xypriss 9.7.7 → 9.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/dist/cjs/src/plugins/api/PluginAPI.js +32 -0
- package/dist/cjs/src/plugins/api/PluginAPI.js.map +1 -1
- package/dist/cjs/src/plugins/const/PluginHookIds.js +45 -18
- package/dist/cjs/src/plugins/const/PluginHookIds.js.map +1 -1
- package/dist/cjs/src/plugins/core/PermissionManager.js +43 -11
- package/dist/cjs/src/plugins/core/PermissionManager.js.map +1 -1
- package/dist/cjs/src/plugins/core/manager/PluginInterceptor.js +1 -0
- package/dist/cjs/src/plugins/core/manager/PluginInterceptor.js.map +1 -1
- package/dist/cjs/src/plugins/core/manager/PluginSecurity.js +86 -6
- package/dist/cjs/src/plugins/core/manager/PluginSecurity.js.map +1 -1
- package/dist/cjs/src/server/components/fastapi/console/ConsoleInterceptor.js +0 -1
- package/dist/cjs/src/server/components/fastapi/console/ConsoleInterceptor.js.map +1 -1
- package/dist/cjs/src/server/components/multi-server/MultiServerApp.js +3 -2
- package/dist/cjs/src/server/components/multi-server/MultiServerApp.js.map +1 -1
- package/dist/cjs/src/server/const/XRUNTIME-HEADER.js +6 -0
- package/dist/cjs/src/server/const/XRUNTIME-HEADER.js.map +1 -0
- package/dist/cjs/src/server/core/ResponseEnhancer.js +10 -0
- package/dist/cjs/src/server/core/ResponseEnhancer.js.map +1 -1
- package/dist/cjs/src/server/core/XHSCProtocol.js +33 -27
- package/dist/cjs/src/server/core/XHSCProtocol.js.map +1 -1
- package/dist/cjs/src/server/core/XyDiagnosticsManager.js +2 -2
- package/dist/cjs/src/server/core/XyDiagnosticsManager.js.map +1 -1
- package/dist/cjs/src/server/core/XyServerCreator.js +15 -7
- package/dist/cjs/src/server/core/XyServerCreator.js.map +1 -1
- package/dist/cjs/src/server/middleware/MiddlewareManager.js +51 -44
- package/dist/cjs/src/server/middleware/MiddlewareManager.js.map +1 -1
- package/dist/cjs/src/xhsc/fs/FSHelpers.js.map +1 -1
- package/dist/esm/src/plugins/api/PluginAPI.js +32 -0
- package/dist/esm/src/plugins/api/PluginAPI.js.map +1 -1
- package/dist/esm/src/plugins/const/PluginHookIds.js +45 -19
- package/dist/esm/src/plugins/const/PluginHookIds.js.map +1 -1
- package/dist/esm/src/plugins/core/PermissionManager.js +43 -11
- package/dist/esm/src/plugins/core/PermissionManager.js.map +1 -1
- package/dist/esm/src/plugins/core/manager/PluginInterceptor.js +1 -0
- package/dist/esm/src/plugins/core/manager/PluginInterceptor.js.map +1 -1
- package/dist/esm/src/plugins/core/manager/PluginSecurity.js +86 -6
- package/dist/esm/src/plugins/core/manager/PluginSecurity.js.map +1 -1
- package/dist/esm/src/server/components/fastapi/console/ConsoleInterceptor.js +0 -1
- package/dist/esm/src/server/components/fastapi/console/ConsoleInterceptor.js.map +1 -1
- package/dist/esm/src/server/components/multi-server/MultiServerApp.js +3 -2
- package/dist/esm/src/server/components/multi-server/MultiServerApp.js.map +1 -1
- package/dist/esm/src/server/const/XRUNTIME-HEADER.js +4 -0
- package/dist/esm/src/server/const/XRUNTIME-HEADER.js.map +1 -0
- package/dist/esm/src/server/core/ResponseEnhancer.js +10 -0
- package/dist/esm/src/server/core/ResponseEnhancer.js.map +1 -1
- package/dist/esm/src/server/core/XHSCProtocol.js +34 -28
- package/dist/esm/src/server/core/XHSCProtocol.js.map +1 -1
- package/dist/esm/src/server/core/XyDiagnosticsManager.js +2 -2
- package/dist/esm/src/server/core/XyDiagnosticsManager.js.map +1 -1
- package/dist/esm/src/server/core/XyServerCreator.js +15 -7
- package/dist/esm/src/server/core/XyServerCreator.js.map +1 -1
- package/dist/esm/src/server/middleware/MiddlewareManager.js +51 -44
- package/dist/esm/src/server/middleware/MiddlewareManager.js.map +1 -1
- package/dist/esm/src/xhsc/fs/FSHelpers.js.map +1 -1
- package/dist/index.d.ts +47 -22
- package/package.json +74 -74
- package/scripts/migrate_to_xhs.ts +92 -0
- package/dist/cjs/src/server/components/fastapi/console/encryption/ConsoleEncryption.js +0 -216
- package/dist/cjs/src/server/components/fastapi/console/encryption/ConsoleEncryption.js.map +0 -1
- package/dist/esm/src/server/components/fastapi/console/encryption/ConsoleEncryption.js +0 -214
- package/dist/esm/src/server/components/fastapi/console/encryption/ConsoleEncryption.js.map +0 -1
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
