gdc-common-utils-ts 1.0.4 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AesManager.d.ts +27 -0
- package/dist/AesManager.js +62 -0
- package/dist/CryptographyService.d.ts +76 -0
- package/dist/CryptographyService.js +403 -0
- package/dist/constants/Schemas.d.ts +45 -0
- package/dist/constants/Schemas.js +48 -0
- package/dist/constants/index.js +1 -0
- package/{src/constants/schemaorg.ts → dist/constants/schemaorg.d.ts} +24 -116
- package/dist/constants/schemaorg.js +185 -0
- package/dist/cryptoDecode.d.ts +3 -0
- package/dist/cryptoDecode.js +90 -0
- package/dist/cryptoEncode.d.ts +1 -0
- package/dist/cryptoEncode.js +30 -0
- package/dist/cryptography.abstract.d.ts +13 -0
- package/{src/cryptography.abstract.ts → dist/cryptography.abstract.js} +6 -14
- package/dist/hmac.d.ts +2 -0
- package/{src/hmac.ts → dist/hmac.js} +4 -7
- package/dist/index.js +3 -0
- package/{src/interfaces/Cryptography.types.ts → dist/interfaces/Cryptography.types.d.ts} +71 -71
- package/dist/interfaces/Cryptography.types.js +8 -0
- package/dist/interfaces/ICryptoHelper.d.ts +28 -0
- package/dist/interfaces/ICryptoHelper.js +3 -0
- package/dist/interfaces/ICryptography.d.ts +154 -0
- package/dist/interfaces/ICryptography.js +3 -0
- package/dist/interfaces/IWallet.d.ts +55 -0
- package/dist/interfaces/IWallet.js +3 -0
- package/dist/interfaces/MlDsa.d.ts +9 -0
- package/{src/interfaces/MlDsa.ts → dist/interfaces/MlDsa.js} +1 -5
- package/dist/interfaces/MlKem.d.ts +11 -0
- package/{src/interfaces/MlKem.ts → dist/interfaces/MlKem.js} +0 -5
- package/dist/models/aes.d.ts +85 -0
- package/dist/models/aes.js +10 -0
- package/dist/models/auth.d.ts +35 -0
- package/dist/models/auth.js +3 -0
- package/{src/models/bundle.ts → dist/models/bundle.d.ts} +41 -63
- package/dist/models/bundle.js +26 -0
- package/dist/models/clinical-sections.d.ts +36 -0
- package/dist/models/clinical-sections.en.d.ts +75 -0
- package/dist/models/clinical-sections.en.js +81 -0
- package/dist/models/clinical-sections.js +32 -0
- package/dist/models/comm.d.ts +44 -0
- package/dist/models/comm.js +4 -0
- package/{src/models/confidential-job.ts → dist/models/confidential-job.d.ts} +23 -45
- package/dist/models/confidential-job.js +20 -0
- package/dist/models/confidential-message.d.ts +97 -0
- package/dist/models/confidential-message.js +4 -0
- package/{src/models/confidential-storage.ts → dist/models/confidential-storage.d.ts} +35 -56
- package/dist/models/confidential-storage.js +3 -0
- package/{src/models/consent-rule.ts → dist/models/consent-rule.d.ts} +22 -42
- package/dist/models/consent-rule.js +21 -0
- package/{src/models/crypto.ts → dist/models/crypto.d.ts} +5 -13
- package/dist/models/crypto.js +3 -0
- package/dist/models/device-license.d.ts +133 -0
- package/dist/models/device-license.js +3 -0
- package/{src/models/did.ts → dist/models/did.d.ts} +21 -30
- package/dist/models/did.js +3 -0
- package/dist/models/index.js +31 -0
- package/dist/models/indexing.d.ts +11 -0
- package/dist/models/indexing.js +18 -0
- package/dist/models/issue.d.ts +57 -0
- package/dist/models/issue.js +75 -0
- package/dist/models/jsonapi.d.ts +13 -0
- package/dist/models/jsonapi.js +3 -0
- package/{src/models/jwe.ts → dist/models/jwe.d.ts} +10 -22
- package/dist/models/jwe.js +3 -0
- package/{src/models/jwk.ts → dist/models/jwk.d.ts} +0 -11
- package/dist/models/jwk.js +3 -0
- package/{src/models/jws.ts → dist/models/jws.d.ts} +0 -7
- package/dist/models/jws.js +3 -0
- package/dist/models/jwt.d.ts +9 -0
- package/dist/models/jwt.js +3 -0
- package/dist/models/multibase58.d.ts +13 -0
- package/dist/models/multibase58.js +40 -0
- package/dist/models/oidc4ida.common.model.d.ts +33 -0
- package/dist/models/oidc4ida.common.model.js +3 -0
- package/dist/models/oidc4ida.document.model.d.ts +50 -0
- package/dist/models/oidc4ida.document.model.js +3 -0
- package/{src/models/oidc4ida.electronicRecord.model.ts → dist/models/oidc4ida.electronicRecord.model.d.ts} +18 -37
- package/dist/models/oidc4ida.electronicRecord.model.js +3 -0
- package/{src/models/oidc4ida.evidence.model.ts → dist/models/oidc4ida.evidence.model.d.ts} +17 -35
- package/dist/models/oidc4ida.evidence.model.js +5 -0
- package/dist/models/openid-device.d.ts +119 -0
- package/dist/models/openid-device.js +3 -0
- package/dist/models/operation-outcome.d.ts +26 -0
- package/dist/models/operation-outcome.js +3 -0
- package/{src/models/params.ts → dist/models/params.d.ts} +20 -29
- package/dist/models/params.js +3 -0
- package/dist/models/resource-document.d.ts +14 -0
- package/dist/models/resource-document.js +3 -0
- package/dist/models/response.d.ts +1 -0
- package/dist/models/response.js +3 -0
- package/dist/models/urlPath.d.ts +58 -0
- package/dist/models/urlPath.js +76 -0
- package/dist/models/verifiable-credential.d.ts +45 -0
- package/dist/models/verifiable-credential.js +8 -0
- package/dist/utils/actor.d.ts +18 -0
- package/dist/utils/actor.js +36 -0
- package/dist/utils/base-convert.d.ts +20 -0
- package/{src/utils/base-convert.ts → dist/utils/base-convert.js} +23 -36
- package/dist/utils/baseN.d.ts +35 -0
- package/dist/utils/baseN.js +174 -0
- package/dist/utils/bundle.d.ts +6 -0
- package/dist/utils/bundle.js +32 -0
- package/dist/utils/content.d.ts +55 -0
- package/{src/utils/content.ts → dist/utils/content.js} +4 -10
- package/dist/utils/did.d.ts +67 -0
- package/dist/utils/did.js +123 -0
- package/dist/utils/format-converter.d.ts +21 -0
- package/dist/utils/format-converter.js +109 -0
- package/dist/utils/index.js +13 -0
- package/dist/utils/jwt.d.ts +52 -0
- package/dist/utils/jwt.js +153 -0
- package/dist/utils/manager-error.d.ts +15 -0
- package/dist/utils/manager-error.js +23 -0
- package/dist/utils/multibase58.d.ts +13 -0
- package/dist/utils/multibase58.js +40 -0
- package/dist/utils/multibasehash.d.ts +8 -0
- package/{src/utils/multibasehash.ts → dist/utils/multibasehash.js} +8 -13
- package/dist/utils/normalize.d.ts +16 -0
