@opentdf/sdk 0.2.0-beta.1758 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +45 -38
- package/dist/cjs/src/access.js +47 -11
- package/dist/cjs/src/auth/auth.js +5 -5
- package/dist/cjs/src/auth/oidc-clientcredentials-provider.js +1 -1
- package/dist/cjs/src/auth/oidc-externaljwt-provider.js +1 -1
- package/dist/cjs/src/auth/oidc-refreshtoken-provider.js +1 -1
- package/dist/cjs/src/auth/oidc.js +1 -1
- package/dist/cjs/src/auth/providers.js +1 -1
- package/dist/cjs/src/concurrency.js +3 -4
- package/dist/cjs/src/encodings/base64.js +4 -4
- package/dist/cjs/src/encodings/hex.js +5 -6
- package/dist/cjs/src/encodings/index.js +18 -8
- package/dist/cjs/src/errors.js +1 -1
- package/dist/cjs/src/index.js +28 -318
- package/dist/cjs/src/nanoclients.js +285 -0
- package/dist/cjs/src/nanoindex.js +47 -0
- package/dist/cjs/src/nanotdf/Client.js +18 -8
- package/dist/cjs/src/nanotdf/NanoTDF.js +1 -1
- package/dist/cjs/src/nanotdf/decrypt.js +2 -2
- package/dist/cjs/src/nanotdf/encrypt-dataset.js +2 -2
- package/dist/cjs/src/nanotdf/encrypt.js +2 -2
- package/dist/cjs/src/nanotdf/helpers/calculateByCurve.js +3 -4
- package/dist/cjs/src/nanotdf/helpers/getHkdfSalt.js +2 -2
- package/dist/cjs/src/nanotdf/models/Ciphers.js +3 -3
- package/dist/cjs/src/nanotdf/models/EcCurves.js +3 -3
- package/dist/cjs/src/nanotdf/models/Header.js +1 -1
- package/dist/cjs/src/nanotdf/models/Payload.js +1 -1
- package/dist/cjs/src/nanotdf/models/Policy/AbstractPolicy.js +1 -1
- package/dist/cjs/src/nanotdf/models/Policy/EmbeddedPolicy.js +1 -1
- package/dist/cjs/src/nanotdf/models/Policy/PolicyFactory.js +1 -1
- package/dist/cjs/src/nanotdf/models/ResourceLocator.js +1 -1
- package/dist/cjs/src/nanotdf/models/Signature.js +1 -1
- package/dist/cjs/src/nanotdf-crypto/ciphers.js +1 -1
- package/dist/cjs/src/nanotdf-crypto/decrypt.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/digest.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/ecdsaSignature.js +4 -5
- package/dist/cjs/src/nanotdf-crypto/encrypt.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/exportCryptoKey.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/generateKeyPair.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/generateRandomNumber.js +2 -2
- package/dist/cjs/src/nanotdf-crypto/index.js +21 -13
- package/dist/cjs/src/nanotdf-crypto/keyAgreement.js +10 -8
- package/dist/cjs/src/nanotdf-crypto/pemPublicToCrypto.js +20 -11
- package/dist/cjs/src/opentdf.js +251 -0
- package/dist/cjs/src/policy/api.js +2 -3
- package/dist/cjs/src/policy/granter.js +3 -4
- package/dist/cjs/src/seekable.js +157 -0
- package/dist/cjs/src/tdf/AttributeObject.js +2 -4
- package/dist/cjs/src/tdf/Policy.js +1 -2
- package/dist/cjs/src/utils.js +12 -14
- package/dist/cjs/src/version.js +6 -2
- package/dist/cjs/tdf3/index.js +27 -15
- package/dist/cjs/tdf3/src/assertions.js +25 -11
- package/dist/cjs/tdf3/src/binary.js +1 -1
- package/dist/cjs/tdf3/src/ciphers/aes-gcm-cipher.js +1 -1
- package/dist/cjs/tdf3/src/ciphers/symmetric-cipher-base.js +1 -1
- package/dist/cjs/tdf3/src/client/DecoratedReadableStream.js +7 -74
- package/dist/cjs/tdf3/src/client/builders.js +26 -22
- package/dist/cjs/tdf3/src/client/index.js +88 -61
- package/dist/cjs/tdf3/src/client/validation.js +3 -3
- package/dist/cjs/tdf3/src/crypto/crypto-utils.js +1 -1
- package/dist/cjs/tdf3/src/crypto/index.js +18 -18
- package/dist/cjs/tdf3/src/index.js +22 -11
- package/dist/cjs/tdf3/src/models/attribute-set.js +1 -1
- package/dist/cjs/tdf3/src/models/encryption-information.js +3 -3
- package/dist/cjs/tdf3/src/models/key-access.js +67 -35
- package/dist/cjs/tdf3/src/models/policy.js +3 -3
- package/dist/cjs/tdf3/src/tdf.js +177 -151
- package/dist/cjs/tdf3/src/utils/buffer-crc32.js +2 -3
- package/dist/cjs/tdf3/src/utils/index.js +30 -28
- package/dist/cjs/tdf3/src/utils/keysplit.js +4 -5
- package/dist/cjs/tdf3/src/utils/unwrap.js +21 -0
- package/dist/cjs/tdf3/src/utils/zip-reader.js +4 -4
- package/dist/cjs/tdf3/src/utils/zip-writer.js +4 -4
- package/dist/types/src/access.d.ts +3 -0
- package/dist/types/src/access.d.ts.map +1 -1
- package/dist/types/src/auth/providers.d.ts.map +1 -1
- package/dist/types/src/index.d.ts +5 -136
- package/dist/types/src/index.d.ts.map +1 -1
- package/dist/types/src/nanoclients.d.ts +107 -0
- package/dist/types/src/nanoclients.d.ts.map +1 -0
- package/dist/types/src/nanoindex.d.ts +5 -0
- package/dist/types/src/nanoindex.d.ts.map +1 -0
- package/dist/types/src/nanotdf/enum/CipherEnum.d.ts +1 -1
- package/dist/types/src/nanotdf/enum/CipherEnum.d.ts.map +1 -1
- package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts +1 -1
- package/dist/types/src/nanotdf/enum/PolicyTypeEnum.d.ts.map +1 -1
- package/dist/types/src/nanotdf/models/DefaultParams.d.ts +1 -1
