oceanbus 0.9.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +44 -6
- package/dist/agent/identity.d.ts +4 -0
- package/dist/agent/identity.d.ts.map +1 -1
- package/dist/agent/identity.js +24 -1
- package/dist/agent/identity.js.map +1 -1
- package/dist/cli/commands/init.d.ts +3 -0
- package/dist/cli/commands/init.d.ts.map +1 -0
- package/dist/cli/commands/init.js +34 -0
- package/dist/cli/commands/init.js.map +1 -0
- package/dist/cli/commands/start.d.ts +13 -0
- package/dist/cli/commands/start.d.ts.map +1 -0
- package/dist/cli/commands/start.js +358 -0
- package/dist/cli/commands/start.js.map +1 -0
- package/dist/cli/index.d.ts.map +1 -1
- package/dist/cli/index.js +4 -0
- package/dist/cli/index.js.map +1 -1
- package/dist/config/defaults.d.ts.map +1 -1
- package/dist/config/defaults.js +1 -0
- package/dist/config/defaults.js.map +1 -1
- package/dist/crypto/e2e.d.ts +23 -0
- package/dist/crypto/e2e.d.ts.map +1 -0
- package/dist/crypto/e2e.js +209 -0
- package/dist/crypto/e2e.js.map +1 -0
- package/dist/crypto/index.d.ts +2 -0
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +13 -1
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/key-cache.d.ts +15 -0
- package/dist/crypto/key-cache.d.ts.map +1 -0
- package/dist/crypto/key-cache.js +108 -0
- package/dist/crypto/key-cache.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +85 -14
- package/dist/index.js.map +1 -1
- package/dist/mailbox/cursor.d.ts +1 -0
- package/dist/mailbox/cursor.d.ts.map +1 -1
- package/dist/mailbox/cursor.js +3 -0
- package/dist/mailbox/cursor.js.map +1 -1
- package/dist/mailbox/sync.d.ts +1 -1
- package/dist/mailbox/sync.d.ts.map +1 -1
- package/dist/mailbox/sync.js.map +1 -1
- package/dist/types/agent.d.ts +2 -0
- package/dist/types/agent.d.ts.map +1 -1
- package/dist/types/config.d.ts +1 -0
- package/dist/types/config.d.ts.map +1 -1
- package/dist/types/e2e.d.ts +22 -0
- package/dist/types/e2e.d.ts.map +1 -0
- package/dist/types/e2e.js +3 -0
- package/dist/types/e2e.js.map +1 -0
- package/dist/types/index.d.ts +1 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +1 -0
- package/dist/types/index.js.map +1 -1
- package/package.json +1 -1
package/dist/cli/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":"AAkBA,wBAAgB,MAAM,CAAC,IAAI,GAAE,MAAM,EAAiB,GAAG,IAAI,CAwB1D"}
|
package/dist/cli/index.js
CHANGED
|
@@ -7,6 +7,8 @@ exports.runCli = runCli;
|
|
|
7
7
|
const yargs_1 = __importDefault(require("yargs"));
|
|
8
8
|
const helpers_1 = require("yargs/helpers");
|
|
9
9
|
const register_1 = require("./commands/register");
|
|
10
|
+
const init_1 = require("./commands/init");
|
|
11
|
+
const start_1 = require("./commands/start");
|
|
10
12
|
const whoami_1 = require("./commands/whoami");
|
|
11
13
|
const openid_1 = require("./commands/openid");
|
|
12
14
|
const new_openid_1 = require("./commands/new-openid");
|
|
@@ -24,6 +26,8 @@ function runCli(argv = process.argv) {
|
|
|
24
26
|
.scriptName('oceanbus')
|
|
25
27
|
.usage('$0 <command> [options]')
|
|
26
28
|
.command(register_1.registerCommand)
|
|
29
|
+
.command(init_1.initCommand)
|
|
30
|
+
.command(start_1.startCommand)
|
|
27
31
|
.command(whoami_1.whoamiCommand)
|
|
28
32
|
.command(openid_1.openidCommand)
|
|
29
33
|
.command(new_openid_1.newOpenIdCommand)
|
package/dist/cli/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";;;;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";;;;;AAkBA,wBAwBC;AA1CD,kDAA0B;AAC1B,2CAAwC;AACxC,kDAAsD;AACtD,0CAA8C;AAC9C,4CAAgD;AAChD,8CAAkD;AAClD,8CAAkD;AAClD,sDAAyD;AACzD,0CAA8C;AAC9C,8CAAkD;AAClD,4CAAgD;AAChD,8CAAkD;AAClD,gDAAmD;AACnD,sDAAyD;AACzD,wCAA4C;AAC5C,kDAAsD;AACtD,oDAAwD;AAExD,SAAgB,MAAM,CAAC,OAAiB,OAAO,CAAC,IAAI;IAClD,IAAA,eAAK,EAAC,IAAA,iBAAO,EAAC,IAAI,CAAC,CAAC;SACjB,UAAU,CAAC,UAAU,CAAC;SACtB,KAAK,CAAC,wBAAwB,CAAC;SAC/B,OAAO,CAAC,0BAAe,CAAC;SACxB,OAAO,CAAC,kBAAW,CAAC;SACpB,OAAO,CAAC,oBAAY,CAAC;SACrB,OAAO,CAAC,sBAAa,CAAC;SACtB,OAAO,CAAC,sBAAa,CAAC;SACtB,OAAO,CAAC,6BAAgB,CAAC;SACzB,OAAO,CAAC,kBAAW,CAAC;SACpB,OAAO,CAAC,sBAAa,CAAC;SACtB,OAAO,CAAC,oBAAY,CAAC;SACrB,OAAO,CAAC,gBAAU,CAAC;SACnB,OAAO,CAAC,0BAAe,CAAC;SACxB,OAAO,CAAC,4BAAgB,CAAC;SACzB,OAAO,CAAC,sBAAa,CAAC;SACtB,OAAO,CAAC,uBAAa,CAAC;SACtB,OAAO,CAAC,6BAAgB,CAAC;SACzB,aAAa,CAAC,CAAC,EAAE,0BAA0B,CAAC;SAC5C,IAAI,EAAE;SACN,OAAO,EAAE;SACT,MAAM,EAAE;SACR,KAAK,EAAE,CAAC;AACb,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../src/config/defaults.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEtD,eAAO,MAAM,QAAQ,EAAE,
|
|
1
|
+
{"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../src/config/defaults.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEtD,eAAO,MAAM,QAAQ,EAAE,cA4CtB,CAAC"}
