@vess-id/status-list 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/LICENSE +51 -0
  2. package/README.md +710 -0
  3. package/dist/index.cjs +1576 -0
  4. package/dist/index.cjs.map +1 -0
  5. package/dist/index.d.cts +1634 -0
  6. package/dist/index.d.ts +1634 -0
  7. package/dist/index.js +1508 -0
  8. package/dist/index.js.map +1 -0
  9. package/package.json +79 -0
package/dist/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../lib/types/errors.ts","../lib/core/bitpack.ts","../lib/core/compression.ts","../lib/core/StatusList.ts","../lib/types/common.ts","../lib/formats/jwt/StatusListJWT.ts","../lib/formats/jwt/signer.ts","../lib/formats/jwt/verifier.ts","../lib/formats/cwt/types.ts","../lib/formats/cwt/cose.ts","../lib/formats/cwt/StatusListCWT.ts","../lib/helper/fetcher.ts","../lib/helper/validator.ts","../lib/helper/StatusListTokenHelper.ts"],"names":["StandardStatusValues","base64UrlDecode","cbor2","arrayBuffer","validateJWTPayload","validateCWTPayload","payload","statusList"],"mappings":";;;;;;AAGO,IAAM,eAAA,GAAN,cAA8B,KAAA,CAAM;AAAA,EACzC,YAAY,OAAA,EAAiB;AAC3B,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAA;AAEZ,IAAA,IAAI,MAAM,iBAAA,EAAmB;AAC3B,MAAA,KAAA,CAAM,iBAAA,CAAkB,IAAA,EAAM,IAAA,CAAK,WAAW,CAAA;AAAA,IAChD;AAAA,EACF;AACF;AAKO,IAAM,qBAAA,GAAN,cAAoC,eAAA,CAAgB;AAAA,EACzD,WAAA,CAAY,OAAe,QAAA,EAAkB;AAC3C,IAAA,KAAA,CAAM,CAAA,MAAA,EAAS,KAAK,CAAA,kCAAA,EAAqC,QAAQ,CAAA,CAAE,CAAA;AACnE,IAAA,IAAA,CAAK,IAAA,GAAO,uBAAA;AAAA,EACd;AACF;AAMO,IAAM,mBAAA,GAAN,cAAkC,eAAA,CAAgB;AAAA,EACvD,YAAY,IAAA,EAAc;AACxB,IAAA,KAAA,CAAM,CAAA,kBAAA,EAAqB,IAAI,CAAA,+BAAA,CAAiC,CAAA;AAChE,IAAA,IAAA,CAAK,IAAA,GAAO,qBAAA;AAAA,EACd;AACF;AAKO,IAAM,uBAAA,GAAN,cAAsC,eAAA,CAAgB;AAAA,EAC3D,WAAA,CAAY,KAAA,EAAe,QAAA,EAAkB,aAAA,EAAuB;AAClE,IAAA,KAAA,CAAM,yBAAyB,KAAK,CAAA,MAAA,EAAS,aAAa,CAAA,8BAAA,EAAiC,QAAQ,CAAA,CAAE,CAAA;AACrG,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EACd;AACF;AAKO,IAAM,uBAAA,GAAN,cAAsC,eAAA,CAAgB;AAAA,EAC3D,YAAY,OAAA,EAAiB;AAC3B,IAAA,KAAA,CAAM,CAAA,sBAAA,EAAyB,OAAO,CAAA,CAAE,CAAA;AACxC,IAAA,IAAA,CAAK,IAAA,GAAO,yBAAA;AAAA,EACd;AACF;AAKO,IAAM,sBAAA,GAAN,cAAqC,eAAA,CAAgB;AAAA,EAC1D,WAAA,CAAY,KAAa,WAAA,EAAqB;AAC5C,IAAA,KAAA,CAAM,CAAA,uBAAA,EAA0B,GAAG,CAAA,gBAAA,EAAmB,WAAW,CAAA,CAAA,CAAG,CAAA;AACpE,IAAA,IAAA,CAAK,IAAA,GAAO,wBAAA;AAAA,EACd;AACF;AAKO,IAAM,UAAA,GAAN,cAAyB,eAAA,CAAgB;AAAA,EAC9C,YAAY,OAAA,EAAiB;AAC3B,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,YAAA;AAAA,EACd;AACF;AAKO,IAAM,yBAAA,GAAN,cAAwC,eAAA,CAAgB;AAAA,EAC7D,WAAA,CAAY,UAAkB,uCAAA,EAAyC;AACrE,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,2BAAA;AAAA,EACd;AACF;AAKO,IAAM,gBAAA,GAAN,cAA+B,eAAA,CAAgB;AAAA,EACpD,WAAA,CAAY,SAAiB,KAAA,EAAe;AAC1C,IAAA,MAAM,cAAc,KAAA,GAAQ,CAAA,EAAG,OAAO,CAAA,EAAA,EAAK,KAAA,CAAM,OAAO,CAAA,CAAA,GAAK,OAAA;AAC7D,IAAA,KAAA,CAAM,WAAW,CAAA;AACjB,IAAA,IAAA,CAAK,IAAA,GAAO,kBAAA;AACZ,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AACF;AAKO,IAAM,eAAA,GAAN,cAA8B,eAAA,CAAgB;AAAA,EACnC,MAAA;AAAA,EAEhB,YAAY,MAAA,EAAkB;AAC5B,IAAA,KAAA,CAAM,CAAA,mBAAA,EAAsB,MAAA,CAAO,IAAA,CAAK,IAAI,CAAC,CAAA,CAAE,CAAA;AAC/C,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAA;AACZ,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AACF;;;ACnGA,SAAS,gBAAgB,IAAA,EAA6C;AACpE,EAAA,IAAI,SAAS,CAAA,IAAK,IAAA,KAAS,KAAK,IAAA,KAAS,CAAA,IAAK,SAAS,CAAA,EAAG;AACxD,IAAA,MAAM,IAAI,oBAAoB,IAAI,CAAA;AAAA,EACpC;AACF;AASA,SAAS,mBAAA,CAAoB,OAAoB,aAAA,EAAoC;AACnF,EAAA,MAAM,QAAA,GAAA,CAAY,KAAK,aAAA,IAAiB,CAAA;AACxC,EAAA,IAAI,KAAA,GAAQ,CAAA,IAAK,KAAA,GAAQ,QAAA,EAAU;AACjC,IAAA,MAAM,IAAI,uBAAA,CAAwB,KAAA,EAAO,QAAA,EAAU,aAAa,CAAA;AAAA,EAClE;AACF;AAoBO,SAAS,QAAA,CAAS,UAAyB,aAAA,EAA0C;AAC1F,EAAA,eAAA,CAAgB,aAAa,CAAA;AAG7B,EAAA,MAAM,SAAA,GAAY,SAAS,MAAA,GAAS,aAAA;AACpC,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,IAAA,CAAK,SAAA,GAAY,CAAC,CAAA;AAC1C,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,UAAU,CAAA;AAGvC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,MAAM,KAAA,GAAQ,SAAS,CAAC,CAAA;AACxB,IAAA,mBAAA,CAAoB,OAAO,aAAa,CAAA;AAGxC,IAAA,MAAM,YAAY,CAAA,GAAI,aAAA;AACtB,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA;AAC1C,IAAA,MAAM,cAAc,SAAA,GAAY,CAAA;AAGhC,IAAA,KAAA,CAAM,SAAS,KAAK,KAAA,IAAS,WAAA;AAG7B,IAAA,IAAI,WAAA,GAAc,gBAAgB,CAAA,EAAG;AACnC,MAAA,MAAM,cAAA,GAAiB,cAAc,aAAA,GAAgB,CAAA;AACrD,MAAA,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA,IAAK,KAAA,IAAU,aAAA,GAAgB,cAAA;AAAA,IACpD;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAeO,SAAS,UAAA,CAAW,OAAmB,aAAA,EAA6C;AACzF,EAAA,eAAA,CAAgB,aAAa,CAAA;AAE7B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,GAAS,CAAA;AACjC,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,aAAa,CAAA;AACxD,EAAA,MAAM,QAAA,GAA0B,IAAI,KAAA,CAAM,WAAW,CAAA;AAErD,EAAA,MAAM,IAAA,GAAA,CAAQ,KAAK,aAAA,IAAiB,CAAA;AAEpC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,WAAA,EAAa,CAAA,EAAA,EAAK;AACpC,IAAA,QAAA,CAAS,CAAC,CAAA,GAAI,WAAA,CAAY,KAAA,EAAO,CAAA,EAAG,eAAe,IAAI,CAAA;AAAA,EACzD;AAEA,EAAA,OAAO,QAAA;AACT;AAmBO,SAAS,WAAA,CACd,KAAA,EACA,KAAA,EACA,aAAA,EACA,IAAA,EACa;AACb,EAAA,eAAA,CAAgB,aAAa,CAAA;AAE7B,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,GAAS,CAAA;AACjC,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,aAAa,CAAA,GAAI,CAAA;AAEzD,EAAA,IAAI,KAAA,GAAQ,CAAA,IAAK,KAAA,GAAQ,QAAA,EAAU;AACjC,IAAA,MAAM,IAAI,qBAAA,CAAsB,KAAA,EAAO,QAAQ,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,OAAO,aAAA,GAAgB,KAAA;AAC7B,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,IAAA,GAAO,CAAC,CAAA;AACrC,EAAA,MAAM,YAAY,IAAA,GAAO,CAAA;AAEzB,EAAA,MAAM,cAAA,GAAiB,IAAA,IAAA,CAAS,CAAA,IAAK,aAAA,IAAiB,CAAA;AAGtD,EAAA,IAAI,KAAA,GAAS,KAAA,CAAM,SAAS,CAAA,IAAK,SAAA,GAAa,cAAA;AAG9C,EAAA,IAAI,SAAA,GAAY,gBAAgB,CAAA,EAAG;AACjC,IAAA,MAAM,cAAA,GAAiB,YAAY,aAAA,GAAgB,CAAA;AACnD,IAAA,MAAM,eAAe,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA,GAAA,CAAM,KAAK,cAAA,IAAkB,CAAA;AACrE,IAAA,KAAA,IAAS,gBAAiB,aAAA,GAAgB,cAAA;AAAA,EAC5C;AAEA,EAAA,OAAO,KAAA;AACT;AAYO,SAAS,WAAA,CACd,KAAA,EACA,KAAA,EACA,KAAA,EACA,aAAA,EACM;AACN,EAAA,eAAA,CAAgB,aAAa,CAAA;AAC7B,EAAA,mBAAA,CAAoB,OAAO,aAAa,CAAA;AAExC,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,GAAS,CAAA;AACjC,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,SAAA,GAAY,aAAa,CAAA,GAAI,CAAA;AAEzD,EAAA,IAAI,KAAA,GAAQ,CAAA,IAAK,KAAA,GAAQ,QAAA,EAAU;AACjC,IAAA,MAAM,IAAI,qBAAA,CAAsB,KAAA,EAAO,QAAQ,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,OAAO,aAAA,GAAgB,KAAA;AAC7B,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,IAAA,GAAO,CAAC,CAAA;AACrC,EAAA,MAAM,YAAY,IAAA,GAAO,CAAA;AAEzB,EAAA,MAAM,IAAA,GAAA,CAAQ,KAAK,aAAA,IAAiB,CAAA;AAGpC,EAAA,KAAA,CAAM,SAAS,CAAA,IAAK,EAAE,IAAA,IAAQ,SAAA,CAAA;AAG9B,EAAA,KAAA,CAAM,SAAS,CAAA,IAAA,CAAM,KAAA,GAAQ,IAAA,KAAS,SAAA;AAGtC,EAAA,IAAI,SAAA,GAAY,gBAAgB,CAAA,EAAG;AACjC,IAAA,MAAM,cAAA,GAAiB,YAAY,aAAA,GAAgB,CAAA;AACnD,IAAA,MAAM,YAAA,GAAA,CAAgB,KAAK,cAAA,IAAkB,CAAA;AAG7C,IAAA,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA,IAAK,CAAC,YAAA;AAGzB,IAAA,KAAA,CAAM,SAAA,GAAY,CAAC,CAAA,IAAM,KAAA,IAAU,gBAAgB,cAAA,GAAmB,YAAA;AAAA,EACxE;AACF;AASO,SAAS,iBAAA,CAAkB,YAAoB,aAAA,EAAsC;AAC1F,EAAA,eAAA,CAAgB,aAAa,CAAA;AAC7B,EAAA,OAAO,IAAA,CAAK,KAAA,CAAO,UAAA,GAAa,CAAA,GAAK,aAAa,CAAA;AACpD;AC9MO,SAAS,SAAS,IAAA,EAA8B;AACrD,EAAA,IAAI;AAEF,IAAA,OAAY,IAAA,CAAA,OAAA,CAAQ,IAAA,EAAM,EAAE,KAAA,EAAO,GAAG,CAAA;AAAA,EACxC,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,gBAAA,CAAiB,yBAAA,EAA2B,KAAc,CAAA;AAAA,EACtE;AACF;AASO,SAAS,WAAW,UAAA,EAAoC;AAC7D,EAAA,IAAI;AACF,IAAA,OAAY,aAAQ,UAAU,CAAA;AAAA,EAChC,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,gBAAA,CAAiB,2BAAA,EAA6B,KAAc,CAAA;AAAA,EACxE;AACF;AASO,SAAS,oBAAoB,IAAA,EAA0B;AAC5D,EAAA,MAAM,UAAA,GAAa,SAAS,IAAI,CAAA;AAChC,EAAA,OAAO,gBAAgB,UAAU,CAAA;AACnC;AASO,SAAS,wBAAwB,SAAA,EAA+B;AACrE,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,gBAAgB,SAAS,CAAA;AAC5C,IAAA,OAAO,WAAW,UAAU,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,gBAAA,EAAkB;AACrC,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,gBAAA,CAAiB,+CAAA,EAAiD,KAAc,CAAA;AAAA,EAC5F;AACF;AAYA,SAAS,gBAAgB,KAAA,EAA2B;AAElD,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEjC,IAAA,MAAA,GAAS,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,CAAE,SAAS,QAAQ,CAAA;AAAA,EAC/C,CAAA,MAAO;AAEL,IAAA,MAAM,MAAA,GAAS,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAA;AAC3C,IAAA,MAAA,GAAS,KAAK,MAAM,CAAA;AAAA,EACtB;AAGA,EAAA,OAAO,MAAA,CAAO,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACxE;AASA,SAAS,gBAAgB,SAAA,EAA+B;AAEtD,EAAA,IAAI,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAG3D,EAAA,MAAM,OAAA,GAAU,OAAO,MAAA,GAAS,CAAA;AAChC,EAAA,IAAI,UAAU,CAAA,EAAG;AACf,IAAA,MAAA,IAAU,GAAA,CAAI,MAAA,CAAO,CAAA,GAAI,OAAO,CAAA;AAAA,EAClC;AAGA,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEjC,IAAA,OAAO,IAAI,UAAA,CAAW,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAC,CAAA;AAAA,EACrD,CAAA,MAAO;AAEL,IAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,MAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,IAChC;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACvGO,IAAM,UAAA,GAAN,MAAM,WAAA,CAAW;AAAA,EACL,WAAA;AAAA,EACA,aAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUjB,WAAA,CAAY,aAAyB,aAAA,EAA8B;AACjE,IAAA,IAAA,CAAK,WAAA,GAAc,WAAA;AACnB,IAAA,IAAA,CAAK,aAAA,GAAgB,aAAA;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,UAAU,KAAA,EAA4B;AACpC,IAAA,OAAO,WAAA,CAAY,IAAA,CAAK,WAAA,EAAa,KAAA,EAAO,KAAK,aAAa,CAAA;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBA,SAAA,CAAU,OAAe,KAAA,EAA0B;AACjD,IAAA,WAAA,CAAY,IAAA,CAAK,WAAA,EAAa,KAAA,EAAO,KAAA,EAAO,KAAK,aAAa,CAAA;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,gBAAA,GAAkC;AAChC,IAAA,OAAO,IAAA,CAAK,aAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAA,GAAkB;AAChB,IAAA,OAAO,iBAAA,CAAkB,IAAA,CAAK,WAAA,CAAY,MAAA,EAAQ,KAAK,aAAa,CAAA;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,QAAA,GAAuB;AACrB,IAAA,OAAO,IAAA,CAAK,WAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,mBAAA,GAA8B;AAC5B,IAAA,OAAO,mBAAA,CAAoB,KAAK,WAAW,CAAA;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,eAAA,GAA8B;AAC5B,IAAA,OAAO,QAAA,CAAS,KAAK,WAAW,CAAA;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAyBA,OAAO,SAAA,CAAU,QAAA,EAAyB,aAAA,EAA0C;AAClF,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,QAAA,EAAU,aAAa,CAAA;AAC9C,IAAA,OAAO,IAAI,WAAA,CAAW,KAAA,EAAO,aAAa,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAoBA,OAAO,uBAAA,CAAwB,UAAA,EAAoB,aAAA,EAA0C;AAC3F,IAAA,MAAM,KAAA,GAAQ,wBAAwB,UAAU,CAAA;AAChD,IAAA,OAAO,IAAI,WAAA,CAAW,KAAA,EAAO,aAAa,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAqBA,OAAO,mBAAA,CAAoB,UAAA,EAAwB,aAAA,EAA0C;AAC3F,IAAA,MAAM,KAAA,GAAQ,WAAW,UAAU,CAAA;AACnC,IAAA,OAAO,IAAI,WAAA,CAAW,KAAA,EAAO,aAAa,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,OAAO,MAAA,CAAO,QAAA,EAAkB,aAAA,EAA0C;AACxE,IAAA,MAAM,YAAY,QAAA,GAAW,aAAA;AAC7B,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,IAAA,CAAK,SAAA,GAAY,CAAC,CAAA;AAC1C,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,UAAU,CAAA;AACvC,IAAA,OAAO,IAAI,WAAA,CAAW,KAAA,EAAO,aAAa,CAAA;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,OAAA,GAAyB;AACvB,IAAA,OAAO,UAAA,CAAW,IAAA,CAAK,WAAA,EAAa,IAAA,CAAK,aAAa,CAAA;AAAA,EACxD;AACF;;;AC5NO,IAAK,oBAAA,qBAAAA,qBAAAA,KAAL;AAIL,EAAAA,qBAAAA,CAAAA,qBAAAA,CAAA,WAAQ,CAAA,CAAA,GAAR,OAAA;AAKA,EAAAA,qBAAAA,CAAAA,qBAAAA,CAAA,aAAU,CAAA,CAAA,GAAV,SAAA;AAOA,EAAAA,qBAAAA,CAAAA,qBAAAA,CAAA,eAAY,CAAA,CAAA,GAAZ,WAAA;AAKA,EAAAA,qBAAAA,CAAAA,qBAAAA,CAAA,0BAAuB,CAAA,CAAA,GAAvB,sBAAA;AArBU,EAAA,OAAAA,qBAAAA;AAAA,CAAA,EAAA,oBAAA,IAAA,EAAA;;;ACiBL,SAAS,2BAA2B,OAAA,EAGzC;AACA,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,GAAA;AAAA,IACA,GAAA;AAAA,IACA,IAAA;AAAA,IACA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,IAClC,GAAA;AAAA,IACA,GAAA;AAAA,IACA,eAAA;AAAA,IACA,mBAAmB;AAAC,GACtB,GAAI,OAAA;AAEJ,EAAA,MAAM,MAAA,GAA8B;AAAA,IAClC,GAAA,EAAK,gBAAA;AAAA,IACL,GAAA,EAAK;AAAA;AAAA,GACP;AAEA,EAAA,MAAM,OAAA,GAAgC;AAAA,IACpC,GAAA;AAAA,IACA,GAAA;AAAA,IACA,GAAA;AAAA,IACA,WAAA,EAAa;AAAA,MACX,IAAA;AAAA,MACA,GAAA;AAAA,MACA,GAAI,eAAA,IAAmB,EAAE,eAAA;AAAgB,KAC3C;AAAA,IACA,GAAG;AAAA,GACL;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,GAAA,GAAM,GAAA;AAAA,EAChB;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,GAAA,GAAM,GAAA;AAAA,EAChB;AAEA,EAAA,OAAO,EAAE,QAAQ,OAAA,EAAQ;AAC3B;AA2BO,SAAS,mBAAmB,GAAA,EAA+D;AAEhG,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,GAAG,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,wBAAwB,yCAAyC,CAAA;AAAA,EAC7E;AAEA,EAAA,IAAI;AAEF,IAAA,MAAM,UAAA,GAAaC,gBAAAA,CAAgB,KAAA,CAAM,CAAC,CAAC,CAAA;AAC3C,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,UAAU,CAAA;AAGpC,IAAA,IAAI,MAAA,CAAO,QAAQ,gBAAA,EAAkB;AACnC,MAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,oDAAA,EAAuD,MAAA,CAAO,GAAG,CAAA,CAAA,CAAG,CAAA;AAAA,IACxG;AAGA,IAAA,MAAM,WAAA,GAAcA,gBAAAA,CAAgB,KAAA,CAAM,CAAC,CAAC,CAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,WAAW,CAAA;AAGtC,IAAA,kBAAA,CAAmB,OAAO,CAAA;AAG1B,IAAA,MAAM,UAAA,GAAa,WAAW,uBAAA,CAAwB,OAAA,CAAQ,YAAY,GAAA,EAAK,OAAA,CAAQ,YAAY,IAAI,CAAA;AAEvG,IAAA,OAAO;AAAA,MACL,MAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,qBAAA,EAAyB,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EACtF;AACF;AAmBO,SAAS,2BAA2B,aAAA,EAA4C;AACrF,EAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,KAAA,CAAM,GAAG,CAAA;AACrC,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,wBAAwB,uBAAuB,CAAA;AAAA,EAC3D;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,WAAA,GAAcA,gBAAAA,CAAgB,KAAA,CAAM,CAAC,CAAC,CAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,WAAW,CAAA;AAGtC,IAAA,IAAI,CAAC,OAAA,CAAQ,MAAA,IAAU,OAAO,OAAA,CAAQ,WAAW,QAAA,EAAU;AACzD,MAAA,MAAM,IAAI,wBAAwB,oCAAoC,CAAA;AAAA,IACxE;AAEA,IAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AAEvB,IAAA,IAAI,CAAC,MAAA,CAAO,WAAA,IAAe,OAAO,MAAA,CAAO,gBAAgB,QAAA,EAAU;AACjE,MAAA,MAAM,IAAI,wBAAwB,qCAAqC,CAAA;AAAA,IACzE;AAEA,IAAA,MAAM,aAAa,MAAA,CAAO,WAAA;AAG1B,IAAA,IAAI,OAAO,UAAA,CAAW,GAAA,KAAQ,QAAA,IAAY,UAAA,CAAW,MAAM,CAAA,EAAG;AAC5D,MAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,IAC3E;AAEA,IAAA,IAAI,OAAO,UAAA,CAAW,GAAA,KAAQ,QAAA,IAAY,CAAC,WAAW,GAAA,EAAK;AACzD,MAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,IAC3E;AAEA,IAAA,OAAO;AAAA,MACL,KAAK,UAAA,CAAW,GAAA;AAAA,MAChB,KAAK,UAAA,CAAW;AAAA,KAClB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,oCAAA,EAAwC,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EACrG;AACF;AAQA,SAAS,mBAAmB,OAAA,EAAqC;AAE/D,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,EACpE;AAEA,EAAA,IAAI,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,EACpE;AAGA,EAAA,IAAI,CAAC,OAAA,CAAQ,WAAA,IAAe,OAAO,OAAA,CAAQ,gBAAgB,QAAA,EAAU;AACnE,IAAA,MAAM,IAAI,wBAAwB,wCAAwC,CAAA;AAAA,EAC5E;AAEA,EAAA,MAAM,EAAE,IAAA,EAAM,GAAA,EAAI,GAAI,OAAA,CAAQ,WAAA;AAE9B,EAAA,IAAI,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,EAAG;AAChC,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,iDAAA,EAAoD,IAAI,CAAA,CAAE,CAAA;AAAA,EAC9F;AAEA,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,wBAAwB,+CAA+C,CAAA;AAAA,EACnF;AAGA,EAAA,IAAI,QAAQ,GAAA,KAAQ,MAAA,IAAa,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AAChE,IAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,EAC3E;AAEA,EAAA,IAAI,QAAQ,GAAA,KAAQ,MAAA,IAAa,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AAChE,IAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,EAC3E;AACF;AAQA,SAASA,iBAAgB,SAAA,EAA2B;AAElD,EAAA,IAAI,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAG3D,EAAA,MAAM,OAAA,GAAU,OAAO,MAAA,GAAS,CAAA;AAChC,EAAA,IAAI,UAAU,CAAA,EAAG;AACf,IAAA,MAAA,IAAU,GAAA,CAAI,MAAA,CAAO,CAAA,GAAI,OAAO,CAAA;AAAA,EAClC;AAGA,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEjC,IAAA,OAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA,CAAE,SAAS,OAAO,CAAA;AAAA,EACvD,CAAA,MAAO;AAEL,IAAA,OAAO,kBAAA;AAAA,MACL,IAAA,CAAK,MAAM,CAAA,CACR,KAAA,CAAM,EAAE,CAAA,CACR,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAA,CAAO,IAAA,GAAO,EAAE,UAAA,CAAW,CAAC,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,EAAG,MAAM,EAAE,CAAC,CAAA,CAChE,IAAA,CAAK,EAAE;AAAA,KACZ;AAAA,EACF;AACF;ACtPA,eAAsB,iBAAA,CACpB,OAAA,EACA,UAAA,EACA,OAAA,EACiB;AACjB,EAAA,MAAM,EAAE,MAAM,OAAA,EAAS,GAAA,EAAK,oBAAoB,EAAC,EAAE,GAAI,OAAA,IAAW,EAAC;AAEnE,EAAA,MAAM,GAAA,GAAM,IAAI,OAAA,CAAQ,OAAO,EAC5B,kBAAA,CAAmB;AAAA,IAClB,GAAA,EAAK,gBAAA;AAAA,IACL,GAAA;AAAA,IACA,GAAI,GAAA,IAAO,EAAE,GAAA,EAAI;AAAA,IACjB,GAAG;AAAA,GACJ,CAAA,CACA,SAAA,CAAU,OAAA,CAAQ,GAAG,CAAA,CACrB,UAAA,CAAW,OAAA,CAAQ,GAAG,CAAA,CACtB,WAAA,CAAY,OAAA,CAAQ,GAAG,CAAA;AAG1B,EAAA,IAAI,OAAA,CAAQ,QAAQ,MAAA,EAAW;AAC7B,IAAA,GAAA,CAAI,iBAAA,CAAkB,QAAQ,GAAG,CAAA;AAAA,EACnC;AAEA,EAAA,OAAO,MAAM,GAAA,CAAI,IAAA,CAAK,UAAU,CAAA;AAClC;ACmBA,eAAsB,mBAAA,CACpB,GAAA,EACA,SAAA,EACA,OAAA,EACgC;AAChC,EAAA,MAAM,EAAE,QAAQ,OAAA,EAAS,WAAA,EAAa,iBAAiB,CAAA,EAAE,GAAI,WAAW,EAAC;AAEzE,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAA0B,MAAM,SAAA,CAAU,GAAA,EAAK,SAAA,EAAW;AAAA,MAC9D,GAAA,EAAK,gBAAA;AAAA,MACL,GAAI,MAAA,IAAU,EAAE,MAAA,EAAO;AAAA,MACvB,GAAI,OAAA,IAAW,EAAE,OAAA,EAAQ;AAAA,MACzB,GAAI,eAAe,EAAE,WAAA,EAAa,IAAI,IAAA,CAAK,WAAA,GAAc,GAAI,CAAA,EAAE;AAAA,MAC/D;AAAA,KACD,CAAA;AAED,IAAA,MAAM,SAAS,MAAA,CAAO,eAAA;AACtB,IAAA,MAAM,UAAU,MAAA,CAAO,OAAA;AAGvB,IAAA,IAAI,MAAA,CAAO,QAAQ,gBAAA,EAAkB;AACnC,MAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,oDAAA,EAAuD,MAAA,CAAO,GAAG,CAAA,CAAA,CAAG,CAAA;AAAA,IACxG;AAGA,IAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,MAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,IACpE;AAEA,IAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,MAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,IACpE;AAEA,IAAA,IAAI,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AACnC,MAAA,MAAM,IAAI,wBAAwB,gCAAgC,CAAA;AAAA,IACpE;AAEA,IAAA,IAAI,CAAC,OAAA,CAAQ,WAAA,IAAe,OAAO,OAAA,CAAQ,gBAAgB,QAAA,EAAU;AACnE,MAAA,MAAM,IAAI,wBAAwB,wCAAwC,CAAA;AAAA,IAC5E;AAEA,IAAA,MAAM,EAAE,IAAA,EAAM,GAAA,EAAI,GAAI,OAAA,CAAQ,WAAA;AAE9B,IAAA,IAAI,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,EAAG;AAChC,MAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,iDAAA,EAAoD,IAAI,CAAA,CAAE,CAAA;AAAA,IAC9F;AAEA,IAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,MAAA,MAAM,IAAI,wBAAwB,+CAA+C,CAAA;AAAA,IACnF;AAEA,IAAA,OAAO;AAAA,MACL,MAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AAGA,IAAA,MAAM,UAAW,KAAA,CAAgB,OAAA;AACjC,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,OAAO,CAAA,CAAE,CAAA;AAAA,EACzE;AACF;AAYA,eAAsB,mBAAA,CACpB,KACA,SAAA,EACgC;AAChC,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,GAAA,EAAK,SAAA,EAAW;AAAA,MAC7C,GAAA,EAAK;AAAA,KACN,CAAA;AAED,IAAA,OAAO;AAAA,MACL,QAAQ,MAAA,CAAO,eAAA;AAAA,MACf,SAAS,MAAA,CAAO;AAAA,KAClB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,+BAAA,EAAmC,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EAChG;AACF;;;AC1KO,IAAM,UAAA,GAAa;AAAA;AAAA,EAExB,GAAA,EAAK,CAAA;AAAA;AAAA,EAEL,GAAA,EAAK,CAAA;AAAA;AAAA,EAEL,GAAA,EAAK,CAAA;AAAA;AAAA,EAEL,GAAA,EAAK,CAAA;AAAA;AAAA,EAEL,GAAA,EAAK,KAAA;AAAA;AAAA,EAEL,WAAA,EAAa;AACf;AAOO,IAAM,YAAA,GAAe;AAAA;AAAA,EAE1B,GAAA,EAAK,CAAA;AAAA;AAAA,EAEL,YAAA,EAAc,EAAA;AAAA;AAAA,EAEd,GAAA,EAAK;AACP;AAOO,IAAM,eAAA,GAAkB;AAAA;AAAA,EAE7B,KAAA,EAAO,EAAA;AAAA;AAAA,EAEP,KAAA,EAAO,GAAA;AAAA;AAAA,EAEP,KAAA,EAAO,GAAA;AAAA;AAAA,EAEP,KAAA,EAAO;AACT;AC1CA,IAAM,cAAA,GAAiB,EAAA;AAKvB,IAAM,aAAA,GAAkE;AAAA,EACtE,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,OAAO,YAAA,EAAa;AAAA;AAAA,EAC5C,KAAA,EAAO,EAAE,IAAA,EAAM,QAAA,EAAU,OAAO,WAAA,EAAY;AAAA;AAAA,EAC5C,KAAA,EAAO,EAAE,IAAA,EAAM,QAAA,EAAU,OAAO,WAAA,EAAY;AAAA;AAAA,EAC5C,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA;AAAS;AACzB,CAAA;AAiBO,SAAS,QAAA,CACd,OAAA,EACA,eAAA,EACA,UAAA,EACY;AAEZ,EAAA,MAAM,sBAAA,GAA8B,YAAO,eAAe,CAAA;AAS1D,EAAA,MAAM,eAAoB,IAAA,CAAA,MAAA,CAAO;AAAA,IAC/B,YAAA;AAAA;AAAA,IACA,sBAAA;AAAA,IACA,IAAI,WAAW,CAAC,CAAA;AAAA;AAAA,IAChB;AAAA,GACD,CAAA;AAGD,EAAA,MAAM,GAAA,GAAM,eAAA,CAAgB,GAAA,CAAI,CAAC,CAAA;AACjC,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,MAAM,IAAI,wBAAwB,uDAAuD,CAAA;AAAA,EAC3F;AAGA,EAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,GAAA,EAAK,UAAU,CAAA;AAGxD,EAAA,MAAM,SAAA,GAAY;AAAA,IAChB,sBAAA;AAAA;AAAA,IACA,EAAC;AAAA;AAAA,IACD,OAAA;AAAA;AAAA,IACA;AAAA;AAAA,GACF;AAGA,EAAA,MAAM,MAAA,GAAS,IAAS,IAAA,CAAA,MAAA,CAAO,cAAA,EAAgB,SAAS,CAAA;AACxD,EAAA,OAAY,YAAO,MAAM,CAAA;AAC3B;AAUO,SAAS,UAAA,CAAW,WAAuB,SAAA,EAAgC;AAChF,EAAA,IAAI;AAEF,IAAA,MAAM,OAAA,GAAe,YAAO,SAAS,CAAA;AAGrC,IAAA,IAAI,EAAE,OAAA,YAAwB,IAAA,CAAA,MAAA,CAAA,IAAW,OAAA,CAAQ,QAAQ,cAAA,EAAgB;AACvE,MAAA,MAAM,IAAI,wBAAwB,8CAA8C,CAAA;AAAA,IAClF;AAEA,IAAA,MAAM,CAAC,sBAAA,IAA0B,OAAA,EAAS,SAAS,IAAI,OAAA,CAAQ,KAAA;AAQ/D,IAAA,MAAM,eAAA,GAAuB,YAAO,sBAAsB,CAAA;AAG1D,IAAA,MAAM,GAAA,GAAM,eAAA,CAAgB,GAAA,CAAI,CAAC,CAAA;AACjC,IAAA,IAAI,CAAC,GAAA,EAAK;AACR,MAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,IAC3E;AAGA,IAAA,MAAM,eAAoB,IAAA,CAAA,MAAA,CAAO;AAAA,MAC/B,YAAA;AAAA,MACA,sBAAA;AAAA,MACA,IAAI,WAAW,CAAC,CAAA;AAAA;AAAA,MAChB;AAAA,KACD,CAAA;AAGD,IAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,YAAA,EAAc,SAAA,EAAW,KAAK,SAAS,CAAA;AACrE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,wBAAwB,8BAA8B,CAAA;AAAA,IAClE;AAEA,IAAA,OAAO,OAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,6BAAA,EAAiC,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EAC9F;AACF;AAUA,SAAS,QAAA,CAAS,IAAA,EAAkB,GAAA,EAAa,UAAA,EAAiC;AAChF,EAAA,MAAM,OAAA,GAAU,aAAA,CAAc,GAAA,CAAI,QAAA,EAAU,CAAA;AAC5C,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAE,CAAA;AAAA,EACnE;AAEA,EAAA,IAAI,UAAA,CAAW,QAAQ,KAAA,EAAO;AAE5B,IAAA,IAAI,CAAC,WAAW,CAAA,EAAG;AACjB,MAAA,MAAM,IAAI,wBAAwB,yCAAyC,CAAA;AAAA,IAC7E;AAGA,IAAA,MAAM,MAAA,GAAS,WAAA,CAA4B,CAAA;AAE3C,IAAA,MAAM,IAAA,GAAO,WAAW,CAAA,OAAA,EAAU,OAAA,CAAQ,KAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAE,CAAA;AACnE,IAAA,IAAA,CAAK,OAAO,IAAI,CAAA;AAChB,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAGlC,IAAA,OAAO,QAAA,CAAS,SAAA,EAAW,kBAAA,CAAmB,GAAG,CAAC,CAAA;AAAA,EACpD,CAAA,MAAA,IAAW,UAAA,CAAW,GAAA,KAAQ,KAAA,EAAO;AAEnC,IAAA,IAAI,CAAC,WAAW,CAAA,EAAG;AACjB,MAAA,MAAM,IAAI,wBAAwB,yCAAyC,CAAA;AAAA,IAC7E;AAEA,IAAA,MAAM,MAAA,GAAS,WAAA,CAA4B,CAAA;AAC3C,IAAA,MAAM,IAAA,GAAO,WAAW,QAAQ,CAAA;AAChC,IAAA,IAAA,CAAK,OAAO,IAAI,CAAA;AAChB,IAAA,OAAO,IAAA,CAAK,KAAK,MAAM,CAAA;AAAA,EACzB;AAGA,EAAA,MAAM,gBAAA,GAA0B,UAAA;AAChC,EAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,sBAAA,EAA0B,gBAAA,CAA6B,GAAG,CAAA,CAAE,CAAA;AAChG;AAWA,SAAS,eAAA,CAAgB,IAAA,EAAkB,SAAA,EAAuB,GAAA,EAAa,SAAA,EAA6B;AAC1G,EAAA,MAAM,OAAA,GAAU,aAAA,CAAc,GAAA,CAAI,QAAA,EAAU,CAAA;AAC5C,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAE,CAAA;AAAA,EACnE;AAEA,EAAA,IAAI,SAAA,CAAU,QAAQ,KAAA,EAAO;AAE3B,IAAA,MAAM,MAAA,GAAS,WAAA,CAA4B,CAAA;AAG3C,IAAA,MAAM,YAAA,GAAe,SAAS,SAAS,CAAA;AAEvC,IAAA,MAAM,MAAA,GAAS,aAAa,CAAA,OAAA,EAAU,OAAA,CAAQ,KAAK,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,CAAE,CAAA;AACvE,IAAA,MAAA,CAAO,OAAO,IAAI,CAAA;AAClB,IAAA,OAAO,MAAA,CAAO,MAAA,CAAO,MAAA,EAAQ,YAAY,CAAA;AAAA,EAC3C,CAAA,MAAA,IAAW,SAAA,CAAU,GAAA,KAAQ,KAAA,EAAO;AAElC,IAAA,MAAM,MAAA,GAAS,WAAA,CAA4B,CAAA;AAE3C,IAAA,MAAM,MAAA,GAAS,aAAa,QAAQ,CAAA;AACpC,IAAA,MAAA,CAAO,OAAO,IAAI,CAAA;AAClB,IAAA,OAAO,MAAA,CAAO,MAAA,CAAO,MAAA,EAAQ,SAAS,CAAA;AAAA,EACxC;AAGA,EAAA,MAAM,gBAAA,GAA0B,SAAA;AAChC,EAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,sBAAA,EAA0B,gBAAA,CAA6B,GAAG,CAAA,CAAE,CAAA;AAChG;AASA,SAAS,WAAA,CAAY,MAAgC,UAAA,EAA6B;AAMhF,EAAA,MAAM,IAAI,MAAM,+FAA+F,CAAA;AACjH;AASA,SAAS,WAAA,CAAY,MAAgC,UAAA,EAA6B;AAGhF,EAAA,MAAM,IAAI,MAAM,+FAA+F,CAAA;AACjH;AASA,SAAS,QAAA,CAAS,cAA0B,MAAA,EAA4B;AAGtE,EAAA,IAAI,MAAA,GAAS,CAAA;AAGb,EAAA,MAAM,OAAA,GAAU,YAAA,CAAa,MAAA,GAAS,CAAC,CAAA;AACvC,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,MAAM,CAAA,GAAI,YAAA,CAAa,KAAA,CAAM,MAAA,EAAQ,SAAS,OAAO,CAAA;AACrD,EAAA,MAAA,IAAU,OAAA;AAGV,EAAA,MAAM,OAAA,GAAU,YAAA,CAAa,MAAA,GAAS,CAAC,CAAA;AACvC,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,MAAM,CAAA,GAAI,YAAA,CAAa,KAAA,CAAM,MAAA,EAAQ,SAAS,OAAO,CAAA;AAGrD,EAAA,MAAM,aAAa,MAAA,GAAS,CAAA;AAC5B,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,MAAM,CAAA;AACjC,EAAA,GAAA,CAAI,IAAI,CAAA,CAAE,KAAA,CAAM,CAAC,UAAU,GAAG,CAAC,CAAA;AAC/B,EAAA,GAAA,CAAI,IAAI,CAAA,CAAE,KAAA,CAAM,CAAC,UAAU,GAAG,UAAU,CAAA;AAExC,EAAA,OAAO,GAAA;AACT;AAQA,SAAS,SAAS,YAAA,EAAsC;AACtD,EAAA,MAAM,UAAA,GAAa,aAAa,MAAA,GAAS,CAAA;AACzC,EAAA,MAAM,CAAA,GAAI,YAAA,CAAa,KAAA,CAAM,CAAA,EAAG,UAAU,CAAA;AAC1C,EAAA,MAAM,CAAA,GAAI,YAAA,CAAa,KAAA,CAAM,UAAU,CAAA;AAGvC,EAAA,MAAM,IAAA,GAAO,iBAAiB,CAAC,CAAA;AAC/B,EAAA,MAAM,IAAA,GAAO,iBAAiB,CAAC,CAAA;AAE/B,EAAA,MAAM,WAAW,IAAI,UAAA,CAAW,IAAI,IAAA,CAAK,MAAA,GAAS,KAAK,MAAM,CAAA;AAC7D,EAAA,QAAA,CAAS,CAAC,CAAA,GAAI,EAAA;AACd,EAAA,QAAA,CAAS,CAAC,CAAA,GAAI,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,MAAA;AACjC,EAAA,QAAA,CAAS,GAAA,CAAI,MAAM,CAAC,CAAA;AACpB,EAAA,QAAA,CAAS,GAAA,CAAI,IAAA,EAAM,CAAA,GAAI,IAAA,CAAK,MAAM,CAAA;AAElC,EAAA,OAAO,QAAA;AACT;AAQA,SAAS,iBAAiB,KAAA,EAA+B;AAEvD,EAAA,IAAI,CAAA,GAAI,CAAA;AACR,EAAA,OAAO,IAAI,KAAA,CAAM,MAAA,IAAU,KAAA,CAAM,CAAC,MAAM,CAAA,EAAG;AACzC,IAAA,CAAA,EAAA;AAAA,EACF;AACA,EAAA,KAAA,GAAQ,KAAA,CAAM,MAAM,CAAC,CAAA;AAGrB,EAAA,MAAM,gBAAA,GAAmB,KAAA,CAAM,CAAC,CAAA,IAAK,GAAA;AACrC,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,MAAA,IAAU,gBAAA,GAAmB,CAAA,GAAI,CAAA,CAAA;AAEtD,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,CAAA,GAAI,MAAM,CAAA;AACrC,EAAA,GAAA,CAAI,CAAC,CAAA,GAAI,CAAA;AACT,EAAA,GAAA,CAAI,CAAC,CAAA,GAAI,MAAA;AACT,EAAA,IAAI,gBAAA,EAAkB;AACpB,IAAA,GAAA,CAAI,CAAC,CAAA,GAAI,CAAA;AACT,IAAA,GAAA,CAAI,GAAA,CAAI,OAAO,CAAC,CAAA;AAAA,EAClB,CAAA,MAAO;AACL,IAAA,GAAA,CAAI,GAAA,CAAI,OAAO,CAAC,CAAA;AAAA,EAClB;AAEA,EAAA,OAAO,GAAA;AACT;AAQA,SAAS,mBAAmB,GAAA,EAAqB;AAC/C,EAAA,QAAQ,GAAA;AAAK,IACX,KAAK,EAAA;AACH,MAAA,OAAO,EAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAA,OAAO,EAAA;AAAA,IACT,KAAK,GAAA;AACH,MAAA,OAAO,GAAA;AAAA,IACT,KAAK,EAAA;AACH,MAAA,OAAO,EAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,wCAAA,EAA2C,GAAG,CAAA,CAAE,CAAA;AAAA;AAExF;;;AC1TO,SAAS,2BAA2B,OAAA,EAA2D;AACpG,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,GAAA;AAAA,IACA,GAAA;AAAA,IACA,IAAA;AAAA,IACA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,IAClC,GAAA;AAAA,IACA,GAAA;AAAA,IACA,eAAA;AAAA,IACA,mBAAmB;AAAC,GACtB,GAAI,OAAA;AAEJ,EAAA,MAAM,OAAA,GAAgC;AAAA,IACpC,GAAG,gBAAA;AAAA,IACH,CAAC,UAAA,CAAW,WAAW,GAAG;AAAA,MACxB,IAAA;AAAA,MACA,GAAA;AAAA,MACA,GAAI,eAAA,IAAmB,EAAE,eAAA;AAAgB;AAC3C,GACF;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,EAC5B;AAEA,EAAA,OAAO,OAAA;AACT;AAcO,SAAS,iBAAiB,OAAA,EAA2C;AAC1E,EAAA,OAAYC,YAAO,OAAO,CAAA;AAC5B;AAsBO,SAAS,mBAAmB,QAAA,EAAwE;AACzG,EAAA,IAAI;AAEF,IAAA,MAAM,OAAA,GAAeA,YAAO,QAAQ,CAAA;AAGpC,IAAA,kBAAA,CAAmB,OAAO,CAAA;AAE1B,IAAA,MAAM,YAAA,GAAe,OAAA;AAGrB,IAAA,MAAM,eAAA,GAAkB,YAAA,CAAa,UAAA,CAAW,WAAW,CAAA;AAC3D,IAAA,MAAM,aAAa,UAAA,CAAW,mBAAA,CAAoB,eAAA,CAAgB,GAAA,EAAK,gBAAgB,IAAI,CAAA;AAE3F,IAAA,OAAO;AAAA,MACL,eAAA,sBAAqB,GAAA,EAAI;AAAA,MACzB,iBAAA,sBAAuB,GAAA,EAAI;AAAA,MAC3B,OAAA,EAAS,YAAA;AAAA,MACT,GAAA,EAAK,QAAA;AAAA,MACL;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,qBAAA,EAAyB,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EACtF;AACF;AAkBO,SAAS,wBAAA,CACd,UACA,SAAA,EACkD;AAClD,EAAA,IAAI;AAEF,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,QAAA,EAAU,SAAS,CAAA;AAGnD,IAAA,MAAM,OAAA,GAAeA,YAAO,YAAY,CAAA;AACxC,IAAA,kBAAA,CAAmB,OAAO,CAAA;AAE1B,IAAA,MAAM,YAAA,GAAe,OAAA;AAGrB,IAAA,MAAM,eAAA,GAAkB,YAAA,CAAa,UAAA,CAAW,WAAW,CAAA;AAC3D,IAAA,MAAM,aAAa,UAAA,CAAW,mBAAA,CAAoB,eAAA,CAAgB,GAAA,EAAK,gBAAgB,IAAI,CAAA;AAG3F,IAAA,MAAM,OAAA,GAAeA,YAAO,QAAQ,CAAA;AACpC,IAAA,MAAM,CAAC,sBAAsB,CAAA,GAAI,OAAA,CAAQ,KAAA;AACzC,IAAA,MAAM,eAAA,GAAuBA,YAAO,sBAAsB,CAAA;AAE1D,IAAA,OAAO;AAAA,MACL,eAAA;AAAA,MACA,iBAAA,sBAAuB,GAAA,EAAI;AAAA,MAC3B,OAAA,EAAS,YAAA;AAAA,MACT,GAAA,EAAK,QAAA;AAAA,MACL;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,4BAAA,EAAgC,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EAC7F;AACF;AAwBO,SAAS,iBAAA,CACd,OAAA,EACA,UAAA,EACA,OAAA,EACY;AACZ,EAAA,MAAM,EAAE,GAAA,GAAM,eAAA,CAAgB,KAAA,EAAO,GAAA,EAAK,iBAAA,mBAAoB,IAAI,GAAA,EAAI,EAAE,GAAI,OAAA,IAAW,EAAC;AAGxF,EAAA,MAAM,eAAA,GAAkB,IAAI,GAAA,CAAqB;AAAA,IAC/C,CAAC,YAAA,CAAa,YAAA,EAAc,4BAA4B,CAAA;AAAA,IACxD,CAAC,YAAA,CAAa,GAAA,EAAK,GAAG,CAAA;AAAA,IACtB,GAAG;AAAA,GACJ,CAAA;AAED,EAAA,IAAI,GAAA,EAAK;AACP,IAAA,eAAA,CAAgB,GAAA,CAAI,YAAA,CAAa,GAAA,EAAK,GAAG,CAAA;AAAA,EAC3C;AAGA,EAAA,MAAM,YAAA,GAAoBA,YAAO,OAAO,CAAA;AAGxC,EAAA,OAAO,QAAA,CAAS,YAAA,EAAc,eAAA,EAAiB,UAAU,CAAA;AAC3D;AASO,SAAS,+BAA+B,cAAA,EAAqD;AAClG,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAkBA,YAAO,cAAc,CAAA;AAI7C,IAAA,MAAM,MAAA,GAAS,UAAA,CAAW,MAAA,IAAU,UAAA,CAAW,QAAQ,CAAA;AAEvD,IAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,EAAU;AACzC,MAAA,MAAM,IAAI,wBAAwB,oCAAoC,CAAA;AAAA,IACxE;AAEA,IAAA,MAAM,SAAA,GAAY,MAAA;AAClB,IAAA,MAAM,UAAA,GAAa,SAAA,CAAU,WAAA,IAAe,SAAA,CAAU,aAAa,CAAA;AAEnE,IAAA,IAAI,CAAC,UAAA,IAAc,OAAO,UAAA,KAAe,QAAA,EAAU;AACjD,MAAA,MAAM,IAAI,wBAAwB,qCAAqC,CAAA;AAAA,IACzE;AAEA,IAAA,MAAM,aAAA,GAAgB,UAAA;AAEtB,IAAA,IAAI,OAAO,aAAA,CAAc,GAAA,KAAQ,QAAA,IAAY,aAAA,CAAc,MAAM,CAAA,EAAG;AAClE,MAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,IAC3E;AAEA,IAAA,IAAI,OAAO,aAAA,CAAc,GAAA,KAAQ,QAAA,IAAY,CAAC,cAAc,GAAA,EAAK;AAC/D,MAAA,MAAM,IAAI,wBAAwB,uCAAuC,CAAA;AAAA,IAC3E;AAEA,IAAA,OAAO;AAAA,MACL,KAAK,aAAA,CAAc,GAAA;AAAA,MACnB,KAAK,aAAA,CAAc;AAAA,KACrB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,iBAAiB,uBAAA,EAAyB;AAC5C,MAAA,MAAM,KAAA;AAAA,IACR;AACA,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,oCAAA,EAAwC,KAAA,CAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,EACrG;AACF;AAQA,SAAS,mBAAmB,OAAA,EAAwC;AAElE,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAEjD,EAAA,IAAI,CAAC,UAAA,IAAc,OAAO,UAAA,KAAe,QAAA,EAAU;AACjD,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,0CAAA,EAA6C,UAAA,CAAW,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,EAC1G;AAEA,EAAA,MAAM,aAAA,GAAgB,UAAA;AAEtB,EAAA,IAAI,CAAC,aAAA,CAAc,IAAA,IAAQ,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,CAAA,EAAG,CAAC,CAAA,CAAE,QAAA,CAAS,aAAA,CAAc,IAAc,CAAA,EAAG;AAC/E,IAAA,MAAM,IAAI,wBAAwB,CAAA,2CAAA,CAA6C,CAAA;AAAA,EACjF;AAEA,EAAA,IAAI,CAAC,aAAA,CAAc,GAAA,IAAO,EAAE,aAAA,CAAc,eAAe,UAAA,CAAA,EAAa;AACpE,IAAA,MAAM,IAAI,wBAAwB,+CAA+C,CAAA;AAAA,EACnF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,IAAa,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,QAAA,EAAU;AACxF,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,UAAA,CAAW,GAAG,CAAA,mBAAA,CAAqB,CAAA;AAAA,EACnG;AAEA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,IAAa,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,QAAA,EAAU;AACxF,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,UAAA,CAAW,GAAG,CAAA,mBAAA,CAAqB,CAAA;AAAA,EACnG;AAEA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,IAAa,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,QAAA,EAAU;AACxF,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,UAAA,CAAW,GAAG,CAAA,mBAAA,CAAqB,CAAA;AAAA,EACnG;AAEA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,IAAa,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,QAAA,EAAU;AACxF,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,UAAA,CAAW,GAAG,CAAA,mBAAA,CAAqB,CAAA;AAAA,EACnG;AAEA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,IAAa,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,QAAA,EAAU;AACxF,IAAA,MAAM,IAAI,uBAAA,CAAwB,CAAA,yBAAA,EAA4B,UAAA,CAAW,GAAG,CAAA,mBAAA,CAAqB,CAAA;AAAA,EACnG;AACF;;;ACvTA,IAAM,eAAA,GAAkB,GAAA;AAMxB,IAAM,qBAAA,GAAwB,CAAA;AAK9B,IAAM,aAAA,GAAgB;AAAA,EACpB,GAAA,EAAK,4BAAA;AAAA,EACL,GAAA,EAAK;AACP,CAAA;AA4BA,eAAsB,oBAAA,CACpB,GAAA,EACA,OAAA,GAAwB,EAAC,EACK;AAE9B,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAM,IAAI,0BAA0B,6BAA6B,CAAA;AAAA,EACnE;AAEA,EAAA,IAAI,SAAA;AACJ,EAAA,IAAI;AACF,IAAA,SAAA,GAAY,IAAI,IAAI,GAAG,CAAA;AAAA,EACzB,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,yBAAA,CAA0B,CAAA,yBAAA,EAA4B,GAAG,CAAA,CAAE,CAAA;AAAA,EACvE;AAGA,EAAA,IAAI,CAAC,CAAC,OAAA,EAAS,QAAQ,EAAE,QAAA,CAAS,SAAA,CAAU,QAAQ,CAAA,EAAG;AACrD,IAAA,MAAM,IAAI,UAAA,CAAW,CAAA,sBAAA,EAAyB,SAAA,CAAU,QAAQ,CAAA,0BAAA,CAA4B,CAAA;AAAA,EAC9F;AAEA,EAAA,MAAM;AAAA,IACJ,OAAA,GAAU,eAAA;AAAA,IACV,UAAU,EAAC;AAAA,IACX,YAAA,GAAe,qBAAA;AAAA,IACf,SAAA,GAAY;AAAA,GACd,GAAI,OAAA;AAGJ,EAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,EAAA,MAAM,YAAY,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,OAAO,CAAA;AAE9D,EAAA,IAAI;AAEF,IAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,GAAA,EAAK;AAAA,MACpC,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,QAAQ,CAAA,EAAG,aAAA,CAAc,GAAG,CAAA,EAAA,EAAK,cAAc,GAAG,CAAA,CAAA;AAAA,QAClD,GAAG;AAAA,OACL;AAAA,MACA,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,QAAA,EAAU,QAAA;AAAA;AAAA,MAEV;AAAA,KACD,CAAA;AAED,IAAA,YAAA,CAAa,SAAS,CAAA;AAGtB,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,IAAI,UAAA;AAAA,QACR,QAAQ,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,oCAAoC,GAAG,CAAA;AAAA,OACvF;AAAA,IACF;AAGA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA;AAGvD,IAAA,IAAI,WAAA,EAAa,QAAA,CAAS,aAAA,CAAc,GAAG,CAAA,EAAG;AAE5C,MAAA,OAAO,MAAM,SAAS,IAAA,EAAK;AAAA,IAC7B;AAEA,IAAA,IAAI,WAAA,EAAa,QAAA,CAAS,aAAA,CAAc,GAAG,CAAA,EAAG;AAE5C,MAAA,MAAMC,YAAAA,GAAc,MAAM,QAAA,CAAS,WAAA,EAAY;AAC/C,MAAA,OAAO,IAAI,WAAWA,YAAW,CAAA;AAAA,IACnC;AAIA,IAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,EAAY;AAC/C,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,WAAW,CAAA;AAGxC,IAAA,MAAM,IAAA,GAAO,IAAI,WAAA,EAAY,CAAE,OAAO,KAAA,CAAM,KAAA,CAAM,CAAA,EAAG,CAAC,CAAC,CAAA;AACvD,IAAA,IAAI,SAAS,KAAA,EAAO;AAElB,MAAA,OAAO,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,IACvC;AAGA,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,YAAA,CAAa,SAAS,CAAA;AAEtB,IAAA,IAAI,KAAA,YAAiB,UAAA,IAAc,KAAA,YAAiB,yBAAA,EAA2B;AAC7E,MAAA,MAAM,KAAA;AAAA,IACR;AAGA,IAAA,IAAK,KAAA,CAAgB,SAAS,YAAA,EAAc;AAC1C,MAAA,MAAM,IAAI,UAAA,CAAW,CAAA,sBAAA,EAAyB,OAAO,CAAA,kBAAA,EAAqB,GAAG,CAAA,CAAE,CAAA;AAAA,IACjF;AAGA,IAAA,MAAM,IAAI,UAAA;AAAA,MACR,CAAA,iCAAA,EAAoC,GAAG,CAAA,EAAA,EAAM,KAAA,CAAgB,OAAO,CAAA;AAAA,KACtE;AAAA,EACF;AACF;AAoBO,SAAS,qBAAqB,GAAA,EAAsB;AACzD,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,OAAO,CAAC,OAAA,EAAS,QAAQ,CAAA,CAAE,QAAA,CAAS,OAAO,QAAQ,CAAA;AAAA,EACrD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACxLA,IAAM,eAAA,GAAkB,OAAA;AAOxB,IAAM,eAAA,GAAkB,EAAA;AAuBjB,SAASC,oBAAmB,OAAA,EAAiD;AAClF,EAAA,MAAM,SAAmB,EAAC;AAG1B,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,KAAK,6DAA6D,CAAA;AAAA,EAC3E;AAGA,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,IAAO,OAAO,OAAA,CAAQ,QAAQ,QAAA,EAAU;AACnD,IAAA,MAAA,CAAO,KAAK,6DAA6D,CAAA;AAAA,EAC3E;AAGA,EAAA,IAAI,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AACnC,IAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAAA,EACjE,CAAA,MAAA,IAAW,OAAA,CAAQ,GAAA,GAAM,CAAA,EAAG;AAC1B,IAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AAAA,EACrD;AAGA,EAAA,IAAI,CAAC,OAAA,CAAQ,WAAA,IAAe,OAAO,OAAA,CAAQ,gBAAgB,QAAA,EAAU;AACnE,IAAA,MAAA,CAAO,KAAK,4DAA4D,CAAA;AAAA,EAC1E,CAAA,MAAO;AACL,IAAA,MAAM,EAAE,IAAA,EAAM,GAAA,EAAI,GAAI,OAAA,CAAQ,WAAA;AAG9B,IAAA,IAAI,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0CAA0C,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,MAAA,MAAA,CAAO,KAAK,gEAAgE,CAAA;AAAA,IAC9E;AAGA,IAAA,IAAI,OAAA,CAAQ,WAAA,CAAY,eAAA,KAAoB,MAAA,EAAW;AACrD,MAAA,IAAI,OAAO,OAAA,CAAQ,WAAA,CAAY,eAAA,KAAoB,QAAA,EAAU;AAC3D,QAAA,MAAA,CAAO,KAAK,gDAAgD,CAAA;AAAA,MAC9D;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,QAAQ,MAAA,EAAW;AAC7B,IAAA,IAAI,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AACnC,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAAA,IAC5C,CAAA,MAAA,IAAW,OAAA,CAAQ,GAAA,GAAM,CAAA,EAAG;AAC1B,MAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AAAA,IACrD;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,QAAQ,MAAA,EAAW;AAC7B,IAAA,IAAI,OAAO,OAAA,CAAQ,GAAA,KAAQ,QAAA,EAAU;AACnC,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAAA,IAC5C,CAAA,MAAA,IAAW,OAAA,CAAQ,GAAA,GAAM,CAAA,EAAG;AAC1B,MAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AAAA,IACrD;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAuBO,SAASC,oBAAmB,OAAA,EAAiD;AAClF,EAAA,MAAM,SAAmB,EAAC;AAG1B,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AACjD,EAAA,IAAI,CAAC,UAAA,IAAc,OAAO,UAAA,KAAe,QAAA,EAAU;AACjD,IAAA,MAAA,CAAO,IAAA,CAAK,CAAA,0CAAA,EAA6C,UAAA,CAAW,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,EACpF,CAAA,MAAO;AACL,IAAA,MAAM,EAAE,IAAA,EAAM,GAAA,EAAI,GAAI,UAAA;AAGtB,IAAA,IAAI,CAAC,CAAC,CAAA,EAAG,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,QAAA,CAAS,IAAI,CAAA,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0CAA0C,CAAA;AAAA,IACxD;AAGA,IAAA,IAAI,EAAE,eAAe,UAAA,CAAA,EAAa;AAChC,MAAA,MAAA,CAAO,KAAK,wCAAwC,CAAA;AAAA,IACtD,CAAA,MAAA,IAAW,GAAA,CAAI,MAAA,KAAW,CAAA,EAAG;AAC3B,MAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AAAA,IACnD;AAGA,IAAA,IAAI,UAAA,CAAW,oBAAoB,MAAA,EAAW;AAC5C,MAAA,IAAI,OAAO,UAAA,CAAW,eAAA,KAAoB,QAAA,EAAU;AAClD,QAAA,MAAA,CAAO,KAAK,gDAAgD,CAAA;AAAA,MAC9D;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,EAAW;AACzC,IAAA,IAAI,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,MAAM,QAAA,EAAU;AAC/C,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,UAAA,CAAW,GAAG,CAAA,kBAAA,CAAoB,CAAA;AAAA,IACpE;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,EAAW;AACzC,IAAA,IAAI,OAAO,OAAA,CAAQ,UAAA,CAAW,GAAG,MAAM,QAAA,EAAU;AAC/C,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,UAAA,CAAW,GAAG,CAAA,kBAAA,CAAoB,CAAA;AAAA,IACpE;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,EAAW;AACzC,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AAClC,IAAA,IAAI,OAAO,QAAQ,QAAA,EAAU;AAC3B,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,UAAA,CAAW,GAAG,CAAA,kBAAA,CAAoB,CAAA;AAAA,IACpE,CAAA,MAAA,IAAW,MAAM,CAAA,EAAG;AAClB,MAAA,MAAA,CAAO,KAAK,CAAA,qCAAA,CAAuC,CAAA;AAAA,IACrD;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,EAAW;AACzC,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AAClC,IAAA,IAAI,OAAO,QAAQ,QAAA,EAAU;AAC3B,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,UAAA,CAAW,GAAG,CAAA,kBAAA,CAAoB,CAAA;AAAA,IACpE,CAAA,MAAA,IAAW,MAAM,CAAA,EAAG;AAClB,MAAA,MAAA,CAAO,KAAK,CAAA,qCAAA,CAAuC,CAAA;AAAA,IACrD;AAAA,EACF;AAGA,EAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,KAAM,MAAA,EAAW;AACzC,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AAClC,IAAA,IAAI,OAAO,QAAQ,QAAA,EAAU;AAC3B,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,UAAA,CAAW,GAAG,CAAA,kBAAA,CAAoB,CAAA;AAAA,IACpE,CAAA,MAAA,IAAW,MAAM,CAAA,EAAG;AAClB,MAAA,MAAA,CAAO,KAAK,CAAA,qCAAA,CAAuC,CAAA;AAAA,IACrD;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAwBO,SAAS,cAAA,CACd,GAAA,EACA,GAAA,EACA,GAAA,EACA,WAAA,GAAsB,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,EAAI,GAAI,GAAI,CAAA,EAChC;AAClB,EAAA,MAAM,SAAmB,EAAC;AAG1B,EAAA,IAAI,GAAA,KAAQ,MAAA,IAAa,GAAA,GAAM,WAAA,EAAa;AAC1C,IAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iCAAA,EAAoC,GAAG,CAAA,WAAA,EAAc,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,EACjF;AAGA,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,IAAI,MAAM,WAAA,EAAa;AACrB,MAAA,MAAA,CAAO,IAAA,CAAK,CAAA,oBAAA,EAAuB,GAAG,CAAA,WAAA,EAAc,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,IACpE;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,KAAQ,MAAA,IAAa,GAAA,KAAQ,MAAA,EAAW;AAC1C,IAAA,MAAM,iBAAiB,GAAA,GAAM,GAAA;AAC7B,IAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,MAAA,MAAA,CAAO,KAAK,CAAA,2BAAA,EAA8B,GAAG,UAAU,GAAG,CAAA,WAAA,EAAc,WAAW,CAAA,CAAA,CAAG,CAAA;AAAA,IACxF;AAAA,EACF;AAGA,EAAA,IAAI,GAAA,KAAQ,MAAA,IAAa,GAAA,KAAQ,MAAA,IAAa,QAAQ,MAAA,EAAW;AAC/D,IAAA,MAAM,gBAAgB,GAAA,GAAM,GAAA;AAE5B,IAAA,IAAI,IAAA,CAAK,GAAA,CAAI,GAAA,GAAM,aAAa,IAAI,CAAA,EAAG;AACrC,MAAA,MAAA,CAAO,IAAA;AAAA,QACL,CAAA,sCAAA,EAAyC,GAAG,CAAA,aAAA,EAAgB,aAAa,CAAA,CAAA;AAAA,OAC3E;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAuBO,SAAS,kBAAkB,GAAA,EAAgC;AAChE,EAAA,MAAM,SAAmB,EAAC;AAE1B,EAAA,IAAI,QAAQ,MAAA,EAAW;AACrB,IAAA,OAAO,EAAE,KAAA,EAAO,IAAA,EAAM,MAAA,EAAQ,EAAC,EAAE;AAAA,EACnC;AAEA,EAAA,IAAI,MAAM,eAAA,EAAiB;AACzB,IAAA,MAAA,CAAO,IAAA;AAAA,MACL,CAAA,eAAA,EAAkB,GAAG,CAAA,gCAAA,EAAmC,eAAe,CAAA,mBAAA;AAAA,KACzE;AAAA,EACF;AAEA,EAAA,IAAI,MAAM,eAAA,EAAiB;AACzB,IAAA,MAAA,CAAO,IAAA;AAAA,MACL,CAAA,eAAA,EAAkB,GAAG,CAAA,gCAAA,EAAmC,eAAe,CAAA,4EAAA;AAAA,KAEzE;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAsBO,SAAS,SAAA,CACd,GAAA,EACA,GAAA,EACA,GAAA,EACA,WAAA,GAAsB,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,EAAI,GAAI,GAAI,CAAA,EACzC;AAET,EAAA,IAAI,GAAA,KAAQ,MAAA,IAAa,GAAA,GAAM,WAAA,EAAa;AAC1C,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI,GAAA,KAAQ,MAAA,IAAa,GAAA,KAAQ,MAAA,EAAW;AAC1C,IAAA,MAAM,iBAAiB,GAAA,GAAM,GAAA;AAC7B,IAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;;;AC5VO,IAAM,qBAAA,GAAN,MAAM,sBAAA,CAAsB;AAAA,EACzB,WAAA,CACW,MAAA,EACA,OAAA,EACA,UAAA,EACA,MAAA,EACjB;AAJiB,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AACA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AACA,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAsBH,OAAO,UAAU,KAAA,EAAmD;AAElE,IAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAE7B,MAAA,MAAM,EAAE,QAAQ,OAAA,EAAAC,QAAAA,EAAS,YAAAC,WAAAA,EAAW,GAAI,mBAAmB,KAAK,CAAA;AAChE,MAAA,OAAO,IAAI,sBAAA,CAAsB,MAAA,EAAQD,QAAAA,EAASC,aAAY,KAAK,CAAA;AAAA,IACrE;AAGA,IAAA,MAAM,EAAE,eAAA,EAAiB,OAAA,EAAS,UAAA,EAAW,GAAI,mBAAmB,KAAK,CAAA;AACzE,IAAA,OAAO,IAAI,sBAAA,CAAsB,eAAA,EAAiB,OAAA,EAAS,YAAY,KAAK,CAAA;AAAA,EAC9E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAwBA,aAAa,mBAAA,CACX,SAAA,EACA,OAAA,EACgC;AAChC,IAAA,MAAM,KAAA,GAAQ,MAAM,oBAAA,CAAqB,SAAA,CAAU,KAAK,OAAO,CAAA;AAC/D,IAAA,OAAO,sBAAA,CAAsB,UAAU,KAAK,CAAA;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,UAAU,KAAA,EAA4B;AACpC,IAAA,OAAO,IAAA,CAAK,UAAA,CAAW,SAAA,CAAU,KAAK,CAAA;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAmBA,UAAU,WAAA,EAA+B;AACvC,IAAA,OAAO,UAAU,IAAA,CAAK,GAAA,EAAK,KAAK,GAAA,EAAK,IAAA,CAAK,KAAK,WAAW,CAAA;AAAA,EAC5D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,GAAA,GAA0B;AAC5B,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,KAAK,OAAA,CAAiC,GAAA;AAAA,IAChD;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,GAAG,CAAA;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,GAAA,GAA0B;AAC5B,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,KAAK,OAAA,CAAiC,GAAA;AAAA,IAChD;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,GAAG,CAAA;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,GAAA,GAA0B;AAC5B,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,KAAK,OAAA,CAAiC,GAAA;AAAA,IAChD;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,GAAG,CAAA;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,GAAA,GAA0B;AAC5B,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,KAAK,OAAA,CAAiC,GAAA;AAAA,IAChD;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,GAAG,CAAA;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,GAAA,GAA0B;AAC5B,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,KAAK,OAAA,CAAiC,GAAA;AAAA,IAChD;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,GAAG,CAAA;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,IAAA,GAAsB;AACxB,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,IAAA,CAAK,QAAiC,WAAA,CAAY,IAAA;AAAA,IAC5D;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,WAAW,CAAA,CAAE,IAAA;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,cAAA,GAAqC;AACvC,IAAA,IAAI,IAAA,CAAK,WAAW,KAAA,EAAO;AACzB,MAAA,OAAQ,IAAA,CAAK,QAAiC,WAAA,CAAY,eAAA;AAAA,IAC5D;AACA,IAAA,OAAQ,IAAA,CAAK,OAAA,CAAiC,UAAA,CAAW,WAAW,CAAA,CAAE,eAAA;AAAA,EACxE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,WAAA,GAA6B;AAC/B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,IAAA,CAAK,WAAW,OAAA,EAAQ;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,SAAA,GAA4D;AAC1D,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,UAAA,GAA0D;AACxD,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAA,GAA4B;AAC1B,IAAA,OAAO,IAAA,CAAK,UAAA;AAAA,EACd;AACF","file":"index.js","sourcesContent":["/**\n * Base error class for all status list errors.\n */\nexport class StatusListError extends Error {\n constructor(message: string) {\n super(message);\n this.name = 'StatusListError';\n // Maintains proper stack trace for where our error was thrown (only available on V8)\n if (Error.captureStackTrace) {\n Error.captureStackTrace(this, this.constructor);\n }\n }\n}\n\n/**\n * Error thrown when attempting to access a status at an index that is out of bounds.\n */\nexport class IndexOutOfBoundsError extends StatusListError {\n constructor(index: number, maxIndex: number) {\n super(`Index ${index} is out of bounds. Valid range: 0-${maxIndex}`);\n this.name = 'IndexOutOfBoundsError';\n }\n}\n\n/**\n * Error thrown when an invalid bit size is provided.\n * Valid bit sizes are: 1, 2, 4, or 8.\n */\nexport class InvalidBitSizeError extends StatusListError {\n constructor(bits: number) {\n super(`Invalid bit size: ${bits}. Must be one of: 1, 2, 4, or 8`);\n this.name = 'InvalidBitSizeError';\n }\n}\n\n/**\n * Error thrown when a status value exceeds the maximum allowed for the given bit size.\n */\nexport class InvalidStatusValueError extends StatusListError {\n constructor(value: number, maxValue: number, bitsPerStatus: number) {\n super(`Invalid status value: ${value}. For ${bitsPerStatus}-bit status, valid range is 0-${maxValue}`);\n this.name = 'InvalidStatusValueError';\n }\n}\n\n/**\n * Error thrown when a token has an invalid format or cannot be parsed.\n */\nexport class InvalidTokenFormatError extends StatusListError {\n constructor(message: string) {\n super(`Invalid token format: ${message}`);\n this.name = 'InvalidTokenFormatError';\n }\n}\n\n/**\n * Error thrown when a status list token has expired.\n */\nexport class StatusListExpiredError extends StatusListError {\n constructor(exp: number, currentTime: number) {\n super(`Status list expired at ${exp} (current time: ${currentTime})`);\n this.name = 'StatusListExpiredError';\n }\n}\n\n/**\n * Error thrown when fetching a status list from a remote URI fails.\n */\nexport class FetchError extends StatusListError {\n constructor(message: string) {\n super(message);\n this.name = 'FetchError';\n }\n}\n\n/**\n * Error thrown when a status list URI is missing or invalid.\n */\nexport class MissingStatusListUriError extends StatusListError {\n constructor(message: string = 'Status list URI is missing from token') {\n super(message);\n this.name = 'MissingStatusListUriError';\n }\n}\n\n/**\n * Error thrown when compression or decompression fails.\n */\nexport class CompressionError extends StatusListError {\n constructor(message: string, cause?: Error) {\n const fullMessage = cause ? `${message}: ${cause.message}` : message;\n super(fullMessage);\n this.name = 'CompressionError';\n this.cause = cause;\n }\n}\n\n/**\n * Error thrown when validation of a status list token fails.\n */\nexport class ValidationError extends StatusListError {\n public readonly errors: string[];\n\n constructor(errors: string[]) {\n super(`Validation failed: ${errors.join(', ')}`);\n this.name = 'ValidationError';\n this.errors = errors;\n }\n}\n","import type { BitsPerStatus, StatusValue } from '../types/common.js';\nimport { InvalidBitSizeError, InvalidStatusValueError, IndexOutOfBoundsError } from '../types/errors.js';\n\n/**\n * Validates that the bit size is one of the allowed values (1, 2, 4, or 8).\n *\n * @param bits - Number of bits per status\n * @throws {InvalidBitSizeError} If bits is not 1, 2, 4, or 8\n */\nfunction validateBitSize(bits: number): asserts bits is BitsPerStatus {\n if (bits !== 1 && bits !== 2 && bits !== 4 && bits !== 8) {\n throw new InvalidBitSizeError(bits);\n }\n}\n\n/**\n * Validates that a status value fits within the given bit size.\n *\n * @param value - Status value to validate\n * @param bitsPerStatus - Number of bits per status\n * @throws {InvalidStatusValueError} If value exceeds the maximum for the bit size\n */\nfunction validateStatusValue(value: StatusValue, bitsPerStatus: BitsPerStatus): void {\n const maxValue = (1 << bitsPerStatus) - 1;\n if (value < 0 || value > maxValue) {\n throw new InvalidStatusValueError(value, maxValue, bitsPerStatus);\n }\n}\n\n/**\n * Packs an array of status values into a byte array using the specified bits per status.\n *\n * Bits are packed LSB-first within each byte (Least Significant Bit first).\n * Example for 1-bit status with values [1,0,0,1,1,1,0,1]:\n * - Byte 0: bits 0-7 → 1101 1001 = 0xD9 (LSB first)\n *\n * @param statuses - Array of status values\n * @param bitsPerStatus - Number of bits per status (1, 2, 4, or 8)\n * @returns Byte array containing packed status values\n *\n * @example\n * ```typescript\n * // 1-bit status: [1, 0, 0, 1, 1, 1, 0, 1]\n * const bytes = packBits([1, 0, 0, 1, 1, 1, 0, 1], 1);\n * // bytes[0] === 0xD9 (binary: 11011001, LSB first)\n * ```\n */\nexport function packBits(statuses: StatusValue[], bitsPerStatus: BitsPerStatus): Uint8Array {\n validateBitSize(bitsPerStatus);\n\n // Calculate required byte array size\n const totalBits = statuses.length * bitsPerStatus;\n const byteLength = Math.ceil(totalBits / 8);\n const bytes = new Uint8Array(byteLength);\n\n // Pack each status value into the byte array\n for (let i = 0; i < statuses.length; i++) {\n const value = statuses[i];\n validateStatusValue(value, bitsPerStatus);\n\n // Calculate bit position: LSB-first within bytes\n const bitOffset = i * bitsPerStatus;\n const byteIndex = Math.floor(bitOffset / 8);\n const bitPosition = bitOffset % 8;\n\n // Set the bits for this status value\n bytes[byteIndex] |= value << bitPosition;\n\n // Handle overflow to next byte if needed\n if (bitPosition + bitsPerStatus > 8) {\n const bitsInNextByte = bitPosition + bitsPerStatus - 8;\n bytes[byteIndex + 1] |= value >> (bitsPerStatus - bitsInNextByte);\n }\n }\n\n return bytes;\n}\n\n/**\n * Unpacks a byte array into an array of status values.\n *\n * @param bytes - Byte array containing packed status values\n * @param bitsPerStatus - Number of bits per status (1, 2, 4, or 8)\n * @returns Array of status values\n *\n * @example\n * ```typescript\n * const bytes = new Uint8Array([0xD9]); // binary: 11011001\n * const statuses = unpackBits(bytes, 1); // [1, 0, 0, 1, 1, 1, 0, 1]\n * ```\n */\nexport function unpackBits(bytes: Uint8Array, bitsPerStatus: BitsPerStatus): StatusValue[] {\n validateBitSize(bitsPerStatus);\n\n const totalBits = bytes.length * 8;\n const statusCount = Math.floor(totalBits / bitsPerStatus);\n const statuses: StatusValue[] = new Array(statusCount);\n\n const mask = (1 << bitsPerStatus) - 1;\n\n for (let i = 0; i < statusCount; i++) {\n statuses[i] = getBitValue(bytes, i, bitsPerStatus, mask);\n }\n\n return statuses;\n}\n\n/**\n * Gets the status value at a specific index in the byte array.