npm - @opentdf/sdk - Versions diffs - 0.1.0-beta.1701 - Mend

@opentdf/sdk 0.1.0-beta.1701

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (566) hide show

package/README.md +52 -0
package/dist/cjs/package.json +3 -0
package/dist/cjs/src/access.js +155 -0
package/dist/cjs/src/auth/Eas.js +60 -0
package/dist/cjs/src/auth/auth.js +79 -0
package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +26 -0
package/dist/cjs/src/auth/oidc-externaljwt-provider.js +33 -0
package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +34 -0
package/dist/cjs/src/auth/oidc.js +222 -0
package/dist/cjs/src/auth/providers.js +143 -0
package/dist/cjs/src/encodings/base64.js +154 -0
package/dist/cjs/src/encodings/hex.js +70 -0
package/dist/cjs/src/encodings/index.js +29 -0
package/dist/cjs/src/errors.js +138 -0
package/dist/cjs/src/index.js +344 -0
package/dist/cjs/src/nanotdf/Client.js +296 -0
package/dist/cjs/src/nanotdf/NanoTDF.js +94 -0
package/dist/cjs/src/nanotdf/browser-entry.js +19 -0
package/dist/cjs/src/nanotdf/constants.js +5 -0
package/dist/cjs/src/nanotdf/decrypt.js +17 -0
package/dist/cjs/src/nanotdf/encrypt-dataset.js +38 -0
package/dist/cjs/src/nanotdf/encrypt.js +132 -0
package/dist/cjs/src/nanotdf/enum/CipherEnum.js +13 -0
package/dist/cjs/src/nanotdf/enum/CurveNameEnum.js +15 -0
package/dist/cjs/src/nanotdf/enum/EncodingEnum.js +8 -0
package/dist/cjs/src/nanotdf/enum/PolicyTypeEnum.js +11 -0
package/dist/cjs/src/nanotdf/enum/ProtocolEnum.js +10 -0
package/dist/cjs/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +11 -0
package/dist/cjs/src/nanotdf/helpers/calculateByCurve.js +29 -0
package/dist/cjs/src/nanotdf/helpers/getHkdfSalt.js +11 -0
package/dist/cjs/src/nanotdf/index.js +25 -0
package/dist/cjs/src/nanotdf/interfaces/PolicyInterface.js +3 -0
package/dist/cjs/src/nanotdf/models/Ciphers.js +61 -0
package/dist/cjs/src/nanotdf/models/DefaultParams.js +27 -0
package/dist/cjs/src/nanotdf/models/EcCurves.js +39 -0
package/dist/cjs/src/nanotdf/models/Header.js +255 -0
package/dist/cjs/src/nanotdf/models/Payload.js +158 -0
package/dist/cjs/src/nanotdf/models/Policy/AbstractPolicy.js +73 -0
package/dist/cjs/src/nanotdf/models/Policy/EmbeddedPolicy.js +82 -0
package/dist/cjs/src/nanotdf/models/Policy/PolicyFactory.js +38 -0
package/dist/cjs/src/nanotdf/models/Policy/RemotePolicy.js +62 -0
package/dist/cjs/src/nanotdf/models/ResourceLocator.js +211 -0
package/dist/cjs/src/nanotdf/models/Signature.js +77 -0
package/dist/cjs/src/nanotdf-crypto/ciphers.js +17 -0
package/dist/cjs/src/nanotdf-crypto/decrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/digest.js +7 -0
package/dist/cjs/src/nanotdf-crypto/ecdsaSignature.js +83 -0
package/dist/cjs/src/nanotdf-crypto/encrypt.js +24 -0
package/dist/cjs/src/nanotdf-crypto/enums.js +52 -0
package/dist/cjs/src/nanotdf-crypto/exportCryptoKey.js +20 -0
package/dist/cjs/src/nanotdf-crypto/generateKeyPair.js +13 -0
package/dist/cjs/src/nanotdf-crypto/generateRandomNumber.js +12 -0
package/dist/cjs/src/nanotdf-crypto/importRawKey.js +18 -0
package/dist/cjs/src/nanotdf-crypto/index.js +52 -0
package/dist/cjs/src/nanotdf-crypto/keyAgreement.js +91 -0
package/dist/cjs/src/nanotdf-crypto/pemPublicToCrypto.js +225 -0
package/dist/cjs/src/policy/api.js +58 -0
package/dist/cjs/src/policy/attributes.js +3 -0
package/dist/cjs/src/policy/granter.js +146 -0
package/dist/cjs/src/tdf/AttributeObject.js +15 -0
package/dist/cjs/src/tdf/AttributeObjectJwt.js +3 -0
package/dist/cjs/src/tdf/Crypto.js +47 -0
package/dist/cjs/src/tdf/EntityObject.js +3 -0
package/dist/cjs/src/tdf/NanoTDF/NanoTDF.js +38 -0
package/dist/cjs/src/tdf/Policy.js +50 -0
package/dist/cjs/src/tdf/PolicyObject.js +3 -0
package/dist/cjs/src/tdf/TypedArray.js +3 -0
package/dist/cjs/src/tdf/index.js +35 -0
package/dist/cjs/src/types/index.js +3 -0
package/dist/cjs/src/utils.js +147 -0
package/dist/cjs/src/version.js +12 -0
package/dist/cjs/tdf3/index.js +57 -0
package/dist/cjs/tdf3/src/assertions.js +118 -0
package/dist/cjs/tdf3/src/binary.js +153 -0
package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +56 -0
package/dist/cjs/tdf3/src/ciphers/algorithms.js +8 -0
package/dist/cjs/tdf3/src/ciphers/index.js +8 -0
package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +22 -0
package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +116 -0
package/dist/cjs/tdf3/src/client/builders.js +561 -0
package/dist/cjs/tdf3/src/client/index.js +460 -0
package/dist/cjs/tdf3/src/client/validation.js +63 -0
package/dist/cjs/tdf3/src/crypto/crypto-utils.js +116 -0
package/dist/cjs/tdf3/src/crypto/declarations.js +8 -0
package/dist/cjs/tdf3/src/crypto/index.js +315 -0
package/dist/cjs/tdf3/src/index.js +34 -0
package/dist/cjs/tdf3/src/models/attribute-set.js +122 -0
package/dist/cjs/tdf3/src/models/encryption-information.js +90 -0
package/dist/cjs/tdf3/src/models/index.js +25 -0
package/dist/cjs/tdf3/src/models/key-access.js +103 -0
package/dist/cjs/tdf3/src/models/manifest.js +3 -0
package/dist/cjs/tdf3/src/models/payload.js +3 -0
package/dist/cjs/tdf3/src/models/policy.js +24 -0
package/dist/cjs/tdf3/src/models/upsert-response.js +3 -0
package/dist/cjs/tdf3/src/tdf.js +907 -0
package/dist/cjs/tdf3/src/templates/default.html.js +98 -0
package/dist/cjs/tdf3/src/templates/escaper.js +15 -0
package/dist/cjs/tdf3/src/templates/index.js +12 -0
package/dist/cjs/tdf3/src/utils/buffer-crc32.js +48 -0
package/dist/cjs/tdf3/src/utils/chunkers.js +106 -0
package/dist/cjs/tdf3/src/utils/index.js +296 -0
package/dist/cjs/tdf3/src/utils/keysplit.js +61 -0
package/dist/cjs/tdf3/src/utils/zip-reader.js +253 -0
package/dist/cjs/tdf3/src/utils/zip-writer.js +308 -0
package/dist/cjs/tdf3/src/version.js +6 -0
package/dist/types/src/access.d.ts +47 -0
package/dist/types/src/access.d.ts.map +1 -0
package/dist/types/src/auth/Eas.d.ts +34 -0
package/dist/types/src/auth/Eas.d.ts.map +1 -0
package/dist/types/src/auth/auth.d.ts +86 -0
package/dist/types/src/auth/auth.d.ts.map +1 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts +9 -0
package/dist/types/src/auth/oidc-clientcredentials-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-externaljwt-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts +10 -0
package/dist/types/src/auth/oidc-refreshtoken-provider.d.ts.map +1 -0
package/dist/types/src/auth/oidc.d.ts +104 -0
package/dist/types/src/auth/oidc.d.ts.map +1 -0
package/dist/types/src/auth/providers.d.ts +67 -0
package/dist/types/src/auth/providers.d.ts.map +1 -0
package/dist/types/src/encodings/base64.d.ts +18 -0
package/dist/types/src/encodings/base64.d.ts.map +1 -0
package/dist/types/src/encodings/hex.d.ts +5 -0
package/dist/types/src/encodings/hex.d.ts.map +1 -0