|
package/dist/config/defaults.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"defaults.js","sourceRoot":"","sources":["../../src/config/defaults.ts"],"names":[],"mappings":";;;AAEa,QAAA,QAAQ,GAAmB;IACtC,OAAO,EAAE,mCAAmC;IAE5C,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,SAAS,EAAE,sDAAsD;KAC5E;IAED,IAAI,EAAE;QACJ,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,WAAW,EAAE,CAAC;YACd,cAAc,EAAE,GAAG;YACnB,UAAU,EAAE,IAAI;YAChB,UAAU,EAAE,CAAC;SACd;KACF;IAED,OAAO,EAAE;QACP,cAAc,EAAE,IAAI;QACpB,eAAe,EAAE,GAAG;QACpB,iBAAiB,EAAE,IAAI;
|
|
1
|
+
{"version":3,"file":"defaults.js","sourceRoot":"","sources":["../../src/config/defaults.ts"],"names":[],"mappings":";;;AAEa,QAAA,QAAQ,GAAmB;IACtC,OAAO,EAAE,mCAAmC;IAE5C,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,SAAS,EAAE,sDAAsD;KAC5E;IAED,IAAI,EAAE;QACJ,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,WAAW,EAAE,CAAC;YACd,cAAc,EAAE,GAAG;YACnB,UAAU,EAAE,IAAI;YAChB,UAAU,EAAE,CAAC;SACd;KACF;IAED,OAAO,EAAE;QACP,cAAc,EAAE,IAAI;QACpB,eAAe,EAAE,GAAG;QACpB,iBAAiB,EAAE,IAAI;QACvB,cAAc,EAAE,SAAS;KAC1B;IAED,EAAE,EAAE;QACF,mDAAmD;QACnD,8DAA8D;QAC9D,6DAA6D;QAC7D,sEAAsE;QACtE,SAAS,EAAE;YACT,kFAAkF;SACnF;QACD,SAAS,EAAE,kFAAkF;QAC7F,UAAU,EAAE,EAAE;QACd,gBAAgB,EAAE,KAAK;QACvB,qBAAqB,EAAE,IAAI;QAC3B,mBAAmB,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,uCAAuC;KAC5E;IAED,WAAW,EAAE;QACX,OAAO,EAAE,KAAK;KACf;CAEF,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type { X25519KeyPair, PersistedEncryptionKey, DecryptResult } from '../types/e2e';
|
|
2
|
+
export declare function generateEncryptionKeypair(): X25519KeyPair;
|
|
3
|
+
export declare function serializePublicKey(pk: Uint8Array): string;
|
|
4
|
+
export declare function deserializePublicKey(s: string): Uint8Array;
|
|
5
|
+
export declare function serializeKeyPair(kp: X25519KeyPair): PersistedEncryptionKey;
|
|
6
|
+
export declare function deserializeKeyPair(p: PersistedEncryptionKey): X25519KeyPair;
|
|
7
|
+
export declare function deriveSharedSecret(ourPriv: Uint8Array, ourPub: Uint8Array, theirPub: Uint8Array): Uint8Array;
|
|
8
|
+
/**
|
|
9
|
+
* Encrypt plaintext for a recipient whose public key we have.
|
|
10
|
+
* Produces an EncryptedEnvelope JSON string.
|
|
11
|
+
*/
|
|
12
|
+
export declare function encrypt(plaintext: string, ourKP: X25519KeyPair, theirPub: Uint8Array): string;
|
|
13
|
+
/**
|
|
14
|
+
* Wrap plaintext in a key-advertisement envelope.
|
|
15
|
+
* Used when we don't have the recipient's public key yet (first message).
|
|
16
|
+
*/
|
|
17
|
+
export declare function wrapPlaintext(plaintext: string, ourKP: X25519KeyPair): string;
|
|
18
|
+
/**
|
|
19
|
+
* Try to decrypt/unwrap an envelope. Returns null if the content is
|
|
20
|
+
* not a recognized envelope (plaintext from old clients, etc.).
|
|
21
|
+
*/
|
|
22
|
+
export declare function tryDecrypt(raw: string, ourKP: X25519KeyPair): DecryptResult | null;
|
|
23
|
+
//# sourceMappingURL=e2e.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"e2e.d.ts","sourceRoot":"","sources":["../../src/crypto/e2e.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,aAAa,EAEb,sBAAsB,EACtB,aAAa,EACd,MAAM,cAAc,CAAC;AAItB,wBAAgB,yBAAyB,IAAI,aAAa,CASzD;AAoBD,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,UAAU,GAAG,MAAM,CAEzD;AAED,wBAAgB,oBAAoB,CAAC,CAAC,EAAE,MAAM,GAAG,UAAU,CAG1D;AAED,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,aAAa,GAAG,sBAAsB,CAK1E;AAED,wBAAgB,kBAAkB,CAAC,CAAC,EAAE,sBAAsB,GAAG,aAAa,CAK3E;AAID,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,UAAU,EACnB,MAAM,EAAE,UAAU,EAClB,QAAQ,EAAE,UAAU,GACnB,UAAU,CAKZ;AAoCD;;;GAGG;AACH,wBAAgB,OAAO,CACrB,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,aAAa,EACpB,QAAQ,EAAE,UAAU,GACnB,MAAM,CAeR;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,GAAG,MAAM,CAS7E;AAED;;;GAGG;AACH,wBAAgB,UAAU,CACxB,GAAG,EAAE,MAAM,EACX,KAAK,EAAE,aAAa,GACnB,aAAa,GAAG,IAAI,CAiDtB"}
|
|
@@ -0,0 +1,209 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.generateEncryptionKeypair = generateEncryptionKeypair;
|
|
37
|
+
exports.serializePublicKey = serializePublicKey;
|
|
38
|
+
exports.deserializePublicKey = deserializePublicKey;
|
|
39
|
+
exports.serializeKeyPair = serializeKeyPair;
|
|
40
|
+
exports.deserializeKeyPair = deserializeKeyPair;
|
|
41
|
+
exports.deriveSharedSecret = deriveSharedSecret;
|
|
42
|
+
exports.encrypt = encrypt;
|
|
43
|
+
exports.wrapPlaintext = wrapPlaintext;
|
|
44
|
+
exports.tryDecrypt = tryDecrypt;
|
|
45
|
+
const crypto = __importStar(require("node:crypto"));
|
|
46
|
+
