@opentdf/sdk 0.1.0-beta.1701

package/dist/cjs/src/nanotdf/Client.js

@@ -0,0 +1,296 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const base64 = __importStar(require("../encodings/base64.js"));
+const index_js_1 = require("../nanotdf-crypto/index.js");
+const getHkdfSalt_js_1 = __importDefault(require("./helpers/getHkdfSalt.js"));
+const DefaultParams_js_1 = __importDefault(require("./models/DefaultParams.js"));
+const access_js_1 = require("../access.js");
+const providers_js_1 = require("../auth/providers.js");
+const errors_js_1 = require("../errors.js");
+const utils_js_1 = require("../utils.js");
+function toJWSAlg(c) {
+    const { algorithm } = c;
+    switch (algorithm.name) {
+        case 'RSASSA-PKCS1-v1_5':
+        case 'RSA-PSS':
+        case 'RSA-OAEP': {
+            const r = algorithm;
+            switch (r.modulusLength) {
+                case 2048:
+                    return 'RS256';
+                case 3072:
+                    return 'RS384';
+                case 4096:
+                    return 'RS512';
+            }
+            break;
+        }
+        case 'ECDSA':
+        case 'ECDH': {
+            return 'ES256';
+        }
+    }
+    throw new errors_js_1.ConfigurationError(`unsupported key algorithm ${JSON.stringify(algorithm)}`);
+}
+async function generateEphemeralKeyPair() {
+    const { publicKey, privateKey } = await (0, index_js_1.generateKeyPair)();
+    if (!privateKey || !publicKey) {
+        throw Error('Key pair generation failed');
+    }
+    return { publicKey, privateKey };
+}
+async function generateSignerKeyPair() {
+    return crypto.subtle.generateKey({
+        name: 'RSASSA-PKCS1-v1_5',
+        hash: 'SHA-256',
+        modulusLength: 2048,
+        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
+    }, true, ['sign', 'verify']);
+}
+/**
+ * A Client encapsulates sessions interacting with TDF3 and nanoTDF backends, KAS and any
+ * plugin-based sessions like identity and further attribute control. Most importantly, it is responsible
+ * for local key and token management, including the ephemeral public/private keypairs
+ * used for encrypting and decrypting information.
+ *
+ * @link https://developer.mozilla.org/en-US/docs/Web/API/CryptoKeyPair
+ *
+ * @example
+ * import { Client, clientAuthProvider, decrypt, encrypt } from '@opentdf/sdk/nanotdf`
+ *
+ * const OIDC_ENDPOINT = 'http://localhost:65432/auth/';
+ * const KAS_URL = 'http://localhost:65432/kas';
+ *
+ * let client = new Client(
+ *    await clientAuthProvider({
+ *      clientId: 'tdf-client',
+ *      clientSecret: '123-456',
+ *      oidcOrigin: OIDC_ENDPOINT,
+ *    }),
+ *    KAS_URL
+ *  );
+ *
+ * // t=1
+ * let nanoTDFEncrypted = await encrypt('some string', client.unwrappedKey);
+ * let nanoTDFDecrypted = await decrypt(nanoTDFEncrypted, client.unwrappedKey);
+ * nanoTDFDecrypted.toString() // 'some string'
+ *
+ */
+class Client {
+    /**
+     * Create new NanoTDF Client
+     *
+     * The Ephemeral Key Pair can either be provided or will be generate when fetching the entity object. Once set it
+     * cannot be changed. If a new ephemeral key is desired it a new client should be initialized.
+     * There is no performance impact for creating a new client IFF the ephemeral key pair is provided.
+     */
+    constructor(optsOrOldAuthProvider, kasUrl, ephemeralKeyPair, dpopEnabled = false) {
+        this.dissems = [];
+        this.dataAttributes = [];
+        if ((0, providers_js_1.isAuthProvider)(optsOrOldAuthProvider)) {
+            this.authProvider = optsOrOldAuthProvider;
+            if (!kasUrl) {
+                throw new errors_js_1.ConfigurationError('please specify kasEndpoint');
+            }
+            // TODO Disallow http KAS. For now just log as error
+            (0, utils_js_1.validateSecureUrl)(kasUrl);
+            this.kasUrl = kasUrl;
+            this.allowedKases = new access_js_1.OriginAllowList([kasUrl]);
+            this.dpopEnabled = dpopEnabled;
+            if (ephemeralKeyPair) {
+                this.ephemeralKeyPair = Promise.resolve(ephemeralKeyPair);
+            }
+            else {
+                this.ephemeralKeyPair = generateEphemeralKeyPair();
+            }
+            this.iv = 1;
+        }
+        else {
+            const { allowedKases, ignoreAllowList, authProvider, dpopEnabled, dpopKeys, ephemeralKeyPair, kasEndpoint, } = optsOrOldAuthProvider;
+            this.authProvider = authProvider;
+            // TODO Disallow http KAS. For now just log as error
+            (0, utils_js_1.validateSecureUrl)(kasEndpoint);
+            this.kasUrl = kasEndpoint;
+            this.allowedKases = new access_js_1.OriginAllowList(allowedKases || [kasEndpoint], !!ignoreAllowList);
+            this.dpopEnabled = !!dpopEnabled;
+            if (dpopKeys) {
+                this.requestSignerKeyPair = dpopKeys;
+            }
+            else {
+                this.requestSignerKeyPair = generateSignerKeyPair();
+            }
+            if (ephemeralKeyPair) {
+                this.ephemeralKeyPair = ephemeralKeyPair;
+            }
+            else {
+                this.ephemeralKeyPair = generateEphemeralKeyPair();
+            }
+            this.iv = 1;
+        }
+    }
+    /**
+     * Add attribute to the TDF file/data
+     *
+     * @param attribute The attribute that decides the access control of the TDF.
+     */
+    addAttribute(attribute) {
+        this.dataAttributes.push(attribute);
+    }
+    /**
+     * Explicitly get a new Entity Object using the supplied EntityAttributeService.
+     *
+     * This method is expected to be called at least once per encrypt/decrypt cycle. If the entityObject is expired then
+     * this will need to be called again.
+     *
+     * @security the ephemeralKeyPair must be set in the constructor if desired to use here. If this is wished to be changed
+     * then a new client should be initialized.
+     * @performance key pair is generated when the entity object is fetched IFF the ephemeralKeyPair is not set. This will
+     * either be set on the first call or passed in the constructor.