- package/{src/utils/normalize.ts → dist/utils/normalize.js} +15 -18
- package/dist/utils/object-convert.d.ts +20 -0
- package/{src/utils/object-convert.ts → dist/utils/object-convert.js} +10 -16
- package/dist/utils/string-convert.d.ts +24 -0
- package/{src/utils/string-convert.ts → dist/utils/string-convert.js} +5 -14
- package/dist/utils/string-utils.d.ts +25 -0
- package/{src/utils/string-utils.ts → dist/utils/string-utils.js} +12 -16
- package/dist/utils/url.d.ts +27 -0
- package/{src/utils/url.ts → dist/utils/url.js} +6 -7
- package/package.json +56 -14
- package/PUBLISHING.md +0 -33
- package/__tests__/AesManager.test.ts +0 -53
- package/__tests__/CryptographyService.test.ts +0 -194
- package/__tests__/bundle.test.ts +0 -29
- package/__tests__/content.test.ts +0 -72
- package/__tests__/crypto-encode-decode.test.ts +0 -52
- package/__tests__/crypto-hmac.test.ts +0 -21
- package/__tests__/did-generateServiceId.errors.test.ts +0 -8
- package/__tests__/did-generateServiceId.test.ts +0 -18
- package/__tests__/models-clinical-sections.test.ts +0 -32
- package/__tests__/models-multibase58.test.ts +0 -33
- package/__tests__/multibase58.errors.test.ts +0 -7
- package/__tests__/multibase58.test.ts +0 -28
- package/__tests__/multibasehash.test.ts +0 -25
- package/__tests__/utils-actor.test.ts +0 -46
- package/__tests__/utils-base-convert.test.ts +0 -57
- package/__tests__/utils-baseN.test.ts +0 -40
- package/__tests__/utils-did-extra.test.ts +0 -33
- package/__tests__/utils-format-converter.test.ts +0 -87
- package/__tests__/utils-jwt.test.ts +0 -57
- package/__tests__/utils-manager-error.test.ts +0 -11
- package/__tests__/utils-normalize.test.ts +0 -15
- package/__tests__/utils-object-convert.test.ts +0 -38
- package/__tests__/utils-string-convert.test.ts +0 -20
- package/__tests__/utils-string-utils.test.ts +0 -25
- package/__tests__/utils-url.test.ts +0 -21
- package/babel.config.cjs +0 -5
- package/jest.config.ts +0 -47
- package/src/AesManager.ts +0 -82
- package/src/CryptographyService.ts +0 -461
- package/src/JweManager.ts.txt +0 -365
- package/src/KmsService.txt +0 -493
- package/src/constants/Schemas.ts +0 -61
- package/src/cryptoDecode.ts +0 -104
- package/src/cryptoEncode.ts +0 -36
- package/src/interfaces/ICryptoHelper.ts +0 -33
- package/src/interfaces/ICryptography.ts +0 -177
- package/src/interfaces/IWallet.ts +0 -62
- package/src/models/aes.ts +0 -93
- package/src/models/auth.ts +0 -38
- package/src/models/bundle.txt +0 -93
- package/src/models/clinical-sections.en.ts +0 -82
- package/src/models/clinical-sections.ts +0 -64
- package/src/models/comm.ts +0 -63
- package/src/models/confidential-message.ts +0 -137
- package/src/models/device-license.ts +0 -161
- package/src/models/indexing.ts +0 -20
- package/src/models/issue.ts +0 -85
- package/src/models/jsonapi.ts +0 -19
- package/src/models/jwt.ts +0 -15
- package/src/models/multibase58.ts +0 -46
- package/src/models/oidc4ida.common.model.ts +0 -39
- package/src/models/oidc4ida.document.model.ts +0 -61
- package/src/models/openid-device.ts +0 -146
- package/src/models/operation-outcome.ts +0 -34
- package/src/models/resource-document.ts +0 -21
- package/src/models/response.ts +0 -5
- package/src/models/urlPath.ts +0 -76
- package/src/models/verifiable-credential.ts +0 -52
- package/src/types/noble-hashes.d.ts +0 -4
- package/src/utils/actor.ts +0 -56
- package/src/utils/baseN.ts +0 -203
- package/src/utils/bundle.ts +0 -30
- package/src/utils/did.ts +0 -155
- package/src/utils/format-converter.ts +0 -119
- package/src/utils/jwt.ts +0 -165
- package/src/utils/manager-error.ts +0 -27
- package/src/utils/multibase58.ts +0 -46
- package/tsconfig.json +0 -15
- /package/{src/constants/index.ts → dist/constants/index.d.ts} +0 -0
- /package/{src/index.ts → dist/index.d.ts} +0 -0
- /package/{src/models/index.ts → dist/models/index.d.ts} +0 -0
- /package/{src/utils/index.ts → dist/utils/index.d.ts} +0 -0
package/src/cryptoEncode.ts
DELETED
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: crypto-ts/cryptoEncode.ts
|
|
3
|
-
|
|
4
|
-
// Function to encode a payload into a JWT with the header "alg=none"
|
|
5
|
-
// senderTenant signs and encrypts to recipient(s)
|
|
6
|
-
export function encodeJWT(senderKeysSet: any[], payload: any, recipientsEncKey: any[], header: any): string {
|
|
7
|
-
try {
|
|
8
|
-
// 1. Convert the header to JSON and then Base64Url encode it
|
|
9
|
-
const encodedHeader = base64UrlEncode(JSON.stringify(header));
|
|
10
|
-
|
|
11
|
-
// 2. Convert the payload to JSON and then Base64Url encode it
|
|
12
|
-
const encodedPayload = base64UrlEncode(JSON.stringify(payload));
|
|
13
|
-
|
|
14
|
-
// 3. No signature for `alg=none`, so we just return the concatenation of header and payload
|
|
15
|
-
// Format: `header.payload.` (no signature part)
|
|
16
|
-
const jwt = `${encodedHeader}.${encodedPayload}.`;
|
|
17
|
-
|
|
18
|
-
return jwt;
|
|
19
|
-
} catch (error) {
|
|
20
|
-
console.error('Error encoding JWT:', error);
|
|
21
|
-
return '';
|
|
22
|
-
}
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
// Helper function to Base64Url encode a string (works for header and payload)
|
|
26
|
-
function base64UrlEncode(str: string): string {
|
|
27
|
-
// Convert the string to a Base64 string (using standard Base64 encoding first)
|
|
28
|
-
const base64 = Buffer.from(str).toString('base64');
|
|
29
|
-
|
|
30
|
-
// Replace '+' with '-', '/' with '_', and remove the padding '='
|
|
31
|
-
return base64
|
|
32
|
-
.replace(/\+/g, '-') // Replace '+' with '-'
|
|
33
|
-
.replace(/\//g, '_') // Replace '/' with '_'
|
|
34
|
-
.replace(/=+$/, ''); // Remove any '=' padding at the end
|
|
35
|
-
}
|
|
36
|
-
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: crypto-ts/interfaces/ICryptoHelper.ts
|
|
3
|
-
|
|
4
|
-
/**
|
|
5
|
-
* @interface ICryptoHelper
|
|
6
|
-
* Defines the contract for platform-specific cryptographic primitives.