\n *\n * Implementation based on Python reference:\n * ```python\n * jump = self.bits * position # Bit offset\n * mask = (1 << self.bits) - 1 # n-bit mask\n * status = (self.status_list[jump // 8] >> (jump % 8)) & mask\n * ```\n *\n * @param bytes - Byte array containing packed status values\n * @param index - Index of the status to retrieve\n * @param bitsPerStatus - Number of bits per status\n * @param mask - Optional pre-calculated mask (for performance)\n * @returns Status value at the given index\n * @throws {IndexOutOfBoundsError} If index is out of bounds\n */\nexport function getBitValue(\n bytes: Uint8Array,\n index: number,\n bitsPerStatus: BitsPerStatus,\n mask?: number,\n): StatusValue {\n validateBitSize(bitsPerStatus);\n\n const totalBits = bytes.length * 8;\n const maxIndex = Math.floor(totalBits / bitsPerStatus) - 1;\n\n if (index < 0 || index > maxIndex) {\n throw new IndexOutOfBoundsError(index, maxIndex);\n }\n\n // Calculate bit position\n const jump = bitsPerStatus * index;\n const byteIndex = Math.floor(jump / 8);\n const bitOffset = jump % 8;\n\n const calculatedMask = mask ?? (1 << bitsPerStatus) - 1;\n\n // Extract bits from the byte (and potentially next byte)\n let value = (bytes[byteIndex] >> bitOffset) & calculatedMask;\n\n // Handle case where bits span two bytes\n if (bitOffset + bitsPerStatus > 8) {\n const bitsInNextByte = bitOffset + bitsPerStatus - 8;\n const nextByteBits = bytes[byteIndex + 1] & ((1 << bitsInNextByte) - 1);\n value |= nextByteBits << (bitsPerStatus - bitsInNextByte);\n }\n\n return value;\n}\n\n/**\n * Sets the status value at a specific index in the byte array.\n *\n * @param bytes - Byte array containing packed status values (modified in place)\n * @param index - Index of the status to set\n * @param value - New status value\n * @param bitsPerStatus - Number of bits per status\n * @throws {IndexOutOfBoundsError} If index is out of bounds\n * @throws {InvalidStatusValueError} If value exceeds the maximum for the bit size\n */\nexport function setBitValue(\n bytes: Uint8Array,\n index: number,\n value: StatusValue,\n bitsPerStatus: BitsPerStatus,\n): void {\n validateBitSize(bitsPerStatus);\n validateStatusValue(value, bitsPerStatus);\n\n const totalBits = bytes.length * 8;\n const maxIndex = Math.floor(totalBits / bitsPerStatus) - 1;\n\n if (index < 0 || index > maxIndex) {\n throw new IndexOutOfBoundsError(index, maxIndex);\n }\n\n // Calculate bit position\n const jump = bitsPerStatus * index;\n const byteIndex = Math.floor(jump / 8);\n const bitOffset = jump % 8;\n\n const mask = (1 << bitsPerStatus) - 1;\n\n // Clear existing bits\n bytes[byteIndex] &= ~(mask << bitOffset);\n\n // Set new value\n bytes[byteIndex] |= (value & mask) << bitOffset;\n\n // Handle case where bits span two bytes\n if (bitOffset + bitsPerStatus > 8) {\n const bitsInNextByte = bitOffset + bitsPerStatus - 8;\n const nextByteMask = (1 << bitsInNextByte) - 1;\n\n // Clear bits in next byte\n bytes[byteIndex + 1] &= ~nextByteMask;\n\n // Set bits in next byte\n bytes[byteIndex + 1] |= (value >> (bitsPerStatus - bitsInNextByte)) & nextByteMask;\n }\n}\n\n/**\n * Calculates the total number of status entries that can be stored in a byte array.\n *\n * @param byteLength - Length of the byte array\n * @param bitsPerStatus - Number of bits per status\n * @returns Total number of status entries\n */\nexport function calculateCapacity(byteLength: number, bitsPerStatus: BitsPerStatus): number {\n validateBitSize(bitsPerStatus);\n return Math.floor((byteLength * 8) / bitsPerStatus);\n}\n","import * as pako from 'pako';\nimport { CompressionError } from '../types/errors.js';\n\n/**\n * Compresses data using ZLIB/DEFLATE compression with maximum compression level.\n *\n * Uses the DEFLATE algorithm with ZLIB wrapper (as required by the IETF specification).\n * Maximum compression level (9) is used as recommended by the spec for optimal size reduction.\n *\n * @param data - Uncompressed data to compress\n * @returns Compressed data with ZLIB header\n * @throws {CompressionError} If compression fails\n *\n * @see https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-14.html#section-4.1\n */\nexport function compress(data: Uint8Array): Uint8Array {\n try {\n // Use level 9 for maximum compression (recommended by spec)\n return pako.deflate(data, { level: 9 });\n } catch (error) {\n throw new CompressionError('Failed to compress data', error as Error);\n }\n}\n\n/**\n * Decompresses ZLIB/DEFLATE compressed data.\n *\n * @param compressed - Compressed data with ZLIB header\n * @returns Decompressed data\n * @throws {CompressionError} If decompression fails\n */\nexport function decompress(compressed: Uint8Array): Uint8Array {\n try {\n return pako.inflate(compressed);\n } catch (error) {\n throw new CompressionError('Failed to decompress data', error as Error);\n }\n}\n\n/**\n * Compresses data and returns it as a base64url-encoded string (for JWT format).\n *\n * @param data - Uncompressed data\n * @returns Base64URL-encoded compressed data\n * @throws {CompressionError} If compression fails\n */\nexport function compressToBase64URL(data: Uint8Array): string {\n const compressed = compress(data);\n return base64UrlEncode(compressed);\n}\n\n/**\n * Decompresses base64url-encoded data (from JWT format).\n *\n * @param base64url - Base64URL-encoded compressed data\n * @returns Decompressed data\n * @throws {CompressionError} If decoding or decompression fails\n */\nexport function decompressFromBase64URL(base64url: string): Uint8Array {\n try {\n const compressed = base64UrlDecode(base64url);\n return decompress(compressed);\n } catch (error) {\n if (error instanceof CompressionError) {\n throw error;\n }\n throw new CompressionError('Failed to decode or decompress base64url data', error as Error);\n }\n}\n\n/**\n * Encodes a Uint8Array to base64url format (RFC 4648 Section 5).\n *\n * Base64URL uses:\n * - URL-safe alphabet: replaces '+' with '-', '/' with '_'\n * - No padding: removes trailing '=' characters\n *\n * @param bytes - Bytes to encode\n * @returns Base64URL-encoded string\n */\nfunction base64UrlEncode(bytes: Uint8Array): string {\n // Convert to base64\n let base64 = '';\n if (typeof Buffer !== 'undefined') {\n // Node.js environment\n base64 = Buffer.from(bytes).toString('base64');\n } else {\n // Browser environment\n const binary = String.fromCharCode(...bytes);\n base64 = btoa(binary);\n }\n\n // Convert to base64url\n return base64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\n/**\n * Decodes a base64url string to Uint8Array (RFC 4648 Section 5).\n *\n * @param base64url - Base64URL-encoded string\n * @returns Decoded bytes\n * @throws {Error} If decoding fails\n */\nfunction base64UrlDecode(base64url: string): Uint8Array {\n // Convert base64url to base64\n let base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n\n // Add padding\n const padding = base64.length % 4;\n if (padding > 0) {\n base64 += '='.repeat(4 - padding);\n }\n\n // Decode\n if (typeof Buffer !== 'undefined') {\n // Node.js environment\n return new Uint8Array(Buffer.from(base64, 'base64'));\n } else {\n // Browser environment\n const binary = atob(base64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n }\n}\n","import type { BitsPerStatus, StatusValue } from '../types/common.js';\nimport { packBits, unpackBits, getBitValue, setBitValue, calculateCapacity } from './bitpack.js';\nimport { compress, decompress, compressToBase64URL, decompressFromBase64URL } from './compression.js';\n\n/**\n * Represents a Status List containing credential statuses in a compressed bit array.\n *\n * The StatusList class manages a byte array where each status entry uses a configurable\n * number of bits (1, 2, 4, or 8). This allows efficient storage of credential status\n * information for thousands or millions of credentials.\n *\n * @example\n * ```typescript\n * // Create a status list with 1000 entries (all valid)\n * const list = StatusList.fromArray(new Array(1000).fill(0), 1);\n *\n * // Revoke a credential at index 42\n * list.setStatus(42, 1);\n *\n * // Compress for JWT\n * const compressed = list.compressToBase64URL();\n * ```\n */\nexport class StatusList {\n private readonly statusArray: Uint8Array;\n private readonly bitsPerStatus: BitsPerStatus;\n\n /**\n * Creates a StatusList from a byte array.\n *\n * @param statusArray - Byte array containing packed status values\n * @param bitsPerStatus - Number of bits per status entry\n *\n * @private Use static factory methods instead: fromArray(), decompressFromBase64URL(), decompressFromBytes()\n */\n constructor(statusArray: Uint8Array, bitsPerStatus: BitsPerStatus) {\n this.statusArray = statusArray;\n this.bitsPerStatus = bitsPerStatus;\n }\n\n /**\n * Gets the status value at a specific index.\n *\n * @param index - Index of the status entry (0-based)\n * @returns Status value at the given index\n * @throws {IndexOutOfBoundsError} If index is out of bounds\n *\n * @example\n * ```typescript\n * const status = list.getStatus(42);\n * if (status === StandardStatusValues.INVALID) {\n * console.log('Credential is revoked');\n * }\n * ```\n */\n getStatus(index: number): StatusValue {\n return getBitValue(this.statusArray, index, this.bitsPerStatus);\n }\n\n /**\n * Sets the status value at a specific index.\n *\n * Note: This modifies the status list in place. After modifying statuses,\n * you'll need to recompress and re-sign the status list token.\n *\n * @param index - Index of the status entry (0-based)\n * @param value - New status value\n * @throws {IndexOutOfBoundsError} If index is out of bounds\n * @throws {InvalidStatusValueError} If value exceeds the maximum for the bit size\n *\n * @example\n * ```typescript\n * // Revoke credential at index 42\n * list.setStatus(42, StandardStatusValues.INVALID);\n *\n * // Suspend credential at index 100\n * list.setStatus(100, StandardStatusValues.SUSPENDED);\n * ```\n */\n setStatus(index: number, value: StatusValue): void {\n setBitValue(this.statusArray, index, value, this.bitsPerStatus);\n }\n\n /**\n * Gets the number of bits used per status entry.\n *\n * @returns Number of bits per status (1, 2, 4, or 8)\n */\n getBitsPerStatus(): BitsPerStatus {\n return this.bitsPerStatus;\n }\n\n /**\n * Gets the total number of status entries in this list.\n *\n * @returns Total capacity of the status list\n */\n getSize(): number {\n return calculateCapacity(this.statusArray.length, this.bitsPerStatus);\n }\n\n /**\n * Gets the raw byte array (for internal use).\n *\n * @returns The underlying byte array\n */\n getBytes(): Uint8Array {\n return this.statusArray;\n }\n\n /**\n * Compresses the status list to base64url format (for JWT).\n *\n * @returns Base64URL-encoded compressed status list\n *\n * @example\n * ```typescript\n * const lst = list.compressToBase64URL();\n * // Use in JWT payload: { status_list: { bits: 1, lst } }\n * ```\n */\n compressToBase64URL(): string {\n return compressToBase64URL(this.statusArray);\n }\n\n /**\n * Compresses the status list to raw bytes (for CWT).\n *\n * @returns Compressed status list as bytes\n *\n * @example\n * ```typescript\n * const lst = list.compressToBytes();\n * // Use in CWT payload: { 65533: { bits: 1, lst } }\n * ```\n */\n compressToBytes(): Uint8Array {\n return compress(this.statusArray);\n }\n\n // ===== Static Factory Methods =====\n\n /**\n * Creates a StatusList from an array of status values.\n *\n * @param statuses - Array of status values\n * @param bitsPerStatus - Number of bits per status entry (1, 2, 4, or 8)\n * @returns New StatusList instance\n * @throws {InvalidBitSizeError} If bitsPerStatus is not 1, 2, 4, or 8\n * @throws {InvalidStatusValueError} If any status value exceeds the maximum for the bit size\n *\n * @example\n * ```typescript\n * // Create list with 1-bit statuses (valid/invalid)\n * const statuses = new Array(10000).fill(0); // All valid\n * statuses[42] = 1; // Revoke one credential\n * const list = StatusList.fromArray(statuses, 1);\n *\n * // Create list with 2-bit statuses (valid/invalid/suspended/custom)\n * const statuses2 = [0, 1, 2, 0, 1, 3];\n * const list2 = StatusList.fromArray(statuses2, 2);\n * ```\n */\n static fromArray(statuses: StatusValue[], bitsPerStatus: BitsPerStatus): StatusList {\n const bytes = packBits(statuses, bitsPerStatus);\n return new StatusList(bytes, bitsPerStatus);\n }\n\n /**\n * Creates a StatusList by decompressing a base64url-encoded string (from JWT).\n *\n * @param compressed - Base64URL-encoded compressed status list\n * @param bitsPerStatus - Number of bits per status entry\n * @returns New StatusList instance\n * @throws {CompressionError} If decompression fails\n *\n * @example\n * ```typescript\n * // From JWT payload\n * const payload = parseJWT(token);\n * const list = StatusList.decompressFromBase64URL(\n * payload.status_list.lst,\n * payload.status_list.bits\n * );\n * ```\n */\n static decompressFromBase64URL(compressed: string, bitsPerStatus: BitsPerStatus): StatusList {\n const bytes = decompressFromBase64URL(compressed);\n return new StatusList(bytes, bitsPerStatus);\n }\n\n /**\n * Creates a StatusList by decompressing raw bytes (from CWT).\n *\n * @param compressed - Compressed status list as bytes\n * @param bitsPerStatus - Number of bits per status entry\n * @returns New StatusList instance\n * @throws {CompressionError} If decompression fails\n *\n * @example\n * ```typescript\n * // From CWT payload\n * const payload = parseCWT(token);\n * const statusListData = payload[65533]; // status_list claim\n * const list = StatusList.decompressFromBytes(\n * statusListData.lst,\n * statusListData.bits\n * );\n * ```\n */\n static decompressFromBytes(compressed: Uint8Array, bitsPerStatus: BitsPerStatus): StatusList {\n const bytes = decompress(compressed);\n return new StatusList(bytes, bitsPerStatus);\n }\n\n /**\n * Creates an empty StatusList with a specified capacity.\n *\n * All status entries are initialized to 0 (VALID).\n *\n * @param capacity - Number of status entries\n * @param bitsPerStatus - Number of bits per status entry (1, 2, 4, or 8)\n * @returns New StatusList instance\n *\n * @example\n * ```typescript\n * // Create empty list for 100,000 credentials\n * const list = StatusList.create(100000, 1);\n * ```\n */\n static create(capacity: number, bitsPerStatus: BitsPerStatus): StatusList {\n const totalBits = capacity * bitsPerStatus;\n const byteLength = Math.ceil(totalBits / 8);\n const bytes = new Uint8Array(byteLength);\n return new StatusList(bytes, bitsPerStatus);\n }\n\n /**\n * Converts the status list to an array of status values (for debugging/testing).\n *\n * Warning: For large status lists, this can be memory-intensive.\n *\n * @returns Array of all status values\n */\n toArray(): StatusValue[] {\n return unpackBits(this.statusArray, this.bitsPerStatus);\n }\n}\n","/**\n * Number of bits used per status entry in the status list.\n * Must be one of: 1, 2, 4, or 8 bits per status.\n *\n * - 1 bit: 2 possible states (e.g., valid/invalid)\n * - 2 bits: 4 possible states (e.g., valid/invalid/suspended/custom)\n * - 4 bits: 16 possible states\n * - 8 bits: 256 possible states\n */\nexport type BitsPerStatus = 1 | 2 | 4 | 8;\n\n/**\n * Status value for a credential.\n * Valid range: 0 to (2^bitsPerStatus - 1)\n *\n * For 1-bit: 0-1\n * For 2-bit: 0-3\n * For 4-bit: 0-15\n * For 8-bit: 0-255\n */\nexport type StatusValue = number;\n\n/**\n * Standard status values defined by the IETF OAuth Status List specification.\n *\n * @see https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-14.html#section-7\n */\nexport enum StandardStatusValues {\n /**\n * 0x00: The status of the Referenced Token is VALID, CORRECT, or NOT_REVOKED.\n */\n VALID = 0x00,\n\n /**\n * 0x01: The status of the Referenced Token is INVALID, REVOKED, ANNULLED, RECALLED, or CANCELLED.\n */\n INVALID = 0x01,\n\n /**\n * 0x02: The status of the Referenced Token is SUSPENDED.\n * The Issuer may decide to set this status temporarily to investigate\n * or respond to specific situations (e.g., fraud investigation).\n */\n SUSPENDED = 0x02,\n\n /**\n * 0x03: Application-specific status value.\n */\n APPLICATION_SPECIFIC = 0x03,\n}\n\n/**\n * Format of the status list token.\n */\nexport type StatusFormat = 'jwt' | 'cwt';\n\n/**\n * Configuration for creating a status list.\n */\nexport interface StatusListConfig {\n /**\n * Number of entries in the status list.\n */\n size: number;\n\n /**\n * Number of bits per status entry.\n */\n bitsPerStatus: BitsPerStatus;\n\n /**\n * Optional URI for status list aggregation.\n */\n aggregationUri?: string;\n}\n","import { StatusList } from '../../core/StatusList.js';\nimport { InvalidTokenFormatError } from '../../types/errors.js';\nimport type {\n StatusListJWTHeader,\n StatusListJWTPayload,\n CreateJWTStatusListOptions,\n ParsedJWTStatusList,\n StatusListReference,\n} from './types.js';\n\n/**\n * Creates a JWT Status List payload (without signing).