- package/dist/types/src/nanotdf/models/ResourceLocator.d.ts.map +1 -1
- package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts +1 -1
- package/dist/types/src/nanotdf-crypto/generateKeyPair.d.ts.map +1 -1
- package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts +1 -1
- package/dist/types/src/nanotdf-crypto/generateRandomNumber.d.ts.map +1 -1
- package/dist/types/src/nanotdf-crypto/index.d.ts +2 -3
- package/dist/types/src/nanotdf-crypto/index.d.ts.map +1 -1
- package/dist/types/src/nanotdf-crypto/keyAgreement.d.ts.map +1 -1
- package/dist/types/src/opentdf.d.ts +110 -0
- package/dist/types/src/opentdf.d.ts.map +1 -0
- package/dist/types/src/seekable.d.ts +39 -0
- package/dist/types/src/seekable.d.ts.map +1 -0
- package/dist/types/src/tdf/AttributeObject.d.ts +0 -2
- package/dist/types/src/tdf/AttributeObject.d.ts.map +1 -1
- package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts +2 -2
- package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map +1 -1
- package/dist/types/src/tdf/Policy.d.ts.map +1 -1
- package/dist/types/src/tdf/PolicyObject.d.ts +0 -1
- package/dist/types/src/tdf/PolicyObject.d.ts.map +1 -1
- package/dist/types/src/utils.d.ts +0 -1
- package/dist/types/src/utils.d.ts.map +1 -1
- package/dist/types/src/version.d.ts +4 -0
- package/dist/types/src/version.d.ts.map +1 -1
- package/dist/types/tdf3/index.d.ts +3 -2
- package/dist/types/tdf3/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/assertions.d.ts +3 -3
- package/dist/types/tdf3/src/assertions.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts +1 -13
- package/dist/types/tdf3/src/client/DecoratedReadableStream.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/builders.d.ts +43 -37
- package/dist/types/tdf3/src/client/builders.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/index.d.ts +8 -9
- package/dist/types/tdf3/src/client/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/client/validation.d.ts +3 -3
- package/dist/types/tdf3/src/client/validation.d.ts.map +1 -1
- package/dist/types/tdf3/src/crypto/crypto-utils.d.ts.map +1 -1
- package/dist/types/tdf3/src/index.d.ts +1 -1
- package/dist/types/tdf3/src/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/models/key-access.d.ts +63 -15
- package/dist/types/tdf3/src/models/key-access.d.ts.map +1 -1
- package/dist/types/tdf3/src/models/manifest.d.ts +2 -0
- package/dist/types/tdf3/src/models/manifest.d.ts.map +1 -1
- package/dist/types/tdf3/src/models/policy.d.ts +0 -1
- package/dist/types/tdf3/src/models/policy.d.ts.map +1 -1
- package/dist/types/tdf3/src/tdf.d.ts +20 -24
- package/dist/types/tdf3/src/tdf.d.ts.map +1 -1
- package/dist/types/tdf3/src/utils/index.d.ts +0 -2
- package/dist/types/tdf3/src/utils/index.d.ts.map +1 -1
- package/dist/types/tdf3/src/utils/unwrap.d.ts +2 -0
- package/dist/types/tdf3/src/utils/unwrap.d.ts.map +1 -0
- package/dist/types/tdf3/src/utils/zip-reader.d.ts +1 -1
- package/dist/types/tdf3/src/utils/zip-reader.d.ts.map +1 -1
- package/dist/types/tdf3/src/utils/zip-writer.d.ts +2 -2
- package/dist/web/src/access.js +40 -7
- package/dist/web/src/auth/auth.js +1 -1
- package/dist/web/src/auth/oidc-clientcredentials-provider.js +1 -1
- package/dist/web/src/auth/oidc-externaljwt-provider.js +1 -1
- package/dist/web/src/auth/oidc-refreshtoken-provider.js +1 -1
- package/dist/web/src/auth/oidc.js +1 -1
- package/dist/web/src/auth/providers.js +1 -1
- package/dist/web/src/concurrency.js +1 -1
- package/dist/web/src/encodings/base64.js +1 -1
- package/dist/web/src/encodings/hex.js +1 -1
- package/dist/web/src/errors.js +1 -1
- package/dist/web/src/index.js +6 -310
- package/dist/web/src/nanoclients.js +280 -0
- package/dist/web/src/nanoindex.js +5 -0
- package/dist/web/src/nanotdf/Client.js +1 -1
- package/dist/web/src/nanotdf/NanoTDF.js +1 -1
- package/dist/web/src/nanotdf/encrypt-dataset.js +1 -1
- package/dist/web/src/nanotdf/encrypt.js +1 -1
- package/dist/web/src/nanotdf/models/Ciphers.js +1 -1
- package/dist/web/src/nanotdf/models/EcCurves.js +1 -1
- package/dist/web/src/nanotdf/models/Header.js +1 -1
- package/dist/web/src/nanotdf/models/Payload.js +1 -1
- package/dist/web/src/nanotdf/models/Policy/AbstractPolicy.js +1 -1
- package/dist/web/src/nanotdf/models/Policy/EmbeddedPolicy.js +1 -1
- package/dist/web/src/nanotdf/models/Policy/PolicyFactory.js +1 -1
- package/dist/web/src/nanotdf/models/ResourceLocator.js +1 -1
- package/dist/web/src/nanotdf/models/Signature.js +1 -1
- package/dist/web/src/nanotdf-crypto/ciphers.js +1 -1
- package/dist/web/src/nanotdf-crypto/ecdsaSignature.js +1 -1
- package/dist/web/src/nanotdf-crypto/generateKeyPair.js +2 -2
- package/dist/web/src/nanotdf-crypto/generateRandomNumber.js +2 -2
- package/dist/web/src/nanotdf-crypto/index.js +3 -4
- package/dist/web/src/nanotdf-crypto/keyAgreement.js +9 -6
