npm - @opentdf/sdk - Versions diffs - 0.1.0-beta.1701 - Mend

@opentdf/sdk 0.1.0-beta.1701

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (566) hide show

package/README.md +52 -0
package/dist/cjs/package.json +3 -0
package/dist/cjs/src/access.js +155 -0
package/dist/cjs/src/auth/Eas.js +60 -0
package/dist/cjs/src/auth/auth.js +79 -0
package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +26 -0
package/dist/cjs/src/auth/oidc-externaljwt-provider.js +33 -0
package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +34 -0
package/dist/cjs/src/auth/oidc.js +222 -0
package/dist/cjs/src/auth/providers.js +143 -0
package/dist/cjs/src/encodings/base64.js +154 -0
package/dist/cjs/src/encodings/hex.js +70 -0
package/dist/cjs/src/encodings/index.js +29 -0
package/dist/cjs/src/errors.js +138 -0
package/dist/cjs/src/index.js +344 -0
package/dist/cjs/src/nanotdf/Client.js +296 -0
package/dist/cjs/src/nanotdf/NanoTDF.js +94 -0
package/dist/cjs/src/nanotdf/browser-entry.js +19 -0
package/dist/cjs/src/nanotdf/constants.js +5 -0
package/dist/cjs/src/nanotdf/decrypt.js +17 -0
package/dist/cjs/src/nanotdf/encrypt-dataset.js +38 -0
package/dist/cjs/src/nanotdf/encrypt.js +132 -0
package/dist/cjs/src/nanotdf/enum/CipherEnum.js +13 -0
package/dist/cjs/src/nanotdf/enum/CurveNameEnum.js +15 -0
package/dist/cjs/src/nanotdf/enum/EncodingEnum.js +8 -0
package/dist/cjs/src/nanotdf/enum/PolicyTypeEnum.js +11 -0
package/dist/cjs/src/nanotdf/enum/ProtocolEnum.js +10 -0
package/dist/cjs/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +11 -0
package/dist/cjs/src/nanotdf/helpers/calculateByCurve.js +29 -0
package/dist/cjs/src/nanotdf/helpers/getHkdfSalt.js +11 -0
package/dist/cjs/src/nanotdf/index.js +25 -0
package/dist/cjs/src/nanotdf/interfaces/PolicyInterface.js +3 -0
package/dist/cjs/src/nanotdf/models/Ciphers.js +61 -0
package/dist/cjs/src/nanotdf/models/DefaultParams.js +27 -0
package/dist/cjs/src/nanotdf/models/EcCurves.js +39 -0
package/dist/cjs/src/nanotdf/models/Header.js +255 -0
package/dist/cjs/src/nanotdf/models/Payload.js +158 -0
package/dist/cjs/src/nanotdf/models/Policy/AbstractPolicy.js +73 -0
package/dist/cjs/src/nanotdf/models/Policy/EmbeddedPolicy.js +82 -0
package/dist/cjs/src/nanotdf/models/Policy/PolicyFactory.js +38 -0
package/dist/cjs/src/nanotdf/models/Policy/RemotePolicy.js +62 -0
package/dist/cjs/src/nanotdf/models/ResourceLocator.js +211 -0
package/dist/cjs/src/nanotdf/models/Signature.js +77 -0
package/dist/cjs/src/nanotdf-crypto/ciphers.js +17 -0
package/dist/cjs/src/nanotdf-crypto/decrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/digest.js +7 -0
package/dist/cjs/src/nanotdf-crypto/ecdsaSignature.js +83 -0
package/dist/cjs/src/nanotdf-crypto/encrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/enums.js +52 -0
package/dist/cjs/src/nanotdf-crypto/exportCryptoKey.js +20 -0
package/dist/cjs/src/nanotdf-crypto/generateKeyPair.js +13 -0
package/dist/cjs/src/nanotdf-crypto/generateRandomNumber.js +12 -0
package/dist/cjs/src/nanotdf-crypto/importRawKey.js +18 -0
package/dist/cjs/src/nanotdf-crypto/index.js +52 -0
package/dist/cjs/src/nanotdf-crypto/keyAgreement.js +91 -0
package/dist/cjs/src/nanotdf-crypto/pemPublicToCrypto.js +225 -0
package/dist/cjs/src/policy/api.js +58 -0
package/dist/cjs/src/policy/attributes.js +3 -0
package/dist/cjs/src/policy/granter.js +146 -0
package/dist/cjs/src/tdf/AttributeObject.js +15 -0
package/dist/cjs/src/tdf/AttributeObjectJwt.js +3 -0
package/dist/cjs/src/tdf/Crypto.js +47 -0
package/dist/cjs/src/tdf/EntityObject.js +3 -0
package/dist/cjs/src/tdf/NanoTDF/NanoTDF.js +38 -0
package/dist/cjs/src/tdf/Policy.js +50 -0
package/dist/cjs/src/tdf/PolicyObject.js +3 -0
package/dist/cjs/src/tdf/TypedArray.js +3 -0
package/dist/cjs/src/tdf/index.js +35 -0
package/dist/cjs/src/types/index.js +3 -0
package/dist/cjs/src/utils.js +147 -0
package/dist/cjs/src/version.js +12 -0
package/dist/cjs/tdf3/index.js +57 -0
package/dist/cjs/tdf3/src/assertions.js +118 -0
package/dist/cjs/tdf3/src/binary.js +153 -0
package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +56 -0
package/dist/cjs/tdf3/src/ciphers/algorithms.js +8 -0
package/dist/cjs/tdf3/src/ciphers/index.js +8 -0
package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +22 -0
package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +116 -0
package/dist/cjs/tdf3/src/client/builders.js +561 -0
package/dist/cjs/tdf3/src/client/index.js +460 -0
package/dist/cjs/tdf3/src/client/validation.js +63 -0
package/dist/cjs/tdf3/src/crypto/crypto-utils.js +116 -0
package/dist/cjs/tdf3/src/crypto/declarations.js +8 -0
package/dist/cjs/tdf3/src/crypto/index.js +315 -0
package/dist/cjs/tdf3/src/index.js +34 -0
package/dist/cjs/tdf3/src/models/attribute-set.js +122 -0
package/dist/cjs/tdf3/src/models/encryption-information.js +90 -0
package/dist/cjs/tdf3/src/models/index.js +25 -0
package/dist/cjs/tdf3/src/models/key-access.js +103 -0
package/dist/cjs/tdf3/src/models/manifest.js +3 -0
package/dist/cjs/tdf3/src/models/payload.js +3 -0
package/dist/cjs/tdf3/src/models/policy.js +24 -0
package/dist/cjs/tdf3/src/models/upsert-response.js +3 -0
package/dist/cjs/tdf3/src/tdf.js +907 -0
package/dist/cjs/tdf3/src/templates/default.html.js +98 -0
package/dist/cjs/tdf3/src/templates/escaper.js +15 -0
package/dist/cjs/tdf3/src/templates/index.js +12 -0
package/dist/cjs/tdf3/src/utils/buffer-crc32.js +48 -0
package/dist/cjs/tdf3/src/utils/chunkers.js +106 -0
package/dist/cjs/tdf3/src/utils/index.js +296 -0
package/dist/cjs/tdf3/src/utils/keysplit.js +61 -0
package/dist/cjs/tdf3/src/utils/zip-reader.js +253 -0
package/dist/cjs/tdf3/src/utils/zip-writer.js +308 -0
package/dist/cjs/tdf3/src/version.js +6 -0
package/dist/types/src/access.d.ts +47 -0
package/dist/types/src/access.d.ts.map +1 -0
package/dist/types/src/auth/Eas.d.ts +34 -0
package/dist/types/src/auth/Eas.d.ts.map +1 -0
package/dist/types/src/auth/auth.d.ts +86 -0
package/dist/types/src/auth/auth.d.ts.map +1 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +9 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc.d.ts +104 -0
package/dist/types/src/auth/oidc.d.ts.map +1 -0
package/dist/types/src/auth/providers.d.ts +67 -0
package/dist/types/src/auth/providers.d.ts.map +1 -0
package/dist/types/src/encodings/base64.d.ts +18 -0
package/dist/types/src/encodings/base64.d.ts.map +1 -0
package/dist/types/src/encodings/hex.d.ts +5 -0
package/dist/types/src/encodings/hex.d.ts.map +1 -0
package/dist/types/src/encodings/index.d.ts +3 -0
package/dist/types/src/encodings/index.d.ts.map +1 -0
package/dist/types/src/errors.d.ts +72 -0
package/dist/types/src/errors.d.ts.map +1 -0
package/dist/types/src/index.d.ts +138 -0
package/dist/types/src/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/Client.d.ts +95 -0