\n *\n * This function creates the header and payload objects for a Status List JWT.\n * The actual signing should be done using the `jose` library or similar.\n *\n * @param options - Configuration for creating the status list payload\n * @returns Object containing header and payload ready for signing\n *\n * @example\n * ```typescript\n * import { StatusList } from '@vess-id/status-list';\n * import { createJWTStatusListPayload } from '@vess-id/status-list/formats/jwt';\n * import { SignJWT } from 'jose';\n *\n * const list = StatusList.create(1000, 1);\n * const lst = list.compressToBase64URL();\n *\n * const { header, payload } = createJWTStatusListPayload({\n * iss: 'https://issuer.example.com',\n * sub: 'https://issuer.example.com/status/1',\n * lst,\n * bits: 1,\n * iat: Math.floor(Date.now() / 1000),\n * exp: Math.floor(Date.now() / 1000) + 86400,\n * ttl: 3600,\n * });\n *\n * // Sign with jose\n * const jwt = await new SignJWT(payload)\n * .setProtectedHeader(header)\n * .sign(privateKey);\n * ```\n */\nexport function createJWTStatusListPayload(options: CreateJWTStatusListOptions): {\n header: StatusListJWTHeader;\n payload: StatusListJWTPayload;\n} {\n const {\n iss,\n sub,\n lst,\n bits,\n iat = Math.floor(Date.now() / 1000),\n exp,\n ttl,\n aggregation_uri,\n additionalClaims = {},\n } = options;\n\n const header: StatusListJWTHeader = {\n typ: 'statuslist+jwt',\n alg: 'ES256', // Default algorithm, can be overridden when signing\n };\n\n const payload: StatusListJWTPayload = {\n iss,\n sub,\n iat,\n status_list: {\n bits,\n lst,\n ...(aggregation_uri && { aggregation_uri }),\n },\n ...additionalClaims,\n };\n\n if (exp !== undefined) {\n payload.exp = exp;\n }\n\n if (ttl !== undefined) {\n payload.ttl = ttl;\n }\n\n return { header, payload };\n}\n\n/**\n * Parses a JWT Status List Token (without verifying the signature).\n *\n * This function decodes and validates the structure of a Status List JWT.\n * Signature verification should be done separately using `jose` or similar.\n *\n * @param jwt - JWT string to parse\n * @returns Parsed header, payload, and decompressed status list\n * @throws {InvalidTokenFormatError} If the JWT format is invalid\n *\n * @example\n * ```typescript\n * import { parseJWTStatusList } from '@vess-id/status-list/formats/jwt';\n * import { jwtVerify } from 'jose';\n *\n * // First verify the signature\n * const { payload } = await jwtVerify(jwt, publicKey);\n *\n * // Then parse and decompress\n * const { header, payload: parsed, statusList } = parseJWTStatusList(jwt);\n *\n * // Check credential status\n * const status = statusList.getStatus(42);\n * ```\n */\nexport function parseJWTStatusList(jwt: string): ParsedJWTStatusList & { statusList: StatusList } {\n // Split JWT into parts\n const parts = jwt.split('.');\n if (parts.length !== 3) {\n throw new InvalidTokenFormatError('JWT must have 3 parts separated by dots');\n }\n\n try {\n // Decode header\n const headerJson = base64UrlDecode(parts[0]);\n const header = JSON.parse(headerJson) as StatusListJWTHeader;\n\n // Validate header type\n if (header.typ !== 'statuslist+jwt') {\n throw new InvalidTokenFormatError(`Invalid typ header: expected \"statuslist+jwt\", got \"${header.typ}\"`);\n }\n\n // Decode payload\n const payloadJson = base64UrlDecode(parts[1]);\n const payload = JSON.parse(payloadJson) as StatusListJWTPayload;\n\n // Validate required fields\n validateJWTPayload(payload);\n\n // Decompress status list\n const statusList = StatusList.decompressFromBase64URL(payload.status_list.lst, payload.status_list.bits);\n\n return {\n header,\n payload,\n jwt,\n statusList,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to parse JWT: ${(error as Error).message}`);\n }\n}\n\n/**\n * Extracts the status list reference from a credential JWT.\n *\n * @param credentialJWT - Credential JWT containing a status claim\n * @returns Status list reference (idx and uri)\n * @throws {InvalidTokenFormatError} If the status claim is missing or invalid\n *\n * @example\n * ```typescript\n * import { extractStatusListReference } from '@vess-id/status-list/formats/jwt';\n *\n * const credential = 'eyJ...'; // Credential JWT\n * const { idx, uri } = extractStatusListReference(credential);\n *\n * // Fetch status list from uri and check status at idx\n * ```\n */\nexport function extractStatusListReference(credentialJWT: string): StatusListReference {\n const parts = credentialJWT.split('.');\n if (parts.length !== 3) {\n throw new InvalidTokenFormatError('JWT must have 3 parts');\n }\n\n try {\n const payloadJson = base64UrlDecode(parts[1]);\n const payload = JSON.parse(payloadJson) as Record<string, unknown>;\n\n // Check for status claim\n if (!payload.status || typeof payload.status !== 'object') {\n throw new InvalidTokenFormatError('Missing status claim in credential');\n }\n\n const status = payload.status as Record<string, unknown>;\n\n if (!status.status_list || typeof status.status_list !== 'object') {\n throw new InvalidTokenFormatError('Missing status_list in status claim');\n }\n\n const statusList = status.status_list as Record<string, unknown>;\n\n // Validate idx and uri\n if (typeof statusList.idx !== 'number' || statusList.idx < 0) {\n throw new InvalidTokenFormatError('Invalid or missing idx in status_list');\n }\n\n if (typeof statusList.uri !== 'string' || !statusList.uri) {\n throw new InvalidTokenFormatError('Invalid or missing uri in status_list');\n }\n\n return {\n idx: statusList.idx,\n uri: statusList.uri,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to extract status reference: ${(error as Error).message}`);\n }\n}\n\n/**\n * Validates a JWT payload for required fields.\n *\n * @param payload - JWT payload to validate\n * @throws {InvalidTokenFormatError} If validation fails\n */\nfunction validateJWTPayload(payload: StatusListJWTPayload): void {\n // Check required top-level claims\n if (!payload.iss || typeof payload.iss !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"iss\" claim');\n }\n\n if (!payload.sub || typeof payload.sub !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"sub\" claim');\n }\n\n if (typeof payload.iat !== 'number') {\n throw new InvalidTokenFormatError('Missing or invalid \"iat\" claim');\n }\n\n // Check status_list claim\n if (!payload.status_list || typeof payload.status_list !== 'object') {\n throw new InvalidTokenFormatError('Missing or invalid \"status_list\" claim');\n }\n\n const { bits, lst } = payload.status_list;\n\n if (![1, 2, 4, 8].includes(bits)) {\n throw new InvalidTokenFormatError(`Invalid \"bits\" value: must be 1, 2, 4, or 8, got ${bits}`);\n }\n\n if (!lst || typeof lst !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"lst\" field in status_list');\n }\n\n // Validate optional fields\n if (payload.exp !== undefined && typeof payload.exp !== 'number') {\n throw new InvalidTokenFormatError('Invalid \"exp\" claim: must be a number');\n }\n\n if (payload.ttl !== undefined && typeof payload.ttl !== 'number') {\n throw new InvalidTokenFormatError('Invalid \"ttl\" claim: must be a number');\n }\n}\n\n/**\n * Decodes a base64url string to UTF-8.\n *\n * @param base64url - Base64URL-encoded string\n * @returns Decoded string\n */\nfunction base64UrlDecode(base64url: string): string {\n // Convert base64url to base64\n let base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n\n // Add padding\n const padding = base64.length % 4;\n if (padding > 0) {\n base64 += '='.repeat(4 - padding);\n }\n\n // Decode\n if (typeof Buffer !== 'undefined') {\n // Node.js environment\n return Buffer.from(base64, 'base64').toString('utf-8');\n } else {\n // Browser environment\n return decodeURIComponent(\n atob(base64)\n .split('')\n .map((c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))\n .join(''),\n );\n }\n}\n","import { SignJWT, type KeyLike } from 'jose';\nimport type { StatusListJWTPayload, SignJWTOptions } from './types.js';\n\n/**\n * Signs a Status List JWT using the provided private key.\n *\n * This function uses the `jose` library to create a signed JWT from a Status List payload.\n *\n * @param payload - Status List JWT payload\n * @param privateKey - Private key for signing (KeyLike from jose)\n * @param options - Optional signing options (algorithm, kid, additional headers)\n * @returns Signed JWT string\n *\n * @example\n * ```typescript\n * import { signStatusListJWT } from '@vess-id/status-list/formats/jwt';\n * import { StatusList } from '@vess-id/status-list';\n * import { importPKCS8 } from 'jose';\n *\n * // Create status list\n * const list = StatusList.create(1000, 1);\n * const lst = list.compressToBase64URL();\n *\n * // Create payload\n * const payload = {\n * iss: 'https://issuer.example.com',\n * sub: 'https://issuer.example.com/status/1',\n * iat: Math.floor(Date.now() / 1000),\n * exp: Math.floor(Date.now() / 1000) + 86400,\n * ttl: 3600,\n * status_list: { bits: 1, lst },\n * };\n *\n * // Import private key\n * const privateKey = await importPKCS8(pemPrivateKey, 'ES256');\n *\n * // Sign\n * const jwt = await signStatusListJWT(payload, privateKey, {\n * alg: 'ES256',\n * kid: 'key-123',\n * });\n * ```\n */\nexport async function signStatusListJWT(\n payload: StatusListJWTPayload,\n privateKey: KeyLike,\n options?: SignJWTOptions,\n): Promise<string> {\n const { alg = 'ES256', kid, additionalHeaders = {} } = options || {};\n\n const jwt = new SignJWT(payload)\n .setProtectedHeader({\n typ: 'statuslist+jwt',\n alg,\n ...(kid && { kid }),\n ...additionalHeaders,\n })\n .setIssuer(payload.iss)\n .setSubject(payload.sub)\n .setIssuedAt(payload.iat);\n\n // Set optional claims\n if (payload.exp !== undefined) {\n jwt.setExpirationTime(payload.exp);\n }\n\n return await jwt.sign(privateKey);\n}\n","import { jwtVerify, type KeyLike, type JWTVerifyResult } from 'jose';\nimport type { StatusListJWTHeader, StatusListJWTPayload } from './types.js';\nimport { InvalidTokenFormatError } from '../../types/errors.js';\n\n/**\n * Options for verifying a Status List JWT.\n */\nexport interface VerifyJWTOptions {\n /**\n * Expected issuer (iss claim).\n * If provided, verification will fail if the token's iss doesn't match.\n */\n issuer?: string;\n\n /**\n * Expected subject (sub claim).\n * If provided, verification will fail if the token's sub doesn't match.\n */\n subject?: string;\n\n /**\n * Current time for validation (in seconds since epoch).\n * Defaults to current time if not provided.\n */\n currentTime?: number;\n\n /**\n * Clock tolerance in seconds.\n * Allows for small clock differences between issuer and verifier.\n * Default: 0\n */\n clockTolerance?: number;\n}\n\n/**\n * Result of verifying a Status List JWT.\n */\nexport interface VerifiedStatusListJWT {\n /**\n * Verified JWT header.\n */\n header: StatusListJWTHeader;\n\n /**\n * Verified JWT payload.\n */\n payload: StatusListJWTPayload;\n}\n\n/**\n * Verifies the signature and validates a Status List JWT.\n *\n * This function:\n * 1. Verifies the JWT signature using the provided public key\n * 2. Validates the JWT structure and claims\n * 3. Checks expiration (if exp is present)\n * 4. Optionally validates issuer and subject\n *\n * @param jwt - JWT string to verify\n * @param publicKey - Public key for verification (KeyLike from jose)\n * @param options - Optional verification options\n * @returns Verified header and payload\n * @throws {InvalidTokenFormatError} If verification fails\n *\n * @example\n * ```typescript\n * import { verifyStatusListJWT } from '@vess-id/status-list/formats/jwt';\n * import { importSPKI } from 'jose';\n *\n * // Import public key\n * const publicKey = await importSPKI(pemPublicKey, 'ES256');\n *\n * try {\n * const { header, payload } = await verifyStatusListJWT(jwt, publicKey, {\n * issuer: 'https://issuer.example.com',\n * subject: 'https://issuer.example.com/status/1',\n * });\n *\n * console.log('JWT is valid');\n * console.log('Issued at:', new Date(payload.iat * 1000));\n * console.log('Expires at:', payload.exp ? new Date(payload.exp * 1000) : 'Never');\n * } catch (error) {\n * console.error('Verification failed:', error.message);\n * }\n * ```\n */\nexport async function verifyStatusListJWT(\n jwt: string,\n publicKey: KeyLike,\n options?: VerifyJWTOptions,\n): Promise<VerifiedStatusListJWT> {\n const { issuer, subject, currentTime, clockTolerance = 0 } = options || {};\n\n try {\n const result: JWTVerifyResult = await jwtVerify(jwt, publicKey, {\n typ: 'statuslist+jwt',\n ...(issuer && { issuer }),\n ...(subject && { subject }),\n ...(currentTime && { currentDate: new Date(currentTime * 1000) }),\n clockTolerance,\n });\n\n const header = result.protectedHeader as StatusListJWTHeader;\n const payload = result.payload as StatusListJWTPayload;\n\n // Validate typ header\n if (header.typ !== 'statuslist+jwt') {\n throw new InvalidTokenFormatError(`Invalid typ header: expected \"statuslist+jwt\", got \"${header.typ}\"`);\n }\n\n // Validate required claims\n if (!payload.iss || typeof payload.iss !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"iss\" claim');\n }\n\n if (!payload.sub || typeof payload.sub !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"sub\" claim');\n }\n\n if (typeof payload.iat !== 'number') {\n throw new InvalidTokenFormatError('Missing or invalid \"iat\" claim');\n }\n\n if (!payload.status_list || typeof payload.status_list !== 'object') {\n throw new InvalidTokenFormatError('Missing or invalid \"status_list\" claim');\n }\n\n const { bits, lst } = payload.status_list;\n\n if (![1, 2, 4, 8].includes(bits)) {\n throw new InvalidTokenFormatError(`Invalid \"bits\" value: must be 1, 2, 4, or 8, got ${bits}`);\n }\n\n if (!lst || typeof lst !== 'string') {\n throw new InvalidTokenFormatError('Missing or invalid \"lst\" field in status_list');\n }\n\n return {\n header,\n payload,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n\n // Re-throw jose errors with more context\n const message = (error as Error).message;\n throw new InvalidTokenFormatError(`JWT verification failed: ${message}`);\n }\n}\n\n/**\n * Verifies only the signature of a Status List JWT without validating claims.\n *\n * Useful when you want to verify the signature but handle claim validation separately.\n *\n * @param jwt - JWT string to verify\n * @param publicKey - Public key for verification\n * @returns Verified header and payload\n * @throws {InvalidTokenFormatError} If signature verification fails\n */\nexport async function verifySignatureOnly(\n jwt: string,\n publicKey: KeyLike,\n): Promise<VerifiedStatusListJWT> {\n try {\n const result = await jwtVerify(jwt, publicKey, {\n typ: 'statuslist+jwt',\n });\n\n return {\n header: result.protectedHeader as StatusListJWTHeader,\n payload: result.payload as StatusListJWTPayload,\n };\n } catch (error) {\n throw new InvalidTokenFormatError(`Signature verification failed: ${(error as Error).message}`);\n }\n}\n","import type { BitsPerStatus } from '../../types/common.js';\n\n/**\n * CBOR Web Token (CWT) claim keys as defined in RFC 8392.\n *\n * @see https://www.rfc-editor.org/rfc/rfc8392.html#section-3.1\n * @see https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-14.html#section-5.2\n */\nexport const CWT_CLAIMS = {\n /** Issuer (iss) - Claim key 1 */\n ISS: 1,\n /** Subject (sub) - Claim key 2 */\n SUB: 2,\n /** Expiration Time (exp) - Claim key 4 */\n EXP: 4,\n /** Issued At (iat) - Claim key 6 */\n IAT: 6,\n /** Time to Live (ttl) - Claim key 65534 (custom) */\n TTL: 65534,\n /** Status List - Claim key 65533 (custom) */\n STATUS_LIST: 65533,\n} as const;\n\n/**\n * COSE header parameters.\n *\n * @see https://www.rfc-editor.org/rfc/rfc8152.html#section-3.1\n */\nexport const COSE_HEADERS = {\n /** Algorithm - Header parameter 1 */\n ALG: 1,\n /** Content Type - Header parameter 16 */\n CONTENT_TYPE: 16,\n /** Key ID - Header parameter 4 */\n KID: 4,\n} as const;\n\n/**\n * COSE algorithms.\n *\n * @see https://www.iana.org/assignments/cose/cose.xhtml#algorithms\n */\nexport const COSE_ALGORITHMS = {\n /** ES256 - ECDSA with SHA-256 */\n ES256: -7,\n /** ES384 - ECDSA with SHA-384 */\n ES384: -35,\n /** ES512 - ECDSA with SHA-512 */\n ES512: -36,\n /** EdDSA */\n EdDSA: -8,\n} as const;\n\n/**\n * Status List structure in CBOR format.\n */\nexport interface StatusListCWTClaim {\n /**\n * REQUIRED: Number of bits per status entry.\n * Must be 1, 2, 4, or 8.\n */\n bits: BitsPerStatus;\n\n /**\n * REQUIRED: Compressed status list as raw bytes.\n * Unlike JWT, this is NOT base64url-encoded.\n */\n lst: Uint8Array;\n\n /**\n * OPTIONAL: URI for status list aggregation.