npm - @opentdf/sdk - Versions diffs - 0.1.0-beta.1701 - Mend

@opentdf/sdk 0.1.0-beta.1701

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (566) hide show

package/README.md +52 -0
package/dist/cjs/package.json +3 -0
package/dist/cjs/src/access.js +155 -0
package/dist/cjs/src/auth/Eas.js +60 -0
package/dist/cjs/src/auth/auth.js +79 -0
package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +26 -0
package/dist/cjs/src/auth/oidc-externaljwt-provider.js +33 -0
package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +34 -0
package/dist/cjs/src/auth/oidc.js +222 -0
package/dist/cjs/src/auth/providers.js +143 -0
package/dist/cjs/src/encodings/base64.js +154 -0
package/dist/cjs/src/encodings/hex.js +70 -0
package/dist/cjs/src/encodings/index.js +29 -0
package/dist/cjs/src/errors.js +138 -0
package/dist/cjs/src/index.js +344 -0
package/dist/cjs/src/nanotdf/Client.js +296 -0
package/dist/cjs/src/nanotdf/NanoTDF.js +94 -0
package/dist/cjs/src/nanotdf/browser-entry.js +19 -0
package/dist/cjs/src/nanotdf/constants.js +5 -0
package/dist/cjs/src/nanotdf/decrypt.js +17 -0
package/dist/cjs/src/nanotdf/encrypt-dataset.js +38 -0
package/dist/cjs/src/nanotdf/encrypt.js +132 -0
package/dist/cjs/src/nanotdf/enum/CipherEnum.js +13 -0
package/dist/cjs/src/nanotdf/enum/CurveNameEnum.js +15 -0
package/dist/cjs/src/nanotdf/enum/EncodingEnum.js +8 -0
package/dist/cjs/src/nanotdf/enum/PolicyTypeEnum.js +11 -0
package/dist/cjs/src/nanotdf/enum/ProtocolEnum.js +10 -0
package/dist/cjs/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +11 -0
package/dist/cjs/src/nanotdf/helpers/calculateByCurve.js +29 -0
package/dist/cjs/src/nanotdf/helpers/getHkdfSalt.js +11 -0
package/dist/cjs/src/nanotdf/index.js +25 -0
package/dist/cjs/src/nanotdf/interfaces/PolicyInterface.js +3 -0
package/dist/cjs/src/nanotdf/models/Ciphers.js +61 -0
package/dist/cjs/src/nanotdf/models/DefaultParams.js +27 -0
package/dist/cjs/src/nanotdf/models/EcCurves.js +39 -0
package/dist/cjs/src/nanotdf/models/Header.js +255 -0
package/dist/cjs/src/nanotdf/models/Payload.js +158 -0
package/dist/cjs/src/nanotdf/models/Policy/AbstractPolicy.js +73 -0
package/dist/cjs/src/nanotdf/models/Policy/EmbeddedPolicy.js +82 -0
package/dist/cjs/src/nanotdf/models/Policy/PolicyFactory.js +38 -0
package/dist/cjs/src/nanotdf/models/Policy/RemotePolicy.js +62 -0
package/dist/cjs/src/nanotdf/models/ResourceLocator.js +211 -0
package/dist/cjs/src/nanotdf/models/Signature.js +77 -0
package/dist/cjs/src/nanotdf-crypto/ciphers.js +17 -0
package/dist/cjs/src/nanotdf-crypto/decrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/digest.js +7 -0
package/dist/cjs/src/nanotdf-crypto/ecdsaSignature.js +83 -0
package/dist/cjs/src/nanotdf-crypto/encrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/enums.js +52 -0
package/dist/cjs/src/nanotdf-crypto/exportCryptoKey.js +20 -0
package/dist/cjs/src/nanotdf-crypto/generateKeyPair.js +13 -0
package/dist/cjs/src/nanotdf-crypto/generateRandomNumber.js +12 -0
package/dist/cjs/src/nanotdf-crypto/importRawKey.js +18 -0
package/dist/cjs/src/nanotdf-crypto/index.js +52 -0
package/dist/cjs/src/nanotdf-crypto/keyAgreement.js +91 -0
package/dist/cjs/src/nanotdf-crypto/pemPublicToCrypto.js +225 -0
package/dist/cjs/src/policy/api.js +58 -0
package/dist/cjs/src/policy/attributes.js +3 -0
package/dist/cjs/src/policy/granter.js +146 -0
package/dist/cjs/src/tdf/AttributeObject.js +15 -0
package/dist/cjs/src/tdf/AttributeObjectJwt.js +3 -0
package/dist/cjs/src/tdf/Crypto.js +47 -0
package/dist/cjs/src/tdf/EntityObject.js +3 -0
package/dist/cjs/src/tdf/NanoTDF/NanoTDF.js +38 -0
package/dist/cjs/src/tdf/Policy.js +50 -0
package/dist/cjs/src/tdf/PolicyObject.js +3 -0
package/dist/cjs/src/tdf/TypedArray.js +3 -0
package/dist/cjs/src/tdf/index.js +35 -0
package/dist/cjs/src/types/index.js +3 -0
package/dist/cjs/src/utils.js +147 -0
package/dist/cjs/src/version.js +12 -0
package/dist/cjs/tdf3/index.js +57 -0
package/dist/cjs/tdf3/src/assertions.js +118 -0
package/dist/cjs/tdf3/src/binary.js +153 -0
package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +56 -0
package/dist/cjs/tdf3/src/ciphers/algorithms.js +8 -0
package/dist/cjs/tdf3/src/ciphers/index.js +8 -0
package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +22 -0
package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +116 -0
package/dist/cjs/tdf3/src/client/builders.js +561 -0
package/dist/cjs/tdf3/src/client/index.js +460 -0
package/dist/cjs/tdf3/src/client/validation.js +63 -0
package/dist/cjs/tdf3/src/crypto/crypto-utils.js +116 -0
package/dist/cjs/tdf3/src/crypto/declarations.js +8 -0
package/dist/cjs/tdf3/src/crypto/index.js +315 -0
package/dist/cjs/tdf3/src/index.js +34 -0
package/dist/cjs/tdf3/src/models/attribute-set.js +122 -0
package/dist/cjs/tdf3/src/models/encryption-information.js +90 -0
package/dist/cjs/tdf3/src/models/index.js +25 -0
package/dist/cjs/tdf3/src/models/key-access.js +103 -0
package/dist/cjs/tdf3/src/models/manifest.js +3 -0
package/dist/cjs/tdf3/src/models/payload.js +3 -0
package/dist/cjs/tdf3/src/models/policy.js +24 -0
package/dist/cjs/tdf3/src/models/upsert-response.js +3 -0
package/dist/cjs/tdf3/src/tdf.js +907 -0
package/dist/cjs/tdf3/src/templates/default.html.js +98 -0
package/dist/cjs/tdf3/src/templates/escaper.js +15 -0
package/dist/cjs/tdf3/src/templates/index.js +12 -0
package/dist/cjs/tdf3/src/utils/buffer-crc32.js +48 -0