import fs from "fs";
|
|
2
|
+
import path from "path";
|
|
3
|
+
|
|
4
|
+
const MAPPING: Record<string, string> = {
|
|
5
|
+
// Lifecycle
|
|
6
|
+
"PLG.LIFECYCLE.": "XHS.HOOK.LIFECYCLE.",
|
|
7
|
+
|
|
8
|
+
// HTTP Hooks
|
|
9
|
+
"PLG.HTTP.ON_REQUEST": "XHS.HOOK.HTTP.REQUEST",
|
|
10
|
+
"PLG.HTTP.ON_RESPONSE": "XHS.HOOK.HTTP.RESPONSE",
|
|
11
|
+
"PLG.HTTP.ON_ERROR": "XHS.HOOK.HTTP.ERROR",
|
|
12
|
+
|
|
13
|
+
// HTTP/Routing Permissions
|
|
14
|
+
"PLG.HTTP.MIDDLEWARE": "XHS.PERM.HTTP.MIDDLEWARE",
|
|
15
|
+
"PLG.HTTP.GLOBAL_MIDDLEWARE": "XHS.PERM.HTTP.GLOBAL_MIDDLEWARE",
|
|
16
|
+
"PLG.ROUTING.REGISTER_ROUTES": "XHS.PERM.ROUTING.REGISTER_ROUTES",
|
|
17
|
+
"PLG.ROUTING.BYPASS_NAMESPACE": "XHS.PERM.ROUTING.BYPASS_NAMESPACE",
|
|
18
|
+
"PLG.ROUTING.OVERWRITE_PROTECTED": "XHS.PERM.ROUTING.OVERWRITE_PROTECTED",
|
|
19
|
+
|
|
20
|
+
// Security
|
|
21
|
+
"PLG.SECURITY.ACCESS_CONFIGS": "XHS.PERM.SECURITY.CONFIGS",
|
|
22
|
+
"PLG.SECURITY.ACCESS_SENSITIVE_DATA": "XHS.PERM.SECURITY.SENSITIVE_DATA",
|
|
23
|
+
"PLG.SECURITY.ATTACK_DETECTED": "XHS.HOOK.SECURITY.ATTACK",
|
|
24
|
+
"PLG.SECURITY.RATE_LIMIT": "XHS.HOOK.SECURITY.RATE_LIMIT",
|
|
25
|
+
|
|
26
|
+
// Metrics
|
|
27
|
+
"PLG.METRICS.RESPONSE_TIME": "XHS.HOOK.METRICS.RESPONSE_TIME",
|
|
28
|
+
"PLG.METRICS.ROUTE_ERROR": "XHS.HOOK.METRICS.ROUTE_ERROR",
|
|
29
|
+
|
|
30
|
+
// Ops & Logging
|
|
31
|
+
"PLG.OPS.AUXILIARY_SERVER": "XHS.PERM.OPS.AUXILIARY_SERVER",
|
|
32
|
+
"PLG.LOGGING.CONSOLE_INTERCEPT": "XHS.PERM.LOGGING.CONSOLE_INTERCEPT",
|
|
33
|
+
};
|
|
34
|
+
|
|
35
|
+
const DIRS_TO_SCAN = ["src", "docs", "mods", "simulations", "tests"];
|
|
36
|
+
const FILES_TO_SCAN = ["README.md", "package.json"];
|
|
37
|
+
|
|
38
|
+
function migrateFile(filePath: string) {
|
|
39
|
+
let content = fs.readFileSync(filePath, "utf-8");
|
|
40
|
+
let changed = false;
|
|
41
|
+
|
|
42
|
+
for (const [oldId, newId] of Object.entries(MAPPING)) {
|
|
43
|
+
if (content.includes(oldId)) {
|
|
44
|
+
// Use regex for global replacement
|
|
45
|
+
const regex = new RegExp(oldId.replace(/\./g, "\\."), "g");
|
|
46
|
+
content = content.replace(regex, newId);
|
|
47
|
+
changed = true;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
if (changed) {
|
|
52
|
+
fs.writeFileSync(filePath, content, "utf-8");
|
|
53
|
+
console.log(`[MIGRATED] ${filePath}`);
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
function walk(dir: string) {
|
|
58
|
+
const files = fs.readdirSync(dir);
|
|
59
|
+
for (const file of files) {
|
|
60
|
+
const fullPath = path.join(dir, file);
|
|
61
|
+
const stat = fs.statSync(fullPath);
|
|
62
|
+
if (stat.isDirectory()) {
|
|
63
|
+
if (file === "node_modules" || file === ".git" || file === "dist")
|
|
64
|
+
continue;
|
|
65
|
+
walk(fullPath);
|
|
66
|
+
} else {
|
|
67
|
+
const ext = path.extname(file);
|
|
68
|
+
if ([".ts", ".js", ".md", ".json", ".jsonc"].includes(ext)) {
|
|
69
|
+
migrateFile(fullPath);
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
console.log("Starting XHS Migration...");
|
|
76
|
+
|
|
77
|
+
for (const dir of DIRS_TO_SCAN) {
|
|
78
|
+
const absolutePath = path.resolve(process.cwd(), dir);
|
|
79
|
+
if (fs.existsSync(absolutePath)) {
|
|
80
|
+
walk(absolutePath);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
|
|
84
|
+
for (const file of FILES_TO_SCAN) {
|
|
85
|
+
const absolutePath = path.resolve(process.cwd(), file);
|
|
86
|
+
if (fs.existsSync(absolutePath)) {
|
|
87
|
+
migrateFile(absolutePath);
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
console.log("Migration Complete!");
|
|
92
|
+
|
|
@@ -1,216 +0,0 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
var xyprissSecurity = require('xypriss-security');
|
|
4
|
-
var nehoid = require('nehoid');
|
|
5
|
-
|
|
6
|
-
/**
|
|
7
|
-
* Console Encryption Module
|
|
8
|
-
* Handles encryption and decryption of console logs using XyPrissJS crypto utilities
|
|
9
|
-
*/
|
|
10
|
-
/**
|
|
11
|
-
* Console Encryption Handler
|
|
12
|
-
* Uses XyPrissJS encryption utilities for production-grade console log encryption
|
|
13
|
-
*/
|
|
14
|
-
class ConsoleEncryption {
|
|
15
|
-
constructor(config) {
|
|
16
|
-
this.derivedKey = null;
|
|
17
|
-
this.keyVersion = 1;
|
|
18
|
-
this.config = config;
|
|