|
|
7
|
-
* This is the "port" in a hexagonal architecture, allowing the agnostic
|
|
8
|
-
* core (CryptographyService) to be "plugged into" any runtime environment
|
|
9
|
-
* (like Expo, Node, or Web) without depending on its implementation details.
|
|
10
|
-
*/
|
|
11
|
-
export interface ICryptoHelper {
|
|
12
|
-
/**
|
|
13
|
-
* Generates a specified number of cryptographically secure random bytes.
|
|
14
|
-
* @param byteCount The number of bytes to generate.
|
|
15
|
-
* @returns A Promise that resolves to a Uint8Array with the random bytes.
|
|
16
|
-
*/
|
|
17
|
-
getRandomBytes(byteCount: number): Promise<Uint8Array>;
|
|
18
|
-
|
|
19
|
-
/**
|
|
20
|
-
* Computes the cryptographic digest of a string using a specified algorithm.
|
|
21
|
-
* The implementation is responsible for validating the algorithm string.
|
|
22
|
-
* @param data The string to hash.
|
|
23
|
-
* @param algorithm The hash algorithm to use (e.g., 'SHA-256', 'SHA-512').
|
|
24
|
-
* @returns A Promise that resolves to the digest as a hex string.
|
|
25
|
-
*/
|
|
26
|
-
digestString(data: string, algorithm: any): Promise<string>;
|
|
27
|
-
|
|
28
|
-
/**
|
|
29
|
-
* Generates a platform-specific, cryptographically secure UUID v4.
|
|
30
|
-
* @returns A string representation of the UUID.
|
|
31
|
-
*/
|
|
32
|
-
randomUUID(): string;
|
|
33
|
-
}
|
|
@@ -1,177 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: crypto-ts/interfaces/ICryptography.ts
|
|
3
|
-
|
|
4
|
-
import { JweObject } from '../models/jwe';
|
|
5
|
-
import { ProtectedDataAES } from '../models/aes';
|
|
6
|
-
import { MlkemPublicJwk, MldsaPublicJwk, PublicJwk, MlkemPrivateJwk, MldsaAlg, MlkemCurve } from './Cryptography.types';
|
|
7
|
-
import { DataCompactJWT, JwtCompactParts } from '../models/jwt';
|
|
8
|
-
|
|
9
|
-
/**
|
|
10
|
-
* Defines the class for the low-level, stateless cryptography utility (the "Engine").
|
|
11
|
-
*/
|
|
12
|
-
export interface ICryptography {
|
|
13
|
-
|
|
14
|
-
// --- Key Generation ---
|
|
15
|
-
/**
|
|
16
|
-
* Generates a ML-KEM (Kyber) key pair.
|
|
17
|
-
* @param seedBytes Optional 64-byte seed for deterministic key generation.
|
|
18
|
-
* @param crv The desired security level. Defaults to 'ML-KEM-768'.
|
|
19
|
-
*/
|
|
20
|
-
generateKeyPairMlKem(seedBytes?: Uint8Array, crv?: MlkemCurve): Promise<{ publicJWKey: MlkemPublicJwk & { kid: string }; secretKeyBytes: Uint8Array }>;
|
|
21
|
-
|
|
22
|
-
/**
|
|
23
|
-
* Generates a ML-DSA (Dilithium) key pair.
|
|
24
|
-
* @param seedBytes Optional 32-byte seed for deterministic key generation.
|
|
25
|
-
* @param alg The desired security level. Defaults to 'ML-DSA-44'.
|
|
26
|
-
*/
|
|
27
|
-
generateKeyPairMlDsa(seedBytes?: Uint8Array, alg?: MldsaAlg): Promise<{ publicJWKey: MldsaPublicJwk & { kid: string }; secretKeyBytes: Uint8Array }>;
|
|
28
|
-
|
|
29
|
-
// --- Low-Level Primitives (Symmetric AES) ---
|
|
30
|
-
/**
|
|
31
|
-
* Encrypts a plaintext string using AES-GCM (a symmetric algorithm) and returns the components.
|
|
32
|
-
* This is the core symmetric encryption primitive.
|
|
33
|
-
* @param plaintext The stringified data to encrypt.
|
|
34
|
-
* @param cekBytes The 32-byte Content Encryption Key (Symmetric Key).
|
|
35
|
-
* @param aad The base64url-encoded 'JWE Protected Header', which serves as the 'Additional Authenticated Data' (AAD) for integrity verification.
|
|
36
|
-
* @returns A promise resolving to the JWE-compatible encrypted components (ciphertext, iv, tag).
|
|
37
|
-
*/
|
|
38
|
-
encrypt(plaintext: string, cekBytes: Uint8Array, aad: string): Promise<ProtectedDataAES>
|
|
39
|
-
|
|
40
|
-
/**
|
|
41
|
-
* Decrypts JWE-compatible encrypted components back to a plaintext string.
|
|
42
|
-
* @param encryptedData The object containing the base64url-encoded ciphertext, iv, and tag.
|
|
43
|
-
* @param cekBytes The 32-byte Content Encryption Key.