package/dist/cjs/tdf3/src/utils/chunkers.js +106 -0
package/dist/cjs/tdf3/src/utils/index.js +296 -0
package/dist/cjs/tdf3/src/utils/keysplit.js +61 -0
package/dist/cjs/tdf3/src/utils/zip-reader.js +253 -0
package/dist/cjs/tdf3/src/utils/zip-writer.js +308 -0
package/dist/cjs/tdf3/src/version.js +6 -0
package/dist/types/src/access.d.ts +47 -0
package/dist/types/src/access.d.ts.map +1 -0
package/dist/types/src/auth/Eas.d.ts +34 -0
package/dist/types/src/auth/Eas.d.ts.map +1 -0
package/dist/types/src/auth/auth.d.ts +86 -0
package/dist/types/src/auth/auth.d.ts.map +1 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +9 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc.d.ts +104 -0
package/dist/types/src/auth/oidc.d.ts.map +1 -0
package/dist/types/src/auth/providers.d.ts +67 -0
package/dist/types/src/auth/providers.d.ts.map +1 -0
package/dist/types/src/encodings/base64.d.ts +18 -0
package/dist/types/src/encodings/base64.d.ts.map +1 -0
package/dist/types/src/encodings/hex.d.ts +5 -0
package/dist/types/src/encodings/hex.d.ts.map +1 -0
package/dist/types/src/encodings/index.d.ts +3 -0
package/dist/types/src/encodings/index.d.ts.map +1 -0
package/dist/types/src/errors.d.ts +72 -0
package/dist/types/src/errors.d.ts.map +1 -0
package/dist/types/src/index.d.ts +138 -0
package/dist/types/src/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/Client.d.ts +95 -0
package/dist/types/src/nanotdf/Client.d.ts.map +1 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts +25 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts.map +1 -0
package/dist/types/src/nanotdf/browser-entry.d.ts +17 -0
package/dist/types/src/nanotdf/browser-entry.d.ts.map +1 -0
package/dist/types/src/nanotdf/constants.d.ts +2 -0
package/dist/types/src/nanotdf/constants.d.ts.map +1 -0
package/dist/types/src/nanotdf/decrypt.d.ts +9 -0
package/dist/types/src/nanotdf/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts +12 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts +10 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts +12 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts +5 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts +7 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts +20 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts +9 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts.map +1 -0
package/dist/types/src/nanotdf/index.d.ts +9 -0
package/dist/types/src/nanotdf/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts +17 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts +14 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts +21 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts +15 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Header.d.ts +73 -0
package/dist/types/src/nanotdf/models/Header.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Payload.d.ts +47 -0
package/dist/types/src/nanotdf/models/Payload.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts +52 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts +35 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts +11 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts +31 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts +65 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Signature.d.ts +33 -0
package/dist/types/src/nanotdf/models/Signature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts +8 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts +3 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts +35 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts +42 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts +7 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts +10 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts +5 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts +13 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/index.d.ts +12 -0
package/dist/types/src/nanotdf-crypto/index.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts.map +1 -0
package/dist/types/src/policy/api.d.ts +4 -0
package/dist/types/src/policy/api.d.ts.map +1 -0
package/dist/types/src/policy/attributes.d.ts +95 -0
package/dist/types/src/policy/attributes.d.ts.map +1 -0
package/dist/types/src/policy/granter.d.ts +23 -0
package/dist/types/src/policy/granter.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObject.d.ts +13 -0
package/dist/types/src/tdf/AttributeObject.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts +4 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts.map +1 -0
package/dist/types/src/tdf/Crypto.d.ts +37 -0
package/dist/types/src/tdf/Crypto.d.ts.map +1 -0
package/dist/types/src/tdf/EntityObject.d.ts +18 -0
package/dist/types/src/tdf/EntityObject.d.ts.map +1 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts +99 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map +1 -0
package/dist/types/src/tdf/Policy.d.ts +28 -0
package/dist/types/src/tdf/Policy.d.ts.map +1 -0
package/dist/types/src/tdf/PolicyObject.d.ts +11 -0
package/dist/types/src/tdf/PolicyObject.d.ts.map +1 -0
package/dist/types/src/tdf/TypedArray.d.ts +3 -0
package/dist/types/src/tdf/TypedArray.d.ts.map +1 -0
package/dist/types/src/tdf/index.d.ts +7 -0
package/dist/types/src/tdf/index.d.ts.map +1 -0
package/dist/types/src/types/index.d.ts +45 -0
package/dist/types/src/types/index.d.ts.map +1 -0
package/dist/types/src/utils.d.ts +45 -0
package/dist/types/src/utils.d.ts.map +1 -0