- package/dist/web/src/nanotdf-crypto/pemPublicToCrypto.js +1 -1
- package/dist/web/src/opentdf.js +242 -0
- package/dist/web/src/policy/api.js +1 -1
- package/dist/web/src/policy/granter.js +1 -1
- package/dist/web/src/seekable.js +148 -0
- package/dist/web/src/tdf/AttributeObject.js +1 -2
- package/dist/web/src/tdf/Policy.js +1 -2
- package/dist/web/src/utils.js +2 -3
- package/dist/web/src/version.js +5 -1
- package/dist/web/tdf3/index.js +3 -2
- package/dist/web/tdf3/src/assertions.js +21 -6
- package/dist/web/tdf3/src/binary.js +1 -1
- package/dist/web/tdf3/src/ciphers/aes-gcm-cipher.js +1 -1
- package/dist/web/tdf3/src/ciphers/symmetric-cipher-base.js +1 -1
- package/dist/web/tdf3/src/client/DecoratedReadableStream.js +4 -68
- package/dist/web/tdf3/src/client/builders.js +26 -22
- package/dist/web/tdf3/src/client/index.js +69 -52
- package/dist/web/tdf3/src/client/validation.js +1 -1
- package/dist/web/tdf3/src/crypto/crypto-utils.js +1 -1
- package/dist/web/tdf3/src/crypto/index.js +1 -1
- package/dist/web/tdf3/src/index.js +2 -2
- package/dist/web/tdf3/src/models/attribute-set.js +1 -1
- package/dist/web/tdf3/src/models/encryption-information.js +3 -3
- package/dist/web/tdf3/src/models/key-access.js +47 -24
- package/dist/web/tdf3/src/models/policy.js +1 -1
- package/dist/web/tdf3/src/tdf.js +149 -130
- package/dist/web/tdf3/src/utils/buffer-crc32.js +1 -1
- package/dist/web/tdf3/src/utils/index.js +1 -5
- package/dist/web/tdf3/src/utils/keysplit.js +1 -1
- package/dist/web/tdf3/src/utils/unwrap.js +18 -0
- package/dist/web/tdf3/src/utils/zip-reader.js +1 -1
- package/dist/web/tdf3/src/utils/zip-writer.js +1 -1
- package/package.json +45 -42
- package/src/access.ts +37 -1
- package/src/index.ts +5 -435
- package/src/nanoclients.ts +405 -0
- package/src/nanoindex.ts +4 -0
- package/src/nanotdf-crypto/generateKeyPair.ts +1 -1
- package/src/nanotdf-crypto/generateRandomNumber.ts +1 -1
- package/src/nanotdf-crypto/index.ts +2 -3
- package/src/nanotdf-crypto/keyAgreement.ts +14 -7
- package/src/opentdf.ts +473 -0
- package/{tdf3/src/utils/chunkers.ts → src/seekable.ts} +69 -20
- package/src/tdf/AttributeObject.ts +0 -3
- package/src/tdf/Policy.ts +0 -1
- package/src/tdf/PolicyObject.ts +0 -1
- package/src/utils.ts +1 -3
- package/src/version.ts +5 -0
- package/tdf3/index.ts +14 -2
- package/tdf3/src/assertions.ts +33 -8
- package/tdf3/src/client/DecoratedReadableStream.ts +2 -78
- package/tdf3/src/client/builders.ts +44 -26
- package/tdf3/src/client/index.ts +101 -86
- package/tdf3/src/index.ts +1 -1
- package/tdf3/src/models/encryption-information.ts +2 -2
- package/tdf3/src/models/key-access.ts +120 -38
- package/tdf3/src/models/manifest.ts +3 -0
- package/tdf3/src/models/policy.ts +0 -1
- package/tdf3/src/tdf.ts +251 -207
- package/tdf3/src/utils/index.ts +0 -5
- package/tdf3/src/utils/unwrap.ts +17 -0
- package/tdf3/src/utils/zip-reader.ts +1 -1
- package/dist/cjs/src/nanotdf-crypto/importRawKey.js +0 -18
- package/dist/cjs/tdf3/src/templates/default.html.js +0 -98
- package/dist/cjs/tdf3/src/templates/escaper.js +0 -15
- package/dist/cjs/tdf3/src/templates/index.js +0 -12
- package/dist/cjs/tdf3/src/utils/chunkers.js +0 -114
- package/dist/cjs/tdf3/src/version.js +0 -6
- package/dist/types/src/nanotdf-crypto/importRawKey.d.ts +0 -13
- package/dist/types/src/nanotdf-crypto/importRawKey.d.ts.map +0 -1
- package/dist/types/tdf3/src/templates/default.html.d.ts +0 -8
- package/dist/types/tdf3/src/templates/default.html.d.ts.map +0 -1
- package/dist/types/tdf3/src/templates/escaper.d.ts +0 -6
- package/dist/types/tdf3/src/templates/escaper.d.ts.map +0 -1
- package/dist/types/tdf3/src/templates/index.d.ts +0 -3
- package/dist/types/tdf3/src/templates/index.d.ts.map +0 -1
- package/dist/types/tdf3/src/utils/chunkers.d.ts +0 -29
- package/dist/types/tdf3/src/utils/chunkers.d.ts.map +0 -1
- package/dist/types/tdf3/src/version.d.ts +0 -3
- package/dist/types/tdf3/src/version.d.ts.map +0 -1
- package/dist/web/src/nanotdf-crypto/importRawKey.js +0 -15
- package/dist/web/tdf3/src/templates/default.html.js +0 -96
- package/dist/web/tdf3/src/templates/escaper.js +0 -10
- package/dist/web/tdf3/src/templates/index.js +0 -3
- package/dist/web/tdf3/src/utils/chunkers.js +0 -107
- package/dist/web/tdf3/src/version.js +0 -3
- package/src/nanotdf-crypto/importRawKey.ts +0 -19
- package/tdf3/src/templates/default.html.ts +0 -105
- package/tdf3/src/templates/escaper.ts +0 -10
- package/tdf3/src/templates/index.ts +0 -2
- package/tdf3/src/version.ts +0 -2
|
@@ -15,20 +15,31 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
|
|
|
15
15
|
}) : function(o, v) {
|
|
16
16
|
o["default"] = v;
|
|
17
17
|
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
};
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
25
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.