19
|
-
this.logBuffer = {
|
|
20
|
-
entries: [],
|
|
21
|
-
maxSize: 1000, // Maximum number of encrypted logs to keep in memory
|
|
22
|
-
currentSize: 0,
|
|
23
|
-
};
|
|
24
|
-
}
|
|
25
|
-
/**
|
|
26
|
-
* Encrypt a console log entry
|
|
27
|
-
*/
|
|
28
|
-
async encryptLogEntry(call) {
|
|
29
|
-
if (!this.config.enabled || !this.config.key) {
|
|
30
|
-
throw new Error("Encryption is not enabled or key is not set");
|
|
31
|
-
}
|
|
32
|
-
try {
|
|
33
|
-
// Prepare log data
|
|
34
|
-
const logData = {
|
|
35
|
-
method: call.method,
|
|
36
|
-
args: call.args,
|
|
37
|
-
timestamp: call.timestamp,
|
|
38
|
-
level: call.level,
|
|
39
|
-
source: call.source,
|
|
40
|
-
stackTrace: call.stackTrace,
|
|
41
|
-
};
|
|
42
|
-
// Map our algorithm to EncryptionService algorithm
|
|
43
|
-
const algorithm = this.config.algorithm === "aes-256-gcm"
|
|
44
|
-
? "aes-256-gcm"
|
|
45
|
-
: "chacha20-poly1305";
|
|
46
|
-
// Use XyPrissJS EncryptionService for production-grade encryption
|
|
47
|
-
const encryptedData = await xyprissSecurity.EncryptionService.encrypt(logData, this.config.key, {
|
|
48
|
-
algorithm,
|
|
49
|
-
keyDerivationIterations: this.config.iterations,
|
|
50
|
-
quantumSafe: algorithm === "chacha20-poly1305", // Enable quantum-safe features
|
|
51
|
-
});
|
|
52
|
-
// EncryptionService returns a JSON string with the encrypted package
|
|
53
|
-
// We'll store it directly as our encrypted data
|
|
54
|
-
const entry = {
|
|
55
|
-
id: this.generateEntryId(),
|
|
56
|
-
timestamp: call.timestamp,
|
|
57
|
-
encrypted: encryptedData, // Store the entire encrypted package
|
|
58
|
-
iv: "", // Not needed since EncryptionService handles this
|
|
59
|
-
authTag: "", // Not needed since EncryptionService handles this
|
|
60
|
-
salt: "", // Not needed since EncryptionService handles this
|
|
61
|
-
metadata: {
|
|
62
|
-
algorithm: this.config.algorithm || "aes-256-gcm",
|
|
63
|
-
keyDerivation: this.config.keyDerivation || "pbkdf2",
|
|
64
|
-
iterations: this.config.iterations || 100000,
|
|
65
|
-
},
|
|
66
|
-
};
|
|
67
|
-
// Add to buffer
|
|
68
|
-
this.addToBuffer(entry);
|
|
69
|
-
return entry;
|
|
70
|
-
}
|
|
71
|
-
catch (error) {
|
|
72
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
73
|
-
throw new Error(`Failed to encrypt log entry: ${errorMessage}`);
|
|
74
|
-
}
|
|
75
|
-
}
|
|
76
|
-
/**
|
|
77
|
-
* Decrypt a log entry
|
|
78
|
-
*/
|
|
79
|
-
async decryptLogEntry(entry, key) {
|
|
80
|
-
try {
|
|
81
|
-
// The encrypted data is already in the format expected by EncryptionService
|
|
82
|
-
const decryptedData = await xyprissSecurity.EncryptionService.decrypt(entry.encrypted, key);
|
|
83
|
-
return decryptedData;
|
|
84
|
-
}
|
|
85
|
-
catch (error) {
|
|
86
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
87
|
-
throw new Error(`Failed to decrypt log entry: ${errorMessage}`);
|
|
88
|
-
}
|
|
89
|
-
}
|
|
90
|
-
/**
|
|
91
|
-
* Get all encrypted logs from buffer
|
|
92
|
-
*/
|
|
93
|
-
getEncryptedLogs() {
|
|
94
|
-
return [...this.logBuffer.entries];
|
|
95
|
-
}
|
|
96
|
-
/**
|
|
97
|
-
* Get encrypted logs as strings (for external transmission)
|
|
98
|
-
*/
|
|
99
|
-
getEncryptedLogsAsStrings() {
|
|
100
|
-
return this.logBuffer.entries.map((entry) => JSON.stringify(entry));
|
|
101
|
-
}
|
|
102
|
-
/**
|
|
103
|
-
* Restore logs from encrypted strings
|
|
104
|
-
*/
|
|
105
|
-
async restoreFromEncryptedStrings(encryptedStrings, key) {
|
|
106
|
-
const results = [];
|
|
107
|
-
for (const encryptedString of encryptedStrings) {
|
|
108
|
-
try {
|
|
109
|
-
const entry = JSON.parse(encryptedString);
|
|
110
|
-
const decrypted = await this.decryptLogEntry(entry, key);
|
|
111
|
-
results.push(decrypted);
|
|
112
|
-
}
|
|
113
|
-
catch (error) {
|
|
114
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
115
|
-
console.warn(`Failed to restore encrypted log entry: ${errorMessage}`);
|
|
116
|
-
}
|
|
117
|
-
}
|
|
118
|
-
return results;
|
|
119
|
-
}
|
|
120
|
-
/**
|
|
121
|
-
* Clear the log buffer
|
|
122
|
-
*/
|
|
123
|
-
clearBuffer() {
|
|
124
|
-
// Securely wipe the buffer
|
|
125
|
-
this.logBuffer.entries.forEach((entry) => {
|
|
126
|
-
// Overwrite sensitive data
|
|
127
|
-
entry.encrypted = "";
|
|