package/dist/types/src/version.d.ts +9 -0
package/dist/types/src/version.d.ts.map +1 -0
package/dist/types/tdf3/index.d.ts +16 -0
package/dist/types/tdf3/index.d.ts.map +1 -0
package/dist/types/tdf3/src/assertions.d.ts +63 -0
package/dist/types/tdf3/src/assertions.d.ts.map +1 -0
package/dist/types/tdf3/src/binary.d.ts +38 -0
package/dist/types/tdf3/src/binary.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts +18 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts +4 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/index.d.ts +3 -0
package/dist/types/tdf3/src/ciphers/index.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts +14 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts.map +1 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +53 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -0
package/dist/types/tdf3/src/client/builders.d.ts +436 -0
package/dist/types/tdf3/src/client/builders.d.ts.map +1 -0
package/dist/types/tdf3/src/client/index.d.ts +139 -0
package/dist/types/tdf3/src/client/index.d.ts.map +1 -0
package/dist/types/tdf3/src/client/validation.d.ts +8 -0
package/dist/types/tdf3/src/client/validation.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts +34 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts +60 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/index.d.ts +103 -0
package/dist/types/tdf3/src/crypto/index.d.ts.map +1 -0
package/dist/types/tdf3/src/index.d.ts +5 -0
package/dist/types/tdf3/src/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts +65 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts.map +1 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts +49 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts.map +1 -0
package/dist/types/tdf3/src/models/index.d.ts +9 -0
package/dist/types/tdf3/src/models/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/key-access.d.ts +42 -0
package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -0
package/dist/types/tdf3/src/models/manifest.d.ts +9 -0
package/dist/types/tdf3/src/models/manifest.d.ts.map +1 -0
package/dist/types/tdf3/src/models/payload.d.ts +7 -0
package/dist/types/tdf3/src/models/payload.d.ts.map +1 -0
package/dist/types/tdf3/src/models/policy.d.ts +13 -0
package/dist/types/tdf3/src/models/policy.d.ts.map +1 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts +16 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts.map +1 -0
package/dist/types/tdf3/src/tdf.d.ts +152 -0
package/dist/types/tdf3/src/tdf.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/default.html.d.ts +8 -0
package/dist/types/tdf3/src/templates/default.html.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/escaper.d.ts +6 -0
package/dist/types/tdf3/src/templates/escaper.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/index.d.ts +3 -0
package/dist/types/tdf3/src/templates/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts +2 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts +29 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/index.d.ts +36 -0
package/dist/types/tdf3/src/utils/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts +19 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts +63 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts +35 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts.map +1 -0
package/dist/types/tdf3/src/version.d.ts +3 -0
package/dist/types/tdf3/src/version.d.ts.map +1 -0
package/dist/web/package.json +3 -0
package/dist/web/src/access.js +147 -0
package/dist/web/src/auth/Eas.js +55 -0
package/dist/web/src/auth/auth.js +71 -0
package/dist/web/src/auth/oidc-clientcredentials-provider.js +22 -0
package/dist/web/src/auth/oidc-externaljwt-provider.js +29 -0
package/dist/web/src/auth/oidc-refreshtoken-provider.js +30 -0
package/dist/web/src/auth/oidc.js +215 -0
package/dist/web/src/auth/providers.js +119 -0
package/dist/web/src/encodings/base64.js +147 -0
package/dist/web/src/encodings/hex.js +63 -0
package/dist/web/src/encodings/index.js +3 -0
package/dist/web/src/errors.js +123 -0
package/dist/web/src/index.js +313 -0
package/dist/web/src/nanotdf/Client.js +268 -0
package/dist/web/src/nanotdf/NanoTDF.js +89 -0
package/dist/web/src/nanotdf/browser-entry.js +14 -0
package/dist/web/src/nanotdf/constants.js +2 -0
package/dist/web/src/nanotdf/decrypt.js +14 -0
package/dist/web/src/nanotdf/encrypt-dataset.js +32 -0
package/dist/web/src/nanotdf/encrypt.js +126 -0
package/dist/web/src/nanotdf/enum/CipherEnum.js +11 -0
package/dist/web/src/nanotdf/enum/CurveNameEnum.js +13 -0
package/dist/web/src/nanotdf/enum/EncodingEnum.js +6 -0
package/dist/web/src/nanotdf/enum/PolicyTypeEnum.js +9 -0
package/dist/web/src/nanotdf/enum/ProtocolEnum.js +8 -0
package/dist/web/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +9 -0
package/dist/web/src/nanotdf/helpers/calculateByCurve.js +24 -0
package/dist/web/src/nanotdf/helpers/getHkdfSalt.js +8 -0
package/dist/web/src/nanotdf/index.js +11 -0
package/dist/web/src/nanotdf/interfaces/PolicyInterface.js +2 -0
package/dist/web/src/nanotdf/models/Ciphers.js +54 -0
package/dist/web/src/nanotdf/models/DefaultParams.js +22 -0
package/dist/web/src/nanotdf/models/EcCurves.js +32 -0
package/dist/web/src/nanotdf/models/Header.js +250 -0
package/dist/web/src/nanotdf/models/Payload.js +156 -0
package/dist/web/src/nanotdf/models/Policy/AbstractPolicy.js +71 -0
