@opentdf/sdk 0.8.0-beta.71 → 0.8.0-beta.75

package/dist/cjs/src/nanotdf/Client.js

@@ -1,315 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const protobuf_1 = require("@bufbuild/protobuf");
-const kas_pb_js_1 = require("../platform/kas/kas_pb.js");
-const index_js_1 = require("../nanotdf-crypto/index.js");
-const getHkdfSalt_js_1 = __importDefault(require("./helpers/getHkdfSalt.js"));
-const DefaultParams_js_1 = __importDefault(require("./models/DefaultParams.js"));
-const access_js_1 = require("../access.js");
-const access_rpc_js_1 = require("../../src/access/access-rpc.js");
-const providers_js_1 = require("../auth/providers.js");
-const errors_js_1 = require("../errors.js");
-const utils_js_1 = require("../utils.js");
-function toJWSAlg(c) {
-    const { algorithm } = c;
-    switch (algorithm.name) {
-        case 'RSASSA-PKCS1-v1_5':
-        case 'RSA-PSS':
-        case 'RSA-OAEP': {
-            const r = algorithm;
-            switch (r.modulusLength) {
-                case 2048:
-                    return 'RS256';
-                case 3072:
-                    return 'RS384';
-                case 4096:
-                    return 'RS512';
-            }
-            break;
-        }
-        case 'ECDSA':
-        case 'ECDH': {
-            return 'ES256';
-        }
-    }
-    throw new errors_js_1.ConfigurationError(`unsupported key algorithm ${JSON.stringify(algorithm)}`);
-}
-async function generateEphemeralKeyPair() {
-    const { publicKey, privateKey } = await (0, index_js_1.generateKeyPair)();
-    if (!privateKey || !publicKey) {
-        throw Error('Key pair generation failed');
-    }
-    return { publicKey, privateKey };
-}
-async function generateSignerKeyPair() {
-    return crypto.subtle.generateKey({
-        name: 'RSASSA-PKCS1-v1_5',
-        hash: 'SHA-256',
-        modulusLength: 2048,
-        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
-    }, true, ['sign', 'verify']);
-}
-/**
- * A Client encapsulates sessions interacting with TDF3 and nanoTDF backends, KAS and any
- * plugin-based sessions like identity and further attribute control. Most importantly, it is responsible
- * for local key and token management, including the ephemeral public/private keypairs
- * used for encrypting and decrypting information.
- *
- * @link https://developer.mozilla.org/en-US/docs/Web/API/CryptoKeyPair
- *
- * @example
- * import { Client, clientAuthProvider, decrypt, encrypt } from '@opentdf/sdk/nanotdf`
- *
- * const OIDC_ENDPOINT = 'http://localhost:65432/auth/';
- * const KAS_URL = 'http://localhost:65432/kas';
- *
- * let client = new Client(
- *    await clientAuthProvider({
- *      clientId: 'tdf-client',
- *      clientSecret: '123-456',
- *      oidcOrigin: OIDC_ENDPOINT,
- *    }),
- *    KAS_URL
- *  );
- *
- * // t=1
- * let nanoTDFEncrypted = await encrypt('some string', client.unwrappedKey);
- * let nanoTDFDecrypted = await decrypt(nanoTDFEncrypted, client.unwrappedKey);
- * nanoTDFDecrypted.toString() // 'some string'
- *
- */
-class Client {
-    /**
-     * Create new NanoTDF Client
-     *
-     * The Ephemeral Key Pair can either be provided or will be generate when fetching the entity object. Once set it
-     * cannot be changed. If a new ephemeral key is desired it a new client should be initialized.
-     * There is no performance impact for creating a new client IFF the ephemeral key pair is provided.
-     */
-    constructor(optsOrOldAuthProvider, kasUrl, ephemeralKeyPair, dpopEnabled = false) {
-        this.dissems = [];
-        this.dataAttributes = [];
-        const enwrapAuthProvider = (a) => {
-            return {
-                updateClientPublicKey: async (signingKey) => {
-                    await a.updateClientPublicKey(signingKey);
-                },
-                withCreds: async (httpReq) => {
-                    const signer = await this.requestSignerKeyPair;
-                    if (!signer) {
-                        throw new errors_js_1.ConfigurationError('failed to find or generate signer session key');
-                    }
-                    await a.updateClientPublicKey(signer);
-                    return a.withCreds(httpReq);
-                },
-            };
-        };
-        if ((0, providers_js_1.isAuthProvider)(optsOrOldAuthProvider)) {
-            this.authProvider = enwrapAuthProvider(optsOrOldAuthProvider);
-            if (!kasUrl) {
-                throw new errors_js_1.ConfigurationError('please specify kasEndpoint');
-            }
-            // TODO Disallow http KAS. For now just log as error
-            (0, utils_js_1.validateSecureUrl)(kasUrl);
-            this.kasUrl = kasUrl;
-            this.dpopEnabled = dpopEnabled;
-            if (ephemeralKeyPair) {
-                this.ephemeralKeyPair = Promise.resolve(ephemeralKeyPair);
-            }
-            else {
-                this.ephemeralKeyPair = generateEphemeralKeyPair();
-            }
-            this.iv = 1;
-        }
-        else {
-            const { allowedKases, fulfillableObligationFQNs = [], ignoreAllowList, authProvider, dpopEnabled, dpopKeys, ephemeralKeyPair, kasEndpoint, platformUrl, } = optsOrOldAuthProvider;
-            this.authProvider = enwrapAuthProvider(authProvider);
-            // TODO Disallow http KAS. For now just log as error
-            (0, utils_js_1.validateSecureUrl)(kasEndpoint);
-            this.kasUrl = kasEndpoint;
-            this.platformUrl = platformUrl;
-            if (allowedKases?.length || ignoreAllowList) {
-                this.allowedKases = new access_js_1.OriginAllowList(allowedKases || [], ignoreAllowList);
-            }
-            this.fulfillableObligationFQNs = fulfillableObligationFQNs;
-            this.dpopEnabled = !!dpopEnabled;
-            if (dpopKeys) {
-                this.requestSignerKeyPair = dpopKeys;
-            }
-            else {
-                this.requestSignerKeyPair = generateSignerKeyPair();
-            }
-            if (ephemeralKeyPair) {
-                this.ephemeralKeyPair = ephemeralKeyPair;
-            }
-            else {
-                this.ephemeralKeyPair = generateEphemeralKeyPair();
-            }
-            this.iv = 1;
-        }
-    }
-    /**
-     * Add attribute to the TDF file/data
-     *
-     * @param attribute The attribute that decides the access control of the TDF.
