npm - @noy-db/as-zip - Versions diffs - 0.1.0-pre.3 - Mend

@noy-db/as-zip 0.1.0-pre.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,603 @@
+// src/sha1.ts
+async function hmacSha1(key, bytes) {
+  const cryptoKey = await crypto.subtle.importKey(
+    "raw",
+    key,
+    { name: "HMAC", hash: "SHA-1" },
+    false,
+    ["sign"]
+  );
+  const sig = await crypto.subtle.sign("HMAC", cryptoKey, bytes);
+  return new Uint8Array(sig);
+}
+// src/aes.ts
+var WZAES_STRENGTH_256 = 3;
+var WZAES_SALT_LEN = 16;
+var WZAES_VERIFIER_LEN = 2;
+var WZAES_AUTH_LEN = 10;
+var WZAES_PBKDF2_ITERATIONS = 1e3;
+var WZAES_METHOD_MARKER = 99;
+var WZAES_VENDOR_ID = 17729;
+var WZAES_VENDOR_VERSION_AE2 = 2;
+var WZAES_REAL_METHOD = 0;
+var WZAES_EXTRA_TAG = 39169;
+var ZipCipherError = class extends Error {
+  code = "ZIP_CIPHER_ERROR";
+  constructor(message) {
+    super(message);
+    this.name = "ZipCipherError";
+  }
+};
+async function encryptEntryWzAes(plaintext, password) {
+  if (password.length === 0) {
+    throw new ZipCipherError("encryptEntryWzAes: password must be a non-empty string");
+  }
+  const salt = crypto.getRandomValues(new Uint8Array(WZAES_SALT_LEN));
+  const { encryptKey, authKey, verifier } = await deriveKeys(password, salt);
+  const ciphertext = await aesCtrXor(plaintext, encryptKey);
+  const authCode = await hmacSha1(authKey, ciphertext);
+  const auth = authCode.slice(0, WZAES_AUTH_LEN);
+  const data = new Uint8Array(salt.length + verifier.length + ciphertext.length + auth.length);
+  let pos = 0;
+  data.set(salt, pos);
+  pos += salt.length;
+  data.set(verifier, pos);
+  pos += verifier.length;
+  data.set(ciphertext, pos);
+  pos += ciphertext.length;
+  data.set(auth, pos);
+  return {
+    extraField: buildExtraField(),
+    dataRegion: data
+  };
+}
+async function decryptEntryWzAes(data, password) {
+  if (data.length < WZAES_SALT_LEN + WZAES_VERIFIER_LEN + WZAES_AUTH_LEN) {
+    throw new ZipCipherError("decryptEntryWzAes: data region is shorter than the WinZip-AES envelope");
+  }
+  const salt = data.slice(0, WZAES_SALT_LEN);
+  const verifier = data.slice(WZAES_SALT_LEN, WZAES_SALT_LEN + WZAES_VERIFIER_LEN);
+  const ciphertext = data.slice(
+    WZAES_SALT_LEN + WZAES_VERIFIER_LEN,
+    data.length - WZAES_AUTH_LEN
+  );
+  const auth = data.slice(data.length - WZAES_AUTH_LEN);
+  const { encryptKey, authKey, verifier: expectedVerifier } = await deriveKeys(password, salt);
+  if (!constantTimeEqual(verifier, expectedVerifier)) {
+    throw new ZipCipherError("decryptEntryWzAes: wrong password (verifier mismatch)");
+  }
+  const expectedAuth = (await hmacSha1(authKey, ciphertext)).slice(0, WZAES_AUTH_LEN);
+  if (!constantTimeEqual(auth, expectedAuth)) {
+    throw new ZipCipherError("decryptEntryWzAes: authentication code mismatch (tampered ciphertext or wrong password)");
+  }
+  return aesCtrXor(ciphertext, encryptKey);
+}
+async function deriveKeys(password, salt) {
+  const passBytes = new TextEncoder().encode(password);
+  const baseKey = await crypto.subtle.importKey(
+    "raw",
+    passBytes,
+    { name: "PBKDF2" },
+    false,
+    ["deriveBits"]
+  );
+  const totalBits = (32 + 32 + 2) * 8;
+  const bits = await crypto.subtle.deriveBits(
+    {
+      name: "PBKDF2",
+      hash: "SHA-1",
+      salt,
+      iterations: WZAES_PBKDF2_ITERATIONS
+    },
+    baseKey,
+    totalBits
+  );
+  const out = new Uint8Array(bits);
+  const encryptRaw = out.slice(0, 32);
+  const authKey = out.slice(32, 64);
+  const verifier = out.slice(64, 66);
