@tidecloak/js 0.9.11

package/dist/cjs/modules/tide-js/Flow/dKeyGenerationFlow.js

@@ -0,0 +1,219 @@
+"use strict";
+// 
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+// 
+// This program is free software and is subject to the terms of 
+// the Tide Community Open Code License as published by the 
+// Tide Foundation Limited. You may modify it and redistribute 
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind, 
+// including without any implied warranty of MERCHANTABILITY or 
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open 
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const NodeClient_js_1 = __importDefault(require("../Clients/NodeClient.js"));
+const OrkInfo_js_1 = __importDefault(require("../Models/Infos/OrkInfo.js"));
+const KeyGeneration_js_1 = require("../Math/KeyGeneration.js");
+const Utils_js_1 = require("../Tools/Utils.js");
+const Math_js_1 = require("../Cryptide/Math.js");
+const Ed25519_js_1 = require("../Cryptide/Ed25519.js");
+const Serialization_js_1 = require("../Cryptide/Serialization.js");
+const index_js_1 = require("../Cryptide/index.js");
+const VoucherFlow_js_1 = __importDefault(require("./VoucherFlows/VoucherFlow.js"));
+const NetworkClient_js_1 = __importDefault(require("../Clients/NetworkClient.js"));
+const SimulatorFlow_js_1 = __importDefault(require("./SimulatorFlow.js"));
+const Ed25519Components_js_1 = require("../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js");
+class dKeyGenerationFlow {
+    /**
+     * @param {string} uid
+     * @param {string} gVRK
+     * @param {OrkInfo[]} orks
+     * @param {Uint8Array} sessKey
+     * @param {Point} gSessKeyPub
+     * @param {string} purpose
+     * @param {string} voucherURL
+     * @param {string[]} emails
+     * @param {(0|1)[]} bitwise
+     * @param {string[]} selfRequesti
+     * @param {Point} userPublic
+     * @param {number} expired
+     */
+    constructor(uid, gVRK, orks, sessKey, gSessKeyPub, purpose, voucherURL, emails = null, bitwise = null, selfRequesti = [], userPublic = null, expired = null) {
+        if (expired != null)
+            if (expired < (0, Utils_js_1.CurrentTime)())
+                throw Error("Time has expired. Try again");
+        if (orks.length < Utils_js_1.Max)
+            throw Error("Not enough orks available to create an account");
+        this.uid = uid;
+        this.gVRK = Ed25519_js_1.Point.fromBase64(gVRK);
+        this.bitwise = bitwise == null ? null : bitwise;
+        this.orks = (0, Utils_js_1.sortORKs)(orks);
+        this.selfRequesti = selfRequesti;
+        this.userPublic = userPublic;
+        this.sessKey = sessKey;
+        this.gSessKeyPub = gSessKeyPub;
+        this.purpose = purpose;
+        this.voucherURL = voucherURL;
+        this.emails = emails;
+        this.getVouchersFunction = null;
+        this.savedOrkPublics = this.orks.map(o => o.orkPublic);
+        this.orksToWaitFor = purpose == "NEW" ? Utils_js_1.Max : Utils_js_1.Threshold;
+    }
+    static async ReserveUID(uid, voucherURL, gSessKeyPub) {
+        const simClient = new NetworkClient_js_1.default();
+        const availableOrks = (await simClient.FindReservers(uid));
+        const pre_activeOrks = SimulatorFlow_js_1.default.FilterInactiveOrks(availableOrks);
+        const reservers = availableOrks.slice(0, 5); // super unlikely all 5 orks are down
+        const voucherFlow = new VoucherFlow_js_1.default(reservers.map(o => o.orkPaymentPublic), voucherURL, "reserve");
+        const vouchers = (await voucherFlow.GetVouchers()).vouchers;
+        const reserveClients = reservers.map(r => new NodeClient_js_1.default(r.orkURL));
+        const pre_ReserveResponses = reserveClients.map((client, i) => client.ReserveUID(i, uid, 'SESSIONID', vouchers.toORK(i), gSessKeyPub));
+        const { fulfilledResponses } = await (0, Utils_js_1.WaitForNumberofORKs)(reservers, pre_ReserveResponses, "NEW", 1);
+        const lowestProximityresConf = fulfilledResponses.reduce((prev, curr) => (curr.proximity < prev.proximity ? curr : prev)); // get closest proximity
+        return {
+            reservationConfirmation: lowestProximityresConf.toString(),
+            activeOrks: (await pre_activeOrks)
+        };
+    }
+    /**
+     * @param {(request: string) => Promise<string> } getVouchersFunction
+     * @returns {dKeyGenerationFlow}
+     */
+    setVoucherRetrievalFunction(getVouchersFunction) {
+        this.getVouchersFunction = getVouchersFunction;
+        return this;
+    }
+    /**
+     * @param {number} numKeys
+     * @param {Point[]} gMultipliers
+     * @param {string} reservationAuth
+     */
+    async GenShard(numKeys, gMultipliers, reservationAuth = null) {
+        const clients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL)); // create node clients
+        let vouchers;
+        if (this.purpose == "NEW") {
+            if (reservationAuth == null)
+                throw Error("reservationAuth must not be null for new keys");
+            const voucherFlow = new VoucherFlow_js_1.default(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, "signup");
+            vouchers = (await voucherFlow.GetVouchers()).vouchers;
+        }
+        let blurs = [];
+        const gBluredMultipliers = gMultipliers.map(gMul => {
+            if (gMul != null) {
+                const b = (0, Math_js_1.RandomBigInt)();
+                blurs.push(b);
+                return gMul.mul(b);
+            }
+            else {
+                blurs.push(null);
+                return null;
+            }
+        });
+        const ids = this.orks.map(ork => ork.orkID);
+        let count = 0;
+        const pre_GenShardResponses = clients.map((client, i) => {
+            let auth = "";
+            if (this.bitwise != null) {
+                if (this.bitwise[i] == true) {
+                    auth = this.selfRequesti[count];
+                    count++;
+                }
+            }
+            if (this.purpose == "NEW")
+                return client.GenShard(i, this.uid, vouchers.toORK(i), reservationAuth, this.purpose, ids, numKeys, gBluredMultipliers, this.gSessKeyPub);
+            else
+                return client.UpdateShard(i, this.uid, this.purpose, gBluredMultipliers, auth, this.gSessKeyPub, auth == "");
+        });
+        // create prkECDHi here to save time
+        const prkECHi = await index_js_1.DH.generateECDHi(this.orks.map(o => o.orkPublic), this.sessKey);