// ── Key generation ─────────────────────────────────────────────────
|
|
47
|
+
function generateEncryptionKeypair() {
|
|
48
|
+
const { publicKey, privateKey } = crypto.generateKeyPairSync('x25519');
|
|
49
|
+
// Extract raw 32-byte keys from DER SPKI/PKCS8
|
|
50
|
+
const pubDer = publicKey.export({ format: 'der', type: 'spki' });
|
|
51
|
+
const privDer = privateKey.export({ format: 'der', type: 'pkcs8' });
|
|
52
|
+
return {
|
|
53
|
+
publicKey: new Uint8Array(pubDer.subarray(pubDer.length - 32)),
|
|
54
|
+
secretKey: new Uint8Array(privDer.subarray(privDer.length - 32)),
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
// ── Raw key ↔ JWK conversion ──────────────────────────────────────
|
|
58
|
+
function rawToKeyObject(pub) {
|
|
59
|
+
return crypto.createPublicKey({
|
|
60
|
+
key: { crv: 'X25519', x: bufferToBase64url(pub), kty: 'OKP' },
|
|
61
|
+
format: 'jwk',
|
|
62
|
+
});
|
|
63
|
+
}
|
|
64
|
+
function rawPrivToKeyObject(pub, priv) {
|
|
65
|
+
return crypto.createPrivateKey({
|
|
66
|
+
key: { crv: 'X25519', x: bufferToBase64url(pub), d: bufferToBase64url(priv), kty: 'OKP' },
|
|
67
|
+
format: 'jwk',
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
// ── Serialization (x25519:<base64url>) ────────────────────────────
|
|
71
|
+
function serializePublicKey(pk) {
|
|
72
|
+
return `x25519:${bufferToBase64url(pk)}`;
|
|
73
|
+
}
|
|
74
|
+
function deserializePublicKey(s) {
|
|
75
|
+
const raw = s.startsWith('x25519:') ? s.slice(7) : s;
|
|
76
|
+
return base64urlToBuffer(raw);
|
|
77
|
+
}
|
|
78
|
+
function serializeKeyPair(kp) {
|
|
79
|
+
return {
|
|
80
|
+
publicKey: serializePublicKey(kp.publicKey),
|
|
81
|
+
secretKey: serializePublicKey(kp.secretKey),
|
|
82
|
+
};
|
|
83
|
+
}
|
|
84
|
+
function deserializeKeyPair(p) {
|
|
85
|
+
return {
|
|
86
|
+
publicKey: deserializePublicKey(p.publicKey),
|
|
87
|
+
secretKey: deserializePublicKey(p.secretKey),
|
|
88
|
+
};
|
|
89
|
+
}
|
|
90
|
+
// ── ECDH ──────────────────────────────────────────────────────────
|
|
91
|
+
function deriveSharedSecret(ourPriv, ourPub, theirPub) {
|
|
92
|
+
const privKeyObj = rawPrivToKeyObject(ourPub, ourPriv);
|
|
93
|
+
const pubKeyObj = rawToKeyObject(theirPub);
|
|
94
|
+
const secret = crypto.diffieHellman({ publicKey: pubKeyObj, privateKey: privKeyObj });
|
|
95
|
+
return new Uint8Array(secret);
|
|
96
|
+
}
|
|
97
|
+
// ── ChaCha20-Poly1305 encrypt/decrypt ─────────────────────────────
|
|
98
|
+
function chacha20poly1305Encrypt(key, plaintext) {
|
|
99
|
+
const nonce = crypto.randomBytes(12);
|
|
100
|
+
const cipher = crypto.createCipheriv('chacha20-poly1305', key, nonce, { authTagLength: 16 });
|
|
101
|
+
const encrypted = Buffer.concat([cipher.update(plaintext, 'utf-8'), cipher.final()]);
|
|
102
|
+
return {
|
|
103
|
+
ciphertext: new Uint8Array(encrypted),
|
|
104
|
+
nonce: new Uint8Array(nonce),
|
|
105
|
+
authTag: new Uint8Array(cipher.getAuthTag()),
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
function chacha20poly1305Decrypt(key, ciphertext, nonce, authTag) {
|
|
109
|
+
try {
|
|
110
|
+
const decipher = crypto.createDecipheriv('chacha20-poly1305', key, nonce, { authTagLength: 16 });
|
|
111
|
+
decipher.setAuthTag(Buffer.from(authTag));
|
|
112
|
+
const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
|
|
113
|
+
return decrypted.toString('utf-8');
|
|
114
|
+
}
|
|
115
|
+
catch {
|
|
116
|
+
return null;
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
// ── High-level E2EE operations ────────────────────────────────────
|
|
120
|
+
/**
|
|
121
|
+
* Encrypt plaintext for a recipient whose public key we have.
|
|
122
|
+
* Produces an EncryptedEnvelope JSON string.
|
|
123
|
+
*/
|
|
124
|
+
function encrypt(plaintext, ourKP, theirPub) {
|
|
125
|
+
const sharedSecret = deriveSharedSecret(ourKP.secretKey, ourKP.publicKey, theirPub);
|
|
126
|
+
const { ciphertext, nonce, authTag } = chacha20poly1305Encrypt(sharedSecret, plaintext);
|
|
127
|
+
// Zero shared secret from memory after use
|
|
128
|
+
sharedSecret.fill(0);
|
|
129
|
+
const envelope = {
|
|
130
|
+
v: 1,
|
|
131
|
+
enc: 'xchacha20-poly1305',
|
|
132
|
+
ciphertext: bufferToBase64url(ciphertext),
|
|
133
|
+
nonce: bufferToBase64url(Buffer.concat([nonce, authTag])),
|
|
134
|
+
sender_pk: serializePublicKey(ourKP.publicKey),
|
|
135
|
+
recipient_pk: serializePublicKey(theirPub),
|
|
136
|
+
};
|
|
137
|
+
return JSON.stringify(envelope);
|
|
138
|
+
}
|
|
139
|
+
/**
|
|
140
|
+
* Wrap plaintext in a key-advertisement envelope.
|
|
141
|
+
* Used when we don't have the recipient's public key yet (first message).
