtleVJhdyA9IGVjZGguZ2V0UHJpdmF0ZUtleSgpO1xuICAgIGNvbnN0IHByaXZhdGVLZXlCYXNlNjQgPSBwcml2YXRlS2V5UmF3LnRvU3RyaW5nKCdiYXNlNjQnKTtcblxuICAgIHJldHVybiB7XG4gICAgICBwcml2YXRlS2V5OiBwcml2YXRlS2V5QmFzZTY0LFxuICAgICAgcHVibGljS2V5OiBwdWJsaWNLZXlCYXNlNjQsXG4gICAgfTtcbiAgfVxuXG4gIC8qKlxuICAgKiBHZW5lcmF0ZSBhIHJhbmRvbSAyNTYtYml0IHNlc3Npb24ga2V5XG4gICAqIEByZXR1cm5zIEJhc2U2NC1lbmNvZGVkIHNlc3Npb24ga2V5XG4gICAqL1xuICBnZW5lcmF0ZVNlc3Npb25LZXkoKTogc3RyaW5nIHtcbiAgICBjb25zdCBrZXlEYXRhID0gY3J5cHRvLnJhbmRvbUJ5dGVzKDMyKTsgLy8gMjU2IGJpdHNcbiAgICByZXR1cm4ga2V5RGF0YS50b1N0cmluZygnYmFzZTY0Jyk7XG4gIH1cblxuICAvLyBNQVJLOiAtIEtleSBEZXJpdmF0aW9uXG5cbiAgLyoqXG4gICAqIERlcml2ZSBhIHNoYXJlZCBzZWNyZXQgdXNpbmcgRUNESCBhbmQgSEtERlxuICAgKiBAcGFyYW0gcHJpdmF0ZUtleUJhc2U2NCBPdXIgcHJpdmF0ZSBrZXkgKGJhc2U2NClcbiAgICogQHBhcmFtIHB1YmxpY0tleUJhc2U2NCBPdGhlciBwYXJ0eSdzIHB1YmxpYyBrZXkgKGJhc2U2NClcbiAgICogQHJldHVybnMgMjU2LWJpdCBkZXJpdmVkIGtleSBhcyBCdWZmZXJcbiAgICovXG4gIGRlcml2ZVNoYXJlZEtleShwcml2YXRlS2V5QmFzZTY0OiBzdHJpbmcsIHB1YmxpY0tleUJhc2U2NDogc3RyaW5nKTogQnVmZmVyIHtcbiAgICB0cnkge1xuICAgICAgY29uc3QgZWNkaCA9IGNyeXB0by5jcmVhdGVFQ0RIKCdwcmltZTI1NnYxJyk7XG4gICAgICBjb25zdCBwcml2YXRlS2V5UmF3ID0gQnVmZmVyLmZyb20ocHJpdmF0ZUtleUJhc2U2NCwgJ2Jhc2U2NCcpO1xuICAgICAgZWNkaC5zZXRQcml2YXRlS2V5KHByaXZhdGVLZXlSYXcpO1xuXG4gICAgICAvLyBBZGQgMHgwNCBwcmVmaXggZm9yIHVuY29tcHJlc3NlZCBwdWJsaWMga2V5IGZvcm1hdFxuICAgICAgY29uc3QgcHVibGljS2V5UmF3ID0gQnVmZmVyLmNvbmNhdChbXG4gICAgICAgIEJ1ZmZlci5mcm9tKFsweDA0XSksXG4gICAgICAgIEJ1ZmZlci5mcm9tKHB1YmxpY0tleUJhc2U2NCwgJ2Jhc2U2NCcpLFxuICAgICAgXSk7XG5cbiAgICAgIGNvbnN0IHNoYXJlZFNlY3JldCA9IGVjZGguY29tcHV0ZVNlY3JldChwdWJsaWNLZXlSYXcpO1xuXG4gICAgICAvLyBEZXJpdmUga2V5IHVzaW5nIEhLREYtU0hBMjU2XG4gICAgICBjb25zdCBkZXJpdmVkS2V5ID0gY3J5cHRvLmhrZGZTeW5jKFxuICAgICAgICAnc2hhMjU2JyxcbiAgICAgICAgc2hhcmVkU2VjcmV0LFxuICAgICAgICBCdWZmZXIuYWxsb2MoMCksIC8vIEVtcHR5IHNhbHRcbiAgICAgICAgQnVmZmVyLmZyb20oSEtERl9JTkZPLCAndXRmOCcpLFxuICAgICAgICAzMiAvLyAyNTYgYml0c1xuICAgICAgKTtcblxuICAgICAgcmV0dXJuIEJ1ZmZlci5mcm9tKGRlcml2ZWRLZXkpO1xuICAgIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgICB0aHJvdyBuZXcgQ3J5cHRvRXJyb3IoYEZhaWxlZCB0byBkZXJpdmUgc2hhcmVkIGtleTogJHtlcnJvcn1gKTtcbiAgICB9XG4gIH1cblxuICAvLyBNQVJLOiAtIFNlc3Npb24gS2V5IEVuY3J5cHRpb25cblxuICAvKipcbiAgICogRW5jcnlwdCBhIHNlc3Npb24ga2V5IGZvciBhIHRhcmdldCBkZXZpY2UgdXNpbmcgRUNESFxuICAgKiBAcGFyYW0gc2Vzc2lvbktleUJhc2U2NCBUaGUgc2Vzc2lvbiBrZXkgdG8gZW5jcnlwdCAoYmFzZTY0KVxuICAgKiBAcGFyYW0gdGFyZ2V0UHVibGljS2V5QmFzZTY0IFRhcmdldCBkZXZpY2UncyBwdWJsaWMga2V5IChiYXNlNjQpXG4gICAqIEByZXR1cm5zIEVuY3J5cHRlZFNlc3Npb25LZXkgY29udGFpbmluZyBlbmNyeXB0ZWQga2V5IGFuZCBlcGhlbWVyYWwgcHVibGljIGtleVxuICAgKi9cbiAgZW5jcnlwdFNlc3Npb25LZXkoXG4gICAgc2Vzc2lvbktleUJhc2U2NDogc3RyaW5nLFxuICAgIHRhcmdldFB1YmxpY0tleUJhc2U2NDogc3RyaW5nXG4gICk6IE9taXQ8RW5jcnlwdGVkU2Vzc2lvbktleSwgJ2RldmljZUlkJz4ge1xuICAgIC8vIEdlbmVyYXRlIGVwaGVtZXJhbCBrZXkgcGFpciBmb3IgdGhpcyBlbmNyeXB0aW9uXG4gICAgY29uc3QgZXBoZW1lcmFsS2V5UGFpciA9IHRoaXMuZ2VuZXJhdGVLZXlQYWlyKCk7XG5cbiAgICAvLyBEZXJpdmUgc2hhcmVkIGtleSB1c2luZyBlcGhlbWVyYWwgcHJpdmF0ZSArIHRhcmdldCBwdWJsaWNcbiAgICBjb25zdCBzaGFyZWRLZXkgPSB0aGlzLmRlcml2ZVNoYXJlZEtleShcbiAgICAgIGVwaGVtZXJhbEtleVBhaXIucHJpdmF0ZUtleSxcbiAgICAgIHRhcmdldFB1YmxpY0tleUJhc2U2NFxuICAgICk7XG5cbiAgICAvLyBFbmNyeXB0IHNlc3Npb24ga2V5IHdpdGggZGVyaXZlZCBrZXlcbiAgICBjb25zdCBzZXNzaW9uS2V5RGF0YSA9IEJ1ZmZlci5mcm9tKHNlc3Npb25LZXlCYXNlNjQsICdiYXNlNjQnKTtcbiAgICBjb25zdCBlbmNyeXB0ZWREYXRhID0gdGhpcy5lbmNyeXB0KHNlc3Npb25LZXlEYXRhLCBzaGFyZWRLZXkpO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIGVuY3J5cHRlZEtleTogZW5jcnlwdGVkRGF0YS50b1N0cmluZygnYmFzZTY0JyksXG4gICAgICBlcGhlbWVyYWxQdWJsaWNLZXk6IGVwaGVtZXJhbEtleVBhaXIucHVibGljS2V5LFxuICAgIH07XG4gIH1cblxuICAvKipcbiAgICogRGVjcnlwdCBhIHNlc3Npb24ga2V5IHVzaW5nIG91ciBwcml2YXRlIGtleVxuICAgKiBAcGFyYW0gZW5jcnlwdGVkU2Vzc2lvbktleSBUaGUgZW5jcnlwdGVkIHNlc3Npb24ga2V5IGRhdGFcbiAgICogQHBhcmFtIHByaXZhdGVLZXlCYXNlNjQgT3VyIGRldmljZSdzIHByaXZhdGUga2V5IChiYXNlNjQpXG4gICAqIEByZXR1cm5zIERlY3J5cHRlZCBzZXNzaW9uIGtleSAoYmFzZTY0KVxuICAgKi9cbiAgZGVjcnlwdFNlc3Npb25LZXkoXG4gICAgZW5jcnlwdGVkU2Vzc2lvbktleTogRW5jcnlwdGVkU2Vzc2lvbktleSxcbiAgICBwcml2YXRlS2V5QmFzZTY0OiBzdHJpbmdcbiAgKTogc3RyaW5nIHtcbiAgICAvLyBEZXJpdmUgc2hhcmVkIGtleSB1c2luZyBvdXIgcHJpdmF0ZSArIGVwaGVtZXJhbCBwdWJsaWNcbiAgICBjb25zdCBzaGFyZWRLZXkgPSB0aGlzLmRlcml2ZVNoYXJlZEtleShcbiAgICAgIHByaXZhdGVLZXlCYXNlNjQsXG4gICAgICBlbmNyeXB0ZWRTZXNzaW9uS2V5LmVwaGVtZXJhbFB1YmxpY0tleVxuICAgICk7XG5cbiAgICAvLyBEZWNyeXB0IHNlc3Npb24ga2V5XG4gICAgY29uc3QgZW5jcnlwdGVkRGF0YSA9IEJ1ZmZlci5mcm9tKGVuY3J5cHRlZFNlc3Npb25LZXkuZW5jcnlwdGVkS2V5LCAnYmFzZTY0Jyk7XG4gICAgY29uc3QgZGVjcnlwdGVkRGF0YSA9IHRoaXMuZGVjcnlwdChlbmNyeXB0ZWREYXRhLCBzaGFyZWRLZXkpO1xuXG4gICAgcmV0dXJuIGRlY3J5cHRlZERhdGEudG9TdHJpbmcoJ2Jhc2U2NCcpO1xuICB9XG5cbiAgLy8gTUFSSzogLSBDb250ZW50IEVuY3J5cHRpb24vRGVjcnlwdGlvblxuXG4gIC8qKlxuICAgKiBFbmNyeXB0IGNvbnRlbnQgdXNpbmcgQUVTLTI1Ni1HQ01cbiAgICogQHBhcmFtIGNvbnRlbnQgU3RyaW5nIGNvbnRlbnQgdG8gZW5jcnlwdFxuICAgKiBAcGFyYW0gc2Vzc2lvbktleUJhc2U2NCBTZXNzaW9uIGtleSAoYmFzZTY0KVxuICAgKiBAcmV0dXJucyBCYXNlNjQtZW5jb2RlZCBjaXBoZXJ0ZXh0IChub25jZSArIGNpcGhlcnRleHQgKyB0YWcpXG4gICAqL1xuICBlbmNyeXB0Q29udGVudChjb250ZW50OiBzdHJpbmcsIHNlc3Npb25LZXlCYXNlNjQ6IHN0cmluZyk6IHN0cmluZyB7XG4gICAgY29uc3Qgc2Vzc2lvbktleSA9IEJ1ZmZlci5mcm9tKHNlc3Npb25LZXlCYXNlNjQsICdiYXNlNjQnKTtcbiAgICBjb25zdCBjb250ZW50RGF0YSA9IEJ1ZmZlci5mcm9tKGNvbnRlbnQsICd1dGY4Jyk7XG4gICAgY29uc3QgZW5jcnlwdGVkRGF0YSA9IHRoaXMuZW5jcnlwdChjb250ZW50RGF0YSwgc2Vzc2lvbktleSk7XG4gICAgcmV0dXJuIGVuY3J5cHRlZERhdGEudG9TdHJpbmcoJ2Jhc2U2NCcpO1xuICB9XG5cbiAgLyoqXG4gICAqIERlY3J5cHQgY29udGVudCB1c2luZyBBRVMtMjU2LUdDTVxuICAgKiBAcGFyYW0gZW5jcnlwdGVkQ29udGVudCBCYXNlNjQtZW5jb2RlZCBjaXBoZXJ0ZXh0XG4gICAqIEBwYXJhbSBzZXNzaW9uS2V5QmFzZTY0IFNlc3Npb24ga2V5IChiYXNlNjQpXG4gICAqIEByZXR1cm5zIERlY3J5cHRlZCBzdHJpbmcgY29udGVudFxuICAgKi9cbiAgZGVjcnlwdENvbnRlbnQoZW5jcnlwdGVkQ29udGVudDogc3RyaW5nLCBzZXNzaW9uS2V5QmFzZTY0OiBzdHJpbmcpOiBzdHJpbmcge1xuICAgIGNvbnN0IHNlc3Npb25LZXkgPSBCdWZmZXIuZnJvbShzZXNzaW9uS2V5QmFzZTY0LCAnYmFzZTY0Jyk7XG4gICAgY29uc3QgZW5jcnlwdGVkRGF0YSA9IEJ1ZmZlci5mcm9tKGVuY3J5cHRlZENvbnRlbnQsICdiYXNlNjQnKTtcbiAgICBjb25zdCBkZWNyeXB0ZWREYXRhID0gdGhpcy5kZWNyeXB0KGVuY3J5cHRlZERhdGEsIHNlc3Npb25LZXkpO1xuICAgIHJldHVybiBkZWNyeXB0ZWREYXRhLnRvU3RyaW5nKCd1dGY4Jyk7XG4gIH1cblxuICAvKipcbiAgICogRW5jcnlwdCBKU09OLXNlcmlhbGl6YWJsZSBtZXRhZGF0YVxuICAgKiBAcGFyYW0gbWV0YWRhdGEgT2JqZWN0IHRvIGVuY3J5cHRcbiAgICogQHBhcmFtIHNlc3Npb25LZXlCYXNlNjQgU2Vzc2lvbiBrZXkgKGJhc2U2NClcbiAgICogQHJldHVybnMgQmFzZTY0LWVuY29kZWQgZW5jcnlwdGVkIEpTT05cbiAgICovXG4gIGVuY3J5cHRNZXRhZGF0YShcbiAgICBtZXRhZGF0YTogUmVjb3JkPHN0cmluZywgYW55PixcbiAgICBzZXNzaW9uS2V5QmFzZTY0OiBzdHJpbmdcbiAgKTogc3RyaW5nIHtcbiAgICBjb25zdCBqc29uU3RyaW5nID0gSlNPTi5zdHJpbmdpZnkobWV0YWRhdGEpO1xuICAgIHJldHVybiB0aGlzLmVuY3J5cHRDb250ZW50KGpzb25TdHJpbmcsIHNlc3Npb25LZXlCYXNlNjQpO1xuICB9XG5cbiAgLyoqXG4gICAqIERlY3J5cHQgZW5jcnlwdGVkIG1ldGFkYXRhXG4gICAqIEBwYXJhbSBlbmNyeXB0ZWRNZXRhZGF0YSBCYXNlNjQtZW5jb2RlZCBlbmNyeXB0ZWQgSlNPTlxuICAgKiBAcGFyYW0gc2Vzc2lvbktleUJhc2U2NCBTZXNzaW9uIGtleSAoYmFzZTY0KVxuICAgKiBAcmV0dXJucyBEZWNyeXB0ZWQgb2JqZWN0XG4gICAqL1xuICBkZWNyeXB0TWV0YWRhdGEoXG4gICAgZW5jcnlwdGVkTWV0YWRhdGE6IHN0cmluZyxcbiAgICBzZXNzaW9uS2V5QmFzZTY0OiBzdHJpbmdcbiAgKTogUmVjb3JkPHN0cmluZywgYW55PiB7XG4gICAgY29uc3QganNvblN0cmluZyA9IHRoaXMuZGVjcnlwdENvbnRlbnQoZW5jcnlwdGVkTWV0YWRhdGEsIHNlc3Npb25LZXlCYXNlNjQpO1xuICAgIHJldHVybiBKU09OLnBhcnNlKGpzb25TdHJpbmcpO1xuICB9XG5cbiAgLy8gTUFSSzogLSBCaW5hcnkgRGF0YSBFbmNyeXB0aW9uIChmb3IgYXR0YWNobWVudHMpXG5cbiAgLyoqXG4gICAqIEVuY3J5cHQgYmluYXJ5IGRhdGEgdXNpbmcgQUVTLTI1Ni1HQ01cbiAgICogQHBhcmFtIGRhdGEgQmluYXJ5IGRhdGEgdG8gZW5jcnlwdCAoQnVmZmVyKVxuICAgKiBAcGFyYW0gc2Vzc2lvbktleUJhc2U2NCBTZXNzaW9uIGtleSAoYmFzZTY0KVxuICAgKiBAcmV0dXJucyBFbmNyeXB0ZWQgZGF0YSAoQnVmZmVyIGNvbnRhaW5pbmcgbm9uY2UgKyBjaXBoZXJ0ZXh0ICsgdGFnKVxuICAgKi9cbiAgZW5jcnlwdERhdGEoZGF0YTogQnVmZmVyLCBzZXNzaW9uS2V5QmFzZTY0OiBzdHJpbmcpOiBCdWZmZXIge1xuICAgIGNvbnN0IHNlc3Npb25LZXkgPSBCdWZmZXIuZnJvbShzZXNzaW9uS2V5QmFzZTY0LCAnYmFzZTY0Jyk7XG4gICAgcmV0dXJuIHRoaXMuZW5jcnlwdChkYXRhLCBzZXNzaW9uS2V5KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBEZWNyeXB0IGJpbmFyeSBkYXRhIHVzaW5nIEFFUy0yNTYtR0NNXG4gICAqIEBwYXJhbSBlbmNyeXB0ZWREYXRhIEVuY3J5cHRlZCBkYXRhIChCdWZmZXIgY29udGFpbmluZyBub25jZSArIGNpcGhlcnRleHQgKyB0YWcpXG4gICAqIEBwYXJhbSBzZXNzaW9uS2V5QmFzZTY0IFNlc3Npb24ga2V5IChiYXNlNjQpXG4gICAqIEByZXR1cm5zIERlY3J5cHRlZCBiaW5hcnkgZGF0YSAoQnVmZmVyKVxuICAgKi9cbiAgZGVjcnlwdERhdGEoZW5jcnlwdGVkRGF0YTogQnVmZmVyLCBzZXNzaW9uS2V5QmFzZTY0OiBzdHJpbmcpOiBCdWZmZXIge1xuICAgIGNvbnN0IHNlc3Npb25LZXkgPSBCdWZmZXIuZnJvbShzZXNzaW9uS2V5QmFzZTY0LCAnYmFzZTY0Jyk7XG4gICAgcmV0dXJuIHRoaXMuZGVjcnlwdChlbmNyeXB0ZWREYXRhLCBzZXNzaW9uS2V5KTtcbiAgfVxuXG4gIC8vIE1BUks6IC0gTG93LWxldmVsIEVuY3J5cHRpb25cblxuICAvKipcbiAgICogRW5jcnlwdCBkYXRhIHVzaW5nIEFFUy0yNTYtR0NNXG4gICAqIEBwYXJhbSBkYXRhIERhdGEgdG8gZW5jcnlwdFxuICAgKiBAcGFyYW0ga2V5IFN5bW1ldHJpYyBrZXkgKDMyIGJ5dGVzKVxuICAgKiBAcmV0dXJucyBDb21iaW5lZCBub25jZSArIGNpcGhlcnRleHQgKyB0YWdcbiAgICovXG4gIHByaXZhdGUgZW5jcnlwdChkYXRhOiBCdWZmZXIsIGtleTogQnVmZmVyKTogQnVmZmVyIHtcbiAgICAvLyBHZW5lcmF0ZSByYW5kb20gMTItYnl0ZSBub25jZSAoSVYpXG4gICAgY29uc3Qgbm9uY2UgPSBjcnlwdG8ucmFuZG9tQnl0ZXMoMTIpO1xuXG4gICAgY29uc3QgY2lwaGVyID0gY3J5cHRvLmNyZWF0ZUNpcGhlcml2KCdhZXMtMjU2LWdjbScsIGtleSwgbm9uY2UpO1xuICAgIGNvbnN0IGNpcGhlcnRleHQgPSBCdWZmZXIuY29uY2F0KFtjaXBoZXIudXBkYXRlKGRhdGEpLCBjaXBoZXIuZmluYWwoKV0pO1xuICAgIGNvbnN0IHRhZyA9IGNpcGhlci5nZXRBdXRoVGFnKCk7XG5cbiAgICAvLyBDb21iaW5lOiBub25jZSAoMTIgYnl0ZXMpICsgY2lwaGVydGV4dCArIHRhZyAoMTYgYnl0ZXMpXG4gICAgcmV0dXJuIEJ1ZmZlci5jb25jYXQoW25vbmNlLCBjaXBoZXJ0ZXh0LCB0YWddKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBEZWNyeXB0IGRhdGEgdXNpbmcgQUVTLTI1Ni1HQ01cbiAgICogQHBhcmFtIGRhdGEgQ29tYmluZWQgbm9uY2UgKyBjaXBoZXJ0ZXh0ICsgdGFnXG4gICAqIEBwYXJhbSBrZXkgU3ltbWV0cmljIGtleSAoMzIgYnl0ZXMpXG4gICAqIEByZXR1cm5zIERlY3J5cHRlZCBkYXRhXG4gICAqL1xuICBwcml2YXRlIGRlY3J5cHQoZGF0YTogQnVmZmVyLCBrZXk6IEJ1ZmZlcik6IEJ1ZmZlciB7XG4gICAgLy8gRXh0cmFjdDogbm9uY2UgKDEyIGJ5dGVzKSArIGNpcGhlcnRleHQgKyB0YWcgKDE2IGJ5dGVzKVxuICAgIGNvbnN0IG5vbmNlID0gZGF0YS5zdWJhcnJheSgwLCAxMik7XG4gICAgY29uc3QgdGFnID0gZGF0YS5zdWJhcnJheShkYXRhLmxlbmd0aCAtIDE2KTtcbiAgICBjb25zdCBjaXBoZXJ0ZXh0ID0gZGF0YS5zdWJhcnJheSgxMiwgZGF0YS5sZW5ndGggLSAxNik7XG5cbiAgICBjb25zdCBkZWNpcGhlciA9IGNyeXB0by5jcmVhdGVEZWNpcGhlcml2KCdhZXMtMjU2LWdjbScsIGtleSwgbm9uY2UpO1xuICAgIGRlY2lwaGVyLnNldEF1dGhUYWcodGFnKTtcblxuICAgIHRyeSB7XG4gICAgICBjb25zdCBkZWNyeXB0ZWQgPSBCdWZmZXIuY29uY2F0KFtkZWNpcGhlci51cGRhdGUoY2lwaGVydGV4dCksIGRlY2lwaGVyLmZpbmFsKCldKTtcbiAgICAgIHJldHVybiBkZWNyeXB0ZWQ7XG4gICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgIHRocm93IG5ldyBDcnlwdG9FcnJvcignRGVjcnlwdGlvbiBmYWlsZWQ6IEludmFsaWQgY2lwaGVydGV4dCBvciBhdXRoZW50aWNhdGlvbiB0YWcnKTtcbiAgICB9XG4gIH1cblxuICAvLyBNQVJLOiAtIEtleSBTZXJpYWxpemF0aW9uXG5cbiAgLyoqXG4gICAqIFNlcmlhbGl6ZSBhIHByaXZhdGUga2V5IGZvciBzdG9yYWdlXG4gICAqL1xuICBzZXJpYWxpemVQcml2YXRlS2V5KHByaXZhdGVLZXlCYXNlNjQ6IHN0cmluZyk6IHN0cmluZyB7XG4gICAgcmV0dXJuIHByaXZhdGVLZXlCYXNlNjQ7XG4gIH1cblxuICAvKipcbiAgICogRGVzZXJpYWxpemUgYSBwcml2YXRlIGtleSBmcm9tIHN0b3JhZ2VcbiAgICovXG4gIGRlc2VyaWFsaXplUHJpdmF0ZUtleShiYXNlNjQ6IHN0cmluZyk6IHN0cmluZyB7XG4gICAgcmV0dXJuIGJhc2U2NDtcbiAgfVxufVxuXG4vKipcbiAqIEV4cG9ydCBzaW5nbGV0b24gaW5zdGFuY2VcbiAqL1xuZXhwb3J0IGNvbnN0IGNyeXB0b1NlcnZpY2UgPSBDcnlwdG9TZXJ2aWNlLmdldEluc3RhbmNlKCk7XG4iXX0=
|
package/dist/crypto/index.d.ts
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export { CryptoService, cryptoService, CryptoError, ENCRYPTION_VERSION } from './crypto-service';
|
package/dist/crypto/index.js
DELETED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.ENCRYPTION_VERSION = exports.CryptoError = exports.cryptoService = exports.CryptoService = void 0;
|
|
4
|
-
var crypto_service_1 = require("./crypto-service");
|
|
5
|
-
Object.defineProperty(exports, "CryptoService", { enumerable: true, get: function () { return crypto_service_1.CryptoService; } });
|
|
6
|
-
Object.defineProperty(exports, "cryptoService", { enumerable: true, get: function () { return crypto_service_1.cryptoService; } });
|
|
7
|
-
Object.defineProperty(exports, "CryptoError", { enumerable: true, get: function () { return crypto_service_1.CryptoError; } });
|
|
8
|
-