+        const { fulfilledResponses, bitwise } = await (0, Utils_js_1.WaitForNumberofORKs)(this.orks, pre_GenShardResponses, this.purpose, this.orksToWaitFor, null, prkECHi, null, this.purpose == "NEW" ? null : (result) => {
+            if (result.tag == true)
+                return false; // tag == "", inactive ork, don't add to promises to wait for
+            else
+                return true; // active ork
+        });
+        this.gState = {
+            bitwise: bitwise,
+            keyUse: ["", ""], // not VVK, doesn't matter
+            prkECHi,
+            ...await (0, KeyGeneration_js_1.ProcessShards)(fulfilledResponses, bitwise, this.sessKey)
+        };
+        const UnblurredGMultipled = this.gState.gMultiplied.map((gMultiplied, i) => {
+            if (gMultiplied != null) {
+                return gMultiplied.public.divide(blurs[i]);
+            }
+            else {
+                return null;
+            }
+        });
+        return { gMultiplied: UnblurredGMultipled, gK: this.gState.gK };
+    }
+    /**
+     * @param {string} auth
+     * @param {string} authSig
+     */
+    async GenVVKShard(auth, authSig) {
+        const clients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL)); // create node clients
+        const { vouchers } = await (new VoucherFlow_js_1.default(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, "vendorcreation").GetVouchers(this.getVouchersFunction));
+        const ids = this.orks.map(ork => ork.orkID);
+        const pre_GenShardResponses = clients.map((client, i) => client.GenVVKShard(this.uid, this.gVRK, auth, authSig, ids, vouchers.toORK(i)));
+        // create prkECDHi here to save time
+        const prkECHi = await index_js_1.DH.generateECDHi(this.orks.map(o => o.orkPublic), this.sessKey);
+        const fulfilledResponses = await Promise.all(pre_GenShardResponses);
+        const bitwise = new Array(Utils_js_1.Max).fill(1); // all must respond
+        this.gState = {
+            bitwise: bitwise,
+            prkECHi,
+            ...await (0, KeyGeneration_js_1.ProcessShards)(fulfilledResponses, bitwise, this.sessKey, true)
+        };
+        return { gK: this.gState.gK };
+    }
+    /**
+     * @param {string} authorizer
+     * @param {string} keyType
+     */
+    async SetShard(authorizer, keyType) {
+        if (this.gState == undefined)
+            throw Error("GState is not defined");
+        const clients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL)); // create node clients
+        const randomisedEmails = (0, Utils_js_1.randomiseEmails)(this.emails);
+        // No pretty place to put this line 
+        const pre_encAuthi = this.gState.prkECHi.map(async (dh, i) => await index_js_1.AES.encryptData(JSON.stringify({
+            'GR': this.gState.gR.toBase64(),
+            'Auth': authorizer,
+            'Email': randomisedEmails[i],
+            'InitGVRK_GR': keyType == "VVK" ? this.gState.VRK_gR.map(gr => gr.toBase64()) : [],
+        }), dh));
+        const encAuthi = await Promise.all(pre_encAuthi);
+        const pre_SendShardResponses = clients.map((client, i) => client.SetShard(this.uid, this.gState.sortedShares[i], encAuthi[i], this.gSessKeyPub, keyType));
+        const SendShardResponses = await Promise.all(pre_SendShardResponses);
+        this.sState = await (0, KeyGeneration_js_1.CommitShardPrep)(this.uid, SendShardResponses, this.savedOrkPublics, this.gState.timestamp, this.gState.gR, this.userPublic == null ? this.gState.gK : this.userPublic, this.bitwise == null ? this.gState.bitwise : (0, Serialization_js_1.bitArrayAND)(this.gState.bitwise, this.bitwise), // given a list of orks that responded to genshard, and a list that were requested to be active, determine the particpating orks
+        this.purpose, this.sessKey, this.gSessKeyPub, keyType == "VVK" ? this.gState.VRK_gR : null, keyType == "VVK" ? authorizer : null);
+        this.gState = undefined;
+        const resp = {
+            "VRK_SIGNATURE_TO_STORE": this.sState.vrkSignatureToStore,
+            "M": (0, Serialization_js_1.bytesToBase64)(this.sState.M),
+            "FIRST_ADMIN": this.sState.firstAdmin
+        };
+        return resp;
+    }
+    /**
+     */
+    async Commit() {
+        if (this.sState == undefined)
+            throw Error("SState is undefined");
+        const clients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL)); // create node clients
+        const pre_CommitResponses = clients.map(client => client.Commit(this.uid, this.sState.S, this.sState.gSessKeyPub));
+        await Promise.all(pre_CommitResponses);
+    }
+}
+exports.default = dKeyGenerationFlow;
+//# sourceMappingURL=dKeyGenerationFlow.js.map

package/dist/cjs/modules/tide-js/Flow/dKeyGenerationFlow.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dKeyGenerationFlow.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Flow/dKeyGenerationFlow.js"],"names":[],"mappings":";AAAA,GAAG;AACH,gEAAgE;AAChE,yCAAyC;AACzC,GAAG;AACH,gEAAgE;AAChE,4DAA4D;AAC5D,+DAA+D;AAC/D,kEAAkE;AAClE,6DAA6D;AAC7D,gEAAgE;AAChE,oCAAoC;AACpC,6DAA6D;AAC7D,8DAA8D;AAC9D,wCAAwC;AACxC,qDAAqD;AACrD,EAAE;;;;;AAEF,6EAAkD;AAClD,4EAAiD;AAEjD,+DAA0E;AAC1E,gDAAgH;AAChH,iDAAmD;AACnD,uDAA+C;AAC/C,mEAA8J;AAC9J,mDAA+C;AAC/C,mFAAwD;AACxD,mFAAwD;AACxD,0EAA+C;AAC/C,sGAAqG;AAErG,MAAqB,kBAAkB;IACnC;;;;;;;;;;;;;OAaG;IACH,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,GAAC,IAAI,EAAE,OAAO,GAAC,IAAI,EAAE,YAAY,GAAC,EAAE,EAAE,UAAU,GAAC,IAAI,EAAE,OAAO,GAAC,IAAI;QAC7I,IAAG,OAAO,IAAI,IAAI;YAAE,IAAG,OAAO,GAAG,IAAA,sBAAW,GAAE;gBAAE,MAAM,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC3F,IAAG,IAAI,CAAC,MAAM,GAAG,cAAG;YAAE,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpF,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,kBAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACnC,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC;QAChD,IAAI,CAAC,IAAI,GAAG,IAAA,mBAAQ,EAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAEhC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,CAAC,aAAa,GAAG,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,cAAG,CAAC,CAAC,CAAC,oBAAS,CAAC;IAC5D,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,WAAW;QAChD,MAAM,SAAS,GAAG,IAAI,0BAAa,EAAE,CAAC;QACtC,MAAM,aAAa,GAAG,CAAC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,0BAAa,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;QACvE,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