|
|
44
|
-
* @param aad The base64url-encoded 'JWE Protected Header', which serves as the 'Additional Authenticated Data' (AAD) for integrity verification.
|
|
45
|
-
* @returns A promise resolving to the decrypted plaintext string.
|
|
46
|
-
*/
|
|
47
|
-
decrypt(
|
|
48
|
-
encryptedData: ProtectedDataAES,
|
|
49
|
-
cekBytes: Uint8Array,
|
|
50
|
-
aad: string
|
|
51
|
-
): Promise<string>
|
|
52
|
-
|
|
53
|
-
// --- Post-Quantum Computing ---
|
|
54
|
-
|
|
55
|
-
/**
|
|
56
|
-
* Generates and protects (encapsulates) a symmetric shared key (32 bytes)
|
|
57
|
-
* @param cekSeedBytes
|
|
58
|
-
* @param secretKeyBytes
|
|
59
|
-
* @param recipientPublicKeyBytes
|
|
60
|
-
*/
|
|
61
|
-
encapsulate(cekSeedBytes: Uint8Array, secretKeyBytes: Uint8Array, recipientPublicKeyBytes: Uint8Array): Promise<{ encapsulatedCekBytes: Uint8Array; derivedCekBytes: Uint8Array; }>
|
|
62
|
-
|
|
63
|
-
/**
|
|
64
|
-
* Returns the unprotected shared symmetric key
|
|
65
|
-
* @param encapsulatedBytes
|
|
66
|
-
* @param secretKeyBytes
|
|
67
|
-
*/
|
|
68
|
-
decapsulate(encapsulatedBytes: Uint8Array, secretKeyBytes: Uint8Array): Promise<Uint8Array>;
|
|
69
|
-
|
|
70
|
-
/**
|
|
71
|
-
* Signs a byte array using a specified ML-DSA algorithm.
|
|
72
|
-
* @param payloadBytes The raw data to sign.
|
|
73
|
-
* @param secretKeyBytes The private signing key.
|
|
74
|
-
* @param alg The ML-DSA algorithm to use (e.g., 'ML-DSA-44').
|
|
75
|
-
* @returns A promise resolving to the raw signature bytes.
|
|
76
|
-
*/
|
|
77
|
-
signBytes(payloadBytes: Uint8Array, secretKeyBytes: Uint8Array, alg: MldsaAlg): Promise<Uint8Array>;
|
|
78
|
-
|
|
79
|
-
/**
|
|
80
|
-
* Verifies a signature against a byte array and a public key.
|
|
81
|
-
* The algorithm is inferred from the `alg` property of the publicJWKey.
|
|
82
|
-
* @param signatureBytes The raw signature to verify.
|
|
83
|
-
* @param dataBytes The original data that was signed.
|
|
84
|
-
* @param publicJWKey The public key to use for verification.
|
|
85
|
-
* @returns A promise resolving to true if the signature is valid, false otherwise.
|
|
86
|
-
*/
|
|
87
|
-
verifyBytes(signatureBytes: Uint8Array, dataBytes: Uint8Array, publicJWKey: PublicJwk): Promise<boolean>;
|
|
88
|
-
|
|
89
|
-
// --- High-Level Workflows ---
|
|
90
|
-
|
|
91
|
-
/**
|
|
92
|
-
* Encrypts a payload into a JWE Object, suitable for JSON General Serialization.
|
|
93
|
-
* This method keeps protected and per-recipient headers separate, making it ideal
|
|
94
|
-
* for multi-recipient scenarios or storing as a structured object (e.g., ConfidentialStorage).
|
|
95
|
-
* @param payload The JSON object to encrypt.
|
|
96
|
-
* @param protectedHeader The main protected header (JWE Protected Header). Used as AAD.
|
|
97
|
-
* @param secretJWKey The sender's private ML-KEM key.
|
|
98
|
-
* @param recipientsJWKeys An array of public ML-KEM keys for the recipients.
|
|
99
|
-
* @returns A Promise resolving to a JweObject.
|
|
100
|
-
*/
|
|
101
|
-
encryptJwe(payload: object, protectedHeader: object, secretJWKey: MlkemPrivateJwk, recipientsJWKeys: MlkemPublicJwk[]): Promise<JweObject>;
|
|
102
|
-
|
|
103
|
-
/**
|
|
104
|
-
* Encrypts a payload directly into a JWE Compact Serialization string.
|
|
105
|
-
* This method is optimized for single-recipient JWEs. It merges the protected and
|
|
106
|
-
* recipient headers *before* encryption to form the correct AAD for the compact format.
|
|
107
|
-
* @param payload The JSON object to encrypt or a nested JWS string (compact representation).
|
|
108
|
-
* @param protectedHeader The main protected header (e.g., specifying `enc`).
|
|
109
|
-
* @param secretJWKey The sender's private ML-KEM key.
|
|
110
|
-
* @param recipientJWKey The single recipient's public ML-KEM key.
|
|
111
|
-
* @returns A Promise resolving to the JWE as a compact string.
|
|
112
|
-
*/
|
|
113
|
-
encryptJweToCompact(payload: object | string, protectedHeader: object, secretJWKey: MlkemPrivateJwk, recipientJWKey: MlkemPublicJwk): Promise<string>;
|
|
114
|
-
|
|
115
|
-
/**
|
|
116
|
-
* Decrypts a JWE (in Compact or JSON format) and returns the decrypted bytes and protected header.
|
|
117
|
-
* This method identifies the correct recipient using the `kid` from the provided private JWK.
|
|
118
|
-
* @param jwe The JWE object or Compact JWE string.
|
|
119
|
-
* @param secretKeyJwk The private key of the recipient, containing the `kid` to find the
|
|
120
|
-
* correct recipient and the `dBytes` for the decapsulation operation.
|
|
121
|
-
* @returns A promise resolving to an object containing the decrypted bytes and the decoded protected header.
|
|
122
|
-
*/
|
|
123
|
-
decryptJwe(
|
|
124
|
-
jwe: JweObject | string,
|
|
125
|
-
secretKeyJwk: MlkemPrivateJwk
|
|
126
|
-
): Promise<{ decryptedBytes: Uint8Array, protectedHeader: object }>;
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
/**
|
|
130
|
-
* @param jwe The JWE object or Compact/JSON JWE string.
|
|
131
|
-
* @returns An array of strings, where each string is a recipient's `kid`. Returns an empty array if no kids are found.
|
|
132
|
-
*/
|
|
133
|
-
getRecipientKidsFromJwe(jwe: JweObject | string): string[];
|
|
134
|
-
|
|
135
|
-
/**
|
|
136
|
-
* Creates a JWS using the payload and header objects, and the signer's private key bytes.