+     */
+    async fetchOIDCToken() {
+        const signer = await this.requestSignerKeyPair;
+        if (!signer) {
+            throw new errors_js_1.ConfigurationError('failed to find or generate signer session key');
+        }
+        await this.authProvider.updateClientPublicKey(signer);
+    }
+    /**
+     * Rewrap key
+     *
+     * @important the `fetchEntityObject` method must be called prior to
+     * @param nanoTdfHeader the full header for the nanotdf
+     * @param kasRewrapUrl key access server's rewrap endpoint
+     * @param magicNumberVersion nanotdf container version
+     * @param clientVersion version of the client, as SemVer
+     */
+    async rewrapKey(nanoTdfHeader, kasRewrapUrl, magicNumberVersion, clientVersion) {
+        if (!this.allowedKases.allows(kasRewrapUrl)) {
+            throw new errors_js_1.UnsafeUrlError(`request URL ∉ ${this.allowedKases.origins};`, kasRewrapUrl);
+        }
+        // Ensure the ephemeral key pair has been set or generated (see createOidcServiceProvider)
+        await this.fetchOIDCToken();
+        const ephemeralKeyPair = await this.ephemeralKeyPair;
+        const requestSignerKeyPair = await this.requestSignerKeyPair;
+        // Ensure the ephemeral key pair has been set or generated (see fetchEntityObject)
+        if (!ephemeralKeyPair?.privateKey) {
+            throw new errors_js_1.ConfigurationError('Ephemeral key has not been set or generated');
+        }
+        if (!requestSignerKeyPair?.privateKey) {
+            throw new errors_js_1.ConfigurationError('Signer key has not been set or generated');
+        }
+        const requestBodyStr = JSON.stringify({
+            algorithm: DefaultParams_js_1.default.defaultECAlgorithm,
+            // nano keyAccess minimum, header is used for nano
+            keyAccess: {
+                type: Client.KEY_ACCESS_REMOTE,
+                url: '',
+                protocol: Client.KAS_PROTOCOL,
+                header: base64.encodeArrayBuffer(nanoTdfHeader),
+            },
+            clientPublicKey: await (0, utils_js_1.cryptoPublicToPem)(ephemeralKeyPair.publicKey),
+        });
+        const jwtPayload = { requestBody: requestBodyStr };
+        const requestBody = {
+            signedRequestToken: await (0, providers_js_1.reqSignature)(jwtPayload, requestSignerKeyPair.privateKey, {
+                alg: toJWSAlg(requestSignerKeyPair.publicKey),
+            }),
+        };
+        // Wrapped
+        const wrappedKey = await (0, access_js_1.fetchWrappedKey)(kasRewrapUrl, requestBody, this.authProvider, clientVersion);
+        // Extract the iv and ciphertext
+        const entityWrappedKey = new Uint8Array(base64.decodeArrayBuffer(wrappedKey.entityWrappedKey));
+        const ivLength = clientVersion == Client.SDK_INITIAL_RELEASE ? Client.INITIAL_RELEASE_IV_SIZE : Client.IV_SIZE;
+        const iv = entityWrappedKey.subarray(0, ivLength);
+        const encryptedSharedKey = entityWrappedKey.subarray(ivLength);
+        let kasPublicKey;
+        try {
+            // Let us import public key as a cert or public key
+            kasPublicKey = await (0, utils_js_1.pemToCryptoPublicKey)(wrappedKey.sessionPublicKey);
+        }
+        catch (cause) {
+            throw new errors_js_1.ConfigurationError(`internal: [${kasRewrapUrl}] PEM Public Key to crypto public key failed. Is PEM formatted correctly?`, cause);
+        }
+        let hkdfSalt;
+        try {
+            // Get the hkdf salt params
+            hkdfSalt = await (0, getHkdfSalt_js_1.default)(magicNumberVersion);
+        }
+        catch (e) {
+            throw new errors_js_1.TdfError('salting hkdf failed', e);
+        }
+        const { privateKey } = await this.ephemeralKeyPair;
+        // Get the unwrapping key
+        let unwrappingKey;
+        try {
+            unwrappingKey = await (0, index_js_1.keyAgreement)(
+            // Ephemeral private key
+            privateKey, kasPublicKey, hkdfSalt);
+        }
+        catch (e) {
+            if (e.name == 'InvalidAccessError' || e.name == 'OperationError') {
+                throw new errors_js_1.DecryptError('unable to solve key agreement', e);
+            }
+            else if (e.name == 'NotSupported') {
+                throw new errors_js_1.ConfigurationError('unable to unwrap key from kas', e);
+            }
+            throw new errors_js_1.TdfError('unable to reach agreement', e);
+        }
+        const authTagLength = 8 * (encryptedSharedKey.byteLength - 32);
+        let decryptedKey;
+        try {
+            // Decrypt the wrapped key
+            decryptedKey = await crypto.subtle.decrypt({ name: 'AES-GCM', iv, tagLength: authTagLength }, unwrappingKey, encryptedSharedKey);
+        }
+        catch (cause) {
+            throw new errors_js_1.DecryptError(`unable to decrypt key. Are you using the right KAS? Is the salt correct?`, cause);
+        }
+        // UnwrappedKey
+        let unwrappedKey;
+        try {
+            unwrappedKey = await crypto.subtle.importKey('raw', decryptedKey, 'AES-GCM', 
+            // @security This allows the key to be used in `exportKey` and `wrapKey`
+            // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/exportKey
+            // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/wrapKey
+            true, 
+            // Want to use the key to encrypt and decrypt. Signing key will be used later.
+            ['encrypt', 'decrypt']);
+        }
+        catch (cause) {
+            throw new errors_js_1.DecryptError('Unable to import raw key.', cause);
+        }
+        return unwrappedKey;
+    }
+}
+Client.KEY_ACCESS_REMOTE = 'remote';
+Client.KAS_PROTOCOL = 'kas';
+Client.SDK_INITIAL_RELEASE = '0.0.0';
+Client.INITIAL_RELEASE_IV_SIZE = 3;
+Client.IV_SIZE = 12;