package/dist/types/src/nanotdf/Client.d.ts.map +1 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts +25 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts.map +1 -0
package/dist/types/src/nanotdf/browser-entry.d.ts +17 -0
package/dist/types/src/nanotdf/browser-entry.d.ts.map +1 -0
package/dist/types/src/nanotdf/constants.d.ts +2 -0
package/dist/types/src/nanotdf/constants.d.ts.map +1 -0
package/dist/types/src/nanotdf/decrypt.d.ts +9 -0
package/dist/types/src/nanotdf/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts +12 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts +10 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts +12 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts +5 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts +7 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts +20 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts +9 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts.map +1 -0
package/dist/types/src/nanotdf/index.d.ts +9 -0
package/dist/types/src/nanotdf/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts +17 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts +14 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts +21 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts +15 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Header.d.ts +73 -0
package/dist/types/src/nanotdf/models/Header.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Payload.d.ts +47 -0
package/dist/types/src/nanotdf/models/Payload.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts +52 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts +35 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts +11 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts +31 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts +65 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Signature.d.ts +33 -0
package/dist/types/src/nanotdf/models/Signature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts +8 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts +3 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts +35 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts +42 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts +7 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts +10 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts +5 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts +13 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/index.d.ts +12 -0
package/dist/types/src/nanotdf-crypto/index.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts.map +1 -0
package/dist/types/src/policy/api.d.ts +4 -0
package/dist/types/src/policy/api.d.ts.map +1 -0
package/dist/types/src/policy/attributes.d.ts +95 -0
package/dist/types/src/policy/attributes.d.ts.map +1 -0
package/dist/types/src/policy/granter.d.ts +23 -0
package/dist/types/src/policy/granter.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObject.d.ts +13 -0
package/dist/types/src/tdf/AttributeObject.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts +4 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts.map +1 -0
package/dist/types/src/tdf/Crypto.d.ts +37 -0
package/dist/types/src/tdf/Crypto.d.ts.map +1 -0
package/dist/types/src/tdf/EntityObject.d.ts +18 -0
package/dist/types/src/tdf/EntityObject.d.ts.map +1 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts +99 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map +1 -0
package/dist/types/src/tdf/Policy.d.ts +28 -0
package/dist/types/src/tdf/Policy.d.ts.map +1 -0
package/dist/types/src/tdf/PolicyObject.d.ts +11 -0
package/dist/types/src/tdf/PolicyObject.d.ts.map +1 -0
package/dist/types/src/tdf/TypedArray.d.ts +3 -0
package/dist/types/src/tdf/TypedArray.d.ts.map +1 -0
package/dist/types/src/tdf/index.d.ts +7 -0
package/dist/types/src/tdf/index.d.ts.map +1 -0
package/dist/types/src/types/index.d.ts +45 -0
package/dist/types/src/types/index.d.ts.map +1 -0
package/dist/types/src/utils.d.ts +45 -0
package/dist/types/src/utils.d.ts.map +1 -0
package/dist/types/src/version.d.ts +9 -0
package/dist/types/src/version.d.ts.map +1 -0
package/dist/types/tdf3/index.d.ts +16 -0
package/dist/types/tdf3/index.d.ts.map +1 -0
package/dist/types/tdf3/src/assertions.d.ts +63 -0
package/dist/types/tdf3/src/assertions.d.ts.map +1 -0
package/dist/types/tdf3/src/binary.d.ts +38 -0
package/dist/types/tdf3/src/binary.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts +18 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts +4 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/index.d.ts +3 -0
package/dist/types/tdf3/src/ciphers/index.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts +14 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts.map +1 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +53 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -0
package/dist/types/tdf3/src/client/builders.d.ts +436 -0
package/dist/types/tdf3/src/client/builders.d.ts.map +1 -0
package/dist/types/tdf3/src/client/index.d.ts +139 -0
package/dist/types/tdf3/src/client/index.d.ts.map +1 -0
package/dist/types/tdf3/src/client/validation.d.ts +8 -0
package/dist/types/tdf3/src/client/validation.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts +34 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts +60 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/index.d.ts +103 -0
package/dist/types/tdf3/src/crypto/index.d.ts.map +1 -0
package/dist/types/tdf3/src/index.d.ts +5 -0
package/dist/types/tdf3/src/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts +65 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts.map +1 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts +49 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts.map +1 -0
package/dist/types/tdf3/src/models/index.d.ts +9 -0
package/dist/types/tdf3/src/models/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/key-access.d.ts +42 -0
package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -0
package/dist/types/tdf3/src/models/manifest.d.ts +9 -0
package/dist/types/tdf3/src/models/manifest.d.ts.map +1 -0
package/dist/types/tdf3/src/models/payload.d.ts +7 -0
package/dist/types/tdf3/src/models/payload.d.ts.map +1 -0
package/dist/types/tdf3/src/models/policy.d.ts +13 -0
package/dist/types/tdf3/src/models/policy.d.ts.map +1 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts +16 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts.map +1 -0
package/dist/types/tdf3/src/tdf.d.ts +152 -0
package/dist/types/tdf3/src/tdf.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/default.html.d.ts +8 -0
package/dist/types/tdf3/src/templates/default.html.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/escaper.d.ts +6 -0