QAClF,MAAM,WAAW,GAAG,IAAI,wBAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;QACnG,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC;QAE5D,MAAM,cAAc,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,uBAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAEpE,MAAM,oBAAoB,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;QACtI,MAAM,EAAC,kBAAkB,EAAC,GAAG,MAAM,IAAA,8BAAmB,EAAC,SAAS,EAAE,oBAAoB,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QAClG,MAAM,sBAAsB,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,wBAAwB;QAEnJ,OAAO;YACH,uBAAuB,EAAE,sBAAsB,CAAC,QAAQ,EAAE;YAC1D,UAAU,EAAE,CAAC,MAAM,cAAc,CAAC;SACrC,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,2BAA2B,CAAC,mBAAmB;QAC3C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,EAAE,eAAe,GAAC,IAAI;QACtD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,uBAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QAEvF,IAAI,QAAQ,CAAC;QACb,IAAG,IAAI,CAAC,OAAO,IAAI,KAAK,EAAC,CAAC;YACtB,IAAG,eAAe,IAAI,IAAI;gBAAE,MAAM,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACzF,MAAM,WAAW,GAAG,IAAI,wBAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACvG,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC;QAC1D,CAAC;QAED,IAAI,KAAK,GAAG,EAAE,CAAC;QACf,MAAM,kBAAkB,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;YAC/C,IAAG,IAAI,IAAI,IAAI,EAAC,CAAC;gBACb,MAAM,CAAC,GAAG,IAAA,sBAAY,GAAE,CAAC;gBACzB,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACd,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACvB,CAAC;iBAAI,CAAC;gBACF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjB,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpD,IAAI,IAAI,GAAG,EAAE,CAAC;YACd,IAAG,IAAI,CAAC,OAAO,IAAI,IAAI,EAAC,CAAC;gBACrB,IAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,EAAC,CAAC;oBACxB,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;oBAChC,KAAK,EAAE,CAAC;gBACZ,CAAC;YACL,CAAC;YACD,IAAG,IAAI,CAAC,OAAO,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;;gBAC/J,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QACtH,CAAC,CAAC,CAAC;QAEH,oCAAoC;QACpC,MAAM,OAAO,GAAG,MAAM,aAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEtF,MAAM,EAAC,kBAAkB,EAAE,OAAO,EAAC,GAAG,MAAM,IAAA,8BAAmB,EAC3D,IAAI,CAAC,IAAI,EACT,qBAAqB,EACrB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,EACJ,OAAO,EACP,IAAI,EACJ,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE;YACtC,IAAG,MAAM,CAAC,GAAG,IAAI,IAAI;gBAAE,OAAO,KAAK,CAAC,CAAC,6DAA6D;;gBAC7F,OAAO,IAAI,CAAC,CAAC,aAAa;QACnC,CAAC,CAAC,CAAC;QAEP,IAAI,CAAC,MAAM,GAAG;YACV,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,0BAA0B;YAC5C,OAAO;YACP,GAAI,MAAM,IAAA,gCAAa,EAAC,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC;SACrE,CAAC;QAEF,MAAM,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE;YACvE,IAAG,WAAW,IAAI,IAAI,EAAC,CAAC;gBACpB,OAAO,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAI,CAAC;gBACF,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,EAAC,WAAW,EAAE,mBAAmB,EAAE,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,EAAC,CAAA;IACjE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,uBAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QAEvF,MAAM,EAAC,QAAQ,EAAC,GAAG,MAAM,CAAC,IAAI,wBAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAE5J,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEzI,oCAAoC;QACpC,MAAM,OAAO,GAAG,MAAM,aAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEtF,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,cAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAE3D,IAAI,CAAC,MAAM,GAAG;YACV,OAAO,EAAE,OAAO;YAChB,OAAO;YACP,GAAI,MAAM,IAAA,gCAAa,EAAC,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC;SAC3E,CAAC;QAEF,OAAO,EAAC,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,EAAC,CAAA;IAC/B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO;QAC9B,IAAG,IAAI,CAAC,MAAM,IAAI,SAAS;YAAE,MAAM,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAElE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,uBAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QACvF,MAAM,gBAAgB,GAAG,IAAA,0BAAe,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEtD,oCAAoC;QACpC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC;YAC/F,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,EAAE;YAC/B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC5B,aAAa,EAAE,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;SACrF,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACT,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAEjD,MAAM,sBAAsB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,CAAA;QACzJ,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QAErE,IAAI,CAAC,MAAM,GAAG,MAAM,IAAA,kCAAe,EAC/B,IAAI,CAAC,GAAG,EACR,kBAAkB,EAClB,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,MAAM,CAAC,SAAS,EACrB,IAAI,CAAC,MAAM,CAAC,EAAE,EACd,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,EAC1D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,IAAA,8BAAW,EAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,gIAAgI;QAC7N,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,WAAW,EAChB,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAC5C,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CACnC,CAAC;QACN,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,MAAM,IAAI,GAAG;YACT,wBAAwB,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB;YACzD,GAAG,EAAE,IAAA,gCAAa,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;YACjC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;SACxC,CAAA;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;OACG;IACH,KAAK,CAAC,MAAM;QACR,IAAG,IAAI,CAAC,MAAM,IAAI,SAAS;YAAE,MAAM,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,uBAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QAEvF,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QACnH,MAAM,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAE3C,CAAC;CACJ;AA9ND,qCA8NC"}

package/dist/cjs/modules/tide-js/Math/DecryptRequest.js

@@ -0,0 +1,52 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const SerializedField_js_1 = __importDefault(require("../Models/SerializedField.js"));
+const AES_js_1 = require("../Cryptide/Encryption/AES.js");
+const Hash_js_1 = require("../Cryptide/Hashing/Hash.js");
+const Serialization_js_1 = require("../Cryptide/Serialization.js");
+const Ed25519_js_1 = require("../Cryptide/Ed25519.js");
+class DecryptRequest {
+    /**
+     *
+     * @param {Uint8Array[]} serializedFields
+     * @param {Uint8Array[]} ECDHi
