@opentdf/sdk 0.2.0-beta.1758 → 0.2.0

package/dist/cjs/src/index.js

@@ -15,328 +15,38 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.clientType = exports.version = exports.AuthProviders = exports.NanoTDFDatasetClient = exports.NanoTDFClient = exports.attributeFQNsAsValues = void 0;
-const index_js_1 = require("./nanotdf/index.js");
-const index_js_2 = require("./nanotdf-crypto/index.js");
-const Policy_js_1 = require("./tdf/Policy.js");
-const AttributeObject_js_1 = require("./tdf/AttributeObject.js");
-const access_js_1 = require("./access.js");
-const errors_js_1 = require("./errors.js");
+exports.tdfSpecVersion = exports.clientType = exports.version = exports.attributeFQNsAsValues = exports.AuthProviders = exports.withHeaders = exports.HttpRequest = void 0;
+var auth_js_1 = require("./auth/auth.js");
+Object.defineProperty(exports, "HttpRequest", { enumerable: true, get: function () { return auth_js_1.HttpRequest; } });
+Object.defineProperty(exports, "withHeaders", { enumerable: true, get: function () { return auth_js_1.withHeaders; } });
+exports.AuthProviders = __importStar(require("./auth/providers.js"));
 var api_js_1 = require("./policy/api.js");
 Object.defineProperty(exports, "attributeFQNsAsValues", { enumerable: true, get: function () { return api_js_1.attributeFQNsAsValues; } });
-// Define default options
-const defaultOptions = {
-    ecdsaBinding: false,
-};
-/**
- * NanoTDF SDK Client
- *
- * @example
- * ```
- * import { clientSecretAuthProvider, NanoTDFClient } from '@opentdf/sdk';
- *
- * const OIDC_ENDPOINT = 'http://localhost:65432/auth/realms/opentdf-demo';
- * const KAS_URL = 'http://localhost:65432/api/kas/';
- *
- * const ciphertext = '...';
- * const client = new NanoTDFClient({
- *   authProvider: await clientSecretAuthProvider({
- *     clientId: 'tdf-client',
- *     clientSecret: '123-456',
- *     oidcOrigin: OIDC_ENDPOINT,
- *   }),
- *   kasEndpoint: KAS_URL
- *  }
- * );
- * client.decrypt(ciphertext)
- *   .then(plaintext => {
- *     console.log('Plaintext', plaintext);
- *   })
- *   .catch(err => {
- *     console.error('Some error occurred', err);
- *   })
- */
-class NanoTDFClient extends index_js_1.Client {
-    /**
-     * Decrypt ciphertext
-     *
-     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
-     *
-     * @param ciphertext Ciphertext to decrypt
-     */
-    async decrypt(ciphertext) {
-        // Parse ciphertext
-        const nanotdf = index_js_1.NanoTDF.from(ciphertext);
-        // TODO: The version number should be fetched from the API
-        const version = '0.0.1';
-        const kasUrl = nanotdf.header.getKasRewrapUrl();
-        // Rewrap key on every request
-        const ukey = await this.rewrapKey(nanotdf.header.toBuffer(), kasUrl, nanotdf.header.magicNumberVersion, version);
-        if (!ukey) {
-            throw new Error('internal: key rewrap failure');
-        }
-        // Return decrypt promise
-        return (0, index_js_1.decrypt)(ukey, nanotdf);
-    }
-    /**
-     * Decrypt ciphertext of the legacy TDF, with the older, smaller i.v. calculation.
-     *
-     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
-     *
-     * @param ciphertext Ciphertext to decrypt
-     */
-    async decryptLegacyTDF(ciphertext) {
-        // Parse ciphertext
-        const nanotdf = index_js_1.NanoTDF.from(ciphertext, undefined, true);
-        const legacyVersion = '0.0.0';
-        // Rewrap key on every request
-        const key = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, legacyVersion);
-        if (!key) {
-            throw new Error('internal: failed unwrap');
-        }
-        // Return decrypt promise
-        return (0, index_js_1.decrypt)(key, nanotdf);
-    }
-    /**
-     * Encrypts the given data using the NanoTDF encryption scheme.
-     *
-     * @param {string | TypedArray | ArrayBuffer} data - The data to be encrypted.
-     * @param {EncryptOptions} [options=defaultOptions] - The encryption options (currently unused).