|
|
137
|
-
*/
|
|
138
|
-
signDataJws(payload: object, protectedHeader: object, secretJWKey: Uint8Array): Promise<JwtCompactParts>;
|
|
139
|
-
|
|
140
|
-
/**
|
|
141
|
-
* Verifies the signature of a JWS Object against the signer's public key (JWK).
|
|
142
|
-
*/
|
|
143
|
-
verifyJws(jws: JwtCompactParts | string, publicJWKey: PublicJwk): Promise<boolean>;
|
|
144
|
-
|
|
145
|
-
/**
|
|
146
|
-
* Verifies a detached JWS signature against the original payload.
|
|
147
|
-
* @param payloadBytes The original, unencoded byte stream that was signed.
|
|
148
|
-
* @param detachedJws The JWS in detached format ('header..signature').
|
|
149
|
-
* @param publicJWKey The signer's public key (JWK) to use for verification.
|
|
150
|
-
* @returns A boolean indicating if the signature is valid.
|
|
151
|
-
*/
|
|
152
|
-
verifyDetachedJws(payloadBytes: Uint8Array, detachedJws: string, publicJWKey: PublicJwk): Promise<boolean>;
|
|
153
|
-
|
|
154
|
-
// --- Formatting & Parsing Utilities (Note: from cryptoEncode, cryptoDecode, jwt utils ... ---
|
|
155
|
-
|
|
156
|
-
/**
|
|
157
|
-
* Converts a JWS Object (with decoded headers and payload) into Compact Serialization format.
|
|
158
|
-
* @param jws The JWS Object to convert.
|
|
159
|
-
* @returns The JWS in Compact Serialization format (three base64url strings joined by dots).
|
|
160
|
-
*/
|
|
161
|
-
jwsToCompact(jws: DataCompactJWT): string;
|
|
162
|
-
|
|
163
|
-
/**
|
|
164
|
-
* Parses a JWS in Compact Serialization format into a JWS Object with decoded headers and payload.
|
|
165
|
-
* @param jwsString The compact JWS string.
|
|
166
|
-
* @returns A JWS Object with JSON objects for the header and payload.
|
|
167
|
-
*/
|
|
168
|
-
parseCompactJws(jwsString: string): DataCompactJWT;
|
|
169
|
-
|
|
170
|
-
/**
|
|
171
|
-
* Parses a JWE in Compact Serialization format into a JWE Object.
|
|
172
|
-
* @param jweString The compact JWE string.
|
|
173
|
-
* @returns A JWE Object.
|
|
174
|
-
*/
|
|
175
|
-
parseCompactJwe(jweString: string): JweObject;
|
|
176
|
-
}
|
|
177
|
-
|
|
@@ -1,62 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: crypto-ts/interfaces/IWallet.ts
|
|
3
|
-
|
|
4
|
-
import { JwkSet } from '../models/jwk';
|
|
5
|
-
|
|
6
|
-
/**
|
|
7
|
-
* @interface IWallet
|
|
8
|
-
* Defines the contract for a client-side Wallet, acting as the "frontend KmsService".
|
|
9
|
-
* It provides high-level cryptographic capabilities without exposing low-level primitives.
|
|
10
|
-
* @sdk
|
|
11
|
-
*/
|
|
12
|
-
export interface IWallet {
|
|
13
|
-
/**
|
|
14
|
-
* Provisions a new, full set of cryptographic keys for a given entity identifier.
|
|
15
|
-
* This is the primary method for creating a new cryptographic identity.
|
|
16
|
-
* @param entityId The unique identifier for the key set (e.g., a profile ID).
|
|
17
|
-
* @returns A Promise that resolves to the public parts of the generated keys in a JWKSet format.
|
|
18
|
-
*/
|
|
19
|
-
provisionKeys(entityId: string): Promise<JwkSet>;
|
|
20
|
-
|
|
21
|
-
/**
|
|
22
|
-
* Creates a cryptographic digest (hash) of a string.
|
|
23
|
-
* @param data The string to hash.
|
|
24
|
-
* @param algorithm The digest algorithm to use.
|
|
25
|
-
* @returns A Promise that resolves to the hex-encoded hash string.
|
|
26
|
-
*/
|
|
27
|
-
digest(data: string, algorithm: any): Promise<string>;
|
|
28
|
-
|
|
29
|
-
/**
|
|
30
|
-
* Encrypts a document for secure, local storage (at-rest).
|
|
31
|
-
* @param doc The document to protect, which must have a `.content` property.
|
|
32
|
-
* @param entityId The ID of the entity whose keys should be used for encryption.
|
|
33
|
-
* @returns A Promise that resolves to the protected document, where `.content` is replaced by `.jwe`.
|
|
34
|
-
*/
|
|
35
|
-
protectConfidentialData(doc: any, entityId: string): Promise<any>;
|
|
36
|
-
|
|
37
|
-
/**
|
|
38
|
-
* Decrypts a document from secure storage.
|
|
39
|
-
* @param doc The protected document containing the `.jwe` property.
|
|
40
|
-
* @param entityId The ID of the entity whose keys should be used for decryption.
|
|
41
|
-
* @returns A Promise that resolves to the document with the decrypted `.content`.
|
|
42
|
-
*/
|
|
43
|
-
unprotectConfidentialData(doc: any, entityId: string): Promise<any>;
|
|
44
|
-
|
|
45
|
-
/**
|
|
46
|
-
* (Optional) Packs a DIDComm message into a secure format (JWE/JARM) for a recipient.
|
|
47
|
-
* This is required for FAPI-compliant flows.
|
|
48
|
-
* @param content The DIDComm message content to pack.
|
|
49
|
-
* @param recipientDid The DID of the recipient.
|
|
50
|
-
* @returns A Promise that resolves to the packed, secure message string.
|
|
51
|
-
*/
|
|
52
|
-
packForRecipient?(content: any, recipientDid: string): Promise<string>;
|
|
53
|
-
|
|
54
|
-
/**
|
|
55
|
-
* (Optional) Unpacks a secure message (JWE/JARM) received from a server.
|
|
56
|
-
* This is the counterpart to `packForRecipient`.
|
|
57
|
-
* @param packedMessage The secure message string (e.g., a compact JWE).
|
|
58
|
-
* @returns A Promise that resolves to an object containing the plaintext `content` and any cryptographic `meta` data.
