npm - @opentdf/sdk - Versions diffs - 0.8.0-beta.74 → 0.8.0-rc.73 - Mend

@opentdf/sdk 0.8.0-beta.74 → 0.8.0-rc.73

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (260) hide show

package/dist/types/src/opentdf.d.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { type AuthProvider } from './auth/providers.js';
 export { Client as TDF3Client } from '../tdf3/src/client/index.js';
+import Header from './nanotdf/models/Header.js';
 import { type Source } from './seekable.js';
 import { Client as TDF3Client } from '../tdf3/src/client/index.js';
 import { type Assertion, AssertionConfig, AssertionVerificationKeys } from '../tdf3/src/assertions.js';
@@ -37,6 +38,25 @@ export type CreateOptions = {
     /** Source of plaintext data. */
     source: Source;
 };
+/** Options for creating a NanoTDF. */
+export type CreateNanoTDFOptions = CreateOptions & {
+    /** The type of binding to use for the NanoTDF. */
+    bindingType?: 'ecdsa' | 'gmac';
+    /** When creating a new collection, use ECDSA binding with this key id from the signers, instead of the DEK. */
+    ecdsaBindingKeyID?: string;
+    /**
+     * When creating a new collection, use the key in the `signers` list with this id
+     * to generate a signature for each element. When absent, the nanotdf is unsigned.
+     */
+    signingKeyID?: string;
+};
+/** Options for creating a NanoTDF collection. */
+export type CreateNanoTDFCollectionOptions = CreateNanoTDFOptions & {
+    /** The platform URL. */
+    platformUrl: string;
+    /** The maximum number of key iterations to use for a single DEK. */
+    maxKeyIterations?: number;
+};
 /** Metadata for a TDF object. */
 export type Metadata = object;
 /** MIME type of the decrypted content. */
@@ -112,6 +132,8 @@ export type OpenTDFOptions = {
      * which is out of the scope of this library.
      */
     dpopKeys?: Promise<CryptoKeyPair>;
+    /** Configuration options for the collection header cache. */
+    rewrapCacheOptions?: RewrapCacheOptions;
 };
 /** A decorated readable stream. */
 export type DecoratedStream = ReadableStream<Uint8Array> & {
@@ -119,7 +141,33 @@ export type DecoratedStream = ReadableStream<Uint8Array> & {
     metadata?: Promise<unknown>;
     /** The TDF manifest. */
     manifest?: Promise<Manifest>;
+    /** If the source is a NanoTDF, this will be set. */
+    header?: Header;
+};
+/** Configuration options for the collection header cache. */
+export type RewrapCacheOptions = {
+    /** If we should disable (bypass) the cache. */
+    bypass?: boolean;
+    /** Evict keys after this many milliseconds. */
+    maxAge?: number;
+    /** Check for expired keys once every this many milliseconds. */
+    pollInterval?: number;
 };
+/**
+ * Cache for headers of nanotdf collections, to quickly open multiple entries of the same collection.
+ * It has a demon that removes all keys that have not been accessed in the last 5 minutes.
+ * To cancel the demon, and clear the cache, call `close()`.
+ * */
+export declare class RewrapCache {
+    private cache?;
+    private closer?;
+    constructor(opts?: RewrapCacheOptions);
+    get(key: Uint8Array): CryptoKey | undefined;
+    /** Set a key in the cache. */
+    set(key: Uint8Array, value: CryptoKey): void;
+    /** Close the cache and release any resources. */
+    close(): void;
+}
 /**
  * A TDF reader that can decrypt and inspect a TDF file.
  */
@@ -147,6 +195,7 @@ export type TDFReader = {
 };
 /**
  * The main OpenTDF class that provides methods for creating and reading TDF files.
+ * It supports both NanoTDF and ZTDF formats.
  * It can be used to create new TDF files and read existing ones.
  * This class is the entry point for using the OpenTDF SDK.
  * It requires an authentication provider to be passed in the constructor.