|
|
36
|
+
exports.version = exports.tdfSpecVersion = exports.clientType = exports.Errors = exports.TDF3Client = exports.Client = void 0;
|
|
27
37
|
exports.Client = __importStar(require("./client/index.js"));
|
|
28
38
|
var index_js_1 = require("./client/index.js");
|
|
29
39
|
Object.defineProperty(exports, "TDF3Client", { enumerable: true, get: function () { return index_js_1.Client; } });
|
|
30
40
|
exports.Errors = __importStar(require("../../src/errors.js"));
|
|
31
|
-
var version_js_1 = require("
|
|
32
|
-
Object.defineProperty(exports, "version", { enumerable: true, get: function () { return version_js_1.version; } });
|
|
41
|
+
var version_js_1 = require("../../src/version.js");
|
|
33
42
|
Object.defineProperty(exports, "clientType", { enumerable: true, get: function () { return version_js_1.clientType; } });
|
|
34
|
-
|
|
43
|
+
Object.defineProperty(exports, "tdfSpecVersion", { enumerable: true, get: function () { return version_js_1.tdfSpecVersion; } });
|
|
44
|
+
Object.defineProperty(exports, "version", { enumerable: true, get: function () { return version_js_1.version; } });
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90ZGYzL3NyYy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw0REFBNEM7QUFDNUMsOENBQXlEO0FBQWhELHNHQUFBLE1BQU0sT0FBYztBQUM3Qiw4REFBOEM7QUFDOUMsbURBQTJFO0FBQWxFLHdHQUFBLFVBQVUsT0FBQTtBQUFFLDRHQUFBLGNBQWMsT0FBQTtBQUFFLHFHQUFBLE9BQU8sT0FBQSJ9
|
|
@@ -119,4 +119,4 @@ class AttributeSet {
|
|
|
119
119
|
}
|
|
120
120
|
}
|
|
121
121
|
exports.AttributeSet = AttributeSet;
|
|
122
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
122
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXR0cmlidXRlLXNldC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3RkZjMvc3JjL21vZGVscy9hdHRyaWJ1dGUtc2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLCtCQUFpQztBQVlqQyxNQUFhLFlBQVk7SUFPdkI7UUFKQSxZQUFPLEdBQVksS0FBSyxDQUFDO1FBS3ZCLElBQUksQ0FBQyxVQUFVLEdBQUcsRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsR0FBRyxDQUFDLFNBQVMsR0FBRyxFQUFFO1FBQ2hCLCtEQUErRDtRQUMvRCwrREFBK0Q7UUFDL0QsK0NBQStDO1FBQy9DLHNEQUFzRDtRQUN0RCxPQUFPLENBQUMsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsT0FBTyxDQUFDLFNBQVMsS0FBSyxTQUFTLENBQUMsQ0FBQztJQUM5RSxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILEdBQUcsQ0FBQyxTQUFTLEdBQUcsRUFBRTtRQUNoQiwrREFBK0Q7UUFDL0QsK0RBQStEO1FBQy9ELCtDQUErQztRQUMvQyxzREFBc0Q7UUFDdEQsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxTQUFTLElBQUksU0FBUyxDQUFDLENBQUM7UUFDbkYsT0FBTyxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7SUFDOUMsQ0FBQztJQUVEOzs7T0FHRztJQUNILFVBQVU7UUFDUixPQUFPLElBQUksQ0FBQyxnQkFBZ0IsSUFBSSxJQUFJLENBQUM7SUFDdkMsQ0FBQztJQUVEOzs7T0FHRztJQUNILE9BQU87UUFDTCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxZQUFZLENBQUMsT0FBd0I7UUFDbkMscURBQXFEO1FBQ3JELElBQUksSUFBSSxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztZQUNoQyxzRUFBc0U7WUFDdEUsNEJBQTRCO1lBQzVCLG9FQUFvRTtZQUNwRSxPQUFPLElBQUksQ0FBQyxDQUFDLGtCQUFrQjtRQUNqQyxDQUFDO1FBRUQsSUFBSSxPQUFPLENBQUMsU0FBUyxLQUFLLElBQUksRUFBRSxDQUFDO1lBQy9CLElBQUksSUFBSSxDQUFDLGdCQUFnQixJQUFJLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLEtBQUssT0FBTyxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNuRixxRUFBcUU7Z0JBQ3JFLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ3hELENBQUM7WUFDRCxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsT0FBTyxDQUFDO1FBQ2xDLENBQUM7UUFDRCxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM5QixPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILGVBQWUsQ0FBQyxPQUFPLEdBQUcsRUFBRTtRQUMxQixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ2xDLElBQUksT0FBTyxFQUFFLENBQUM7WUFDWixJQUFJLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsU0FBUyxJQUFJLE9BQU8sQ0FBQyxDQUFDO1FBQ3RGLENBQUM7UUFDRCxPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxhQUFhLENBQUMsYUFBZ0MsRUFBRTtRQUM5QyxPQUFPLFVBQVU7YUFDZCxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRTtZQUNmLE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLGtCQUFrQjtRQUN2RCxDQUFDLENBQUM7YUFDRCxNQUFNLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3RCLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsZUFBZSxDQUFDLFlBQTZCO1FBQzNDLE1BQU0sT0FBTyxHQUFHLFlBQVksRUFBRSxHQUFHLENBQUM7UUFDbEMsMEVBQTBFO1FBQzFFLDhDQUE4QztRQUM5QyxNQUFNLGNBQWMsR0FBRyxPQUFPLElBQUksSUFBQSxnQkFBUyxFQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3JELElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUNwQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFDRCxpRUFBaUU7UUFDakUsZ0VBQWdFO1FBQ2hFLGlDQUFpQztRQUNqQyxNQUFNLEVBQUUsU0FBUyxFQUFFLFdBQVcsRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsY0FBaUMsQ0FBQztRQUNyRixNQUFNLE9BQU8sR0FBb0IsRUFBRSxTQUFTLEVBQUUsV0FBVyxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsR0FBRyxFQUFFLE9BQU8sRUFBRSxDQUFDO1FBQzFGLElBQUksY0FBYyxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQzdCLE9BQU8sQ0FBQyxTQUFTLEdBQUcsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxTQUFTLENBQUM7UUFDakQsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNwQyxDQUFDO0NBQ0Y7QUFqSUQsb0NBaUlDIn0=
|
|
@@ -25,13 +25,13 @@ class SplitKey {
|
|
|
25
25
|
return this.cipher.decrypt(content, keyBinary);
|
|
26
26
|
}
|
|
27
27
|
async getKeyAccessObjects(policy, keyInfo) {
|
|
28
|
-
const splitIds = [...new Set(this.keyAccess.map(({ sid }) => sid))].sort((a, b) => a.localeCompare(b));
|
|
28
|
+
const splitIds = [...new Set(this.keyAccess.map(({ sid }) => sid))].sort((a = '', b = '') => a.localeCompare(b));
|
|
29
29
|
const unwrappedKeySplitBuffers = await (0, index_js_1.keySplit)(new Uint8Array(keyInfo.unwrappedKeyBinary.asByteArray()), splitIds.length, this.cryptoService);
|
|
30
30
|
const splitsByName = Object.fromEntries(splitIds.map((sid, index) => [sid, unwrappedKeySplitBuffers[index]]));
|
|
31
31
|
const keyAccessObjects = [];
|
|
32
32
|