\n */\n aggregation_uri?: string;\n}\n\n/**\n * CWT payload for a Status List Token.\n *\n * Uses numeric claim keys as defined in RFC 8392 and the IETF spec.\n *\n * @see https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-14.html#section-5.2\n */\nexport interface StatusListCWTPayload {\n /**\n * OPTIONAL: Issuer (claim key 1).\n */\n [CWT_CLAIMS.ISS]?: string;\n\n /**\n * REQUIRED: Subject (claim key 2).\n * URI that identifies this specific status list.\n */\n [CWT_CLAIMS.SUB]?: string;\n\n /**\n * OPTIONAL: Expiration time (claim key 4).\n * Timestamp (seconds since epoch).\n */\n [CWT_CLAIMS.EXP]?: number;\n\n /**\n * REQUIRED: Issued at time (claim key 6).\n * Timestamp (seconds since epoch).\n */\n [CWT_CLAIMS.IAT]?: number;\n\n /**\n * OPTIONAL: Time to live in seconds (claim key 65534).\n */\n [CWT_CLAIMS.TTL]?: number;\n\n /**\n * REQUIRED: The status list (claim key 65533).\n */\n [CWT_CLAIMS.STATUS_LIST]: StatusListCWTClaim;\n\n /**\n * Allow additional claims.\n */\n [key: number]: unknown;\n}\n\n/**\n * COSE key in JWK-like format for elliptic curve keys.\n */\nexport interface EC2Key {\n /**\n * Key type: EC2 for Elliptic Curve keys with x and y coordinates.\n */\n kty: 'EC2';\n\n /**\n * Curve: P-256, P-384, or P-521.\n */\n crv: 'P-256' | 'P-384' | 'P-521';\n\n /**\n * X coordinate (public key component).\n */\n x: Uint8Array;\n\n /**\n * Y coordinate (public key component).\n */\n y: Uint8Array;\n\n /**\n * Private key (d parameter).\n * Only present for private keys.\n */\n d?: Uint8Array;\n\n /**\n * Key ID.\n */\n kid?: Uint8Array;\n}\n\n/**\n * COSE key for OKP (Octet Key Pair) keys like Ed25519.\n */\nexport interface OKPKey {\n /**\n * Key type: OKP for Octet Key Pair.\n */\n kty: 'OKP';\n\n /**\n * Curve: Ed25519 or Ed448.\n */\n crv: 'Ed25519' | 'Ed448';\n\n /**\n * Public key.\n */\n x: Uint8Array;\n\n /**\n * Private key.\n * Only present for private keys.\n */\n d?: Uint8Array;\n\n /**\n * Key ID.\n */\n kid?: Uint8Array;\n}\n\n/**\n * COSE key (either EC2 or OKP).\n */\nexport type COSEKey = EC2Key | OKPKey;\n\n/**\n * Options for creating a CWT Status List.\n */\nexport interface CreateCWTStatusListOptions {\n /**\n * OPTIONAL: Issuer identifier.\n */\n iss?: string;\n\n /**\n * OPTIONAL: Status list identifier (URI).\n */\n sub?: string;\n\n /**\n * REQUIRED: Compressed status list (raw bytes).\n */\n lst: Uint8Array;\n\n /**\n * REQUIRED: Number of bits per status.\n */\n bits: BitsPerStatus;\n\n /**\n * OPTIONAL: Issued at timestamp.\n * Defaults to current time if not provided.\n */\n iat?: number;\n\n /**\n * OPTIONAL: Expiration timestamp.\n */\n exp?: number;\n\n /**\n * OPTIONAL: Time to live in seconds.\n */\n ttl?: number;\n\n /**\n * OPTIONAL: Aggregation URI.\n */\n aggregation_uri?: string;\n\n /**\n * OPTIONAL: Additional claims (with numeric keys).\n */\n additionalClaims?: Record<number, unknown>;\n}\n\n/**\n * Options for signing a CWT with COSE Sign1.\n */\nexport interface SignCWTOptions {\n /**\n * OPTIONAL: Algorithm to use for signing.\n * Defaults to ES256 (-7).\n */\n alg?: number;\n\n /**\n * OPTIONAL: Key ID to include in the protected header.\n */\n kid?: Uint8Array;\n\n /**\n * OPTIONAL: Additional protected header parameters.\n */\n additionalHeaders?: Map<number, unknown>;\n}\n\n/**\n * Result of parsing a CWT Status List Token.\n */\nexport interface ParsedCWTStatusList {\n /**\n * Protected header.\n */\n protectedHeader: Map<number, unknown>;\n\n /**\n * Unprotected header.\n */\n unprotectedHeader: Map<number, unknown>;\n\n /**\n * CWT payload.\n */\n payload: StatusListCWTPayload;\n\n /**\n * Raw CWT bytes.\n */\n cwt: Uint8Array;\n}\n\n/**\n * Status list reference in CBOR format (for mdoc).\n */\nexport interface StatusListReferenceCBOR {\n /**\n * Index of this credential in the status list.\n */\n idx: number;\n\n /**\n * URI of the Status List Token.\n */\n uri: string;\n}\n","import * as cbor from 'cbor';\nimport { createSign, createVerify } from 'node:crypto';\nimport type { COSEKey } from './types.js';\nimport { InvalidTokenFormatError } from '../../types/errors.js';\n\n/**\n * COSE Sign1 structure tag.\n * Tag 18 indicates a COSE_Sign1 message.\n */\nconst COSE_SIGN1_TAG = 18;\n\n/**\n * Maps COSE algorithm identifiers to Node.js crypto algorithm names.\n */\nconst ALGORITHM_MAP: Record<string, { hash: string; curve?: string }> = {\n '-7': { hash: 'sha256', curve: 'prime256v1' }, // ES256\n '-35': { hash: 'sha384', curve: 'secp384r1' }, // ES384\n '-36': { hash: 'sha512', curve: 'secp521r1' }, // ES512\n '-8': { hash: 'sha512' }, // EdDSA (Ed25519)\n};\n\n/**\n * Creates a COSE Sign1 signature structure.\n *\n * COSE_Sign1 = [\n * protected: bstr, // Serialized protected header\n * unprotected: {}, // Unprotected header map\n * payload: bstr, // The payload\n * signature: bstr // The signature\n * ]\n *\n * @param payload - Payload to sign (CBOR-encoded)\n * @param protectedHeader - Protected header parameters\n * @param privateKey - COSE private key\n * @returns CBOR-encoded COSE Sign1 structure with tag\n */\nexport function signCOSE(\n payload: Uint8Array,\n protectedHeader: Map<number, unknown>,\n privateKey: COSEKey,\n): Uint8Array {\n // 1. Encode protected header\n const protectedHeaderEncoded = cbor.encode(protectedHeader);\n\n // 2. Create Sig_structure for signing\n // Sig_structure = [\n // context: \"Signature1\",\n // protected: protected header,\n // external_aad: empty,\n // payload: payload\n // ]\n const sigStructure = cbor.encode([\n 'Signature1', // Context\n protectedHeaderEncoded,\n new Uint8Array(0), // External AAD (empty)\n payload,\n ]);\n\n // 3. Get algorithm from protected header\n const alg = protectedHeader.get(1) as number;\n if (!alg) {\n throw new InvalidTokenFormatError('Algorithm (alg) must be specified in protected header');\n }\n\n // 4. Sign the Sig_structure\n const signature = signData(sigStructure, alg, privateKey);\n\n // 5. Create COSE_Sign1 structure\n const coseSign1 = [\n protectedHeaderEncoded, // Protected header (encoded)\n {}, // Unprotected header (empty map)\n payload, // Payload\n signature, // Signature\n ];\n\n // 6. Encode with COSE_Sign1 tag (18)\n const tagged = new cbor.Tagged(COSE_SIGN1_TAG, coseSign1);\n return cbor.encode(tagged);\n}\n\n/**\n * Verifies a COSE Sign1 signature.\n *\n * @param coseSign1 - CBOR-encoded COSE Sign1 structure\n * @param publicKey - COSE public key\n * @returns Verified payload\n * @throws {InvalidTokenFormatError} If verification fails\n */\nexport function verifyCOSE(coseSign1: Uint8Array, publicKey: COSEKey): Uint8Array {\n try {\n // 1. Decode COSE_Sign1 structure\n const decoded = cbor.decode(coseSign1);\n\n // Check if it's tagged with COSE_Sign1 tag\n if (!(decoded instanceof cbor.Tagged) || decoded.tag !== COSE_SIGN1_TAG) {\n throw new InvalidTokenFormatError('Invalid COSE Sign1 structure: missing tag 18');\n }\n\n const [protectedHeaderEncoded, , payload, signature] = decoded.value as [\n Uint8Array,\n Record<string, unknown>,\n Uint8Array,\n Uint8Array,\n ];\n\n // 2. Decode protected header\n const protectedHeader = cbor.decode(protectedHeaderEncoded) as Map<number, unknown>;\n\n // 3. Get algorithm\n const alg = protectedHeader.get(1) as number;\n if (!alg) {\n throw new InvalidTokenFormatError('Missing algorithm in protected header');\n }\n\n // 4. Reconstruct Sig_structure\n const sigStructure = cbor.encode([\n 'Signature1',\n protectedHeaderEncoded,\n new Uint8Array(0), // External AAD\n payload,\n ]);\n\n // 5. Verify signature\n const valid = verifySignature(sigStructure, signature, alg, publicKey);\n if (!valid) {\n throw new InvalidTokenFormatError('Invalid COSE Sign1 signature');\n }\n\n return payload;\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to verify COSE Sign1: ${(error as Error).message}`);\n }\n}\n\n/**\n * Signs data using the specified COSE algorithm and private key.\n *\n * @param data - Data to sign\n * @param alg - COSE algorithm identifier\n * @param privateKey - Private key\n * @returns Signature bytes\n */\nfunction signData(data: Uint8Array, alg: number, privateKey: COSEKey): Uint8Array {\n const algInfo = ALGORITHM_MAP[alg.toString()];\n if (!algInfo) {\n throw new InvalidTokenFormatError(`Unsupported algorithm: ${alg}`);\n }\n\n if (privateKey.kty === 'EC2') {\n // ECDSA signing\n if (!privateKey.d) {\n throw new InvalidTokenFormatError('Private key (d) is required for signing');\n }\n\n // Convert COSE key to PEM format for Node.js crypto\n const pemKey = ec2KeyToPEM(privateKey, true);\n\n const sign = createSign(`RSA-SHA${algInfo.hash.replace('sha', '')}`);\n sign.update(data);\n const signature = sign.sign(pemKey);\n\n // Convert DER signature to raw R||S format (COSE requirement)\n return derToRaw(signature, getSignatureLength(alg));\n } else if (privateKey.kty === 'OKP') {\n // EdDSA signing\n if (!privateKey.d) {\n throw new InvalidTokenFormatError('Private key (d) is required for signing');\n }\n\n const pemKey = okpKeyToPEM(privateKey, true);\n const sign = createSign('SHA512'); // Ed25519 uses SHA512\n sign.update(data);\n return sign.sign(pemKey);\n }\n\n // TypeScript exhaustiveness check\n const _exhaustiveCheck: never = privateKey;\n throw new InvalidTokenFormatError(`Unsupported key type: ${(_exhaustiveCheck as COSEKey).kty}`);\n}\n\n/**\n * Verifies a signature using the specified COSE algorithm and public key.\n *\n * @param data - Data that was signed\n * @param signature - Signature to verify\n * @param alg - COSE algorithm identifier\n * @param publicKey - Public key\n * @returns True if signature is valid\n */\nfunction verifySignature(data: Uint8Array, signature: Uint8Array, alg: number, publicKey: COSEKey): boolean {\n const algInfo = ALGORITHM_MAP[alg.toString()];\n if (!algInfo) {\n throw new InvalidTokenFormatError(`Unsupported algorithm: ${alg}`);\n }\n\n if (publicKey.kty === 'EC2') {\n // ECDSA verification\n const pemKey = ec2KeyToPEM(publicKey, false);\n\n // Convert raw R||S signature to DER format for Node.js crypto\n const derSignature = rawToDer(signature);\n\n const verify = createVerify(`RSA-SHA${algInfo.hash.replace('sha', '')}`);\n verify.update(data);\n return verify.verify(pemKey, derSignature);\n } else if (publicKey.kty === 'OKP') {\n // EdDSA verification\n const pemKey = okpKeyToPEM(publicKey, false);\n\n const verify = createVerify('SHA512');\n verify.update(data);\n return verify.verify(pemKey, signature);\n }\n\n // TypeScript exhaustiveness check\n const _exhaustiveCheck: never = publicKey;\n throw new InvalidTokenFormatError(`Unsupported key type: ${(_exhaustiveCheck as COSEKey).kty}`);\n}\n\n/**\n * Converts an EC2 COSE key to PEM format.\n *\n * @param _key - EC2 key\n * @param _isPrivate - Whether to include private key component\n * @returns PEM-encoded key\n */\nfunction ec2KeyToPEM(_key: COSEKey & { kty: 'EC2' }, _isPrivate: boolean): string {\n // This is a simplified implementation\n // For production, use a proper library like 'node-jose' or 'cose-js'\n\n // Note: This implementation is incomplete and for demonstration only\n // A full implementation would need to properly encode EC2 keys to PEM format\n throw new Error('EC2 to PEM conversion not fully implemented. Use a COSE library like @transmute/cose instead.');\n}\n\n/**\n * Converts an OKP COSE key to PEM format.\n *\n * @param _key - OKP key\n * @param _isPrivate - Whether to include private key component\n * @returns PEM-encoded key\n */\nfunction okpKeyToPEM(_key: COSEKey & { kty: 'OKP' }, _isPrivate: boolean): string {\n // This is a simplified implementation\n // For production, use a proper library\n throw new Error('OKP to PEM conversion not fully implemented. Use a COSE library like @transmute/cose instead.');\n}\n\n/**\n * Converts a DER-encoded ECDSA signature to raw R||S format.\n *\n * @param derSignature - DER-encoded signature\n * @param length - Expected signature length in bytes\n * @returns Raw signature (R||S)\n */\nfunction derToRaw(derSignature: Uint8Array, length: number): Uint8Array {\n // Parse DER: SEQUENCE { r INTEGER, s INTEGER }\n // This is a simplified parser\n let offset = 2; // Skip SEQUENCE tag and length\n\n // Parse R\n const rLength = derSignature[offset + 1];\n offset += 2;\n const r = derSignature.slice(offset, offset + rLength);\n offset += rLength;\n\n // Parse S\n const sLength = derSignature[offset + 1];\n offset += 2;\n const s = derSignature.slice(offset, offset + sLength);\n\n // Concatenate R||S with padding\n const halfLength = length / 2;\n const raw = new Uint8Array(length);\n raw.set(r.slice(-halfLength), 0);\n raw.set(s.slice(-halfLength), halfLength);\n\n return raw;\n}\n\n/**\n * Converts a raw R||S ECDSA signature to DER format.\n *\n * @param rawSignature - Raw signature (R||S)\n * @returns DER-encoded signature\n */\nfunction rawToDer(rawSignature: Uint8Array): Uint8Array {\n const halfLength = rawSignature.length / 2;\n const r = rawSignature.slice(0, halfLength);\n const s = rawSignature.slice(halfLength);\n\n // Simple DER encoding\n const derR = encodeDerInteger(r);\n const derS = encodeDerInteger(s);\n\n const sequence = new Uint8Array(2 + derR.length + derS.length);\n sequence[0] = 0x30; // SEQUENCE tag\n sequence[1] = derR.length + derS.length;\n sequence.set(derR, 2);\n sequence.set(derS, 2 + derR.length);\n\n return sequence;\n}\n\n/**\n * Encodes a big integer in DER format.\n *\n * @param value - Integer bytes\n * @returns DER-encoded integer\n */\nfunction encodeDerInteger(value: Uint8Array): Uint8Array {\n // Remove leading zeros\n let i = 0;\n while (i < value.length && value[i] === 0) {\n i++;\n }\n value = value.slice(i);\n\n // Add leading zero if high bit is set (to keep it positive)\n const needsLeadingZero = value[0] >= 0x80;\n const length = value.length + (needsLeadingZero ? 1 : 0);\n\n const der = new Uint8Array(2 + length);\n der[0] = 0x02; // INTEGER tag\n der[1] = length;\n if (needsLeadingZero) {\n der[2] = 0x00;\n der.set(value, 3);\n } else {\n der.set(value, 2);\n }\n\n return der;\n}\n\n/**\n * Gets the expected signature length for a given COSE algorithm.\n *\n * @param alg - COSE algorithm identifier\n * @returns Signature length in bytes\n */\nfunction getSignatureLength(alg: number): number {\n switch (alg) {\n case -7: // ES256\n return 64;\n case -35: // ES384\n return 96;\n case -36: // ES512\n return 132;\n case -8: // EdDSA\n return 64;\n default:\n throw new InvalidTokenFormatError(`Unknown signature length for algorithm: ${alg}`);\n }\n}\n","import * as cbor from 'cbor';\nimport { StatusList } from '../../core/StatusList.js';\nimport { InvalidTokenFormatError } from '../../types/errors.js';\nimport {\n CWT_CLAIMS,\n COSE_HEADERS,\n COSE_ALGORITHMS,\n type StatusListCWTPayload,\n type CreateCWTStatusListOptions,\n type ParsedCWTStatusList,\n type StatusListReferenceCBOR,\n type COSEKey,\n type SignCWTOptions,\n} from './types.js';\nimport { signCOSE, verifyCOSE } from './cose.js';\n\n/**\n * Creates a CWT Status List payload (CBOR map).\n *\n * This function creates the payload for a Status List CWT using numeric claim keys.\n * The payload can be signed separately using COSE Sign1.\n *\n * @param options - Configuration for creating the status list payload\n * @returns CBOR-encodable payload object\n *\n * @example\n * ```typescript\n * import { StatusList } from '@vess-id/status-list';\n * import { createCWTStatusListPayload } from '@vess-id/status-list/formats/cwt';\n *\n * const list = StatusList.create(1000, 1);\n * const lst = list.compressToBytes();\n *\n * const payload = createCWTStatusListPayload({\n * sub: 'https://issuer.example.com/status/1',\n * lst,\n * bits: 1,\n * iat: Math.floor(Date.now() / 1000),\n * exp: Math.floor(Date.now() / 1000) + 86400,\n * ttl: 3600,\n * });\n * ```\n */\nexport function createCWTStatusListPayload(options: CreateCWTStatusListOptions): StatusListCWTPayload {\n const {\n iss,\n sub,\n lst,\n bits,\n iat = Math.floor(Date.now() / 1000),\n exp,\n ttl,\n aggregation_uri,\n additionalClaims = {},\n } = options;\n\n const payload: StatusListCWTPayload = {\n ...additionalClaims,\n [CWT_CLAIMS.STATUS_LIST]: {\n bits,\n lst,\n ...(aggregation_uri && { aggregation_uri }),\n },\n };\n\n if (iss !== undefined) {\n payload[CWT_CLAIMS.ISS] = iss;\n }\n\n if (sub !== undefined) {\n payload[CWT_CLAIMS.SUB] = sub;\n }\n\n if (iat !== undefined) {\n payload[CWT_CLAIMS.IAT] = iat;\n }\n\n if (exp !== undefined) {\n payload[CWT_CLAIMS.EXP] = exp;\n }\n\n if (ttl !== undefined) {\n payload[CWT_CLAIMS.TTL] = ttl;\n }\n\n return payload;\n}\n\n/**\n * Encodes a CWT Status List payload to CBOR format (without signing).