package/dist/types/tdf3/src/templates/escaper.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/index.d.ts +3 -0
package/dist/types/tdf3/src/templates/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts +2 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts +29 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/index.d.ts +36 -0
package/dist/types/tdf3/src/utils/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts +19 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts +63 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts +35 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts.map +1 -0
package/dist/types/tdf3/src/version.d.ts +3 -0
package/dist/types/tdf3/src/version.d.ts.map +1 -0
package/dist/web/package.json +3 -0
package/dist/web/src/access.js +147 -0
package/dist/web/src/auth/Eas.js +55 -0
package/dist/web/src/auth/auth.js +71 -0
package/dist/web/src/auth/oidc-clientcredentials-provider.js +22 -0
package/dist/web/src/auth/oidc-externaljwt-provider.js +29 -0
package/dist/web/src/auth/oidc-refreshtoken-provider.js +30 -0
package/dist/web/src/auth/oidc.js +215 -0
package/dist/web/src/auth/providers.js +119 -0
package/dist/web/src/encodings/base64.js +147 -0
package/dist/web/src/encodings/hex.js +63 -0
package/dist/web/src/encodings/index.js +3 -0
package/dist/web/src/errors.js +123 -0
package/dist/web/src/index.js +313 -0
package/dist/web/src/nanotdf/Client.js +268 -0
package/dist/web/src/nanotdf/NanoTDF.js +89 -0
package/dist/web/src/nanotdf/browser-entry.js +14 -0
package/dist/web/src/nanotdf/constants.js +2 -0
package/dist/web/src/nanotdf/decrypt.js +14 -0
package/dist/web/src/nanotdf/encrypt-dataset.js +32 -0
package/dist/web/src/nanotdf/encrypt.js +126 -0
package/dist/web/src/nanotdf/enum/CipherEnum.js +11 -0
package/dist/web/src/nanotdf/enum/CurveNameEnum.js +13 -0
package/dist/web/src/nanotdf/enum/EncodingEnum.js +6 -0
package/dist/web/src/nanotdf/enum/PolicyTypeEnum.js +9 -0
package/dist/web/src/nanotdf/enum/ProtocolEnum.js +8 -0
package/dist/web/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +9 -0
package/dist/web/src/nanotdf/helpers/calculateByCurve.js +24 -0
package/dist/web/src/nanotdf/helpers/getHkdfSalt.js +8 -0
package/dist/web/src/nanotdf/index.js +11 -0
package/dist/web/src/nanotdf/interfaces/PolicyInterface.js +2 -0
package/dist/web/src/nanotdf/models/Ciphers.js +54 -0
package/dist/web/src/nanotdf/models/DefaultParams.js +22 -0
package/dist/web/src/nanotdf/models/EcCurves.js +32 -0
package/dist/web/src/nanotdf/models/Header.js +250 -0
package/dist/web/src/nanotdf/models/Payload.js +156 -0
package/dist/web/src/nanotdf/models/Policy/AbstractPolicy.js +71 -0
package/dist/web/src/nanotdf/models/Policy/EmbeddedPolicy.js +77 -0
package/dist/web/src/nanotdf/models/Policy/PolicyFactory.js +33 -0
package/dist/web/src/nanotdf/models/Policy/RemotePolicy.js +57 -0
package/dist/web/src/nanotdf/models/ResourceLocator.js +206 -0
package/dist/web/src/nanotdf/models/Signature.js +74 -0
package/dist/web/src/nanotdf-crypto/ciphers.js +14 -0
package/dist/web/src/nanotdf-crypto/decrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/digest.js +4 -0
package/dist/web/src/nanotdf-crypto/ecdsaSignature.js +77 -0
package/dist/web/src/nanotdf-crypto/encrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/enums.js +49 -0
package/dist/web/src/nanotdf-crypto/exportCryptoKey.js +17 -0
package/dist/web/src/nanotdf-crypto/generateKeyPair.js +10 -0
package/dist/web/src/nanotdf-crypto/generateRandomNumber.js +9 -0
package/dist/web/src/nanotdf-crypto/importRawKey.js +15 -0
package/dist/web/src/nanotdf-crypto/index.js +12 -0
package/dist/web/src/nanotdf-crypto/keyAgreement.js +87 -0
package/dist/web/src/nanotdf-crypto/pemPublicToCrypto.js +197 -0
package/dist/web/src/policy/api.js +54 -0
package/dist/web/src/policy/attributes.js +2 -0
package/dist/web/src/policy/granter.js +141 -0
package/dist/web/src/tdf/AttributeObject.js +11 -0
package/dist/web/src/tdf/AttributeObjectJwt.js +2 -0
package/dist/web/src/tdf/Crypto.js +44 -0
package/dist/web/src/tdf/EntityObject.js +2 -0
package/dist/web/src/tdf/NanoTDF/NanoTDF.js +35 -0
package/dist/web/src/tdf/Policy.js +48 -0
package/dist/web/src/tdf/PolicyObject.js +2 -0
package/dist/web/src/tdf/TypedArray.js +2 -0
package/dist/web/src/tdf/index.js +4 -0
package/dist/web/src/types/index.js +2 -0
package/dist/web/src/utils.js +133 -0
package/dist/web/src/version.js +9 -0
package/dist/web/tdf3/index.js +13 -0
package/dist/web/tdf3/src/assertions.js +111 -0
package/dist/web/tdf3/src/binary.js +149 -0
package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +52 -0
package/dist/web/tdf3/src/ciphers/algorithms.js +5 -0
package/dist/web/tdf3/src/ciphers/index.js +3 -0
package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +18 -0
package/dist/web/tdf3/src/client/DecoratedReadableStream.js +107 -0
package/dist/web/tdf3/src/client/builders.js +557 -0
package/dist/web/tdf3/src/client/index.js +423 -0
package/dist/web/tdf3/src/client/validation.js +58 -0
package/dist/web/tdf3/src/crypto/crypto-utils.js +107 -0
package/dist/web/tdf3/src/crypto/declarations.js +5 -0
package/dist/web/tdf3/src/crypto/index.js +296 -0
package/dist/web/tdf3/src/index.js +5 -0
package/dist/web/tdf3/src/models/attribute-set.js +118 -0
package/dist/web/tdf3/src/models/encryption-information.js +86 -0
package/dist/web/tdf3/src/models/index.js +9 -0
package/dist/web/tdf3/src/models/key-access.js +74 -0
package/dist/web/tdf3/src/models/manifest.js +2 -0
package/dist/web/tdf3/src/models/payload.js +2 -0
package/dist/web/tdf3/src/models/policy.js +20 -0
package/dist/web/tdf3/src/models/upsert-response.js +2 -0
package/dist/web/tdf3/src/tdf.js +866 -0
package/dist/web/tdf3/src/templates/default.html.js +96 -0
package/dist/web/tdf3/src/templates/escaper.js +10 -0
package/dist/web/tdf3/src/templates/index.js +3 -0
package/dist/web/tdf3/src/utils/buffer-crc32.js +44 -0
package/dist/web/tdf3/src/utils/chunkers.js +96 -0
package/dist/web/tdf3/src/utils/index.js +248 -0
package/dist/web/tdf3/src/utils/keysplit.js +55 -0
package/dist/web/tdf3/src/utils/zip-reader.js +247 -0
package/dist/web/tdf3/src/utils/zip-writer.js +302 -0
package/dist/web/tdf3/src/version.js +3 -0
package/package.json +126 -0
package/src/access.ts +198 -0
package/src/auth/Eas.ts +79 -0
package/src/auth/auth.ts +141 -0
package/src/auth/oidc-clientcredentials-provider.ts +32 -0
package/src/auth/oidc-externaljwt-provider.ts +41 -0
package/src/auth/oidc-refreshtoken-provider.ts +41 -0
package/src/auth/oidc.ts +307 -0
package/src/auth/providers.ts +139 -0
package/src/encodings/base64.ts +160 -0
package/src/encodings/hex.ts +69 -0
package/src/encodings/index.ts +2 -0
package/src/errors.ts +113 -0
package/src/index.ts +441 -0