package/dist/web/src/nanotdf/models/Policy/EmbeddedPolicy.js +77 -0
package/dist/web/src/nanotdf/models/Policy/PolicyFactory.js +33 -0
package/dist/web/src/nanotdf/models/Policy/RemotePolicy.js +57 -0
package/dist/web/src/nanotdf/models/ResourceLocator.js +206 -0
package/dist/web/src/nanotdf/models/Signature.js +74 -0
package/dist/web/src/nanotdf-crypto/ciphers.js +14 -0
package/dist/web/src/nanotdf-crypto/decrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/digest.js +4 -0
package/dist/web/src/nanotdf-crypto/ecdsaSignature.js +77 -0
package/dist/web/src/nanotdf-crypto/encrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/enums.js +49 -0
package/dist/web/src/nanotdf-crypto/exportCryptoKey.js +17 -0
package/dist/web/src/nanotdf-crypto/generateKeyPair.js +10 -0
package/dist/web/src/nanotdf-crypto/generateRandomNumber.js +9 -0
package/dist/web/src/nanotdf-crypto/importRawKey.js +15 -0
package/dist/web/src/nanotdf-crypto/index.js +12 -0
package/dist/web/src/nanotdf-crypto/keyAgreement.js +87 -0
package/dist/web/src/nanotdf-crypto/pemPublicToCrypto.js +197 -0
package/dist/web/src/policy/api.js +54 -0
package/dist/web/src/policy/attributes.js +2 -0
package/dist/web/src/policy/granter.js +141 -0
package/dist/web/src/tdf/AttributeObject.js +11 -0
package/dist/web/src/tdf/AttributeObjectJwt.js +2 -0
package/dist/web/src/tdf/Crypto.js +44 -0
package/dist/web/src/tdf/EntityObject.js +2 -0
package/dist/web/src/tdf/NanoTDF/NanoTDF.js +35 -0
package/dist/web/src/tdf/Policy.js +48 -0
package/dist/web/src/tdf/PolicyObject.js +2 -0
package/dist/web/src/tdf/TypedArray.js +2 -0
package/dist/web/src/tdf/index.js +4 -0
package/dist/web/src/types/index.js +2 -0
package/dist/web/src/utils.js +133 -0
package/dist/web/src/version.js +9 -0
package/dist/web/tdf3/index.js +13 -0
package/dist/web/tdf3/src/assertions.js +111 -0
package/dist/web/tdf3/src/binary.js +149 -0
package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +52 -0
package/dist/web/tdf3/src/ciphers/algorithms.js +5 -0
package/dist/web/tdf3/src/ciphers/index.js +3 -0
package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +18 -0
package/dist/web/tdf3/src/client/DecoratedReadableStream.js +107 -0
package/dist/web/tdf3/src/client/builders.js +557 -0
package/dist/web/tdf3/src/client/index.js +423 -0
package/dist/web/tdf3/src/client/validation.js +58 -0
package/dist/web/tdf3/src/crypto/crypto-utils.js +107 -0
package/dist/web/tdf3/src/crypto/declarations.js +5 -0
package/dist/web/tdf3/src/crypto/index.js +296 -0
package/dist/web/tdf3/src/index.js +5 -0
package/dist/web/tdf3/src/models/attribute-set.js +118 -0
package/dist/web/tdf3/src/models/encryption-information.js +86 -0
package/dist/web/tdf3/src/models/index.js +9 -0
package/dist/web/tdf3/src/models/key-access.js +74 -0
package/dist/web/tdf3/src/models/manifest.js +2 -0
package/dist/web/tdf3/src/models/payload.js +2 -0
package/dist/web/tdf3/src/models/policy.js +20 -0
package/dist/web/tdf3/src/models/upsert-response.js +2 -0
package/dist/web/tdf3/src/tdf.js +866 -0
package/dist/web/tdf3/src/templates/default.html.js +96 -0
package/dist/web/tdf3/src/templates/escaper.js +10 -0
package/dist/web/tdf3/src/templates/index.js +3 -0
package/dist/web/tdf3/src/utils/buffer-crc32.js +44 -0
package/dist/web/tdf3/src/utils/chunkers.js +96 -0
package/dist/web/tdf3/src/utils/index.js +248 -0
package/dist/web/tdf3/src/utils/keysplit.js +55 -0
package/dist/web/tdf3/src/utils/zip-reader.js +247 -0
package/dist/web/tdf3/src/utils/zip-writer.js +302 -0
package/dist/web/tdf3/src/version.js +3 -0
package/package.json +126 -0
package/src/access.ts +198 -0
package/src/auth/Eas.ts +79 -0
package/src/auth/auth.ts +141 -0
package/src/auth/oidc-clientcredentials-provider.ts +32 -0
package/src/auth/oidc-externaljwt-provider.ts +41 -0
package/src/auth/oidc-refreshtoken-provider.ts +41 -0
package/src/auth/oidc.ts +307 -0
package/src/auth/providers.ts +139 -0
package/src/encodings/base64.ts +160 -0
package/src/encodings/hex.ts +69 -0
package/src/encodings/index.ts +2 -0
package/src/errors.ts +113 -0
package/src/index.ts +441 -0
package/src/nanotdf/Client.ts +349 -0
package/src/nanotdf/NanoTDF.ts +121 -0
package/src/nanotdf/browser-entry.ts +20 -0
package/src/nanotdf/constants.ts +1 -0
package/src/nanotdf/decrypt.ts +19 -0
package/src/nanotdf/encrypt-dataset.ts +52 -0
package/src/nanotdf/encrypt.ts +197 -0
package/src/nanotdf/enum/CipherEnum.ts +10 -0
package/src/nanotdf/enum/CurveNameEnum.ts +12 -0
package/src/nanotdf/enum/EncodingEnum.ts +5 -0
package/src/nanotdf/enum/PolicyTypeEnum.ts +8 -0
package/src/nanotdf/enum/ProtocolEnum.ts +7 -0
package/src/nanotdf/enum/ResourceLocatorIdentifierEnum.ts +8 -0
package/src/nanotdf/helpers/calculateByCurve.ts +26 -0
package/src/nanotdf/helpers/getHkdfSalt.ts +15 -0
package/src/nanotdf/index.ts +10 -0
package/src/nanotdf/interfaces/PolicyInterface.ts +27 -0
package/src/nanotdf/models/Ciphers.ts +67 -0
package/src/nanotdf/models/DefaultParams.ts +24 -0
package/src/nanotdf/models/EcCurves.ts +40 -0
package/src/nanotdf/models/Header.ts +322 -0
package/src/nanotdf/models/Payload.ts +196 -0
package/src/nanotdf/models/Policy/AbstractPolicy.ts +90 -0
package/src/nanotdf/models/Policy/EmbeddedPolicy.ts +101 -0
package/src/nanotdf/models/Policy/PolicyFactory.ts +48 -0
package/src/nanotdf/models/Policy/RemotePolicy.ts +74 -0
package/src/nanotdf/models/ResourceLocator.ts +212 -0
package/src/nanotdf/models/Signature.ts +85 -0