128
|
-
entry.iv = "";
|
|
129
|
-
entry.authTag = "";
|
|
130
|
-
entry.salt = "";
|
|
131
|
-
});
|
|
132
|
-
this.logBuffer.entries = [];
|
|
133
|
-
this.logBuffer.currentSize = 0;
|
|
134
|
-
}
|
|
135
|
-
/**
|
|
136
|
-
* Update encryption configuration
|
|
137
|
-
*/
|
|
138
|
-
updateConfig(newConfig) {
|
|
139
|
-
this.config = { ...this.config, ...newConfig };
|
|
140
|
-
// If key changed, invalidate derived key
|
|
141
|
-
if (newConfig.key) {
|
|
142
|
-
this.derivedKey = null;
|
|
143
|
-
this.keyVersion++;
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
/**
|
|
147
|
-
* Get buffer statistics
|
|
148
|
-
*/
|
|
149
|
-
getBufferStats() {
|
|
150
|
-
const memoryUsage = this.logBuffer.entries.reduce((total, entry) => {
|
|
151
|
-
return total + JSON.stringify(entry).length;
|
|
152
|
-
}, 0);
|
|
153
|
-
return {
|
|
154
|
-
totalEntries: this.logBuffer.entries.length,
|
|
155
|
-
bufferSize: this.logBuffer.currentSize,
|
|
156
|
-
maxSize: this.logBuffer.maxSize,
|
|
157
|
-
memoryUsage,
|
|
158
|
-
};
|
|
159
|
-
}
|
|
160
|
-
// Private helper methods
|
|
161
|
-
generateEntryId() {
|
|
162
|
-
// Generate a unique ID for the log entry
|
|
163
|
-
return nehoid.NehoID.generate({ prefix: "op.nehonix.log", size: 16 });
|
|
164
|
-
}
|
|
165
|
-
addToBuffer(entry) {
|
|
166
|
-
// Add entry to buffer
|
|
167
|
-
this.logBuffer.entries.push(entry);
|
|
168
|
-
this.logBuffer.currentSize++;
|
|
169
|
-
// Maintain buffer size limit
|
|
170
|
-
if (this.logBuffer.currentSize > this.logBuffer.maxSize) {
|
|
171
|
-
const removed = this.logBuffer.entries.shift();
|
|
172
|
-
if (removed) {
|
|
173
|
-
// Securely wipe removed entry
|
|
174
|
-
removed.encrypted = "";
|
|
175
|
-
removed.iv = "";
|
|
176
|
-
removed.authTag = "";
|
|
177
|
-
removed.salt = "";
|
|
178
|
-
this.logBuffer.currentSize--;
|
|
179
|
-
}
|
|
180
|
-
}
|
|
181
|
-
}
|
|
182
|
-
/**
|
|
183
|
-
* Export encrypted logs for external transmission
|
|
184
|
-
*/
|
|
185
|
-
async exportForExternalLogging() {
|
|
186
|
-
const logs = this.getEncryptedLogsAsStrings();
|
|
187
|
-
return {
|
|
188
|
-
logs,
|
|
189
|
-
metadata: {
|
|
190
|
-
totalLogs: logs.length,
|
|
191
|
-
exportTimestamp: Date.now(),
|
|
192
|
-
keyVersion: this.keyVersion,
|
|
193
|
-
algorithm: this.config.algorithm || "aes-256-gcm",
|
|
194
|
-
},
|
|
195
|
-
};
|
|
196
|
-
}
|
|
197
|
-
/**
|
|
198
|
-
* Batch encrypt multiple log entries for performance
|
|
199
|
-
*/
|
|
200
|
-
async batchEncryptLogEntries(calls) {
|
|
201
|
-
const results = [];
|
|
202
|
-
for (const call of calls) {
|
|
203
|
-
try {
|
|
204
|
-
const encrypted = await this.encryptLogEntry(call);
|
|
205
|
-
results.push(encrypted);
|
|
206
|
-
}
|
|
207
|
-
catch (error) {
|
|
208
|
-
console.warn(`Failed to encrypt log entry: ${error.message}`);
|
|
209
|
-
}
|
|
210
|
-
}
|
|
211
|
-
return results;
|
|
212
|
-
}
|
|
213
|
-
}
|
|
214
|
-
|
|
215
|
-
exports.ConsoleEncryption = ConsoleEncryption;
|
|
216
|
-
//# sourceMappingURL=ConsoleEncryption.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ConsoleEncryption.js","sources":["../../../../../../../../src/server/components/fastapi/console/encryption/ConsoleEncryption.ts"],"sourcesContent":[null],"names":["EncryptionService","NehoID"],"mappings":";;;;;AAAA;;;AAGG;AA0BH;;;AAGG;MACU,iBAAiB,CAAA;AAM1B,IAAA,WAAA,CAAY,MAA+B,EAAA;QAHnC,IAAA,CAAA,UAAU,GAAkB,IAAI;QAChC,IAAA,CAAA,UAAU,GAAW,CAAC;AAG1B,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;QACpB,IAAI,CAAC,SAAS,GAAG;AACb,YAAA,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,IAAI;AACb,YAAA,WAAW,EAAE,CAAC;SACjB;IACL;AAEA;;AAEG;IACI,MAAM,eAAe,CACxB,IAA4B,EAAA;AAE5B,QAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;AAC1C,YAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;QAClE;AAEA,QAAA,IAAI;;AAEA,YAAA,MAAM,OAAO,GAAG;gBACZ,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC9B;;YAGD,MAAM,SAAS,GACX,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK;AACtB,kBAAE;kBACA,mBAAmB;;AAG7B,YAAA,MAAM,aAAa,GAAG,MAAMA,iCAAiB,CAAC,OAAO,CACjD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,GAAG,EACf;gBACI,SAAS;AACT,gBAAA,uBAAuB,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;AAC/C,gBAAA,WAAW,EAAE,SAAS,KAAK,mBAAmB;AACjD,aAAA,CACJ;;;AAID,YAAA,MAAM,KAAK,GAAsB;AAC7B,gBAAA,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;gBAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,aAAa;gBACxB,EAAE,EAAE,EAAE;gBACN,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,EAAE;AACR,gBAAA,QAAQ,EAAE;AACN,oBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACjD,oBAAA,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,QAAQ;AACpD,oBAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM;AAC/C,iBAAA;aACJ;;AAGD,YAAA,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;AAEvB,YAAA,OAAO,KAAK;QAChB;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,eAAe,CACxB,KAAwB,EACxB,GAAW,EAAA;AAEX,QAAA,IAAI;;AAEA,YAAA,MAAM,aAAa,GAAG,MAAMA,iCAAiB,CAAC,OAAO,CACjD,KAAK,CAAC,SAAS,EACf,GAAG,CACN;AAED,YAAA,OAAO,aAAuC;QAClD;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;IACI,gBAAgB,GAAA;QACnB,OAAO,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;IACtC;AAEA;;AAEG;IACI,yBAAyB,GAAA;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvE;AAEA;;AAEG;AACI,IAAA,MAAM,2BAA2B,CACpC,gBAA0B,EAC1B,GAAW,EAAA;QAEX,MAAM,OAAO,GAA6B,EAAE;AAE5C,QAAA,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE;AAC5C,YAAA,IAAI;gBACA,MAAM,KAAK,GAAsB,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC;gBAC5D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC;AACxD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAK,EAAE;AACZ,gBAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,gBAAA,OAAO,CAAC,IAAI,CACR,0CAA0C,YAAY,CAAA,CAAE,CAC3D;YACL;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AAEA;;AAEG;IACI,WAAW,GAAA;;QAEd,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,KAAI;;AAErC,YAAA,KAAK,CAAC,SAAS,GAAG,EAAE;AACpB,YAAA,KAAK,CAAC,EAAE,GAAG,EAAE;AACb,YAAA,KAAK,CAAC,OAAO,GAAG,EAAE;AAClB,YAAA,KAAK,CAAC,IAAI,GAAG,EAAE;AACnB,QAAA,CAAC,CAAC;AAEF,QAAA,IAAI,CAAC,SAAS,CAAC,OAAO,GAAG,EAAE;AAC3B,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,CAAC;IAClC;AAEA;;AAEG;AACI,IAAA,YAAY,CAAC,SAA2C,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,EAAE;;AAG9C,QAAA,IAAI,SAAS,CAAC,GAAG,EAAE;AACf,YAAA,IAAI,CAAC,UAAU,GAAG,IAAI;YACtB,IAAI,CAAC,UAAU,EAAE;QACrB;IACJ;AAEA;;AAEG;IACI,cAAc,GAAA;AAMjB,QAAA,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,KAAK,KAAI;YAC/D,OAAO,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,MAAM;QAC/C,CAAC,EAAE,CAAC,CAAC;QAEL,OAAO;AACH,YAAA,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM;AAC3C,YAAA,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;AACtC,YAAA,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,WAAW;SACd;IACL;;IAIQ,eAAe,GAAA;;AAEnB,QAAA,OAAOC,aAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAClE;AAEQ,IAAA,WAAW,CAAC,KAAwB,EAAA;;QAExC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;AAClC,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;;AAG5B,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE;YACrD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE;YAC9C,IAAI,OAAO,EAAE;;AAET,gBAAA,OAAO,CAAC,SAAS,GAAG,EAAE;AACtB,gBAAA,OAAO,CAAC,EAAE,GAAG,EAAE;AACf,gBAAA,OAAO,CAAC,OAAO,GAAG,EAAE;AACpB,gBAAA,OAAO,CAAC,IAAI,GAAG,EAAE;AACjB,gBAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;YAChC;QACJ;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,wBAAwB,GAAA;AASjC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,EAAE;QAE7C,OAAO;YACH,IAAI;AACJ,YAAA,QAAQ,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,MAAM;AACtB,gBAAA,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;AAC3B,gBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACpD,aAAA;SACJ;IACL;AAEA;;AAEG;IACI,MAAM,sBAAsB,CAC/B,KAA+B,EAAA;QAE/B,MAAM,OAAO,GAAwB,EAAE;AAEvC,QAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;AACtB,YAAA,IAAI;gBACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC;AAClD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAU,EAAE;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAA,6BAAA,EAAgC,KAAK,CAAC,OAAO,CAAA,CAAE,CAAC;YACjE;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AACH;;;;"}
|
|
@@ -1,214 +0,0 @@
|
|
|
1
|
-
import { EncryptionService } from 'xypriss-security';
|
|
2
|
-
import { NehoID } from 'nehoid';
|
|
3
|
-
|
|
4
|
-
/**
|
|
5
|
-
* Console Encryption Module
|
|
6
|
-
* Handles encryption and decryption of console logs using XyPrissJS crypto utilities