-     */
-    addAttribute(attribute) {
-        this.dataAttributes.push(attribute);
-    }
-    /**
-     * Rewrap key
-     *
-     * @important the `fetchEntityObject` method must be called prior to
-     * @param nanoTdfHeader the full header for the nanotdf
-     * @param kasRewrapUrl key access server's rewrap endpoint
-     * @param magicNumberVersion nanotdf container version
-     * @param clientVersion version of the client, as SemVer
-     */
-    async rewrapKey(nanoTdfHeader, kasRewrapUrl, magicNumberVersion, clientVersion) {
-        let allowedKases = this.allowedKases;
-        if (!allowedKases) {
-            allowedKases = await (0, access_js_1.fetchKeyAccessServers)(this.platformUrl, this.authProvider);
-        }
-        if (!allowedKases.allows(kasRewrapUrl)) {
-            throw new errors_js_1.UnsafeUrlError(`request URL ∉ ${allowedKases.origins};`, kasRewrapUrl);
-        }
-        const ephemeralKeyPair = await this.ephemeralKeyPair;
-        const requestSignerKeyPair = await this.requestSignerKeyPair;
-        // Ensure the ephemeral key pair has been set or generated (see fetchEntityObject)
-        if (!ephemeralKeyPair?.privateKey) {
-            throw new errors_js_1.ConfigurationError('Ephemeral key has not been set or generated');
-        }
-        if (!requestSignerKeyPair?.privateKey) {
-            throw new errors_js_1.ConfigurationError('Signer key has not been set or generated');
-        }
-        const unsignedRequest = (0, protobuf_1.create)(kas_pb_js_1.UnsignedRewrapRequestSchema, {
-            clientPublicKey: await (0, utils_js_1.cryptoPublicToPem)(ephemeralKeyPair.publicKey),
-            requests: [
-                (0, protobuf_1.create)(kas_pb_js_1.UnsignedRewrapRequest_WithPolicyRequestSchema, {
-                    keyAccessObjects: [
-                        {
-                            keyAccessObjectId: 'kao-0', // only one kao, no bulk
-                            keyAccessObject: {
-                                header: new Uint8Array(nanoTdfHeader),
-                                kasUrl: '',
-                                protocol: Client.KAS_PROTOCOL,
-                                keyType: Client.KEY_ACCESS_REMOTE,
-                            },
-                        },
-                    ],
-                    algorithm: DefaultParams_js_1.default.defaultECAlgorithm,
-                }),
-            ],
-            keyAccess: {
-                header: new Uint8Array(nanoTdfHeader),
-                kasUrl: '',
-                protocol: Client.KAS_PROTOCOL,
-                keyType: Client.KEY_ACCESS_REMOTE,
-            },
-            algorithm: DefaultParams_js_1.default.defaultECAlgorithm,
-        });
-        const requestBodyStr = (0, protobuf_1.toJsonString)(kas_pb_js_1.UnsignedRewrapRequestSchema, unsignedRequest);
-        const jwtPayload = { requestBody: requestBodyStr };
-        const signedRequestToken = await (0, providers_js_1.reqSignature)(jwtPayload, requestSignerKeyPair.privateKey, {
-            alg: toJWSAlg(requestSignerKeyPair.publicKey),
-        });
-        // Wrapped
-        const rewrapResp = await (0, access_js_1.fetchWrappedKey)(kasRewrapUrl, signedRequestToken, this.authProvider, this.fulfillableObligationFQNs);
-        // Upgrade any V1 responses to V2
-        (0, utils_js_1.upgradeRewrapResponseV1)(rewrapResp);
-        const result = rewrapResp.responses?.[0]?.results?.[0];
-        if (!result) {
-            // This should not happen - KAS should always return at least one response and one result
-            // or the upgradeRewrapResponseV1 should have created them
-            throw new errors_js_1.DecryptError('KAS rewrap response missing expected response or result');
-        }
-        const requiredObligations = (0, utils_js_1.getRequiredObligationFQNs)(rewrapResp);
-        let entityWrappedKey;
-        switch (result.result.case) {
-            case 'kasWrappedKey': {
-                entityWrappedKey = result.result.value;
-                break;
-            }
-            case 'error': {
-                (0, access_rpc_js_1.handleRpcRewrapErrorString)(result.result.value, (0, utils_js_1.getPlatformUrlFromKasEndpoint)(kasRewrapUrl), requiredObligations);
-            }
-            default: {
-                throw new errors_js_1.DecryptError('KAS rewrap response missing wrapped key');
-            }
-        }
-        // Extract the iv and ciphertext
-        const ivLength = clientVersion == Client.SDK_INITIAL_RELEASE ? Client.INITIAL_RELEASE_IV_SIZE : Client.IV_SIZE;
-        const iv = entityWrappedKey.subarray(0, ivLength);
-        const encryptedSharedKey = entityWrappedKey.subarray(ivLength);
-        let kasPublicKey;
-        try {
-            // Let us import public key as a cert or public key
-            kasPublicKey = await (0, utils_js_1.pemToCryptoPublicKey)(rewrapResp.sessionPublicKey);
-        }
-        catch (cause) {
-            throw new errors_js_1.ConfigurationError(`internal: [${kasRewrapUrl}] PEM Public Key to crypto public key failed. Is PEM formatted correctly?`, cause);
-        }
-        let hkdfSalt;
-        try {
-            // Get the hkdf salt params
-            hkdfSalt = await (0, getHkdfSalt_js_1.default)(magicNumberVersion);
-        }
-        catch (e) {
-            throw new errors_js_1.TdfError('salting hkdf failed', e);
-        }
-        const { privateKey } = await this.ephemeralKeyPair;
-        // Get the unwrapping key
-        let unwrappingKey;
-        try {
-            unwrappingKey = await (0, index_js_1.keyAgreement)(
-            // Ephemeral private key
-            privateKey, kasPublicKey, hkdfSalt);
-        }
-        catch (e) {
-            if (e.name == 'InvalidAccessError' || e.name == 'OperationError') {
-                throw new errors_js_1.DecryptError('unable to solve key agreement', e);
-            }
-            else if (e.name == 'NotSupported') {
-                throw new errors_js_1.ConfigurationError('unable to unwrap key from kas', e);
-            }
-            throw new errors_js_1.TdfError('unable to reach agreement', e);
-        }
-        const authTagLength = 8 * (encryptedSharedKey.byteLength - 32);
-        let decryptedKey;
-        try {
-            // Decrypt the wrapped key
-            decryptedKey = await crypto.subtle.decrypt({ name: 'AES-GCM', iv, tagLength: authTagLength }, unwrappingKey, encryptedSharedKey);
-        }
-        catch (cause) {
-            throw new errors_js_1.DecryptError(`unable to decrypt key. Are you using the right KAS? Is the salt correct?`, cause);
-        }
-        // UnwrappedKey
-        let unwrappedKey;
-        try {
-            unwrappedKey = await crypto.subtle.importKey('raw', decryptedKey, 'AES-GCM', 
-            // @security This allows the key to be used in `exportKey` and `wrapKey`
-            // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/exportKey
-            // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/wrapKey
-            true, 
-            // Want to use the key to encrypt and decrypt. Signing key will be used later.