+  const encryptKey = await crypto.subtle.importKey(
+    "raw",
+    encryptRaw,
+    { name: "AES-CTR" },
+    false,
+    ["encrypt", "decrypt"]
+  );
+  return { encryptKey, authKey, verifier };
+}
+async function aesCtrXor(data, key) {
+  const out = new Uint8Array(data.length);
+  let blockNum = 1n;
+  let pos = 0;
+  const zeroBlock = new Uint8Array(16);
+  while (pos < data.length) {
+    const counterBlock = new Uint8Array(16);
+    let n = blockNum;
+    for (let i = 0; i < 8; i++) {
+      counterBlock[i] = Number(n & 0xffn);
+      n >>= 8n;
+    }
+    const block = await crypto.subtle.encrypt(
+      { name: "AES-CTR", counter: counterBlock, length: 128 },
+      key,
+      zeroBlock
+    );
+    const keystream = new Uint8Array(block);
+    const remain = Math.min(16, data.length - pos);
+    for (let i = 0; i < remain; i++) {
+      out[pos + i] = data[pos + i] ^ keystream[i];
+    }
+    pos += remain;
+    blockNum += 1n;
+  }
+  return out;
+}
+function buildExtraField() {
+  const ef = new Uint8Array(11);
+  const view = new DataView(ef.buffer);
+  view.setUint16(0, WZAES_EXTRA_TAG, true);
+  view.setUint16(2, 7, true);
+  view.setUint16(4, WZAES_VENDOR_VERSION_AE2, true);
+  view.setUint16(6, WZAES_VENDOR_ID, true);
+  ef[8] = WZAES_STRENGTH_256;
+  view.setUint16(9, WZAES_REAL_METHOD, true);
+  return ef;
+}
+function parseWzAesExtraField(extra) {
+  let pos = 0;
+  while (pos + 4 <= extra.length) {
+    const tag = readU16(extra, pos);
+    const size = readU16(extra, pos + 2);
+    if (tag === WZAES_EXTRA_TAG) {
+      if (size !== 7) {
+        throw new ZipCipherError(
+          `WinZip-AES extra field has size ${size}, expected 7`
+        );
+      }
+      const vendorVersion = readU16(extra, pos + 4);
+      const vendorId = readU16(extra, pos + 6);
+      const strength = extra[pos + 8];
+      if (vendorId !== WZAES_VENDOR_ID) {
+        throw new ZipCipherError(
+          `WinZip-AES extra field vendor id 0x${vendorId.toString(16)}, expected 0x${WZAES_VENDOR_ID.toString(16)}`
+        );
+      }
+      if (strength !== WZAES_STRENGTH_256) {
+        throw new ZipCipherError(
+          `WinZip-AES strength ${strength} not supported \u2014 AES-256 only`
+        );
+      }
+      return { vendorVersion };
+    }
+    pos += 4 + size;
+  }
+  return null;
+}
+function constantTimeEqual(a, b) {
+  if (a.length !== b.length) return false;
+  let diff = 0;
+  for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i];
+  return diff === 0;
+}
+function readU16(bytes, offset) {
+  return bytes[offset] | bytes[offset + 1] << 8;
+}
+// src/zip.ts
+var TEXT_ENCODER = new TextEncoder();
+async function writeZip(entries, options = {}) {
+  const localParts = [];
+  const cdParts = [];
+  let offset = 0;
+  for (const entry of entries) {
+    const nameBytes = TEXT_ENCODER.encode(entry.path);
+    const dosTime = toDosTime(entry.mtime ?? /* @__PURE__ */ new Date());
+    let dataBytes;
+    let extraField;
+    let methodField;
+    let crcField;
+    let flagsField = 2048;
+    if (options.password !== void 0) {
+      const enc = await encryptEntryWzAes(entry.bytes, options.password);
+      dataBytes = enc.dataRegion;
+      extraField = enc.extraField;
+      methodField = WZAES_METHOD_MARKER;
+      crcField = 0;
+      flagsField |= 1;
+      void WZAES_REAL_METHOD;
+    } else {
+      dataBytes = entry.bytes;
+      extraField = new Uint8Array(0);
+      methodField = 0;
+      crcField = crc32(entry.bytes);
+    }
+    const size = dataBytes.length;