Object.defineProperty(exports, "ENCRYPTION_VERSION", { enumerable: true, get: function () { return crypto_service_1.ENCRYPTION_VERSION; } });
|
|
9
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY3J5cHRvL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLG1EQUFpRztBQUF4RiwrR0FBQSxhQUFhLE9BQUE7QUFBRSwrR0FBQSxhQUFhLE9BQUE7QUFBRSw2R0FBQSxXQUFXLE9BQUE7QUFBRSxvSEFBQSxrQkFBa0IsT0FBQSIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCB7IENyeXB0b1NlcnZpY2UsIGNyeXB0b1NlcnZpY2UsIENyeXB0b0Vycm9yLCBFTkNSWVBUSU9OX1ZFUlNJT04gfSBmcm9tICcuL2NyeXB0by1zZXJ2aWNlJztcbiJdfQ==
|
package/dist/index.d.ts
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
export { KeychainManager, keychainManager, KeychainError } from './keychain';
|
|
2
|
-
export { CryptoService, cryptoService, CryptoError, ENCRYPTION_VERSION } from './crypto';
|
|
3
|
-
export { AppSyncClient, DownloadUrlResponse } from './appsync';
|
|
4
|
-
export { queries, mutations, subscriptions } from './appsync';
|
|
5
|
-
export { AuthService, authService } from './auth';
|
|
6
|
-
export { runAuthCli } from './auth';
|
|
7
|
-
export { loadConfig, getConfig, getEnvironment } from './config';
|
|
8
|
-
export type { Config, Environment } from './config';
|
|
9
|
-
export { Logger, logger, createLogger } from './logger';
|
|
10
|
-
export { parseInteractivePrompt, normalizeSnapshot, } from './prompt-parser';
|
|
11
|
-
export type { ParsedInteractivePrompt, PromptKind, InteractivePromptOption, } from './prompt-parser';
|
|
12
|
-
export { resumeOrCreateSession, prepareSessionEncryption } from './session';
|
|
13
|
-
export type { ResumeOrCreateSessionInput, ResumeOrCreateSessionResult } from './session';
|
|
14
|
-
export * from './types';
|
package/dist/keychain/index.d.ts
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export { KeychainManager, keychainManager, KeychainError } from './keychain-manager';
|
package/dist/keychain/index.js
DELETED
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.KeychainError = exports.keychainManager = exports.KeychainManager = void 0;
|
|
4
|
-
var keychain_manager_1 = require("./keychain-manager");
|
|
5
|
-
Object.defineProperty(exports, "KeychainManager", { enumerable: true, get: function () { return keychain_manager_1.KeychainManager; } });
|
|
6
|
-
Object.defineProperty(exports, "keychainManager", { enumerable: true, get: function () { return keychain_manager_1.keychainManager; } });
|
|
7
|
-