@@ -191,9 +240,17 @@ export declare class OpenTDF {
     defaultReadOptions: Omit<ReadOptions, 'source'>;
     /** The DPoP keys for this instance, if any. */
     readonly dpopKeys: Promise<CryptoKeyPair>;
+    /** Cache for rewrapped keys */
+    private readonly rewrapCache;
     /** The TDF3 client for encrypting and decrypting ZTDF files. */
     readonly tdf3Client: TDF3Client;
-    constructor({ authProvider, dpopKeys, defaultCreateOptions, defaultReadOptions, disableDPoP, policyEndpoint, platformUrl, }: OpenTDFOptions);
+    constructor({ authProvider, dpopKeys, defaultCreateOptions, defaultReadOptions, disableDPoP, policyEndpoint, rewrapCacheOptions, platformUrl, }: OpenTDFOptions);
+    /** Creates a new NanoTDF stream. */
+    createNanoTDF(opts: CreateNanoTDFOptions): Promise<DecoratedStream>;
+    /**
+     * Creates a new collection object, which can be used to encrypt a series of data with the same policy.
+     */
+    createNanoTDFCollection(opts: CreateNanoTDFCollectionOptions): Promise<NanoTDFCollectionWriter>;
     /** Creates a new ZTDF stream. */
     createZTDF(opts: CreateZTDFOptions): Promise<DecoratedStream>;
     /** Opens a TDF file for inspection and decryption. */
@@ -203,4 +260,11 @@ export declare class OpenTDF {
     /** Closes the OpenTDF instance and releases any resources. */
     close(): void;
 }
+/** A writer for NanoTDF collections. */
+export type NanoTDFCollectionWriter = {
+    /** The NanoTDF client used for encrypting data in this collection. */
+    encrypt: (source: Source) => Promise<ReadableStream<Uint8Array>>;
+    /** Closes the collection and releases any resources. */
+    close: () => Promise<void>;
+};
 //# sourceMappingURL=opentdf.d.ts.map

package/dist/types/src/opentdf.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"opentdf.d.ts","sourceRoot":"","sources":["../../../src/opentdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;~~AAExD~~,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;~~AACnE~~,OAAO,EAAuC,KAAK,MAAM,EAAE,MAAM,eAAe,CAAC;AACjF,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EACL,KAAK,SAAS,EACd,eAAe,EACf,yBAAyB,EAC1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,KAAK,qBAAqB,EAG1B,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,qBAAqB,EAC3B,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAIL,KAAK,kBAAkB,EACxB,MAAM,oBAAoB,CAAC;~~AAI5B~~,OAAO,EACL,KAAK,SAAS,EACd,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACpB,KAAK,QAAQ,EACb,KAAK,OAAO,EACZ,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,oBAAoB,GACrB,CAAC;AAEF,sDAAsD;AACtD,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,aAAa,CAAC;CAC5C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,mBAAmB,GAAG;IAChC,yDAAyD;IACzD,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB,CAAC;AAEF,iFAAiF;AACjF,MAAM,MAAM,aAAa,GAAG;IAC1B,wEAAwE;IACxE,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,uEAAuE;IACvE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,kFAAkF;IAClF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oEAAoE;IACpE,OAAO,CAAC,EAAE,IAAI,CAAC;IAEf,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,iCAAiC;AACjC,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAC;AAE9B,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;AAE7C,6EAA6E;AAC7E,MAAM,MAAM,SAAS,GAAG;IACtB,0DAA0D;IAC1D,GAAG,EAAE,MAAM,CAAC;IACZ;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,qDAAqD;AACrD,MAAM,MAAM,iBAAiB,GAAG,aAAa,GAAG;IAC9C,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC,qCAAqC;IACrC,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,2EAA2E;IAC3E,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC;IAExB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,yDAAyD;IACzD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;IAE7C,kCAAkC;IAClC,cAAc,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;CACpC,CAAC;AAEF,uDAAuD;AACvD,MAAM,MAAM,WAAW,GAAG;IACxB