+    const uncompressedSize = options.password !== void 0 ? entry.bytes.length : size;
+    const lfh = new Uint8Array(30 + nameBytes.length + extraField.length);
+    const lfhView = new DataView(lfh.buffer);
+    lfhView.setUint32(0, 67324752, true);
+    lfhView.setUint16(4, 20, true);
+    lfhView.setUint16(6, flagsField, true);
+    lfhView.setUint16(8, methodField, true);
+    lfhView.setUint16(10, dosTime.time, true);
+    lfhView.setUint16(12, dosTime.date, true);
+    lfhView.setUint32(14, crcField, true);
+    lfhView.setUint32(18, size, true);
+    lfhView.setUint32(22, uncompressedSize, true);
+    lfhView.setUint16(26, nameBytes.length, true);
+    lfhView.setUint16(28, extraField.length, true);
+    lfh.set(nameBytes, 30);
+    if (extraField.length > 0) lfh.set(extraField, 30 + nameBytes.length);
+    localParts.push(lfh, dataBytes);
+    const cdh = new Uint8Array(46 + nameBytes.length + extraField.length);
+    const cdhView = new DataView(cdh.buffer);
+    cdhView.setUint32(0, 33639248, true);
+    cdhView.setUint16(4, 20, true);
+    cdhView.setUint16(6, 20, true);
+    cdhView.setUint16(8, flagsField, true);
+    cdhView.setUint16(10, methodField, true);
+    cdhView.setUint16(12, dosTime.time, true);
+    cdhView.setUint16(14, dosTime.date, true);
+    cdhView.setUint32(16, crcField, true);
+    cdhView.setUint32(20, size, true);
+    cdhView.setUint32(24, uncompressedSize, true);
+    cdhView.setUint16(28, nameBytes.length, true);
+    cdhView.setUint16(30, extraField.length, true);
+    cdhView.setUint16(32, 0, true);
+    cdhView.setUint16(34, 0, true);
+    cdhView.setUint16(36, 0, true);
+    cdhView.setUint32(38, 0, true);
+    cdhView.setUint32(42, offset, true);
+    cdh.set(nameBytes, 46);
+    if (extraField.length > 0) cdh.set(extraField, 46 + nameBytes.length);
+    cdParts.push(cdh);
+    offset += lfh.length + dataBytes.length;
+  }
+  const localTotal = offset;
+  const cdSize = cdParts.reduce((n, p) => n + p.length, 0);
+  const eocd = new Uint8Array(22);
+  const eocdView = new DataView(eocd.buffer);
+  eocdView.setUint32(0, 101010256, true);
+  eocdView.setUint16(4, 0, true);
+  eocdView.setUint16(6, 0, true);
+  eocdView.setUint16(8, entries.length, true);
+  eocdView.setUint16(10, entries.length, true);
+  eocdView.setUint32(12, cdSize, true);
+  eocdView.setUint32(16, localTotal, true);
+  eocdView.setUint16(20, 0, true);
+  const out = new Uint8Array(localTotal + cdSize + eocd.length);
+  let pos = 0;
+  for (const part of localParts) {
+    out.set(part, pos);
+    pos += part.length;
+  }
+  for (const part of cdParts) {
+    out.set(part, pos);
+    pos += part.length;
+  }
+  out.set(eocd, pos);
+  return out;
+}
+var CRC_TABLE = null;
+function ensureCrcTable() {
+  if (CRC_TABLE) return CRC_TABLE;
+  const t = new Uint32Array(256);
+  for (let n = 0; n < 256; n++) {
+    let c = n;
+    for (let k = 0; k < 8; k++) {
+      c = c & 1 ? 3988292384 ^ c >>> 1 : c >>> 1;
+    }
+    t[n] = c >>> 0;
+  }
+  CRC_TABLE = t;
+  return t;
+}
+function crc32(bytes) {
+  const t = ensureCrcTable();
+  let c = 4294967295;
+  for (let i = 0; i < bytes.length; i++) {
+    c = t[(c ^ bytes[i]) & 255] ^ c >>> 8;
+  }
+  return (c ^ 4294967295) >>> 0;
+}
+function toDosTime(date) {
+  const y = Math.max(1980, date.getUTCFullYear()) - 1980;
+  const m = date.getUTCMonth() + 1;
+  const d = date.getUTCDate();
+  const hh = date.getUTCHours();
+  const mm = date.getUTCMinutes();
+  const ss = Math.floor(date.getUTCSeconds() / 2);
+  return {
+    date: y << 9 | m << 5 | d,
+    time: hh << 11 | mm << 5 | ss