for (const item of this.keyAccess) {
|
|
33
33
|
// use the key split to encrypt metadata for each key access object
|
|
34
|
-
const unwrappedKeySplitBuffer = splitsByName[item.sid];
|
|
34
|
+
const unwrappedKeySplitBuffer = splitsByName[item.sid || ''];
|
|
35
35
|
const unwrappedKeySplitBinary = binary_js_1.Binary.fromArrayBuffer(unwrappedKeySplitBuffer.buffer);
|
|
36
36
|
const metadata = item.metadata || '';
|
|
37
37
|
const metadataStr = (typeof metadata === 'object'
|
|
@@ -87,4 +87,4 @@ class SplitKey {
|
|
|
87
87
|
}
|
|
88
88
|
}
|
|
89
89
|
exports.SplitKey = SplitKey;
|
|
90
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
90
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5jcnlwdGlvbi1pbmZvcm1hdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3RkZjMvc3JjL21vZGVscy9lbmNyeXB0aW9uLWluZm9ybWF0aW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLGdEQUE2QztBQUM3Qyw4REFBOEQ7QUFDOUQsNENBQXNDO0FBVXRDLHNEQUE0RDtBQXNDNUQsTUFBYSxRQUFRO0lBSW5CLFlBQTRCLE1BQXVCO1FBQXZCLFdBQU0sR0FBTixNQUFNLENBQWlCO1FBQ2pELElBQUksQ0FBQyxhQUFhLEdBQUcsTUFBTSxDQUFDLGFBQWEsQ0FBQztRQUMxQyxJQUFJLENBQUMsU0FBUyxHQUFHLEVBQUUsQ0FBQztJQUN0QixDQUFDO0lBRUQsS0FBSyxDQUFDLFdBQVc7UUFDZixNQUFNLFlBQVksR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDckQsTUFBTSxrQkFBa0IsR0FBRyxrQkFBTSxDQUFDLFVBQVUsQ0FBQyxjQUFHLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUM7UUFDdkUsTUFBTSxvQkFBb0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQzNELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxvQkFBb0IsRUFBRSxDQUFDO0lBQ3RELENBQUM7SUFFRCxLQUFLLENBQUMsT0FBTyxDQUNYLGFBQXFCLEVBQ3JCLFNBQWlCLEVBQ2pCLGdCQUF5QjtRQUV6QixNQUFNLFFBQVEsR0FBRyxnQkFBZ0IsSUFBSSxDQUFDLE1BQU0sSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUMsQ0FBQztRQUNyRSxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFBRSxTQUFTLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDakUsQ0FBQztJQUVELEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBbUIsRUFBRSxTQUFpQjtRQUNsRCxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQsS0FBSyxDQUFDLG1CQUFtQixDQUFDLE1BQWMsRUFBRSxPQUFnQjtRQUN4RCxNQUFNLFFBQVEsR0FBRyxDQUFDLEdBQUcsSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsRUFBRSxFQUFFLEVBQUUsQ0FDMUYsQ0FBQyxDQUFDLGFBQWEsQ0FBQyxDQUFDLENBQUMsQ0FDbkIsQ0FBQztRQUNGLE1BQU0sd0JBQXdCLEdBQUcsTUFBTSxJQUFBLG1CQUFRLEVBQzdDLElBQUksVUFBVSxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxFQUN4RCxRQUFRLENBQUMsTUFBTSxFQUNmLElBQUksQ0FBQyxhQUFhLENBQ25CLENBQUM7UUFDRixNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsV0FBVyxDQUNyQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQyxHQUFHLEVBQUUsd0JBQXdCLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUNyRSxDQUFDO1FBRUYsTUFBTSxnQkFBZ0IsR0FBRyxFQUFFLENBQUM7UUFDNUIsS0FBSyxNQUFNLElBQUksSUFBSSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDbEMsbUVBQW1FO1lBQ25FLE1BQU0sdUJBQXVCLEdBQUcsWUFBWSxDQUFDLElBQUksQ0FBQyxHQUFHLElBQUksRUFBRSxDQUFDLENBQUM7WUFDN0QsTUFBTSx1QkFBdUIsR0FBRyxrQkFBTSxDQUFDLGVBQWUsQ0FBQyx1QkFBdUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUV2RixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsUUFBUSxJQUFJLEVBQUUsQ0FBQztZQUNyQyxNQUFNLFdBQVcsR0FBRyxDQUNsQixPQUFPLFFBQVEsS0FBSyxRQUFRO2dCQUMxQixDQUFDLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUM7Z0JBQzFCLENBQUMsQ0FBQyxPQUFPLFFBQVEsS0FBSyxRQUFRO29CQUM1QixDQUFDLENBQUMsUUFBUTtvQkFDVixDQUFDLENBQUMsR0FBRyxFQUFFO3dCQUNILE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsMkRBQTJELENBQzVELENBQUM7b0JBQ0osQ0FBQyxDQUNFLENBQUM7WUFFWixNQUFNLGNBQWMsR0FBRyxrQkFBTSxDQUFDLGVBQWUsQ0FBQyxJQUFJLFdBQVcsRUFBRSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDO1lBRXJGLE1BQU0sdUJBQXVCLEdBQUcsTUFBTSxJQUFJLENBQUMsT0FBTyxDQUNoRCxjQUFjLEVBQ2QsdUJBQXVCLEVBQ3ZCLE9BQU8sQ0FBQyxvQkFBb0IsQ0FDN0IsQ0FBQztZQUVGLE1BQU0sbUJBQW1CLEdBQUc7Z0JBQzFCLFVBQVUsRUFBRSxpQkFBTSxDQUFDLE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3JFLEVBQUUsRUFBRSxpQkFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsb0JBQW9CLENBQUMsUUFBUSxFQUFFLENBQUM7YUFDM0QsQ0FBQztZQUVGLE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1lBQ2pFLE1BQU0sZUFBZSxHQUFHLE1BQU0sSUFBSSxDQUFDLEtBQUssQ0FDdEMsTUFBTSxFQUNOLHVCQUF1QixFQUN2QixvQkFBb0IsQ0FDckIsQ0FBQztZQUNGLGdCQUFnQixDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUN6QyxDQUFDO1FBRUQsT0FBTyxnQkFBZ0IsQ0FBQztJQUMxQixDQUFDO0lBRUQsS0FBSyxDQUFDLGdCQUFnQjtRQUNwQixNQUFNLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsNEJBQTRCLEVBQUUsQ0FBQztRQUM1RCxPQUFPLGtCQUFNLENBQUMsVUFBVSxDQUFDLGNBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUMzQyxDQUFDO0lBRUQsS0FBSyxDQUFDLEtBQUssQ0FBQyxNQUFjLEVBQUUsT0FBZ0I7UUFDMUMsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUM7UUFDcEMsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ2YseUVBQXlFO1lBQ3pFLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO1FBQzVELENBQUM7UUFDRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxPQUFPLENBQUMsQ0FBQztRQUV6RSx1RUFBdUU7UUFDdkUsTUFBTSxpQkFBaUIsR0FBRyxpQkFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7UUFFaEUsT0FBTztZQUNMLElBQUksRUFBRSxPQUFPO1lBQ2IsU0FBUyxFQUFFLGdCQUFnQjtZQUMzQixNQUFNLEVBQUU7Z0JBQ04sU0FBUztnQkFDVCxZQUFZLEVBQUUsS0FBSztnQkFDbkIsRUFBRSxFQUFFLGlCQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxvQkFBb0IsQ0FBQyxRQUFRLEVBQUUsQ0FBQzthQUMzRDtZQUNELG9CQUFvQixFQUFFO2dCQUNwQixhQUFhLEVBQUU7b0JBQ2IsR0FBRyxFQUFFLE9BQU87b0JBQ1osR0FBRyxFQUFFLEVBQUU7aUJBQ1I7Z0JBQ0QsY0FBYyxFQUFFLE1BQU07Z0JBQ3RCLFFBQVEsRUFBRSxFQUFFO2FBQ2I7WUFDRCxNQUFNLEVBQUUsaUJBQWlCO1NBQzFCLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUF6SEQsNEJBeUhDIn0=
|
|
@@ -15,89 +15,121 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
|
|
|
15
15
|
}) : function(o, v) {
|
|
16
16
|
o["default"] = v;
|
|
17
17
|
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
};
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
25
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.