-            ['encrypt', 'decrypt']);
-        }
-        catch (cause) {
-            throw new errors_js_1.DecryptError('Unable to import raw key.', cause);
-        }
-        return {
-            requiredObligations,
-            unwrappedKey: unwrappedKey,
-        };
-    }
-}
-Client.KEY_ACCESS_REMOTE = 'remote';
-Client.KAS_PROTOCOL = 'kas';
-Client.SDK_INITIAL_RELEASE = '0.0.0';
-Client.INITIAL_RELEASE_IV_SIZE = 3;
-Client.IV_SIZE = 12;
-exports.default = Client;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiQ2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvQ2xpZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsaURBQTBEO0FBQzFELHlEQUdtQztBQUNuQyx5REFBMkU7QUFDM0UsOEVBQW1EO0FBQ25ELGlGQUFzRDtBQUN0RCw0Q0FLc0I7QUFDdEIsa0VBQTRFO0FBQzVFLHVEQUFrRjtBQUNsRiw0Q0FBMEY7QUFDMUYsMENBT3FCO0FBbUJyQixTQUFTLFFBQVEsQ0FBQyxDQUFZO0lBQzVCLE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDeEIsUUFBUSxTQUFTLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDdkIsS0FBSyxtQkFBbUIsQ0FBQztRQUN6QixLQUFLLFNBQVMsQ0FBQztRQUNmLEtBQUssVUFBVSxDQUFDLENBQUMsQ0FBQztZQUNoQixNQUFNLENBQUMsR0FBRyxTQUFrQyxDQUFDO1lBQzdDLFFBQVEsQ0FBQyxDQUFDLGFBQWEsRUFBRSxDQUFDO2dCQUN4QixLQUFLLElBQUk7b0JBQ1AsT0FBTyxPQUFPLENBQUM7Z0JBQ2pCLEtBQUssSUFBSTtvQkFDUCxPQUFPLE9BQU8sQ0FBQztnQkFDakIsS0FBSyxJQUFJO29CQUNQLE9BQU8sT0FBTyxDQUFDO1lBQ25CLENBQUM7WUFDRCxNQUFNO1FBQ1IsQ0FBQztRQUNELEtBQUssT0FBTyxDQUFDO1FBQ2IsS0FBSyxNQUFNLENBQUMsQ0FBQyxDQUFDO1lBQ1osT0FBTyxPQUFPLENBQUM7UUFDakIsQ0FBQztJQUNILENBQUM7SUFDRCxNQUFNLElBQUksOEJBQWtCLENBQUMsNkJBQTZCLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxDQUFDO0FBQ3pGLENBQUM7QUFFRCxLQUFLLFVBQVUsd0JBQXdCO0lBQ3JDLE1BQU0sRUFBRSxTQUFTLEVBQUUsVUFBVSxFQUFFLEdBQUcsTUFBTSxJQUFBLDBCQUFlLEdBQUUsQ0FBQztJQUMxRCxJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7UUFDOUIsTUFBTSxLQUFLLENBQUMsNEJBQTRCLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBQ0QsT0FBTyxFQUFFLFNBQVMsRUFBRSxVQUFVLEVBQUUsQ0FBQztBQUNuQyxDQUFDO0FBRUQsS0FBSyxVQUFVLHFCQUFxQjtJQUNsQyxPQUFPLE1BQU0sQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUM5QjtRQUNFLElBQUksRUFBRSxtQkFBbUI7UUFDekIsSUFBSSxFQUFFLFNBQVM7UUFDZixhQUFhLEVBQUUsSUFBSTtRQUNuQixjQUFjLEVBQUUsSUFBSSxVQUFVLENBQUMsQ0FBQyxJQUFJLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDO0tBQ25ELEVBQ0QsSUFBSSxFQUNKLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUNuQixDQUFDO0FBQ0osQ0FBQztBQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBNEJHO0FBQ0gsTUFBcUIsTUFBTTtJQXdCekI7Ozs7OztPQU1HO0lBQ0gsWUFDRSxxQkFBa0QsRUFDbEQsTUFBZSxFQUNmLGdCQUFnQyxFQUNoQyxXQUFXLEdBQUcsS0FBSztRQWpCckIsWUFBTyxHQUFhLEVBQUUsQ0FBQztRQUN2QixtQkFBYyxHQUFhLEVBQUUsQ0FBQztRQWtCNUIsTUFBTSxrQkFBa0IsR0FBRyxDQUFDLENBQWUsRUFBZ0IsRUFBRTtZQUMzRCxPQUFPO2dCQUNMLHFCQUFxQixFQUFFLEtBQUssRUFBRSxVQUFVLEVBQUUsRUFBRTtvQkFDMUMsTUFBTSxDQUFDLENBQUMscUJBQXFCLENBQUMsVUFBVSxDQUFDLENBQUM7Z0JBQzVDLENBQUM7Z0JBQ0QsU0FBUyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtvQkFDM0IsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsb0JBQW9CLENBQUM7b0JBQy9DLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQzt3QkFDWixNQUFNLElBQUksOEJBQWtCLENBQUMsK0NBQStDLENBQUMsQ0FBQztvQkFDaEYsQ0FBQztvQkFDRCxNQUFNLENBQUMsQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDdEMsT0FBTyxDQUFDLENBQUMsU0FBUyxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUM5QixDQUFDO2FBQ0YsQ0FBQztRQUNKLENBQUMsQ0FBQztRQUNGLElBQUksSUFBQSw2QkFBYyxFQUFDLHFCQUFxQixDQUFDLEVBQUUsQ0FBQztZQUMxQyxJQUFJLENBQUMsWUFBWSxHQUFHLGtCQUFrQixDQUFDLHFCQUFxQixDQUFDLENBQUM7WUFDOUQsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUNaLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO1lBQzdELENBQUM7WUFDRCxvREFBb0Q7WUFDcEQsSUFBQSw0QkFBaUIsRUFBQyxNQUFNLENBQUMsQ0FBQztZQUMxQixJQUFJLENBQUMsTUFBTSxHQUFHLE1BQU0sQ0FBQztZQUNyQixJQUFJLENBQUMsV0FBVyxHQUFHLFdBQVcsQ0FBQztZQUUvQixJQUFJLGdCQUFnQixFQUFFLENBQUM7Z0JBQ3JCLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsT0FBTyxDQUFDLGdCQUFnQixDQUFDLENBQUM7WUFDNUQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyx3QkFBd0IsRUFBRSxDQUFDO1lBQ3JELENBQUM7WUFDRCxJQUFJLENBQUMsRUFBRSxHQUFHLENBQUMsQ0FBQztRQUNkLENBQUM7YUFBTSxDQUFDO1lBQ04sTUFBTSxFQUNKLFlBQVksRUFDWix5QkFBeUIsR0FBRyxFQUFFLEVBQzlCLGVBQWUsRUFDZixZQUFZLEVBQ1osV0FBVyxFQUNYLFFBQVEsRUFDUixnQkFBZ0IsRUFDaEIsV0FBVyxFQUNYLFdBQVcsR0FDWixHQUFHLHFCQUFxQixDQUFDO1lBQzFCLElBQUksQ0FBQyxZQUFZLEdBQUcsa0JBQWtCLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDckQsb0RBQW9EO1lBQ3BELElBQUEsNEJBQWlCLEVBQUMsV0FBVyxDQUFDLENBQUM7WUFDL0IsSUFBSSxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUM7WUFDMUIsSUFBSSxDQUFDLFdBQVcsR0FBRyxXQUFXLENBQUM7WUFDL0IsSUFBSSxZQUFZLEVBQUUsTUFBTSxJQUFJLGVBQWUsRUFBRSxDQUFDO2dCQUM1QyxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksMkJBQWUsQ0FBQyxZQUFZLElBQUksRUFBRSxFQUFFLGVBQWUsQ0FBQyxDQUFDO1lBQy9FLENBQUM7WUFDRCxJQUFJLENBQUMseUJBQXlCLEdBQUcseUJBQXlCLENBQUM7WUFDM0QsSUFBSSxDQUFDLFdBQVcsR0FBRyxDQUFDLENBQUMsV0FBVyxDQUFDO1lBQ2pDLElBQUksUUFBUSxFQUFFLENBQUM7Z0JBQ2IsSUFBSSxDQUFDLG9CQUFvQixHQUFHLFFBQVEsQ0FBQztZQUN2QyxDQUFDO2lCQUFNLENBQUM7Z0JBQ04sSUFBSSxDQUFDLG9CQUFvQixHQUFHLHFCQUFxQixFQUFFLENBQUM7WUFDdEQsQ0FBQztZQUVELElBQUksZ0JBQWdCLEVBQUUsQ0FBQztnQkFDckIsSUFBSSxDQUFDLGdCQUFnQixHQUFHLGdCQUFnQixDQUFDO1lBQzNDLENBQUM7aUJBQU0sQ0FBQztnQkFDTixJQUFJLENBQUMsZ0JBQWdCLEdBQUcsd0JBQXdCLEVBQUUsQ0FBQztZQUNyRCxDQUFDO1lBQ0QsSUFBSSxDQUFDLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDZCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxZQUFZLENBQUMsU0FBaUI7UUFDNUIsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0gsS0FBSyxDQUFDLFNBQVMsQ0FDYixhQUE4QixFQUM5QixZQUFvQixFQUNwQixrQkFBbUMsRUFDbkMsYUFBcUI7UUFFckIsSUFBSSxZQUFZLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQztRQUVyQyxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDbEIsWUFBWSxHQUFHLE1BQU0sSUFBQSxpQ0FBcUIsRUFBQyxJQUFJLENBQUMsV0FBVyxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUNsRixDQUFDO1FBRUQsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQztZQUN2QyxNQUFNLElBQUksMEJBQWMsQ0FBQyxpQkFBaUIsWUFBWSxDQUFDLE9BQU8sR0FBRyxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ25GLENBQUM7UUFFRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGdCQUFnQixDQUFDO1FBQ3JELE1BQU0sb0JBQW9CLEdBQUcsTUFBTSxJQUFJLENBQUMsb0JBQW9CLENBQUM7UUFFN0Qsa0ZBQWtGO1FBQ2xGLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxVQUFVLEVBQUUsQ0FBQztZQUNsQyxNQUFNLElBQUksOEJBQWtCLENBQUMsNkNBQTZDLENBQUMsQ0FBQztRQUM5RSxDQUFDO1FBRUQsSUFBSSxDQUFDLG9CQUFvQixFQUFFLFVBQVUsRUFBRSxDQUFDO1lBQ3RDLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywwQ0FBMEMsQ0FBQyxDQUFDO1FBQzNFLENBQUM7UUFFRCxNQUFNLGVBQWUsR0FBRyxJQUFBLGlCQUFNLEVBQUMsdUNBQTJCLEVBQUU7WUFDMUQsZUFBZSxFQUFFLE1BQU0sSUFBQSw0QkFBaUIsRUFBQyxnQkFBZ0IsQ0FBQyxTQUFTLENBQUM7WUFDcEUsUUFBUSxFQUFFO2dCQUNSLElBQUEsaUJBQU0sRUFBQyx5REFBNkMsRUFBRTtvQkFDcEQsZ0JBQWdCLEVBQUU7d0JBQ2hCOzRCQUNFLGlCQUFpQixFQUFFLE9BQU8sRUFBRSx3QkFBd0I7NEJBQ3BELGVBQWUsRUFBRTtnQ0FDZixNQUFNLEVBQUUsSUFBSSxVQUFVLENBQUMsYUFBYSxDQUFDO2dDQUNyQyxNQUFNLEVBQUUsRUFBRTtnQ0FDVixRQUFRLEVBQUUsTUFBTSxDQUFDLFlBQVk7Z0NBQzdCLE9BQU8sRUFBRSxNQUFNLENBQUMsaUJBQWlCOzZCQUNsQzt5QkFDRjtxQkFDRjtvQkFDRCxTQUFTLEVBQUUsMEJBQWEsQ0FBQyxrQkFBa0I7aUJBQzVDLENBQUM7YUFDSDtZQUNELFNBQVMsRUFBRTtnQkFDVCxNQUFNLEVBQUUsSUFBSSxVQUFVLENBQUMsYUFBYSxDQUFDO2dCQUNyQyxNQUFNLEVBQUUsRUFBRTtnQkFDVixRQUFRLEVBQUUsTUFBTSxDQUFDLFlBQVk7Z0JBQzdCLE9BQU8sRUFBRSxNQUFNLENBQUMsaUJBQWlCO2FBQ2xDO1lBQ0QsU0FBUyxFQUFFLDBCQUFhLENBQUMsa0JBQWtCO1NBQzVDLENBQUMsQ0FBQztRQUVILE1BQU0sY0FBYyxHQUFHLElBQUEsdUJBQVksRUFBQyx1Q0FBMkIsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUVsRixNQUFNLFVBQVUsR0FBRyxFQUFFLFdBQVcsRUFBRSxjQUFjLEVBQUUsQ0FBQztRQUVuRCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sSUFBQSwyQkFBWSxFQUFDLFVBQVUsRUFBRSxvQkFBb0IsQ0FBQyxVQUFVLEVBQUU7WUFDekYsR0FBRyxFQUFFLFFBQVEsQ0FBQyxvQkFBb0IsQ0FBQyxTQUFTLENBQUM7U0FDOUMsQ0FBQyxDQUFDO1FBRUgsVUFBVTtRQUNWLE1BQU0sVUFBVSxHQUFHLE1BQU0sSUFBQSwyQkFBZSxFQUN0QyxZQUFZLEVBQ1osa0JBQWtCLEVBQ2xCLElBQUksQ0FBQyxZQUFZLEVBQ2pCLElBQUksQ0FBQyx5QkFBeUIsQ0FDL0IsQ0FBQztRQUNGLGlDQUFpQztRQUNqQyxJQUFBLGtDQUF1QixFQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXBDLE1BQU0sTUFBTSxHQUFHLFVBQVUsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDLENBQUMsRUFBRSxPQUFPLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUN2RCxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDWix5RkFBeUY7WUFDekYsMERBQTBEO1lBQzFELE1BQU0sSUFBSSx3QkFBWSxDQUFDLHlEQUF5RCxDQUFDLENBQUM7UUFDcEYsQ0FBQztRQUVELE1BQU0sbUJBQW1CLEdBQUcsSUFBQSxvQ0FBeUIsRUFBQyxVQUFVLENBQUMsQ0FBQztRQUVsRSxJQUFJLGdCQUE2QyxDQUFDO1FBQ2xELFFBQVEsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUMzQixLQUFLLGVBQWUsQ0FBQyxDQUFDLENBQUM7Z0JBQ3JCLGdCQUFnQixHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDO2dCQUN2QyxNQUFNO1lBQ1IsQ0FBQztZQUNELEtBQUssT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDYixJQUFBLDBDQUEwQixFQUN4QixNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssRUFDbkIsSUFBQSx3Q0FBNkIsRUFBQyxZQUFZLENBQUMsRUFDM0MsbUJBQW1CLENBQ3BCLENBQUM7WUFDSixDQUFDO1lBQ0QsT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDUixNQUFNLElBQUksd0JBQVksQ0FBQyx5Q0FBeUMsQ0FBQyxDQUFDO1lBQ3BFLENBQUM7UUFDSCxDQUFDO1FBRUQsZ0NBQWdDO1FBQ2hDLE1BQU0sUUFBUSxHQUNaLGFBQWEsSUFBSSxNQUFNLENBQUMsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQztRQUNoRyxNQUFNLEVBQUUsR0FBRyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ2xELE1BQU0sa0JBQWtCLEdBQUcsZ0JBQWdCLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRS9ELElBQUksWUFBWSxDQUFDO1FBQ2pCLElBQUksQ0FBQztZQUNILG1EQUFtRDtZQUNuRCxZQUFZLEdBQUcsTUFBTSxJQUFBLCtCQUFvQixFQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQ3pFLENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxJQUFJLDhCQUFrQixDQUMxQixjQUFjLFlBQVksMkVBQTJFLEVBQ3JHLEtBQUssQ0FDTixDQUFDO1FBQ0osQ0FBQztRQUVELElBQUksUUFBUSxDQUFDO1FBQ2IsSUFBSSxDQUFDO1lBQ0gsMkJBQTJCO1lBQzNCLFFBQVEsR0FBRyxNQUFNLElBQUEsd0JBQVcsRUFBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ25ELENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1gsTUFBTSxJQUFJLG9CQUFRLENBQUMscUJBQXFCLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDL0MsQ0FBQztRQUNELE1BQU0sRUFBRSxVQUFVLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztRQUVuRCx5QkFBeUI7UUFDekIsSUFBSSxhQUFhLENBQUM7UUFDbEIsSUFBSSxDQUFDO1lBQ0gsYUFBYSxHQUFHLE1BQU0sSUFBQSx1QkFBWTtZQUNoQyx3QkFBd0I7WUFDeEIsVUFBVSxFQUNWLFlBQVksRUFDWixRQUFRLENBQ1QsQ0FBQztRQUNKLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1gsSUFBSSxDQUFDLENBQUMsSUFBSSxJQUFJLG9CQUFvQixJQUFJLENBQUMsQ0FBQyxJQUFJLElBQUksZ0JBQWdCLEVBQUUsQ0FBQztnQkFDakUsTUFBTSxJQUFJLHdCQUFZLENBQUMsK0JBQStCLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFDN0QsQ0FBQztpQkFBTSxJQUFJLENBQUMsQ0FBQyxJQUFJLElBQUksY0FBYyxFQUFFLENBQUM7Z0JBQ3BDLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywrQkFBK0IsRUFBRSxDQUFDLENBQUMsQ0FBQztZQUNuRSxDQUFDO1lBQ0QsTUFBTSxJQUFJLG9CQUFRLENBQUMsMkJBQTJCLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDckQsQ0FBQztRQUVELE1BQU0sYUFBYSxHQUFHLENBQUMsR0FBRyxDQUFDLGtCQUFrQixDQUFDLFVBQVUsR0FBRyxFQUFFLENBQUMsQ0FBQztRQUMvRCxJQUFJLFlBQVksQ0FBQztRQUNqQixJQUFJLENBQUM7WUFDSCwwQkFBMEI7WUFDMUIsWUFBWSxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQ3hDLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxFQUFFLEVBQUUsU0FBUyxFQUFFLGFBQWEsRUFBRSxFQUNqRCxhQUFhLEVBQ2Isa0JBQWtCLENBQ25CLENBQUM7UUFDSixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sSUFBSSx3QkFBWSxDQUNwQiwwRUFBMEUsRUFDMUUsS0FBSyxDQUNOLENBQUM7UUFDSixDQUFDO1FBRUQsZUFBZTtRQUNmLElBQUksWUFBWSxDQUFDO1FBQ2pCLElBQUksQ0FBQztZQUNILFlBQVksR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUMxQyxLQUFLLEVBQ0wsWUFBWSxFQUNaLFNBQVM7WUFDVCx3RUFBd0U7WUFDeEUsMEVBQTBFO1lBQzFFLHdFQUF3RTtZQUN4RSxJQUFJO1lBQ0osOEVBQThFO1lBQzlFLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUN2QixDQUFDO1FBQ0osQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLElBQUksd0JBQVksQ0FBQywyQkFBMkIsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBRUQsT0FBTztZQUNMLG1CQUFtQjtZQUNuQixZQUFZLEVBQUUsWUFBWTtTQUMzQixDQUFDO0lBQ0osQ0FBQzs7QUFoVGUsd0JBQWlCLEdBQUcsUUFBUSxBQUFYLENBQVk7QUFDN0IsbUJBQVksR0FBRyxLQUFLLEFBQVIsQ0FBUztBQUNyQiwwQkFBbUIsR0FBRyxPQUFPLEFBQVYsQ0FBVztBQUM5Qiw4QkFBdUIsR0FBRyxDQUFDLEFBQUosQ0FBSztBQUM1QixjQUFPLEdBQUcsRUFBRSxBQUFMLENBQU07a0JBTFYsTUFBTSJ9

package/dist/cjs/src/nanotdf/NanoTDF.js

@@ -1,94 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const index_js_1 = require("../encodings/index.js");
-const Header_js_1 = __importDefault(require("./models/Header.js"));
-const Payload_js_1 = __importDefault(require("./models/Payload.js"));
-const Signature_js_1 = __importDefault(require("./models/Signature.js"));
-const EncodingEnum_js_1 = __importDefault(require("./enum/EncodingEnum.js"));
-const errors_js_1 = require("../errors.js");
-// Defaults when none set during encryption
-class NanoTDF {
-    static from(content, encoding, legacyTDF = false) {
-        // If we don't assign an empty array buffer then TS reports buffer as unassigned
-        let buffer;
-        if (typeof content === 'string') {
-            if (!encoding || encoding === EncodingEnum_js_1.default.Base64) {