+     */
+    static async generateRequests(serializedFields, ECDHi) {
+        const deserializedFields = serializedFields.map(field => SerializedField_js_1.default.deserialize(field));
+        const pre_encFieldChks = deserializedFields.map(df => (0, Hash_js_1.SHA256_Digest)(df.data));
+        const encFieldChks = await Promise.all(pre_encFieldChks);
+        const toEncrypt = {
+            Timestamps: deserializedFields.map(df => df.timestamp), // using first as theyre all the same
+            EncFieldChks: encFieldChks.map(e => (0, Serialization_js_1.bytesToBase64)(e)),
+            C1s: deserializedFields.map(df => df.key.toBase64()),
+            Tags: deserializedFields.map(df => df.tag),
+            Sigs: deserializedFields.map(df => (0, Serialization_js_1.bytesToBase64)(df.sig))
+        };
+        const pre_encRequests = ECDHi.map(ECDH => (0, AES_js_1.encryptData)(JSON.stringify(toEncrypt), ECDH));
+        const encRequests = await Promise.all(pre_encRequests);
+        return {
+            encRequests,
+            encryptedFields: deserializedFields.map(df => df.data),
+            tags: toEncrypt.Tags // i don't want to use map again here
+        };
+    }
+    /**
+     * @param {Uint8Array[]} encryptedFields
+     * @param {Uint8Array[]} ECDHi
+     * @param {string[]} encryptedFieldKeys
+     * @param {bignt[]} lis
+     */
+    static async decryptFields(encryptedFields, ECDHi, encryptedFieldKeys, lis) {
+        const pre_decryptedData = encryptedFieldKeys.map(async (encK, i) => JSON.parse(await (0, AES_js_1.decryptData)(encK, ECDHi[i])));
+        const decryptedData = await Promise.all(pre_decryptedData);
+        const fieldKeys = encryptedFields.map((_, i) => decryptedData.reduce((sum, next, j) => sum.add(Ed25519_js_1.Point.fromBase64(next.AppliedFieldKeys[i]).mul(lis[j])), Ed25519_js_1.Point.ZERO)); // main loop over amount of encrypted datas
+        const pre_decryptedFields = fieldKeys.map(async (fk, i) => (0, AES_js_1.decryptDataRawOutput)(encryptedFields[i], await (0, Hash_js_1.SHA256_Digest)(fk.toRawBytes())));
+        const decryptedFields = await Promise.all(pre_decryptedFields);
+        return decryptedFields;
+    }
+}
+exports.default = DecryptRequest;
+//# sourceMappingURL=DecryptRequest.js.map

package/dist/cjs/modules/tide-js/Math/DecryptRequest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"DecryptRequest.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Math/DecryptRequest.js"],"names":[],"mappings":";;;;;AAAA,sFAA2D;AAC3D,0DAA+F;AAC/F,yDAA4D;AAC5D,mEAA6D;AAC7D,uDAA+C;AAE/C,MAAqB,cAAc;IAC/B;;;;OAIG;IACH,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,KAAK;QACjD,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,4BAAe,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;QAC7F,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAA,uBAAa,EAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;QAC9E,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAEzD,MAAM,SAAS,GAAG;YACd,UAAU,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,qCAAqC;YAC7F,YAAY,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAA,gCAAa,EAAC,CAAC,CAAC,CAAC;YACrD,GAAG,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YACpD,IAAI,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC;YAC1C,IAAI,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAA,gCAAa,EAAC,EAAE,CAAC,GAAG,CAAC,CAAC;SAC5D,CAAA;QAED,MAAM,eAAe,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAA,oBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;QACxF,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACvD,OAAO;YACH,WAAW;YACX,eAAe,EAAE,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC;YACtD,IAAI,EAAE,SAAS,CAAC,IAAI,CAAC,qCAAqC;SAC7D,CAAA;IACL,CAAC;IACD;;;;;OAKG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,eAAe,EAAE,KAAK,EAAE,kBAAkB,EAAE,GAAG;QACtE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,IAAA,oBAAW,EAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnH,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAE3D,MAAM,SAAS,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,kBAAK,CAAC,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,kBAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2CAA2C;QAEjN,MAAM,mBAAmB,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,IAAA,6BAAoB,EAAC,eAAe,CAAC,CAAC,CAAC,EAAE,MAAM,IAAA,uBAAa,EAAC,EAAE,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3I,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAC/D,OAAO,eAAe,CAAC;IAC3B,CAAC;CACJ;AA3CD,iCA2CC"}

package/dist/cjs/modules/tide-js/Math/EncryptRequest.js

@@ -0,0 +1,96 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const Hash_js_1 = require("../Cryptide/Hashing/Hash.js");
+const Serialization_js_1 = require("../Cryptide/Serialization.js");
+const Math_js_1 = require("../Cryptide/Math.js");
+const index_js_1 = require("../Cryptide/index.js");
+const AES_js_1 = require("../Cryptide/Encryption/AES.js");
+const Datum_js_1 = __importDefault(require("../Models/Datum.js"));
+const SerializedField_js_1 = __importDefault(require("../Models/SerializedField.js"));
+const Ed25519_js_1 = require("../Cryptide/Ed25519.js");
+class EncryptRequest {
+    /**
+     *
+     * @param {Point} gCVK
+     * @param {Uint8Array} fieldDatum
+     * @param {number} timestamp
+     */
+    static async generatePartialRequest(gCVK, fieldDatum, timestamp) {
+        const ephKey = (0, Math_js_1.RandomBigInt)(); // not to be stored
+        const fieldKey = await (0, Hash_js_1.SHA256_Digest)((gCVK.mul(ephKey).toRawBytes())); // not to be stored
+        const encField = await (0, AES_js_1.encryptDataRawOutput)(fieldDatum, fieldKey);
+        const data = {
+            C1: Ed25519_js_1.Point.BASE.mul(ephKey),
+            EncField: encField,
+            EncFieldChk: await (0, Hash_js_1.SHA256_Digest)(encField),
+            timestamp: timestamp
+        };
+        return data;
+    }
+    /**
+     * @param {{
+            C1: Point;
+            EncField: Uint8Array;
+            EncFieldChk: Uint8Array;
+            timestamp: number;
+        }[]} partialRequests
+     * @param {bigint} li
+     * @param {Datum[]} datums
+     * @param {Point[]} gCVKRi
+     * @param {Uint8Array} ECDHi
+     */
+    static async generateEncryptedRequest(partialRequests, li, datums, gCVKRi, ECDHi) {
+        const toEncrypt = {
+            Timestamp: partialRequests[0].timestamp, // using first as theyre all the same