|
|
142
|
+
*/
|
|
143
|
+
function wrapPlaintext(plaintext, ourKP) {
|
|
144
|
+
const envelope = {
|
|
145
|
+
v: 1,
|
|
146
|
+
enc: 'none',
|
|
147
|
+
sender_pk: serializePublicKey(ourKP.publicKey),
|
|
148
|
+
recipient_pk: '',
|
|
149
|
+
content: plaintext,
|
|
150
|
+
};
|
|
151
|
+
return JSON.stringify(envelope);
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* Try to decrypt/unwrap an envelope. Returns null if the content is
|
|
155
|
+
* not a recognized envelope (plaintext from old clients, etc.).
|
|
156
|
+
*/
|
|
157
|
+
function tryDecrypt(raw, ourKP) {
|
|
158
|
+
let envelope;
|
|
159
|
+
try {
|
|
160
|
+
const parsed = JSON.parse(raw);
|
|
161
|
+
if (!parsed || parsed.v !== 1 || typeof parsed.enc !== 'string')
|
|
162
|
+
return null;
|
|
163
|
+
envelope = parsed;
|
|
164
|
+
}
|
|
165
|
+
catch {
|
|
166
|
+
return null;
|
|
167
|
+
}
|
|
168
|
+
// Extract sender's public key from every envelope (for caching)
|
|
169
|
+
let senderEncryptionKey = null;
|
|
170
|
+
if (envelope.sender_pk) {
|
|
171
|
+
try {
|
|
172
|
+
senderEncryptionKey = deserializePublicKey(envelope.sender_pk);
|
|
173
|
+
}
|
|
174
|
+
catch { /* ignore malformed key */ }
|
|
175
|
+
}
|
|
176
|
+
// Unwrap plaintext wrapper
|
|
177
|
+
if (envelope.enc === 'none' && envelope.content !== undefined) {
|
|
178
|
+
return { plaintext: envelope.content, senderEncryptionKey };
|
|
179
|
+
}
|
|
180
|
+
// Decrypt encrypted envelope
|
|
181
|
+
if (envelope.enc === 'xchacha20-poly1305' &&
|
|
182
|
+
envelope.ciphertext &&
|
|
183
|
+
envelope.nonce &&
|
|
184
|
+
envelope.sender_pk) {
|
|
185
|
+
try {
|
|
186
|
+
const ciphertext = base64urlToBuffer(envelope.ciphertext);
|
|
187
|
+
const nonceAndTag = base64urlToBuffer(envelope.nonce);
|
|
188
|
+
const nonce = nonceAndTag.subarray(0, 12);
|
|
189
|
+
const authTag = nonceAndTag.subarray(12, 28);
|
|
190
|
+
const senderPub = deserializePublicKey(envelope.sender_pk);
|
|
191
|
+
const sharedSecret = deriveSharedSecret(ourKP.secretKey, ourKP.publicKey, senderPub);
|
|
192
|
+
const plaintext = chacha20poly1305Decrypt(sharedSecret, ciphertext, nonce, authTag);
|
|
193
|
+
sharedSecret.fill(0);
|
|
194
|
+
if (plaintext !== null) {
|
|
195
|
+
return { plaintext, senderEncryptionKey };
|
|
196
|
+
}
|
|
197
|
+
}
|
|
198
|
+
catch { /* decryption failed */ }
|
|
199
|
+
}
|
|
200
|
+
return null;
|
|
201
|
+
}
|
|
202
|
+
// ── base64url helpers ─────────────────────────────────────────────
|
|
203
|
+
function bufferToBase64url(buf) {
|
|
204
|
+
return Buffer.from(buf).toString('base64url');
|
|
205
|
+
}
|
|
206
|
+
function base64urlToBuffer(s) {
|
|
207
|
+
return Buffer.from(s, 'base64url');
|
|
208
|
+
}
|
|
209
|
+
//# sourceMappingURL=e2e.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"e2e.js","sourceRoot":"","sources":["../../src/crypto/e2e.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAUA,8DASC;AAoBD,gDAEC;AAED,oDAGC;AAED,4CAKC;AAED,gDAKC;AAID,gDASC;AAwCD,0BAmBC;AAMD,sCASC;AAMD,gCAoDC;AA7MD,oDAAsC;AAQtC,sEAAsE;AAEtE,SAAgB,yBAAyB;IACvC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACvE,+CAA+C;IAC/C,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACpE,OAAO;QACL,SAAS,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;QAC9D,SAAS,EAAE,IAAI,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;KACjE,CAAC;AACJ,CAAC;AAED,qEAAqE;AAErE,SAAS,cAAc,CAAC,GAAe;IACrC,OAAO,MAAM,CAAC,eAAe,CAAC;QAC5B,GAAG,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,iBAAiB,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE;QAC7D,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAe,EAAE,IAAgB;IAC3D,OAAO,MAAM,CAAC,gBAAgB,CAAC;QAC7B,GAAG,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,iBAAiB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE;QACzF,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AAED,qEAAqE;AAErE,SAAgB,kBAAkB,CAAC,EAAc;IAC/C,OAAO,UAAU,iBAAiB,CAAC,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED,SAAgB,oBAAoB,CAAC,CAAS;IAC5C,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,SAAgB,gBAAgB,CAAC,EAAiB;IAChD,OAAO;QACL,SAAS,EAAE,kBAAkB,CAAC,EAAE,CAAC,SAAS,CAAC;QAC3C,SAAS,EAAE,kBAAkB,CAAC,EAAE,CAAC,SAAS,CAAC;KAC5C,CAAC;AACJ,CAAC;AAED,SAAgB,kBAAkB,CAAC,CAAyB;IAC1D,OAAO;QACL,SAAS,EAAE,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5C,SAAS,EAAE,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;KAC7C,CAAC;AACJ,CAAC;AAED,qEAAqE;AAErE,SAAgB,kBAAkB,CAChC,OAAmB,EACnB,MAAkB,EAClB,QAAoB;IAEpB,MAAM,UAAU,GAAG,kBAAkB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC;IACtF,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,qEAAqE;AAErE,SAAS,uBAAuB,CAC9B,GAAe,EACf,SAAiB;IAEjB,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,mBAAmB,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACrF,OAAO;QACL,UAAU,EAAE,IAAI,UAAU,CAAC,SAAS,CAAC;QACrC,KAAK,EAAE,IAAI,UAAU,CAAC,KAAK,CAAC;QAC5B,OAAO,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;KAC7C,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAC9B,GAAe,EACf,UAAsB,EACtB,KAAiB,EACjB,OAAmB;IAEnB,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,mBAAmB,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC,CAAC;QACjG,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACjF,OAAO,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,qEAAqE;AAErE;;;GAGG;AACH,SAAgB,OAAO,CACrB,SAAiB,EACjB,KAAoB,EACpB,QAAoB;IAEpB,