-                buffer = index_js_1.base64.decodeArrayBuffer(content);
-            }
-            else {
-                throw new errors_js_1.ConfigurationError(`Unsupported encoding: ${encoding}`);
-            }
-        }
-        // Handle Uint8Array types
-        else if (ArrayBuffer.isView(content) || content instanceof ArrayBuffer) {
-            buffer = content;
-        }
-        else {
-            throw new errors_js_1.ConfigurationError(`unsupported content type`);
-        }
-        const dataView = new Uint8Array(buffer);
-        let offset = 0;
-        // Header
-        const { header, offset: headerOffset } = Header_js_1.default.parse(dataView.subarray(offset));
-        offset += headerOffset;
-        // Payload
-        const { payload, offset: payloadOffset } = Payload_js_1.default.parse(header, dataView.subarray(offset), legacyTDF);
-        offset += payloadOffset;
-        // Signature
-        const { signature, offset: signatureOffset } = Signature_js_1.default.parse(header, dataView.subarray(offset));
-        offset += signatureOffset;
-        // Singature checking
-        if (!header.hasSignature && signature.length > 0) {
-            throw new errors_js_1.InvalidFileError("Found signature when there shouldn't be one");
-        }
-        if (header.hasSignature && signature.length === 0) {
-            throw new errors_js_1.InvalidFileError('Could not find signature');
-        }
-        return new NanoTDF(header, payload, signature);
-    }
-    constructor(header, payload, signature) {
-        this.header = header;
-        this.payload = payload;
-        this.signature = signature;
-    }
-    /**
-     * Return the content of nano tdf as binary buffer
-     */
-    toBuffer() {
-        let offset = 0;
-        const lengthOfSignature = this.signature && this.signature.length ? this.signature.length : 0;
-        const lengthOfTDF = this.header.length + this.payload.length + lengthOfSignature;
-        const buffer = new ArrayBuffer(lengthOfTDF);
-        // Write the header
-        const headerBufferView = new Uint8Array(buffer, 0, this.header.length);
-        this.header.copyToBuffer(headerBufferView);
-        offset += headerBufferView.length;
-        // Write the payload
-        const payloadBufferView = new Uint8Array(buffer, offset, this.payload.length);
-        this.payload.copyToBuffer(payloadBufferView);
-        offset += payloadBufferView.length;
-        // Write the signature
-        if (this.header.hasSignature && this.signature) {
-            const signatureBufferView = new Uint8Array(buffer, offset, lengthOfSignature);
-            this.signature.copyToBuffer(signatureBufferView);
-        }
-        return buffer;
-    }
-    /**
-     * Return the content of nano tdf as base64 string
-     */
-    toBase64() {
-        const arrayBuffer = this.toBuffer();
-        return index_js_1.base64.encodeArrayBuffer(arrayBuffer);
-    }
-}
-// Add encodings to the NanoTDF class for easy access
-NanoTDF.Encodings = EncodingEnum_js_1.default;
-NanoTDF.Header = Header_js_1.default;
-NanoTDF.Payload = Payload_js_1.default;
-NanoTDF.Signature = Signature_js_1.default;
-exports.default = NanoTDF;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiTmFub1RERi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL05hbm9UREYudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxvREFBK0M7QUFDL0MsbUVBQXdDO0FBQ3hDLHFFQUEwQztBQUMxQyx5RUFBOEM7QUFDOUMsNkVBQWtEO0FBQ2xELDRDQUFvRTtBQUVwRSwyQ0FBMkM7QUFFM0MsTUFBcUIsT0FBTztJQWExQixNQUFNLENBQUMsSUFBSSxDQUNULE9BQWlDLEVBQ2pDLFFBQXVCLEVBQ3ZCLFNBQVMsR0FBRyxLQUFLO1FBRWpCLGdGQUFnRjtRQUNoRixJQUFJLE1BQU0sQ0FBQztRQUNYLElBQUksT0FBTyxPQUFPLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDaEMsSUFBSSxDQUFDLFFBQVEsSUFBSSxRQUFRLEtBQUsseUJBQVksQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDbEQsTUFBTSxHQUFHLGlCQUFNLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDN0MsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyx5QkFBeUIsUUFBUSxFQUFFLENBQUMsQ0FBQztZQUNwRSxDQUFDO1FBQ0gsQ0FBQztRQUNELDBCQUEwQjthQUNyQixJQUFJLFdBQVcsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksT0FBTyxZQUFZLFdBQVcsRUFBRSxDQUFDO1lBQ3ZFLE1BQU0sR0FBRyxPQUFPLENBQUM7UUFDbkIsQ0FBQzthQUFNLENBQUM7WUFDTixNQUFNLElBQUksOEJBQWtCLENBQUMsMEJBQTBCLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBRUQsTUFBTSxRQUFRLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDeEMsSUFBSSxNQUFNLEdBQUcsQ0FBQyxDQUFDO1FBRWYsU0FBUztRQUNULE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLFlBQVksRUFBRSxHQUFHLG1CQUFNLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUNqRixNQUFNLElBQUksWUFBWSxDQUFDO1FBRXZCLFVBQVU7UUFDVixNQUFNLEVBQUUsT0FBTyxFQUFFLE1BQU0sRUFBRSxhQUFhLEVBQUUsR0FBRyxvQkFBTyxDQUFDLEtBQUssQ0FDdEQsTUFBTSxFQUNOLFFBQVEsQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLEVBQ3pCLFNBQVMsQ0FDVixDQUFDO1FBQ0YsTUFBTSxJQUFJLGFBQWEsQ0FBQztRQUV4QixZQUFZO1FBQ1osTUFBTSxFQUFFLFNBQVMsRUFBRSxNQUFNLEVBQUUsZUFBZSxFQUFFLEdBQUcsc0JBQVMsQ0FBQyxLQUFLLENBQzVELE1BQU0sRUFDTixRQUFRLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUMxQixDQUFDO1FBQ0YsTUFBTSxJQUFJLGVBQWUsQ0FBQztRQUUxQixxQkFBcUI7UUFDckIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxZQUFZLElBQUksU0FBUyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNqRCxNQUFNLElBQUksNEJBQWdCLENBQUMsNkNBQTZDLENBQUMsQ0FBQztRQUM1RSxDQUFDO1FBQ0QsSUFBSSxNQUFNLENBQUMsWUFBWSxJQUFJLFNBQVMsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDbEQsTUFBTSxJQUFJLDRCQUFnQixDQUFDLDBCQUEwQixDQUFDLENBQUM7UUFDekQsQ0FBQztRQUVELE9BQU8sSUFBSSxPQUFPLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQsWUFBWSxNQUFjLEVBQUUsT0FBZ0IsRUFBRSxTQUFxQjtRQUNqRSxJQUFJLENBQUMsTUFBTSxHQUFHLE1BQU0sQ0FBQztRQUNyQixJQUFJLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQztRQUN2QixJQUFJLENBQUMsU0FBUyxHQUFHLFNBQVMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7O09BRUc7SUFDSCxRQUFRO1FBQ04sSUFBSSxNQUFNLEdBQUcsQ0FBQyxDQUFDO1FBRWYsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzlGLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxHQUFHLGlCQUFpQixDQUFDO1FBRWpGLE1BQU0sTUFBTSxHQUFHLElBQUksV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRTVDLG1CQUFtQjtRQUNuQixNQUFNLGdCQUFnQixHQUFHLElBQUksVUFBVSxDQUFDLE1BQU0sRUFBRSxDQUFDLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN2RSxJQUFJLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1FBQzNDLE1BQU0sSUFBSSxnQkFBZ0IsQ0FBQyxNQUFNLENBQUM7UUFFbEMsb0JBQW9CO1FBQ3BCLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzlFLElBQUksQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDN0MsTUFBTSxJQUFJLGlCQUFpQixDQUFDLE1BQU0sQ0FBQztRQUVuQyxzQkFBc0I7UUFDdEIsSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLFlBQVksSUFBSSxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDL0MsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLFVBQVUsQ0FBQyxNQUFNLEVBQUUsTUFBTSxFQUFFLGlCQUFpQixDQUFDLENBQUM7WUFDOUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxZQUFZLENBQUMsbUJBQW1CLENBQUMsQ0FBQztRQUNuRCxDQUFDO1FBRUQsT0FBTyxNQUFNLENBQUM7SUFDaEIsQ0FBQztJQUVEOztPQUVHO0lBQ0gsUUFBUTtRQUNOLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUNwQyxPQUFPLGlCQUFNLENBQUMsaUJBQWlCLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDL0MsQ0FBQzs7QUE1R0QscURBQXFEO0FBQzlDLGlCQUFTLEdBQXdCLHlCQUFZLENBQUM7QUFDOUMsY0FBTSxHQUFHLG1CQUFNLENBQUM7QUFDaEIsZUFBTyxHQUFHLG9CQUFPLENBQUM7QUFDbEIsaUJBQVMsR0FBRyxzQkFBUyxDQUFDO2tCQUxWLE9BQU8ifQ==

package/dist/cjs/src/nanotdf/browser-entry.js

@@ -1,19 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-/* globals window */
-/**
- * This file is used for:
- *
- * - es5 browser version of nanoTDF and add it to the window as NanoTDF
- *
- * This is not used for:
- *
- * - es6 web development (use node modules)
- * - node applications
- */
-const NanoTDF_js_1 = __importDefault(require("./NanoTDF.js"));
-window.NanoTDF = NanoTDF_js_1.default;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnJvd3Nlci1lbnRyeS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2Jyb3dzZXItZW50cnkudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSxvQkFBb0I7QUFDcEI7Ozs7Ozs7OztHQVNHO0FBQ0gsOERBQW1DO0FBUW5DLE1BQU0sQ0FBQyxPQUFPLEdBQUcsb0JBQU8sQ0FBQyJ9

package/dist/cjs/src/nanotdf/constants.js

@@ -1,5 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.GMAC_BINDING_LEN = void 0;
-exports.GMAC_BINDING_LEN = 8;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvY29uc3RhbnRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFhLFFBQUEsZ0JBQWdCLEdBQUcsQ0FBQyxDQUFDIn0=

package/dist/cjs/src/nanotdf/decrypt.js