-     * @returns {Promise<ArrayBuffer>} A promise that resolves to the encrypted data as an ArrayBuffer.
-     * @throws {Error} If the initialization vector is not a number.
-     */
-    async encrypt(data, options) {
-        // For encrypt always generate the client ephemeralKeyPair
-        const ephemeralKeyPair = await this.ephemeralKeyPair;
-        const initializationVector = this.iv;
-        if (typeof initializationVector !== 'number') {
-            throw new errors_js_1.ConfigurationError('NanoTDF clients are single use. Please generate a new client and keypair.');
-        }
-        delete this.iv;
-        if (!this.kasPubKey) {
-            this.kasPubKey = await (0, access_js_1.fetchECKasPubKey)(this.kasUrl);
-        }
-        // Create a policy for the tdf
-        const policy = new Policy_js_1.Policy();
-        // Add data attributes.
-        for (const dataAttribute of this.dataAttributes) {
-            const attribute = await (0, AttributeObject_js_1.createAttribute)(dataAttribute, this.kasPubKey, this.kasUrl);
-            policy.addAttribute(attribute);
-        }
-        if (this.dissems.length == 0 && this.dataAttributes.length == 0) {
-            console.warn('This policy has an empty attributes list and an empty dissemination list. This will allow any entity with a valid Entity Object to access this TDF.');
-        }
-        // Encrypt the policy.
-        const policyObjectAsStr = policy.toJSON();
-        // IV is always '1', since the new keypair is generated on encrypt
-        // using the same key is fine.
-        const lengthAsUint32 = new Uint32Array(1);
-        lengthAsUint32[0] = initializationVector;
-        const lengthAsUint24 = new Uint8Array(lengthAsUint32.buffer);
-        // NOTE: We are only interested in only first 3 bytes.
-        const payloadIV = new Uint8Array(12).fill(0);
-        payloadIV[9] = lengthAsUint24[2];
-        payloadIV[10] = lengthAsUint24[1];
-        payloadIV[11] = lengthAsUint24[0];
-        const mergedOptions = { ...defaultOptions, ...options };
-        return (0, index_js_1.encrypt)(policyObjectAsStr, this.kasPubKey, ephemeralKeyPair, payloadIV, data, mergedOptions.ecdsaBinding);
-    }
-}
-exports.NanoTDFClient = NanoTDFClient;
-/**
- * NanoTDF Dataset SDK Client
- *
- *
- * @example
- * ```
- * import { clientSecretAuthProvider, NanoTDFDatasetClient } from '@opentdf/sdk';
- *
- * const OIDC_ENDPOINT = 'http://localhost:65432/auth/realms/tdf';
- * const KAS_URL = 'http://localhost:65432/api/kas/';
- *
- * const ciphertext = '...';
- * const client = new NanoTDFDatasetClient({
- *   authProvider: await clientSecretAuthProvider({
- *     clientId: 'tdf-client',
- *     clientSecret: '123-456',
- *     exchange: 'client',
- *     oidcOrigin: OIDC_ENDPOINT,
- *   }),
- *   kasEndpoint: KAS_URL,
- * });
- * const plaintext = client.decrypt(ciphertext);
- * console.log('Plaintext', plaintext);
- * ```
- */
-class NanoTDFDatasetClient extends index_js_1.Client {
-    /**
-     * Create new NanoTDF Dataset Client
-     *
-     * The Ephemeral Key Pair can either be provided or will be generate when fetching the entity object. Once set it
-     * cannot be changed. If a new ephemeral key is desired it a new client should be initialized.
-     * There is no performance impact for creating a new client IFF the ephemeral key pair is provided.
-     *
-     * @param clientConfig OIDC client credentials
-     * @param kasUrl Key access service URL
-     * @param ephemeralKeyPair (optional) ephemeral key pair to use
-     * @param maxKeyIterations Max iteration to performe without a key rotation
-     */
-    constructor(opts) {
-        if (opts.maxKeyIterations &&
-            opts.maxKeyIterations > NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS) {
-            throw new errors_js_1.ConfigurationError(`key iteration exceeds max iterations(${NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS})`);
-        }
-        super(opts);
-        this.maxKeyIteration = opts.maxKeyIterations || NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS;
-        this.keyIterationCount = 0;
-    }
-    /**
-     * Encrypt data
-     *
-     * Pass a string, TypedArray, or ArrayBuffer data and get a promise which resolves ciphertext
-     *
-     * @param data to decrypt
-     */
-    async encrypt(data, options) {
-        // Intial encrypt
-        if (this.keyIterationCount == 0) {
-            const mergedOptions = { ...defaultOptions, ...options };
-            this.ecdsaBinding = mergedOptions.ecdsaBinding;
-            // For encrypt always generate the client ephemeralKeyPair
-            const ephemeralKeyPair = await this.ephemeralKeyPair;
-            if (!this.kasPubKey) {
-                this.kasPubKey = await (0, access_js_1.fetchECKasPubKey)(this.kasUrl);
-            }
-            // Create a policy for the tdf
-            const policy = new Policy_js_1.Policy();
-            // Add data attributes.
