npm - @opentdf/sdk - Versions diffs - 0.1.0-beta.1701 - Mend

@opentdf/sdk 0.1.0-beta.1701

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (566) hide show

package/README.md +52 -0
package/dist/cjs/package.json +3 -0
package/dist/cjs/src/access.js +155 -0
package/dist/cjs/src/auth/Eas.js +60 -0
package/dist/cjs/src/auth/auth.js +79 -0
package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +26 -0
package/dist/cjs/src/auth/oidc-externaljwt-provider.js +33 -0
package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +34 -0
package/dist/cjs/src/auth/oidc.js +222 -0
package/dist/cjs/src/auth/providers.js +143 -0
package/dist/cjs/src/encodings/base64.js +154 -0
package/dist/cjs/src/encodings/hex.js +70 -0
package/dist/cjs/src/encodings/index.js +29 -0
package/dist/cjs/src/errors.js +138 -0
package/dist/cjs/src/index.js +344 -0
package/dist/cjs/src/nanotdf/Client.js +296 -0
package/dist/cjs/src/nanotdf/NanoTDF.js +94 -0
package/dist/cjs/src/nanotdf/browser-entry.js +19 -0
package/dist/cjs/src/nanotdf/constants.js +5 -0
package/dist/cjs/src/nanotdf/decrypt.js +17 -0
package/dist/cjs/src/nanotdf/encrypt-dataset.js +38 -0
package/dist/cjs/src/nanotdf/encrypt.js +132 -0
package/dist/cjs/src/nanotdf/enum/CipherEnum.js +13 -0
package/dist/cjs/src/nanotdf/enum/CurveNameEnum.js +15 -0
package/dist/cjs/src/nanotdf/enum/EncodingEnum.js +8 -0
package/dist/cjs/src/nanotdf/enum/PolicyTypeEnum.js +11 -0
package/dist/cjs/src/nanotdf/enum/ProtocolEnum.js +10 -0
package/dist/cjs/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +11 -0
package/dist/cjs/src/nanotdf/helpers/calculateByCurve.js +29 -0
package/dist/cjs/src/nanotdf/helpers/getHkdfSalt.js +11 -0
package/dist/cjs/src/nanotdf/index.js +25 -0
package/dist/cjs/src/nanotdf/interfaces/PolicyInterface.js +3 -0
package/dist/cjs/src/nanotdf/models/Ciphers.js +61 -0
package/dist/cjs/src/nanotdf/models/DefaultParams.js +27 -0
package/dist/cjs/src/nanotdf/models/EcCurves.js +39 -0
package/dist/cjs/src/nanotdf/models/Header.js +255 -0
package/dist/cjs/src/nanotdf/models/Payload.js +158 -0
package/dist/cjs/src/nanotdf/models/Policy/AbstractPolicy.js +73 -0
package/dist/cjs/src/nanotdf/models/Policy/EmbeddedPolicy.js +82 -0
package/dist/cjs/src/nanotdf/models/Policy/PolicyFactory.js +38 -0
package/dist/cjs/src/nanotdf/models/Policy/RemotePolicy.js +62 -0
package/dist/cjs/src/nanotdf/models/ResourceLocator.js +211 -0
package/dist/cjs/src/nanotdf/models/Signature.js +77 -0
package/dist/cjs/src/nanotdf-crypto/ciphers.js +17 -0
package/dist/cjs/src/nanotdf-crypto/decrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/digest.js +7 -0
package/dist/cjs/src/nanotdf-crypto/ecdsaSignature.js +83 -0
package/dist/cjs/src/nanotdf-crypto/encrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/enums.js +52 -0
package/dist/cjs/src/nanotdf-crypto/exportCryptoKey.js +20 -0
package/dist/cjs/src/nanotdf-crypto/generateKeyPair.js +13 -0
package/dist/cjs/src/nanotdf-crypto/generateRandomNumber.js +12 -0
package/dist/cjs/src/nanotdf-crypto/importRawKey.js +18 -0
package/dist/cjs/src/nanotdf-crypto/index.js +52 -0
package/dist/cjs/src/nanotdf-crypto/keyAgreement.js +91 -0
package/dist/cjs/src/nanotdf-crypto/pemPublicToCrypto.js +225 -0
package/dist/cjs/src/policy/api.js +58 -0
package/dist/cjs/src/policy/attributes.js +3 -0
package/dist/cjs/src/policy/granter.js +146 -0
package/dist/cjs/src/tdf/AttributeObject.js +15 -0
package/dist/cjs/src/tdf/AttributeObjectJwt.js +3 -0
package/dist/cjs/src/tdf/Crypto.js +47 -0
package/dist/cjs/src/tdf/EntityObject.js +3 -0
package/dist/cjs/src/tdf/NanoTDF/NanoTDF.js +38 -0
package/dist/cjs/src/tdf/Policy.js +50 -0
package/dist/cjs/src/tdf/PolicyObject.js +3 -0
package/dist/cjs/src/tdf/TypedArray.js +3 -0
package/dist/cjs/src/tdf/index.js +35 -0
package/dist/cjs/src/types/index.js +3 -0
package/dist/cjs/src/utils.js +147 -0
package/dist/cjs/src/version.js +12 -0
package/dist/cjs/tdf3/index.js +57 -0
package/dist/cjs/tdf3/src/assertions.js +118 -0
package/dist/cjs/tdf3/src/binary.js +153 -0
package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +56 -0
package/dist/cjs/tdf3/src/ciphers/algorithms.js +8 -0
package/dist/cjs/tdf3/src/ciphers/index.js +8 -0
package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +22 -0
package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +116 -0
package/dist/cjs/tdf3/src/client/builders.js +561 -0
package/dist/cjs/tdf3/src/client/index.js +460 -0
package/dist/cjs/tdf3/src/client/validation.js +63 -0
package/dist/cjs/tdf3/src/crypto/crypto-utils.js +116 -0
package/dist/cjs/tdf3/src/crypto/declarations.js +8 -0
package/dist/cjs/tdf3/src/crypto/index.js +315 -0
package/dist/cjs/tdf3/src/index.js +34 -0
package/dist/cjs/tdf3/src/models/attribute-set.js +122 -0
package/dist/cjs/tdf3/src/models/encryption-information.js +90 -0
package/dist/cjs/tdf3/src/models/index.js +25 -0
package/dist/cjs/tdf3/src/models/key-access.js +103 -0
package/dist/cjs/tdf3/src/models/manifest.js +3 -0
package/dist/cjs/tdf3/src/models/payload.js +3 -0
package/dist/cjs/tdf3/src/models/policy.js +24 -0
package/dist/cjs/tdf3/src/models/upsert-response.js +3 -0
package/dist/cjs/tdf3/src/tdf.js +907 -0
package/dist/cjs/tdf3/src/templates/default.html.js +98 -0
package/dist/cjs/tdf3/src/templates/escaper.js +15 -0
package/dist/cjs/tdf3/src/templates/index.js +12 -0
package/dist/cjs/tdf3/src/utils/buffer-crc32.js +48 -0
package/dist/cjs/tdf3/src/utils/chunkers.js +106 -0
package/dist/cjs/tdf3/src/utils/index.js +296 -0
package/dist/cjs/tdf3/src/utils/keysplit.js +61 -0
package/dist/cjs/tdf3/src/utils/zip-reader.js +253 -0
package/dist/cjs/tdf3/src/utils/zip-writer.js +308 -0
package/dist/cjs/tdf3/src/version.js +6 -0
package/dist/types/src/access.d.ts +47 -0
package/dist/types/src/access.d.ts.map +1 -0
package/dist/types/src/auth/Eas.d.ts +34 -0
package/dist/types/src/auth/Eas.d.ts.map +1 -0
package/dist/types/src/auth/auth.d.ts +86 -0
package/dist/types/src/auth/auth.d.ts.map +1 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +9 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc.d.ts +104 -0
package/dist/types/src/auth/oidc.d.ts.map +1 -0
package/dist/types/src/auth/providers.d.ts +67 -0
package/dist/types/src/auth/providers.d.ts.map +1 -0
package/dist/types/src/encodings/base64.d.ts +18 -0
package/dist/types/src/encodings/base64.d.ts.map +1 -0
package/dist/types/src/encodings/hex.d.ts +5 -0
package/dist/types/src/encodings/hex.d.ts.map +1 -0
package/dist/types/src/encodings/index.d.ts +3 -0
package/dist/types/src/encodings/index.d.ts.map +1 -0
package/dist/types/src/errors.d.ts +72 -0
package/dist/types/src/errors.d.ts.map +1 -0
package/dist/types/src/index.d.ts +138 -0
package/dist/types/src/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/Client.d.ts +95 -0