package/src/nanotdf-crypto/ciphers.ts +13 -0
package/src/nanotdf-crypto/decrypt.ts +30 -0
package/src/nanotdf-crypto/digest.ts +8 -0
package/src/nanotdf-crypto/ecdsaSignature.ts +109 -0
package/src/nanotdf-crypto/encrypt.ts +30 -0
package/src/nanotdf-crypto/enums.ts +47 -0
package/src/nanotdf-crypto/exportCryptoKey.ts +17 -0
package/src/nanotdf-crypto/generateKeyPair.ts +19 -0
package/src/nanotdf-crypto/generateRandomNumber.ts +8 -0
package/src/nanotdf-crypto/importRawKey.ts +19 -0
package/src/nanotdf-crypto/index.ts +11 -0
package/src/nanotdf-crypto/keyAgreement.ts +139 -0
package/src/nanotdf-crypto/pemPublicToCrypto.ts +232 -0
package/src/package-lock.json +6 -0
package/src/package.json +3 -0
package/src/platform/authorization/authorization_connect.d.ts +44 -0
package/src/platform/authorization/authorization_connect.js +44 -0
package/src/platform/authorization/authorization_pb.d.ts +707 -0
package/src/platform/authorization/authorization_pb.js +372 -0
package/src/platform/common/common_pb.d.ts +129 -0
package/src/platform/common/common_pb.js +58 -0
package/src/platform/entityresolution/entity_resolution_connect.d.ts +35 -0
package/src/platform/entityresolution/entity_resolution_connect.js +35 -0
package/src/platform/entityresolution/entity_resolution_pb.d.ts +242 -0
package/src/platform/entityresolution/entity_resolution_pb.js +139 -0
package/src/platform/kas/kas_connect.d.ts +59 -0
package/src/platform/kas/kas_connect.js +59 -0
package/src/platform/kas/kas_pb.d.ts +200 -0
package/src/platform/kas/kas_pb.js +84 -0
package/src/platform/policy/attributes/attributes_connect.d.ts +168 -0
package/src/platform/policy/attributes/attributes_connect.js +168 -0
package/src/platform/policy/attributes/attributes_pb.d.ts +929 -0
package/src/platform/policy/attributes/attributes_pb.js +363 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.d.ts +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.js +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts +283 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.js +113 -0
package/src/platform/policy/namespaces/namespaces_connect.d.ts +62 -0
package/src/platform/policy/namespaces/namespaces_connect.js +62 -0
package/src/platform/policy/namespaces/namespaces_pb.d.ts +270 -0
package/src/platform/policy/namespaces/namespaces_pb.js +110 -0
package/src/platform/policy/objects_pb.d.ts +725 -0
package/src/platform/policy/objects_pb.js +288 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.d.ts +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.js +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.d.ts +314 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.js +142 -0
package/src/platform/policy/selectors_pb.d.ts +269 -0
package/src/platform/policy/selectors_pb.js +110 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.d.ts +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.js +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.d.ts +672 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.js +260 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.d.ts +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.js +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.d.ts +75 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.js +35 -0
package/src/policy/api.ts +61 -0
package/src/policy/attributes.ts +117 -0
package/src/policy/granter.ts +181 -0
package/src/tdf/AttributeObject.ts +27 -0
package/src/tdf/AttributeObjectJwt.ts +3 -0
package/src/tdf/Crypto.ts +42 -0
package/src/tdf/EntityObject.ts +18 -0
package/src/tdf/NanoTDF/NanoTDF.ts +120 -0
package/src/tdf/Policy.ts +51 -0
package/src/tdf/PolicyObject.ts +12 -0
package/src/tdf/TypedArray.ts +12 -0
package/src/tdf/index.ts +6 -0
package/src/types/index.ts +55 -0
package/src/utils.ts +149 -0
package/src/version.ts +9 -0
package/tdf3/index.ts +91 -0
package/tdf3/package-lock.json +6 -0
package/tdf3/package.json +3 -0
package/tdf3/src/assertions.ts +191 -0
package/tdf3/src/binary.ts +195 -0
package/tdf3/src/ciphers/aes-gcm-cipher.ts +76 -0
package/tdf3/src/ciphers/algorithms.ts +9 -0
package/tdf3/src/ciphers/index.ts +2 -0
package/tdf3/src/ciphers/symmetric-cipher-base.ts +38 -0
package/tdf3/src/client/DecoratedReadableStream.ts +148 -0
package/tdf3/src/client/builders.ts +701 -0
package/tdf3/src/client/index.ts +637 -0
package/tdf3/src/client/validation.ts +79 -0
package/tdf3/src/crypto/crypto-utils.ts +119 -0
package/tdf3/src/crypto/declarations.ts +89 -0
package/tdf3/src/crypto/index.ts +394 -0
package/tdf3/src/index.ts +4 -0
package/tdf3/src/models/attribute-set.ts +142 -0
package/tdf3/src/models/encryption-information.ts +172 -0
package/tdf3/src/models/index.ts +8 -0
package/tdf3/src/models/key-access.ts +128 -0
package/tdf3/src/models/manifest.ts +9 -0
package/tdf3/src/models/payload.ts +6 -0
package/tdf3/src/models/policy.ts +35 -0
package/tdf3/src/models/upsert-response.ts +17 -0
package/tdf3/src/tdf.ts +1351 -0
package/tdf3/src/templates/default.html.ts +105 -0
package/tdf3/src/templates/escaper.ts +10 -0
package/tdf3/src/templates/index.ts +2 -0
package/tdf3/src/utils/buffer-crc32.ts +46 -0
package/tdf3/src/utils/chunkers.ts +118 -0
package/tdf3/src/utils/index.ts +309 -0
package/tdf3/src/utils/keysplit.ts +63 -0
package/tdf3/src/utils/zip-reader.ts +341 -0
package/tdf3/src/utils/zip-writer.ts +375 -0
package/tdf3/src/version.ts +2 -0
package/tdf3/types.d.ts +14 -0