-            for (const dataAttribute of this.dataAttributes) {
-                const attribute = await (0, AttributeObject_js_1.createAttribute)(dataAttribute, this.kasPubKey, this.kasUrl);
-                policy.addAttribute(attribute);
-            }
-            if (this.dissems.length == 0 || this.dataAttributes.length == 0) {
-                console.warn('This policy has an empty attributes list and an empty dissemination list. This will allow any entity with a valid Entity Object to access this TDF.');
-            }
-            // Encrypt the policy.
-            const policyObjectAsStr = policy.toJSON();
-            const ivVector = this.generateIV();
-            // Generate a symmetric key.
-            this.symmetricKey = await (0, index_js_2.keyAgreement)(ephemeralKeyPair.privateKey, await this.kasPubKey.key, await (0, index_js_1.getHkdfSalt)(index_js_1.DefaultParams.magicNumberVersion));
-            const nanoTDFBuffer = await (0, index_js_1.encrypt)(policyObjectAsStr, this.kasPubKey, ephemeralKeyPair, ivVector, data, this.ecdsaBinding);
-            // Cache the header and increment the key iteration
-            if (!this.cachedHeader) {
-                const nanoTDF = index_js_1.NanoTDF.from(nanoTDFBuffer);
-                this.cachedHeader = nanoTDF.header;
-            }
-            this.keyIterationCount += 1;
-            return nanoTDFBuffer;
-        }
-        this.keyIterationCount += 1;
-        if (!this.cachedHeader) {
-            throw new errors_js_1.ConfigurationError('invalid dataset client: empty nanoTDF header');
-        }
-        if (!this.symmetricKey) {
-            throw new errors_js_1.ConfigurationError('invalid dataset client: empty dek');
-        }
-        this.keyIterationCount += 1;
-        if (this.keyIterationCount == this.maxKeyIteration) {
-            // reset the key iteration
-            this.keyIterationCount = 0;
-        }
-        const ivVector = this.generateIV();
-        return (0, index_js_1.encryptDataset)(this.symmetricKey, this.cachedHeader, ivVector, data);
-    }
-    /**
-     * Decrypt ciphertext
-     *
-     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
-     *
-     * @param ciphertext Ciphertext to decrypt
-     */
-    async decrypt(ciphertext) {
-        // Parse ciphertext
-        const nanotdf = index_js_1.NanoTDF.from(ciphertext);
-        if (!this.cachedEphemeralKey) {
-            // First decrypt
-            return this.rewrapAndDecrypt(nanotdf);
-        }
-        // Other encrypts
-        if (this.cachedEphemeralKey.toString() == nanotdf.header.ephemeralPublicKey.toString()) {
-            const ukey = this.unwrappedKey;
-            if (!ukey) {
-                // These should have thrown already.
-                throw new Error('internal: key rewrap failure');
-            }
-            // Return decrypt promise
-            return (0, index_js_1.decrypt)(ukey, nanotdf);
-        }
-        else {
-            return this.rewrapAndDecrypt(nanotdf);
-        }
-    }
-    async rewrapAndDecrypt(nanotdf) {
-        // TODO: The version number should be fetched from the API
-        const version = '0.0.1';
-        // Rewrap key on every request
-        const ukey = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, version);
-        if (!ukey) {
-            // These should have thrown already.