+exports.default = Client;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvQ2xpZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwrREFBaUQ7QUFDakQseURBQTJFO0FBQzNFLDhFQUFtRDtBQUNuRCxpRkFBc0Q7QUFDdEQsNENBQWtGO0FBQ2xGLHVEQUFrRjtBQUNsRiw0Q0FBMEY7QUFDMUYsMENBQXlGO0FBWXpGLFNBQVMsUUFBUSxDQUFDLENBQVk7SUFDNUIsTUFBTSxFQUFFLFNBQVMsRUFBRSxHQUFHLENBQUMsQ0FBQztJQUN4QixRQUFRLFNBQVMsQ0FBQyxJQUFJLEVBQUU7UUFDdEIsS0FBSyxtQkFBbUIsQ0FBQztRQUN6QixLQUFLLFNBQVMsQ0FBQztRQUNmLEtBQUssVUFBVSxDQUFDLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxTQUFrQyxDQUFDO1lBQzdDLFFBQVEsQ0FBQyxDQUFDLGFBQWEsRUFBRTtnQkFDdkIsS0FBSyxJQUFJO29CQUNQLE9BQU8sT0FBTyxDQUFDO2dCQUNqQixLQUFLLElBQUk7b0JBQ1AsT0FBTyxPQUFPLENBQUM7Z0JBQ2pCLEtBQUssSUFBSTtvQkFDUCxPQUFPLE9BQU8sQ0FBQzthQUNsQjtZQUNELE1BQU07U0FDUDtRQUNELEtBQUssT0FBTyxDQUFDO1FBQ2IsS0FBSyxNQUFNLENBQUMsQ0FBQztZQUNYLE9BQU8sT0FBTyxDQUFDO1NBQ2hCO0tBQ0Y7SUFDRCxNQUFNLElBQUksOEJBQWtCLENBQUMsNkJBQTZCLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRCxLQUFLLFVBQVUsd0JBQXdCO0lBQ3JDLE1BQU0sRUFBRSxTQUFTLEVBQUUsVUFBVSxFQUFFLEdBQUcsTUFBTSxJQUFBLDBCQUFlLEdBQUUsQ0FBQztJQUMxRCxJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsU0FBUyxFQUFFO1FBQzdCLE1BQU0sS0FBSyxDQUFDLDRCQUE0QixDQUFDLENBQUM7S0FDM0M7SUFDRCxPQUFPLEVBQUUsU0FBUyxFQUFFLFVBQVUsRUFBRSxDQUFDO0FBQ25DLENBQUM7QUFFRCxLQUFLLFVBQVUscUJBQXFCO0lBQ2xDLE9BQU8sTUFBTSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQzlCO1FBQ0UsSUFBSSxFQUFFLG1CQUFtQjtRQUN6QixJQUFJLEVBQUUsU0FBUztRQUNmLGFBQWEsRUFBRSxJQUFJO1FBQ25CLGNBQWMsRUFBRSxJQUFJLFVBQVUsQ0FBQyxDQUFDLElBQUksRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7S0FDbkQsRUFDRCxJQUFJLEVBQ0osQ0FBQyxNQUFNLEVBQUUsUUFBUSxDQUFDLENBQ25CLENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0E0Qkc7QUFDSCxNQUFxQixNQUFNO0lBc0J6Qjs7Ozs7O09BTUc7SUFDSCxZQUNFLHFCQUFrRCxFQUNsRCxNQUFlLEVBQ2YsZ0JBQWdDLEVBQ2hDLFdBQVcsR0FBRyxLQUFLO1FBakJyQixZQUFPLEdBQWEsRUFBRSxDQUFDO1FBQ3ZCLG1CQUFjLEdBQWEsRUFBRSxDQUFDO1FBa0I1QixJQUFJLElBQUEsNkJBQWMsRUFBQyxxQkFBcUIsQ0FBQyxFQUFFO1lBQ3pDLElBQUksQ0FBQyxZQUFZLEdBQUcscUJBQXFCLENBQUM7WUFDMUMsSUFBSSxDQUFDLE1BQU0sRUFBRTtnQkFDWCxNQUFNLElBQUksOEJBQWtCLENBQUMsNEJBQTRCLENBQUMsQ0FBQzthQUM1RDtZQUNELG9EQUFvRDtZQUNwRCxJQUFBLDRCQUFpQixFQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQzFCLElBQUksQ0FBQyxNQUFNLEdBQUcsTUFBTSxDQUFDO1lBQ3JCLElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSwyQkFBZSxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztZQUNsRCxJQUFJLENBQUMsV0FBVyxHQUFHLFdBQVcsQ0FBQztZQUUvQixJQUFJLGdCQUFnQixFQUFFO2dCQUNwQixJQUFJLENBQUMsZ0JBQWdCLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO2FBQzNEO2lCQUFNO2dCQUNMLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyx3QkFBd0IsRUFBRSxDQUFDO2FBQ3BEO1lBQ0QsSUFBSSxDQUFDLEVBQUUsR0FBRyxDQUFDLENBQUM7U0FDYjthQUFNO1lBQ0wsTUFBTSxFQUNKLFlBQVksRUFDWixlQUFlLEVBQ2YsWUFBWSxFQUNaLFdBQVcsRUFDWCxRQUFRLEVBQ1IsZ0JBQWdCLEVBQ2hCLFdBQVcsR0FDWixHQUFHLHFCQUFxQixDQUFDO1lBQzFCLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO1lBQ2pDLG9EQUFvRDtZQUNwRCxJQUFBLDRCQUFpQixFQUFDLFdBQVcsQ0FBQyxDQUFDO1lBQy9CLElBQUksQ0FBQyxNQUFNLEdBQUcsV0FBVyxDQUFDO1lBQzFCLElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSwyQkFBZSxDQUFDLFlBQVksSUFBSSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQyxlQUFlLENBQUMsQ0FBQztZQUMxRixJQUFJLENBQUMsV0FBVyxHQUFHLENBQUMsQ0FBQyxXQUFXLENBQUM7WUFDakMsSUFBSSxRQUFRLEVBQUU7Z0JBQ1osSUFBSSxDQUFDLG9CQUFvQixHQUFHLFFBQVEsQ0FBQzthQUN0QztpQkFBTTtnQkFDTCxJQUFJLENBQUMsb0JBQW9CLEdBQUcscUJBQXFCLEVBQUUsQ0FBQzthQUNyRDtZQUVELElBQUksZ0JBQWdCLEVBQUU7Z0JBQ3BCLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQzthQUMxQztpQkFBTTtnQkFDTCxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsd0JBQXdCLEVBQUUsQ0FBQzthQUNwRDtZQUNELElBQUksQ0FBQyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1NBQ2I7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILFlBQVksQ0FBQyxTQUFpQjtRQUM1QixJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUN0QyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILEtBQUssQ0FBQyxjQUFjO1FBQ2xCLE1BQU0sTUFBTSxHQUFHLE1BQU0sSUFBSSxDQUFDLG9CQUFvQixDQUFDO1FBQy9DLElBQUksQ0FBQyxNQUFNLEVBQUU7WUFDWCxNQUFNLElBQUksOEJBQWtCLENBQUMsK0NBQStDLENBQUMsQ0FBQztTQUMvRTtRQUVELE1BQU0sSUFBSSxDQUFDLFlBQVksQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN4RCxDQUFDO0lBRUQ7Ozs7Ozs7O09BUUc7SUFDSCxLQUFLLENBQUMsU0FBUyxDQUNiLGFBQXVDLEVBQ3ZDLFlBQW9CLEVBQ3BCLGtCQUE0QyxFQUM1QyxhQUFxQjtRQUVyQixJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLEVBQUU7WUFDM0MsTUFBTSxJQUFJLDBCQUFjLENBQUMsaUJBQWlCLElBQUksQ0FBQyxZQUFZLENBQUMsT0FBTyxHQUFHLEVBQUUsWUFBWSxDQUFDLENBQUM7U0FDdkY7UUFFRCwwRkFBMEY7UUFDMUYsTUFBTSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7UUFDNUIsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztRQUNyRCxNQUFNLG9CQUFvQixHQUFHLE1BQU0sSUFBSSxDQUFDLG9CQUFvQixDQUFDO1FBRTdELGtGQUFrRjtRQUNsRixJQUFJLENBQUMsZ0JBQWdCLEVBQUUsVUFBVSxFQUFFO1lBQ2pDLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1NBQzdFO1FBRUQsSUFBSSxDQUFDLG9CQUFvQixFQUFFLFVBQVUsRUFBRTtZQUNyQyxNQUFNLElBQUksOEJBQWtCLENBQUMsMENBQTBDLENBQUMsQ0FBQztTQUMxRTtRQUVELE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUM7WUFDcEMsU0FBUyxFQUFFLDBCQUFhLENBQUMsa0JBQWtCO1lBQzNDLGtEQUFrRDtZQUNsRCxTQUFTLEVBQUU7Z0JBQ1QsSUFBSSxFQUFFLE1BQU0sQ0FBQyxpQkFBaUI7Z0JBQzlCLEdBQUcsRUFBRSxFQUFFO2dCQUNQLFFBQVEsRUFBRSxNQUFNLENBQUMsWUFBWTtnQkFDN0IsTUFBTSxFQUFFLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLENBQUM7YUFDaEQ7WUFDRCxlQUFlLEVBQUUsTUFBTSxJQUFBLDRCQUFpQixFQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQztTQUNyRSxDQUFDLENBQUM7UUFFSCxNQUFNLFVBQVUsR0FBRyxFQUFFLFdBQVcsRUFBRSxjQUFjLEVBQUUsQ0FBQztRQUNuRCxNQUFNLFdBQVcsR0FBRztZQUNsQixrQkFBa0IsRUFBRSxNQUFNLElBQUEsMkJBQVksRUFBQyxVQUFVLEVBQUUsb0JBQW9CLENBQUMsVUFBVSxFQUFFO2dCQUNsRixHQUFHLEVBQUUsUUFBUSxDQUFDLG9CQUFvQixDQUFDLFNBQVMsQ0FBQzthQUM5QyxDQUFDO1NBQ0gsQ0FBQztRQUVGLFVBQVU7UUFDVixNQUFNLFVBQVUsR0FBRyxNQUFNLElBQUEsMkJBQWUsRUFDdEMsWUFBWSxFQUNaLFdBQVcsRUFDWCxJQUFJLENBQUMsWUFBWSxFQUNqQixhQUFhLENBQ2QsQ0FBQztRQUVGLGdDQUFnQztRQUNoQyxNQUFNLGdCQUFnQixHQUFHLElBQUksVUFBVSxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sUUFBUSxHQUNaLGFBQWEsSUFBSSxNQUFNLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQztRQUNoRyxNQUFNLEVBQUUsR0FBRyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ2xELE1BQU0sa0JBQWtCLEdBQUcsZ0JBQWdCLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRS9ELElBQUksWUFBWSxDQUFDO1FBQ2pCLElBQUk7WUFDRixtREFBbUQ7WUFDbkQsWUFBWSxHQUFHLE1BQU0sSUFBQSwrQkFBb0IsRUFBQyxVQUFVLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztTQUN4RTtRQUFDLE9BQU8sS0FBSyxFQUFFO1lBQ2QsTUFBTSxJQUFJLDhCQUFrQixDQUMxQixjQUFjLFlBQVksMkVBQTJFLEVBQ3JHLEtBQUssQ0FDTixDQUFDO1NBQ0g7UUFFRCxJQUFJLFFBQVEsQ0FBQztRQUNiLElBQUk7WUFDRiwyQkFBMkI7WUFDM0IsUUFBUSxHQUFHLE1BQU0sSUFBQSx3QkFBVyxFQUFDLGtCQUFrQixDQUFDLENBQUM7U0FDbEQ7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE1BQU0sSUFBSSxvQkFBUSxDQUFDLHFCQUFxQixFQUFFLENBQUMsQ0FBQyxDQUFDO1NBQzlDO1FBQ0QsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLGdCQUFnQixDQUFDO1FBRW5ELHlCQUF5QjtRQUN6QixJQUFJLGFBQWEsQ0FBQztRQUNsQixJQUFJO1lBQ0YsYUFBYSxHQUFHLE1BQU0sSUFBQSx1QkFBWTtZQUNoQyx3QkFBd0I7WUFDeEIsVUFBVSxFQUNWLFlBQVksRUFDWixRQUFRLENBQ1QsQ0FBQztTQUNIO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsQ0FBQyxJQUFJLElBQUksb0JBQW9CLElBQUksQ0FBQyxDQUFDLElBQUksSUFBSSxnQkFBZ0IsRUFBRTtnQkFDaEUsTUFBTSxJQUFJLHdCQUFZLENBQUMsK0JBQStCLEVBQUUsQ0FBQyxDQUFDLENBQUM7YUFDNUQ7aUJBQU0sSUFBSSxDQUFDLENBQUMsSUFBSSxJQUFJLGNBQWMsRUFBRTtnQkFDbkMsTUFBTSxJQUFJLDhCQUFrQixDQUFDLCtCQUErQixFQUFFLENBQUMsQ0FBQyxDQUFDO2FBQ2xFO1lBQ0QsTUFBTSxJQUFJLG9CQUFRLENBQUMsMkJBQTJCLEVBQUUsQ0FBQyxDQUFDLENBQUM7U0FDcEQ7UUFFRCxNQUFNLGFBQWEsR0FBRyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxVQUFVLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDL0QsSUFBSSxZQUFZLENBQUM7UUFDakIsSUFBSTtZQUNGLDBCQUEwQjtZQUMxQixZQUFZLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FDeEMsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFLEVBQUUsRUFBRSxTQUFTLEVBQUUsYUFBYSxFQUFFLEVBQ2pELGFBQWEsRUFDYixrQkFBa0IsQ0FDbkIsQ0FBQztTQUNIO1FBQUMsT0FBTyxLQUFLLEVBQUU7WUFDZCxNQUFNLElBQUksd0JBQVksQ0FDcEIsMEVBQTBFLEVBQzFFLEtBQUssQ0FDTixDQUFDO1NBQ0g7UUFFRCxlQUFlO1FBQ2YsSUFBSSxZQUFZLENBQUM7UUFDakIsSUFBSTtZQUNGLFlBQVksR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUMxQyxLQUFLLEVBQ0wsWUFBWSxFQUNaLFNBQVM7WUFDVCx3RUFBd0U7WUFDeEUsMEVBQTBFO1lBQzFFLHdFQUF3RTtZQUN4RSxJQUFJO1lBQ0osOEVBQThFO1lBQzlFLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUN2QixDQUFDO1NBQ0g7UUFBQyxPQUFPLEtBQUssRUFBRTtZQUNkLE1BQU0sSUFBSSx3QkFBWSxDQUFDLDJCQUEyQixFQUFFLEtBQUssQ0FBQyxDQUFDO1NBQzVEO1FBRUQsT0FBTyxZQUFZLENBQUM7SUFDdEIsQ0FBQzs7QUEzUGUsd0JBQWlCLEdBQUcsUUFBUSxBQUFYLENBQVk7QUFDN0IsbUJBQVksR0FBRyxLQUFLLEFBQVIsQ0FBUztBQUNyQiwwQkFBbUIsR0FBRyxPQUFPLEFBQVYsQ0FBVztBQUM5Qiw4QkFBdUIsR0FBRyxDQUFDLEFBQUosQ0FBSztBQUM1QixjQUFPLEdBQUcsRUFBRSxBQUFMLENBQU07a0JBTFYsTUFBTSJ9

package/dist/cjs/src/nanotdf/NanoTDF.js

@@ -0,0 +1,94 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const index_js_1 = require("../encodings/index.js");
+const Header_js_1 = __importDefault(require("./models/Header.js"));
+const Payload_js_1 = __importDefault(require("./models/Payload.js"));
+const Signature_js_1 = __importDefault(require("./models/Signature.js"));
+const EncodingEnum_js_1 = __importDefault(require("./enum/EncodingEnum.js"));
+const errors_js_1 = require("../errors.js");
+// Defaults when none set during encryption
+class NanoTDF {
+    static from(content, encoding, legacyTDF = false) {
+        // If we don't assign an empty array buffer then TS reports buffer as unassigned
+        let buffer;
+        if (typeof content === 'string') {
+            if (!encoding || encoding === EncodingEnum_js_1.default.Base64) {
+                buffer = index_js_1.base64.decodeArrayBuffer(content);
+            }
+            else {
+                throw new errors_js_1.ConfigurationError(`Unsupported encoding: ${encoding}`);
+            }
+        }
+        // Handle Uint8Array types
+        else if (ArrayBuffer.isView(content) || content instanceof ArrayBuffer) {
+            buffer = content;
+        }
+        else {
+            throw new errors_js_1.ConfigurationError(`unsupported content type`);
+        }
+        const dataView = new Uint8Array(buffer);
+        let offset = 0;
+        // Header
+        const { header, offset: headerOffset } = Header_js_1.default.parse(dataView.subarray(offset));
+        offset += headerOffset;
+        // Payload
+        const { payload, offset: payloadOffset } = Payload_js_1.default.parse(header, dataView.subarray(offset), legacyTDF);
+        offset += payloadOffset;
+        // Signature
+        const { signature, offset: signatureOffset } = Signature_js_1.default.parse(header, dataView.subarray(offset));
+        offset += signatureOffset;
+        // Singature checking
+        if (!header.hasSignature && signature.length > 0) {
+            throw new errors_js_1.InvalidFileError("Found signature when there shouldn't be one");
+        }
+        if (header.hasSignature && signature.length === 0) {
+            throw new errors_js_1.InvalidFileError('Could not find signature');
+        }
+        return new NanoTDF(header, payload, signature);
+    }
+    constructor(header, payload, signature) {
+        this.header = header;
+        this.payload = payload;
+        this.signature = signature;
+    }
+    /**
+     * Return the content of nano tdf as binary buffer
+     */
+    toBuffer() {
+        let offset = 0;
+        const lengthOfSignature = this.signature && this.signature.length ? this.signature.length : 0;
+        const lengthOfTDF = this.header.length + this.payload.length + lengthOfSignature;
+        const buffer = new ArrayBuffer(lengthOfTDF);
+        // Write the header
+        const headerBufferView = new Uint8Array(buffer, 0, this.header.length);
+        this.header.copyToBuffer(headerBufferView);
+        offset += headerBufferView.length;
+        // Write the payload
+        const payloadBufferView = new Uint8Array(buffer, offset, this.payload.length);
+        this.payload.copyToBuffer(payloadBufferView);
+        offset += payloadBufferView.length;
+        // Write the signature
+        if (this.header.hasSignature && this.signature) {
+            const signatureBufferView = new Uint8Array(buffer, offset, lengthOfSignature);
+            this.signature.copyToBuffer(signatureBufferView);
+        }
+        return buffer;
+    }
+    /**
+     * Return the content of nano tdf as base64 string
+     */
+    toBase64() {