+            EncFieldChks: partialRequests.map(p => (0, Serialization_js_1.bytesToBase64)(p.EncFieldChk)),
+            C1s: partialRequests.map(p => p.C1.toBase64()),
+            Tags: datums.map(d => d.tag),
+            GCVKRi: gCVKRi.map(gcvkr => gcvkr.toBase64()),
+            Li: li.toString()
+        };
+        const encrypted = await (0, AES_js_1.encryptData)(JSON.stringify(toEncrypt), ECDHi);
+        return encrypted;
+    }
+    /**
+     * Will decrypt encrypted sigs, validate those sigs, and generate the serialized fields for the vendor to store
+     * @param {string[]} encryptedS
+     * @param  {{
+            EncFields: Uint8Array[];
+            EncFieldChks: Uint8Array[];
+            C1s: Point[];
+            Tags: number[];
+            GCVKRi: Point[];
+            Timestamp: number;
+        }} plainRequest
+     * @param {bigint[]} lis
+     * @param {Uint8Array[]} ECDHi
+     * @param {Point} gCVK
+     */
+    static async generateSerializedFields(encryptedS, plainRequest, lis, ECDHi, gCVK) {
+        const pre_decryptedData = encryptedS.map(async (encS, i) => JSON.parse(await (0, AES_js_1.decryptData)(encS, ECDHi[i])));
+        const decryptedData = await Promise.all(pre_decryptedData);
+        const CVKSi = plainRequest.C1s.map((_, i) => (0, Math_js_1.mod)(decryptedData.reduce((sum, next, j) => sum + (0, Math_js_1.mod)(BigInt(next.Si[i]) * lis[j]), BigInt(0))));
+        // validate signatures
+        for (let i = 0; i < plainRequest.C1s.length; i++) {
+            const M = await (0, Hash_js_1.SHA256_Digest)((0, Serialization_js_1.ConcatUint8Arrays)([
+                plainRequest.EncFieldChks[i],
+                plainRequest.C1s[i].toRawBytes(),
+                (0, Serialization_js_1.numberToUint8Array)(plainRequest.Tags[i], 8),
+                (0, Serialization_js_1.numberToUint8Array)(plainRequest.Timestamp, 8)
+            ]));
+            const valid = await index_js_1.EdDSA.verifyRaw(CVKSi[i], plainRequest.GCVKRi[i], gCVK, M);
+            if (valid == false) {
+                throw Error("Generalize Serialized Fields: Not all fields passed verification");
+            }
+        }
+        ;
+        // Create Serialized Fields as neat little byte arrays
+        const serializedFields = CVKSi.map((CVKS, i) => SerializedField_js_1.default.create(plainRequest.EncFields[i], plainRequest.C1s[i], plainRequest.Tags[i], plainRequest.Timestamp, plainRequest.GCVKRi[i], CVKS));
+        return serializedFields;
+    }
+}
+exports.default = EncryptRequest;
+//# sourceMappingURL=EncryptRequest.js.map

package/dist/cjs/modules/tide-js/Math/EncryptRequest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"EncryptRequest.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Math/EncryptRequest.js"],"names":[],"mappings":";;;;;AAAA,yDAA4D;AAC5D,mEAAoG;AACpG,iDAAwD;AACxD,mDAA6C;AAC7C,0DAA+F;AAC/F,kEAAuC;AACvC,sFAA2D;AAC3D,uDAA+C;AAE/C,MAAqB,cAAc;IAC/B;;;;;OAKG;IACH,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,EAAE,UAAU,EAAE,SAAS;QAC3D,MAAM,MAAM,GAAG,IAAA,sBAAY,GAAE,CAAC,CAAC,mBAAmB;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAA,uBAAa,EAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;QAC1F,MAAM,QAAQ,GAAG,MAAM,IAAA,6BAAoB,EAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAElE,MAAM,IAAI,GAAG;YACT,EAAE,EAAE,kBAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAC1B,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,MAAM,IAAA,uBAAa,EAAC,QAAQ,CAAC;YAC1C,SAAS,EAAE,SAAS;SACvB,CAAA;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,eAAe,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK;QAC5E,MAAM,SAAS,GAAG;YACd,SAAS,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,qCAAqC;YAC9E,YAAY,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAA,gCAAa,EAAC,CAAC,CAAC,WAAW,CAAC,CAAC;YACpE,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAC;YAC9C,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YAC5B,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC7C,EAAE,EAAE,EAAE,CAAC,QAAQ,EAAE;SACpB,CAAA;QACD,MAAM,SAAS,GAAG,MAAM,IAAA,oBAAW,EAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,KAAK,CAAC,CAAC;QACtE,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,UAAU,EAAE,YAAY,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI;QAC5E,MAAM,iBAAiB,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,IAAA,oBAAW,EAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3G,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAE3D,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAA,aAAG,EAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,IAAA,aAAG,EAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAE7I,sBAAsB;QACtB,KAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAC,CAAC;YAC7C,MAAM,CAAC,GAAG,MAAM,IAAA,uBAAa,EAAC,IAAA,oCAAiB,EAAC;gBAC5C,YAAY,CAAC,YAAY,CAAC,CAAC,CAAC;gBAC5B,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE;gBAChC,IAAA,qCAAkB,EAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,IAAA,qCAAkB,EAAC,YAAY,CAAC,SAAS,EAAE,CAAC,CAAC;aAChD,CAAC,CAAC,CAAC;YACJ,MAAM,KAAK,GAAG,MAAM,gBAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC/E,IAAG,KAAK,IAAI,KAAK,EAAC,CAAC;gBACf,MAAM,KAAK,CAAC,kEAAkE,CAAC,CAAC;YACpF,CAAC;QACL,CAAC;QAAA,CAAC;QAEF,sDAAsD;QACtD,MAAM,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,4BAAe,CAAC,MAAM,CAClE,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EACzB,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EACnB,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EACpB,YAAY,CAAC,SAAS,EACtB,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EACtB,IAAI,CACP,CAAC,CAAC;QACH,OAAO,gBAAgB,CAAC;IAC5B,CAAC;CACJ;AA5FD,iCA4FC"}

package/dist/cjs/modules/tide-js/Math/KeyAuthentication.js

@@ -0,0 +1,222 @@
+"use strict";
+// 
+// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
+// Copyright (C) 2022 Tide Foundation Ltd
+// 
+// This program is free software and is subject to the terms of 
+// the Tide Community Open Code License as published by the 
+// Tide Foundation Limited. You may modify it and redistribute 
+// it in accordance with and subject to the terms of that License.
+// This program is distributed WITHOUT WARRANTY of any kind, 
+// including without any implied warranty of MERCHANTABILITY or 
+// FITNESS FOR A PARTICULAR PURPOSE.
+// See the Tide Community Open Code License for more details.
+// You should have received a copy of the Tide Community Open 
+// Code License along with this program.