package/src/nanotdf/Client.ts +349 -0
package/src/nanotdf/NanoTDF.ts +121 -0
package/src/nanotdf/browser-entry.ts +20 -0
package/src/nanotdf/constants.ts +1 -0
package/src/nanotdf/decrypt.ts +19 -0
package/src/nanotdf/encrypt-dataset.ts +52 -0
package/src/nanotdf/encrypt.ts +197 -0
package/src/nanotdf/enum/CipherEnum.ts +10 -0
package/src/nanotdf/enum/CurveNameEnum.ts +12 -0
package/src/nanotdf/enum/EncodingEnum.ts +5 -0
package/src/nanotdf/enum/PolicyTypeEnum.ts +8 -0
package/src/nanotdf/enum/ProtocolEnum.ts +7 -0
package/src/nanotdf/enum/ResourceLocatorIdentifierEnum.ts +8 -0
package/src/nanotdf/helpers/calculateByCurve.ts +26 -0
package/src/nanotdf/helpers/getHkdfSalt.ts +15 -0
package/src/nanotdf/index.ts +10 -0
package/src/nanotdf/interfaces/PolicyInterface.ts +27 -0
package/src/nanotdf/models/Ciphers.ts +67 -0
package/src/nanotdf/models/DefaultParams.ts +24 -0
package/src/nanotdf/models/EcCurves.ts +40 -0
package/src/nanotdf/models/Header.ts +322 -0
package/src/nanotdf/models/Payload.ts +196 -0
package/src/nanotdf/models/Policy/AbstractPolicy.ts +90 -0
package/src/nanotdf/models/Policy/EmbeddedPolicy.ts +101 -0
package/src/nanotdf/models/Policy/PolicyFactory.ts +48 -0
package/src/nanotdf/models/Policy/RemotePolicy.ts +74 -0
package/src/nanotdf/models/ResourceLocator.ts +212 -0
package/src/nanotdf/models/Signature.ts +85 -0
package/src/nanotdf-crypto/ciphers.ts +13 -0
package/src/nanotdf-crypto/decrypt.ts +30 -0
package/src/nanotdf-crypto/digest.ts +8 -0
package/src/nanotdf-crypto/ecdsaSignature.ts +109 -0
package/src/nanotdf-crypto/encrypt.ts +30 -0
package/src/nanotdf-crypto/enums.ts +47 -0
package/src/nanotdf-crypto/exportCryptoKey.ts +17 -0
package/src/nanotdf-crypto/generateKeyPair.ts +19 -0
package/src/nanotdf-crypto/generateRandomNumber.ts +8 -0
package/src/nanotdf-crypto/importRawKey.ts +19 -0
package/src/nanotdf-crypto/index.ts +11 -0
package/src/nanotdf-crypto/keyAgreement.ts +139 -0
package/src/nanotdf-crypto/pemPublicToCrypto.ts +232 -0
package/src/package-lock.json +6 -0
package/src/package.json +3 -0
package/src/platform/authorization/authorization_connect.d.ts +44 -0
package/src/platform/authorization/authorization_connect.js +44 -0
package/src/platform/authorization/authorization_pb.d.ts +707 -0
package/src/platform/authorization/authorization_pb.js +372 -0
package/src/platform/common/common_pb.d.ts +129 -0
package/src/platform/common/common_pb.js +58 -0
package/src/platform/entityresolution/entity_resolution_connect.d.ts +35 -0
package/src/platform/entityresolution/entity_resolution_connect.js +35 -0
package/src/platform/entityresolution/entity_resolution_pb.d.ts +242 -0
package/src/platform/entityresolution/entity_resolution_pb.js +139 -0
package/src/platform/kas/kas_connect.d.ts +59 -0
package/src/platform/kas/kas_connect.js +59 -0
package/src/platform/kas/kas_pb.d.ts +200 -0
package/src/platform/kas/kas_pb.js +84 -0
package/src/platform/policy/attributes/attributes_connect.d.ts +168 -0
package/src/platform/policy/attributes/attributes_connect.js +168 -0
package/src/platform/policy/attributes/attributes_pb.d.ts +929 -0
package/src/platform/policy/attributes/attributes_pb.js +363 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.d.ts +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.js +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts +283 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.js +113 -0
package/src/platform/policy/namespaces/namespaces_connect.d.ts +62 -0
package/src/platform/policy/namespaces/namespaces_connect.js +62 -0
package/src/platform/policy/namespaces/namespaces_pb.d.ts +270 -0
package/src/platform/policy/namespaces/namespaces_pb.js +110 -0
package/src/platform/policy/objects_pb.d.ts +725 -0
package/src/platform/policy/objects_pb.js +288 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.d.ts +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.js +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.d.ts +314 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.js +142 -0
package/src/platform/policy/selectors_pb.d.ts +269 -0
package/src/platform/policy/selectors_pb.js +110 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.d.ts +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.js +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.d.ts +672 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.js +260 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.d.ts +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.js +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.d.ts +75 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.js +35 -0
package/src/policy/api.ts +61 -0
package/src/policy/attributes.ts +117 -0
package/src/policy/granter.ts +181 -0
package/src/tdf/AttributeObject.ts +27 -0
package/src/tdf/AttributeObjectJwt.ts +3 -0
package/src/tdf/Crypto.ts +42 -0
package/src/tdf/EntityObject.ts +18 -0
package/src/tdf/NanoTDF/NanoTDF.ts +120 -0
package/src/tdf/Policy.ts +51 -0
package/src/tdf/PolicyObject.ts +12 -0
package/src/tdf/TypedArray.ts +12 -0
package/src/tdf/index.ts +6 -0
package/src/types/index.ts +55 -0
package/src/utils.ts +149 -0
package/src/version.ts +9 -0
package/tdf3/index.ts +91 -0
package/tdf3/package-lock.json +6 -0
package/tdf3/package.json +3 -0
package/tdf3/src/assertions.ts +191 -0
package/tdf3/src/binary.ts +195 -0
package/tdf3/src/ciphers/aes-gcm-cipher.ts +76 -0
package/tdf3/src/ciphers/algorithms.ts +9 -0
package/tdf3/src/ciphers/index.ts +2 -0
package/tdf3/src/ciphers/symmetric-cipher-base.ts +38 -0
package/tdf3/src/client/DecoratedReadableStream.ts +148 -0
package/tdf3/src/client/builders.ts +701 -0
package/tdf3/src/client/index.ts +637 -0
package/tdf3/src/client/validation.ts +79 -0
package/tdf3/src/crypto/crypto-utils.ts +119 -0
package/tdf3/src/crypto/declarations.ts +89 -0
package/tdf3/src/crypto/index.ts +394 -0
package/tdf3/src/index.ts +4 -0
package/tdf3/src/models/attribute-set.ts +142 -0
package/tdf3/src/models/encryption-information.ts +172 -0
package/tdf3/src/models/index.ts +8 -0
package/tdf3/src/models/key-access.ts +128 -0
package/tdf3/src/models/manifest.ts +9 -0
package/tdf3/src/models/payload.ts +6 -0
package/tdf3/src/models/policy.ts +35 -0
package/tdf3/src/models/upsert-response.ts +17 -0
package/tdf3/src/tdf.ts +1351 -0
package/tdf3/src/templates/default.html.ts +105 -0
package/tdf3/src/templates/escaper.ts +10 -0
package/tdf3/src/templates/index.ts +2 -0
package/tdf3/src/utils/buffer-crc32.ts +46 -0
package/tdf3/src/utils/chunkers.ts +118 -0
package/tdf3/src/utils/index.ts +309 -0
package/tdf3/src/utils/keysplit.ts +63 -0
package/tdf3/src/utils/zip-reader.ts +341 -0
package/tdf3/src/utils/zip-writer.ts +375 -0
package/tdf3/src/version.ts +2 -0
package/tdf3/types.d.ts +14 -0