+  };
+}
+// src/read.ts
+var TEXT_DECODER = new TextDecoder();
+var ZipReadError = class extends Error {
+  code = "ZIP_READ_ERROR";
+  constructor(message) {
+    super(message);
+    this.name = "ZipReadError";
+  }
+};
+async function readZip(bytes, options = {}) {
+  if (bytes.length < 22) {
+    throw new ZipReadError("readZip: archive shorter than the EOCD record (22 bytes)");
+  }
+  const eocdOffset = locateEOCD(bytes);
+  const view = new DataView(bytes.buffer, bytes.byteOffset, bytes.byteLength);
+  const cdSize = view.getUint32(eocdOffset + 12, true);
+  const cdOffset = view.getUint32(eocdOffset + 16, true);
+  const recordCount = view.getUint16(eocdOffset + 10, true);
+  if (cdOffset + cdSize > bytes.length) {
+    throw new ZipReadError("readZip: central directory extends past end of file");
+  }
+  const out = [];
+  let pos = cdOffset;
+  for (let i = 0; i < recordCount; i++) {
+    if (view.getUint32(pos, true) !== 33639248) {
+      throw new ZipReadError(`readZip: missing central directory file header signature at offset ${pos}`);
+    }
+    const flags = view.getUint16(pos + 8, true);
+    const method = view.getUint16(pos + 10, true);
+    const compressedSize = view.getUint32(pos + 20, true);
+    const uncompressedSize = view.getUint32(pos + 24, true);
+    const nameLen = view.getUint16(pos + 28, true);
+    const extraLen = view.getUint16(pos + 30, true);
+    const commentLen = view.getUint16(pos + 32, true);
+    const lfhOffset = view.getUint32(pos + 42, true);
+    const path = TEXT_DECODER.decode(bytes.subarray(pos + 46, pos + 46 + nameLen));
+    const extra = bytes.subarray(pos + 46 + nameLen, pos + 46 + nameLen + extraLen);
+    pos += 46 + nameLen + extraLen + commentLen;
+    if (lfhOffset + 30 > bytes.length) {
+      throw new ZipReadError(`readZip: local header offset ${lfhOffset} past end of file`);
+    }
+    if (view.getUint32(lfhOffset, true) !== 67324752) {
+      throw new ZipReadError(`readZip: missing local file header signature for "${path}"`);
+    }
+    const lfhNameLen = view.getUint16(lfhOffset + 26, true);
+    const lfhExtraLen = view.getUint16(lfhOffset + 28, true);
+    const dataStart = lfhOffset + 30 + lfhNameLen + lfhExtraLen;
+    if (dataStart + compressedSize > bytes.length) {
+      throw new ZipReadError(`readZip: data region for "${path}" extends past end of file`);
+    }
+    const dataRegion = bytes.subarray(dataStart, dataStart + compressedSize);
+    const encryptedFlag = (flags & 1) !== 0;
+    const isWzAes = method === WZAES_METHOD_MARKER;
+    if (isWzAes) {
+      if (!encryptedFlag) {
+        throw new ZipReadError(
+          `readZip: entry "${path}" carries the AES marker but the encryption flag is unset`
+        );
+      }
+      const wz = parseWzAesExtraField(extra);
+      if (!wz) {
+        throw new ZipReadError(
+          `readZip: entry "${path}" uses method 99 but is missing the 0x9901 extra field`
+        );
+      }
+      if (options.password === void 0) {
+        throw new ZipReadError(
+          `readZip: entry "${path}" is AES-encrypted but no password was supplied`
+        );
+      }
+      const plaintext = await decryptEntryWzAes(dataRegion, options.password);
+      if (uncompressedSize !== 0 && plaintext.length !== uncompressedSize) {
+        throw new ZipReadError(
+          `readZip: entry "${path}" plaintext length ${plaintext.length} \u2260 declared ${uncompressedSize}`
+        );
+      }
+      out.push({ path, bytes: plaintext, encrypted: true });
+      continue;
+    }