|
|
59
|
-
*/
|
|
60
|
-
unpack?(packedMessage: string): Promise<{ content: any, meta: any }>;
|
|
61
|
-
}
|
|
62
|
-
|
package/src/models/aes.ts
DELETED
|
@@ -1,93 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: crypto-ts/models/aes.ts
|
|
3
|
-
|
|
4
|
-
export const WORD_BYTES=4;
|
|
5
|
-
export const WORD_BITS=WORD_BYTES*8; // sjcl BitArray are words of 32 bits.
|
|
6
|
-
export const AES_GCM_256_KEY_SIZE_BITS=256; // key size is 32 bytes = 256 bits (by default it is 128 bits).
|
|
7
|
-
export const AES_GCM_TAG_SIZE_BITS=128; // tag size is 16 bytes = 128 bits (by default it is 64 bits).
|
|
8
|
-
export const AES_GCM_NONCE_SIZE_BITS=128; // NIST 800-38D 8.2.2 (RGB Construction of IV) allows to be 16 bytes (128 bits).
|
|
9
|
-
export const AES_GCM_JWA_ENC='A256GCM' // AES GCM using 256-bit key, see https://datatracker.ietf.org/doc/html/rfc7518#section-5.1
|
|
10
|
-
|
|
11
|
-
/**
|
|
12
|
-
* Represents the raw, binary components of a payload encrypted with AES-GCM.
|
|
13
|
-
* This interface is used for in-memory cryptographic operations before any
|
|
14
|
-
* Base64Url encoding is applied. Its string-based counterpart for transport
|
|
15
|
-
* is `ProtectedDataAES`.
|
|
16
|
-
*/
|
|
17
|
-
export interface AesGcmComponents {
|
|
18
|
-
/**
|
|
19
|
-
* The encrypted content as a raw byte array.
|
|
20
|
-
*/
|
|
21
|
-
ciphertext: Uint8Array;
|
|
22
|
-
/**
|
|
23
|
-
* The Initialization Vector (IV) as a raw byte array.
|
|
24
|
-
*/
|
|
25
|
-
iv: Uint8Array;
|
|
26
|
-
/**
|
|
27
|
-
* The Authentication Tag generated by the GCM mode.
|
|
28
|
-
*/
|
|
29
|
-
authTag: Uint8Array;
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
/**
|
|
33
|
-
* Represents the components of an AES-GCM encrypted payload, with each
|
|
34
|
-
* component encoded as a Base64Url string. This is suitable for use in
|
|
35
|
-
* transport structures like a JWE. Its byte-based counterpart for in-memory
|
|
36
|
-
* operations is `AesGcmComponents`.
|
|
37
|
-
*
|
|
38
|
-
* - ciphertext: base64url encoded bytes of the plaintext
|
|
39
|
-
* - tag: base64url encoded
|
|
40
|
-
* - iv: base64url encoded (it is like a nonce)
|
|
41
|
-
*/
|
|
42
|
-
export interface ProtectedDataAES {
|
|
43
|
-
ciphertext: string;
|
|
44
|
-
tag: string;
|
|
45
|
-
iv: string;
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
/** Use it instead of the SjclCipherDecryptParams to avoid problems with encryption / decryption
|
|
50
|
-
* iv: required random bytes created for Initialization Vector (nonce) created when doing the encryption, base64 encoded (but not Base64url nor BitArray).
|
|
51
|
-
* adata: AAD (Additional Authenticated Data) base64 encoded (e.g.: JWE protected headers), but not base64url nor BitArray. It can be and empty string "".
|
|
52
|
-
* ct: ciphertext and tag combined and then base64 encoded, but not base64url nor BitArray.
|
|
53
|
-
* ts: tagsize is only required if a value other than the sjcl default value (64 bits) is defined in the encryption options (to know what size authentication tag is part of the cipher text)
|
|
54
|
-
* mode: "ccm", "gcm" (the default is "ccm").
|
|
55
|
-
* ks: keysize is only required if a value other than the sjcl default value (128 bits) is defined in the encryption options (to know what size key to generate with Pbkdf2)
|
|
56
|
-
* iter: iterations for Pbkdf2
|
|
57
|
-
* v: scjl version
|
|
58
|
-
* cipher: "aes"
|
|
59
|
-
*/
|
|
60
|
-
export interface DecryptionDataWithParametersSJCL {
|
|
61
|
-
iv: string; // required random bytes for Initialization Vector (nonce) base64 encoded, but not Base64url nor BitArray.
|
|
62
|
-
adata: string; // required AAD (Additional Authenticated Data) base64 encoded (e.g.: JWE protected headers), but not base64url nor BitArray. It can be and empty string "".
|
|
63
|
-
ct: string; // ciphertext and tag combined and then base64 encoded, but not base64url nor BitArray.
|
|
64
|
-
ts?: number; // tagsize is only required if a value other than the sjcl default value (64 bits) is defined in the encryption options (to know what size authentication tag is part of the cipher text)
|
|
65
|
-
mode?: string; // "ccm", "gcm" (the default is "ccm").
|
|
66
|
-
ks?: number; // keysize is only required if a value other than the sjcl default value (128 bits) is defined in the encryption options (to know what size key to generate with Pbkdf2)
|
|
67
|
-
iter?: number; // iterations for Pbkdf2
|
|
68
|
-
v?: number; // scjl version (optional, 1 is the default)
|
|
69
|
-
cipher?:string; // "aes"
|
|
70
|
-
};
|
|
71
|
-
|
|
72
|
-
/** Use it instead of the SjclCipherEncryptParams to avoid problems with encryption / decryption
|
|
73
|
-
* iv: required BitArray containing the random bytes for the Initialization Vector (nonce).
|
|
74
|
-
* adata: required BitArray containing the AAD (Additional Authenticated Data), e.g.: JWE protected headers.
|
|
75
|
-
* ts: tagsize is only required if a value other than the sjcl default value (64 bits) is used (to know what size authentication tag is part of the cipher text).
|
|
76
|
-
* mode: "ccm", "gcm" (the default is "ccm").
|
|
77
|
-
* ks: keysize is only required if a value other than the sjcl default value (128 bits) is used (to know what size key to generate with Pbkdf2)
|
|
78
|
-
* iter: iterations for Pbkdf2
|
|
79
|
-
* salt: BitArray, a 64 bits salt it is created automatically if not provided when generating the key from a password (KDF).
|
|
80
|
-
* v: scjl version
|
|
81
|
-
* cipher: "aes"
|
|
82
|
-
*/
|
|
83
|
-
export interface EncryptionParametersSJCL {
|
|
84
|
-
iv: any; // required sjcl.BitArray containing the random bytes for the Initialization Vector (nonce).