package/dist/types/src/encodings/index.d.ts +3 -0
package/dist/types/src/encodings/index.d.ts.map +1 -0
package/dist/types/src/errors.d.ts +72 -0
package/dist/types/src/errors.d.ts.map +1 -0
package/dist/types/src/index.d.ts +138 -0
package/dist/types/src/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/Client.d.ts +95 -0
package/dist/types/src/nanotdf/Client.d.ts.map +1 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts +25 -0
package/dist/types/src/nanotdf/NanoTDF.d.ts.map +1 -0
package/dist/types/src/nanotdf/browser-entry.d.ts +17 -0
package/dist/types/src/nanotdf/browser-entry.d.ts.map +1 -0
package/dist/types/src/nanotdf/constants.d.ts +2 -0
package/dist/types/src/nanotdf/constants.d.ts.map +1 -0
package/dist/types/src/nanotdf/decrypt.d.ts +9 -0
package/dist/types/src/nanotdf/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts +12 -0
package/dist/types/src/nanotdf/encrypt-dataset.d.ts.map +1 -0
package/dist/types/src/nanotdf/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts +10 -0
package/dist/types/src/nanotdf/enum/CipherEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts +12 -0
package/dist/types/src/nanotdf/enum/CurveNameEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts +5 -0
package/dist/types/src/nanotdf/enum/EncodingEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts +7 -0
package/dist/types/src/nanotdf/enum/ProtocolEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts +8 -0
package/dist/types/src/nanotdf/enum/ResourceLocatorIdentifierEnum.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts +20 -0
package/dist/types/src/nanotdf/helpers/calculateByCurve.d.ts.map +1 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts +9 -0
package/dist/types/src/nanotdf/helpers/getHkdfSalt.d.ts.map +1 -0
package/dist/types/src/nanotdf/index.d.ts +9 -0
package/dist/types/src/nanotdf/index.d.ts.map +1 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts +17 -0
package/dist/types/src/nanotdf/interfaces/PolicyInterface.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts +14 -0
package/dist/types/src/nanotdf/models/Ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts +21 -0
package/dist/types/src/nanotdf/models/DefaultParams.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts +15 -0
package/dist/types/src/nanotdf/models/EcCurves.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Header.d.ts +73 -0
package/dist/types/src/nanotdf/models/Header.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Payload.d.ts +47 -0
package/dist/types/src/nanotdf/models/Payload.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts +52 -0
package/dist/types/src/nanotdf/models/Policy/AbstractPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts +35 -0
package/dist/types/src/nanotdf/models/Policy/EmbeddedPolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts +11 -0
package/dist/types/src/nanotdf/models/Policy/PolicyFactory.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts +31 -0
package/dist/types/src/nanotdf/models/Policy/RemotePolicy.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts +65 -0
package/dist/types/src/nanotdf/models/ResourceLocator.d.ts.map +1 -0
package/dist/types/src/nanotdf/models/Signature.d.ts +33 -0
package/dist/types/src/nanotdf/models/Signature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts +8 -0
package/dist/types/src/nanotdf-crypto/ciphers.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/decrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts +3 -0
package/dist/types/src/nanotdf-crypto/digest.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts +35 -0
package/dist/types/src/nanotdf-crypto/ecdsaSignature.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts +14 -0
package/dist/types/src/nanotdf-crypto/encrypt.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts +42 -0
package/dist/types/src/nanotdf-crypto/enums.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts +7 -0
package/dist/types/src/nanotdf-crypto/exportCryptoKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts +10 -0
package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts +5 -0
package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts +13 -0
package/dist/types/src/nanotdf-crypto/importRawKey.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/index.d.ts +12 -0
package/dist/types/src/nanotdf-crypto/index.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts.map +1 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts +28 -0
package/dist/types/src/nanotdf-crypto/pemPublicToCrypto.d.ts.map +1 -0
package/dist/types/src/policy/api.d.ts +4 -0
package/dist/types/src/policy/api.d.ts.map +1 -0
package/dist/types/src/policy/attributes.d.ts +95 -0
package/dist/types/src/policy/attributes.d.ts.map +1 -0
package/dist/types/src/policy/granter.d.ts +23 -0
package/dist/types/src/policy/granter.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObject.d.ts +13 -0
package/dist/types/src/tdf/AttributeObject.d.ts.map +1 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts +4 -0
package/dist/types/src/tdf/AttributeObjectJwt.d.ts.map +1 -0
package/dist/types/src/tdf/Crypto.d.ts +37 -0
package/dist/types/src/tdf/Crypto.d.ts.map +1 -0
package/dist/types/src/tdf/EntityObject.d.ts +18 -0
package/dist/types/src/tdf/EntityObject.d.ts.map +1 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts +99 -0
package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map +1 -0
package/dist/types/src/tdf/Policy.d.ts +28 -0
package/dist/types/src/tdf/Policy.d.ts.map +1 -0
package/dist/types/src/tdf/PolicyObject.d.ts +11 -0
package/dist/types/src/tdf/PolicyObject.d.ts.map +1 -0
package/dist/types/src/tdf/TypedArray.d.ts +3 -0
package/dist/types/src/tdf/TypedArray.d.ts.map +1 -0
package/dist/types/src/tdf/index.d.ts +7 -0
package/dist/types/src/tdf/index.d.ts.map +1 -0
package/dist/types/src/types/index.d.ts +45 -0
package/dist/types/src/types/index.d.ts.map +1 -0
package/dist/types/src/utils.d.ts +45 -0
package/dist/types/src/utils.d.ts.map +1 -0
package/dist/types/src/version.d.ts +9 -0
package/dist/types/src/version.d.ts.map +1 -0
package/dist/types/tdf3/index.d.ts +16 -0
package/dist/types/tdf3/index.d.ts.map +1 -0
package/dist/types/tdf3/src/assertions.d.ts +63 -0
package/dist/types/tdf3/src/assertions.d.ts.map +1 -0
package/dist/types/tdf3/src/binary.d.ts +38 -0
package/dist/types/tdf3/src/binary.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts +18 -0
package/dist/types/tdf3/src/ciphers/aes-gcm-cipher.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts +4 -0
package/dist/types/tdf3/src/ciphers/algorithms.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/index.d.ts +3 -0