package/dist/types/src/nanotdf/Client.d.ts.map +1 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts +25 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts.map +1 -0
package/dist/types/src/nanotdf/browser-entry.d.ts +17 -0
package/dist/types/src/nanotdf/browser-entry.d.ts.map +1 -0
package/dist/types/src/nanotdf/constants.d.ts +2 -0
package/dist/types/src/nanotdf/constants.d.ts.map +1 -0
package/dist/types/src/nanotdf/decrypt.d.ts +9 -0
package/dist/types/src/nanotdf/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts +12 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts +10 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts +12 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts +5 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts +7 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts +20 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts +9 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts.map +1 -0
package/dist/types/src/nanotdf/index.d.ts +9 -0
package/dist/types/src/nanotdf/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts +17 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts +14 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts +21 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts +15 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Header.d.ts +73 -0
package/dist/types/src/nanotdf/models/Header.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Payload.d.ts +47 -0
package/dist/types/src/nanotdf/models/Payload.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts +52 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts +35 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts +11 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts +31 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts +65 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Signature.d.ts +33 -0
package/dist/types/src/nanotdf/models/Signature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts +8 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts +3 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts +35 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts +42 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts +7 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts +10 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts +5 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts +13 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/index.d.ts +12 -0
package/dist/types/src/nanotdf-crypto/index.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts.map +1 -0
package/dist/types/src/policy/api.d.ts +4 -0
package/dist/types/src/policy/api.d.ts.map +1 -0
package/dist/types/src/policy/attributes.d.ts +95 -0
package/dist/types/src/policy/attributes.d.ts.map +1 -0
package/dist/types/src/policy/granter.d.ts +23 -0
package/dist/types/src/policy/granter.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObject.d.ts +13 -0
package/dist/types/src/tdf/AttributeObject.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts +4 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts.map +1 -0
package/dist/types/src/tdf/Crypto.d.ts +37 -0
package/dist/types/src/tdf/Crypto.d.ts.map +1 -0
package/dist/types/src/tdf/EntityObject.d.ts +18 -0
package/dist/types/src/tdf/EntityObject.d.ts.map +1 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts +99 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map +1 -0
package/dist/types/src/tdf/Policy.d.ts +28 -0
package/dist/types/src/tdf/Policy.d.ts.map +1 -0
package/dist/types/src/tdf/PolicyObject.d.ts +11 -0
package/dist/types/src/tdf/PolicyObject.d.ts.map +1 -0
package/dist/types/src/tdf/TypedArray.d.ts +3 -0
package/dist/types/src/tdf/TypedArray.d.ts.map +1 -0
package/dist/types/src/tdf/index.d.ts +7 -0
package/dist/types/src/tdf/index.d.ts.map +1 -0
package/dist/types/src/types/index.d.ts +45 -0
package/dist/types/src/types/index.d.ts.map +1 -0
package/dist/types/src/utils.d.ts +45 -0
package/dist/types/src/utils.d.ts.map +1 -0
package/dist/types/src/version.d.ts +9 -0
package/dist/types/src/version.d.ts.map +1 -0
package/dist/types/tdf3/index.d.ts +16 -0
package/dist/types/tdf3/index.d.ts.map +1 -0
package/dist/types/tdf3/src/assertions.d.ts +63 -0
package/dist/types/tdf3/src/assertions.d.ts.map +1 -0
package/dist/types/tdf3/src/binary.d.ts +38 -0
package/dist/types/tdf3/src/binary.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts +18 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts +4 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/index.d.ts +3 -0
package/dist/types/tdf3/src/ciphers/index.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts +14 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts.map +1 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +53 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -0
package/dist/types/tdf3/src/client/builders.d.ts +436 -0
package/dist/types/tdf3/src/client/builders.d.ts.map +1 -0
package/dist/types/tdf3/src/client/index.d.ts +139 -0
package/dist/types/tdf3/src/client/index.d.ts.map +1 -0
package/dist/types/tdf3/src/client/validation.d.ts +8 -0
package/dist/types/tdf3/src/client/validation.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts +34 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts +60 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/index.d.ts +103 -0
package/dist/types/tdf3/src/crypto/index.d.ts.map +1 -0
package/dist/types/tdf3/src/index.d.ts +5 -0
package/dist/types/tdf3/src/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts +65 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts.map +1 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts +49 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts.map +1 -0
package/dist/types/tdf3/src/models/index.d.ts +9 -0
package/dist/types/tdf3/src/models/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/key-access.d.ts +42 -0
package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -0
package/dist/types/tdf3/src/models/manifest.d.ts +9 -0
package/dist/types/tdf3/src/models/manifest.d.ts.map +1 -0
package/dist/types/tdf3/src/models/payload.d.ts +7 -0
package/dist/types/tdf3/src/models/payload.d.ts.map +1 -0
package/dist/types/tdf3/src/models/policy.d.ts +13 -0
package/dist/types/tdf3/src/models/policy.d.ts.map +1 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts +16 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts.map +1 -0
package/dist/types/tdf3/src/tdf.d.ts +152 -0
package/dist/types/tdf3/src/tdf.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/default.html.d.ts +8 -0
package/dist/types/tdf3/src/templates/default.html.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/escaper.d.ts +6 -0