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IACpF,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,uBAAuB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IACxF,2CAA2C;IAC3C,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAErB,MAAM,QAAQ,GAAsB;QAClC,CAAC,EAAE,CAAC;QACJ,GAAG,EAAE,oBAAoB;QACzB,UAAU,EAAE,iBAAiB,CAAC,UAAU,CAAC;QACzC,KAAK,EAAE,iBAAiB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC;QACzD,SAAS,EAAE,kBAAkB,CAAC,KAAK,CAAC,SAAS,CAAC;QAC9C,YAAY,EAAE,kBAAkB,CAAC,QAAQ,CAAC;KAC3C,CAAC;IACF,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,SAAiB,EAAE,KAAoB;IACnE,MAAM,QAAQ,GAAsB;QAClC,CAAC,EAAE,CAAC;QACJ,GAAG,EAAE,MAAM;QACX,SAAS,EAAE,kBAAkB,CAAC,KAAK,CAAC,SAAS,CAAC;QAC9C,YAAY,EAAE,EAAE;QAChB,OAAO,EAAE,SAAS;KACnB,CAAC;IACF,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;AAClC,CAAC;AAED;;;GAGG;AACH,SAAgB,UAAU,CACxB,GAAW,EACX,KAAoB;IAEpB,IAAI,QAA2B,CAAC;IAChC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,KAAK,CAAC,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC7E,QAAQ,GAAG,MAA2B,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gEAAgE;IAChE,IAAI,mBAAmB,GAAsB,IAAI,CAAC;IAClD,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;QACvB,IAAI,CAAC;YACH,mBAAmB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACjE,CAAC;QAAC,MAAM,CAAC,CAAC,0BAA0B,CAAC,CAAC;IACxC,CAAC;IAED,2BAA2B;IAC3B,IAAI,QAAQ,CAAC,GAAG,KAAK,MAAM,IAAI,QAAQ,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QAC9D,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC,OAAO,EAAE,mBAAmB,EAAE,CAAC;IAC9D,CAAC;IAED,6BAA6B;IAC7B,IACE,QAAQ,CAAC,GAAG,KAAK,oBAAoB;QACrC,QAAQ,CAAC,UAAU;QACnB,QAAQ,CAAC,KAAK;QACd,QAAQ,CAAC,SAAS,EAClB,CAAC;QACD,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,iBAAiB,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC1D,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACtD,MAAM,KAAK,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1C,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAE7C,MAAM,SAAS,GAAG,oBAAoB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YAErF,MAAM,SAAS,GAAG,uBAAuB,CAAC,YAAY,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;YACpF,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAErB,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,CAAC;YAC5C,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,uBAAuB,CAAC,CAAC;IACrC,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,qEAAqE;AAErE,SAAS,iBAAiB,CAAC,GAAe;IACxC,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS;IAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;AACrC,CAAC"}
|
package/dist/crypto/index.d.ts
CHANGED
|
@@ -2,4 +2,6 @@ export { generateKeypair, sign, verify, bufferToHex, hexToBuffer, keypairToHex,
|
|
|
2
2
|
export { canonicalize } from './canonical-json';
|
|
3
3
|
export { computeHashcash, verifyHashcash } from './pow';
|
|
4
4
|
export { computeCardHash, verifyCardHash, isValidCardHash } from './sha256';
|
|
5
|
+
export { generateEncryptionKeypair, serializePublicKey as serializeEncryptionPublicKey, deserializePublicKey as deserializeEncryptionPublicKey, serializeKeyPair as serializeEncryptionKeyPair, deserializeKeyPair as deserializeEncryptionKeyPair, deriveSharedSecret, encrypt, wrapPlaintext, tryDecrypt, } from './e2e';
|
|
6
|
+
export { EncryptionKeyCache } from './key-cache';
|
|
5
7
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,IAAI,EACJ,MAAM,EACN,WAAW,EACX,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,OAAO,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,IAAI,EACJ,MAAM,EACN,WAAW,EACX,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,OAAO,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE5E,OAAO,EACL,yBAAyB,EACzB,kBAAkB,IAAI,4BAA4B,EAClD,oBAAoB,IAAI,8BAA8B,EACtD,gBAAgB,IAAI,0BAA0B,EAC9C,kBAAkB,IAAI,4BAA4B,EAClD,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,UAAU,GACX,MAAM,OAAO,CAAC;AACf,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/crypto/index.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.isValidCardHash = exports.verifyCardHash = exports.computeCardHash = exports.verifyHashcash = exports.computeHashcash = exports.canonicalize = exports.base64urlToKeypair = exports.keypairToBase64url = exports.hexToKeypair = exports.keypairToHex = exports.hexToBuffer = exports.bufferToHex = exports.verify = exports.sign = exports.generateKeypair = void 0;
|
|
3
|
+
exports.EncryptionKeyCache = exports.tryDecrypt = exports.wrapPlaintext = exports.encrypt = exports.deriveSharedSecret = exports.deserializeEncryptionKeyPair = exports.serializeEncryptionKeyPair = exports.deserializeEncryptionPublicKey = exports.serializeEncryptionPublicKey = exports.generateEncryptionKeypair = exports.isValidCardHash = exports.verifyCardHash = exports.computeCardHash = exports.verifyHashcash = exports.computeHashcash = exports.canonicalize = exports.base64urlToKeypair = exports.keypairToBase64url = exports.hexToKeypair = exports.keypairToHex = exports.hexToBuffer = exports.bufferToHex = exports.verify = exports.sign = exports.generateKeypair = void 0;
|
|
4
4
|
var ed25519_1 = require("./ed25519");
|
|
5
5
|
Object.defineProperty(exports, "generateKeypair", { enumerable: true, get: function () { return ed25519_1.generateKeypair; } });
|
|
6
6
|
Object.defineProperty(exports, "sign", { enumerable: true, get: function () { return ed25519_1.sign; } });
|
|
@@ -20,4 +20,16 @@ var sha256_1 = require("./sha256");
|
|