package/src/policy/granter.ts ADDED Viewed

@@ -0,0 +1,181 @@
+import { ConfigurationError } from '../errors.js';
+import { Attribute, AttributeRuleType, KeyAccessServer, Value } from './attributes.js';
+export type KeySplitStep = {
+  kas: KeyAccessServer;
+  sid?: string;
+};
+type AttributeClause = {
+  def: Attribute;
+  values: string[];
+};
+type AndClause = {
+  op: 'allOf';
+  kases: string[];
+};
+type HeirarchyClause = {
+  op: 'hierarchy';
+  kases: string[];
+};
+type OrClause = {
+  op: 'anyOf';
+  kases: string[];
+};
+type BooleanClause = AndClause | OrClause | HeirarchyClause;
+type BooleanOperator = BooleanClause['op'];
+type ComplexBooleanClause = {
+  op: BooleanOperator;
+  children: BooleanClause[];
+};
+export function booleanOperatorFor(rule?: AttributeRuleType): BooleanOperator {
+  if (!rule) {
+    return 'allOf';
+  }
+  switch (rule) {
+    case 'ATTRIBUTE_RULE_TYPE_ENUM_UNSPECIFIED':
+    case 'ATTRIBUTE_RULE_TYPE_ENUM_ALL_OF':
+      return 'allOf';
+    case 'ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF':
+      return 'anyOf';
+    case 'ATTRIBUTE_RULE_TYPE_ENUM_HIERARCHY':
+      return 'hierarchy';
+  }
+}
+export function plan(dataAttrs: Value[]): KeySplitStep[] {
+  // KASes by value
+  const grants: Record<string, Set<string>> = {};
+  // KAS detail by KAS url
+  const kasInfo: Record<string, KeyAccessServer> = {};
+  // Attribute definitions in use
+  const prefixes: Set<string> = new Set();
+  // Values grouped by normalized attribute prefix
+  const allClauses: Record<string, AttributeClause> = {};
+  // Values by normalized FQN
+  const allValues: Record<string, Value> = {};
+  const addGrants = (val: string, gs?: KeyAccessServer[]): boolean => {
+    if (!gs?.length) {
+      if (!(val in grants)) {
+        grants[val] = new Set();
+      }
+      return false;
+    }
+    for (const g of gs) {
+      if (val in grants) {
+        grants[val].add(g.uri);
+      } else {
+        grants[val] = new Set([g.uri]);
+      }
+      kasInfo[g.uri] = g;
+    }
+    return true;
+  };
+  for (const v of dataAttrs) {
+    const { attribute, fqn } = v;
+    if (!attribute) {
+      throw new ConfigurationError(`attribute not defined for [${fqn}]`);
+    }
+    const valFqn = fqn.toLowerCase();
+    const attrFqn = attribute.fqn.toLowerCase();
+    if (!prefixes.has(attrFqn)) {
+      prefixes.add(attrFqn);
+      allClauses[attrFqn] = {
+        def: attribute,
+        values: [],
+      };
+    }
+    allClauses[attrFqn].values.push(valFqn);
+    allValues[valFqn] = v;
+    if (!addGrants(valFqn, v.grants)) {
+      if (!addGrants(valFqn, attribute.grants)) {
+        addGrants(valFqn, attribute.namespace?.grants);
+      }
+    }
+  }
+  const kcs: ComplexBooleanClause[] = [];
+  for (const attrClause of Object.values(allClauses)) {
+    const ccv: BooleanClause[] = [];
+    for (const term of attrClause.values) {
+      const grantsForTerm = Array.from(grants[term] || []);
+      if (grantsForTerm?.length) {
+        ccv.push({
+          op: 'anyOf',
+          kases: grantsForTerm,
+        });
+      }
+    }
+    const op = booleanOperatorFor(attrClause.def.rule);
+    kcs.push({
+      op,
+      children: ccv,
+    });
+  }
+  return simplify(kcs, kasInfo);
+}
+function simplify(
+  clauses: ComplexBooleanClause[],
+  kasInfo: Record<string, KeyAccessServer>
+): KeySplitStep[] {
+  const conjunction: Record<string, string[]> = {};
+  function keyFor(kases: string[]): string {
+    const k = Array.from(new Set([kases])).sort();
+    return k.join('|');
+  }
+  for (const { op, children } of clauses) {
+    if (!children) {
+      continue;
+    }
+    if (op === 'anyOf') {
+      const anyKids = [];
+      for (const bc of children) {
+        if (bc.op != 'anyOf') {
+          throw new Error('internal: autoconfigure inversion in disjunction');
+        }
+        if (!bc.kases?.length) {
+          continue;
+        }
+        anyKids.push(...bc.kases);
+      }
+      if (!anyKids?.length) {
+        continue;
+      }
+      const k = keyFor(anyKids);
+      conjunction[k] = anyKids;
+    } else {
+      for (const bc of children) {
+        if (bc.op != 'anyOf') {
+          throw new Error('insternal: autoconfigure inversion in conjunction');
+        }
+        if (!bc.kases?.length) {
+          continue;
+        }
+        const k = keyFor(bc.kases);
+        conjunction[k] = bc.kases;
+      }
+    }
+  }
+  const t: KeySplitStep[] = [];
+  let i = 0;
+  for (const k of Object.keys(conjunction).sort()) {
+    if (!conjunction[k]) {
+      continue;
+    }
+    i += 1;
+    const sid = '' + i;
+    for (const kas of conjunction[k]) {
+      t.push({ sid, kas: kasInfo[kas] });
+    }
+  }
+  return t;
+}

package/src/tdf/AttributeObject.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import { type KasPublicKeyInfo } from '../access.js';
+export interface AttributeObject {
+  readonly attribute: string;
+  readonly isDefault?: boolean;
+  readonly displayName?: string;
+  /** PEM encoded public key */
+  readonly pubKey: string;
+  readonly kasUrl: string;
+  /** The most recent version 1.1.0. */
+  readonly schemaVersion?: string;
+}
+export async function createAttribute(
+  attribute: string,
+  pubKey: KasPublicKeyInfo,
+  kasUrl: string
+): Promise<AttributeObject> {
+  return {
+    attribute,
+    isDefault: false,
+    displayName: '',
+    pubKey: pubKey.publicKey,
+    kasUrl,
+    schemaVersion: '1.1.0',
+  };
+}

package/src/tdf/AttributeObjectJwt.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export default interface AttributeObjectJwt {
+  readonly jwt: string;
+}

package/src/tdf/Crypto.ts ADDED Viewed

@@ -0,0 +1,42 @@
+export enum AlgorithmName {
+  ECDH = 'ECDH',
+  ECDSA = 'ECDSA',
+  ES256 = 'ES256',
+  HKDF = 'HKDF',
+  RSA_OAEP = 'RSA-OAEP',
+  RSA_PSS = 'RSA-PSS',
+}
+export enum NamedCurve {
+  P256 = 'P-256',
+  P384 = 'P-384',
+  P512 = 'P-512',
+}
+export enum CipherType {
+  AesGcm = 'AES-GCM',
+}
+export enum HashType {
+  Sha256 = 'SHA-256',
+}
+export enum KeyFormat {
+  Raw = 'raw',
+  Pkcs8 = 'pkcs8',
+  Spki = 'spki',
+}
+export enum KeyType {
+  Private = 'private',
+  Public = 'public',
+}
+export enum KeyUsageType {
+  Encrypt = 'encrypt',
+  Decrypt = 'decrypt',
+  Verify = 'verify',
+  Sign = 'sign',
+  UnwrapKey = 'unwrapKey',
+  WrapKey = 'wrapKey',
+}

package/src/tdf/EntityObject.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import type AttributeObjectJwt from './AttributeObjectJwt.js';
+/**
+ * Defined by the TDF3 spec and generated by an Entity Attribute Service,
+ * this object (when accompanied by a valid cert) defines what attributes
+ * a client has access to.
+ */
+export interface EntityObject {
+  readonly aliases: string[];
+  readonly attributes: AttributeObjectJwt[];
+  /** This should be present on validated EOs only - it is written by an EAS */
+  readonly cert?: string;
+  readonly exp?: number;
+  readonly publicKey: string;
+  readonly userId: string;
+  /** The most recent version 1.1.0. */
+  readonly schemaVersion?: string;
+}