package/dist/types/tdf3/src/templates/escaper.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/index.d.ts +3 -0
package/dist/types/tdf3/src/templates/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts +2 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts +29 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/index.d.ts +36 -0
package/dist/types/tdf3/src/utils/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts +19 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts +63 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts +35 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts.map +1 -0
package/dist/types/tdf3/src/version.d.ts +3 -0
package/dist/types/tdf3/src/version.d.ts.map +1 -0
package/dist/web/package.json +3 -0
package/dist/web/src/access.js +147 -0
package/dist/web/src/auth/Eas.js +55 -0
package/dist/web/src/auth/auth.js +71 -0
package/dist/web/src/auth/oidc-clientcredentials-provider.js +22 -0
package/dist/web/src/auth/oidc-externaljwt-provider.js +29 -0
package/dist/web/src/auth/oidc-refreshtoken-provider.js +30 -0
package/dist/web/src/auth/oidc.js +215 -0
package/dist/web/src/auth/providers.js +119 -0
package/dist/web/src/encodings/base64.js +147 -0
package/dist/web/src/encodings/hex.js +63 -0
package/dist/web/src/encodings/index.js +3 -0
package/dist/web/src/errors.js +123 -0
package/dist/web/src/index.js +313 -0
package/dist/web/src/nanotdf/Client.js +268 -0
package/dist/web/src/nanotdf/NanoTDF.js +89 -0
package/dist/web/src/nanotdf/browser-entry.js +14 -0
package/dist/web/src/nanotdf/constants.js +2 -0
package/dist/web/src/nanotdf/decrypt.js +14 -0
package/dist/web/src/nanotdf/encrypt-dataset.js +32 -0
package/dist/web/src/nanotdf/encrypt.js +126 -0
package/dist/web/src/nanotdf/enum/CipherEnum.js +11 -0
package/dist/web/src/nanotdf/enum/CurveNameEnum.js +13 -0
package/dist/web/src/nanotdf/enum/EncodingEnum.js +6 -0
package/dist/web/src/nanotdf/enum/PolicyTypeEnum.js +9 -0
package/dist/web/src/nanotdf/enum/ProtocolEnum.js +8 -0
package/dist/web/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +9 -0
package/dist/web/src/nanotdf/helpers/calculateByCurve.js +24 -0
package/dist/web/src/nanotdf/helpers/getHkdfSalt.js +8 -0
package/dist/web/src/nanotdf/index.js +11 -0
package/dist/web/src/nanotdf/interfaces/PolicyInterface.js +2 -0
package/dist/web/src/nanotdf/models/Ciphers.js +54 -0
package/dist/web/src/nanotdf/models/DefaultParams.js +22 -0
package/dist/web/src/nanotdf/models/EcCurves.js +32 -0
package/dist/web/src/nanotdf/models/Header.js +250 -0
package/dist/web/src/nanotdf/models/Payload.js +156 -0
package/dist/web/src/nanotdf/models/Policy/AbstractPolicy.js +71 -0
package/dist/web/src/nanotdf/models/Policy/EmbeddedPolicy.js +77 -0
package/dist/web/src/nanotdf/models/Policy/PolicyFactory.js +33 -0
package/dist/web/src/nanotdf/models/Policy/RemotePolicy.js +57 -0
package/dist/web/src/nanotdf/models/ResourceLocator.js +206 -0
package/dist/web/src/nanotdf/models/Signature.js +74 -0
package/dist/web/src/nanotdf-crypto/ciphers.js +14 -0
package/dist/web/src/nanotdf-crypto/decrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/digest.js +4 -0
package/dist/web/src/nanotdf-crypto/ecdsaSignature.js +77 -0
package/dist/web/src/nanotdf-crypto/encrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/enums.js +49 -0
package/dist/web/src/nanotdf-crypto/exportCryptoKey.js +17 -0
package/dist/web/src/nanotdf-crypto/generateKeyPair.js +10 -0
package/dist/web/src/nanotdf-crypto/generateRandomNumber.js +9 -0
package/dist/web/src/nanotdf-crypto/importRawKey.js +15 -0
package/dist/web/src/nanotdf-crypto/index.js +12 -0
package/dist/web/src/nanotdf-crypto/keyAgreement.js +87 -0
package/dist/web/src/nanotdf-crypto/pemPublicToCrypto.js +197 -0
package/dist/web/src/policy/api.js +54 -0
package/dist/web/src/policy/attributes.js +2 -0
package/dist/web/src/policy/granter.js +141 -0
package/dist/web/src/tdf/AttributeObject.js +11 -0
package/dist/web/src/tdf/AttributeObjectJwt.js +2 -0
package/dist/web/src/tdf/Crypto.js +44 -0
package/dist/web/src/tdf/EntityObject.js +2 -0
package/dist/web/src/tdf/NanoTDF/NanoTDF.js +35 -0
package/dist/web/src/tdf/Policy.js +48 -0
package/dist/web/src/tdf/PolicyObject.js +2 -0
package/dist/web/src/tdf/TypedArray.js +2 -0
package/dist/web/src/tdf/index.js +4 -0
package/dist/web/src/types/index.js +2 -0
package/dist/web/src/utils.js +133 -0
package/dist/web/src/version.js +9 -0
package/dist/web/tdf3/index.js +13 -0
package/dist/web/tdf3/src/assertions.js +111 -0
package/dist/web/tdf3/src/binary.js +149 -0
package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +52 -0
package/dist/web/tdf3/src/ciphers/algorithms.js +5 -0
package/dist/web/tdf3/src/ciphers/index.js +3 -0
package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +18 -0
package/dist/web/tdf3/src/client/DecoratedReadableStream.js +107 -0
package/dist/web/tdf3/src/client/builders.js +557 -0
package/dist/web/tdf3/src/client/index.js +423 -0
package/dist/web/tdf3/src/client/validation.js +58 -0
package/dist/web/tdf3/src/crypto/crypto-utils.js +107 -0
package/dist/web/tdf3/src/crypto/declarations.js +5 -0
package/dist/web/tdf3/src/crypto/index.js +296 -0
package/dist/web/tdf3/src/index.js +5 -0
package/dist/web/tdf3/src/models/attribute-set.js +118 -0
package/dist/web/tdf3/src/models/encryption-information.js +86 -0
package/dist/web/tdf3/src/models/index.js +9 -0
package/dist/web/tdf3/src/models/key-access.js +74 -0
package/dist/web/tdf3/src/models/manifest.js +2 -0
package/dist/web/tdf3/src/models/payload.js +2 -0
package/dist/web/tdf3/src/models/policy.js +20 -0
package/dist/web/tdf3/src/models/upsert-response.js +2 -0
package/dist/web/tdf3/src/tdf.js +866 -0
package/dist/web/tdf3/src/templates/default.html.js +96 -0
package/dist/web/tdf3/src/templates/escaper.js +10 -0
package/dist/web/tdf3/src/templates/index.js +3 -0
package/dist/web/tdf3/src/utils/buffer-crc32.js +44 -0
package/dist/web/tdf3/src/utils/chunkers.js +96 -0
package/dist/web/tdf3/src/utils/index.js +248 -0
package/dist/web/tdf3/src/utils/keysplit.js +55 -0
package/dist/web/tdf3/src/utils/zip-reader.js +247 -0
package/dist/web/tdf3/src/utils/zip-writer.js +302 -0
package/dist/web/tdf3/src/version.js +3 -0
package/package.json +126 -0
package/src/access.ts +198 -0
package/src/auth/Eas.ts +79 -0
package/src/auth/auth.ts +141 -0
package/src/auth/oidc-clientcredentials-provider.ts +32 -0
package/src/auth/oidc-externaljwt-provider.ts +41 -0
package/src/auth/oidc-refreshtoken-provider.ts +41 -0
package/src/auth/oidc.ts +307 -0
package/src/auth/providers.ts +139 -0
package/src/encodings/base64.ts +160 -0
package/src/encodings/hex.ts +69 -0
package/src/encodings/index.ts +2 -0
package/src/errors.ts +113 -0
package/src/index.ts +441 -0