|
20
20
|
Object.defineProperty(exports, "computeCardHash", { enumerable: true, get: function () { return sha256_1.computeCardHash; } });
|
|
21
21
|
Object.defineProperty(exports, "verifyCardHash", { enumerable: true, get: function () { return sha256_1.verifyCardHash; } });
|
|
22
22
|
Object.defineProperty(exports, "isValidCardHash", { enumerable: true, get: function () { return sha256_1.isValidCardHash; } });
|
|
23
|
+
var e2e_1 = require("./e2e");
|
|
24
|
+
Object.defineProperty(exports, "generateEncryptionKeypair", { enumerable: true, get: function () { return e2e_1.generateEncryptionKeypair; } });
|
|
25
|
+
Object.defineProperty(exports, "serializeEncryptionPublicKey", { enumerable: true, get: function () { return e2e_1.serializePublicKey; } });
|
|
26
|
+
Object.defineProperty(exports, "deserializeEncryptionPublicKey", { enumerable: true, get: function () { return e2e_1.deserializePublicKey; } });
|
|
27
|
+
Object.defineProperty(exports, "serializeEncryptionKeyPair", { enumerable: true, get: function () { return e2e_1.serializeKeyPair; } });
|
|
28
|
+
Object.defineProperty(exports, "deserializeEncryptionKeyPair", { enumerable: true, get: function () { return e2e_1.deserializeKeyPair; } });
|
|
29
|
+
Object.defineProperty(exports, "deriveSharedSecret", { enumerable: true, get: function () { return e2e_1.deriveSharedSecret; } });
|
|
30
|
+
Object.defineProperty(exports, "encrypt", { enumerable: true, get: function () { return e2e_1.encrypt; } });
|
|
31
|
+
Object.defineProperty(exports, "wrapPlaintext", { enumerable: true, get: function () { return e2e_1.wrapPlaintext; } });
|
|
32
|
+
Object.defineProperty(exports, "tryDecrypt", { enumerable: true, get: function () { return e2e_1.tryDecrypt; } });
|
|
33
|
+
var key_cache_1 = require("./key-cache");
|
|
34
|
+
Object.defineProperty(exports, "EncryptionKeyCache", { enumerable: true, get: function () { return key_cache_1.EncryptionKeyCache; } });
|
|
23
35
|
//# sourceMappingURL=index.js.map
|
package/dist/crypto/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":";;;AAAA,qCAUmB;AATjB,0GAAA,eAAe,OAAA;AACf,+FAAA,IAAI,OAAA;AACJ,iGAAA,MAAM,OAAA;AACN,sGAAA,WAAW,OAAA;AACX,sGAAA,WAAW,OAAA;AACX,uGAAA,YAAY,OAAA;AACZ,uGAAA,YAAY,OAAA;AACZ,6GAAA,kBAAkB,OAAA;AAClB,6GAAA,kBAAkB,OAAA;AAGpB,mDAAgD;AAAvC,8GAAA,YAAY,OAAA;AACrB,6BAAwD;AAA/C,sGAAA,eAAe,OAAA;AAAE,qGAAA,cAAc,OAAA;AACxC,mCAA4E;AAAnE,yGAAA,eAAe,OAAA;AAAE,wGAAA,cAAc,OAAA;AAAE,yGAAA,eAAe,OAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/crypto/index.ts"],"names":[],"mappings":";;;AAAA,qCAUmB;AATjB,0GAAA,eAAe,OAAA;AACf,+FAAA,IAAI,OAAA;AACJ,iGAAA,MAAM,OAAA;AACN,sGAAA,WAAW,OAAA;AACX,sGAAA,WAAW,OAAA;AACX,uGAAA,YAAY,OAAA;AACZ,uGAAA,YAAY,OAAA;AACZ,6GAAA,kBAAkB,OAAA;AAClB,6GAAA,kBAAkB,OAAA;AAGpB,mDAAgD;AAAvC,8GAAA,YAAY,OAAA;AACrB,6BAAwD;AAA/C,sGAAA,eAAe,OAAA;AAAE,qGAAA,cAAc,OAAA;AACxC,mCAA4E;AAAnE,yGAAA,eAAe,OAAA;AAAE,wGAAA,cAAc,OAAA;AAAE,yGAAA,eAAe,OAAA;AAEzD,6BAUe;AATb,gHAAA,yBAAyB,OAAA;AACzB,mHAAA,kBAAkB,OAAgC;AAClD,qHAAA,oBAAoB,OAAkC;AACtD,iHAAA,gBAAgB,OAA8B;AAC9C,mHAAA,kBAAkB,OAAgC;AAClD,yGAAA,kBAAkB,OAAA;AAClB,8FAAA,OAAO,OAAA;AACP,oGAAA,aAAa,OAAA;AACb,iGAAA,UAAU,OAAA;AAEZ,yCAAiD;AAAxC,+GAAA,kBAAkB,OAAA"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
export declare class EncryptionKeyCache {
|
|
2
|
+
private map;
|
|
3
|
+
private dirty;
|
|
4
|
+
constructor();
|
|
5
|
+
get(openid: string): Uint8Array | undefined;
|
|
6
|
+
set(openid: string, publicKey: Uint8Array): void;
|
|
7
|
+
has(openid: string): boolean;
|
|
8
|
+
delete(openid: string): boolean;
|
|
9
|
+
get size(): number;
|
|
10
|
+
load(): Promise<void>;
|
|
11
|
+
save(): Promise<void>;
|
|
12
|
+
/** Force-save regardless of dirty flag (for destroy) */
|
|
13
|
+
flush(): Promise<void>;
|
|
14
|
+
}
|
|
15
|
+
//# sourceMappingURL=key-cache.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-cache.d.ts","sourceRoot":"","sources":["../../src/crypto/key-cache.ts"],"names":[],"mappings":"AAWA,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,GAAG,CAA0B;IACrC,OAAO,CAAC,KAAK,CAAU;;IAOvB,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS;IAI3C,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,GAAG,IAAI;IAOhD,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAI5B,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAM/B,IAAI,IAAI,IAAI,MAAM,CAEjB;IAEK,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAcrB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAe3B,wDAAwD;IAClD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAI7B"}
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.EncryptionKeyCache = void 0;
|
|
37
|
+
const fs = __importStar(require("node:fs"));
|
|
38
|
+
const path = __importStar(require("node:path"));
|
|
39
|
+
const os = __importStar(require("node:os"));
|
|
40
|
+
const CACHE_FILE = path.join(os.homedir(), '.oceanbus', 'encryption-keys.json');
|
|
41
|
+
class EncryptionKeyCache {
|
|
42
|
+
map;
|
|
43
|
+
dirty;
|
|
44
|
+
constructor() {
|
|
45
|
+
this.map = new Map();
|
|
46
|
+
this.dirty = false;
|
|
47
|
+
}
|
|
48
|
+
get(openid) {
|
|
49
|
+
return this.map.get(openid);
|
|
50
|
+
}
|
|
51
|
+
set(openid, publicKey) {
|
|
52
|
+
const existing = this.map.get(openid);
|
|
53
|
+
if (existing && Buffer.from(existing).equals(Buffer.from(publicKey)))
|
|
54
|
+
return;
|
|
55
|
+
this.map.set(openid, publicKey);
|
|
56
|
+
this.dirty = true;
|
|