|
|
27
|
-
const binary_js_1 = require("../binary.js");
|
|
36
|
+
exports.Wrapped = exports.ECWrapped = exports.schemaVersion = void 0;
|
|
28
37
|
const index_js_1 = require("../../../src/encodings/index.js");
|
|
38
|
+
const generateRandomNumber_js_1 = require("../../../src/nanotdf-crypto/generateRandomNumber.js");
|
|
39
|
+
const keyAgreement_js_1 = require("../../../src/nanotdf-crypto/keyAgreement.js");
|
|
40
|
+
const pemPublicToCrypto_js_1 = require("../../../src/nanotdf-crypto/pemPublicToCrypto.js");
|
|
41
|
+
const utils_js_1 = require("../../../src/utils.js");
|
|
42
|
+
const binary_js_1 = require("../binary.js");
|
|
29
43
|
const cryptoService = __importStar(require("../crypto/index.js"));
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
}
|
|
33
|
-
exports.isRemote = isRemote;
|
|
34
|
-
class Wrapped {
|
|
44
|
+
exports.schemaVersion = '1.0';
|
|
45
|
+
class ECWrapped {
|
|
35
46
|
constructor(url, kid, publicKey, metadata, sid) {
|
|
36
47
|
this.url = url;
|
|
37
48
|
this.kid = kid;
|
|
38
49
|
this.publicKey = publicKey;
|
|
39
50
|
this.metadata = metadata;
|
|
40
51
|
this.sid = sid;
|
|
41
|
-
this.type = 'wrapped';
|
|
52
|
+
this.type = 'ec-wrapped';
|
|
53
|
+
this.ephemeralKeyPair = crypto.subtle.generateKey({
|
|
54
|
+
name: 'ECDH',
|
|
55
|
+
namedCurve: 'P-256',
|
|
56
|
+
}, false, ['deriveBits', 'deriveKey']);
|
|
42
57
|
}
|
|
43
|
-
async write(policy,
|
|
58
|
+
async write(policy, dek, encryptedMetadataStr) {
|
|
44
59
|
const policyStr = JSON.stringify(policy);
|
|
45
|
-
const
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
60
|
+
const [ek, clientPublicKey] = await Promise.all([
|
|
61
|
+
this.ephemeralKeyPair,
|
|
62
|
+
(0, pemPublicToCrypto_js_1.pemPublicToCrypto)(this.publicKey),
|
|
63
|
+
]);
|
|
64
|
+
const kek = await (0, keyAgreement_js_1.keyAgreement)(ek.privateKey, clientPublicKey, {
|
|
65
|
+
hkdfSalt: new TextEncoder().encode('salt'),
|
|
66
|
+
hkdfHash: 'SHA-256',
|
|
67
|
+
});
|
|
68
|
+
const iv = (0, generateRandomNumber_js_1.generateRandomNumber)(12);
|
|
69
|
+
const cek = await crypto.subtle.encrypt({ name: 'AES-GCM', iv, tagLength: 128 }, kek, dek);
|
|
70
|
+
const entityWrappedKey = new Uint8Array(iv.length + cek.byteLength);
|
|
71
|
+
entityWrappedKey.set(iv);
|
|
72
|
+
entityWrappedKey.set(new Uint8Array(cek), iv.length);
|
|
73
|
+
const policyBinding = await cryptoService.hmac(index_js_1.hex.encodeArrayBuffer(dek), index_js_1.base64.encode(policyStr));
|
|
74
|
+
const ephemeralPublicKeyPEM = await (0, utils_js_1.cryptoPublicToPem)(ek.publicKey);
|
|
75
|
+
const kao = {
|
|
76
|
+
type: 'ec-wrapped',
|
|
50
77
|
url: this.url,
|
|
51
78
|
protocol: 'kas',
|
|
52
|
-
wrappedKey: index_js_1.base64.
|
|
79
|
+
wrappedKey: index_js_1.base64.encodeArrayBuffer(entityWrappedKey),
|
|
53
80
|
encryptedMetadata: index_js_1.base64.encode(encryptedMetadataStr),
|
|
54
81
|
policyBinding: {
|
|
55
82
|
alg: 'HS256',
|
|
56
83
|
hash: index_js_1.base64.encode(policyBinding),
|
|
57
84
|
},
|
|
85
|
+
schemaVersion: exports.schemaVersion,
|
|
86
|
+
ephemeralPublicKey: ephemeralPublicKeyPEM,
|
|
58
87
|
};
|
|
59
88
|
if (this.kid) {
|
|
60
|
-
|
|
89
|
+
kao.kid = this.kid;
|
|
61
90
|
}
|
|
62
91
|
if (this.sid?.length) {
|
|
63
|
-
|
|
92
|
+
kao.sid = this.sid;
|
|
64
93
|
}
|
|
65
|
-
|
|
94
|
+
this.keyAccessObject = kao;
|
|
95
|
+
return kao;
|
|
66
96
|
}
|
|
67
97
|
}
|
|
68
|
-
exports.