package/src/nanotdf/Client.ts +349 -0
package/src/nanotdf/NanoTDF.ts +121 -0
package/src/nanotdf/browser-entry.ts +20 -0
package/src/nanotdf/constants.ts +1 -0
package/src/nanotdf/decrypt.ts +19 -0
package/src/nanotdf/encrypt-dataset.ts +52 -0
package/src/nanotdf/encrypt.ts +197 -0
package/src/nanotdf/enum/CipherEnum.ts +10 -0
package/src/nanotdf/enum/CurveNameEnum.ts +12 -0
package/src/nanotdf/enum/EncodingEnum.ts +5 -0
package/src/nanotdf/enum/PolicyTypeEnum.ts +8 -0
package/src/nanotdf/enum/ProtocolEnum.ts +7 -0
package/src/nanotdf/enum/ResourceLocatorIdentifierEnum.ts +8 -0
package/src/nanotdf/helpers/calculateByCurve.ts +26 -0
package/src/nanotdf/helpers/getHkdfSalt.ts +15 -0
package/src/nanotdf/index.ts +10 -0
package/src/nanotdf/interfaces/PolicyInterface.ts +27 -0
package/src/nanotdf/models/Ciphers.ts +67 -0
package/src/nanotdf/models/DefaultParams.ts +24 -0
package/src/nanotdf/models/EcCurves.ts +40 -0
package/src/nanotdf/models/Header.ts +322 -0
package/src/nanotdf/models/Payload.ts +196 -0
package/src/nanotdf/models/Policy/AbstractPolicy.ts +90 -0
package/src/nanotdf/models/Policy/EmbeddedPolicy.ts +101 -0
package/src/nanotdf/models/Policy/PolicyFactory.ts +48 -0
package/src/nanotdf/models/Policy/RemotePolicy.ts +74 -0
package/src/nanotdf/models/ResourceLocator.ts +212 -0
package/src/nanotdf/models/Signature.ts +85 -0
package/src/nanotdf-crypto/ciphers.ts +13 -0
package/src/nanotdf-crypto/decrypt.ts +30 -0
package/src/nanotdf-crypto/digest.ts +8 -0
package/src/nanotdf-crypto/ecdsaSignature.ts +109 -0
package/src/nanotdf-crypto/encrypt.ts +30 -0
package/src/nanotdf-crypto/enums.ts +47 -0
package/src/nanotdf-crypto/exportCryptoKey.ts +17 -0
package/src/nanotdf-crypto/generateKeyPair.ts +19 -0
package/src/nanotdf-crypto/generateRandomNumber.ts +8 -0
package/src/nanotdf-crypto/importRawKey.ts +19 -0
package/src/nanotdf-crypto/index.ts +11 -0
package/src/nanotdf-crypto/keyAgreement.ts +139 -0
package/src/nanotdf-crypto/pemPublicToCrypto.ts +232 -0
package/src/package-lock.json +6 -0
package/src/package.json +3 -0
package/src/platform/authorization/authorization_connect.d.ts +44 -0
package/src/platform/authorization/authorization_connect.js +44 -0
package/src/platform/authorization/authorization_pb.d.ts +707 -0
package/src/platform/authorization/authorization_pb.js +372 -0
package/src/platform/common/common_pb.d.ts +129 -0
package/src/platform/common/common_pb.js +58 -0
package/src/platform/entityresolution/entity_resolution_connect.d.ts +35 -0
package/src/platform/entityresolution/entity_resolution_connect.js +35 -0
package/src/platform/entityresolution/entity_resolution_pb.d.ts +242 -0
package/src/platform/entityresolution/entity_resolution_pb.js +139 -0
package/src/platform/kas/kas_connect.d.ts +59 -0
package/src/platform/kas/kas_connect.js +59 -0
package/src/platform/kas/kas_pb.d.ts +200 -0
package/src/platform/kas/kas_pb.js +84 -0
package/src/platform/policy/attributes/attributes_connect.d.ts +168 -0
package/src/platform/policy/attributes/attributes_connect.js +168 -0
package/src/platform/policy/attributes/attributes_pb.d.ts +929 -0
package/src/platform/policy/attributes/attributes_pb.js +363 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.d.ts +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.js +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts +283 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.js +113 -0
package/src/platform/policy/namespaces/namespaces_connect.d.ts +62 -0
package/src/platform/policy/namespaces/namespaces_connect.js +62 -0
package/src/platform/policy/namespaces/namespaces_pb.d.ts +270 -0
package/src/platform/policy/namespaces/namespaces_pb.js +110 -0
package/src/platform/policy/objects_pb.d.ts +725 -0
package/src/platform/policy/objects_pb.js +288 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.d.ts +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.js +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.d.ts +314 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.js +142 -0
package/src/platform/policy/selectors_pb.d.ts +269 -0
package/src/platform/policy/selectors_pb.js +110 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.d.ts +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.js +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.d.ts +672 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.js +260 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.d.ts +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.js +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.d.ts +75 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.js +35 -0
package/src/policy/api.ts +61 -0
package/src/policy/attributes.ts +117 -0
package/src/policy/granter.ts +181 -0
package/src/tdf/AttributeObject.ts +27 -0
package/src/tdf/AttributeObjectJwt.ts +3 -0
package/src/tdf/Crypto.ts +42 -0
package/src/tdf/EntityObject.ts +18 -0
package/src/tdf/NanoTDF/NanoTDF.ts +120 -0
package/src/tdf/Policy.ts +51 -0
package/src/tdf/PolicyObject.ts +12 -0
package/src/tdf/TypedArray.ts +12 -0
package/src/tdf/index.ts +6 -0
package/src/types/index.ts +55 -0
package/src/utils.ts +149 -0
package/src/version.ts +9 -0
package/tdf3/index.ts +91 -0
package/tdf3/package-lock.json +6 -0
package/tdf3/package.json +3 -0
package/tdf3/src/assertions.ts +191 -0
package/tdf3/src/binary.ts +195 -0
package/tdf3/src/ciphers/aes-gcm-cipher.ts +76 -0
package/tdf3/src/ciphers/algorithms.ts +9 -0
package/tdf3/src/ciphers/index.ts +2 -0
package/tdf3/src/ciphers/symmetric-cipher-base.ts +38 -0
package/tdf3/src/client/DecoratedReadableStream.ts +148 -0
package/tdf3/src/client/builders.ts +701 -0
package/tdf3/src/client/index.ts +637 -0
package/tdf3/src/client/validation.ts +79 -0
package/tdf3/src/crypto/crypto-utils.ts +119 -0
package/tdf3/src/crypto/declarations.ts +89 -0
package/tdf3/src/crypto/index.ts +394 -0
package/tdf3/src/index.ts +4 -0
package/tdf3/src/models/attribute-set.ts +142 -0
package/tdf3/src/models/encryption-information.ts +172 -0
package/tdf3/src/models/index.ts +8 -0
package/tdf3/src/models/key-access.ts +128 -0
package/tdf3/src/models/manifest.ts +9 -0
package/tdf3/src/models/payload.ts +6 -0
package/tdf3/src/models/policy.ts +35 -0
package/tdf3/src/models/upsert-response.ts +17 -0
package/tdf3/src/tdf.ts +1351 -0
package/tdf3/src/templates/default.html.ts +105 -0
package/tdf3/src/templates/escaper.ts +10 -0
package/tdf3/src/templates/index.ts +2 -0
package/tdf3/src/utils/buffer-crc32.ts +46 -0
package/tdf3/src/utils/chunkers.ts +118 -0
package/tdf3/src/utils/index.ts +309 -0
package/tdf3/src/utils/keysplit.ts +63 -0
package/tdf3/src/utils/zip-reader.ts +341 -0
package/tdf3/src/utils/zip-writer.ts +375 -0
package/tdf3/src/version.ts +2 -0
package/tdf3/types.d.ts +14 -0