package/src/nanotdf/models/Policy/EmbeddedPolicy.ts ADDED Viewed

@@ -0,0 +1,101 @@
+import AbstractPolicy from './AbstractPolicy.js';
+import { EmbeddedPolicyInterface } from '../../interfaces/PolicyInterface.js';
+import PolicyTypes from '../../enum/PolicyTypeEnum.js';
+import { ConfigurationError } from '../../../errors.js';
+/**
+ * Embedded Policy
+ *
+ * These policy types allow for creation and binding of arbitrary policies.
+ *
+ * | Section                      | Minimum Length (B) | Maximum Length (B) |
+ * |------------------------------|--------------------|--------------------|
+ * | Content Length               | 2                  | 2                  |
+ * | Plaintext/Ciphertext         | 1                  | 255                |
+ * | (Optional) Policy Key Access | 36                 | 136                |
+ */
+class EmbeddedPolicy extends AbstractPolicy implements EmbeddedPolicyInterface {
+  static MAX_POLICY_SIZE = 65535; // 2 bytes unsigned int.
+  readonly content: Uint8Array;
+  static override parse(
+    buff: Uint8Array,
+    useEcdsaBinding: boolean,
+    type: PolicyTypes
+  ): { offset: number; policy: EmbeddedPolicy } {
+    let offset = 0;
+    // TODO: May not work on Big Endian systems. See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView/getUint16
+    // Also http://calculist.org/blog/2012/04/24/the-little-endian-web/
+    const length = new DataView(buff.slice(offset, 2).buffer).getUint16(0);
+    offset += 2;
+    const content = buff.subarray(offset, offset + length);
+    offset += length;
+    const { binding, newOffset: bindingOffset } = this.parseBinding(buff, useEcdsaBinding, offset);
+    offset = bindingOffset;
+    return {
+      policy: new EmbeddedPolicy(type, binding, content),
+      offset,
+    };
+  }
+  constructor(type: PolicyTypes, binding: Uint8Array, content: Uint8Array) {
+    super(type, binding);
+    this.content = content;
+  }
+  /**
+   * Length of policy
+   *
+   * @returns { number } length
+   */
+  override getLength(): number {
+    return (
+      // Type length
+      1 +
+      // Policy length
+      2 +
+      // Content length
+      this.content.length +
+      // Binding length
+      this.binding.length
+    );
+  }
+  /**
+   * Return the content of the policy
+   */
+  override toBuffer(): Uint8Array {
+    const target = new Uint8Array(this.getLength());
+    if (this.content.length > EmbeddedPolicy.MAX_POLICY_SIZE) {
+      throw new ConfigurationError("TDF Policy can't be more that 2^16");
+    }
+    target.set([this.type], 0);
+    // Write the policy length, assuming the host system is little endian
+    // TODO: There should be better way to convert to big endian
+    const lengthAsUint16 = new Uint16Array(1);
+    lengthAsUint16[0] = this.content.length;
+    const temp = new Uint8Array(lengthAsUint16.buffer);
+    const policyContentSizeAsBg = new Uint8Array(2);
+    policyContentSizeAsBg[0] = temp[1];
+    policyContentSizeAsBg[1] = temp[0];
+    target.set(policyContentSizeAsBg, 1);
+    // Write the policy content
+    target.set(this.content, policyContentSizeAsBg.length + 1);
+    // Write the binding.
+    target.set(this.binding, this.content.length + policyContentSizeAsBg.length + 1);
+    return target;
+  }
+}
+export default EmbeddedPolicy;

package/src/nanotdf/models/Policy/PolicyFactory.ts ADDED Viewed

@@ -0,0 +1,48 @@
+import AbstractPolicy from './AbstractPolicy.js';
+import EmbeddedPolicy from './EmbeddedPolicy.js';
+import RemotePolicy from './RemotePolicy.js';
+import PolicyTypeEnum from '../../enum/PolicyTypeEnum.js';
+import { UnsupportedFeatureError } from '../../../errors.js';
+import CurveNameEnum from '../../enum/CurveNameEnum.js';
+function parse(
+  buff: Uint8Array,
+  useEcdsaBinding: boolean,
+  curve: CurveNameEnum
+): { policy: AbstractPolicy; offset: number } | never {
+  const type = buff[AbstractPolicy.TYPE_BYTE_OFF];
+  let policy: AbstractPolicy;
+  let offset: number;
+  // Check if remote policy
+  if (type === PolicyTypeEnum.Remote) {
+    ({ policy, offset } = RemotePolicy.parse(
+      buff.subarray(AbstractPolicy.TYPE_BYTE_LEN),
+      useEcdsaBinding
+    ));
+  } else if (
+    [
+      //  Check if is an embedded policy
+      PolicyTypeEnum.EmbeddedEncrypted,
+      PolicyTypeEnum.EmbeddedEncryptedPKA,
+      PolicyTypeEnum.EmbeddedText,
+    ].includes(type)
+  ) {
+    ({ policy, offset } = EmbeddedPolicy.parse(
+      buff.subarray(AbstractPolicy.TYPE_BYTE_LEN),
+      useEcdsaBinding,
+      type
+    ));
+  } else {
+    throw new UnsupportedFeatureError(`unsupported policy type: ${type}`);
+  }
+  return {
+    policy,
+    offset: offset + AbstractPolicy.TYPE_BYTE_LEN,
+  };
+}
+export default {
+  parse,
+};