@@ -1,17 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = decrypt;
-const index_js_1 = require("../nanotdf-crypto/index.js");
-/**
- * Decrypt nanotdf with a crypto key
- *
- * @param key Crypto key used to decrypt nanotdf
- * @param nanotdf NanoTDF to decrypt
- */
-async function decrypt(key, nanotdf) {
-    // console.log(`Decrypting for content: ${nanotdf}`, nanotdf.header.authTagLength);
-    return await (0, index_js_1.decrypt)(key, nanotdf.payload.ciphertextWithAuthTag, nanotdf.payload.iv, 
-    // Auth tag length in bits
-    nanotdf.header.authTagLength);
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGVjcnlwdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9uYW5vdGRmL2RlY3J5cHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFTQSwwQkFTQztBQWxCRCx5REFBc0U7QUFHdEU7Ozs7O0dBS0c7QUFDWSxLQUFLLFVBQVUsT0FBTyxDQUFDLEdBQWMsRUFBRSxPQUFnQjtJQUNwRSxtRkFBbUY7SUFDbkYsT0FBTyxNQUFNLElBQUEsa0JBQWEsRUFDeEIsR0FBRyxFQUNILE9BQU8sQ0FBQyxPQUFPLENBQUMscUJBQXFCLEVBQ3JDLE9BQU8sQ0FBQyxPQUFPLENBQUMsRUFBRTtJQUNsQiwwQkFBMEI7SUFDMUIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxhQUFhLENBQzdCLENBQUM7QUFDSixDQUFDIn0=

package/dist/cjs/src/nanotdf/encrypt-dataset.js

@@ -1,38 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = encryptDataset;
-const NanoTDF_js_1 = __importDefault(require("./NanoTDF.js"));
-const DefaultParams_js_1 = __importDefault(require("./models/DefaultParams.js"));
-const Payload_js_1 = __importDefault(require("./models/Payload.js"));
-const Ciphers_js_1 = require("./models/Ciphers.js");
-const encrypt_js_1 = __importDefault(require("../nanotdf-crypto/encrypt.js"));
-/**
- * Encrypt the plain data into nanotdf buffer
- *
- * @param symmetricKey Key to encrypt the payload
- * @param header NanoTDF header
- * @param iv IV to be used for encrypting the payload
- * @param data The data to be encrypted
- */
-async function encryptDataset(symmetricKey, header, iv, data) {
-    // Auth tag length for policy and payload
-    const authTagLengthInBytes = (0, Ciphers_js_1.getBitLength)(DefaultParams_js_1.default.symmetricCipher) / 8;
-    // Encrypt the payload
-    let payloadAsBuffer;
-    if (typeof data === 'string') {
-        payloadAsBuffer = new TextEncoder().encode(data);
-    }
-    else {
-        payloadAsBuffer = data;
-    }
-    const encryptedPayload = await (0, encrypt_js_1.default)(symmetricKey, new Uint8Array(payloadAsBuffer), iv, authTagLengthInBytes * 8);
-    // Create payload
-    const payload = new Payload_js_1.default(iv.slice(-3), new Uint8Array(encryptedPayload.slice(0, -authTagLengthInBytes)), new Uint8Array(encryptedPayload.slice(-authTagLengthInBytes)));
-    // Create a nanotdf.
-    const nanoTDF = new NanoTDF_js_1.default(header, payload);
-    return nanoTDF.toBuffer();
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW5jcnlwdC1kYXRhc2V0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL25hbm90ZGYvZW5jcnlwdC1kYXRhc2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBZUEsaUNBbUNDO0FBbERELDhEQUFtQztBQUVuQyxpRkFBc0Q7QUFDdEQscUVBQTBDO0FBQzFDLG9EQUE2RTtBQUM3RSw4RUFBbUQ7QUFFbkQ7Ozs7Ozs7R0FPRztBQUNZLEtBQUssVUFBVSxjQUFjLENBQzFDLFlBQXVCLEVBQ3ZCLE1BQWMsRUFDZCxFQUFjLEVBQ2QsSUFBOEI7SUFFOUIseUNBQXlDO0lBQ3pDLE1BQU0sb0JBQW9CLEdBQUcsSUFBQSx5QkFBc0IsRUFBQywwQkFBYSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUV2RixzQkFBc0I7SUFDdEIsSUFBSSxlQUFlLENBQUM7SUFDcEIsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRLEVBQUUsQ0FBQztRQUM3QixlQUFlLEdBQUcsSUFBSSxXQUFXLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDbkQsQ0FBQztTQUFNLENBQUM7UUFDTixlQUFlLEdBQUcsSUFBSSxDQUFDO0lBQ3pCLENBQUM7SUFFRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBQSxvQkFBTyxFQUNwQyxZQUFZLEVBQ1osSUFBSSxVQUFVLENBQUMsZUFBZSxDQUFDLEVBQy9CLEVBQUUsRUFDRixvQkFBb0IsR0FBRyxDQUFDLENBQ3pCLENBQUM7SUFFRixpQkFBaUI7SUFDakIsTUFBTSxPQUFPLEdBQUcsSUFBSSxvQkFBTyxDQUN6QixFQUFFLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQ1osSUFBSSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDLG9CQUFvQixDQUFDLENBQUMsRUFDaEUsSUFBSSxVQUFVLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUMsb0JBQW9CLENBQUMsQ0FBQyxDQUM5RCxDQUFDO0lBRUYsb0JBQW9CO0lBQ3BCLE1BQU0sT0FBTyxHQUFHLElBQUksb0JBQU8sQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFFN0MsT0FBTyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7QUFDNUIsQ0FBQyJ9