package/dist/types/tdf3/src/ciphers/index.d.ts.map +1 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts +14 -0
package/dist/types/tdf3/src/ciphers/symmetric-cipher-base.d.ts.map +1 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +53 -0
package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -0
package/dist/types/tdf3/src/client/builders.d.ts +436 -0
package/dist/types/tdf3/src/client/builders.d.ts.map +1 -0
package/dist/types/tdf3/src/client/index.d.ts +139 -0
package/dist/types/tdf3/src/client/index.d.ts.map +1 -0
package/dist/types/tdf3/src/client/validation.d.ts +8 -0
package/dist/types/tdf3/src/client/validation.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts +34 -0
package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts +60 -0
package/dist/types/tdf3/src/crypto/declarations.d.ts.map +1 -0
package/dist/types/tdf3/src/crypto/index.d.ts +103 -0
package/dist/types/tdf3/src/crypto/index.d.ts.map +1 -0
package/dist/types/tdf3/src/index.d.ts +5 -0
package/dist/types/tdf3/src/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts +65 -0
package/dist/types/tdf3/src/models/attribute-set.d.ts.map +1 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts +49 -0
package/dist/types/tdf3/src/models/encryption-information.d.ts.map +1 -0
package/dist/types/tdf3/src/models/index.d.ts +9 -0
package/dist/types/tdf3/src/models/index.d.ts.map +1 -0
package/dist/types/tdf3/src/models/key-access.d.ts +42 -0
package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -0
package/dist/types/tdf3/src/models/manifest.d.ts +9 -0
package/dist/types/tdf3/src/models/manifest.d.ts.map +1 -0
package/dist/types/tdf3/src/models/payload.d.ts +7 -0
package/dist/types/tdf3/src/models/payload.d.ts.map +1 -0
package/dist/types/tdf3/src/models/policy.d.ts +13 -0
package/dist/types/tdf3/src/models/policy.d.ts.map +1 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts +16 -0
package/dist/types/tdf3/src/models/upsert-response.d.ts.map +1 -0
package/dist/types/tdf3/src/tdf.d.ts +152 -0
package/dist/types/tdf3/src/tdf.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/default.html.d.ts +8 -0
package/dist/types/tdf3/src/templates/default.html.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/escaper.d.ts +6 -0
package/dist/types/tdf3/src/templates/escaper.d.ts.map +1 -0
package/dist/types/tdf3/src/templates/index.d.ts +3 -0
package/dist/types/tdf3/src/templates/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts +2 -0
package/dist/types/tdf3/src/utils/buffer-crc32.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts +29 -0
package/dist/types/tdf3/src/utils/chunkers.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/index.d.ts +36 -0
package/dist/types/tdf3/src/utils/index.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts +19 -0
package/dist/types/tdf3/src/utils/keysplit.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts +63 -0
package/dist/types/tdf3/src/utils/zip-reader.d.ts.map +1 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts +35 -0
package/dist/types/tdf3/src/utils/zip-writer.d.ts.map +1 -0
package/dist/types/tdf3/src/version.d.ts +3 -0
package/dist/types/tdf3/src/version.d.ts.map +1 -0
package/dist/web/package.json +3 -0
package/dist/web/src/access.js +147 -0
package/dist/web/src/auth/Eas.js +55 -0
package/dist/web/src/auth/auth.js +71 -0
package/dist/web/src/auth/oidc-clientcredentials-provider.js +22 -0
package/dist/web/src/auth/oidc-externaljwt-provider.js +29 -0
package/dist/web/src/auth/oidc-refreshtoken-provider.js +30 -0
package/dist/web/src/auth/oidc.js +215 -0
package/dist/web/src/auth/providers.js +119 -0
package/dist/web/src/encodings/base64.js +147 -0
package/dist/web/src/encodings/hex.js +63 -0
package/dist/web/src/encodings/index.js +3 -0
package/dist/web/src/errors.js +123 -0
package/dist/web/src/index.js +313 -0
package/dist/web/src/nanotdf/Client.js +268 -0
package/dist/web/src/nanotdf/NanoTDF.js +89 -0
package/dist/web/src/nanotdf/browser-entry.js +14 -0
package/dist/web/src/nanotdf/constants.js +2 -0
package/dist/web/src/nanotdf/decrypt.js +14 -0
package/dist/web/src/nanotdf/encrypt-dataset.js +32 -0
package/dist/web/src/nanotdf/encrypt.js +126 -0
package/dist/web/src/nanotdf/enum/CipherEnum.js +11 -0
package/dist/web/src/nanotdf/enum/CurveNameEnum.js +13 -0
package/dist/web/src/nanotdf/enum/EncodingEnum.js +6 -0
package/dist/web/src/nanotdf/enum/PolicyTypeEnum.js +9 -0
package/dist/web/src/nanotdf/enum/ProtocolEnum.js +8 -0
package/dist/web/src/nanotdf/enum/ResourceLocatorIdentifierEnum.js +9 -0
package/dist/web/src/nanotdf/helpers/calculateByCurve.js +24 -0
package/dist/web/src/nanotdf/helpers/getHkdfSalt.js +8 -0
package/dist/web/src/nanotdf/index.js +11 -0
package/dist/web/src/nanotdf/interfaces/PolicyInterface.js +2 -0
package/dist/web/src/nanotdf/models/Ciphers.js +54 -0
package/dist/web/src/nanotdf/models/DefaultParams.js +22 -0
package/dist/web/src/nanotdf/models/EcCurves.js +32 -0
package/dist/web/src/nanotdf/models/Header.js +250 -0
package/dist/web/src/nanotdf/models/Payload.js +156 -0
package/dist/web/src/nanotdf/models/Policy/AbstractPolicy.js +71 -0
package/dist/web/src/nanotdf/models/Policy/EmbeddedPolicy.js +77 -0
package/dist/web/src/nanotdf/models/Policy/PolicyFactory.js +33 -0
package/dist/web/src/nanotdf/models/Policy/RemotePolicy.js +57 -0
package/dist/web/src/nanotdf/models/ResourceLocator.js +206 -0
package/dist/web/src/nanotdf/models/Signature.js +74 -0
package/dist/web/src/nanotdf-crypto/ciphers.js +14 -0
package/dist/web/src/nanotdf-crypto/decrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/digest.js +4 -0
package/dist/web/src/nanotdf-crypto/ecdsaSignature.js +77 -0
package/dist/web/src/nanotdf-crypto/encrypt.js +21 -0
package/dist/web/src/nanotdf-crypto/enums.js +49 -0
package/dist/web/src/nanotdf-crypto/exportCryptoKey.js +17 -0
package/dist/web/src/nanotdf-crypto/generateKeyPair.js +10 -0
package/dist/web/src/nanotdf-crypto/generateRandomNumber.js +9 -0
package/dist/web/src/nanotdf-crypto/importRawKey.js +15 -0
package/dist/web/src/nanotdf-crypto/index.js +12 -0
package/dist/web/src/nanotdf-crypto/keyAgreement.js +87 -0
package/dist/web/src/nanotdf-crypto/pemPublicToCrypto.js +197 -0
package/dist/web/src/policy/api.js +54 -0
package/dist/web/src/policy/attributes.js +2 -0
package/dist/web/src/policy/granter.js +141 -0
package/dist/web/src/tdf/AttributeObject.js +11 -0
package/dist/web/src/tdf/AttributeObjectJwt.js +2 -0
package/dist/web/src/tdf/Crypto.js +44 -0
package/dist/web/src/tdf/EntityObject.js +2 -0
package/dist/web/src/tdf/NanoTDF/NanoTDF.js +35 -0
package/dist/web/src/tdf/Policy.js +48 -0
package/dist/web/src/tdf/PolicyObject.js +2 -0