|
|
7
|
-
*/
|
|
8
|
-
/**
|
|
9
|
-
* Console Encryption Handler
|
|
10
|
-
* Uses XyPrissJS encryption utilities for production-grade console log encryption
|
|
11
|
-
*/
|
|
12
|
-
class ConsoleEncryption {
|
|
13
|
-
constructor(config) {
|
|
14
|
-
this.derivedKey = null;
|
|
15
|
-
this.keyVersion = 1;
|
|
16
|
-
this.config = config;
|
|
17
|
-
this.logBuffer = {
|
|
18
|
-
entries: [],
|
|
19
|
-
maxSize: 1000, // Maximum number of encrypted logs to keep in memory
|
|
20
|
-
currentSize: 0,
|
|
21
|
-
};
|
|
22
|
-
}
|
|
23
|
-
/**
|
|
24
|
-
* Encrypt a console log entry
|
|
25
|
-
*/
|
|
26
|
-
async encryptLogEntry(call) {
|
|
27
|
-
if (!this.config.enabled || !this.config.key) {
|
|
28
|
-
throw new Error("Encryption is not enabled or key is not set");
|
|
29
|
-
}
|
|
30
|
-
try {
|
|
31
|
-
// Prepare log data
|
|
32
|
-
const logData = {
|
|
33
|
-
method: call.method,
|
|
34
|
-
args: call.args,
|
|
35
|
-
timestamp: call.timestamp,
|
|
36
|
-
level: call.level,
|
|
37
|
-
source: call.source,
|
|
38
|
-
stackTrace: call.stackTrace,
|
|
39
|
-
};
|
|
40
|
-
// Map our algorithm to EncryptionService algorithm
|
|
41
|
-
const algorithm = this.config.algorithm === "aes-256-gcm"
|
|
42
|
-
? "aes-256-gcm"
|
|
43
|
-
: "chacha20-poly1305";
|
|
44
|
-
// Use XyPrissJS EncryptionService for production-grade encryption
|
|
45
|
-
const encryptedData = await EncryptionService.encrypt(logData, this.config.key, {
|
|
46
|
-
algorithm,
|
|
47
|
-
keyDerivationIterations: this.config.iterations,
|
|
48
|
-
quantumSafe: algorithm === "chacha20-poly1305", // Enable quantum-safe features
|
|
49
|
-
});
|
|
50
|
-
// EncryptionService returns a JSON string with the encrypted package
|
|
51
|
-
// We'll store it directly as our encrypted data
|
|
52
|
-
const entry = {
|
|
53
|
-
id: this.generateEntryId(),
|
|
54
|
-
timestamp: call.timestamp,
|
|
55
|
-
encrypted: encryptedData, // Store the entire encrypted package
|
|
56
|
-
iv: "", // Not needed since EncryptionService handles this
|
|
57
|
-
authTag: "", // Not needed since EncryptionService handles this
|
|
58
|
-
salt: "", // Not needed since EncryptionService handles this
|
|
59
|
-
metadata: {
|
|
60
|
-
algorithm: this.config.algorithm || "aes-256-gcm",
|
|
61
|
-
keyDerivation: this.config.keyDerivation || "pbkdf2",
|
|
62
|
-
iterations: this.config.iterations || 100000,
|
|
63
|
-
},
|
|
64
|
-
};
|
|
65
|
-
// Add to buffer
|
|
66
|
-
this.addToBuffer(entry);
|
|
67
|
-
return entry;
|
|
68
|
-
}
|
|
69
|
-
catch (error) {
|
|
70
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
71
|
-
throw new Error(`Failed to encrypt log entry: ${errorMessage}`);
|
|
72
|
-
}
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Decrypt a log entry
|
|
76
|
-
*/
|
|
77
|
-
async decryptLogEntry(entry, key) {
|
|
78
|
-
try {
|
|
79
|
-
// The encrypted data is already in the format expected by EncryptionService
|
|
80
|
-
const decryptedData = await EncryptionService.decrypt(entry.encrypted, key);
|
|
81
|
-
return decryptedData;
|
|
82
|
-
}
|
|
83
|
-
catch (error) {
|
|
84
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
85
|
-
throw new Error(`Failed to decrypt log entry: ${errorMessage}`);
|
|
86
|
-
}
|
|
87
|
-
}
|
|
88
|
-
/**
|
|
89
|
-
* Get all encrypted logs from buffer
|
|
90
|
-
*/
|
|
91
|
-
getEncryptedLogs() {
|
|
92
|
-
return [...this.logBuffer.entries];
|
|
93
|
-
}
|
|
94
|
-
/**
|
|
95
|
-
* Get encrypted logs as strings (for external transmission)
|
|
96
|
-
*/
|
|
97
|
-
getEncryptedLogsAsStrings() {
|
|
98
|
-
return this.logBuffer.entries.map((entry) => JSON.stringify(entry));
|
|
99
|
-
}
|
|
100
|
-
/**
|
|
101
|
-
* Restore logs from encrypted strings
|
|
102
|
-
*/
|
|
103
|
-
async restoreFromEncryptedStrings(encryptedStrings, key) {
|
|
104
|
-
const results = [];
|
|
105
|
-
for (const encryptedString of encryptedStrings) {
|
|
106
|
-
try {
|
|
107
|
-
const entry = JSON.parse(encryptedString);
|
|
108
|
-
const decrypted = await this.decryptLogEntry(entry, key);
|
|
109
|
-
results.push(decrypted);
|
|
110
|
-
}
|
|
111
|
-
catch (error) {
|
|
112
|
-
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
113
|
-
console.warn(`Failed to restore encrypted log entry: ${errorMessage}`);
|
|
114