|
|
85
|
-
adata: any; // required sjcl.BitArray containing the AAD (Additional Authenticated Data), e.g.: JWE protected headers.
|
|
86
|
-
ts?: number; // tagsize is only required if a value other than the sjcl default value (64 bits) is used (to know what size authentication tag is part of the cipher text).
|
|
87
|
-
mode?: string; // "ccm", "gcm" (the default is "ccm").
|
|
88
|
-
ks?: number; // keysize is only required if a value other than the sjcl default value (128 bits) is used (to know what size key to generate with Pbkdf2)
|
|
89
|
-
iter?: number; // iterations for Pbkdf2
|
|
90
|
-
salt?: any; // sjcl.BitArray, a 64 bits salt it is created automatically if not provided when generating the key from a password (KDF).
|
|
91
|
-
v?: number; // scjl version (optional, 1 is the default)
|
|
92
|
-
cipher?: string; // "aes"
|
|
93
|
-
};
|
package/src/models/auth.ts
DELETED
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
2
|
-
// File: src/models/auth.ts
|
|
3
|
-
|
|
4
|
-
/**
|
|
5
|
-
* Defines the structure of the claims object decoded from a bearer access token.
|
|
6
|
-
* This object is typically attached to the request object by an authentication middleware.
|
|
7
|
-
*/
|
|
8
|
-
export interface IAccessTokenClaims {
|
|
9
|
-
/**
|
|
10
|
-
* Issuer of the token (e.g., the DID of the issuing tenant).
|
|
11
|
-
* This is the source of truth for identifying the tenant.
|
|
12
|
-
*/
|
|
13
|
-
iss: string;
|
|
14
|
-
/**
|
|
15
|
-
* Subject of the token (e.g., the DID of the employee).
|
|
16
|
-
*/
|
|
17
|
-
sub: string;
|
|
18
|
-
/**
|
|
19
|
-
* Audience for which the token is intended.
|
|
20
|
-
*/
|
|
21
|
-
aud: string;
|
|
22
|
-
/**
|
|
23
|
-
* Expiration time (Unix timestamp).
|
|
24
|
-
*/
|
|
25
|
-
exp: number;
|
|
26
|
-
/**
|
|
27
|
-
* Issued at time (Unix timestamp).
|
|
28
|
-
*/
|
|
29
|
-
iat: number;
|
|
30
|
-
/**
|
|
31
|
-
* The scope of permissions granted by the token.
|
|
32
|
-
*/
|
|
33
|
-
scope: string;
|
|
34
|
-
/**
|
|
35
|
-
* Client ID - The client that requested the token.
|
|
36
|
-
*/
|
|
37
|
-
client_id: string;
|
|
38
|
-
}
|
package/src/models/bundle.txt
DELETED
|
@@ -1,93 +0,0 @@
|
|
|
1
|
-
// src/models/bundle.ts
|
|
2
|
-
// Copyright 2025 Antifraud Services Inc. under the Apache License, Version 2.0.
|
|
3
|
-
|
|
4
|
-
import { OperationOutcome } from "./fhir/operation-outcome";
|
|
5
|
-
|
|
6
|
-
// ===================================================================================
|
|
7
|
-
// BUNDLE ENTRY COMPONENTS
|
|
8
|
-
// ===================================================================================
|
|
9
|
-
|
|
10
|
-
/**
|
|
11
|
-
* Defines the `request` property for an entry in a request Bundle.
|
|
12
|
-
*/
|
|
13
|
-
export interface BundleRequest {
|
|
14
|
-
method: 'POST' | 'PUT' | 'DELETE' | 'GET';
|
|
15
|
-
url: string;
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
/**
|
|
19
|
-
* Defines the `response` property for an entry in a response Bundle.
|
|
20
|
-
*/
|
|
21
|
-
export interface BundleResponse {
|
|
22
|
-
status: string; // e.g., "201"
|
|
23
|
-
[key: string]: any;
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
/**
|
|
27
|
-
* Defines the `meta` property that can hold contextual information.
|
|
28
|
-
*/
|
|
29
|
-
export interface BundleEntryMeta {
|
|
30
|
-
claims?: Record<string, any>;
|
|
31
|
-
}
|
|
32
|
-
|
|
33
|
-
// ===================================================================================
|
|
34
|
-
// BUNDLE ENTRY TYPES
|
|
35
|
-
// ===================================================================================
|
|
36
|
-
|
|
37
|
-
/**
|
|
38
|
-
* Represents a single entry in an INCOMING request Bundle.
|
|
39
|
-
*/
|
|
40
|
-
export interface BundleEntryRequest {
|
|
41
|
-
id?: string;
|
|
42
|
-
type: string;
|
|
43
|
-
request: BundleRequest;
|
|
44
|
-
resource?: Record<string, any>;
|
|
45
|
-
meta?: BundleEntryMeta;
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
/**
|
|
49
|
-
* Represents a single successful entry in an OUTGOING response Bundle.
|
|
50
|
-
*/
|
|
51
|
-
export interface BundleEntryResponse {
|
|
52
|
-
id?: string;
|
|
53
|
-
type: string;
|
|
54
|
-
response: BundleResponse;
|
|
55
|
-
resource?: Record<string, any>;
|
|
56
|
-
meta?: BundleEntryMeta;
|
|
57
|
-
}
|
|
58
|
-
|
|
59
|
-
/**
|
|
60
|
-
* Represents a single error entry in an OUTGOING response Bundle.
|
|
61
|
-
*/
|
|
62
|
-
export interface ErrorEntry {
|
|
63
|
-
id?: string;
|
|
64
|
-
type: string;
|
|
65
|
-
meta?: BundleEntryMeta; // Preserves original context
|
|
66
|
-
response: {
|
|
67
|
-
status: string;
|
|
68
|
-
outcome: OperationOutcome;
|
|
69
|
-
};
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
/** A union type for backward compatibility where the distinction is not yet needed. */
|
|
73
|
-
|
|
74
|
-
export type BundleEntry = BundleEntryRequest | BundleEntryResponse | ErrorEntry
|
|
75
|
-
|
|
76
|
-
// ===================================================================================
|
|
77
|
-
// BUNDLE DEFINITION
|
|
78
|
-
// ===================================================================================
|
|
79
|
-
|
|
80
|
-
/**
|
|
81
|
-
* Represents the canonical Bundle structure.
|
|
82
|
-
* The generic type `T` allows us to specify whether the `data` array
|
|
83
|
-
* contains request entries or response entries, providing strong type safety.