package/src/nanotdf-crypto/encrypt.ts ADDED Viewed

@@ -0,0 +1,30 @@
+import { Ciphers, CipherTagLengths } from './ciphers.js';
+/**
+ * Encrypt plaintext buffer to ciphertext buffer
+ *
+ * Only supports AES-GCM
+ * @see https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/decrypt
+ *
+ * @param key Encryption key
+ * @param plaintext Bytes to encrypt
+ * @param iv Initialization vector
+ * @param tagLength Size (bits) of authentication tag
+ * @returns Resolves ciphertext buffer
+ */
+export default async function encrypt(
+  key: CryptoKey,
+  plaintext: Uint8Array,
+  iv: Uint8Array,
+  tagLength?: number
+): Promise<ArrayBuffer> {
+  return crypto.subtle.encrypt(
+    {
+      name: Ciphers.AesGcm,
+      iv,
+      tagLength: tagLength || CipherTagLengths.AesGcm,
+    },
+    key,
+    plaintext
+  );
+}

package/src/nanotdf-crypto/enums.ts ADDED Viewed

@@ -0,0 +1,47 @@
+export enum AlgorithmName {
+  ECDH = 'ECDH',
+  ECDSA = 'ECDSA',
+  ES256 = 'ES256',
+  HKDF = 'HKDF',
+  RSA_OAEP = 'RSA-OAEP',
+  RSA_PSS = 'RSA-PSS',
+}
+export enum NamedCurve {
+  P256 = 'P-256',
+  P384 = 'P-384',
+  P512 = 'P-512',
+}
+export enum CipherType {
+  AesGcm = 'AES-GCM',
+}
+export enum HashType {
+  Sha1 = 'SHA-1',
+  Sha256 = 'SHA-256',
+  Sha384 = 'SHA-384',
+  Sha512 = 'SHA-512',
+}
+export enum KeyFormat {
+  Raw = 'raw',
+  Pkcs8 = 'pkcs8',
+  Spki = 'spki',
+}
+export enum KeyType {
+  Private = 'private',
+  Public = 'public',
+}
+export enum KeyUsageType {
+  Encrypt = 'encrypt',
+  Decrypt = 'decrypt',
+  DeriveBits = 'deriveBits',
+  DeriveKey = 'deriveKey',
+  Verify = 'verify',
+  Sign = 'sign',
+  UnwrapKey = 'unwrapKey',
+  WrapKey = 'wrapKey',
+}