|
-
}
|
|
115
|
-
}
|
|
116
|
-
return results;
|
|
117
|
-
}
|
|
118
|
-
/**
|
|
119
|
-
* Clear the log buffer
|
|
120
|
-
*/
|
|
121
|
-
clearBuffer() {
|
|
122
|
-
// Securely wipe the buffer
|
|
123
|
-
this.logBuffer.entries.forEach((entry) => {
|
|
124
|
-
// Overwrite sensitive data
|
|
125
|
-
entry.encrypted = "";
|
|
126
|
-
entry.iv = "";
|
|
127
|
-
entry.authTag = "";
|
|
128
|
-
entry.salt = "";
|
|
129
|
-
});
|
|
130
|
-
this.logBuffer.entries = [];
|
|
131
|
-
this.logBuffer.currentSize = 0;
|
|
132
|
-
}
|
|
133
|
-
/**
|
|
134
|
-
* Update encryption configuration
|
|
135
|
-
*/
|
|
136
|
-
updateConfig(newConfig) {
|
|
137
|
-
this.config = { ...this.config, ...newConfig };
|
|
138
|
-
// If key changed, invalidate derived key
|
|
139
|
-
if (newConfig.key) {
|
|
140
|
-
this.derivedKey = null;
|
|
141
|
-
this.keyVersion++;
|
|
142
|
-
}
|
|
143
|
-
}
|
|
144
|
-
/**
|
|
145
|
-
* Get buffer statistics
|
|
146
|
-
*/
|
|
147
|
-
getBufferStats() {
|
|
148
|
-
const memoryUsage = this.logBuffer.entries.reduce((total, entry) => {
|
|
149
|
-
return total + JSON.stringify(entry).length;
|
|
150
|
-
}, 0);
|
|
151
|
-
return {
|
|
152
|
-
totalEntries: this.logBuffer.entries.length,
|
|
153
|
-
bufferSize: this.logBuffer.currentSize,
|
|
154
|
-
maxSize: this.logBuffer.maxSize,
|
|
155
|
-
memoryUsage,
|
|
156
|
-
};
|
|
157
|
-
}
|
|
158
|
-
// Private helper methods
|
|
159
|
-
generateEntryId() {
|
|
160
|
-
// Generate a unique ID for the log entry
|
|
161
|
-
return NehoID.generate({ prefix: "op.nehonix.log", size: 16 });
|
|
162
|
-
}
|
|
163
|
-
addToBuffer(entry) {
|
|
164
|
-
// Add entry to buffer
|
|
165
|
-
this.logBuffer.entries.push(entry);
|
|
166
|
-
this.logBuffer.currentSize++;
|
|
167
|
-
// Maintain buffer size limit
|
|
168
|
-
if (this.logBuffer.currentSize > this.logBuffer.maxSize) {
|
|
169
|
-
const removed = this.logBuffer.entries.shift();
|
|
170
|
-
if (removed) {
|
|
171
|
-
// Securely wipe removed entry
|
|
172
|
-
removed.encrypted = "";
|
|
173
|
-
removed.iv = "";
|
|
174
|
-
removed.authTag = "";
|
|
175
|
-
removed.salt = "";
|
|
176
|
-
this.logBuffer.currentSize--;
|
|
177
|
-
}
|
|
178
|
-
}
|
|
179
|
-
}
|
|
180
|
-
/**
|
|
181
|
-
* Export encrypted logs for external transmission
|
|
182
|
-
*/
|
|
183
|
-
async exportForExternalLogging() {
|
|
184
|
-
const logs = this.getEncryptedLogsAsStrings();
|
|
185
|
-
return {
|
|
186
|
-
logs,
|
|
187
|
-
metadata: {
|
|
188
|
-
totalLogs: logs.length,
|
|
189
|
-
exportTimestamp: Date.now(),
|
|
190
|
-
keyVersion: this.keyVersion,
|
|
191
|
-
algorithm: this.config.algorithm || "aes-256-gcm",
|
|
192
|
-
},
|
|
193
|
-
};
|
|
194
|
-
}
|
|
195
|
-
/**
|
|
196
|
-
* Batch encrypt multiple log entries for performance
|
|
197
|
-
*/
|
|
198
|
-
async batchEncryptLogEntries(calls) {
|
|
199
|
-
const results = [];
|
|
200
|
-
for (const call of calls) {
|
|
201
|
-
try {
|
|
202
|
-
const encrypted = await this.encryptLogEntry(call);
|
|
203
|
-
results.push(encrypted);
|
|
204
|
-
}
|
|
205
|
-
catch (error) {
|
|
206
|
-
console.warn(`Failed to encrypt log entry: ${error.message}`);
|
|
207
|
-
}
|
|
208
|
-
}
|
|
209
|
-
return results;
|
|
210
|
-
}
|
|
211
|
-
}
|
|
212
|
-
|
|
213
|
-
export { ConsoleEncryption };
|
|
214
|
-
//# sourceMappingURL=ConsoleEncryption.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ConsoleEncryption.js","sources":["../../../../../../../../src/server/components/fastapi/console/encryption/ConsoleEncryption.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAAA;;;AAGG;AA0BH;;;AAGG;MACU,iBAAiB,CAAA;AAM1B,IAAA,WAAA,CAAY,MAA+B,EAAA;QAHnC,IAAA,CAAA,UAAU,GAAkB,IAAI;QAChC,IAAA,CAAA,UAAU,GAAW,CAAC;AAG1B,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;QACpB,IAAI,CAAC,SAAS,GAAG;AACb,YAAA,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,IAAI;AACb,YAAA,WAAW,EAAE,CAAC;SACjB;IACL;AAEA;;AAEG;IACI,MAAM,eAAe,CACxB,IAA4B,EAAA;AAE5B,QAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;AAC1C,YAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;QAClE;AAEA,QAAA,IAAI;;AAEA,YAAA,MAAM,OAAO,GAAG;gBACZ,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC9B;;YAGD,MAAM,SAAS,GACX,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK;AACtB,kBAAE;kBACA,mBAAmB;;AAG7B,YAAA,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CACjD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,GAAG,EACf;gBACI,SAAS;AACT,gBAAA,uBAAuB,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;AAC/C,gBAAA,WAAW,EAAE,SAAS,KAAK,mBAAmB;AACjD,aAAA,CACJ;;;AAID,YAAA,MAAM,KAAK,GAAsB;AAC7B,gBAAA,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;gBAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,aAAa;gBACxB,EAAE,EAAE,EAAE;gBACN,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,EAAE;AACR,gBAAA,QAAQ,EAAE;AACN,oBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACjD,oBAAA,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,QAAQ;AACpD,oBAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM;AAC/C,iBAAA;aACJ;;AAGD,YAAA,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;AAEvB,YAAA,OAAO,KAAK;QAChB;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,eAAe,CACxB,KAAwB,EACxB,GAAW,EAAA;AAEX,QAAA,IAAI;;AAEA,YAAA,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CACjD,KAAK,CAAC,SAAS,EACf,GAAG,CACN;AAED,YAAA,OAAO,aAAuC;QAClD;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;IACI,gBAAgB,GAAA;QACnB,OAAO,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;IACtC;AAEA;;AAEG;IACI,yBAAyB,GAAA;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvE;AAEA;;AAEG;AACI,IAAA,MAAM,2BAA2B,CACpC,gBAA0B,EAC1B,GAAW,EAAA;QAEX,MAAM,OAAO,GAA6B,EAAE;AAE5C,QAAA,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE;AAC5C,YAAA,IAAI;gBACA,MAAM,KAAK,GAAsB,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC;gBAC5D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC;AACxD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAK,EAAE;AACZ,gBAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,gBAAA,OAAO,CAAC,IAAI,CACR,0CAA0C,YAAY,CAAA,CAAE,CAC3D;YACL;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AAEA;;AAEG;IACI,WAAW,GAAA;;QAEd,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,KAAI;;AAErC,YAAA,KAAK,CAAC,SAAS,GAAG,EAAE;AACpB,YAAA,KAAK,CAAC,EAAE,GAAG,EAAE;AACb,YAAA,KAAK,CAAC,OAAO,GAAG,EAAE;AAClB,YAAA,KAAK,CAAC,IAAI,GAAG,EAAE;AACnB,QAAA,CAAC,CAAC;AAEF,QAAA,IAAI,CAAC,SAAS,CAAC,OAAO,GAAG,EAAE;AAC3B,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,CAAC;IAClC;AAEA;;AAEG;AACI,IAAA,YAAY,CAAC,SAA2C,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,EAAE;;AAG9C,QAAA,IAAI,SAAS,CAAC,GAAG,EAAE;AACf,YAAA,IAAI,CAAC,UAAU,GAAG,IAAI;YACtB,IAAI,CAAC,UAAU,EAAE;QACrB;IACJ;AAEA;;AAEG;IACI,cAAc,GAAA;AAMjB,QAAA,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,KAAK,KAAI;YAC/D,OAAO,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,MAAM;QAC/C,CAAC,EAAE,CAAC,CAAC;QAEL,OAAO;AACH,YAAA,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM;AAC3C,YAAA,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;AACtC,YAAA,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,WAAW;SACd;IACL;;IAIQ,eAAe,GAAA;;AAEnB,QAAA,OAAO,MAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAClE;AAEQ,IAAA,WAAW,CAAC,KAAwB,EAAA;;QAExC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;AAClC,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;;AAG5B,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE;YACrD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE;YAC9C,IAAI,OAAO,EAAE;;AAET,gBAAA,OAAO,CAAC,SAAS,GAAG,EAAE;AACtB,gBAAA,OAAO,CAAC,EAAE,GAAG,EAAE;AACf,gBAAA,OAAO,CAAC,OAAO,GAAG,EAAE;AACpB,gBAAA,OAAO,CAAC,IAAI,GAAG,EAAE;AACjB,gBAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;YAChC;QACJ;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,wBAAwB,GAAA;AASjC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,EAAE;QAE7C,OAAO;YACH,IAAI;AACJ,YAAA,QAAQ,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,MAAM;AACtB,gBAAA,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;AAC3B,gBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACpD,aAAA;SACJ;IACL;AAEA;;AAEG;IACI,MAAM,sBAAsB,CAC/B,KAA+B,EAAA;QAE/B,MAAM,OAAO,GAAwB,EAAE;AAEvC,QAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;AACtB,YAAA,IAAI;gBACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC;AAClD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAU,EAAE;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAA,6BAAA,EAAgC,KAAK,CAAC,OAAO,CAAA,CAAE,CAAC;YACjE;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AACH;;;;"}
|