package/dist/web/src/tdf/TypedArray.js +2 -0
package/dist/web/src/tdf/index.js +4 -0
package/dist/web/src/types/index.js +2 -0
package/dist/web/src/utils.js +133 -0
package/dist/web/src/version.js +9 -0
package/dist/web/tdf3/index.js +13 -0
package/dist/web/tdf3/src/assertions.js +111 -0
package/dist/web/tdf3/src/binary.js +149 -0
package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +52 -0
package/dist/web/tdf3/src/ciphers/algorithms.js +5 -0
package/dist/web/tdf3/src/ciphers/index.js +3 -0
package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +18 -0
package/dist/web/tdf3/src/client/DecoratedReadableStream.js +107 -0
package/dist/web/tdf3/src/client/builders.js +557 -0
package/dist/web/tdf3/src/client/index.js +423 -0
package/dist/web/tdf3/src/client/validation.js +58 -0
package/dist/web/tdf3/src/crypto/crypto-utils.js +107 -0
package/dist/web/tdf3/src/crypto/declarations.js +5 -0
package/dist/web/tdf3/src/crypto/index.js +296 -0
package/dist/web/tdf3/src/index.js +5 -0
package/dist/web/tdf3/src/models/attribute-set.js +118 -0
package/dist/web/tdf3/src/models/encryption-information.js +86 -0
package/dist/web/tdf3/src/models/index.js +9 -0
package/dist/web/tdf3/src/models/key-access.js +74 -0
package/dist/web/tdf3/src/models/manifest.js +2 -0
package/dist/web/tdf3/src/models/payload.js +2 -0
package/dist/web/tdf3/src/models/policy.js +20 -0
package/dist/web/tdf3/src/models/upsert-response.js +2 -0
package/dist/web/tdf3/src/tdf.js +866 -0
package/dist/web/tdf3/src/templates/default.html.js +96 -0
package/dist/web/tdf3/src/templates/escaper.js +10 -0
package/dist/web/tdf3/src/templates/index.js +3 -0
package/dist/web/tdf3/src/utils/buffer-crc32.js +44 -0
package/dist/web/tdf3/src/utils/chunkers.js +96 -0
package/dist/web/tdf3/src/utils/index.js +248 -0
package/dist/web/tdf3/src/utils/keysplit.js +55 -0
package/dist/web/tdf3/src/utils/zip-reader.js +247 -0
package/dist/web/tdf3/src/utils/zip-writer.js +302 -0
package/dist/web/tdf3/src/version.js +3 -0
package/package.json +126 -0
package/src/access.ts +198 -0
package/src/auth/Eas.ts +79 -0
package/src/auth/auth.ts +141 -0
package/src/auth/oidc-clientcredentials-provider.ts +32 -0
package/src/auth/oidc-externaljwt-provider.ts +41 -0
package/src/auth/oidc-refreshtoken-provider.ts +41 -0
package/src/auth/oidc.ts +307 -0
package/src/auth/providers.ts +139 -0
package/src/encodings/base64.ts +160 -0
package/src/encodings/hex.ts +69 -0
package/src/encodings/index.ts +2 -0
package/src/errors.ts +113 -0
package/src/index.ts +441 -0
package/src/nanotdf/Client.ts +349 -0
package/src/nanotdf/NanoTDF.ts +121 -0
package/src/nanotdf/browser-entry.ts +20 -0
package/src/nanotdf/constants.ts +1 -0
package/src/nanotdf/decrypt.ts +19 -0
package/src/nanotdf/encrypt-dataset.ts +52 -0
package/src/nanotdf/encrypt.ts +197 -0
package/src/nanotdf/enum/CipherEnum.ts +10 -0
package/src/nanotdf/enum/CurveNameEnum.ts +12 -0
package/src/nanotdf/enum/EncodingEnum.ts +5 -0
package/src/nanotdf/enum/PolicyTypeEnum.ts +8 -0
package/src/nanotdf/enum/ProtocolEnum.ts +7 -0
package/src/nanotdf/enum/ResourceLocatorIdentifierEnum.ts +8 -0
package/src/nanotdf/helpers/calculateByCurve.ts +26 -0
package/src/nanotdf/helpers/getHkdfSalt.ts +15 -0
package/src/nanotdf/index.ts +10 -0
package/src/nanotdf/interfaces/PolicyInterface.ts +27 -0
package/src/nanotdf/models/Ciphers.ts +67 -0
package/src/nanotdf/models/DefaultParams.ts +24 -0
package/src/nanotdf/models/EcCurves.ts +40 -0
package/src/nanotdf/models/Header.ts +322 -0
package/src/nanotdf/models/Payload.ts +196 -0
package/src/nanotdf/models/Policy/AbstractPolicy.ts +90 -0
package/src/nanotdf/models/Policy/EmbeddedPolicy.ts +101 -0
package/src/nanotdf/models/Policy/PolicyFactory.ts +48 -0
package/src/nanotdf/models/Policy/RemotePolicy.ts +74 -0
package/src/nanotdf/models/ResourceLocator.ts +212 -0
package/src/nanotdf/models/Signature.ts +85 -0
package/src/nanotdf-crypto/ciphers.ts +13 -0
package/src/nanotdf-crypto/decrypt.ts +30 -0
package/src/nanotdf-crypto/digest.ts +8 -0
package/src/nanotdf-crypto/ecdsaSignature.ts +109 -0
package/src/nanotdf-crypto/encrypt.ts +30 -0
package/src/nanotdf-crypto/enums.ts +47 -0
package/src/nanotdf-crypto/exportCryptoKey.ts +17 -0
package/src/nanotdf-crypto/generateKeyPair.ts +19 -0
package/src/nanotdf-crypto/generateRandomNumber.ts +8 -0
package/src/nanotdf-crypto/importRawKey.ts +19 -0
package/src/nanotdf-crypto/index.ts +11 -0
package/src/nanotdf-crypto/keyAgreement.ts +139 -0
package/src/nanotdf-crypto/pemPublicToCrypto.ts +232 -0
package/src/package-lock.json +6 -0
package/src/package.json +3 -0
package/src/platform/authorization/authorization_connect.d.ts +44 -0
package/src/platform/authorization/authorization_connect.js +44 -0
package/src/platform/authorization/authorization_pb.d.ts +707 -0
package/src/platform/authorization/authorization_pb.js +372 -0
package/src/platform/common/common_pb.d.ts +129 -0
package/src/platform/common/common_pb.js +58 -0
package/src/platform/entityresolution/entity_resolution_connect.d.ts +35 -0
package/src/platform/entityresolution/entity_resolution_connect.js +35 -0
package/src/platform/entityresolution/entity_resolution_pb.d.ts +242 -0
package/src/platform/entityresolution/entity_resolution_pb.js +139 -0
package/src/platform/kas/kas_connect.d.ts +59 -0
package/src/platform/kas/kas_connect.js +59 -0
package/src/platform/kas/kas_pb.d.ts +200 -0
package/src/platform/kas/kas_pb.js +84 -0
package/src/platform/policy/attributes/attributes_connect.d.ts +168 -0
package/src/platform/policy/attributes/attributes_connect.js +168 -0
package/src/platform/policy/attributes/attributes_pb.d.ts +929 -0
package/src/platform/policy/attributes/attributes_pb.js +363 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.d.ts +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_connect.js +62 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.d.ts +283 -0
package/src/platform/policy/kasregistry/key_access_server_registry_pb.js +113 -0
package/src/platform/policy/namespaces/namespaces_connect.d.ts +62 -0
package/src/platform/policy/namespaces/namespaces_connect.js +62 -0
package/src/platform/policy/namespaces/namespaces_pb.d.ts +270 -0
package/src/platform/policy/namespaces/namespaces_pb.js +110 -0
package/src/platform/policy/objects_pb.d.ts +725 -0
package/src/platform/policy/objects_pb.js +288 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.d.ts +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_connect.js +259 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.d.ts +314 -0
package/src/platform/policy/resourcemapping/resource_mapping_pb.js +142 -0
package/src/platform/policy/selectors_pb.d.ts +269 -0