package/src/nanotdf-crypto/exportCryptoKey.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ *
+ * Export to PEM format to binary buffer
+ * - key    {CryptoKey}     default: "undefined" CryptoKey generated by WebCrypto API
+ */
+export default async function exportCryptoKey(key: CryptoKey): Promise<ArrayBuffer> {
+  const exportedKey = await crypto.subtle.exportKey('raw', key);
+  const keyBuffer = new Uint8Array(exportedKey);
+  const len = keyBuffer.byteLength;
+  const xPoint = keyBuffer.slice(0, (1 + len) >>> 1); // drop `y`
+  xPoint[0] = 0x2 | (keyBuffer[len - 1] & 0x01); // encode sign of `y` in first bit
+  // Copy to Arraybuffer
+  const compressedPubKeyBuf = new ArrayBuffer(xPoint.byteLength);
+  new Uint8Array(compressedPubKeyBuf).set(new Uint8Array(xPoint));
+  return compressedPubKeyBuf;
+}

package/src/nanotdf-crypto/generateKeyPair.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { AlgorithmName, NamedCurve, KeyUsageType } from './enums.js';
+interface GenerateKeyPairOptions {
+  type: AlgorithmName.ECDH | AlgorithmName.ECDSA;
+  curve: NamedCurve;
+  keyUsages: Array<KeyUsageType>;
+  isExtractable: boolean;
+}
+export default async function generateKeyPair(
+  { type: name, curve: namedCurve, keyUsages, isExtractable }: GenerateKeyPairOptions = {
+    type: AlgorithmName.ECDH,
+    curve: NamedCurve.P256,
+    keyUsages: [KeyUsageType.DeriveBits, KeyUsageType.DeriveKey],
+    isExtractable: true,
+  }
+): Promise<CryptoKeyPair | never> {
+  return crypto.subtle.generateKey({ name, namedCurve }, isExtractable, keyUsages);
+}

package/src/nanotdf-crypto/generateRandomNumber.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Generate a random number of given length
+ */
+export default function generateRandomNumber(length: number): Uint8Array {
+  const byteArray = new Uint8Array(length);
+  crypto.getRandomValues(byteArray);
+  return byteArray;
+}

package/src/nanotdf-crypto/importRawKey.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { CipherType, KeyFormat, KeyUsageType } from './enums.js';
+/**
+ * Import raw key
+ *
+ * A specific implementation of the importKey method to import raw keys. Specifies some defaults
+ * to ensure security.
+ *
+ * @param key Key which needs to be imported
+ * @param keyUsages How the key will be used
+ * @param isExtractable Whether key is extractable
+ */
+export default async function importRawKey(
+  key: ArrayBuffer,
+  keyUsages: Array<KeyUsageType>,
+  isExtractable = false
+): Promise<CryptoKey> {
+  return crypto.subtle.importKey(KeyFormat.Raw, key, CipherType.AesGcm, isExtractable, keyUsages);
+}

package/src/nanotdf-crypto/index.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export { Ciphers } from './ciphers.js';
+export { default as decrypt } from './decrypt.js';
+export { default as digest } from './digest.js';
+export { default as encrypt } from './encrypt.js';
+export { default as generateKeyPair } from './generateKeyPair.js';
+export { default as importRawKey } from './importRawKey.js';
+export { keyAgreement } from './keyAgreement.js';
+export { default as exportCryptoKey } from './exportCryptoKey.js';
+export { default as generateRandomNumber } from './generateRandomNumber.js';
+export { pemPublicToCrypto, pemCertToCrypto } from './pemPublicToCrypto.js';
+export * as enums from './enums.js';

package/src/nanotdf-crypto/keyAgreement.ts ADDED Viewed

@@ -0,0 +1,139 @@
+/**
+ *
+ * Copyright (c) 2016 SafeBash
+ * Cryptography consultant: Andrew Kozlik, Ph.D.
+ *
+ * @link https://github.com/safebash/opencrypto
+ *
+ */
+/**
+ * MIT License
+ *
+ * Copyright (c) 2016 SafeBash
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
+ * Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
+ * NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+import { ConfigurationError } from '../errors.js';
+import { AlgorithmName, CipherType, HashType, KeyFormat, KeyType, KeyUsageType } from './enums.js';
+const KEY_USAGE_DERIVE_KEY = 'deriveKey';
+interface KeyAgreementOptions {
+  bitLength: number;
+  hkdfHash: HashAlgorithmIdentifier;
+  hkdfInfo: Uint8Array;
+  hkdfSalt: Uint8Array | ArrayBuffer;
+  keyCipher: string;
+  keyLength: number;
+  keyUsages: KeyUsage[];
+  isExtractable: boolean;
+}
+/**
+ *
+ * ECDH Key Agreement
+ * - publicKey          {CryptoKey}     default: "undefined"
+ * - privateKey         {CryptoKey}     default: "undefined"
+ * - options            {Object}        default: { bitLength: 256, hkdfHash: 'SHA-512', hkdfSalt: "new UInt8Array()", hkdfInfo: "new UInt8Array()", keyCipher: 'AES-GCM', keyLength: 256, keyUsages: ['encrypt', 'decrypt', 'wrapKey', 'unwrapKey'], isExtractable: true }
+ */
+export async function keyAgreement(
+  privateKey: CryptoKey,
+  publicKey: CryptoKey,
+  options: Partial<KeyAgreementOptions> = {
+    bitLength: 256,
+    hkdfHash: HashType.Sha256,
+    hkdfInfo: new Uint8Array(),
+    hkdfSalt: new Uint8Array(),
+    keyCipher: CipherType.AesGcm,
+    keyLength: 256,
+    keyUsages: [
+      KeyUsageType.Encrypt,
+      KeyUsageType.Decrypt,
+      KeyUsageType.UnwrapKey,
+      KeyUsageType.WrapKey,
+    ],
+    isExtractable: true,
+  }
+): Promise<CryptoKey> {
+  if (
+    publicKey?.algorithm?.name !== AlgorithmName.ECDSA &&
+    publicKey?.algorithm?.name !== AlgorithmName.ECDH
+  ) {
+    throw new ConfigurationError('CryptoKey is expected to be of type ECDSA or ECDH');
+  }
+  if (privateKey.type !== KeyType.Private) {
+    throw new ConfigurationError('Expected input of privateKey to be a CryptoKey of type private');
+  }
+  if (publicKey.type !== KeyType.Public) {
+    throw new ConfigurationError('Expected input of publicKey to be a CryptoKey of type public');
+  }
+  const {
+    bitLength = 256,
+    hkdfHash = HashType.Sha256,
+    hkdfInfo = new Uint8Array(),
+    hkdfSalt = new Uint8Array(),
+    keyCipher = CipherType.AesGcm,
+    keyLength = 256,
+    isExtractable = true,
+    keyUsages = [
+      KeyUsageType.Encrypt,
+      KeyUsageType.Decrypt,
+      KeyUsageType.UnwrapKey,
+      KeyUsageType.WrapKey,
+    ],
+  } = options;
+  const derivedBits = await crypto.subtle.deriveBits(
+    {
+      name: AlgorithmName.ECDH,
+      public: publicKey,
+    },
+    privateKey,
+    bitLength
+  );
+  const derivedKey = await crypto.subtle.importKey(
+    KeyFormat.Raw,
+    derivedBits,
+    {
+      name: AlgorithmName.HKDF,
+    },
+    false,
+    [KEY_USAGE_DERIVE_KEY]
+  );
+  const symmetricKey = await crypto.subtle.deriveKey(
+    {
+      name: AlgorithmName.HKDF,
+      hash: hkdfHash,
+      salt: hkdfSalt,
+      info: hkdfInfo,
+    },
+    derivedKey,
+    {
+      name: keyCipher,
+      length: keyLength,
+    },
+    isExtractable,
+    keyUsages
+  );
+  return symmetricKey;
+}