|
|
84
|
-
*
|
|
85
|
-
* @example
|
|
86
|
-
* const requestBundle: Bundle<BundleEntryRequest> = { ... };
|
|
87
|
-
* const responseBundle: Bundle<BundleEntryResponse | ErrorEntry> = { ... };
|
|
88
|
-
*/
|
|
89
|
-
export interface Bundle<T = BundleEntryRequest | BundleEntryResponse | ErrorEntry> {
|
|
90
|
-
type: string;
|
|
91
|
-
total?: number;
|
|
92
|
-
data: T[];
|
|
93
|
-
}
|
|
@@ -1,82 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* English display labels for supported clinical document section codes.
|
|
3
|
-
*
|
|
4
|
-
* Notes:
|
|
5
|
-
* - This file is intentionally separate from the section registry so apps can:
|
|
6
|
-
* - use these labels as a default (e.g., server-side rendering), and/or
|
|
7
|
-
* - override them via i18n resources keyed by `org.loinc.<CODE>`.
|
|
8
|
-
* - Sources: HL7 FHIR doc-section-codes + project-specific additions.
|
|
9
|
-
*/
|
|
10
|
-
export const clinicalSectionTitleEn = {
|
|
11
|
-
// ---------------------------------------------------------------------------
|
|
12
|
-
// HL7 FHIR doc-section-codes (LOINC) — subset used by the platform/docs
|
|
13
|
-
// ---------------------------------------------------------------------------
|
|
14
|
-
'10154-3': 'Chief complaint Narrative - Reported',
|
|
15
|
-
'10157-6': 'History of family member diseases Narrative',
|
|
16
|
-
'10160-0': 'History of Medication use Narrative',
|
|
17
|
-
'10164-2': 'History of Present illness Narrative',
|
|
18
|
-
'10183-2': 'Hospital discharge medications Narrative',
|
|
19
|
-
'10184-0': 'Hospital discharge physical findings Narrative',
|
|
20
|
-
'10187-3': 'Review of systems Narrative - Reported',
|
|
21
|
-
'10210-3': 'Physical findings of General status Narrative',
|
|
22
|
-
'10216-0': 'Surgical operation note fluids Narrative',
|
|
23
|
-
'10218-6': 'Surgical operation note postoperative diagnosis Narrative',
|
|
24
|
-
'10222-8': 'Surgical operation note surgical complications [Interpretation] Narrative',
|
|
25
|
-
'10223-6': 'Surgical operation note surgical procedure Narrative',
|
|
26
|
-
'11329-0': 'History general Narrative - Reported',
|
|
27
|
-
'11348-0': 'History of Past illness Narrative',
|
|
28
|
-
'11369-6': 'History of Immunization Narrative',
|
|
29
|
-
'11493-4': 'Hospital discharge studies summary Narrative',
|
|
30
|
-
'11535-2': 'Hospital discharge Dx Narrative',
|
|
31
|
-
'11537-8': 'Surgical drains Narrative',
|
|
32
|
-
'18776-5': 'Plan of care note',
|
|
33
|
-
'18841-7': 'Hospital consultations Document',
|
|
34
|
-
'29299-5': 'Reason for visit Narrative',
|
|
35
|
-
'29545-1': 'Physical findings Narrative',
|
|
36
|
-
'29549-3': 'Medication administered Narrative',
|
|
37
|
-
'29554-3': 'Procedure Narrative',
|
|
38
|
-
'29762-2': 'Social history Narrative',
|
|
39
|
-
'30954-2': 'Relevant diagnostic tests/laboratory data Narrative',
|
|
40
|
-
'42344-2': 'Discharge diet (narrative)',
|
|
41
|
-
'42346-7': 'Medications on admission (narrative)',
|
|
42
|
-
'42348-3': 'Advance directives',
|
|
43
|
-
'42349-1': 'Reason for referral (narrative)',
|
|
44
|
-
'46240-8': 'History of Hospitalizations+Outpatient visits Narrative',
|
|
45
|
-
'46241-6': 'Hospital admission diagnosis Narrative - Reported',
|
|
46
|
-
'46264-8': 'History of medical device use',
|
|
47
|
-
'47420-5': 'Functional status assessment note',
|
|
48
|
-
'47519-4': 'History of Procedures Document',
|
|
49
|
-
'48765-2': 'Allergies and adverse reactions Document',
|
|
50
|
-
'48768-6': 'Payment sources Document',
|
|
51
|
-
'51848-0': 'Evaluation note',
|
|
52
|
-
'55109-3': 'Complications Document',
|
|
53
|
-
'55122-6': 'Surgical operation note implants Narrative',
|
|
54
|
-
'57852-6': 'Problem list Narrative - Reported',
|
|
55
|
-
'59768-2': 'Procedure indications [Interpretation] Narrative',
|
|
56
|
-
'59769-0': 'Postprocedure diagnosis Narrative',
|
|
57
|
-
'59770-8': 'Procedure estimated blood loss Narrative',
|
|
58
|
-
'59771-6': 'Procedure implants Narrative',
|
|
59
|
-
'59772-4': 'Planned procedure Narrative',
|
|
60
|
-
'59773-2': 'Procedure specimens taken Narrative',
|
|
61
|
-
'59775-7': 'Procedure disposition Narrative',
|
|
62
|
-
'59776-5': 'Procedure findings Narrative',
|
|
63
|
-
'61149-1': 'Objective Narrative',
|
|
64
|
-
'61150-9': 'Subjective Narrative',
|
|
65
|
-
'69730-0': 'Instructions',
|
|
66
|
-
'8648-8': 'Hospital course Narrative',
|
|
67
|
-
'8653-8': 'Hospital Discharge instructions',
|
|
68
|
-
'8716-3': 'Vital signs',
|
|
69
|
-
|
|
70
|
-
// ---------------------------------------------------------------------------
|
|
71
|
-
// Project additions (not part of doc-section-codes, but used by clients)
|
|
72
|
-
// ---------------------------------------------------------------------------
|
|
73
|
-
'60591-5': 'Patient summary',
|
|
74
|
-
'11450-4': 'Problem list',
|
|
75
|
-
'61144-2': 'Diet',
|
|
76
|
-
'82810-3': 'History of pregnancy',
|
|
77
|
-
'87520-3': 'Health insurance coverage',
|
|
78
|
-
'10190-7': 'Mental status',
|
|
79
|
-
'18726-0': 'Radiology studies',
|
|
80
|
-
'11503-0': 'Medical records (generic)',
|
|
81
|
-
'56796-6': 'Healthcare (general)',
|
|
82
|
-
} as const;
|