+    if (encryptedFlag) {
+      throw new ZipCipherError(
+        `readZip: entry "${path}" uses an encryption method other than WinZip-AES-256 \u2014 refusing to decrypt`
+      );
+    }
+    if (method !== 0) {
+      throw new ZipReadError(
+        `readZip: entry "${path}" uses compression method ${method} \u2014 only STORE (0) is supported`
+      );
+    }
+    out.push({ path, bytes: new Uint8Array(dataRegion), encrypted: false });
+  }
+  return out;
+}
+function locateEOCD(bytes) {
+  const view = new DataView(bytes.buffer, bytes.byteOffset, bytes.byteLength);
+  const minStart = Math.max(0, bytes.length - 22 - 65535);
+  for (let pos = bytes.length - 22; pos >= minStart; pos--) {
+    if (view.getUint32(pos, true) === 101010256) return pos;
+  }
+  throw new ZipReadError("readZip: EOCD signature not found \u2014 input is not a valid ZIP");
+}
+// src/index.ts
+import { diffVault } from "@noy-db/hub";
+async function toBytes(vault, options) {
+  vault.assertCanExport("plaintext", "zip");
+  const collectionName = options.records.collection;
+  const collection = vault.collection(collectionName);
+  const ids = await collection.list().then((rs) => extractIds(rs));
+  const records = [];
+  for (const id of ids) {
+    const r = await collection.get(id);
+    if (r === null) continue;
+    if (options.records.filter && !options.records.filter(r)) continue;
+    records.push({ id, record: r });
+  }
+  const slotsSelector = options.attachments?.slots ?? "*";
+  const attachmentEntries = [];
+  const includeAll = slotsSelector === "*";
+  const includeSet = includeAll ? null : new Set(slotsSelector);
+  for (const { id } of records) {
+    const blobSet = collection.blob(id);
+    const slotsList = await blobSet.list();
+    for (const slot of slotsList) {
+      if (!includeAll && !includeSet.has(slot.name)) continue;
+      const bytes = await blobSet.get(slot.name);
+      if (!bytes) continue;
+      const safeId = sanitiseFsSegment(id);
+      const safeSlot = sanitiseFsSegment(slot.name);
+      const entry = {
+        path: `attachments/${safeId}/${safeSlot}`,
+        bytes,
+        size: bytes.length,
+        slot: slot.name,
+        recordId: id,
+        ...slot.mimeType !== void 0 && { mimeType: slot.mimeType }
+      };
+      attachmentEntries.push(entry);
+    }
+  }
+  const recordIndex = records.map(({ id }) => {
+    const attach = attachmentEntries.filter((a) => a.recordId === id).map(({ slot, path, size, mimeType }) => ({
+      slot,
+      path,
+      size,
+      ...mimeType !== void 0 && { mimeType }
+    }));
+    return { id, attachments: attach };
+  });
+  const manifest = {
+    _noydb_archive: 1,
+    collection: collectionName,
+    exportedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    recordCount: records.length,
+    attachmentCount: attachmentEntries.length,
+    records: recordIndex
+  };
+  const encoder = new TextEncoder();
+  const entries = [
+    { path: "manifest.json", bytes: encoder.encode(JSON.stringify(manifest, null, 2)) },
+    {
+      path: "records.json",
+      bytes: encoder.encode(
+        JSON.stringify(
+          records.map((r) => {
+            const pojo = toPojo(r.record);
+            const base = pojo && typeof pojo === "object" && !Array.isArray(pojo) ? pojo : { value: pojo };
+            return { _id: r.id, ...base };
+          }),
+          null,
+          2
+        )
+      )
+    }
+  ];
+  for (const a of attachmentEntries) {
+    entries.push({ path: a.path, bytes: a.bytes });
+  }