\n *\n * @param payload - CWT payload\n * @returns CBOR-encoded payload\n *\n * @example\n * ```typescript\n * const payload = createCWTStatusListPayload({ ... });\n * const cbor = encodeCWTPayload(payload);\n * ```\n */\nexport function encodeCWTPayload(payload: StatusListCWTPayload): Uint8Array {\n return cbor.encode(payload);\n}\n\n/**\n * Parses a CWT Status List (CBOR-encoded, unsigned).\n *\n * This function decodes and validates the structure of an unsigned Status List CWT.\n * For signed CWTs (COSE Sign1), use `parseCWTStatusListSigned()` instead.\n *\n * @param cwtBytes - CBOR-encoded CWT bytes\n * @returns Parsed payload and decompressed status list\n * @throws {InvalidTokenFormatError} If the CWT format is invalid\n *\n * @example\n * ```typescript\n * import { parseCWTStatusList } from '@vess-id/status-list/formats/cwt';\n *\n * const { payload, statusList } = parseCWTStatusList(cwtBytes);\n *\n * // Check credential status\n * const status = statusList.getStatus(42);\n * ```\n */\nexport function parseCWTStatusList(cwtBytes: Uint8Array): ParsedCWTStatusList & { statusList: StatusList } {\n try {\n // Decode CBOR payload\n const payload = cbor.decode(cwtBytes) as Record<number, unknown>;\n\n // Validate structure\n validateCWTPayload(payload);\n\n const typedPayload = payload as StatusListCWTPayload;\n\n // Decompress status list\n const statusListClaim = typedPayload[CWT_CLAIMS.STATUS_LIST];\n const statusList = StatusList.decompressFromBytes(statusListClaim.lst, statusListClaim.bits);\n\n return {\n protectedHeader: new Map(),\n unprotectedHeader: new Map(),\n payload: typedPayload,\n cwt: cwtBytes,\n statusList,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to parse CWT: ${(error as Error).message}`);\n }\n}\n\n/**\n * Parses a signed CWT Status List (COSE Sign1).\n *\n * This function verifies the COSE Sign1 signature and extracts the payload.\n *\n * @param cwtBytes - CBOR-encoded COSE Sign1 structure\n * @param publicKey - Public key for verification\n * @returns Parsed payload and decompressed status list\n * @throws {InvalidTokenFormatError} If verification fails\n *\n * @example\n * ```typescript\n * const publicKey = { kty: 'EC2', crv: 'P-256', x: ..., y: ... };\n * const { payload, statusList } = parseCWTStatusListSigned(cwtBytes, publicKey);\n * ```\n */\nexport function parseCWTStatusListSigned(\n cwtBytes: Uint8Array,\n publicKey: COSEKey,\n): ParsedCWTStatusList & { statusList: StatusList } {\n try {\n // Verify COSE Sign1 and extract payload\n const payloadBytes = verifyCOSE(cwtBytes, publicKey);\n\n // Parse payload\n const payload = cbor.decode(payloadBytes) as Record<number, unknown>;\n validateCWTPayload(payload);\n\n const typedPayload = payload as StatusListCWTPayload;\n\n // Decompress status list\n const statusListClaim = typedPayload[CWT_CLAIMS.STATUS_LIST];\n const statusList = StatusList.decompressFromBytes(statusListClaim.lst, statusListClaim.bits);\n\n // Extract headers from COSE structure\n const decoded = cbor.decode(cwtBytes);\n const [protectedHeaderEncoded] = decoded.value as [Uint8Array, Record<string, unknown>, Uint8Array, Uint8Array];\n const protectedHeader = cbor.decode(protectedHeaderEncoded) as Map<number, unknown>;\n\n return {\n protectedHeader,\n unprotectedHeader: new Map(),\n payload: typedPayload,\n cwt: cwtBytes,\n statusList,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to parse signed CWT: ${(error as Error).message}`);\n }\n}\n\n/**\n * Signs a CWT Status List using COSE Sign1.\n *\n * Note: This is a basic implementation. For production use with real cryptographic\n * keys, consider using a dedicated COSE library like `@transmute/cose`.\n *\n * @param payload - CWT payload\n * @param privateKey - COSE private key\n * @param options - Signing options\n * @returns CBOR-encoded COSE Sign1 structure\n *\n * @example\n * ```typescript\n * const payload = createCWTStatusListPayload({ ... });\n * const privateKey = { kty: 'EC2', crv: 'P-256', x: ..., y: ..., d: ... };\n *\n * const cwt = signCWTStatusList(payload, privateKey, {\n * alg: -7, // ES256\n * kid: new TextEncoder().encode('key-123'),\n * });\n * ```\n */\nexport function signCWTStatusList(\n payload: StatusListCWTPayload,\n privateKey: COSEKey,\n options?: SignCWTOptions,\n): Uint8Array {\n const { alg = COSE_ALGORITHMS.ES256, kid, additionalHeaders = new Map() } = options || {};\n\n // Create protected header\n const protectedHeader = new Map<number, unknown>([\n [COSE_HEADERS.CONTENT_TYPE, 'application/statuslist+cwt'],\n [COSE_HEADERS.ALG, alg],\n ...additionalHeaders,\n ]);\n\n if (kid) {\n protectedHeader.set(COSE_HEADERS.KID, kid);\n }\n\n // Encode payload\n const payloadBytes = cbor.encode(payload);\n\n // Sign with COSE Sign1\n return signCOSE(payloadBytes, protectedHeader, privateKey);\n}\n\n/**\n * Extracts the status list reference from an mdoc or CBOR-encoded credential.\n *\n * @param credentialCBOR - CBOR-encoded credential containing a status claim\n * @returns Status list reference (idx and uri)\n * @throws {InvalidTokenFormatError} If the status claim is missing or invalid\n */\nexport function extractStatusListReferenceCBOR(credentialCBOR: Uint8Array): StatusListReferenceCBOR {\n try {\n const credential = cbor.decode(credentialCBOR) as Record<string | number, unknown>;\n\n // Look for status claim (could be under various keys depending on mdoc structure)\n // This is a simplified implementation\n const status = credential.status || credential['status'];\n\n if (!status || typeof status !== 'object') {\n throw new InvalidTokenFormatError('Missing status claim in credential');\n }\n\n const statusObj = status as Record<string, unknown>;\n const statusList = statusObj.status_list || statusObj['status_list'];\n\n if (!statusList || typeof statusList !== 'object') {\n throw new InvalidTokenFormatError('Missing status_list in status claim');\n }\n\n const statusListObj = statusList as Record<string, unknown>;\n\n if (typeof statusListObj.idx !== 'number' || statusListObj.idx < 0) {\n throw new InvalidTokenFormatError('Invalid or missing idx in status_list');\n }\n\n if (typeof statusListObj.uri !== 'string' || !statusListObj.uri) {\n throw new InvalidTokenFormatError('Invalid or missing uri in status_list');\n }\n\n return {\n idx: statusListObj.idx,\n uri: statusListObj.uri,\n };\n } catch (error) {\n if (error instanceof InvalidTokenFormatError) {\n throw error;\n }\n throw new InvalidTokenFormatError(`Failed to extract status reference: ${(error as Error).message}`);\n }\n}\n\n/**\n * Validates a CWT payload for required fields.\n *\n * @param payload - CWT payload to validate\n * @throws {InvalidTokenFormatError} If validation fails\n */\nfunction validateCWTPayload(payload: Record<number, unknown>): void {\n // Check status_list claim (required)\n const statusList = payload[CWT_CLAIMS.STATUS_LIST];\n\n if (!statusList || typeof statusList !== 'object') {\n throw new InvalidTokenFormatError(`Missing or invalid status_list claim (key ${CWT_CLAIMS.STATUS_LIST})`);\n }\n\n const statusListObj = statusList as Record<string, unknown>;\n\n if (!statusListObj.bits || ![1, 2, 4, 8].includes(statusListObj.bits as number)) {\n throw new InvalidTokenFormatError(`Invalid \"bits\" value: must be 1, 2, 4, or 8`);\n }\n\n if (!statusListObj.lst || !(statusListObj.lst instanceof Uint8Array)) {\n throw new InvalidTokenFormatError('Missing or invalid \"lst\" field in status_list');\n }\n\n // Validate optional fields\n if (payload[CWT_CLAIMS.ISS] !== undefined && typeof payload[CWT_CLAIMS.ISS] !== 'string') {\n throw new InvalidTokenFormatError(`Invalid \"iss\" claim (key ${CWT_CLAIMS.ISS}): must be a string`);\n }\n\n if (payload[CWT_CLAIMS.SUB] !== undefined && typeof payload[CWT_CLAIMS.SUB] !== 'string') {\n throw new InvalidTokenFormatError(`Invalid \"sub\" claim (key ${CWT_CLAIMS.SUB}): must be a string`);\n }\n\n if (payload[CWT_CLAIMS.IAT] !== undefined && typeof payload[CWT_CLAIMS.IAT] !== 'number') {\n throw new InvalidTokenFormatError(`Invalid \"iat\" claim (key ${CWT_CLAIMS.IAT}): must be a number`);\n }\n\n if (payload[CWT_CLAIMS.EXP] !== undefined && typeof payload[CWT_CLAIMS.EXP] !== 'number') {\n throw new InvalidTokenFormatError(`Invalid \"exp\" claim (key ${CWT_CLAIMS.EXP}): must be a number`);\n }\n\n if (payload[CWT_CLAIMS.TTL] !== undefined && typeof payload[CWT_CLAIMS.TTL] !== 'number') {\n throw new InvalidTokenFormatError(`Invalid \"ttl\" claim (key ${CWT_CLAIMS.TTL}): must be a number`);\n }\n}\n","import { FetchError, MissingStatusListUriError } from '../types/errors.js';\n\n/**\n * Options for fetching a Status List Token.\n */\nexport interface FetchOptions {\n /**\n * Request timeout in milliseconds.\n * Default: 10000 (10 seconds)\n */\n timeout?: number;\n\n /**\n * Additional HTTP headers to include in the request.\n */\n headers?: Record<string, string>;\n\n /**\n * Maximum number of redirects to follow.\n * Per IETF spec Section 11.4, limit redirects to prevent DoS attacks.\n * Default: 3\n */\n maxRedirects?: number;\n\n /**\n * Custom fetch implementation.\n * Useful for testing or custom environments.\n * Default: global fetch\n */\n fetchImpl?: typeof fetch;\n}\n\n/**\n * Default timeout for HTTP requests (10 seconds).\n */\nconst DEFAULT_TIMEOUT = 10000;\n\n/**\n * Default maximum redirects.\n * Per IETF spec Section 11.4, redirects should be limited.\n */\nconst DEFAULT_MAX_REDIRECTS = 3;\n\n/**\n * Content types for Status List Tokens.\n */\nconst CONTENT_TYPES = {\n JWT: 'application/statuslist+jwt',\n CWT: 'application/statuslist+cwt',\n} as const;\n\n/**\n * Fetches a Status List Token from a URI via HTTP GET.\n *\n * Automatically detects JWT vs CWT format based on Content-Type header.\n * Follows IETF spec security recommendations:\n * - Enforces timeout to prevent DoS\n * - Limits redirects (default: 3)\n * - Validates Content-Type header\n *\n * @param uri - URI of the Status List Token\n * @param options - Fetch options\n * @returns JWT as string or CWT as Uint8Array\n * @throws {MissingStatusListUriError} If URI is missing or invalid\n * @throws {FetchError} If HTTP request fails\n *\n * @example\n * ```typescript\n * // Fetch JWT Status List\n * const jwt = await fetchStatusListToken('https://issuer.example.com/status/1');\n * console.log(typeof jwt); // 'string'\n *\n * // Fetch CWT Status List\n * const cwt = await fetchStatusListToken('https://issuer.example.com/status/2');\n * console.log(cwt instanceof Uint8Array); // true\n * ```\n */\nexport async function fetchStatusListToken(\n uri: string,\n options: FetchOptions = {},\n): Promise<string | Uint8Array> {\n // Validate URI\n if (!uri || typeof uri !== 'string') {\n throw new MissingStatusListUriError('Status list URI is required');\n }\n\n let parsedUri: URL;\n try {\n parsedUri = new URL(uri);\n } catch (error) {\n throw new MissingStatusListUriError(`Invalid status list URI: ${uri}`);\n }\n\n // Only allow HTTP(S) protocols\n if (!['http:', 'https:'].includes(parsedUri.protocol)) {\n throw new FetchError(`Unsupported protocol: ${parsedUri.protocol}. Only HTTP(S) is allowed.`);\n }\n\n const {\n timeout = DEFAULT_TIMEOUT,\n headers = {},\n maxRedirects = DEFAULT_MAX_REDIRECTS,\n fetchImpl = fetch,\n } = options;\n\n // Create AbortController for timeout\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), timeout);\n\n try {\n // Make HTTP request\n const response = await fetchImpl(uri, {\n method: 'GET',\n headers: {\n Accept: `${CONTENT_TYPES.JWT}, ${CONTENT_TYPES.CWT}`,\n ...headers,\n },\n signal: controller.signal,\n redirect: 'follow',\n // @ts-expect-error - maxRedirects is not in standard fetch but supported by undici\n maxRedirects,\n });\n\n clearTimeout(timeoutId);\n\n // Check response status\n if (!response.ok) {\n throw new FetchError(\n `HTTP ${response.status} ${response.statusText} while fetching status list from ${uri}`,\n );\n }\n\n // Get Content-Type\n const contentType = response.headers.get('content-type');\n\n // Detect format based on Content-Type\n if (contentType?.includes(CONTENT_TYPES.JWT)) {\n // JWT format - return as string\n return await response.text();\n }\n\n if (contentType?.includes(CONTENT_TYPES.CWT)) {\n // CWT format - return as Uint8Array\n const arrayBuffer = await response.arrayBuffer();\n return new Uint8Array(arrayBuffer);\n }\n\n // If Content-Type is not set or unknown, try to auto-detect\n // JWT tokens start with \"eyJ\" (base64url-encoded JSON header)\n const arrayBuffer = await response.arrayBuffer();\n const bytes = new Uint8Array(arrayBuffer);\n\n // Check if it looks like a JWT (starts with base64url characters)\n const text = new TextDecoder().decode(bytes.slice(0, 3));\n if (text === 'eyJ') {\n // Likely JWT\n return new TextDecoder().decode(bytes);\n }\n\n // Otherwise assume CWT (CBOR binary format)\n return bytes;\n } catch (error) {\n clearTimeout(timeoutId);\n\n if (error instanceof FetchError || error instanceof MissingStatusListUriError) {\n throw error;\n }\n\n // Handle abort/timeout\n if ((error as Error).name === 'AbortError') {\n throw new FetchError(`Request timeout after ${timeout}ms while fetching ${uri}`);\n }\n\n // Handle network errors\n throw new FetchError(\n `Failed to fetch status list from ${uri}: ${(error as Error).message}`,\n );\n }\n}\n\n/**\n * Validates a status list URI.\n *\n * Checks:\n * - URI is not empty\n * - URI is a valid URL\n * - Protocol is HTTP or HTTPS\n *\n * @param uri - URI to validate\n * @returns True if valid\n *\n * @example\n * ```typescript\n * if (!isValidStatusListUri(uri)) {\n * throw new Error('Invalid status list URI');\n * }\n * ```\n */\nexport function isValidStatusListUri(uri: string): boolean {\n if (!uri || typeof uri !== 'string') {\n return false;\n }\n\n try {\n const parsed = new URL(uri);\n return ['http:', 'https:'].includes(parsed.protocol);\n } catch {\n return false;\n }\n}\n","import type { StatusListJWTPayload } from '../formats/jwt/types.js';\nimport type { StatusListCWTPayload } from '../formats/cwt/types.js';\nimport { CWT_CLAIMS } from '../formats/cwt/types.js';\n\n/**\n * Validation result with detailed error messages.\n */\nexport interface ValidationResult {\n /**\n * Whether the validation passed.\n */\n valid: boolean;\n\n /**\n * List of validation error messages.\n * Empty if valid is true.\n */\n errors: string[];\n}\n\n/**\n * Maximum recommended TTL value (in seconds).\n * Per IETF spec Section 11.5, excessively large TTL values can be used for DoS attacks.\n * Recommended max: 1 year (31536000 seconds)\n */\nconst MAX_TTL_SECONDS = 31536000; // 1 year\n\n/**\n * Minimum recommended TTL value (in seconds).\n * Very short TTL values may cause unnecessary network traffic.\n * Recommended min: 1 minute (60 seconds)\n */\nconst MIN_TTL_SECONDS = 60;\n\n/**\n * Validates a JWT Status List payload.\n *\n * Checks:\n * - Required claims (iss, sub, iat, status_list)\n * - status_list structure (bits, lst)\n * - bits value (must be 1, 2, 4, or 8)\n * - lst format (must be a non-empty string)\n * - Optional claims format (exp, ttl)\n *\n * @param payload - JWT payload to validate\n * @returns Validation result\n *\n * @example\n * ```typescript\n * const result = validateJWTPayload(payload);\n * if (!result.valid) {\n * console.error('Validation errors:', result.errors);\n * }\n * ```\n */\nexport function validateJWTPayload(payload: StatusListJWTPayload): ValidationResult {\n const errors: string[] = [];\n\n // Required: iss\n if (!payload.iss || typeof payload.iss !== 'string') {\n errors.push('Missing or invalid \"iss\" claim (must be a non-empty string)');\n }\n\n // Required: sub\n if (!payload.sub || typeof payload.sub !== 'string') {\n errors.push('Missing or invalid \"sub\" claim (must be a non-empty string)');\n }\n\n // Required: iat\n if (typeof payload.iat !== 'number') {\n errors.push('Missing or invalid \"iat\" claim (must be a number)');\n } else if (payload.iat < 0) {\n errors.push('\"iat\" claim must be a positive number');\n }\n\n // Required: status_list\n if (!payload.status_list || typeof payload.status_list !== 'object') {\n errors.push('Missing or invalid \"status_list\" claim (must be an object)');\n } else {\n const { bits, lst } = payload.status_list;\n\n // Validate bits\n if (![1, 2, 4, 8].includes(bits)) {\n errors.push('\"status_list.bits\" must be 1, 2, 4, or 8');\n }\n\n // Validate lst\n if (!lst || typeof lst !== 'string') {\n errors.push('\"status_list.lst\" must be a non-empty base64url-encoded string');\n }\n\n // Validate optional aggregation_uri\n if (payload.status_list.aggregation_uri !== undefined) {\n if (typeof payload.status_list.aggregation_uri !== 'string') {\n errors.push('\"status_list.aggregation_uri\" must be a string');\n }\n }\n }\n\n // Optional: exp\n if (payload.exp !== undefined) {\n if (typeof payload.exp !