package/src/tdf/NanoTDF/NanoTDF.ts ADDED Viewed

@@ -0,0 +1,120 @@
+enum CipherType {
+  Aes256Gcm64, // Default cipher
+  Aes256Gcm96,
+  Aes256Gcm104,
+  Aes256Gcm112,
+  Aes256Gcm120,
+  Aes256Gcm128,
+}
+/**
+ * The Signature ECC Mode is used to determine the length of the signature at the end of a nanotdf. This, in
+ * combination with the previous HAS_SIGNATURE section, describe the signature of the nanotdf. The following table
+ * describes the valid values and the associated ECC Params.
+ */
+enum CurveName {
+  Secp256R1,
+  Secp384R1,
+  Secp521R1,
+}
+export enum ResourceLocatorProtocol {
+  Http,
+  Https,
+  Unreserverd,
+  SharedResourceDirectory = 0xff,
+}
+export enum PolicyType {
+  Remote,
+  EmbeddedText,
+  EmbeddedEncrypted, // Default policy
+  EmbeddedEncryptedPKA, // Todo: Not implemented
+}
+/**
+ * Resource Locator interface
+ */
+export interface ResourceLocator {
+  protocol: ResourceLocatorProtocol;
+  length: number;
+  body: string;
+}
+/**
+ * Policy interface
+ */
+export interface Policy {
+  type: PolicyType;
+  binding: Uint8Array;
+}
+/**
+ * Remote policy interface
+ */
+export interface RemotePolicy extends Policy {
+  protocol: ResourceLocatorProtocol;
+  urn: string;
+}
+/**
+ * Embedded policy interface
+ */
+export interface EmbeddedPolicy extends Policy {
+  content: Uint8Array;
+}
+/**
+ * Header interface
+ */
+export interface Header {
+  // Magic Number & Version
+  magicNumberVersion: Uint8Array;
+  // KAS Resource Locator
+  kas: ResourceLocator;
+  // ECC & Binding Mode
+  useECDSABinding: boolean;
+  ephemeralCurveName: CurveName;
+  // Symmetric & Payload Config
+  hasSignature: boolean;
+  signatureCurveName: CurveName;
+  symmetricCipher: CipherType;
+  // Auth tag length is not part of the spec, but is needed for decrypt
+  authTagLength: number;
+  // Policy
+  policy: RemotePolicy | EmbeddedPolicy;
+  // Ephemeral Public Key
+  ephemeralPublicKey: Uint8Array;
+}
+/**
+ * Payload interface
+ */
+export interface Payload {
+  iv: Uint8Array;
+  ciphertext: Uint8Array;
+  authTag: Uint8Array;
+  ciphertextAuthTag: Uint8Array;
+}
+/**
+ * Signature interface
+ */
+export interface Signature {
+  publicKey: Uint8Array;
+  signature: Uint8Array;
+}
+/**
+ * NanoTDF interface
+ */
+export interface NanoTDF {
+  header: Header;
+  payload: Payload;
+  signature: Signature;
+}

package/src/tdf/Policy.ts ADDED Viewed

@@ -0,0 +1,51 @@
+import { type AttributeObject } from './AttributeObject.js';
+import { v4 as uuid } from 'uuid';
+export default class Policy {
+  static CURRENT_VERSION = '1.1.0';
+  private uuidStr = uuid();
+  private dataAttributesList: AttributeObject[] = [];
+  private dissemList: string[] = [];
+  // private schemaVersionStr = Policy.CURRENT_VERSION;
+  /**
+   * Adds a group of entities, to the Policy's dissem list
+   *
+   * @param entities The entities will be added to the policy and
+   * they will have access to the TDF
+   */
+  addEntities(entities: string[]): void {
+    this.dissemList.push(...entities);
+    // Remove any duplicates
+    this.dissemList = this.dissemList.filter((elem, index, self) => {
+      return index === self.indexOf(elem);
+    });
+  }
+  /**
+   *
+   * Adds an Attribute object to the policy
+   *
+   * @param attribute will be added to the policy
+   */
+  addAttribute(attribute: AttributeObject): void {
+    this.dataAttributesList.push(attribute);
+  }
+  /**
+   * Returns the JSON string of Policy object
+   *
+   * @return {string} [The constructed Policy object as JSON string]
+   */
+  toJSON(): string {
+    return JSON.stringify({
+      uuid: this.uuidStr,
+      body: {
+        dataAttributes: this.dataAttributesList,
+        dissem: this.dissemList,
+      },
+    });
+  }
+}

package/src/tdf/PolicyObject.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { type AttributeObject } from './AttributeObject.js';
+export interface PolicyObjectBody {
+  readonly dataAttributes: AttributeObject[];
+  readonly dissem: string[];
+}
+export default interface PolicyObject {
+  readonly uuid: string;
+  readonly body: PolicyObjectBody;
+  readonly schemaVersion?: string;
+}

package/src/tdf/TypedArray.ts ADDED Viewed

@@ -0,0 +1,12 @@
+type TypedArray =
+  | Int8Array
+  | Uint8Array
+  | Int16Array
+  | Uint16Array
+  | Int32Array
+  | Uint32Array
+  | Uint8ClampedArray
+  | Float32Array
+  | Float64Array;
+export default TypedArray;

package/src/tdf/index.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export { type AttributeObject, createAttribute } from './AttributeObject.js';
+export { type EntityObject } from './EntityObject.js';
+export { type default as PolicyObject } from './PolicyObject.js';
+export { type default as TypedArray } from './TypedArray.js';
+export { default as Policy } from './Policy.js';
+export * as Crypto from './Crypto.js';

package/src/types/index.ts ADDED Viewed

@@ -0,0 +1,55 @@
+import PolicyTypeEnum from '../nanotdf/enum/PolicyTypeEnum.js';
+export type InputSource =
+  | ReadableStream<Uint8Array>
+  | Uint8Array
+  | string
+  | ArrayBuffer
+  | Promise<ReadableStream<Uint8Array>>;
+type Header = {
+  magicNumberVersion: string[];
+  kas: {
+    protocol: number;
+    length: number;
+    body: string;
+  };
+  eccBindingMode: {
+    useECDSABinding: boolean;
+    ephemeralCurveName: number;
+  };
+  symmetricPayloadConfig: {
+    hasSignature: boolean;
+    signatureCurveName: number;
+    symmetricCipher: number;
+  };
+  ephemeralPublicKey: string[];
+};
+type HeaderPolicy = {
+  type: PolicyTypeEnum;
+  content: string[];
+  binding: string[];
+};
+type RemotePolicy = {
+  protocol: number;
+  length: number;
+  body: string;
+};
+export type PlainEmbeddedHeader = Header & {
+  policy: HeaderPolicy;
+};
+export type EmbeddedHeader = Header & {
+  policy: HeaderPolicy;
+};
+export type RemoteHeader = Header & {
+  policy: {
+    type: PolicyTypeEnum;
+    remotePolicy: RemotePolicy;
+    binding: string[];
+  };
+};