57
|
+
}
|
|
58
|
+
has(openid) {
|
|
59
|
+
return this.map.has(openid);
|
|
60
|
+
}
|
|
61
|
+
delete(openid) {
|
|
62
|
+
const result = this.map.delete(openid);
|
|
63
|
+
if (result)
|
|
64
|
+
this.dirty = true;
|
|
65
|
+
return result;
|
|
66
|
+
}
|
|
67
|
+
get size() {
|
|
68
|
+
return this.map.size;
|
|
69
|
+
}
|
|
70
|
+
async load() {
|
|
71
|
+
try {
|
|
72
|
+
const raw = await fs.promises.readFile(CACHE_FILE, 'utf-8');
|
|
73
|
+
const data = JSON.parse(raw);
|
|
74
|
+
if (data.keys) {
|
|
75
|
+
for (const [openid, b64] of Object.entries(data.keys)) {
|
|
76
|
+
try {
|
|
77
|
+
this.map.set(openid, Buffer.from(b64, 'base64url'));
|
|
78
|
+
}
|
|
79
|
+
catch { /* skip corrupt entries */ }
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
catch { /* file doesn't exist yet — noop */ }
|
|
84
|
+
}
|
|
85
|
+
async save() {
|
|
86
|
+
if (!this.dirty)
|
|
87
|
+
return;
|
|
88
|
+
try {
|
|
89
|
+
const dir = path.dirname(CACHE_FILE);
|
|
90
|
+
await fs.promises.mkdir(dir, { recursive: true });
|
|
91
|
+
const keys = {};
|
|
92
|
+
for (const [openid, pk] of this.map) {
|
|
93
|
+
keys[openid] = Buffer.from(pk).toString('base64url');
|
|
94
|
+
}
|
|
95
|
+
const data = { updatedAt: new Date().toISOString(), keys };
|
|
96
|
+
await fs.promises.writeFile(CACHE_FILE, JSON.stringify(data, null, 2), { mode: 0o600 });
|
|
97
|
+
this.dirty = false;
|
|
98
|
+
}
|
|
99
|
+
catch { /* best-effort persistence */ }
|
|
100
|
+
}
|
|
101
|
+
/** Force-save regardless of dirty flag (for destroy) */
|
|
102
|
+
async flush() {
|
|
103
|
+
this.dirty = true;
|
|
104
|
+
return this.save();
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
exports.EncryptionKeyCache = EncryptionKeyCache;
|
|
108
|
+
//# sourceMappingURL=key-cache.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-cache.js","sourceRoot":"","sources":["../../src/crypto/key-cache.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAA8B;AAC9B,gDAAkC;AAClC,4CAA8B;AAE9B,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,sBAAsB,CAAC,CAAC;AAOhF,MAAa,kBAAkB;IACrB,GAAG,CAA0B;IAC7B,KAAK,CAAU;IAEvB;QACE,IAAI,CAAC,GAAG,GAAG,IAAI,GAAG,EAAE,CAAC;QACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,GAAG,CAAC,MAAc;QAChB,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED,GAAG,CAAC,MAAc,EAAE,SAAqB;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtC,IAAI,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAAE,OAAO;QAC7E,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,GAAG,CAAC,MAAc;QAChB,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,CAAC,MAAc;QACnB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,MAAM;YAAE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAC9B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YAC5D,MAAM,IAAI,GAAc,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACxC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,KAAK,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtD,IAAI,CAAC;wBACH,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;oBACtD,CAAC;oBAAC,MAAM,CAAC,CAAC,0BAA0B,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC,IAAI,CAAC,KAAK;YAAE,OAAO;QACxB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YACrC,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAClD,MAAM,IAAI,GAA2B,EAAE,CAAC;YACxC,KAAK,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;gBACpC,IAAI,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YACvD,CAAC;YACD,MAAM,IAAI,GAAc,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,CAAC;YACtE,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YACxF,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC,CAAC,6BAA6B,CAAC,CAAC;IAC3C,CAAC;IAED,wDAAwD;IACxD,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC;IACrB,CAAC;CACF;AApED,gDAoEC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -11,6 +11,7 @@ import type { Message } from './types/messaging';
|
|
|
11
11
|
import type { ListenOptions, MonitorOptions, SendOptions } from './types/messaging';
|
|
12
12
|
import { RosterService } from './roster/index';
|
|
13
13
|
import type { Ed25519KeyPair, Certificate, CertVerifyResult, TrustAnchor } from './types/crypto';
|
|
14
|
+
import type { X25519KeyPair } from './types/e2e';
|
|
14
15
|
import type { AgentCard, AgentCardHandler } from './types/l1';
|
|
15
16
|
import { YellowPagesClient } from './l1/yellow-pages';
|
|
16
17
|
import type { PayloadSigner } from './l1/yellow-pages';
|
|
@@ -31,6 +32,7 @@ export declare class OceanBus {
|
|
|
31
32
|
private cursor;
|
|
32
33
|
private l1Dispatcher;
|
|
33
34
|
private agentCardHandler;
|
|
35
|
+
private keyCache;
|
|
34
36
|
crypto: {
|
|
35
37
|
generateKeypair: () => Promise<Ed25519KeyPair>;
|
|
36
38
|
sign: (keypair: Ed25519KeyPair, payload: Record<string, unknown>) => Promise<string>;
|
|
@@ -47,6 +49,8 @@ export declare class OceanBus {
|
|
|
47
49
|
};
|
|
48
50
|
base64urlToKeypair: (pubStr: string, secStr: string) => Ed25519KeyPair;
|
|
49
51
|
verifyCertificate: (cert: Certificate, trustedCAs: TrustAnchor[]) => Promise<CertVerifyResult>;
|
|
52
|
+
generateEncryptionKeypair: () => Promise<X25519KeyPair>;
|
|
53
|
+
getEncryptionPublicKey: () => string | null;
|
|
50
54
|
};
|
|
51
55
|
l1: {
|
|
52
56
|
yellowPages: YellowPagesClient;
|
|
@@ -61,6 +65,9 @@ export declare class OceanBus {
|
|
|
61
65
|
/** Create a brand new UUID identity and first key.