package/src/nanotdf/models/Policy/RemotePolicy.ts ADDED Viewed

@@ -0,0 +1,74 @@
+import AbstractPolicy from './AbstractPolicy.js';
+import ResourceLocator from '../ResourceLocator.js';
+import { RemotePolicyInterface } from '../../interfaces/PolicyInterface.js';
+import PolicyTypeEnum from '../../enum/PolicyTypeEnum.js';
+/**
+ * Set remote policy body
+ *
+ * If the policy type is set to use a Remote Policy, then the Resource Locator object described in Section 3.4.1 is
+ * used to describe the remote policy.
+ */
+class RemotePolicy extends AbstractPolicy implements RemotePolicyInterface {
+  override readonly type: PolicyTypeEnum = PolicyTypeEnum.Remote;
+  readonly remotePolicy: ResourceLocator;
+  static override parse(
+    buff: Uint8Array,
+    useEcdsaBinding: boolean
+  ): { offset: number; policy: RemotePolicy } {
+    let offset = 0;
+    const resource = ResourceLocator.parse(buff);
+    offset += resource.offset;
+    const { binding, newOffset: bindingOffset } = this.parseBinding(buff, useEcdsaBinding, offset);
+    offset = bindingOffset;
+    return {
+      policy: new RemotePolicy(PolicyTypeEnum.Remote, binding, resource),
+      offset,
+    };
+  }
+  constructor(type: PolicyTypeEnum, binding: Uint8Array, resource: ResourceLocator) {
+    super(type, binding);
+    this.type = PolicyTypeEnum.Remote;
+    this.remotePolicy = resource;
+  }
+  /**
+   * Length of policy
+   *
+   * @returns { number } length
+   */
+  override getLength(): number {
+    return (
+      // Type length
+      1 +
+      // Resource locator length
+      this.remotePolicy.length +
+      // Binding length
+      this.binding.length
+    );
+  }
+  /**
+   * Return the content of the policy
+   */
+  override toBuffer(): Uint8Array {
+    const target = new Uint8Array(this.getLength());
+    target.set([PolicyTypeEnum.Remote], 0);
+    // Write the remote policy location
+    const resourceLocatorAsBuf = this.remotePolicy.toBuffer();
+    target.set(resourceLocatorAsBuf, 1);
+    // Write the binding.
+    target.set(this.binding, resourceLocatorAsBuf.length + 1);
+    return target;
+  }
+}
+export default RemotePolicy;