-            throw new Error('internal: key rewrap failure');
-        }
-        this.cachedEphemeralKey = nanotdf.header.ephemeralPublicKey;
-        this.unwrappedKey = ukey;
-        // Return decrypt promise
-        return (0, index_js_1.decrypt)(ukey, nanotdf);
-    }
-    generateIV() {
-        const iv = this.iv;
-        if (iv === undefined) {
-            // iv has passed the maximum iteration count for this dek
-            throw new errors_js_1.ConfigurationError('dataset full');
-        }
-        // assert iv ∈ ℤ ∩ (0, 2^24)
-        if (!Number.isInteger(iv) || iv <= 0 || 16777215 < iv) {
-            // Something has fiddled with the iv outside of the expected behavior
-            // could indicate a race condition, e.g. if two workers or handlers are
-            // processing the file at once, for example.
-            throw new Error('internal: invalid state');
-        }
-        const lengthAsUint32 = new Uint32Array(1);
-        lengthAsUint32[0] = iv;
-        const lengthAsUint24 = new Uint8Array(lengthAsUint32.buffer);
-        // NOTE: We are only interested in only first 3 bytes.
-        const ivVector = new Uint8Array(index_js_1.Client.IV_SIZE).fill(0);
-        ivVector[9] = lengthAsUint24[2];
-        ivVector[10] = lengthAsUint24[1];
-        ivVector[11] = lengthAsUint24[0];
-        // Increment the IV
-        if (iv == 16777215) {
-            delete this.iv;
-        }
-        else {
-            this.iv = iv + 1;
-        }
-        return ivVector;
-    }
-}
-exports.NanoTDFDatasetClient = NanoTDFDatasetClient;
-// Total unique IVs(2^24 -1) used for encrypting the nano tdf payloads
-// IV starts from 1 since the 0 IV is reserved for policy encryption
-NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS = 8388606;
-/**
- * Authorization for connecting authZ tokens to
- * remote requests.
- */
-exports.AuthProviders = __importStar(require("./auth/providers.js"));
 var version_js_1 = require("./version.js");
 Object.defineProperty(exports, "version", { enumerable: true, get: function () { return version_js_1.version; } });
 Object.defineProperty(exports, "clientType", { enumerable: true, get: function () { return version_js_1.clientType; } });
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxpREFTNEI7QUFDNUIsd0RBQXlEO0FBQ3pELCtDQUF5QztBQUV6QyxpRUFBMkQ7QUFDM0QsMkNBQStDO0FBRS9DLDJDQUFpRDtBQUNqRCwwQ0FBd0Q7QUFBL0MsK0dBQUEscUJBQXFCLE9BQUE7QUFPOUIseUJBQXlCO0FBQ3pCLE1BQU0sY0FBYyxHQUFtQjtJQUNyQyxZQUFZLEVBQUUsS0FBSztDQUNwQixDQUFDO0FBRUY7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQTJCRztBQUNILE1BQWEsYUFBYyxTQUFRLGlCQUFNO0lBQ3ZDOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQUMsVUFBNkM7UUFDekQsbUJBQW1CO1FBQ25CLE1BQU0sT0FBTyxHQUFHLGtCQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXpDLDBEQUEwRDtRQUMxRCxNQUFNLE9BQU8sR0FBRyxPQUFPLENBQUM7UUFDeEIsTUFBTSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxlQUFlLEVBQUUsQ0FBQztRQUVoRCw4QkFBOEI7UUFDOUIsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUMvQixPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixNQUFNLEVBQ04sT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsRUFDakMsT0FBTyxDQUNSLENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1NBQ2pEO1FBQ0QseUJBQXlCO1