+// If not, see https://tide.org/licenses_tcoc2-0-0-en
+//
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GetDecryptedChallenge = GetDecryptedChallenge;
+exports.PrismConvertReply = PrismConvertReply;
+exports.CmkConvertReply = CmkConvertReply;
+exports.ConvertRememberedReply = ConvertRememberedReply;
+exports.AuthenticateBasicReply = AuthenticateBasicReply;
+exports.AuthenticateConsentReply = AuthenticateConsentReply;
+const Hash_js_1 = require("../Cryptide/Hashing/Hash.js");
+const Utils_js_1 = require("../Tools/Utils.js");
+const Serialization_js_1 = require("../Cryptide/Serialization.js");
+const Math_js_1 = require("../Cryptide/Math.js");
+const PrismConvertResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/PrismConvertResponse.js"));
+const index_js_1 = require("../Cryptide/index.js");
+const DecryptedCMKConvertResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/DecryptedCMKConvertResponse.js"));
+const CMKConvertResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/CMKConvertResponse.js"));
+const DecryptedPrismConvertResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/DecryptedPrismConvertResponse.js"));
+const AuthRequest_js_1 = __importDefault(require("../Models/AuthRequest.js"));
+const BlindSig_js_1 = require("../Cryptide/Signing/BlindSig.js");
+const AuthenticateResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Authenticate/AuthenticateResponse.js"));
+const DecryptedConvertRememberedResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/DecryptedConvertRememberedResponse.js"));
+const ConvertRememberedResponse_js_1 = __importDefault(require("../Models/Responses/KeyAuth/Convert/ConvertRememberedResponse.js"));
+const VendorData_js_1 = __importDefault(require("../Models/VendorData.js"));
+const Ed25519_js_1 = require("../Cryptide/Ed25519.js");
+const Ed25519Components_js_1 = require("../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js");
+/**
+ * For use in change password flow
+ * @param {PrismConvertResponse[]} convertResponses
+ * @param {bigint[]} lis
+ * @param {Point[]} mgORKi
+ * @param {bigint} r1
+ * @returns
+ */
+async function GetDecryptedChallenge(convertResponses, lis, mgORKi, r1) {
+    const gPassPRISM = convertResponses.reduce((sum, next, i) => sum.add(next.GBlurPassPrismi.mul(lis[i])), Ed25519_js_1.Point.ZERO).mul((0, Math_js_1.mod_inv)(r1));
+    const gPassPRISM_hashed = (0, Math_js_1.mod)((0, Serialization_js_1.BigIntFromByteArray)(await (0, Hash_js_1.SHA256_Digest)(gPassPRISM.toRawBytes())));
+    const pre_prismAuthi = mgORKi.map(async (ork) => await (0, Hash_js_1.SHA256_Digest)(ork.mul(gPassPRISM_hashed).toRawBytes())); // create a prismAuthi for each ork
+    const prismAuthis = await Promise.all(pre_prismAuthi); // wait for all async functions to finish
+    let decryptedChallenges;
+    try {
+        const pre_decData = convertResponses.map(async (resp, i) => await index_js_1.AES.decryptData(resp.EncChallengei, prismAuthis[i]));
+        decryptedChallenges = await Promise.all(pre_decData);
+    }
+    catch {
+        throw Error("enclave.invalidAccount");
+    }
+    return decryptedChallenges;
+}
+/**
+ * @param {PrismConvertResponse[]} convertResponses
+ * @param {bigint[]} ids
+ * @param {Point[]} mgORKi
+ * @param {bigint} r1
+ * @param {Uint8Array[]} prkECDHi
+ */
+async function PrismConvertReply(convertResponses, ids, mgORKi, r1, prkECDHi) {
+    // ∑ gPass ⋅ r1 ⋅ PRISMi ⋅ li / r1
+    const gPassPRISM = index_js_1.Interpolation.AggregatePointsWithIds(convertResponses.map(resp => resp.GBlurPassPrismi), ids).divide(r1);
+    const gPassPRISM_hashed = await gPassPRISM.hash();
+    const prismAuthis = await index_js_1.DH.generateECDHi(mgORKi, gPassPRISM_hashed);
+    let decPrismRequesti;
+    try {
+        const pre_decPrismRequesti = convertResponses.map(async (chall, i) => DecryptedPrismConvertResponse_js_1.default.from(await index_js_1.AES.decryptData(chall.EncRequesti, prismAuthis[i])));
+        decPrismRequesti = await Promise.all(pre_decPrismRequesti);
+    }
+    catch {
+        throw Error("enclave.invalidAccount");
+    }
+    const timestampi = (0, Math_js_1.median)(decPrismRequesti.map(resp => resp.Timestampi));
+    const pre_selfRequesti = decPrismRequesti.map(async (req, i) => await index_js_1.AES.decryptData(req.PRKRequesti, prkECDHi[i]));
+    const selfRequesti = await Promise.all(pre_selfRequesti);
+    // Calculate when the stored token expires
+    const expired = (0, Utils_js_1.CurrentTime)() + (0, Math_js_1.Min)(decPrismRequesti.map(d => d.Exti));
+    return { prismAuthis, timestampi, selfRequesti, expired };
+}
+/**
+ * @param {CMKConvertResponse[]} convertResponses
+ * @param {bigint[]} ids
+ * @param {Uint8Array[]} prismAuthis
+ * @param {Point} gCMK
+ * @param {bigint} timestampi
+ * @param {string} sessID
+ * @param {string} purpose
+ * @param {Point} qPub
+ * @param {bigint} uDeObf
+ * @param {bigint} blurerKPriv
+ * @param {Ed25519PublicComponent} gSessKeyPub
+ */
+async function CmkConvertReply(convertResponses, ids, prismAuthis, gCMK, timestampi, sessID, purpose, qPub, uDeObf, blurerKPriv, gSessKeyPub) {
+    let decData;
+    try {
+        const pre_decData = convertResponses.map(async (resp, i) => DecryptedCMKConvertResponse_js_1.default.from(await index_js_1.AES.decryptData(resp.EncChallengei, prismAuthis[i])));
+        decData = await Promise.all(pre_decData);
+    }
+    catch {
+        throw Error("enclave.invalidAccount");
+    }
+    const userPRISM = index_js_1.Interpolation.AggregatePointsWithIds(decData.map(d => d.UserPRISMi), ids);
+    const userPRISMdec = userPRISM.mul((0, Math_js_1.mod)((0, Serialization_js_1.BigIntFromByteArray)(await index_js_1.DH.computeSharedKey(qPub, blurerKPriv))));
+    const gUserCMK = userPRISMdec.divide(uDeObf);
+    const gUserCMK_Hash = await index_js_1.Hash.SHA512_Digest(gUserCMK.toRawBytes());
+    const CMKMul = (0, Math_js_1.mod)((0, Serialization_js_1.BigIntFromByteArray)(gUserCMK_Hash.slice(0, 32)));
+    const VUID = (0, Serialization_js_1.Bytes2Hex)(gUserCMK_Hash.slice(-32));
+    const gCMKAuth = gCMK.mul(CMKMul);
+    const gCMKR = index_js_1.Interpolation.AggregatePoints(convertResponses.map(resp => resp.GCMKRi));
+    const authToken = AuthRequest_js_1.default.new(VUID, purpose, gSessKeyPub.Serialize().ToString(), timestampi + (0, Utils_js_1.randBetween)(30, 90), sessID);
+    const { blurHCMKMul, blur, gRMul } = await (0, BlindSig_js_1.genBlindMessage)(gCMKR, gCMKAuth, authToken.toUint8Array(), CMKMul);