package/src/nanotdf/models/ResourceLocator.ts ADDED Viewed

@@ -0,0 +1,212 @@
+import { ConfigurationError, InvalidFileError } from '../../errors.js';
+import ProtocolEnum from '../enum/ProtocolEnum.js';
+import ResourceLocatorIdentifierEnum from '../enum/ResourceLocatorIdentifierEnum.js';
+/**
+ *
+ * The Resource Locator is a way for the nanotdf to represent references to external resources in as succinct a format
+ * as possible.
+ *
+ * | Section       | Minimum Length (B) | Maximum Length (B) |
+ * |---------------|--------------------|--------------------|
+ * | Protocol Enum | 1                  | 1                  |
+ * | Body Length   | 1                  | 1                  |
+ * | Body          | 1                  | 255                |
+ * | Identifier    | 0                  | n                  |
+ *
+ * @link https://github.com/virtru/nanotdf/blob/master/spec/index.md#3312-kas
+ * @link https://github.com/virtru/nanotdf/blob/master/spec/index.md#341-resource-locator
+ */
+export default class ResourceLocator {
+  static readonly PROTOCOL_OFFSET = 0;
+  static readonly PROTOCOL_LENGTH = 1;
+  static readonly LENGTH_OFFSET = 1;
+  static readonly LENGTH_LENGTH = 1;
+  static readonly BODY_OFFSET = 2;
+  static readonly IDENTIFIER_0_BYTE: number = 0 << 4; // 0
+  static readonly IDENTIFIER_2_BYTE: number = 1 << 4; // 16
+  static readonly IDENTIFIER_8_BYTE: number = 2 << 4; // 32
+  static readonly IDENTIFIER_32_BYTE: number = 3 << 4; // 48
+  constructor(
+    readonly protocol: ProtocolEnum,
+    readonly lengthOfBody: number,
+    readonly body: string,
+    readonly offset: number,
+    readonly id?: string,
+    readonly idType: ResourceLocatorIdentifierEnum = ResourceLocatorIdentifierEnum.None
+  ) {}
+  /**
+   * Construct a new URL or URL + identifier pair, for use with NanoTDF envelopes.
+   * @param url The URL to encrypt; `http` and `https` schemes are supported
+   * @param identifier An optional identifier.
+   *    For KAS URLs, this is usually a public key identifier (kid). Limit 32 characters
+   * @returns a value representing the URL and identifier, if present.
+   *    This method throws an Error if the URL is invalid or of the wrong schema,
+   *    or if the identifier is an unsupported value.
+   */
+  static fromURL(url: string, identifier?: string): ResourceLocator {
+    const [protocolStr, body] = url.split('://');
+    let protocol: ProtocolEnum;
+    // Validate and set protocol identifier byte
+    switch (protocolStr.toLowerCase()) {
+      case 'http':
+        protocol = ProtocolEnum.Http;
+        break;
+      case 'https':
+        protocol = ProtocolEnum.Https;
+        break;
+      default:
+        throw new ConfigurationError(`resource locator protocol [${protocolStr}] unsupported`);
+    }
+    // Set identifier padded length and protocol identifier byte
+    const identifierType = (() => {
+      if (!identifier) {
+        return ResourceLocatorIdentifierEnum.None;
+      }
+      const identifierLength = new TextEncoder().encode(identifier).length;
+      if (identifierLength <= 2) {
+        return ResourceLocatorIdentifierEnum.TwoBytes;
+      } else if (identifierLength <= 8) {
+        return ResourceLocatorIdentifierEnum.EightBytes;
+      } else if (identifierLength <= 32) {
+        return ResourceLocatorIdentifierEnum.ThirtyTwoBytes;
+      }
+      throw new ConfigurationError(`unsupported identifier length: ${identifier.length}`);
+    })();
+    // Create buffer to hold protocol, body length, body, and identifier
+    const lengthOfBody = new TextEncoder().encode(body).length;
+    if (lengthOfBody == 0) {
+      throw new ConfigurationError('url body empty');
+    }
+    const identifierLength = identifierType.valueOf();
+    const offset = ResourceLocator.BODY_OFFSET + lengthOfBody + identifierLength;
+    return new ResourceLocator(protocol, lengthOfBody, body, offset, identifier, identifierType);
+  }
+  static parse(buff: Uint8Array) {
+    // Protocol
+    const protocolAndIdentifierType = buff[ResourceLocator.PROTOCOL_OFFSET];
+    // Length of body
+    const lengthOfBody = buff[ResourceLocator.LENGTH_OFFSET];
+    if (lengthOfBody == 0) {
+      throw new InvalidFileError('url body empty');
+    }
+    // Body as utf8 string
+    const decoder = new TextDecoder();
+    let offset = ResourceLocator.BODY_OFFSET + lengthOfBody;
+    if (offset > buff.length) {
+      throw new InvalidFileError('url parser: out of bounds error');
+    }
+    const body = decoder.decode(buff.subarray(ResourceLocator.BODY_OFFSET, offset));
+    const protocol = protocolAndIdentifierType & 0xf;
+    switch (protocol) {
+      case ProtocolEnum.Http:
+      case ProtocolEnum.Https:
+        break;
+      default:
+        throw new InvalidFileError(`url parser: unsupported protocol type [${protocol}]`);
+    }
+    // identifier
+    const identifierTypeNibble = protocolAndIdentifierType & 0xf0;
+    let identifierType = ResourceLocatorIdentifierEnum.None;
+    if (identifierTypeNibble === ResourceLocator.IDENTIFIER_2_BYTE) {
+      identifierType = ResourceLocatorIdentifierEnum.TwoBytes;
+    } else if (identifierTypeNibble === ResourceLocator.IDENTIFIER_8_BYTE) {
+      identifierType = ResourceLocatorIdentifierEnum.EightBytes;
+    } else if (identifierTypeNibble === ResourceLocator.IDENTIFIER_32_BYTE) {
+      identifierType = ResourceLocatorIdentifierEnum.ThirtyTwoBytes;
+    } else if (identifierTypeNibble !== ResourceLocator.IDENTIFIER_0_BYTE) {
+      throw new InvalidFileError(`url parser: unsupported fragment type [${identifierTypeNibble}]`);
+    }
+    let identifier: string | undefined = undefined;
+    switch (identifierType) {
+      case ResourceLocatorIdentifierEnum.None:
+        // noop
+        break;
+      case ResourceLocatorIdentifierEnum.TwoBytes:
+      case ResourceLocatorIdentifierEnum.EightBytes:
+      case ResourceLocatorIdentifierEnum.ThirtyTwoBytes: {
+        const kidStart = offset;
+        offset = kidStart + identifierType.valueOf();
+        if (offset > buff.length) {
+          throw new InvalidFileError('url parser: out of bounds error');
+        }
+        const kidSubarray = buff.subarray(kidStart, offset);
+        // Remove padding (assuming the padding is null bytes, 0x00)
+        const zeroIndex = kidSubarray.indexOf(0);
+        if (zeroIndex >= 0) {
+          const trimmedSubarray = kidSubarray.subarray(0, zeroIndex);
+          identifier = decoder.decode(trimmedSubarray);
+        } else {
+          identifier = decoder.decode(kidSubarray);
+        }
+        break;
+      }
+    }
+    return new ResourceLocator(protocol, lengthOfBody, body, offset, identifier, identifierType);
+  }
+  /**
+   * Length
+   *
+   * @returns { number } Length of resource locator
+   */
+  get length(): number {
+    return this.offset;
+  }
+  get url(): string | never {
+    switch (this.protocol) {
+      case ProtocolEnum.Http:
+        return 'http://' + this.body;
+      case ProtocolEnum.Https:
+        return 'https://' + this.body;
+      default:
+        throw new ConfigurationError(`resource locator protocol unsupported [${this.protocol}]`);
+    }
+  }
+  /**
+   * Return the contents of the Resource Locator in buffer
+   */
+  toBuffer(): Uint8Array {
+    const target = new Uint8Array(ResourceLocator.BODY_OFFSET + this.body.length + this.idType);
+    let idTypeNibble = 0;
+    switch (this.idType) {
+      case ResourceLocatorIdentifierEnum.TwoBytes:
+        idTypeNibble = ResourceLocator.IDENTIFIER_2_BYTE;
+        break;
+      case ResourceLocatorIdentifierEnum.EightBytes:
+        idTypeNibble = ResourceLocator.IDENTIFIER_8_BYTE;
+        break;
+      case ResourceLocatorIdentifierEnum.ThirtyTwoBytes:
+        idTypeNibble = ResourceLocator.IDENTIFIER_32_BYTE;
+        break;
+    }
+    target.set([this.protocol | idTypeNibble], ResourceLocator.PROTOCOL_OFFSET);
+    target.set([this.lengthOfBody], ResourceLocator.LENGTH_OFFSET);
+    target.set(new TextEncoder().encode(this.body), ResourceLocator.BODY_OFFSET);
+    if (this.id) {
+      target.set(new TextEncoder().encode(this.id), ResourceLocator.BODY_OFFSET + this.body.length);
+    }
+    return target;
+  }
+  /**
+   * Get Identifier
+   *
+   * Returns the identifier of the ResourceLocator or an empty string if no identifier is present.
+   * @returns { string } Identifier of the resource locator.
+   */
+  get identifier(): string {
+    return this.id ?? '';
+  }
+}

package/src/nanotdf/models/Signature.ts ADDED Viewed

@@ -0,0 +1,85 @@
+import Header from './Header.js';
+import { lengthOfPublicKey, lengthOfSignature } from '../helpers/calculateByCurve.js';
+import { ConfigurationError } from '../../errors.js';
+/**
+ * NanoTDF Signature
+ *
+ * The signature section is an optional section that contains an ECDSA signature used to cryptographically bind the Header and Payload to a creator of the nanotdf. The key used for signing is the private key of the creator of the nanotdf. The ECC Params used for the signature are described in Section 3.3.1.4.2. The private key used for this signature is distinctly different than the ephemeral private key. This is a persistent key belonging to an individual, entity, or device that creates nanotdfs. The signature is used to authenticate the entire nanotdf and contains both the public key related to the creators private key and the resulting signature. The structure of this section:
+ *
+ * | Section    | Minimum Length (B) | Maximum Length (B) |
+ * |------------|--------------------|--------------------|
+ * | Public Key | 33                 | 67                 |
+ * | Signature  | 64                 | 132                |
+ *
+ * @link https://github.com/virtru/nanotdf/blob/master/spec/index.md#333-signature
+ */
+export default class Signature {
+  public publicKey: Uint8Array;
+  public signature: Uint8Array;
+  static parse(header: Header, buff: Uint8Array): { signature: Signature; offset: number } | never {
+    let offset = 0;
+    /**
+     * Parse the public key
+     *
+     * This section contains the compressed public key of the private key used to sign the message.
+     */
+    // TODO: Resolve where offset is missing 1 byte
+    const publicKeyLength = lengthOfPublicKey(header.signatureCurveName) + 1;
+    const publicKey = buff.subarray(offset, offset + publicKeyLength);
+    offset += publicKeyLength;
+    /**
+     * Parse signature
+     *
+     * This section contains the encoded `r` and `s` values of the ECDSA signature.
+     *
+     * ECDSA signatures are big endian encodings of the `r` and `s` values of an ECDSA signature.The length of `r` and `s`
+     * values is determined by the ECC Mode used for the signature. The encoding for the signature is the big endian
+     * encodings of R and S concatenated to each other. For example, `r = 1` and `s = 2` for an ECDSA signature of a
+     * ecp256k1 key would be (line breaks and spaces are added for easier visualization):
+     *
+     * ```
+     * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+     * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
+     * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+     * 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02
+     * ```
+     *
+     * @link https://github.com/virtru/nanotdf/blob/master/spec/index.md#52-ecdsa-signature-encoding
+     */
+    const signatureLength = lengthOfSignature(header.signatureCurveName);
+    const signature = buff.subarray(offset, offset + signatureLength);
+    offset += signatureLength;
+    return { signature: new Signature(publicKey, signature), offset };
+  }
+  constructor(publicKey: Uint8Array, signature: Uint8Array) {
+    this.publicKey = publicKey;
+    this.signature = signature;
+  }
+  /**
+   * Length
+   *
+   * @returns { number } Length of signature
+   */
+  get length(): number {
+    return this.publicKey.length + this.signature.length;
+  }
+  /**
+   * Copy the contents of the signature to buffer
+   */
+  copyToBuffer(target: Uint8Array): void {
+    if (this.length > target.length) {
+      throw new ConfigurationError('Invalid buffer size to copy signature');
+    }
+    target.set(this.publicKey, 0);
+    target.set(this.signature, this.publicKey.length);
+  }
+}