Object.defineProperty(exports, "KeychainError", { enumerable: true, get: function () { return keychain_manager_1.KeychainError; } });
|
|
8
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMva2V5Y2hhaW4vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsdURBQXFGO0FBQTVFLG1IQUFBLGVBQWUsT0FBQTtBQUFFLG1IQUFBLGVBQWUsT0FBQTtBQUFFLGlIQUFBLGFBQWEsT0FBQSIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCB7IEtleWNoYWluTWFuYWdlciwga2V5Y2hhaW5NYW5hZ2VyLCBLZXljaGFpbkVycm9yIH0gZnJvbSAnLi9rZXljaGFpbi1tYW5hZ2VyJztcbiJdfQ==
|
|
@@ -1,125 +0,0 @@
|
|
|
1
|
-
import { DeviceIdentity, TokenData, EncryptedSessionKey } from '../types';
|
|
2
|
-
/**
|
|
3
|
-
* Error class for keychain operations
|
|
4
|
-
*/
|
|
5
|
-
export declare class KeychainError extends Error {
|
|
6
|
-
constructor(message: string);
|
|
7
|
-
}
|
|
8
|
-
/**
|
|
9
|
-
* Manages device identity and OAuth tokens using native keychain
|
|
10
|
-
*/
|
|
11
|
-
export declare class KeychainManager {
|
|
12
|
-
private static instance;
|
|
13
|
-
private deviceIdentity;
|
|
14
|
-
private sessionKeyCache;
|
|
15
|
-
private isRegistered;
|
|
16
|
-
private _serviceName;
|
|
17
|
-
private constructor();
|
|
18
|
-
/**
|
|
19
|
-
* Get the keychain service name (lazy-loaded from config)
|
|
20
|
-
*/
|
|
21
|
-
private get serviceName();
|
|
22
|
-
static getInstance(): KeychainManager;
|
|
23
|
-
/**
|
|
24
|
-
* Get the device identity from keychain
|
|
25
|
-
*/
|
|
26
|
-
getDeviceIdentity(): Promise<DeviceIdentity | null>;
|
|
27
|
-
/**
|
|
28
|
-
* Set the device identity in keychain
|
|
29
|
-
*/
|
|
30
|
-
setDeviceIdentity(identity: DeviceIdentity): Promise<void>;
|
|
31
|
-
/**
|
|
32
|
-
* Get or create device identity
|
|
33
|
-
*/
|
|
34
|
-
getOrCreateDeviceIdentity(): Promise<DeviceIdentity>;
|
|
35
|
-
/**
|
|
36
|
-
* Get device ID (creates identity if needed)
|
|
37
|
-
*/
|
|
38
|
-
getDeviceId(): Promise<string>;
|
|
39
|
-
/**
|
|
40
|
-
* Get device public key (creates identity if needed)
|
|
41
|
-
*/
|
|
42
|
-
getDevicePublicKey(): Promise<string>;
|
|
43
|
-
/**
|
|
44
|
-
* Get device private key (creates identity if needed)
|
|
45
|
-
*/
|
|
46
|
-
getDevicePrivateKey(): Promise<string>;
|
|
47
|
-
/**
|
|
48
|
-
* Check if device identity exists
|
|
49
|
-
*/
|
|
50
|
-
hasDeviceIdentity(): Promise<boolean>;
|
|
51
|
-
/**
|
|
52
|
-
* Delete device identity (reset device)
|
|
53
|