package/src/platform/policy/selectors_pb.js +110 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.d.ts +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_connect.js +118 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.d.ts +672 -0
package/src/platform/policy/subjectmapping/subject_mapping_pb.js +260 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.d.ts +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_connect.js +26 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.d.ts +75 -0
package/src/platform/wellknownconfiguration/wellknown_configuration_pb.js +35 -0
package/src/policy/api.ts +61 -0
package/src/policy/attributes.ts +117 -0
package/src/policy/granter.ts +181 -0
package/src/tdf/AttributeObject.ts +27 -0
package/src/tdf/AttributeObjectJwt.ts +3 -0
package/src/tdf/Crypto.ts +42 -0
package/src/tdf/EntityObject.ts +18 -0
package/src/tdf/NanoTDF/NanoTDF.ts +120 -0
package/src/tdf/Policy.ts +51 -0
package/src/tdf/PolicyObject.ts +12 -0
package/src/tdf/TypedArray.ts +12 -0
package/src/tdf/index.ts +6 -0
package/src/types/index.ts +55 -0
package/src/utils.ts +149 -0
package/src/version.ts +9 -0
package/tdf3/index.ts +91 -0
package/tdf3/package-lock.json +6 -0
package/tdf3/package.json +3 -0
package/tdf3/src/assertions.ts +191 -0
package/tdf3/src/binary.ts +195 -0
package/tdf3/src/ciphers/aes-gcm-cipher.ts +76 -0
package/tdf3/src/ciphers/algorithms.ts +9 -0
package/tdf3/src/ciphers/index.ts +2 -0
package/tdf3/src/ciphers/symmetric-cipher-base.ts +38 -0
package/tdf3/src/client/DecoratedReadableStream.ts +148 -0
package/tdf3/src/client/builders.ts +701 -0
package/tdf3/src/client/index.ts +637 -0
package/tdf3/src/client/validation.ts +79 -0
package/tdf3/src/crypto/crypto-utils.ts +119 -0
package/tdf3/src/crypto/declarations.ts +89 -0
package/tdf3/src/crypto/index.ts +394 -0
package/tdf3/src/index.ts +4 -0
package/tdf3/src/models/attribute-set.ts +142 -0
package/tdf3/src/models/encryption-information.ts +172 -0
package/tdf3/src/models/index.ts +8 -0
package/tdf3/src/models/key-access.ts +128 -0
package/tdf3/src/models/manifest.ts +9 -0
package/tdf3/src/models/payload.ts +6 -0
package/tdf3/src/models/policy.ts +35 -0
package/tdf3/src/models/upsert-response.ts +17 -0
package/tdf3/src/tdf.ts +1351 -0
package/tdf3/src/templates/default.html.ts +105 -0
package/tdf3/src/templates/escaper.ts +10 -0
package/tdf3/src/templates/index.ts +2 -0
package/tdf3/src/utils/buffer-crc32.ts +46 -0
package/tdf3/src/utils/chunkers.ts +118 -0
package/tdf3/src/utils/index.ts +309 -0
package/tdf3/src/utils/keysplit.ts +63 -0
package/tdf3/src/utils/zip-reader.ts +341 -0
package/tdf3/src/utils/zip-writer.ts +375 -0
package/tdf3/src/version.ts +2 -0
package/tdf3/types.d.ts +14 -0

package/tdf3/src/client/validation.ts ADDED Viewed

@@ -0,0 +1,79 @@
+import { AttributeValidationError } from '../../../src/errors.js';
+const sageGetMatch = (match: RegExpMatchArray | null) => (match ? match[0] : null);
+export const ATTR_NAME_PROP_NAME = 'attr';
+export const ATTR_VALUE_PROP_NAME = 'value';
+// Validate attribute url protocol starts with `http://` or `https://`
+const SCHEME = '(https?://)';
+// validate url host be like `localhost:4000`
+const HOST_PORT = '([a-z0-9][a-z0-9]{1,}:[0-9]{1,4})';
+// validate url host be like `www.example.com`
+const WWW_HOST = '([a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z]{2,}';
+// validate url host be like `127.0.0.1:4000`
+const IP_HOST_PORT = '([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}:[0-9]{1,4})';
+// validate host is one of those above
+const HOST = `(${HOST_PORT}|${WWW_HOST}|${IP_HOST_PORT})`;
+// validate attr  name be like `/attr/<attr_name>`
+export const ATTR_NAME = `(/${ATTR_NAME_PROP_NAME}/[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]?)`;
+// validate value pattern
+export const ATTR_VALUE = `(/${ATTR_VALUE_PROP_NAME}/[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]?)`;
+// validate attribute authority  e.g. https://example.com
+const ATTR_AUTHORITY_PATTERN = `(${SCHEME}${HOST})`;
+// validate attribute namespace e.g. https://example.com/attr/someattribute
+const ATTR_NAMESPACE_PATTERN = `(${ATTR_AUTHORITY_PATTERN}${ATTR_NAME})`;
+// validate whole attribute e.g. https://example.com/attr/someattribute/value/somevalue
+export const ATTR_ATTRIBUTE_PATTERN = `^(${ATTR_NAMESPACE_PATTERN}${ATTR_VALUE})$`;
+export const validateAttributeObject = (attr: unknown): true | never => {
+  const isObject = typeof attr === 'object';
+  if (!isObject) {
+    throw new AttributeValidationError(`attribute should be an object`, attr);
+  }
+  const { attribute } = attr as Record<string, unknown>;
+  const isString = typeof attribute === 'string';
+  if (!isString) {
+    throw new AttributeValidationError(`attribute prop should be a string`, attr);
+  }
+  return validateAttribute(attribute);
+};
+export function validateAttribute(attribute: string): true | never {
+  if (!attribute.match(ATTR_ATTRIBUTE_PATTERN)) {
+    throw new AttributeValidationError(`attribute is in invalid format [${attribute}]`, attribute);
+  }
+  const ATTR_NAME_PREFIX = `/${ATTR_NAME_PROP_NAME}/`;
+  const ATTR_VALUE_PREFIX = `/${ATTR_VALUE_PROP_NAME}/`;
+  const attrNameMatch = sageGetMatch(attribute.match(ATTR_NAME));
+  const attrValueMatch = sageGetMatch(attribute.match(ATTR_VALUE));
+  if (!attrNameMatch) {
+    throw new AttributeValidationError(`attribute name matching error`, attribute);
+  }
+  if (!attrValueMatch) {
+    throw new AttributeValidationError(`attribute value matching error`, attribute);
+  }
+  const attributeName = attrNameMatch.slice(ATTR_NAME_PREFIX.length);
+  const attributeValue = attrValueMatch.slice(ATTR_VALUE_PREFIX.length);
+  if (attributeName === attributeValue) {
+    throw new AttributeValidationError(`attribute name should be unique with its value`, attribute);
+  }
+  return true;
+}

package/tdf3/src/crypto/crypto-utils.ts ADDED Viewed

@@ -0,0 +1,119 @@
+import { base64 } from '../../../src/encodings/index.js';
+import { type AnyKeyPair, type PemKeyPair } from './declarations.js';
+import { rsaPkcs1Sha256 } from './index.js';
+/**
+ * Validates a specified key size
+ * @param size in bits requested
+ * @param minSize in bits allowed
+ */
+export const isValidAsymmetricKeySize = (size: number | undefined, minSize?: number): boolean => {
+  // No size specified is fine because the minSize will be used
+  if (size === undefined) {
+    return !!minSize;
+  }
+  if (typeof size !== 'number' || (minSize && size < minSize)) {
+    return false;
+  }
+  return true;
+};
+/**
+ * Format a base64 string representation of a key file
+ * in PEM PKCS#8 format by adding a header and footer
+ * and new lines.