package/src/utils.ts ADDED Viewed

@@ -0,0 +1,149 @@
+import { type AxiosResponseHeaders, type RawAxiosResponseHeaders } from 'axios';
+import { exportSPKI, importX509 } from 'jose';
+import { base64 } from './encodings/index.js';
+import { pemCertToCrypto, pemPublicToCrypto } from './nanotdf-crypto/index.js';
+import { ConfigurationError } from './errors.js';
+/**
+ * Check to see if the given URL is 'secure'. This assumes:
+ *
+ * - `https` URLs are always secure
+ * - `http` URLS are allowed for localhost
+ * - And also for '`svc.cluster.local` and `.internal` URLs
+ *
+ * Note that this does not resolve the URL, so it is possible this could
+ * resolve to some other internal URL, and may return `false` on non-fully
+ * qualified internal URLs.
+ *
+ * @param url remote service to validate
+ * @returns the url is local or `https`
+ */
+export function validateSecureUrl(url: string): boolean {
+  const httpsRegex = /^https:/;
+  if (/^http:\/\/(localhost|127\.0\.0\.1)(:[0-9]{1,5})?($|\/)/.test(url)) {
+    console.warn(`Development URL detected: [${url}]`);
+  } else if (
+    /^http:\/\/([a-zA-Z.-]*[.])?svc\.cluster\.local($|\/)/.test(url) ||
+    /^http:\/\/([a-zA-Z.-]*[.])?internal(:[0-9]{1,5})?($|\/)/.test(url)
+  ) {
+    console.info(`Internal URL detected: [${url}]`);
+  } else if (!httpsRegex.test(url)) {
+    console.error(`Insecure KAS URL loaded. Are you running in a secure environment? [${url}]`);
+    return false;
+  }
+  return true;
+}
+export function padSlashToUrl(u: string): string {
+  if (u.endsWith('/')) {
+    return u;
+  }
+  return `${u}/`;
+}
+export function isBrowser() {
+  return typeof window !== 'undefined'; // eslint-disable-line
+}
+export const isFirefox = (): boolean => isBrowser() && 'InstallTrigger' in window;
+export const rstrip = (str: string, suffix = ' '): string => {
+  while (str && suffix && str.endsWith(suffix)) {
+    str = str.slice(0, -suffix.length);
+  }
+  return str;
+};
+/**
+ * Rough estimate of number of seconds to add to the current system clock time
+ * to get the clock time on the given server, or origin if not specified
+ * @param server a server to compute skew with
+ * @returns the number of seconds to add to the current local system clock time
+ * to get an rough guess of the time on the given server
+ */
+export const estimateSkew = async (serverEndpoint = window.origin): Promise<number> => {
+  const localUnixTimeBefore = Date.now();
+  const response = await fetch(serverEndpoint);
+  return estimateSkewFromHeaders(response.headers, localUnixTimeBefore);
+};
+export type AnyHeaders = AxiosResponseHeaders | RawAxiosResponseHeaders | Headers;
+/**
+ * Rough estimate of number of seconds to add to the curren time to get
+ * the clock time on the server that responded with the headers object.
+ * @param headers A set of headers, which must include the `date` header
+ * @param dateNowBefore time before initiating the request, usually by calling
+ * `Date.now()`. Note this is in milliseconds since the epoch, while the
+ * estimate is given in seconds.
+ * @returns the number of seconds to add to the current local system clock time
+ * to get an rough guess of the time on the server that was used
+ */
+export const estimateSkewFromHeaders = (headers: AnyHeaders, dateNowBefore?: number): number => {
+  const localUnixTimeBefore = (dateNowBefore || Date.now()) / 1000;
+  let serverDateString;
+  if (headers.get) {
+    serverDateString = (headers as Headers).get('Date');
+  } else {
+    serverDateString = (headers as AxiosResponseHeaders | RawAxiosResponseHeaders).date;
+  }
+  if (serverDateString === null) {
+    throw Error('Cannot get access to Date header!');
+  }
+  const serverUnixTime = Date.parse(serverDateString) / 1000;
+  const localUnixTimeAfter = Date.now() / 1000;
+  const deltaBefore = serverUnixTime - localUnixTimeBefore;
+  const deltaAfter = serverUnixTime - localUnixTimeAfter;
+  return Math.round((deltaBefore + deltaAfter) / 2);
+};
+export function addNewLines(str: string): string {
+  if (!str) {
+    return str;
+  }
+  let inputString = str;
+  let finalString = '';
+  while (inputString.length > 0) {
+    finalString += inputString.substring(0, 64) + '\r\n';
+    inputString = inputString.substring(64);
+  }
+  return finalString;
+}
+export async function cryptoPublicToPem(publicKey: CryptoKey): Promise<string> {
+  if (publicKey.type !== 'public') {
+    throw new ConfigurationError('incorrect key type');
+  }
+  const exportedPublicKey = await crypto.subtle.exportKey('spki', publicKey);
+  const b64 = base64.encodeArrayBuffer(exportedPublicKey);
+  const pem = addNewLines(b64);
+  return `-----BEGIN PUBLIC KEY-----\r\n${pem}-----END PUBLIC KEY-----`;
+}
+export async function pemToCryptoPublicKey(pem: string): Promise<CryptoKey> {
+  if (/-----BEGIN PUBLIC KEY-----/.test(pem)) {
+    return pemPublicToCrypto(pem);
+  } else if (/-----BEGIN CERTIFICATE-----/.test(pem)) {
+    return pemCertToCrypto(pem);
+  }
+  // This can happen in several circumstances:
+  // - When parsing a PEM key from a KAS server
+  // - When converting between PEM and CryptoKey formats for user provided session keys (e.g. for DPoP)
+  throw new TypeError(`unsupported pem type [${pem}]`);
+}
+export async function extractPemFromKeyString(keyString: string): Promise<string> {
+  let pem: string = keyString;
+  // Skip the public key extraction if we find that the KAS url provides a
+  // PEM-encoded key instead of certificate
+  if (keyString.includes('CERTIFICATE')) {
+    const cert = await importX509(keyString, 'RS256', { extractable: true });
+    pem = await exportSPKI(cert);
+  }
+  return pem;
+}

package/src/version.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Exposes the released version number of the `@opentdf/sdk` package
+ */
+export const version = '0.1.0';
+/**
+ * A string name used to label requests as coming from this library client.
+ */
+export const clientType = 'web-sdk';