+    return { VUID: VUID, blurHCMKMul, r4: blur, gCMKAuth, authToken, gRMul };
+}
+/**
+ * @param {ConvertRememberedResponse[]} responses
+ * @param {bigint[]} mIdORKi
+ * @param {Point} gCMK
+ * @param {string} sessID
+ * @param {Uint8Array[]} prkECDHi
+ * @param {Point} qPub
+ * @param {bigint} uDeObf
+ * @param {bigint} blurerKPriv
+ * @param {Ed25519PublicComponent} gSessKeyPub
+ */
+async function ConvertRememberedReply(responses, mIdORKi, gCMK, sessID, prkECDHi, qPub, uDeObf, blurerKPriv, gSessKeyPub) {
+    const pre_decryptedResonses = responses.map((async (resp, i) => DecryptedConvertRememberedResponse_js_1.default.from(await index_js_1.AES.decryptData(resp.EncRequesti, prkECDHi[i]))));
+    const decryptedResponses = await Promise.all(pre_decryptedResonses);
+    const timestamp = index_js_1.Math.median(decryptedResponses.map(d => d.timestampi));
+    const userPRISM = index_js_1.Interpolation.AggregatePointsWithIds(decryptedResponses.map(d => d.UserPRISMi), mIdORKi);
+    const userPRISMdec = userPRISM.mul((0, Math_js_1.mod)((0, Serialization_js_1.BigIntFromByteArray)(await index_js_1.DH.computeSharedKey(qPub, blurerKPriv))));
+    const gUserCMK = userPRISMdec.divide(uDeObf);
+    const gUserCMK_Hash = await index_js_1.Hash.SHA512_Digest(gUserCMK.toRawBytes());
+    const CMKMul = (0, Math_js_1.mod)((0, Serialization_js_1.BigIntFromByteArray)(gUserCMK_Hash.slice(0, 32)));
+    const VUID = (0, Serialization_js_1.Bytes2Hex)(gUserCMK_Hash.slice(-32));
+    const gCMKAuth = gCMK.mul(CMKMul);
+    const gCMKR = index_js_1.Interpolation.AggregatePoints(responses.map(resp => resp.GCMKRi));
+    const authToken = AuthRequest_js_1.default.new(VUID, "auth", gSessKeyPub.Serialize().ToString(), timestamp + (0, Utils_js_1.randBetween)(30, 90), sessID);
+    const { blurHCMKMul, blur: r4, gRMul } = await (0, BlindSig_js_1.genBlindMessage)(gCMKR, gCMKAuth, authToken.toUint8Array(), CMKMul);
+    return {
+        VUID,
+        gCMKAuth,
+        blurHCMKMul,
+        r4,
+        gRMul,
+        authToken,
+        prkECDHi
+    };
+}
+/**
+ *
+ * @param {string} vuid
+ * @param {Uint8Array[]} prkECDHi
+ * @param {string[]} encSigi
+ * @param {Point} gCMKAuth
+ * @param {AuthRequest} authToken
+ * @param {bigint} r4
+ * @param {Point} gRMul
+ * @param {Point} gVRK
+ */
+async function AuthenticateBasicReply(vuid, prkECDHi, encSigi, gCMKAuth, authToken, r4, gRMul, gVRK) {
+    const pre_authResp = encSigi.map(async (enc, i) => AuthenticateResponse_js_1.default.from(await index_js_1.AES.decryptData(enc, prkECDHi[i])));
+    const authResp = await Promise.all(pre_authResp);
+    const blindS = (0, Math_js_1.mod)(authResp.reduce((sum, next) => sum + next.Si, BigInt(0)));
+    const sig = await (0, BlindSig_js_1.unblindSignature)(blindS, r4);
+    const blindSigValid = await (0, BlindSig_js_1.verifyBlindSignature)(sig, gRMul, gCMKAuth, authToken.toUint8Array());
+    if (!blindSigValid)
+        throw Error("Blind Signature Failed");
+    const blindSig = (0, Serialization_js_1.bytesToBase64)((0, BlindSig_js_1.serializeBlindSig)(sig, gRMul));
+    if (gVRK == null) {
+        const vendorData = new VendorData_js_1.default(vuid, gCMKAuth, blindSig, authToken).toString();
+        return vendorData;
+    }
+    else {
+        const VendorEncryptedData = await index_js_1.ElGamal.encryptData((0, Serialization_js_1.StringToUint8Array)(new VendorData_js_1.default(vuid, gCMKAuth, blindSig, authToken).toString()), gVRK);
+        return VendorEncryptedData;
+    }
+}
+/**
+ *
+ * @param {string} vuid
+ * @param {Uint8Array[]} prkECDHi
+ * @param {string[]} encSigi
+ * @param {Point} gCMKAuth
+ * @param {AuthRequest} authToken
+ * @param {bigint} r4
+ * @param {Point} gRMul
+ * @param {Point} gVRK
+ * @param {bigint} sessKey
+ * @param {string} consentToSign
+ */
+async function AuthenticateConsentReply(vuid, prkECDHi, encSigi, gCMKAuth, authToken, r4, gRMul, gVRK, sessKey, consentToSign) {
+    const pre_authResp = encSigi.map(async (enc, i) => AuthenticateResponse_js_1.default.from(await index_js_1.AES.decryptData(enc, prkECDHi[i])));
+    const authResp = await Promise.all(pre_authResp);
+    const blindS = (0, Math_js_1.mod)(authResp.reduce((sum, next) => sum + next.Si, BigInt(0)));
+    const sig = await (0, BlindSig_js_1.unblindSignature)(blindS, r4);
+    const blindSigValid = await (0, BlindSig_js_1.verifyBlindSignature)(sig, gRMul, gCMKAuth, authToken.toUint8Array());
+    if (!blindSigValid)
+        throw Error("Blind Signature Failed");
+    const blindSig = (0, Serialization_js_1.bytesToBase64)((0, BlindSig_js_1.serializeBlindSig)(sig, gRMul));
+    const vendorData = new VendorData_js_1.default(vuid, gCMKAuth, blindSig, authToken);
+    const VendorEncryptedData = await index_js_1.ElGamal.encryptData((0, Serialization_js_1.StringToUint8Array)(JSON.stringify({
+        VendorData: vendorData.toString(),
+        Consent: (await index_js_1.EdDSA.sign(consentToSign, sessKey))
+    })), gVRK);
+    return VendorEncryptedData;
+}
+//# sourceMappingURL=KeyAuthentication.js.map

package/dist/cjs/modules/tide-js/Math/KeyAuthentication.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"KeyAuthentication.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Math/KeyAuthentication.js"],"names":[],"mappings":";AAAA,GAAG;AACH,gEAAgE;AAChE,yCAAyC;AACzC,GAAG;AACH,gEAAgE;AAChE,4DAA4D;AAC5D,+DAA+D;AAC/D,kEAAkE;AAClE,6DAA6D;AAC7D,gEAAgE;AAChE,oCAAoC;AACpC,6DAA6D;AAC7D,8DAA8D;AAC9D,wCAAwC;AACxC,qDAAqD;AACrD,EAAE;;;;;AA4BF,sDAgBC;AASD,8CAuBC;AAeD,0CAuBC;AAYD,wDA6BC;AAYD,wDAiBC;AAeD,4DAiBC;AArND,yDAA4F;AAC5F,gDAA6D;AAC7D,mEAAoI;AACpI,iDAAgE;AAChE,0HAA+F;AAC/F,mDAA0F;AAC1F,wIAA6G;AAC7G,sHAA2F;AAC3F,4IAAiH;AACjH,8EAAmD;AACnD,iEAA6H;AAC7H,+HAAoG;AACpG,sJAA2H;AAC3H,oIAAyG;AACzG,4EAAiD;AACjD,uDAA+C;AAC/C,sGAAqG;AACrG;;;;;;;GAOG;AACI,KAAK,UAAU,qBAAqB,CAAC,gBAAgB,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE;IACzE,MAAM,UAAU,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,kBAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,IAAA,iBAAO,EAAC,EAAE,CAAC,CAAC,CAAC;IACrI,MAAM,iBAAiB,GAAG,IAAA,aAAG,EAAC,IAAA,sCAAmB,EAAC,MAAM,IAAA,uBAAa,EAAC,UAAU,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;IAEjG,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,EAAC,GAAG,EAAC,EAAE,CAAC,MAAM,IAAA,uBAAa,EAAC,GAAG,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA,CAAC,mCAAmC;IAChJ,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,yCAAyC;IAEhG,IAAI,mBAAmB,CAAC;IACxB,IAAG,CAAC;QACA,MAAM,WAAW,GAAG,gBAAgB,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvH,mBAAmB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACzD,CAAC;IAAA,MAAK,CAAC;QACH,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO,mBAAmB,CAAC;AAC/B,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,iBAAiB,CAAC,gBAAgB,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ;IAC/E,kCAAkC;IAClC,MAAM,UAAU,GAAG,wBAAa,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5H,MAAM,iBAAiB,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,CAAC;IAElD,MAAM,WAAW,GAAG,MAAM,aAAE,CAAC,aAAa,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAEtE,IAAI,gBAAgB,CAAC;IACrB,IAAG,CAAC;QACA,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,0CAA6B,CAAC,IAAI,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpK,gBAAgB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC/D,CAAC;IAAA,MAAK,CAAC;QACH,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC1C,CAAC;IACD,MAAM,UAAU,GAAG,IAAA,gBAAM,EAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAEzE,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrH,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAEzD,0CAA0C;IAC1C,MAAM,OAAO,GAAG,IAAA,sBAAW,GAAE,GAAG,IAAA,aAAG,EAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAEvE,OAAO,EAAC,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,OAAO,EAAC,CAAA;AAC3D,CAAC;AAED;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,eAAe,CAAC,gBAAgB,EAAE,GAAG,EAAE,WAAW,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW;IAC/I,IAAI,OAAO,CAAC;IACZ,IAAG,CAAC;QACA,MAAM,WAAW,GAAG,gBAAgB,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,wCAA2B,CAAC,IAAI,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzJ,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAAA,MAAK,CAAC;QACH,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,SAAS,GAAG,wBAAa,CAAC,sBAAsB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,GAAG,CAAC,CAAC;IAC5F,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,IAAA,aAAG,EAAC,IAAA,sCAAmB,EAAC,MAAM,aAAE,CAAC,gBAAgB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3G,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,MAAM,eAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IAEtE,MAAM,MAAM,GAAG,IAAA,aAAG,EAAC,IAAA,sCAAmB,EAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACpE,MAAM,IAAI,GAAG,IAAA,4BAAS,EAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,wBAAa,CAAC,eAAe,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACvF,MAAM,SAAS,GAAG,wBAAW,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,EAAE,UAAU,GAAG,IAAA,sBAAW,EAAC,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAC/H,MAAM,EAAC,WAAW,EAAE,IAAI,EAAE,KAAK,EAAC,GAAG,MAAM,IAAA,6BAAe,EAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC,YAAY,EAAE,EAAE,MAAM,CAAC,CAAC;IAE5G,OAAO,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAC,CAAA;AAC1E,CAAC;AACD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW;IAC3H,MAAM,qBAAqB,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,EAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,+CAAkC,CAAC,IAAI,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/J,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAEpE,MAAM,SAAS,GAAG,eAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;IAEzE,MAAM,SAAS,GAAG,wBAAa,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,CAAC;IAC3G,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,IAAA,aAAG,EAAC,IAAA,sCAAmB,EAAC,MAAM,aAAE,CAAC,gBAAgB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3G,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,MAAM,eAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IAEtE,MAAM,MAAM,GAAG,IAAA,aAAG,EAAC,IAAA,sCAAmB,EAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACpE,MAAM,IAAI,GAAG,IAAA,4BAAS,EAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,wBAAa,CAAC,eAAe,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAEhF,MAAM,SAAS,GAAG,wBAAW,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,WAAW,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,EAAE,SAAS,GAAG,IAAA,sBAAW,EAAC,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAE7H,MAAM,EAAC,WAAW,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAC,GAAG,MAAM,IAAA,6BAAe,EAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC,YAAY,EAAE,EAAE,MAAM,CAAC,CAAC;IAChH,OAAO;QACH,IAAI;QACJ,QAAQ;QACR,WAAW;QACX,EAAE;QACF,KAAK;QACL,SAAS;QACT,QAAQ;KACX,CAAA;AACL,CAAC;AACD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,sBAAsB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI;IACtG,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAoB,CAAC,IAAI,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvH,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAG,IAAA,aAAG,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,IAAA,8BAAgB,EAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,IAAA,kCAAoB,EAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC,YAAY,EAAE,CAAC,CAAC;IACjG,IAAG,CAAC,aAAa;QAAE,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,IAAA,gCAAa,EAAC,IAAA,+BAAiB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAE9D,IAAG,IAAI,IAAI,IAAI,EAAC,CAAC;QACb,MAAM,UAAU,GAAG,IAAI,uBAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC;QAClF,OAAO,UAAU,CAAC;IACtB,CAAC;SAAI,CAAC;QACF,MAAM,mBAAmB,GAAG,MAAM,kBAAO,CAAC,WAAW,CAAC,IAAA,qCAAkB,EAAC,IAAI,uBAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAChJ,OAAO,mBAAmB,CAAC;IAC/B,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,wBAAwB,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,aAAa;IAChI,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAoB,CAAC,IAAI,CAAC,MAAM,cAAG,CAAC,WAAW,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvH,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAG,IAAA,aAAG,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,MAAM,IAAA,8BAAgB,EAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,MAAM,IAAA,kCAAoB,EAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,CAAC,YAAY,EAAE,CAAC,CAAC;IACjG,IAAG,CAAC,aAAa;QAAE,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,IAAA,gCAAa,EAAC,IAAA,+BAAiB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAE9D,MAAM,UAAU,GAAG,IAAI,uBAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvE,MAAM,mBAAmB,GAAG,MAAM,kBAAO,CAAC,WAAW,CAAC,IAAA,qCAAkB,EAAC,IAAI,CAAC,SAAS,CAAC;QACpF,UAAU,EAAE,UAAU,CAAC,QAAQ,EAAE;QACjC,OAAO,EAAE,CAAC,MAAM,gBAAK,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;KACtD,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAEX,OAAO,mBAAmB,CAAC;AAC/B,CAAC"}