+ *
+ * The PEM spec says to use <CR><LF> (\r\n) per
+ * https://tools.ietf.org/html/rfc1421#section-4.3.2.2, but
+ * many implementations use just \n, so this function
+ * follows the convention over the spec.
+ *
+ * @param  base64KeyString input
+ * @param  label header and footer label that identifies key type
+ * @return formatted output
+ */
+export const formatAsPem = (bytes: ArrayBuffer, label: string): string => {
+  let pemCert = `-----BEGIN ${label}-----\n`;
+  let nextIndex = 0;
+  const base64KeyString = base64.encodeArrayBuffer(bytes);
+  while (nextIndex < base64KeyString.length) {
+    if (nextIndex + 64 <= base64KeyString.length) {
+      pemCert += `${base64KeyString.substr(nextIndex, 64)}\n`;
+    } else {
+      pemCert += `${base64KeyString.substr(nextIndex)}\n`;
+    }
+    nextIndex += 64;
+  }
+  pemCert += `-----END ${label}-----\n`;
+  return pemCert;
+};
+/**
+ * Remove PEM formatting (new line characters and headers / footers)
+ * from a PEM string
+ *
+ * @param  input - PEM formatted string
+ * @return String with formatting removed
+ */
+export const removePemFormatting = (input: string): string => {
+  if (typeof input !== 'string') {
+    console.error('Not a pem string', input);
+    return input;
+  }
+  const oneLiner = input.replace(/[\n\r]/g, '');
+  // https://www.rfc-editor.org/rfc/rfc7468#section-2
+  return oneLiner.replace(
+    /-----(?:BEGIN|END)\s(?:RSA\s)?(?:PUBLIC|PRIVATE|CERTIFICATE)\sKEY-----/g,
+    ''
+  );
+};
+const PEMRE =
+  /-----BEGIN\s((?:RSA\s)?(?:PUBLIC\sKEY|PRIVATE\sKEY|CERTIFICATE))-----[\s0-9A-Za-z+/=]+-----END\s\1-----/;
+export const isPemKeyPair = (i: AnyKeyPair): i is PemKeyPair => {
+  const { privateKey, publicKey } = i;
+  if (typeof privateKey !== 'string' || typeof publicKey !== 'string') {
+    return false;
+  }
+  const privateMatch = PEMRE.exec(privateKey);
+  if (!privateMatch || !privateMatch[1] || privateMatch[1].indexOf('PRIVATE KEY') < 0) {
+    return false;
+  }
+  const publicMatch = PEMRE.exec(publicKey);
+  if (!publicMatch || !publicMatch[1] || publicMatch[1].indexOf('PRIVATE') >= 0) {
+    return false;
+  }
+  return true;
+};
+export const isCryptoKeyPair = (i: AnyKeyPair): i is CryptoKeyPair => {
+  const { privateKey, publicKey } = i;
+  if (typeof privateKey !== 'object' || typeof publicKey !== 'object') {
+    return false;
+  }
+  if (!(privateKey instanceof CryptoKey) || !(publicKey instanceof CryptoKey)) {
+    return false;
+  }
+  return privateKey.type === 'private' && publicKey.type === 'public';
+};
+export const toCryptoKeyPair = async (input: AnyKeyPair): Promise<CryptoKeyPair> => {
+  if (isCryptoKeyPair(input)) {
+    return input;
+  }
+  if (!isPemKeyPair(input)) {
+    throw new Error('internal: generated invalid keypair');
+  }
+  const k = [input.publicKey, input.privateKey]
+    .map(removePemFormatting)
+    .map((e) => base64.decodeArrayBuffer(e));
+  const algorithm = rsaPkcs1Sha256();
+  const [publicKey, privateKey] = await Promise.all([
+    crypto.subtle.importKey('spki', k[0], algorithm, true, ['verify']),
+    crypto.subtle.importKey('pkcs8', k[1], algorithm, true, ['sign']),
+  ]);
+  return { privateKey, publicKey };
+};

package/tdf3/src/crypto/declarations.ts ADDED Viewed

@@ -0,0 +1,89 @@
+import { Binary } from '../binary.js';
+import { type AlgorithmUrn } from '../ciphers/algorithms.js';
+export type EncryptResult = {
+  /** Encrypted payload. */
+  payload: Binary;
+  /** Auth tag, if generated/ */
+  authTag?: Binary;
+};
+export type DecryptResult = {
+  payload: Binary;
+};
+/**
+ * PEM formatted keypair.
+ */
+export type PemKeyPair = {
+  publicKey: string;
+  privateKey: string;
+};
+/**
+ * The minimum acceptable asymetric key size, currently 2^11.
+ */
+export const MIN_ASYMMETRIC_KEY_SIZE_BITS = 2048;
+export type AnyKeyPair = PemKeyPair | CryptoKeyPair;
+export type CryptoService = {
+  /** Track which crypto implementation we are using */
+  name: string;
+  /** Default algorithm identifier. */
+  method: AlgorithmUrn;
+  /** Convert or narrow from AnyKeyPair to PemKeyPair */
+  cryptoToPemPair: (keys: AnyKeyPair) => Promise<PemKeyPair>;
+  /**
+   * Try to decrypt content with the default or handed algorithm. Throws on
+   * most failure, if auth tagging is implemented for example.
+   */
+  decrypt: (
+    payload: Binary,
+    key: Binary,
+    iv: Binary,
+    algorithm?: AlgorithmUrn,
+    authTag?: Binary
+  ) => Promise<DecryptResult>;
+  decryptWithPrivateKey: (encryptedPayload: Binary, privateKey: string) => Promise<Binary>;
+  /**
+   * Encrypt content with the default or handed algorithm.