-
*/
|
|
54
|
-
deleteDeviceIdentity(): Promise<void>;
|
|
55
|
-
/**
|
|
56
|
-
* Get token account name for environment
|
|
57
|
-
*/
|
|
58
|
-
private getTokenAccount;
|
|
59
|
-
/**
|
|
60
|
-
* Get OAuth tokens for environment
|
|
61
|
-
*/
|
|
62
|
-
getTokens(environment?: string): Promise<TokenData | null>;
|
|
63
|
-
/**
|
|
64
|
-
* Save OAuth tokens for environment
|
|
65
|
-
*/
|
|
66
|
-
setTokens(tokens: TokenData, environment?: string): Promise<void>;
|
|
67
|
-
/**
|
|
68
|
-
* Delete OAuth tokens for environment
|
|
69
|
-
*/
|
|
70
|
-
deleteTokens(environment?: string): Promise<boolean>;
|
|
71
|
-
/**
|
|
72
|
-
* Check if token is expired
|
|
73
|
-
*/
|
|
74
|
-
isTokenExpired(tokens: TokenData): boolean;
|
|
75
|
-
/**
|
|
76
|
-
* Get session key for a session, decrypting from encryptedKeys if needed
|
|
77
|
-
*/
|
|
78
|
-
getSessionKey(sessionId: string, encryptedKeys?: EncryptedSessionKey[]): Promise<string | null>;
|
|
79
|
-
/**
|
|
80
|
-
* Generate and encrypt a new session key for all devices
|
|
81
|
-
*/
|
|
82
|
-
createSessionKey(devicePublicKeys: Array<{
|
|
83
|
-
deviceId: string;
|
|
84
|
-
publicKey: string;
|
|
85
|
-
}>): {
|
|
86
|
-
sessionKey: string;
|
|
87
|
-
encryptedKeys: EncryptedSessionKey[];
|
|
88
|
-
};
|
|
89
|
-
/**
|
|
90
|
-
* Cache a session key
|
|
91
|
-
*/
|
|
92
|
-
cacheSessionKey(sessionId: string, sessionKey: string): void;
|
|
93
|
-
/**
|
|
94
|
-
* Clear cached session key
|
|
95
|
-
*/
|
|
96
|
-
clearSessionKey(sessionId: string): void;
|
|
97
|
-
/**
|
|
98
|
-
* Clear all cached session keys
|
|
99
|
-
*/
|
|
100
|
-
clearAllSessionKeys(): void;
|
|
101
|
-
/**
|
|
102
|
-
* Get registration status
|
|
103
|
-
*/
|
|
104
|
-
getIsRegistered(): boolean;
|
|
105
|
-
/**
|
|
106
|
-
* Set registration status
|
|
107
|
-
*/
|
|
108
|
-
setIsRegistered(registered: boolean): void;
|
|
109
|
-
/**
|
|
110
|
-
* Get device name for registration
|
|
111
|
-
*/
|
|
112
|
-
getDeviceName(): string;
|
|
113
|
-
/**
|
|
114
|
-
* Get platform for registration
|
|
115
|
-
*/
|
|
116
|
-
getDevicePlatform(): string;
|
|
117
|
-
/**
|
|
118
|
-
* Clear all data (device identity + all tokens)
|
|
119
|
-
*/
|
|
120
|
-
clearAllData(): Promise<void>;
|
|
121
|
-
}
|
|
122
|
-
/**
|
|
123
|
-
* Export singleton instance
|
|
124
|
-
*/
|
|
125
|
-
export declare const keychainManager: KeychainManager;
|