package/src/nanotdf-crypto/pemPublicToCrypto.ts ADDED Viewed

@@ -0,0 +1,232 @@
+/**
+ *
+ * Copyright (c) 2016 SafeBash
+ * Cryptography consultant: Andrew Kozlik, Ph.D.
+ *
+ * @link https://github.com/safebash/opencrypto
+ *
+ */
+/**
+ * MIT License
+ *
+ * Copyright (c) 2016 SafeBash
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+ * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
+ * to whom the Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
+ * Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
+ * NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+ * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+import * as base64 from '../encodings/base64.js';
+import { importX509 } from 'jose';
+import { type KeyObject } from 'crypto';
+import { encodeArrayBuffer as hexEncodeArrayBuffer } from '../encodings/hex.js';
+import { ConfigurationError, TdfError } from '../errors.js';
+const RSA_OID = '06092a864886f70d010101';
+const EC_OID = '06072a8648ce3d0201';
+const P256_OID = '06082a8648ce3d030107';
+const P384_OID = '06052b81040022';
+const P521_OID = '06052b81040023';
+const SHA_512 = 'SHA-512';
+const SPKI = 'spki';
+const CERT_BEGIN = '-----BEGIN CERTIFICATE-----';
+const CERT_END = '-----END CERTIFICATE-----';
+const P_256 = 'P-256';
+const P_384 = 'P-384';
+const P_512 = 'P-512';
+type CurveName = typeof P_256 | typeof P_384 | typeof P_512;
+const ECDH = 'ECDH';
+const ECDSA = 'ECDSA';
+const RSA_OAEP = 'RSA-OAEP';
+const RSA_PSS = 'RSA-PSS';
+type AlgorithmName = typeof ECDH | typeof ECDSA | typeof RSA_OAEP | typeof RSA_PSS;
+interface PemPublicToCryptoOptions {
+  name?: string;
+  hash?: string;
+  usages?: KeyUsage[];
+  isExtractable: boolean;
+}
+function guessKeyUsages(algorithmName: AlgorithmName, usages?: KeyUsage[]): KeyUsage[] {
+  if (usages) return usages;
+  switch (algorithmName) {
+    case ECDSA:
+      return ['verify'];
+    case RSA_OAEP:
+      return ['encrypt', 'wrapKey'];
+    case RSA_PSS:
+      return ['verify'];
+    case ECDH:
+    default:
+      return [];
+  }
+}
+function guessAlgorithmName(hex: string, algorithmName?: string): AlgorithmName {
+  if (hex.includes(EC_OID)) {
+    if (!algorithmName || algorithmName === ECDH) {
+      return ECDH;
+    } else if (algorithmName === ECDSA) {
+      return ECDSA;
+    }
+  } else if (hex.includes(RSA_OID)) {
+    if (!algorithmName || algorithmName === RSA_OAEP) {
+      return RSA_OAEP;
+    } else if (algorithmName === RSA_PSS) {
+      return RSA_PSS;
+    }
+  }
+  throw new TypeError(`Invalid public key, ${algorithmName}`);
+}
+function guessCurveName(hex: string): CurveName {
+  if (hex.includes(P256_OID)) {
+    return P_256;
+  } else if (hex.includes(P384_OID)) {
+    return P_384;
+  } else if (hex.includes(P521_OID)) {
+    return P_512;
+  }
+  throw new TdfError('Unsupported curve name or invalid key');
+}
+/**
+ *
+ * Converts asymmetric public key from PEM to CryptoKey
+ * - publicKey       {String}      default: "undefined" PEM public key
+ * - options         {Object}      default: (depends on algorithm)
+ * -- ECDH: { name: 'ECDH', usages: [], isExtractable: true }
+ * -- ECDSA: { name: 'ECDSA', usages: ['verify'], isExtractable: true }
+ * -- RSA-OAEP: { name: 'RSA-OAEP', hash: { name: 'SHA-512' }, usages: ['encrypt', 'wrapKey'], isExtractable: true }
+ * -- RSA-PSS: { name: 'RSA-PSS', hash: { name: 'SHA-512' }, usages: ['verify'], isExtractable: true }
+ */
+export async function pemPublicToCrypto(
+  pem: string,
+  options: PemPublicToCryptoOptions = {
+    isExtractable: true,
+  }
+): Promise<CryptoKey> {
+  pem = pem.replace('-----BEGIN PUBLIC KEY-----', '');
+  pem = pem.replace('-----END PUBLIC KEY-----', '');
+  const b64 = pem.replace(/\s/g, '');
+  const arrayBuffer = base64.decodeArrayBuffer(b64);
+  const hex = hexEncodeArrayBuffer(arrayBuffer);
+  const algorithmName = guessAlgorithmName(hex, options.name);
+  const keyUsages = guessKeyUsages(algorithmName, options.usages);
+  if (algorithmName === ECDH || algorithmName === ECDSA) {
+    const namedCurve = guessCurveName(hex);
+    return crypto.subtle.importKey(
+      SPKI,
+      arrayBuffer,
+      {
+        name: algorithmName,
+        namedCurve,
+      },
+      options.isExtractable,
+      keyUsages
+    );
+  } else if (algorithmName === RSA_OAEP || algorithmName === RSA_PSS) {
+    return crypto.subtle.importKey(
+      SPKI,
+      arrayBuffer,
+      {
+        name: algorithmName,
+        hash: {
+          name: options.hash || SHA_512,
+        },
+      },
+      options.isExtractable,
+      keyUsages
+    );
+  } else {
+    throw new TypeError('Invalid public key');
+  }
+}
+/**
+ * Look up JWK algorithm at https://github.com/panva/jose/issues/210
+ */
+function toJwsAlg(hex: string) {
+  const a = guessAlgorithmName(hex);
+  if (a === ECDH) {
+    return 'ECDH-ES';
+  } else if (a === ECDSA) {
+    switch (guessCurveName(hex)) {
+      case 'P-256':
+        return 'ES256';
+      case 'P-384':
+        return 'ES384';
+      case 'P-512':
+        return 'ES512';
+    }
+  } else if (a === RSA_OAEP) {
+    return 'RS512';
+  } else {
+    return 'RSA-OAEP-512';
+  }
+}
+function toSubtleAlg(hex: string) {
+  const name = guessAlgorithmName(hex);
+  if (name === ECDH || name === ECDSA) {
+    return {
+      name,
+      namedCurve: guessCurveName(hex),
+    };
+  }
+  return {
+    name,
+    hash: { name: SHA_512 },
+  };
+}
+export async function pemCertToCrypto(
+  pem: string,
+  options: PemPublicToCryptoOptions = {
+    isExtractable: true,
+  }
+): Promise<CryptoKey> {
+  let crt = pem.replace(CERT_BEGIN, '');
+  crt = crt.replace(CERT_END, '');
+  const b64 = crt.replace(/\s/g, '');
+  const arrayBuffer = base64.decodeArrayBuffer(b64);
+  const hex = hexEncodeArrayBuffer(arrayBuffer);
+  const jwsAlg = toJwsAlg(hex);
+  const keylike = await importX509(pem, jwsAlg, { extractable: options.isExtractable });
+  const { type } = keylike;
+  if (type !== 'public') {
+    throw new ConfigurationError('unpublic');
+  }
+  // FIXME Jose workaround for node clients.
+  // jose returns a crypto key on node, but we expect a subtle-crypto key
+  // The below should convert it, I hope, by exporting to a JWK and back.
+  if ((keylike as KeyObject)?.export) {
+    const keyObject = keylike as KeyObject;
+    const subtleAlg = toSubtleAlg(hex);
+    const keyUsages = guessKeyUsages(subtleAlg.name, options.usages);
+    const subtleKey = await crypto.subtle.importKey(
+      'jwk',
+      keyObject.export({ format: 'jwk' }),
+      subtleAlg,
+      options.isExtractable,
+      keyUsages
+    );
+    return subtleKey;
+  }
+  return keylike as CryptoKey;
+}