|
|
69
|
-
class
|
|
98
|
+
exports.ECWrapped = ECWrapped;
|
|
99
|
+
class Wrapped {
|
|
70
100
|
constructor(url, kid, publicKey, metadata, sid) {
|
|
71
101
|
this.url = url;
|
|
72
102
|
this.kid = kid;
|
|
73
103
|
this.publicKey = publicKey;
|
|
74
104
|
this.metadata = metadata;
|
|
75
105
|
this.sid = sid;
|
|
76
|
-
this.type = '
|
|
106
|
+
this.type = 'wrapped';
|
|
77
107
|
}
|
|
78
108
|
async write(policy, keyBuffer, encryptedMetadataStr) {
|
|
79
109
|
const policyStr = JSON.stringify(policy);
|
|
80
|
-
const policyBinding = await cryptoService.hmac(index_js_1.hex.encodeArrayBuffer(keyBuffer), index_js_1.base64.encode(policyStr));
|
|
81
110
|
const unwrappedKeyBinary = binary_js_1.Binary.fromArrayBuffer(keyBuffer.buffer);
|
|
82
111
|
const wrappedKeyBinary = await cryptoService.encryptWithPublicKey(unwrappedKeyBinary, this.publicKey);
|
|
83
|
-
|
|
84
|
-
this.wrappedKey = index_js_1.base64.encode(wrappedKeyBinary.asString());
|
|
112
|
+
const policyBinding = await cryptoService.hmac(index_js_1.hex.encodeArrayBuffer(keyBuffer), index_js_1.base64.encode(policyStr));
|
|
85
113
|
this.keyAccessObject = {
|
|
86
|
-
type: '
|
|
114
|
+
type: 'wrapped',
|
|
87
115
|
url: this.url,
|
|
88
116
|
protocol: 'kas',
|
|
89
|
-
wrappedKey:
|
|
117
|
+
wrappedKey: index_js_1.base64.encode(wrappedKeyBinary.asString()),
|
|
90
118
|
encryptedMetadata: index_js_1.base64.encode(encryptedMetadataStr),
|
|
91
119
|
policyBinding: {
|
|
92
120
|
alg: 'HS256',
|
|
93
121
|
hash: index_js_1.base64.encode(policyBinding),
|
|
94
122
|
},
|
|
123
|
+
schemaVersion: exports.schemaVersion,
|
|
95
124
|
};
|
|
96
125
|
if (this.kid) {
|
|
97
126
|
this.keyAccessObject.kid = this.kid;
|
|
98
127
|
}
|
|
128
|
+
if (this.sid?.length) {
|
|
129
|
+
this.keyAccessObject.sid = this.sid;
|
|
130
|
+
}
|
|
99
131
|
return this.keyAccessObject;
|
|
100
132
|
}
|
|
101
133
|
}
|
|
102
|
-
exports.
|
|
103
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
134
|
+
exports.Wrapped = Wrapped;
|
|
135
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5LWFjY2Vzcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3RkZjMvc3JjL21vZGVscy9rZXktYWNjZXNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDhEQUE4RDtBQUM5RCxpR0FBMkY7QUFDM0YsaUZBQTJFO0FBQzNFLDJGQUFxRjtBQUNyRixvREFBMEQ7QUFDMUQsNENBQXNDO0FBQ3RDLGtFQUFvRDtBQUt2QyxRQUFBLGFBQWEsR0FBRyxLQUFLLENBQUM7QUFFbkMsTUFBYSxTQUFTO0lBS3BCLFlBQ2tCLEdBQVcsRUFDWCxHQUF1QixFQUN2QixTQUFpQixFQUNqQixRQUFpQixFQUNqQixHQUFZO1FBSlosUUFBRyxHQUFILEdBQUcsQ0FBUTtRQUNYLFFBQUcsR0FBSCxHQUFHLENBQW9CO1FBQ3ZCLGNBQVMsR0FBVCxTQUFTLENBQVE7UUFDakIsYUFBUSxHQUFSLFFBQVEsQ0FBUztRQUNqQixRQUFHLEdBQUgsR0FBRyxDQUFTO1FBVHJCLFNBQUksR0FBRyxZQUFZLENBQUM7UUFXM0IsSUFBSSxDQUFDLGdCQUFnQixHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUMvQztZQUNFLElBQUksRUFBRSxNQUFNO1lBQ1osVUFBVSxFQUFFLE9BQU87U0FDcEIsRUFDRCxLQUFLLEVBQ0wsQ0FBQyxZQUFZLEVBQUUsV0FBVyxDQUFDLENBQzVCLENBQUM7SUFDSixDQUFDO0lBRUQsS0FBSyxDQUFDLEtBQUssQ0FDVCxNQUFjLEVBQ2QsR0FBZSxFQUNmLG9CQUE0QjtRQUU1QixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3pDLE1BQU0sQ0FBQyxFQUFFLEVBQUUsZUFBZSxDQUFDLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDO1lBQzlDLElBQUksQ0FBQyxnQkFBZ0I7WUFDckIsSUFBQSx3Q0FBaUIsRUFBQyxJQUFJLENBQUMsU0FBUyxDQUFDO1NBQ2xDLENBQUMsQ0FBQztRQUNILE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBQSw4QkFBWSxFQUFDLEVBQUUsQ0FBQyxVQUFVLEVBQUUsZUFBZSxFQUFFO1lBQzdELFFBQVEsRUFBRSxJQUFJLFdBQVcsRUFBRSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUM7WUFDMUMsUUFBUSxFQUFFLFNBQVM7U0FDcEIsQ0FBQyxDQUFDO1FBQ0gsTUFBTSxFQUFFLEdBQUcsSUFBQSw4Q0FBb0IsRUFBQyxFQUFFLENBQUMsQ0FBQztRQUNwQyxNQUFNLEdBQUcsR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsU0FBUyxFQUFFLEdBQUcsRUFBRSxFQUFFLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQztRQUMzRixNQUFNLGdCQUFnQixHQUFHLElBQUksVUFBVSxDQUFDLEVBQUUsQ0FBQyxNQUFNLEdBQUcsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ3BFLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUN6QixnQkFBZ0IsQ0FBQyxHQUFHLENBQUMsSUFBSSxVQUFVLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRXJELE1BQU0sYUFBYSxHQUFHLE1BQU0sYUFBYSxDQUFDLElBQUksQ0FDNUMsY0FBRyxDQUFDLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxFQUMxQixpQkFBTSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsQ0FDekIsQ0FBQztRQUVGLE1BQU0scUJBQXFCLEdBQUcsTUFBTSxJQUFBLDRCQUFpQixFQUFDLEVBQUUsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUNwRSxNQUFNLEdBQUcsR0FBb0I7WUFDM0IsSUFBSSxFQUFFLFlBQVk7WUFDbEIsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHO1lBQ2IsUUFBUSxFQUFFLEtBQUs7WUFDZixVQUFVLEVBQUUsaUJBQU0sQ0FBQyxpQkFBaUIsQ0FBQyxnQkFBZ0IsQ0FBQztZQUN0RCxpQkFBaUIsRUFBRSxpQkFBTSxDQUFDLE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQztZQUN0RCxhQUFhLEVBQUU7Z0JBQ2IsR0FBRyxFQUFFLE9BQU87Z0JBQ1osSUFBSSxFQUFFLGlCQUFNLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQzthQUNuQztZQUNELGFBQWEsRUFBYixxQkFBYTtZQUNiLGtCQUFrQixFQUFFLHFCQUFxQjtTQUMxQyxDQUFDO1FBQ0YsSUFBSSxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDYixHQUFHLENBQUMsR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUM7UUFDckIsQ0FBQztRQUNELElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxNQUFNLEVBQUUsQ0FBQztZQUNyQixHQUFHLENBQUMsR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUM7UUFDckIsQ0FBQztRQUNELElBQUksQ0FBQyxlQUFlLEdBQUcsR0FBRyxDQUFDO1FBQzNCLE9BQU8sR0FBRyxDQUFDO0lBQ2IsQ0FBQztDQUNGO0FBdEVELDhCQXNFQztBQUVELE1BQWEsT0FBTztJQUlsQixZQUNrQixHQUFXLEVBQ1gsR0FBdUIsRUFDdkIsU0FBaUIsRUFDakIsUUFBaUIsRUFDakIsR0FBWTtRQUpaLFFBQUcsR0FBSCxHQUFHLENBQVE7UUFDWCxRQUFHLEdBQUgsR0FBRyxDQUFvQjtRQUN2QixjQUFTLEdBQVQsU0FBUyxDQUFRO1FBQ2pCLGFBQVEsR0FBUixRQUFRLENBQVM7UUFDakIsUUFBRyxHQUFILEdBQUcsQ0FBUztRQVJyQixTQUFJLEdBQUcsU0FBUyxDQUFDO0lBU3ZCLENBQUM7SUFFSixLQUFLLENBQUMsS0FBSyxDQUNULE1BQWMsRUFDZCxTQUFxQixFQUNyQixvQkFBNEI7UUFFNUIsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN6QyxNQUFNLGtCQUFrQixHQUFHLGtCQUFNLENBQUMsZUFBZSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUNwRSxNQUFNLGdCQUFnQixHQUFHLE1BQU0sYUFBYSxDQUFDLG9CQUFvQixDQUMvRCxrQkFBa0IsRUFDbEIsSUFBSSxDQUFDLFNBQVMsQ0FDZixDQUFDO1FBRUYsTUFBTSxhQUFhLEdBQUcsTUFBTSxhQUFhLENBQUMsSUFBSSxDQUM1QyxjQUFHLENBQUMsaUJBQWlCLENBQUMsU0FBUyxDQUFDLEVBQ2hDLGlCQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxDQUN6QixDQUFDO1FBRUYsSUFBSSxDQUFDLGVBQWUsR0FBRztZQUNyQixJQUFJLEVBQUUsU0FBUztZQUNmLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLFFBQVEsRUFBRSxLQUFLO1lBQ2YsVUFBVSxFQUFFLGlCQUFNLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ3RELGlCQUFpQixFQUFFLGlCQUFNLENBQUMsTUFBTSxDQUFDLG9CQUFvQixDQUFDO1lBQ3RELGFBQWEsRUFBRTtnQkFDYixHQUFHLEVBQUUsT0FBTztnQkFDWixJQUFJLEVBQUUsaUJBQU0sQ0FBQyxNQUFNLENBQUMsYUFBYSxDQUFDO2FBQ25DO1lBQ0QsYUFBYSxFQUFiLHFCQUFhO1NBQ2QsQ0FBQztRQUNGLElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ2IsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQztRQUN0QyxDQUFDO1FBQ0QsSUFBSSxJQUFJLENBQUMsR0FBRyxFQUFFLE1BQU0sRUFBRSxDQUFDO1lBQ3JCLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUM7UUFDdEMsQ0FBQztRQUVELE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQztJQUM5QixDQUFDO0NBQ0Y7QUFsREQsMEJBa0RDIn0=
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.CURRENT_VERSION = void 0;
|
|
4
|
+
exports.validatePolicyObject = validatePolicyObject;
|
|
4
5
|
const errors_js_1 = require("../../../src/errors.js");
|
|
5
6
|
exports.CURRENT_VERSION = '1.1.0';
|
|
6
7
|
function validatePolicyObject(policyMaybe) {
|
|
@@ -20,5 +21,4 @@ function validatePolicyObject(policyMaybe) {
|
|
|
20
21
|
}
|
|
21
22
|
return true;
|
|
22
23
|
}
|
|
23
|
-
|
|
24
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vdGRmMy9zcmMvbW9kZWxzL3BvbGljeS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxzREFBNEQ7QUFHL0MsUUFBQSxlQUFlLEdBQUcsT0FBTyxDQUFDO0FBYXZDLFNBQWdCLG9CQUFvQixDQUFDLFdBQW9CO0lBQ3ZELElBQUksT0FBTyxXQUFXLEtBQUssUUFBUSxFQUFFO1FBQ25DLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsc0RBQXNELFdBQVcsRUFBRSxDQUNwRSxDQUFDO0tBQ0g7SUFDRCxNQUFNLE1BQU0sR0FBRyxXQUFxQixDQUFDO0lBQ3JDLE1BQU0sYUFBYSxHQUFHLEVBQUUsQ0FBQztJQUN6QixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUk7UUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQzdDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSTtRQUFFLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQzVELElBQUksTUFBTSxDQUFDLElBQUksSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTTtRQUFFLGFBQWEsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7SUFFMUUsSUFBSSxhQUFhLENBQUMsTUFBTSxFQUFFO1FBQ3hCLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsOERBQThELGFBQWEsRUFBRSxDQUM5RSxDQUFDO0tBQ0g7SUFDRCxPQUFPLElBQUksQ0FBQztBQUNkLENBQUM7QUFsQkQsb0RBa0JDIn0=
|
|
24
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vdGRmMy9zcmMvbW9kZWxzL3BvbGljeS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFlQSxvREFrQkM7QUFqQ0Qsc0RBQTREO0FBRy9DLFFBQUEsZUFBZSxHQUFHLE9BQU8sQ0FBQztBQVl2QyxTQUFnQixvQkFBb0IsQ0FBQyxXQUFvQjtJQUN2RCxJQUFJLE9BQU8sV0FBVyxLQUFLLFFBQVEsRUFBRSxDQUFDO1FBQ3BDLE1BQU0sSUFBSSw4QkFBa0IsQ0FDMUIsc0RBQXNELFdBQVcsRUFBRSxDQUNwRSxDQUFDO0lBQ0osQ0FBQztJQUNELE1BQU0sTUFBTSxHQUFHLFdBQXFCLENBQUM7SUFDckMsTUFBTSxhQUFhLEdBQUcsRUFBRSxDQUFDO0lBQ3pCLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSTtRQUFFLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDN0MsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJO1FBQUUsYUFBYSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsYUFBYSxDQUFDLENBQUM7SUFDNUQsSUFBSSxNQUFNLENBQUMsSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNO1FBQUUsYUFBYSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUUxRSxJQUFJLGFBQWEsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUN6QixNQUFNLElBQUksOEJBQWtCLENBQzFCLDhEQUE4RCxhQUFhLEVBQUUsQ0FDOUUsQ0FBQztJQUNKLENBQUM7SUFDRCxPQUFPLElBQUksQ0FBQztBQUNkLENBQUMifQ==
|