+        const arrayBuffer = this.toBuffer();
+        return index_js_1.base64.encodeArrayBuffer(arrayBuffer);
+    }
+}
+// Add encodings to the NanoTDF class for easy access
+NanoTDF.Encodings = EncodingEnum_js_1.default;
+NanoTDF.Header = Header_js_1.default;
+NanoTDF.Payload = Payload_js_1.default;
+NanoTDF.Signature = Signature_js_1.default;
+exports.default = NanoTDF;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiTmFub1RERi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL05hbm9UREYudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFDQSxvREFBK0M7QUFDL0MsbUVBQXdDO0FBQ3hDLHFFQUEwQztBQUMxQyx5RUFBOEM7QUFDOUMsNkVBQWtEO0FBQ2xELDRDQUFvRTtBQUVwRSwyQ0FBMkM7QUFFM0MsTUFBcUIsT0FBTztJQWExQixNQUFNLENBQUMsSUFBSSxDQUNULE9BQTBDLEVBQzFDLFFBQXVCLEVBQ3ZCLFNBQVMsR0FBRyxLQUFLO1FBRWpCLGdGQUFnRjtRQUNoRixJQUFJLE1BQU0sQ0FBQztRQUNYLElBQUksT0FBTyxPQUFPLEtBQUssUUFBUSxFQUFFO1lBQy9CLElBQUksQ0FBQyxRQUFRLElBQUksUUFBUSxLQUFLLHlCQUFZLENBQUMsTUFBTSxFQUFFO2dCQUNqRCxNQUFNLEdBQUcsaUJBQU0sQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQzthQUM1QztpQkFBTTtnQkFDTCxNQUFNLElBQUksOEJBQWtCLENBQUMseUJBQXlCLFFBQVEsRUFBRSxDQUFDLENBQUM7YUFDbkU7U0FDRjtRQUNELDBCQUEwQjthQUNyQixJQUFJLFdBQVcsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksT0FBTyxZQUFZLFdBQVcsRUFBRTtZQUN0RSxNQUFNLEdBQUcsT0FBTyxDQUFDO1NBQ2xCO2FBQU07WUFDTCxNQUFNLElBQUksOEJBQWtCLENBQUMsMEJBQTBCLENBQUMsQ0FBQztTQUMxRDtRQUVELE1BQU0sUUFBUSxHQUFHLElBQUksVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3hDLElBQUksTUFBTSxHQUFHLENBQUMsQ0FBQztRQUVmLFNBQVM7UUFDVCxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxZQUFZLEVBQUUsR0FBRyxtQkFBTSxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7UUFDakYsTUFBTSxJQUFJLFlBQVksQ0FBQztRQUV2QixVQUFVO1FBQ1YsTUFBTSxFQUFFLE9BQU8sRUFBRSxNQUFNLEVBQUUsYUFBYSxFQUFFLEdBQUcsb0JBQU8sQ0FBQyxLQUFLLENBQ3RELE1BQU0sRUFDTixRQUFRLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxFQUN6QixTQUFTLENBQ1YsQ0FBQztRQUNGLE1BQU0sSUFBSSxhQUFhLENBQUM7UUFFeEIsWUFBWTtRQUNaLE1BQU0sRUFBRSxTQUFTLEVBQUUsTUFBTSxFQUFFLGVBQWUsRUFBRSxHQUFHLHNCQUFTLENBQUMsS0FBSyxDQUM1RCxNQUFNLEVBQ04sUUFBUSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FDMUIsQ0FBQztRQUNGLE1BQU0sSUFBSSxlQUFlLENBQUM7UUFFMUIscUJBQXFCO1FBQ3JCLElBQUksQ0FBQyxNQUFNLENBQUMsWUFBWSxJQUFJLFNBQVMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFO1lBQ2hELE1BQU0sSUFBSSw0QkFBZ0IsQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1NBQzNFO1FBQ0QsSUFBSSxNQUFNLENBQUMsWUFBWSxJQUFJLFNBQVMsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFO1lBQ2pELE1BQU0sSUFBSSw0QkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO1NBQ3hEO1FBRUQsT0FBTyxJQUFJLE9BQU8sQ0FBQyxNQUFNLEVBQUUsT0FBTyxFQUFFLFNBQVMsQ0FBQyxDQUFDO0lBQ2pELENBQUM7SUFFRCxZQUFZLE1BQWMsRUFBRSxPQUFnQixFQUFFLFNBQXFCO1FBQ2pFLElBQUksQ0FBQyxNQUFNLEdBQUcsTUFBTSxDQUFDO1FBQ3JCLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3ZCLElBQUksQ0FBQyxTQUFTLEdBQUcsU0FBUyxDQUFDO0lBQzdCLENBQUM7SUFFRDs7T0FFRztJQUNILFFBQVE7UUFDTixJQUFJLE1BQU0sR0FBRyxDQUFDLENBQUM7UUFFZixNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDOUYsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEdBQUcsaUJBQWlCLENBQUM7UUFFakYsTUFBTSxNQUFNLEdBQUcsSUFBSSxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFNUMsbUJBQW1CO1FBQ25CLE1BQU0sZ0JBQWdCLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3ZFLElBQUksQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDM0MsTUFBTSxJQUFJLGdCQUFnQixDQUFDLE1BQU0sQ0FBQztRQUVsQyxvQkFBb0I7UUFDcEIsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLFVBQVUsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUM3QyxNQUFNLElBQUksaUJBQWlCLENBQUMsTUFBTSxDQUFDO1FBRW5DLHNCQUFzQjtRQUN0QixJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQyxTQUFTLEVBQUU7WUFDOUMsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLFVBQVUsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLGlCQUFpQixDQUFDLENBQUM7WUFDOUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxZQUFZLENBQUMsbUJBQW1CLENBQUMsQ0FBQztTQUNsRDtRQUVELE9BQU8sTUFBTSxDQUFDO0lBQ2hCLENBQUM7SUFFRDs7T0FFRztJQUNILFFBQVE7UUFDTixNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDcEMsT0FBTyxpQkFBTSxDQUFDLGlCQUFpQixDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQy9DLENBQUM7O0FBNUdELHFEQUFxRDtBQUM5QyxpQkFBUyxHQUF3Qix5QkFBWSxDQUFDO0FBQzlDLGNBQU0sR0FBRyxtQkFBTSxDQUFDO0FBQ2hCLGVBQU8sR0FBRyxvQkFBTyxDQUFDO0FBQ2xCLGlCQUFTLEdBQUcsc0JBQVMsQ0FBQztrQkFMVixPQUFPIn0=

package/dist/cjs/src/nanotdf/browser-entry.js

@@ -0,0 +1,19 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/* globals window */
+/**
+ * This file is used for:
+ *
+ * - es5 browser version of nanoTDF and add it to the window as NanoTDF
+ *
+ * This is not used for:
+ *
+ * - es6 web development (use node modules)
+ * - node applications
+ */
+const NanoTDF_js_1 = __importDefault(require("./NanoTDF.js"));
+window.NanoTDF = NanoTDF_js_1.default;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnJvd3Nlci1lbnRyeS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2Jyb3dzZXItZW50cnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxvQkFBb0I7QUFDcEI7Ozs7Ozs7OztHQVNHO0FBQ0gsOERBQW1DO0FBUW5DLE1BQU0sQ0FBQyxPQUFPLEdBQUcsb0JBQU8sQ0FBQyJ9

package/dist/cjs/src/nanotdf/constants.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GMAC_BINDING_LEN = void 0;
+exports.GMAC_BINDING_LEN = 8;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvY29uc3RhbnRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFhLFFBQUEsZ0JBQWdCLEdBQUcsQ0FBQyxDQUFDIn0=

package/dist/cjs/src/nanotdf/decrypt.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const index_js_1 = require("../nanotdf-crypto/index.js");
+/**
+ * Decrypt nanotdf with a crypto key
+ *
+ * @param key Crypto key used to decrypt nanotdf
+ * @param nanotdf NanoTDF to decrypt
+ */
+async function decrypt(key, nanotdf) {
+    // console.log(`Decrypting for content: ${nanotdf}`, nanotdf.header.authTagLength);
+    return await (0, index_js_1.decrypt)(key, nanotdf.payload.ciphertextWithAuthTag, nanotdf.payload.iv, 
+    // Auth tag length in bits
+    nanotdf.header.authTagLength);
+}