+   */
+  encrypt: (
+    payload: Binary,
+    key: Binary,
+    iv: Binary,
+    algorithm?: AlgorithmUrn
+  ) => Promise<EncryptResult>;
+  encryptWithPublicKey: (payload: Binary, publicKey: string) => Promise<Binary>;
+  /** Get length random bytes as a hex-encoded string. */
+  generateInitializationVector: (length?: number) => Promise<string>;
+  /** Get length random bytes as a hex-encoded string. */
+  generateKey: (length?: number) => Promise<string>;
+  /**
+   * Generate an RSA key pair
+   * @param size in bits, defaults to a reasonable size for the default method
+   */
+  generateKeyPair: (size?: number) => Promise<AnyKeyPair>;
+  generateSigningKeyPair: () => Promise<AnyKeyPair>;
+  /**
+   * Create an HMAC SHA256 hash
+   */
+  hmac: (key: string, content: string) => Promise<string>;
+  randomBytes: (byteLength: number) => Promise<Uint8Array>;
+  /** Compute the hex-encoded SHA hash of a UTF-16 encoded string. */
+  sha256: (content: string) => Promise<string>;
+};

package/tdf3/src/crypto/index.ts ADDED Viewed

@@ -0,0 +1,394 @@
+/**
+ * This file is for using native crypto in the browser.
+ *
+ * @private
+ */
+import { Algorithms } from '../ciphers/index.js';
+import { Binary } from '../binary.js';
+import {
+  CryptoService,
+  DecryptResult,
+  EncryptResult,
+  MIN_ASYMMETRIC_KEY_SIZE_BITS,
+  PemKeyPair,
+} from './declarations.js';
+import { ConfigurationError, DecryptError } from '../../../src/errors.js';
+import { formatAsPem, removePemFormatting } from './crypto-utils.js';
+import { encodeArrayBuffer as hexEncode } from '../../../src/encodings/hex.js';
+import { decodeArrayBuffer as base64Decode } from '../../../src/encodings/base64.js';
+import { AlgorithmUrn } from '../ciphers/algorithms.js';
+// Used to pass into native crypto functions
+const METHODS: KeyUsage[] = ['encrypt', 'decrypt'];
+export const isSupported = typeof globalThis?.crypto !== 'undefined';
+export const method = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc';
+export const name = 'BrowserNativeCryptoService';
+/**
+ * Get a DOMString representing the algorithm to use for an
+ * asymmetric key generation.
+ */
+export function rsaOaepSha1(
+  modulusLength: number = MIN_ASYMMETRIC_KEY_SIZE_BITS
+): RsaHashedKeyGenParams {
+  if (!modulusLength || modulusLength < MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+    throw new ConfigurationError('Invalid key size requested');
+  }
+  return {
+    name: 'RSA-OAEP',
+    hash: {
+      name: 'SHA-1',
+    },
+    modulusLength,
+    publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // 24 bit representation of 65537
+  };
+}
+export function rsaPkcs1Sha256(
+  modulusLength: number = MIN_ASYMMETRIC_KEY_SIZE_BITS
+): RsaHashedKeyGenParams {
+  if (!modulusLength || modulusLength < MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+    throw new ConfigurationError('Invalid key size requested');
+  }
+  return {
+    name: 'RSASSA-PKCS1-v1_5',
+    hash: {
+      name: 'SHA-256',
+    },
+    modulusLength,
+    publicExponent: new Uint8Array([0x01, 0x00, 0x01]), // 24 bit representation of 65537
+  };
+}
+/**
+ * Generate a random hex key
+ * @return New key as a hex string
+ */
+export async function generateKey(length?: number): Promise<string> {
+  return randomBytesAsHex(length || 32);
+}
+/**
+ * Generate an RSA key pair
+ * @see    {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey}
+ * @param  size in bits
+ */
+export async function generateKeyPair(size?: number): Promise<CryptoKeyPair> {
+  const algoDomString = rsaOaepSha1(size || MIN_ASYMMETRIC_KEY_SIZE_BITS);
+  return crypto.subtle.generateKey(algoDomString, true, METHODS);
+}
+/**
+ * Generate an RSA key pair suitable for signatures
+ * @see    {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey}
+ */
+export async function generateSigningKeyPair(): Promise<CryptoKeyPair> {
+  return crypto.subtle.generateKey(
+    {
+      name: 'RSASSA-PKCS1-v1_5',
+      hash: 'SHA-256',
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
+    },
+    true,
+    ['sign', 'verify']
+  );
+}
+export async function cryptoToPemPair(keysMaybe: unknown): Promise<PemKeyPair> {
+  const keys = keysMaybe as CryptoKeyPair;
+  if (!keys.privateKey || !keys.publicKey) {
+    // These are only ever generated here, so this should not happen
+    throw new Error('internal: invalid keys');
+  }
+  const [exPublic, exPrivate] = await Promise.all([
+    crypto.subtle.exportKey('spki', keys.publicKey),
+    crypto.subtle.exportKey('pkcs8', keys.privateKey),
+  ]);
+  return {
+    publicKey: formatAsPem(exPublic, 'PUBLIC KEY'),
+    privateKey: formatAsPem(exPrivate, 'PRIVATE KEY'),
+  };
+}
+/**
+ * Encrypt using a public key
+ * @param payload Payload to encrypt
+ * @param publicKey PEM formatted public key
+ * @return Encrypted payload
+ */
+export async function encryptWithPublicKey(payload: Binary, publicKey: string): Promise<Binary> {
+  console.assert(typeof payload === 'object');
+  console.assert(typeof publicKey === 'string');
+  const algoDomString = rsaOaepSha1();
+  // Web Crypto APIs don't work with PEM formatted strings
+  publicKey = removePemFormatting(publicKey);
+  const keyBuffer = base64Decode(publicKey);
+  const cryptoKey = await crypto.subtle.importKey('spki', keyBuffer, algoDomString, false, [
+    'encrypt',
+  ]);
+  const result = await crypto.subtle.encrypt(
+    { name: 'RSA-OAEP' },
+    cryptoKey,
+    payload.asArrayBuffer()
+  );
+  return Binary.fromArrayBuffer(result);
+}
+/**
+ * Generate a 16-byte initialization vector
+ */
+export async function generateInitializationVector(length?: number): Promise<string> {
+  return randomBytesAsHex(length || 16);
+}
+export async function randomBytes(byteLength: number): Promise<Uint8Array> {
+  const r = new Uint8Array(byteLength);
+  crypto.getRandomValues(r);
+  return r;
+}
+/**
+ * Returns a promise to the encryption key as a binary string.
+ *
+ * Note: This function should almost never fail as it includes a fallback
+ * if for some reason the native generate key fails.
+ *
+ * @param length The key length, defaults to 256
+ *
+ * @returns The hex string.