FBQ3pCLE9BQU8sSUFBQSxrQkFBTyxFQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLGdCQUFnQixDQUFDLFVBQTZDO1FBQ2xFLG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxrQkFBTyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQzFELE1BQU0sYUFBYSxHQUFHLE9BQU8sQ0FBQztRQUM5Qiw4QkFBOEI7UUFDOUIsTUFBTSxHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUM5QixPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixPQUFPLENBQUMsTUFBTSxDQUFDLGVBQWUsRUFBRSxFQUNoQyxPQUFPLENBQUMsTUFBTSxDQUFDLGtCQUFrQixFQUNqQyxhQUFhLENBQ2QsQ0FBQztRQUVGLElBQUksQ0FBQyxHQUFHLEVBQUU7WUFDUixNQUFNLElBQUksS0FBSyxDQUFDLHlCQUF5QixDQUFDLENBQUM7U0FDNUM7UUFDRCx5QkFBeUI7UUFDekIsT0FBTyxJQUFBLGtCQUFPLEVBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FDWCxJQUF1QyxFQUN2QyxPQUF3QjtRQUV4QiwwREFBMEQ7UUFDMUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztRQUNyRCxNQUFNLG9CQUFvQixHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFckMsSUFBSSxPQUFPLG9CQUFvQixLQUFLLFFBQVEsRUFBRTtZQUM1QyxNQUFNLElBQUksOEJBQWtCLENBQzFCLDJFQUEyRSxDQUM1RSxDQUFDO1NBQ0g7UUFDRCxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFZixJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRTtZQUNuQixJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sSUFBQSw0QkFBZ0IsRUFBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7U0FDdEQ7UUFFRCw4QkFBOEI7UUFDOUIsTUFBTSxNQUFNLEdBQUcsSUFBSSxrQkFBTSxFQUFFLENBQUM7UUFFNUIsdUJBQXVCO1FBQ3ZCLEtBQUssTUFBTSxhQUFhLElBQUksSUFBSSxDQUFDLGNBQWMsRUFBRTtZQUMvQyxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUEsb0NBQWUsRUFBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLFNBQVMsRUFBRSxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDcEYsTUFBTSxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUMsQ0FBQztTQUNoQztRQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRTtZQUMvRCxPQUFPLENBQUMsSUFBSSxDQUNWLHFKQUFxSixDQUN0SixDQUFDO1NBQ0g7UUFFRCxzQkFBc0I7UUFDdEIsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUM7UUFFMUMsa0VBQWtFO1FBQ2xFLDhCQUE4QjtRQUM5QixNQUFNLGNBQWMsR0FBRyxJQUFJLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUMxQyxjQUFjLENBQUMsQ0FBQyxDQUFDLEdBQUcsb0JBQW9CLENBQUM7UUFFekMsTUFBTSxjQUFjLEdBQUcsSUFBSSxVQUFVLENBQUMsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTdELHNEQUFzRDtRQUN0RCxNQUFNLFNBQVMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDN0MsU0FBUyxDQUFDLENBQUMsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqQyxTQUFTLENBQUMsRUFBRSxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xDLFNBQVMsQ0FBQyxFQUFFLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFbEMsTUFBTSxhQUFhLEdBQW1CLEVBQUUsR0FBRyxjQUFjLEVBQUUsR0FBRyxPQUFPLEVBQUUsQ0FBQztRQUN4RSxPQUFPLElBQUEsa0JBQU8sRUFDWixpQkFBaUIsRUFDakIsSUFBSSxDQUFDLFNBQVMsRUFDZCxnQkFBZ0IsRUFDaEIsU0FBUyxFQUNULElBQUksRUFDSixhQUFhLENBQUMsWUFBWSxDQUMzQixDQUFDO0lBQ0osQ0FBQztDQUNGO0FBN0hELHNDQTZIQztBQU1EOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0F3Qkc7QUFDSCxNQUFhLG9CQUFxQixTQUFRLGlCQUFNO0lBYTlDOzs7Ozs7Ozs7OztPQVdHO0lBQ0gsWUFBWSxJQUFtQjtRQUM3QixJQUNFLElBQUksQ0FBQyxnQkFBZ0I7WUFDckIsSUFBSSxDQUFDLGdCQUFnQixHQUFHLG9CQUFvQixDQUFDLHVCQUF1QixFQUNwRTtZQUNBLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsd0NBQXdDLG9CQUFvQixDQUFDLHVCQUF1QixHQUFHLENBQ3hGLENBQUM7U0FDSDtRQUNELEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUVaLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixJQUFJLG9CQUFvQixDQUFDLHVCQUF1QixDQUFDO1FBQzdGLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxDQUFDLENBQUM7SUFDN0IsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxPQUFPLENBQ1gsSUFBdUMsRUFDdkMsT0FBd0I7UUFFeEIsaUJBQWlCO1FBQ2pCLElBQUksSUFBSSxDQUFDLGlCQUFpQixJQUFJLENBQUMsRUFBRTtZQUMvQixNQUFNLGFBQWEsR0FBbUIsRUFBRSxHQUFHLGNBQWMsRUFBRSxHQUFHLE9BQU8sRUFBRSxDQUFDO1lBQ3hFLElBQUksQ0FBQyxZQUFZLEdBQUcsYUFBYSxDQUFDLFlBQVksQ0FBQztZQUMvQywwREFBMEQ7WUFDMUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztZQUVyRCxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRTtnQkFDbkIsSUFBSSxDQUFDLFNBQVMsR0FBRyxNQUFNLElBQUEsNEJBQWdCLEVBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO2FBQ3REO1lBRUQsOEJBQThCO1lBQzlCLE1BQU0sTUFBTSxHQUFHLElBQUksa0JBQU0sRUFBRSxDQUFDO1lBRTVCLHVCQUF1QjtZQUN2QixLQUFLLE1BQU0sYUFBYSxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUU7Z0JBQy9DLE1BQU0sU0FBUyxHQUFHLE1BQU0sSUFBQSxvQ0FBZSxFQUFDLGFBQWEsRUFBRSxJQUFJLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztnQkFDcEYsTUFBTSxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUMsQ0FBQzthQUNoQztZQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRTtnQkFDL0QsT0FBTyxDQUFDLElBQUksQ0FDVixxSkFBcUosQ0FDdEosQ0FBQzthQUNIO1lBRUQsc0JBQXNCO1lBQ3RCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBRTFDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUVuQyw0QkFBNEI7WUFDNUIsSUFBSSxDQUFDLFlBQVksR0FBRyxNQUFNLElBQUEsdUJBQVksRUFDcEMsZ0JBQWdCLENBQUMsVUFBVSxFQUMzQixNQUFNLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxFQUN4QixNQUFNLElBQUEsc0JBQVcsRUFBQyx3QkFBYSxDQUFDLGtCQUFrQixDQUFDLENBQ3BELENBQUM7WUFFRixNQUFNLGFBQWEsR0FBRyxNQUFNLElBQUEsa0JBQU8sRUFDakMsaUJBQWlCLEVBQ2pCLElBQUksQ0FBQyxTQUFTLEVBQ2QsZ0JBQWdCLEVBQ2hCLFFBQVEsRUFDUixJQUFJLEVBQ0osSUFBSSxDQUFDLFlBQVksQ0FDbEIsQ0FBQztZQUVGLG1EQUFtRDtZQUNuRCxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtnQkFDdEIsTUFBTSxPQUFPLEdBQUcsa0JBQU8sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7Z0JBQzVDLElBQUksQ0FBQyxZQUFZLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQzthQUNwQztZQUVELElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUM7WUFFNUIsT0FBTyxhQUFhLENBQUM7U0FDdEI7UUFFRCxJQUFJLENBQUMsaUJBQWlCLElBQUksQ0FBQyxDQUFDO1FBRTVCLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFO1lBQ3RCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO1NBQzlFO1FBQ0QsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDdEIsTUFBTSxJQUFJLDhCQUFrQixDQUFDLG1DQUFtQyxDQUFDLENBQUM7U0FDbkU7UUFFRCxJQUFJLENBQUMsaUJBQWlCLElBQUksQ0FBQyxDQUFDO1FBQzVCLElBQUksSUFBSSxDQUFDLGlCQUFpQixJQUFJLElBQUksQ0FBQyxlQUFlLEVBQUU7WUFDbEQsMEJBQTBCO1lBQzFCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxDQUFDLENBQUM7U0FDNUI7UUFFRCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFbkMsT0FBTyxJQUFBLHlCQUFjLEVBQUMsSUFBSSxDQUFDLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWSxFQUFFLFFBQVEsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUM5RSxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxVQUE2QztRQUN6RCxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsa0JBQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7UUFFekMsSUFBSSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsRUFBRTtZQUM1QixnQkFBZ0I7WUFDaEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7U0FDdkM7UUFFRCxpQkFBaUI7UUFDakIsSUFBSSxJQUFJLENBQUMsa0JBQWtCLENBQUMsUUFBUSxFQUFFLElBQUksT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsRUFBRTtZQUN0RixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDO1lBQy9CLElBQUksQ0FBQyxJQUFJLEVBQUU7Z0JBQ1Qsb0NBQW9DO2dCQUNwQyxNQUFNLElBQUksS0FBSyxDQUFDLDhCQUE4QixDQUFDLENBQUM7YUFDakQ7WUFDRCx5QkFBeUI7WUFDekIsT0FBTyxJQUFBLGtCQUFPLEVBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1NBQy9CO2FBQU07WUFDTCxPQUFPLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztTQUN2QztJQUNILENBQUM7SUFFRCxLQUFLLENBQUMsZ0JBQWdCLENBQUMsT0FBZ0I7UUFDckMsMERBQTBEO1FBQzFELE1BQU0sT0FBTyxHQUFHLE9BQU8sQ0FBQztRQUN4Qiw4QkFBOEI7UUFDOUIsTUFBTSxJQUFJLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUMvQixPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixPQUFPLENBQUMsTUFBTSxDQUFDLGVBQWUsRUFBRSxFQUNoQyxPQUFPLENBQUMsTUFBTSxDQUFDLGtCQUFrQixFQUNqQyxPQUFPLENBQ1IsQ0FBQztRQUNGLElBQUksQ0FBQyxJQUFJLEVBQUU7WUFDVCxvQ0FBb0M7WUFDcEMsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1NBQ2pEO1FBRUQsSUFBSSxDQUFDLGtCQUFrQixHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUM7UUFDNUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLENBQUM7UUFFekIseUJBQXlCO1FBQ3pCLE9BQU8sSUFBQSxrQkFBTyxFQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNoQyxDQUFDO0lBRUQsVUFBVTtRQUNSLE1BQU0sRUFBRSxHQUFHLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDbkIsSUFBSSxFQUFFLEtBQUssU0FBUyxFQUFFO1lBQ3BCLHlEQUF5RDtZQUN6RCxNQUFNLElBQUksOEJBQWtCLENBQUMsY0FBYyxDQUFDLENBQUM7U0FDOUM7UUFDRCw0QkFBNEI7UUFDNUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxRQUFTLEdBQUcsRUFBRSxFQUFFO1lBQ3RELHFFQUFxRTtZQUNyRSx1RUFBdUU7WUFDdkUsNENBQTRDO1lBQzVDLE1BQU0sSUFBSSxLQUFLLENBQUMseUJBQXlCLENBQUMsQ0FBQztTQUM1QztRQUVELE1BQU0sY0FBYyxHQUFHLElBQUksV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsR0FBRyxFQUFFLENBQUM7UUFFdkIsTUFBTSxjQUFjLEdBQUcsSUFBSSxVQUFVLENBQUMsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTdELHNEQUFzRDtRQUN0RCxNQUFNLFFBQVEsR0FBRyxJQUFJLFVBQVUsQ0FBQyxpQkFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUN4RCxRQUFRLENBQUMsQ0FBQyxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2hDLFFBQVEsQ0FBQyxFQUFFLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVqQyxtQkFBbUI7UUFDbkIsSUFBSSxFQUFFLElBQUksUUFBUyxFQUFFO1lBQ25CLE9BQU8sSUFBSSxDQUFDLEVBQUUsQ0FBQztTQUNoQjthQUFNO1lBQ0wsSUFBSSxDQUFDLEVBQUUsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1NBQ2xCO1FBRUQsT0FBTyxRQUFRLENBQUM7SUFDbEIsQ0FBQzs7QUF0Tkgsb0RBdU5DO0FBdE5DLHNFQUFzRTtBQUN0RSxvRUFBb0U7QUFDcEQsNENBQXVCLEdBQUcsT0FBTyxDQUFDO0FBc05wRDs7O0dBR0c7QUFDSCxxRUFBcUQ7QUFDckQsMkNBQW1EO0FBQTFDLHFHQUFBLE9BQU8sT0FBQTtBQUFFLHdHQUFBLFVBQVUsT0FBQSJ9
+Object.defineProperty(exports, "tdfSpecVersion", { enumerable: true, get: function () { return version_js_1.tdfSpecVersion; } });
+__exportStar(require("./opentdf.js"), exports);
+__exportStar(require("./seekable.js"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsMENBQThGO0FBQWpELHNHQUFBLFdBQVcsT0FBQTtBQUFFLHNHQUFBLFdBQVcsT0FBQTtBQUNyRSxxRUFBcUQ7QUFDckQsMENBQXdEO0FBQS9DLCtHQUFBLHFCQUFxQixPQUFBO0FBQzlCLDJDQUFtRTtBQUExRCxxR0FBQSxPQUFPLE9BQUE7QUFBRSx3R0FBQSxVQUFVLE9BQUE7QUFBRSw0R0FBQSxjQUFjLE9BQUE7QUFDNUMsK0NBQTZCO0FBQzdCLGdEQUE4QiJ9