+exports.default = decrypt;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGVjcnlwdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2RlY3J5cHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSx5REFBc0U7QUFHdEU7Ozs7O0dBS0c7QUFDWSxLQUFLLFVBQVUsT0FBTyxDQUFDLEdBQWMsRUFBRSxPQUFnQjtJQUNwRSxtRkFBbUY7SUFDbkYsT0FBTyxNQUFNLElBQUEsa0JBQWEsRUFDeEIsR0FBRyxFQUNILE9BQU8sQ0FBQyxPQUFPLENBQUMscUJBQXFCLEVBQ3JDLE9BQU8sQ0FBQyxPQUFPLENBQUMsRUFBRTtJQUNsQiwwQkFBMEI7SUFDMUIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQzdCLENBQUM7QUFDSixDQUFDO0FBVEQsMEJBU0MifQ==

package/dist/cjs/src/nanotdf/encrypt-dataset.js

@@ -0,0 +1,38 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const NanoTDF_js_1 = __importDefault(require("./NanoTDF.js"));
+const DefaultParams_js_1 = __importDefault(require("./models/DefaultParams.js"));
+const Payload_js_1 = __importDefault(require("./models/Payload.js"));
+const Ciphers_js_1 = require("./models/Ciphers.js");
+const encrypt_js_1 = __importDefault(require("../nanotdf-crypto/encrypt.js"));
+/**
+ * Encrypt the plain data into nanotdf buffer
+ *
+ * @param symmetricKey Key to encrypt the payload
+ * @param header NanoTDF header
+ * @param iv IV to be used for encrypting the payload
+ * @param data The data to be encrypted
+ */
+async function encryptDataset(symmetricKey, header, iv, data) {
+    // Auth tag length for policy and payload
+    const authTagLengthInBytes = (0, Ciphers_js_1.getBitLength)(DefaultParams_js_1.default.symmetricCipher) / 8;
+    // Encrypt the payload
+    let payloadAsBuffer;
+    if (typeof data === 'string') {
+        payloadAsBuffer = new TextEncoder().encode(data);
+    }
+    else {
+        payloadAsBuffer = data;
+    }
+    const encryptedPayload = await (0, encrypt_js_1.default)(symmetricKey, new Uint8Array(payloadAsBuffer), iv, authTagLengthInBytes * 8);
+    // Create payload
+    const payload = new Payload_js_1.default(iv.slice(-3), new Uint8Array(encryptedPayload.slice(0, -authTagLengthInBytes)), new Uint8Array(encryptedPayload.slice(-authTagLengthInBytes)));
+    // Create a nanotdf.
+    const nanoTDF = new NanoTDF_js_1.default(header, payload);
+    return nanoTDF.toBuffer();
+}
+exports.default = encryptDataset;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5jcnlwdC1kYXRhc2V0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvZW5jcnlwdC1kYXRhc2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsOERBQW1DO0FBRW5DLGlGQUFzRDtBQUN0RCxxRUFBMEM7QUFDMUMsb0RBQTZFO0FBRTdFLDhFQUFtRDtBQUVuRDs7Ozs7OztHQU9HO0FBQ1ksS0FBSyxVQUFVLGNBQWMsQ0FDMUMsWUFBdUIsRUFDdkIsTUFBYyxFQUNkLEVBQWMsRUFDZCxJQUF1QztJQUV2Qyx5Q0FBeUM7SUFDekMsTUFBTSxvQkFBb0IsR0FBRyxJQUFBLHlCQUFzQixFQUFDLDBCQUFhLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBRXZGLHNCQUFzQjtJQUN0QixJQUFJLGVBQWUsQ0FBQztJQUNwQixJQUFJLE9BQU8sSUFBSSxLQUFLLFFBQVEsRUFBRTtRQUM1QixlQUFlLEdBQUcsSUFBSSxXQUFXLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUM7S0FDbEQ7U0FBTTtRQUNMLGVBQWUsR0FBRyxJQUFJLENBQUM7S0FDeEI7SUFFRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBQSxvQkFBTyxFQUNwQyxZQUFZLEVBQ1osSUFBSSxVQUFVLENBQUMsZUFBZSxDQUFDLEVBQy9CLEVBQUUsRUFDRixvQkFBb0IsR0FBRyxDQUFDLENBQ3pCLENBQUM7SUFFRixpQkFBaUI7SUFDakIsTUFBTSxPQUFPLEdBQUcsSUFBSSxvQkFBTyxDQUN6QixFQUFFLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQ1osSUFBSSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUMsRUFDaEUsSUFBSSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUMsb0JBQW9CLENBQUMsQ0FBQyxDQUM5RCxDQUFDO0lBRUYsb0JBQW9CO0lBQ3BCLE1BQU0sT0FBTyxHQUFHLElBQUksb0JBQU8sQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFFN0MsT0FBTyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7QUFDNUIsQ0FBQztBQW5DRCxpQ0FtQ0MifQ==

package/dist/cjs/src/nanotdf/encrypt.js

@@ -0,0 +1,132 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const NanoTDF_js_1 = __importDefault(require("./NanoTDF.js"));
+const Header_js_1 = __importDefault(require("./models/Header.js"));
+const ResourceLocator_js_1 = __importDefault(require("./models/ResourceLocator.js"));
+const DefaultParams_js_1 = __importDefault(require("./models/DefaultParams.js"));
+const EmbeddedPolicy_js_1 = __importDefault(require("./models/Policy/EmbeddedPolicy.js"));
+const Payload_js_1 = __importDefault(require("./models/Payload.js"));
+const getHkdfSalt_js_1 = __importDefault(require("./helpers/getHkdfSalt.js"));
+const Ciphers_js_1 = require("./models/Ciphers.js");
+const constants_js_1 = require("./constants.js");
+const enums_js_1 = require("./../nanotdf-crypto/enums.js");
+const index_js_1 = require("../nanotdf-crypto/index.js");
+const ecdsaSignature_js_1 = require("../nanotdf-crypto/ecdsaSignature.js");
+const errors_js_1 = require("../errors.js");
+/**
+ * Encrypt the plain data into nanotdf buffer
+ *
+ * @param policy Policy that will added to the nanotdf
+ * @param kasInfo KAS url and public key data
+ * @param ephemeralKeyPair SDK ephemeral key pair to generate symmetric key
+ * @param iv
+ * @param data The data to be encrypted
+ * @param ecdsaBinding Flag to enable ECDSA binding
+ */
+async function encrypt(policy, kasInfo, ephemeralKeyPair, iv, data, ecdsaBinding = DefaultParams_js_1.default.ecdsaBinding) {
+    // Generate a symmetric key.
+    if (!ephemeralKeyPair.privateKey) {
+        throw new errors_js_1.ConfigurationError('incomplete ephemeral key');
+    }
+    const symmetricKey = await (0, index_js_1.keyAgreement)(ephemeralKeyPair.privateKey, await kasInfo.key, 
+    // Get the hkdf salt params
+    await (0, getHkdfSalt_js_1.default)(DefaultParams_js_1.default.magicNumberVersion));
+    // Construct the kas locator
+    const kasResourceLocator = ResourceLocator_js_1.default.fromURL(kasInfo.url, kasInfo.kid);
+    // Auth tag length for policy and payload
+    const authTagLengthInBytes = (0, Ciphers_js_1.getBitLength)(DefaultParams_js_1.default.symmetricCipher) / 8;
+    // Encrypt the policy
+    const policyIV = new Uint8Array(iv.length).fill(0);
+    const policyAsBuffer = new TextEncoder().encode(policy);
+    const encryptedPolicy = await (0, index_js_1.encrypt)(symmetricKey, policyAsBuffer, policyIV, authTagLengthInBytes * 8);
+    let policyBinding;
+    // Calculate the policy binding.