+ */
+export async function randomBytesAsHex(length: number): Promise<string> {
+  // Create a typed array of the correct length to fill
+  const r = new Uint8Array(length);
+  crypto.getRandomValues(r);
+  return hexEncode(r.buffer);
+}
+/**
+ * Decrypt a public-key encrypted payload with a private key
+ * @param  encryptedPayload  Payload to decrypt
+ * @param  privateKey        PEM formatted private keynpmv
+ * @return Decrypted payload
+ */
+export async function decryptWithPrivateKey(
+  encryptedPayload: Binary,
+  privateKey: string
+): Promise<Binary> {
+  console.assert(typeof encryptedPayload === 'object', 'encryptedPayload must be object');
+  console.assert(typeof privateKey === 'string', 'privateKey must be string');
+  const algoDomString = rsaOaepSha1();
+  // Web Crypto APIs don't work with PEM formatted strings
+  const keyDataString = removePemFormatting(privateKey);
+  const keyData = base64Decode(keyDataString);
+  const key = await crypto.subtle.importKey('pkcs8', keyData, algoDomString, false, ['decrypt']);
+  const payload = await crypto.subtle.decrypt(
+    { name: 'RSA-OAEP' },
+    key,
+    encryptedPayload.asArrayBuffer()
+  );
+  const bufferView = new Uint8Array(payload);
+  return Binary.fromArrayBuffer(bufferView.buffer);
+}
+/**
+ * Decrypt content synchronously
+ * @param payload The payload to decrypt
+ * @param key     The encryption key
+ * @param iv      The initialization vector
+ * @param algorithm The algorithm to use for encryption
+ * @param authTag The authentication tag for authenticated crypto.
+ */
+export function decrypt(
+  payload: Binary,
+  key: Binary,
+  iv: Binary,
+  algorithm?: AlgorithmUrn,
+  authTag?: Binary
+): Promise<DecryptResult> {
+  return _doDecrypt(payload, key, iv, algorithm, authTag);
+}
+/**
+ * Encrypt content synchronously
+ * @param payload   The payload to encrypt
+ * @param key       The encryption key
+ * @param iv        The initialization vector
+ * @param algorithm The algorithm to use for encryption
+ */
+export function encrypt(
+  payload: Binary,
+  key: Binary,
+  iv: Binary,
+  algorithm?: AlgorithmUrn
+): Promise<EncryptResult> {
+  return _doEncrypt(payload, key, iv, algorithm);
+}
+async function _doEncrypt(
+  payload: Binary,
+  key: Binary,
+  iv: Binary,
+  algorithm?: AlgorithmUrn
+): Promise<EncryptResult> {
+  console.assert(payload != null);
+  console.assert(key != null);
+  console.assert(iv != null);
+  const payloadBuffer = payload.asArrayBuffer();
+  const algoDomString = getSymmetricAlgoDomString(iv, algorithm);
+  const importedKey = await _importKey(key, algoDomString);
+  const encrypted = await crypto.subtle.encrypt(algoDomString, importedKey, payloadBuffer);
+  if (algoDomString.name === 'AES-GCM') {
+    return {
+      payload: Binary.fromArrayBuffer(encrypted.slice(0, -16)),
+      authTag: Binary.fromArrayBuffer(encrypted.slice(-16)),
+    };
+  }
+  return {
+    payload: Binary.fromArrayBuffer(encrypted),
+  };
+}
+async function _doDecrypt(
+  payload: Binary,
+  key: Binary,
+  iv: Binary,
+  algorithm?: AlgorithmUrn,
+  authTag?: Binary
+): Promise<DecryptResult> {
+  console.assert(payload != null);
+  console.assert(key != null);
+  console.assert(iv != null);
+  let payloadBuffer = payload.asArrayBuffer();
+  // Concat the the auth tag to the payload for decryption
+  if (authTag) {
+    const authTagBuffer = authTag.asArrayBuffer();
+    const gcmPayload = new Uint8Array(payloadBuffer.byteLength + authTagBuffer.byteLength);
+    gcmPayload.set(new Uint8Array(payloadBuffer), 0);
+    gcmPayload.set(new Uint8Array(authTagBuffer), payloadBuffer.byteLength);
+    payloadBuffer = gcmPayload.buffer;
+  }
+  const algoDomString = getSymmetricAlgoDomString(iv, algorithm);
+  const importedKey = await _importKey(key, algoDomString);
+  algoDomString.iv = iv.asArrayBuffer();
+  const decrypted = await crypto.subtle
+    .decrypt(algoDomString, importedKey, payloadBuffer)
+    // Catching this error so we can specifically check for OperationError
+    .catch((err) => {
+      if (err.name === 'OperationError') {
+        throw new DecryptError(err);
+      }
+      throw err;
+    });
+  return { payload: Binary.fromArrayBuffer(decrypted) };
+}
+function _importKey(key: Binary, algorithm: AesCbcParams | AesGcmParams) {
+  return crypto.subtle.importKey('raw', key.asArrayBuffer(), algorithm, true, METHODS);
+}
+/**
+ * Get a DOMString representing the algorithm to use for a crypto
+ * operation. Defaults to AES-CBC.
+ * @param  {String|undefined} algorithm
+ * @return {DOMString} Algorithm to use
+ */
+function getSymmetricAlgoDomString(
+  iv: Binary,
+  algorithm?: AlgorithmUrn
+): AesCbcParams | AesGcmParams {
+  let nativeAlgorithm = 'AES-CBC';
+  if (algorithm === Algorithms.AES_256_GCM) {
+    nativeAlgorithm = 'AES-GCM';
+  }
+  return {
+    name: nativeAlgorithm,
+    iv: iv.asArrayBuffer(),
+  };
+}
+/**
+ * Create a SHA256 hash. Code refrenced from MDN:
+ * https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest
+ * @param  content  String content
+ * @return Hex hash
+ */
+export async function sha256(content: string): Promise<string> {
+  const buffer = new TextEncoder().encode(content);
+  const hashBuffer = await crypto.subtle.digest('SHA-256', buffer);
+  return hexEncode(hashBuffer);
+}
+/**
+ * Create an HMAC SHA256 hash
+ * @param  key     Key string
+ * @param  content Content string
+ * @return Hex hash
+ */
+export async function hmac(key: string, content: string): Promise<string> {
+  const contentBuffer = new TextEncoder().encode(content);
+  const keyBuffer = hex2Ab(key);
+  const cryptoKey = await crypto.subtle.importKey(
+    'raw',
+    keyBuffer,
+    {
+      name: 'HMAC',
+      hash: { name: 'SHA-256' },
+    },
+    true,
+    ['sign', 'verify']
+  );
+  const hashBuffer = await crypto.subtle.sign('HMAC', cryptoKey, contentBuffer);
+  return hexEncode(hashBuffer);
+}
+/**
+ * Create an ArrayBuffer from a hex string.
+ * https://developers.google.com/web/updates/2012/06/How-to-convert-ArrayBuffer-to-and-from-String?hl=en
+ * @param  hex - Hex string
+ */
+export function hex2Ab(hex: string): ArrayBuffer {
+  const buffer = new ArrayBuffer(hex.length / 2);
+  const bufferView = new Uint8Array(buffer);
+  for (let i = 0; i < hex.length; i += 2) {
+    bufferView[i / 2] = parseInt(hex.substr(i, 2), 16);
+  }
+  return buffer;
+}
+export const DefaultCryptoService: CryptoService = {
+  name,
+  method,
+  cryptoToPemPair,
+  decrypt,
+  decryptWithPrivateKey,
+  encrypt,
+  encryptWithPublicKey,
+  generateInitializationVector,
+  generateKey,
+  generateKeyPair,
+  generateSigningKeyPair,
+  hmac,
+  randomBytes,
+  sha256,
+};

package/tdf3/src/index.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * as Client from './client/index.js';
+export { Client as TDF3Client } from './client/index.js';
+export * as Errors from '../../src/errors.js';
+export { version, clientType } from './version.js';