package/src/package-lock.json ADDED Viewed

@@ -0,0 +1,6 @@
+{
+    "name": "src",
+    "lockfileVersion": 3,
+    "requires": true,
+    "packages": {}
+}

package/src/package.json ADDED Viewed

@@ -0,0 +1,3 @@
+{
+    "type": "module"
+}

package/src/platform/authorization/authorization_connect.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+// @generated by protoc-gen-connect-es v1.4.0 with parameter "target=js+dts,import_extension=none"
+// @generated from file authorization/authorization.proto (package authorization, syntax proto3)
+/* eslint-disable */
+// @ts-nocheck
+import { GetDecisionsByTokenRequest, GetDecisionsByTokenResponse, GetDecisionsRequest, GetDecisionsResponse, GetEntitlementsRequest, GetEntitlementsResponse } from "./authorization_pb";
+import { MethodKind } from "@bufbuild/protobuf";
+/**
+ * @generated from service authorization.AuthorizationService
+ */
+export declare const AuthorizationService: {
+  readonly typeName: "authorization.AuthorizationService",
+  readonly methods: {
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetDecisions
+     */
+    readonly getDecisions: {
+      readonly name: "GetDecisions",
+      readonly I: typeof GetDecisionsRequest,
+      readonly O: typeof GetDecisionsResponse,
+      readonly kind: MethodKind.Unary,
+    },
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetDecisionsByToken
+     */
+    readonly getDecisionsByToken: {
+      readonly name: "GetDecisionsByToken",
+      readonly I: typeof GetDecisionsByTokenRequest,
+      readonly O: typeof GetDecisionsByTokenResponse,
+      readonly kind: MethodKind.Unary,
+    },
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetEntitlements
+     */
+    readonly getEntitlements: {
+      readonly name: "GetEntitlements",
+      readonly I: typeof GetEntitlementsRequest,
+      readonly O: typeof GetEntitlementsResponse,
+      readonly kind: MethodKind.Unary,
+    },
+  }
+};

package/src/platform/authorization/authorization_connect.js ADDED Viewed

@@ -0,0 +1,44 @@
+// @generated by protoc-gen-connect-es v1.4.0 with parameter "target=js+dts,import_extension=none"
+// @generated from file authorization/authorization.proto (package authorization, syntax proto3)
+/* eslint-disable */
+// @ts-nocheck
+import { GetDecisionsByTokenRequest, GetDecisionsByTokenResponse, GetDecisionsRequest, GetDecisionsResponse, GetEntitlementsRequest, GetEntitlementsResponse } from "./authorization_pb";
+import { MethodKind } from "@bufbuild/protobuf";
+/**
+ * @generated from service authorization.AuthorizationService
+ */
+export const AuthorizationService = {
+  typeName: "authorization.AuthorizationService",
+  methods: {
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetDecisions
+     */
+    getDecisions: {
+      name: "GetDecisions",
+      I: GetDecisionsRequest,
+      O: GetDecisionsResponse,
+      kind: MethodKind.Unary,
+    },
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetDecisionsByToken
+     */
+    getDecisionsByToken: {
+      name: "GetDecisionsByToken",
+      I: GetDecisionsByTokenRequest,
+      O: GetDecisionsByTokenResponse,
+      kind: MethodKind.Unary,
+    },
+    /**
+     * @generated from rpc authorization.AuthorizationService.GetEntitlements
+     */
+    getEntitlements: {
+      name: "GetEntitlements",
+      I: GetEntitlementsRequest,
+      O: GetEntitlementsResponse,
+      kind: MethodKind.Unary,
+    },
+  }
+};