package/src/nanotdf-crypto/ciphers.ts ADDED Viewed

@@ -0,0 +1,13 @@
+export enum Ciphers {
+  AesGcm = 'AES-GCM',
+}
+export enum CipherTagLengths {
+  AesGcm = 128,
+}
+const cipherKeys = [];
+for (const cipherKey in Ciphers) {
+  cipherKeys.push(cipherKey);
+}
+export const supportedCiphers = cipherKeys;

package/src/nanotdf-crypto/decrypt.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import { Ciphers, CipherTagLengths } from './ciphers.js';
+/**
+ * Decrypt plaintext buffer to plaintext buffer
+ *
+ * Only supports AES-GCM
+ * @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/encrypt
+ *
+ * @param key Encryption key
+ * @param ciphertext Encrypted buffer
+ * @param iv Initialization vector
+ * @param tagLength Size (bits) of authentication tag
+ * @returns Resolves plaintext buffer
+ */
+export default async function decrypt(
+  key: CryptoKey,
+  ciphertext: Uint8Array,
+  iv: Uint8Array,
+  tagLength?: number
+): Promise<ArrayBuffer> {
+  return crypto.subtle.decrypt(
+    {
+      name: Ciphers.AesGcm,
+      iv,
+      tagLength: tagLength || CipherTagLengths.AesGcm,
+    },
+    key,
+    ciphertext
+  );
+}

package/src/nanotdf-crypto/digest.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { TypedArray } from '../tdf/index.js';
+export default function digest(
+  hashType: AlgorithmIdentifier,
+  data: TypedArray | ArrayBuffer
+): Promise<ArrayBuffer> {
+  return crypto.subtle.digest(hashType, data);
+}

package/src/nanotdf-crypto/ecdsaSignature.ts ADDED Viewed

@@ -0,0 +1,109 @@
+import { ConfigurationError } from '../errors.js';
+import { AlgorithmName } from './../nanotdf-crypto/enums.js';
+/**
+ * Computes an ECDSA signature for the given data using the provided private key.
+ *
+ * This function uses the Web Crypto API to generate a digital signature
+ * for the input data using the ECDSA algorithm with SHA-256 as the hash function.
+ *
+ * @param {CryptoKey} privateKey - The ECDSA private key used for signing.
+ * @param {Uint8Array} data - The data to be signed.
+ * @returns {Promise<ArrayBuffer>} - A promise that resolves to the generated signature.
+ */
+export async function computeECDSASig(
+  privateKey: CryptoKey,
+  data: Uint8Array
+): Promise<ArrayBuffer> {
+  const signature = await crypto.subtle.sign(
+    {
+      name: AlgorithmName.ECDSA,
+      hash: { name: 'SHA-256' },
+    },
+    privateKey,
+    data
+  );
+  return signature;
+}
+/**
+ * Verifies an ECDSA signature using the provided public key and data.
+ *
+ * This function uses the Web Crypto API to verify the digital signature
+ * for the input data using the ECDSA algorithm with SHA-256 as the hash function.
+ *
+ * @param {CryptoKey} publicKey - The ECDSA public key used for verification.
+ * @param {Uint8Array} signature - The signature to be verified.
+ * @param {Uint8Array} data - The data that was signed.
+ * @returns {Promise<boolean>} - A promise that resolves to a boolean indicating whether the signature is valid.
+ */
+export async function verifyECDSASignature(
+  publicKey: CryptoKey,
+  signature: Uint8Array,
+  data: Uint8Array
+): Promise<boolean> {
+  const isValid = await crypto.subtle.verify(
+    {
+      name: AlgorithmName.ECDSA,
+      hash: { name: 'SHA-256' },
+    },
+    publicKey,
+    signature,
+    data
+  );
+  return isValid;
+}
+/**
+ * Extracts the r and s values from a given ECDSA signature.
+ *
+ * @param {Uint8Array} signatureBytes - The raw ECDSA signature bytes.
+ * @returns {{ r: Uint8Array; s: Uint8Array }} An object containing the r and s values as Uint8Arrays.
+ * @throws {Error} If the validation of the signature fails.
+ */
+export function extractRSValuesFromSignature(signatureBytes: Uint8Array): {
+  r: Uint8Array;
+  s: Uint8Array;
+} {
+  // Split the raw signature into r and s values
+  const halfLength = Math.floor(signatureBytes.length / 2);
+  const rValue = signatureBytes.slice(0, halfLength);
+  const sValue = signatureBytes.slice(halfLength);
+  // Correct validation
+  if (!concatAndCompareUint8Arrays(rValue, sValue, signatureBytes)) {
+    throw new ConfigurationError('invalid ECDSA signature');
+  }
+  return {
+    r: rValue,
+    s: sValue,
+  };
+}
+function concatAndCompareUint8Arrays(
+  arr1: Uint8Array,
+  arr2: Uint8Array,
+  arr3: Uint8Array
+): boolean {
+  // Create a new Uint8Array with the combined length of arr1 and arr2
+  const concatenated = new Uint8Array(arr1.length + arr2.length);
+  // Copy arr1 and arr2 into the new array
+  concatenated.set(arr1, 0);
+  concatenated.set(arr2, arr1.length);
+  // Check if the lengths are the same
+  if (concatenated.length !== arr3.length) {
+    return false;
+  }
+  // Compare each element
+  for (let i = 0; i < concatenated.length; i++) {
+    if (concatenated[i] !== arr3[i]) {
+      return false;
+    }
+  }
+  return true;
+}