+  return writeZip(entries, options.password !== void 0 ? { password: options.password } : {});
+}
+async function download(vault, options) {
+  const bytes = await toBytes(vault, options);
+  const filename = options.filename ?? `${options.records.collection}.zip`;
+  const blob = new Blob([bytes], { type: "application/zip" });
+  const url = URL.createObjectURL(blob);
+  const a = document.createElement("a");
+  a.href = url;
+  a.download = filename;
+  a.click();
+  URL.revokeObjectURL(url);
+}
+async function write(vault, path, options) {
+  if (options.acknowledgeRisks !== true) {
+    throw new Error(
+      `as-zip.write: acknowledgeRisks: true is required for on-disk plaintext output. This call creates a persistent plaintext archive outside noy-db's encrypted storage \u2014 see docs/patterns/as-exports.md \xA7"The three tiers of \\"plaintext out\\""`
+    );
+  }
+  const bytes = await toBytes(vault, options);
+  const { writeFile } = await import("fs/promises");
+  await writeFile(path, bytes);
+}
+async function fromBytes(vault, bytes, options) {
+  vault.assertCanImport("plaintext", "zip");
+  const policy = options.policy ?? "merge";
+  const idKey = options.idKey ?? "id";
+  const entries = await readZip(bytes, options.password !== void 0 ? { password: options.password } : {});
+  const recordsEntry = entries.find((e) => e.path === "records.json");
+  if (!recordsEntry) {
+    throw new Error("as-zip.fromBytes: archive is missing records.json");
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(new TextDecoder().decode(recordsEntry.bytes));
+  } catch (err) {
+    throw new Error(`as-zip.fromBytes: records.json is not valid JSON (${err.message})`);
+  }
+  if (!Array.isArray(parsed)) {
+    throw new Error("as-zip.fromBytes: records.json must be a JSON array of records");
+  }
+  const plan = await diffVault(vault, { [options.collection]: parsed }, {
+    collections: [options.collection],
+    idKey
+  });
+  return {
+    plan,
+    policy,
+    async apply() {
+      await vault.noydb.transaction((tx) => {
+        const txVault = tx.vault(vault.name);
+        for (const entry of plan.added) {
+          txVault.collection(entry.collection).put(entry.id, entry.record);
+        }
+        if (policy !== "insert-only") {
+          for (const entry of plan.modified) {
+            txVault.collection(entry.collection).put(entry.id, entry.record);
+          }
+        }
+        if (policy === "replace") {
+          for (const entry of plan.deleted) {
+            txVault.collection(entry.collection).delete(entry.id);
+          }
+        }
+      });
+    }
+  };
+}
+function extractIds(list) {
+  const out = [];
+  for (const item of list) {
+    if (typeof item === "string") {
+      out.push(item);
+      continue;
+    }
+    if (item && typeof item === "object") {
+      const rec = item;
+      const id = rec.id ?? rec._id;
+      if (typeof id === "string") out.push(id);
+    }
+  }
+  return out;
+}
+function toPojo(value) {
+  if (value === null || value === void 0) return value;
+  if (value instanceof Date) return value.toISOString();
+  if (Array.isArray(value)) return value.map(toPojo);
+  if (typeof value === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(value)) out[k] = toPojo(v);
+    return out;
+  }
+  return value;
+}
+function sanitiseFsSegment(s) {
+  return s.replace(/[/\\:*?"<>|\x00-\x1f]/g, "_") || "_";
+}
+export {
+  ZipCipherError,
+  ZipReadError,
+  crc32,
+  download,
+  fromBytes,
+  readZip,
+  toBytes,
+  write,
+  writeZip
+};
+//# sourceMappingURL=index.js.map