== 'number') {\n errors.push('\"exp\" claim must be a number');\n } else if (payload.exp < 0) {\n errors.push('\"exp\" claim must be a positive number');\n }\n }\n\n // Optional: ttl\n if (payload.ttl !== undefined) {\n if (typeof payload.ttl !== 'number') {\n errors.push('\"ttl\" claim must be a number');\n } else if (payload.ttl < 0) {\n errors.push('\"ttl\" claim must be a positive number');\n }\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n}\n\n/**\n * Validates a CWT Status List payload.\n *\n * Checks:\n * - Required claims (status_list with numeric key 65533)\n * - status_list structure (bits, lst)\n * - bits value (must be 1, 2, 4, or 8)\n * - lst format (must be a Uint8Array)\n * - Optional claims format (iss, sub, iat, exp, ttl)\n *\n * @param payload - CWT payload to validate\n * @returns Validation result\n *\n * @example\n * ```typescript\n * const result = validateCWTPayload(payload);\n * if (!result.valid) {\n * console.error('Validation errors:', result.errors);\n * }\n * ```\n */\nexport function validateCWTPayload(payload: StatusListCWTPayload): ValidationResult {\n const errors: string[] = [];\n\n // Required: status_list (claim key 65533)\n const statusList = payload[CWT_CLAIMS.STATUS_LIST];\n if (!statusList || typeof statusList !== 'object') {\n errors.push(`Missing or invalid status_list claim (key ${CWT_CLAIMS.STATUS_LIST})`);\n } else {\n const { bits, lst } = statusList;\n\n // Validate bits\n if (![1, 2, 4, 8].includes(bits)) {\n errors.push('\"status_list.bits\" must be 1, 2, 4, or 8');\n }\n\n // Validate lst\n if (!(lst instanceof Uint8Array)) {\n errors.push('\"status_list.lst\" must be a Uint8Array');\n } else if (lst.length === 0) {\n errors.push('\"status_list.lst\" must not be empty');\n }\n\n // Validate optional aggregation_uri\n if (statusList.aggregation_uri !== undefined) {\n if (typeof statusList.aggregation_uri !== 'string') {\n errors.push('\"status_list.aggregation_uri\" must be a string');\n }\n }\n }\n\n // Optional: iss (claim key 1)\n if (payload[CWT_CLAIMS.ISS] !== undefined) {\n if (typeof payload[CWT_CLAIMS.ISS] !== 'string') {\n errors.push(`\"iss\" claim (key ${CWT_CLAIMS.ISS}) must be a string`);\n }\n }\n\n // Optional: sub (claim key 2)\n if (payload[CWT_CLAIMS.SUB] !== undefined) {\n if (typeof payload[CWT_CLAIMS.SUB] !== 'string') {\n errors.push(`\"sub\" claim (key ${CWT_CLAIMS.SUB}) must be a string`);\n }\n }\n\n // Optional: exp (claim key 4)\n if (payload[CWT_CLAIMS.EXP] !== undefined) {\n const exp = payload[CWT_CLAIMS.EXP];\n if (typeof exp !== 'number') {\n errors.push(`\"exp\" claim (key ${CWT_CLAIMS.EXP}) must be a number`);\n } else if (exp < 0) {\n errors.push(`\"exp\" claim must be a positive number`);\n }\n }\n\n // Optional: iat (claim key 6)\n if (payload[CWT_CLAIMS.IAT] !== undefined) {\n const iat = payload[CWT_CLAIMS.IAT];\n if (typeof iat !== 'number') {\n errors.push(`\"iat\" claim (key ${CWT_CLAIMS.IAT}) must be a number`);\n } else if (iat < 0) {\n errors.push(`\"iat\" claim must be a positive number`);\n }\n }\n\n // Optional: ttl (claim key 65534)\n if (payload[CWT_CLAIMS.TTL] !== undefined) {\n const ttl = payload[CWT_CLAIMS.TTL];\n if (typeof ttl !== 'number') {\n errors.push(`\"ttl\" claim (key ${CWT_CLAIMS.TTL}) must be a number`);\n } else if (ttl < 0) {\n errors.push(`\"ttl\" claim must be a positive number`);\n }\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n}\n\n/**\n * Validates expiration and freshness of a status list token.\n *\n * Checks:\n * - If exp is set, validates it's not in the past\n * - If ttl is set, validates freshness based on iat + ttl\n * - Ensures iat is not in the future\n *\n * @param exp - Expiration time (seconds since epoch)\n * @param iat - Issued at time (seconds since epoch)\n * @param ttl - Time to live in seconds\n * @param currentTime - Current time (seconds since epoch). Defaults to now.\n * @returns Validation result\n *\n * @example\n * ```typescript\n * const result = validateExpiry(payload.exp, payload.iat, payload.ttl);\n * if (!result.valid) {\n * console.error('Token expired or not yet valid');\n * }\n * ```\n */\nexport function validateExpiry(\n exp?: number,\n iat?: number,\n ttl?: number,\n currentTime: number = Math.floor(Date.now() / 1000),\n): ValidationResult {\n const errors: string[] = [];\n\n // Check iat is not in the future\n if (iat !== undefined && iat > currentTime) {\n errors.push(`Token issued in the future (iat: ${iat}, current: ${currentTime})`);\n }\n\n // Check exp\n if (exp !== undefined) {\n if (exp < currentTime) {\n errors.push(`Token expired (exp: ${exp}, current: ${currentTime})`);\n }\n }\n\n // Check ttl freshness\n if (ttl !== undefined && iat !== undefined) {\n const expirationTime = iat + ttl;\n if (expirationTime < currentTime) {\n errors.push(`Token expired by ttl (iat: ${iat}, ttl: ${ttl}, current: ${currentTime})`);\n }\n }\n\n // If both exp and ttl are set, they should be consistent\n if (exp !== undefined && ttl !== undefined && iat !== undefined) {\n const calculatedExp = iat + ttl;\n // Allow some tolerance (1 second) for rounding\n if (Math.abs(exp - calculatedExp) > 1) {\n errors.push(\n `Inconsistent exp and ttl values (exp: ${exp}, iat + ttl: ${calculatedExp})`,\n );\n }\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n}\n\n/**\n * Validates TTL value is within recommended bounds.\n *\n * Per IETF spec Section 11.5, excessively large TTL values can be used\n * for DoS attacks by causing verifiers to cache stale status lists.\n *\n * Recommended bounds:\n * - Minimum: 60 seconds (1 minute)\n * - Maximum: 31536000 seconds (1 year)\n *\n * @param ttl - Time to live in seconds\n * @returns Validation result\n *\n * @example\n * ```typescript\n * const result = validateTTLBounds(payload.ttl);\n * if (!result.valid) {\n * console.warn('TTL outside recommended bounds:', result.errors);\n * }\n * ```\n */\nexport function validateTTLBounds(ttl?: number): ValidationResult {\n const errors: string[] = [];\n\n if (ttl === undefined) {\n return { valid: true, errors: [] };\n }\n\n if (ttl < MIN_TTL_SECONDS) {\n errors.push(\n `TTL too short (${ttl} seconds). Recommended minimum: ${MIN_TTL_SECONDS} seconds (1 minute)`,\n );\n }\n\n if (ttl > MAX_TTL_SECONDS) {\n errors.push(\n `TTL too large (${ttl} seconds). Recommended maximum: ${MAX_TTL_SECONDS} seconds (1 year). ` +\n 'Excessively large TTL values may be used for DoS attacks.',\n );\n }\n\n return {\n valid: errors.length === 0,\n errors,\n };\n}\n\n/**\n * Checks if a status list token is expired.\n *\n * A token is considered expired if:\n * - exp is set and is in the past, OR\n * - ttl is set and iat + ttl is in the past\n *\n * @param exp - Expiration time (seconds since epoch)\n * @param iat - Issued at time (seconds since epoch)\n * @param ttl - Time to live in seconds\n * @param currentTime - Current time (seconds since epoch). Defaults to now.\n * @returns True if expired\n *\n * @example\n * ```typescript\n * if (isExpired(payload.exp, payload.iat, payload.ttl)) {\n * throw new Error('Status list expired');\n * }\n * ```\n */\nexport function isExpired(\n exp?: number,\n iat?: number,\n ttl?: number,\n currentTime: number = Math.floor(Date.now() / 1000),\n): boolean {\n // Check exp\n if (exp !== undefined && exp < currentTime) {\n return true;\n }\n\n // Check ttl freshness\n if (ttl !== undefined && iat !== undefined) {\n const expirationTime = iat + ttl;\n if (expirationTime < currentTime) {\n return true;\n }\n }\n\n return false;\n}\n","import { StatusList } from '../core/StatusList.js';\nimport type { BitsPerStatus, StatusValue } from '../types/common.js';\nimport { parseJWTStatusList, type StatusListJWTPayload, type StatusListReference } from '../formats/jwt/index.js';\nimport { parseCWTStatusList, type StatusListCWTPayload, CWT_CLAIMS } from '../formats/cwt/index.js';\nimport { fetchStatusListToken, type FetchOptions } from './fetcher.js';\nimport { isExpired } from './validator.js';\n\n/**\n * High-level helper for working with Status List Tokens.\n *\n * Provides a unified interface for both JWT and CWT formats.\n * Similar to the Python implementation's StatusListTokenHelper.\n *\n * @example\n * ```typescript\n * // From a credential's status reference\n * const reference = { idx: 42, uri: 'https://issuer.example.com/status/1' };\n * const helper = await StatusListTokenHelper.fromStatusReference(reference);\n *\n * // Check credential status\n * if (helper.isExpired()) {\n * throw new Error('Status list expired');\n * }\n *\n * const status = helper.getStatus(reference.idx);\n * if (status === StandardStatusValues.INVALID) {\n * console.log('Credential is revoked');\n * }\n * ```\n */\nexport class StatusListTokenHelper {\n private constructor(\n private readonly header: Record<string, unknown> | Map<number, unknown>,\n private readonly payload: StatusListJWTPayload | StatusListCWTPayload,\n private readonly statusList: StatusList,\n private readonly format: 'jwt' | 'cwt',\n ) {}\n\n /**\n * Creates a helper from a Status List Token (JWT or CWT).\n *\n * Automatically detects the format:\n * - JWT: starts with \"eyJ\" (base64url-encoded header)\n * - CWT: CBOR binary format\n *\n * @param token - JWT string or CWT Uint8Array\n * @returns StatusListTokenHelper instance\n * @throws {InvalidTokenFormatError} If token format is invalid\n *\n * @example\n * ```typescript\n * // From JWT\n * const helper = StatusListTokenHelper.fromToken(jwtString);\n *\n * // From CWT\n * const helper = StatusListTokenHelper.fromToken(cwtBytes);\n * ```\n */\n static fromToken(token: string | Uint8Array): StatusListTokenHelper {\n // Auto-detect format\n if (typeof token === 'string') {\n // JWT format\n const { header, payload, statusList } = parseJWTStatusList(token);\n return new StatusListTokenHelper(header, payload, statusList, 'jwt');\n }\n\n // CWT format (Uint8Array)\n const { protectedHeader, payload, statusList } = parseCWTStatusList(token);\n return new StatusListTokenHelper(protectedHeader, payload, statusList, 'cwt');\n }\n\n /**\n * Creates a helper by fetching a Status List Token from a URI.\n *\n * Fetches the token via HTTP GET and automatically detects the format.\n *\n * @param reference - Status reference containing idx and uri\n * @param options - Fetch options\n * @returns StatusListTokenHelper instance\n * @throws {FetchError} If HTTP request fails\n * @throws {InvalidTokenFormatError} If token format is invalid\n *\n * @example\n * ```typescript\n * const reference = {\n * idx: 42,\n * uri: 'https://issuer.example.com/status/1'\n * };\n *\n * const helper = await StatusListTokenHelper.fromStatusReference(reference);\n * const status = helper.getStatus(reference.idx);\n * ```\n */\n static async fromStatusReference(\n reference: StatusListReference,\n options?: FetchOptions,\n ): Promise<StatusListTokenHelper> {\n const token = await fetchStatusListToken(reference.uri, options);\n return StatusListTokenHelper.fromToken(token);\n }\n\n /**\n * Gets the status value at a specific index.\n *\n * @param index - Index in the status list\n * @returns Status value (0-255 depending on bits per status)\n * @throws {IndexOutOfBoundsError} If index is out of bounds\n *\n * @example\n * ```typescript\n * const status = helper.getStatus(42);\n * if (status === StandardStatusValues.INVALID) {\n * console.log('Credential 42 is revoked');\n * }\n * ```\n */\n getStatus(index: number): StatusValue {\n return this.statusList.getStatus(index);\n }\n\n /**\n * Checks if the status list token is expired.\n *\n * A token is expired if:\n * - exp is set and is in the past, OR\n * - ttl is set and iat + ttl is in the past\n *\n * @param currentTime - Current time (seconds since epoch). Defaults to now.\n * @returns True if expired\n *\n * @example\n * ```typescript\n * if (helper.isExpired()) {\n * throw new Error('Status list expired - fetch a new one');\n * }\n * ```\n */\n isExpired(currentTime?: number): boolean {\n return isExpired(this.exp, this.iat, this.ttl, currentTime);\n }\n\n /**\n * Gets the issuer identifier (iss claim).\n *\n * @returns Issuer string or undefined if not set\n */\n get iss(): string | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).iss;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.ISS];\n }\n\n /**\n * Gets the subject identifier (sub claim).\n *\n * @returns Subject string or undefined if not set\n */\n get sub(): string | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).sub;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.SUB];\n }\n\n /**\n * Gets the issued at time (iat claim).\n *\n * @returns Timestamp in seconds since epoch, or undefined if not set\n */\n get iat(): number | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).iat;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.IAT];\n }\n\n /**\n * Gets the expiration time (exp claim).\n *\n * @returns Timestamp in seconds since epoch, or undefined if not set\n */\n get exp(): number | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).exp;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.EXP];\n }\n\n /**\n * Gets the time to live (ttl claim).\n *\n * @returns TTL in seconds, or undefined if not set\n */\n get ttl(): number | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).ttl;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.TTL];\n }\n\n /**\n * Gets the number of bits per status entry.\n *\n * @returns Bits per status (1, 2, 4, or 8)\n */\n get bits(): BitsPerStatus {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).status_list.bits;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.STATUS_LIST].bits;\n }\n\n /**\n * Gets the aggregation URI if set.\n *\n * @returns Aggregation URI or undefined if not set\n */\n get aggregationUri(): string | undefined {\n if (this.format === 'jwt') {\n return (this.payload as StatusListJWTPayload).status_list.aggregation_uri;\n }\n return (this.payload as StatusListCWTPayload)[CWT_CLAIMS.STATUS_LIST].aggregation_uri;\n }\n\n /**\n * Gets the format of the token.\n *\n * @returns 'jwt' or 'cwt'\n */\n get tokenFormat(): 'jwt' | 'cwt' {\n return this.format;\n }\n\n /**\n * Gets the size of the status list.\n *\n * @returns Number of status entries\n */\n get size(): number {\n return this.statusList.getSize();\n }\n\n /**\n * Gets the raw header.\n *\n * @returns Header as object (JWT) or Map (CWT)\n */\n getHeader(): Record<string, unknown> | Map<number, unknown> {\n return this.header;\n }\n\n /**\n * Gets the raw payload.\n *\n * @returns Payload object\n */\n getPayload(): StatusListJWTPayload | StatusListCWTPayload {\n return this.payload;\n }\n\n /**\n * Gets the underlying StatusList instance.\n *\n * @returns StatusList instance\n */\n getStatusList(): StatusList {\n return this.statusList;\n }\n}\n"]}
package/package.json ADDED
@@ -0,0 +1,79 @@
1
+ {
2
+ "name": "@vess-id/status-list",
3
+ "version": "0.1.0",
4
+ "description": "IETF OAuth Status List implementation for TypeScript/Node.js (JWT & CWT)",
5
+ "keywords": [
6
+ "oauth",
7
+ "status-list",
8
+ "jwt",
9
+ "cwt",
10
+ "revocation",
11
+ "sd-jwt",
12
+ "mdoc",
13
+ "verifiable-credentials"
14
+ ],
15
+ "type": "module",
16
+ "main": "./dist/index.cjs",
17
+ "module": "./dist/index.js",
18
+ "types": "./dist/index.d.ts",
19
+ "exports": {
20
+ ".": {
21
+ "import": {
22
+ "types": "./dist/index.d.ts",
23
+ "default": "./dist/index.js"
24
+ },
25
+ "require": {
26
+ "types": "./dist/index.d.cts",
27
+ "default": "./dist/index.cjs"
28
+ }
29
+ }
30
+ },
31
+ "files": [
32
+ "dist",
33
+ "README.md",
34
+ "LICENSE"
35
+ ],
36
+ "publishConfig": {
37
+ "access": "public"
38
+ },
39
+ "scripts": {
40
+ "build": "tsup",
41
+ "test": "vitest run",
42
+ "test:watch": "vitest",
43
+ "test:coverage": "vitest run --coverage",
44
+ "lint": "biome lint lib",
45
+ "format": "biome format --write lib",
46
+ "typecheck": "tsc --noEmit",
47
+ "prepublishOnly": "pnpm run build && pnpm test"
48
+ },
49
+ "dependencies": {
50
+ "pako": "^2.1.0",
51
+ "jose": "^5.9.6",
52
+ "cbor": "^10.0.11",
53
+ "cose-js": "^0.9.0",
54
+ "undici": "^7.3.0"
55
+ },
56
+ "devDependencies": {
57
+ "typescript": "^5.8.3",
58
+ "@types/pako": "^2.0.3",
59
+ "@types/node": "^20.0.0",
60
+ "vitest": "^3.0.0",
61
+ "@vitest/coverage-v8": "^3.0.0",
62
+ "tsup": "^8.4.0",
63
+ "@biomejs/biome": "^1.9.4"
64
+ },
65
+ "engines": {
66
+ "node": ">=20"
67
+ },
68
+ "license": "Apache-2.0",
69
+ "author": "VESS Project",
70
+ "repository": {
71
+ "type": "git",
72
+ "url": "git+https://github.com/vess-id/backend.git",
73
+ "directory": "sdk/STATUS-LIST"
74
+ },
75
+ "homepage": "https://github.com/vess-id/backend/tree/main/sdk/STATUS-LIST#readme",
76
+ "bugs": {
77
+ "url": "https://github.com/vess-id/backend/issues"
78
+ }
79
+ }