|
|
62
66
|
* This is IRREVERSIBLE — the UUID can never be recovered if all keys are lost. */
|
|
63
67
|
createIdentity(): Promise<RegistrationData>;
|
|
68
|
+
/** Pin the mailbox cursor to this UUID so different identities don't
|
|
69
|
+
* share a global seq_cursor.json and corrupt each other's ACK state. */
|
|
70
|
+
private bindCursorToIdentity;
|
|
64
71
|
/** @deprecated Use createIdentity() instead. This method will be removed in a future version. */
|
|
65
72
|
register(): Promise<RegistrationData>;
|
|
66
73
|
/** Generate a NEW receiving address. Each call returns a different value.
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGlD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAMvD,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEpF,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGlD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAE7C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAMvD,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEpF,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAsB/C,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AACjG,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAI9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAKxD,qBAAa,QAAQ;IACnB,MAAM,EAAE,cAAc,CAAC;IACvB,IAAI,EAAE,UAAU,CAAC;IACjB,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,IAAI,EAAE,aAAa,CAAC;IACpB,SAAS,EAAE,gBAAgB,CAAC;IAC5B,SAAS,EAAE,gBAAgB,CAAC;IAC5B,OAAO,EAAE,WAAW,CAAC;IACrB,OAAO,CAAC,MAAM,CAA+B;IAC7C,OAAO,CAAC,aAAa,CAA8B;IACnD,OAAO,CAAC,QAAQ,CAAW;IAC3B,OAAO,CAAC,MAAM,CAAY;IAC1B,OAAO,CAAC,YAAY,CAA6B;IACjD,OAAO,CAAC,gBAAgB,CAAiC;IACzD,OAAO,CAAC,QAAQ,CAAqB;IAGrC,MAAM,EAAE;QACN,eAAe,EAAE,MAAM,OAAO,CAAC,cAAc,CAAC,CAAC;QAC/C,IAAI,EAAE,CAAC,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;QACrF,MAAM,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;QACnG,YAAY,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,CAAC;QACvC,YAAY,EAAE,CAAC,EAAE,EAAE,cAAc,KAAK;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,CAAC;QAC/E,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,cAAc,CAAC;QACjE,kBAAkB,EAAE,CAAC,EAAE,EAAE,cAAc,KAAK;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,CAAC;QACrF,kBAAkB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,cAAc,CAAC;QACvE,iBAAiB,EAAE,CAAC,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,WAAW,EAAE,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAC/F,yBAAyB,EAAE,MAAM,OAAO,CAAC,aAAa,CAAC,CAAC;QACxD,sBAAsB,EAAE,MAAM,MAAM,GAAG,IAAI,CAAC;KAC7C,CAAC;IAGF,EAAE,EAAG;QACH,WAAW,EAAE,iBAAiB,CAAC;QAC/B,EAAE,EAAE,QAAQ,CAAC;QACb,UAAU,EAAE,gBAAgB,CAAC;KAC9B,CAAC;IAGF,YAAY,EAAE,gBAAgB,CAAC;IAG/B,MAAM,EAAE,aAAa,CAAC;IAGtB,OAAO;WA6EM,MAAM,CAAC,UAAU,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC;YAsGpD,eAAe;IAsC7B;uFACmF;IAC7E,cAAc,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAWjD;6EACyE;IACzE,OAAO,CAAC,oBAAoB;IAU5B,iGAAiG;IAC3F,QAAQ,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAM3C;0DACsD;IAChD,aAAa,IAAI,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAMpE,gGAAgG;IAC1F,SAAS,IAAI,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAKhE,0FAA0F;IACpF,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC;IAInC,6FAA6F;IACvF,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC;IAKlC,uDAAuD;IACjD,MAAM,IAAI,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAM7D,yGAAyG;IACnG,gBAAgB,IAAI,OAAO,CAAC;QAChC,SAAS,EAAE,MAAM,CAAC;QAClB,MAAM,EAAE,aAAa,CAAC;QACtB,OAAO,EAAE,cAAc,CAAC;KACzB,CAAC;IASF;wFACoF;IAC9E,SAAS,IAAI,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAI/D,2CAA2C;IACrC,YAAY,IAAI,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAKlE,sEAAsE;IAChE,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI7C,2CAA2C;IACrC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOhD;;;OAGG;IACH,cAAc,CAAC,OAAO,EAAE,gBAAgB,GAAG,IAAI;IAI/C;;;OAGG;IACG,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAwB5D;;;OAGG;IACH,eAAe,CAAC,IAAI,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAM/D;;;;;;;;;;;;OAYG;IACG,OAAO,CAAC,OAAO,EAAE;QACrB,IAAI,EAAE,MAAM,EAAE,CAAC;QACf,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,SAAS,CAAC;QACjB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,GAAG,OAAO,CAAC;QACV,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;IAuBF;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAM5C;;;OAGG;IACG,oBAAoB,CAAC,MAAM,EAAE;QACjC,aAAa,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAC;QACzC,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACnC,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACjC,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAKvB,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAqB1E,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAK3E,IAAI,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;IAIjE,cAAc,CACZ,SAAS,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,aAAa,GACtB,MAAM,IAAI;IAyEb,aAAa,IAAI,IAAI;IASrB;;;;;;;;;;OAUG;IACH,YAAY,CACV,SAAS,EAAE,cAAc,EACzB,OAAO,CAAC,EAAE,cAAc,GACvB,MAAM,IAAI;IAsCP,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9C,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAItD,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;IAItC,YAAY,IAAI,MAAM,EAAE;IAIlB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;IAKjE,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CA2B/B;AAED,wBAAsB,cAAc,CAAC,MAAM,CAAC,EAAE,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,CAE9E;AAGD,cAAc,SAAS,CAAC;AACxB,cAAc,iBAAiB,CAAC;AAGhC,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAG7C,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC"}
|