+    if (ecdsaBinding) {
+        const curveName = await getCurveNameFromPrivateKey(ephemeralKeyPair.privateKey);
+        const ecdsaPrivateKey = await convertECDHToECDSA(ephemeralKeyPair.privateKey, curveName);
+        const ecdsaSignature = await (0, ecdsaSignature_js_1.computeECDSASig)(ecdsaPrivateKey, new Uint8Array(encryptedPolicy));
+        const { r, s } = (0, ecdsaSignature_js_1.extractRSValuesFromSignature)(new Uint8Array(ecdsaSignature));
+        const rLength = r.length;
+        const sLength = s.length;
+        policyBinding = new Uint8Array(1 + rLength + 1 + sLength);
+        // Set the lengths and values of r and s in policyBinding
+        policyBinding[0] = rLength;
+        policyBinding.set(r, 1);
+        policyBinding[1 + rLength] = sLength;
+        policyBinding.set(s, 1 + rLength + 1);
+    }
+    else {
+        const signature = await (0, index_js_1.digest)('SHA-256', new Uint8Array(encryptedPolicy));
+        policyBinding = new Uint8Array(signature.slice(-constants_js_1.GMAC_BINDING_LEN));
+    }
+    // Create embedded policy
+    const embeddedPolicy = new EmbeddedPolicy_js_1.default(DefaultParams_js_1.default.policyType, policyBinding, new Uint8Array(encryptedPolicy));
+    if (!ephemeralKeyPair.publicKey) {
+        throw new errors_js_1.ConfigurationError('incomplete ephemeral key');
+    }
+    // Create a header
+    const pubKeyAsArrayBuffer = await (0, index_js_1.exportCryptoKey)(ephemeralKeyPair.publicKey);
+    const header = new Header_js_1.default(DefaultParams_js_1.default.magicNumberVersion, kasResourceLocator, ecdsaBinding, DefaultParams_js_1.default.signatureCurveName, DefaultParams_js_1.default.signature, DefaultParams_js_1.default.signatureCurveName, DefaultParams_js_1.default.symmetricCipher, embeddedPolicy, new Uint8Array(pubKeyAsArrayBuffer));
+    // Encrypt the payload
+    let payloadAsBuffer;
+    if (typeof data === 'string') {
+        payloadAsBuffer = new TextEncoder().encode(data);
+    }
+    else {
+        payloadAsBuffer = data;
+    }
+    const encryptedPayload = await (0, index_js_1.encrypt)(symmetricKey, new Uint8Array(payloadAsBuffer), iv, authTagLengthInBytes * 8);
+    // Create payload
+    const payload = new Payload_js_1.default(iv.slice(-3), new Uint8Array(encryptedPayload.slice(0, -authTagLengthInBytes)), new Uint8Array(encryptedPayload.slice(-authTagLengthInBytes)));
+    // Create a nanotdf.
+    const nanoTDF = new NanoTDF_js_1.default(header, payload);
+    return nanoTDF.toBuffer();
+}
+exports.default = encrypt;
+/**
+ * Retrieves the curve name from a given ECDH private key.
+ *
+ * This function exports the provided ECDH private key in JWK format and extracts
+ * the curve name from the 'crv' property of the JWK.
+ *
+ * @param {CryptoKey} privateKey - The ECDH private key from which to retrieve the curve name.
+ * @returns {Promise<string>} - A promise that resolves to the curve name.
+ *
+ * @throws {Error} - Throws an error if the curve name is undefined.
+ *
+ */
+async function getCurveNameFromPrivateKey(privateKey) {
+    // Export the private key
+    const keyData = await crypto.subtle.exportKey('jwk', privateKey);
+    // The curve name is stored in the 'crv' property of the JWK
+    if (!keyData.crv) {
+        throw new errors_js_1.ConfigurationError('curve name is undefined (bad private key)');
+    }
+    return keyData.crv;
+}
+/**
+ * Converts an ECDH private key to an ECDSA private key.
+ *
+ * This function exports the given ECDH private key in PKCS#8 format and then
+ * imports it as an ECDSA private key using the specified curve name.
+ *
+ * @param {CryptoKey} key - The ECDH private key to be converted.
+ * @param {string} curveName - The name of the elliptic curve to be used for the ECDSA key.
+ * @returns {Promise<CryptoKey>} - A promise that resolves to the converted ECDSA private key.
+ *
+ * @throws {Error} - Throws an error if the key export or import fails.
+ */
+async function convertECDHToECDSA(key, curveName) {
+    // Export the ECDH private key
+    const ecdhPrivateKey = await crypto.subtle.exportKey('pkcs8', key);
+    // Import the ECDH private key as an ECDSA private key
+    const ecdsaPrivateKey = await crypto.subtle.importKey(enums_js_1.KeyFormat.Pkcs8, ecdhPrivateKey, {
+        name: enums_js_1.AlgorithmName.ECDSA,
+        namedCurve: curveName,
+    }, true, [enums_js_1.KeyUsageType.Sign]);
+    return ecdsaPrivateKey;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5jcnlwdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2VuY3J5cHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw4REFBbUM7QUFDbkMsbUVBQXdDO0FBQ3hDLHFGQUEwRDtBQUMxRCxpRkFBc0Q7QUFDdEQsMEZBQStEO0FBQy9ELHFFQUEwQztBQUMxQyw4RUFBbUQ7QUFDbkQsb0RBQTZFO0FBRTdFLGlEQUFrRDtBQUNsRCwyREFBc0Y7QUFFdEYseURBS29DO0FBRXBDLDJFQUFvRztBQUNwRyw0Q0FBa0Q7QUFFbEQ7Ozs7Ozs7OztHQVNHO0FBQ1ksS0FBSyxVQUFVLE9BQU8sQ0FDbkMsTUFBYyxFQUNkLE9BQXlCLEVBQ3pCLGdCQUErQixFQUMvQixFQUFjLEVBQ2QsSUFBdUMsRUFDdkMsZUFBd0IsMEJBQWEsQ0FBQyxZQUFZO0lBRWxELDRCQUE0QjtJQUM1QixJQUFJLENBQUMsZ0JBQWdCLENBQUMsVUFBVSxFQUFFO1FBQ2hDLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0tBQzFEO0lBQ0QsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFBLHVCQUFZLEVBQ3JDLGdCQUFnQixDQUFDLFVBQVUsRUFDM0IsTUFBTSxPQUFPLENBQUMsR0FBRztJQUNqQiwyQkFBMkI7SUFDM0IsTUFBTSxJQUFBLHdCQUFXLEVBQUMsMEJBQWEsQ0FBQyxrQkFBa0IsQ0FBQyxDQUNwRCxDQUFDO0lBRUYsNEJBQTRCO0lBQzVCLE1BQU0sa0JBQWtCLEdBQUcsNEJBQWUsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUM7SUFFN0UseUNBQXlDO0lBQ3pDLE1BQU0sb0JBQW9CLEdBQUcsSUFBQSx5QkFBc0IsRUFBQywwQkFBYSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUV2RixxQkFBcUI7SUFDckIsTUFBTSxRQUFRLEdBQUcsSUFBSSxVQUFVLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNuRCxNQUFNLGNBQWMsR0FBRyxJQUFJLFdBQVcsRUFBRSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUN4RCxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUEsa0JBQWEsRUFDekMsWUFBWSxFQUNaLGNBQWMsRUFDZCxRQUFRLEVBQ1Isb0JBQW9CLEdBQUcsQ0FBQyxDQUN6QixDQUFDO0lBRUYsSUFBSSxhQUF5QixDQUFDO0lBRTlCLGdDQUFnQztJQUNoQyxJQUFJLFlBQVksRUFBRTtRQUNoQixNQUFNLFNBQVMsR0FBRyxNQUFNLDBCQUEwQixDQUFDLGdCQUFnQixDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ2hGLE1BQU0sZUFBZSxHQUFHLE1BQU0sa0JBQWtCLENBQUMsZ0JBQWdCLENBQUMsVUFBVSxFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBQ3pGLE1BQU0sY0FBYyxHQUFHLE1BQU0sSUFBQSxtQ0FBZSxFQUFDLGVBQWUsRUFBRSxJQUFJLFVBQVUsQ0FBQyxlQUFlLENBQUMsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sRUFBRSxDQUFDLEVBQUUsQ0FBQyxFQUFFLEdBQUcsSUFBQSxnREFBNEIsRUFBQyxJQUFJLFVBQVUsQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDO1FBRTlFLE1BQU0sT0FBTyxHQUFHLENBQUMsQ0FBQyxNQUFNLENBQUM7UUFDekIsTUFBTSxPQUFPLEdBQUcsQ0FBQyxDQUFDLE1BQU0sQ0FBQztRQUV6QixhQUFhLEdBQUcsSUFBSSxVQUFVLENBQUMsQ0FBQyxHQUFHLE9BQU8sR0FBRyxDQUFDLEdBQUcsT0FBTyxDQUFDLENBQUM7UUFFMUQseURBQXlEO1FBQ3pELGFBQWEsQ0FBQyxDQUFDLENBQUMsR0FBRyxPQUFPLENBQUM7UUFDM0IsYUFBYSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDeEIsYUFBYSxDQUFDLENBQUMsR0FBRyxPQUFPLENBQUMsR0FBRyxPQUFPLENBQUM7UUFDckMsYUFBYSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxHQUFHLE9BQU8sR0FBRyxDQUFDLENBQUMsQ0FBQztLQUN2QztTQUFNO1FBQ0wsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFBLGlCQUFNLEVBQUMsU0FBUyxFQUFFLElBQUksVUFBVSxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUM7UUFDM0UsYUFBYSxHQUFHLElBQUksVUFBVSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQywrQkFBZ0IsQ0FBQyxDQUFDLENBQUM7S0FDcEU7SUFFRCx5QkFBeUI7SUFDekIsTUFBTSxjQUFjLEdBQUcsSUFBSSwyQkFBYyxDQUN2QywwQkFBYSxDQUFDLFVBQVUsRUFDeEIsYUFBYSxFQUNiLElBQUksVUFBVSxDQUFDLGVBQWUsQ0FBQyxDQUNoQyxDQUFDO0lBRUYsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsRUFBRTtRQUMvQixNQUFNLElBQUksOEJBQWtCLENBQUMsMEJBQTBCLENBQUMsQ0FBQztLQUMxRDtJQUNELGtCQUFrQjtJQUNsQixNQUFNLG1CQUFtQixHQUFHLE1BQU0sSUFBQSwwQkFBZSxFQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBRTlFLE1BQU0sTUFBTSxHQUFHLElBQUksbUJBQU0sQ0FDdkIsMEJBQWEsQ0FBQyxrQkFBa0IsRUFDaEMsa0JBQWtCLEVBQ2xCLFlBQVksRUFDWiwwQkFBYSxDQUFDLGtCQUFrQixFQUNoQywwQkFBYSxDQUFDLFNBQVMsRUFDdkIsMEJBQWEsQ0FBQyxrQkFBa0IsRUFDaEMsMEJBQWEsQ0FBQyxlQUFlLEVBQzdCLGNBQWMsRUFDZCxJQUFJLFVBQVUsQ0FBQyxtQkFBbUIsQ0FBQyxDQUNwQyxDQUFDO0lBRUYsc0JBQXNCO0lBQ3RCLElBQUksZUFBZSxDQUFDO0lBQ3BCLElBQUksT0FBTyxJQUFJLEtBQUssUUFBUSxFQUFFO1FBQzVCLGVBQWUsR0FBRyxJQUFJLFdBQVcsRUFBRSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQztLQUNsRDtTQUFNO1FBQ0wsZUFBZSxHQUFHLElBQUksQ0FBQztLQUN4QjtJQUVELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFBLGtCQUFhLEVBQzFDLFlBQVksRUFDWixJQUFJLFVBQVUsQ0FBQyxlQUFlLENBQUMsRUFDL0IsRUFBRSxFQUNGLG9CQUFvQixHQUFHLENBQUMsQ0FDekIsQ0FBQztJQUVGLGlCQUFpQjtJQUNqQixNQUFNLE9BQU8sR0FBRyxJQUFJLG9CQUFPLENBQ3pCLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFDWixJQUFJLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsb0JBQW9CLENBQUMsQ0FBQyxFQUNoRSxJQUFJLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDLENBQzlELENBQUM7SUFFRixvQkFBb0I7SUFDcEIsTUFBTSxPQUFPLEdBQUcsSUFBSSxvQkFBTyxDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQztJQUM3QyxPQUFPLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztBQUM1QixDQUFDO0FBN0dELDBCQTZHQztBQUVEOzs7Ozs7Ozs7OztHQVdHO0FBQ0gsS0FBSyxVQUFVLDBCQUEwQixDQUFDLFVBQXFCO0lBQzdELHlCQUF5QjtJQUN6QixNQUFNLE9BQU8sR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLEtBQUssRUFBRSxVQUFVLENBQUMsQ0FBQztJQUVqRSw0REFBNEQ7SUFDNUQsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUU7UUFDaEIsTUFBTSxJQUFJLDhCQUFrQixDQUFDLDJDQUEyQyxDQUFDLENBQUM7S0FDM0U7SUFFRCxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQUM7QUFDckIsQ0FBQztBQUVEOzs7Ozs7Ozs7OztHQVdHO0FBQ0gsS0FBSyxVQUFVLGtCQUFrQixDQUFDLEdBQWMsRUFBRSxTQUFpQjtJQUNqRSw4QkFBOEI7SUFDOUIsTUFBTSxjQUFjLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFFbkUsc0RBQXNEO0lBQ3RELE1BQU0sZUFBZSxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQ25ELG9CQUFTLENBQUMsS0FBSyxFQUNmLGNBQWMsRUFDZDtRQUNFLElBQUksRUFBRSx3QkFBYSxDQUFDLEtBQUs7UUFDekIsVUFBVSxFQUFFLFNBQVM7S0FDdEIsRUFDRCxJQUFJLEVBQ0osQ0FBQyx1QkFBWSxDQUFDLElBQUksQ0FBQyxDQUNwQixDQUFDO0lBRUYsT0FBTyxlQUFlLENBQUM7QUFDekIsQ0FBQyJ9

package/dist/cjs/src/nanotdf/enum/CipherEnum.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var CipherEnum;
+(function (CipherEnum) {
+    CipherEnum[CipherEnum["AES_256_GCM_64"] = 0] = "AES_256_GCM_64";
+    CipherEnum[CipherEnum["AES_256_GCM_96"] = 1] = "AES_256_GCM_96";
+    CipherEnum[CipherEnum["AES_256_GCM_104"] = 2] = "AES_256_GCM_104";
+    CipherEnum[CipherEnum["AES_256_GCM_112"] = 3] = "AES_256_GCM_112";
+    CipherEnum[CipherEnum["AES_256_GCM_120"] = 4] = "AES_256_GCM_120";
+    CipherEnum[CipherEnum["AES_256_GCM_128"] = 5] = "AES_256_GCM_128";
+})(CipherEnum || (CipherEnum = {}));
+exports.default = CipherEnum;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2lwaGVyRW51bS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2VudW0vQ2lwaGVyRW51bS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLElBQUssVUFPSjtBQVBELFdBQUssVUFBVTtJQUNiLCtEQUFjLENBQUE7SUFDZCwrREFBYyxDQUFBO0lBQ2QsaUVBQWUsQ0FBQTtJQUNmLGlFQUFlLENBQUE7SUFDZixpRUFBZSxDQUFBO0lBQ2YsaUVBQWUsQ0FBQTtBQUNqQixDQUFDLEVBUEksVUFBVSxLQUFWLFVBQVUsUUFPZDtBQUVELGtCQUFlLFVBQVUsQ0FBQyJ9