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wDAAwD;IACxD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,iDAAiD;IACjD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,4DAA4D;IAC5D,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IACrC,wDAAwD;IACxD,yBAAyB,CAAC,EAAE,yBAAyB,CAAC;IACtD,iDAAiD;IACjD,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;CAC9C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,cAAc,GAAG;IAC3B,+BAA+B;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,oBAAoB;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,qEAAqE;IACrE,YAAY,EAAE,YAAY,CAAC;IAE3B,oDAAoD;IACpD,oBAAoB,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAErD,oDAAoD;IACpD,kBAAkB,CAAC,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAEjD,6CAA6C;IAC7C,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;~~CACnC~~,CAAC;AAEF,mCAAmC;AACnC,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,UAAU,CAAC,GAAG;IACzD,iFAAiF;IACjF,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5B,wBAAwB;IACxB,QAAQ,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;~~CAC9B~~,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG;IACtB;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,eAAe,CAAC,CAAC;IACxC;;OAEG;IACH,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAE,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;IAElC;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAEpC;;OAEG;IACH,WAAW,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACjD,CAAC;AAEF~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG~~;AACH,qBAAa,OAAO;IAClB,uBAAuB;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,kCAAkC;IAClC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,kDAAkD;IAClD,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,gDAAgD;IAChD,oBAAoB,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IACpD,+CAA+C;IAC/C,kBAAkB,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChD,+CAA+C;IAC/C,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1C,gEAAgE;IAChE,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;gBAEpB,EACV,YAAY,EACZ,QAAQ,EACR,oBAAoB,EACpB,kBAAkB,EAClB,WAAW,EACX,cAAc,EACd,WAAW,GACZ,EAAE,cAAc;~~IAkCjB~~,iCAAiC;IAC3B,UAAU,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC;IAwBnE,sDAAsD;IACtD,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,SAAS;IAKlC,2BAA2B;IACrB,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC;IAKvD,8DAA8D;IAC9D,KAAK;CAGN"}
1	+ {"version":3,"file":"opentdf.d.ts","sourceRoot":"","sources":["../../../src/opentdf.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGxD,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAInE,OAAO,MAAM,MAAM,4BAA4B,CAAC;AAChD,OAAO,EAAuC,KAAK,MAAM,EAAE,MAAM,eAAe,CAAC;AACjF,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACnE,OAAO,EACL,KAAK,SAAS,EACd,eAAe,EACf,yBAAyB,EAC1B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,KAAK,qBAAqB,EAG1B,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,KAAK,qBAAqB,EAC3B,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACxE,OAAO,EAIL,KAAK,kBAAkB,EACxB,MAAM,oBAAoB,CAAC;AAK5B,OAAO,EACL,KAAK,SAAS,EACd,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACpB,KAAK,QAAQ,EACb,KAAK,OAAO,EACZ,KAAK,OAAO,EACZ,KAAK,SAAS,EACd,oBAAoB,GACrB,CAAC;AAEF,sDAAsD;AACtD,MAAM,MAAM,IAAI,GAAG;IACjB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,aAAa,CAAC;CAC5C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,mBAAmB,GAAG;IAChC,yDAAyD;IACzD,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB,CAAC;AAEF,iFAAiF;AACjF,MAAM,MAAM,aAAa,GAAG;IAC1B,wEAAwE;IACxE,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,uEAAuE;IACvE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,kFAAkF;IAClF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,oEAAoE;IACpE,OAAO,CAAC,EAAE,IAAI,CAAC;IAEf,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,sCAAsC;AACtC,MAAM,MAAM,oBAAoB,GAAG,aAAa,GAAG;IACjD,kDAAkD;IAClD,WAAW,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAE/B,+GAA+G;IAC/G,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF,iDAAiD;AACjD,MAAM,MAAM,8BAA8B,GAAG,oBAAoB,GAAG;IAClE,wBAAwB;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAAC;AAEF,iCAAiC;AACjC,MAAM,MAAM,QAAQ,GAAG,MAAM,CAAC;AAE9B,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;AAE7C,6EAA6E;AAC7E,MAAM,MAAM,SAAS,GAAG;IACtB,0DAA0D;IAC1D,GAAG,EAAE,MAAM,CAAC;IACZ;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,qDAAqD;AACrD,MAAM,MAAM,iBAAiB,GAAG,aAAa,GAAG;IAC9C,wCAAwC;IACxC,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC,qCAAqC;IACrC,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,2EAA2E;IAC3E,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC;IAExB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,yDAAyD;IACzD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;IAE7C,kCAAkC;IAClC,cAAc,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC;CACpC,CAAC;AAEF,uDAAuD;AACvD,MAAM,MAAM,WAAW,GAAG;IACxB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wDAAwD;IACxD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC/B,iDAAiD;IACjD,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,4DAA4D;IAC5D,yBAAyB,CAAC,EAAE,MAAM,EAAE,CAAC;IACrC,wDAAwD;IACxD,yBAAyB,CAAC,EAAE,yBAAyB,CAAC;IACtD,iDAAiD;IACjD,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE,qBAAqB,CAAC;CAC9C,CAAC;AAEF,8EAA8E;AAC9E,MAAM,MAAM,cAAc,GAAG;IAC3B,+BAA+B;IAC/B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,oBAAoB;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,qEAAqE;IACrE,YAAY,EAAE,YAAY,CAAC;IAE3B,oDAAoD;IACpD,oBAAoB,CAAC,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAErD,oDAAoD;IACpD,kBAAkB,CAAC,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAEjD,6CAA6C;IAC7C,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAElC,6DAA6D;IAC7D,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;CACzC,CAAC;AAEF,mCAAmC;AACnC,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,UAAU,CAAC,GAAG;IACzD,iFAAiF;IACjF,QAAQ,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5B,wBAAwB;IACxB,QAAQ,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7B,oDAAoD;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,6DAA6D;AAC7D,MAAM,MAAM,kBAAkB,GAAG;IAC/B,+CAA+C;IAC/C,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB,+CAA+C;IAC/C,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,gEAAgE;IAChE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAQF;;;;KAIK;AACL,qBAAa,WAAW;IACtB,OAAO,CAAC,KAAK,CAAC,CAAgE;IAC9E,OAAO,CAAC,MAAM,CAAC,CAAiC;gBACpC,IAAI,CAAC,EAAE,kBAAkB;IAoBrC,GAAG,CAAC,GAAG,EAAE,UAAU,GAAG,SAAS,GAAG,SAAS;IAY3C,8BAA8B;IAC9B,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS;IAOrC,iDAAiD;IACjD,KAAK;CAON;AAED;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG;IACtB;;OAEG;IACH,OAAO,EAAE,MAAM,OAAO,CAAC,eAAe,CAAC,CAAC;IACxC;;OAEG;IACH,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAE,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;IAElC;;OAEG;IACH,UAAU,EAAE,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAEpC;;OAEG;IACH,WAAW,EAAE,MAAM,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,qBAAa,OAAO;IAClB,uBAAuB;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,kCAAkC;IAClC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,kDAAkD;IAClD,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,gDAAgD;IAChD,oBAAoB,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IACpD,+CAA+C;IAC/C,kBAAkB,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAChD,+CAA+C;IAC/C,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1C,+BAA+B;IAC/B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,gEAAgE;IAChE,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;gBAEpB,EACV,YAAY,EACZ,QAAQ,EACR,oBAAoB,EACpB,kBAAkB,EAClB,WAAW,EACX,cAAc,EACd,kBAAkB,EAClB,WAAW,GACZ,EAAE,cAAc;IAmCjB,oCAAoC;IAC9B,aAAa,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAgBzE;;OAEG;IACG,uBAAuB,CAC3B,IAAI,EAAE,8BAA8B,GACnC,OAAO,CAAC,uBAAuB,CAAC;IAKnC,iCAAiC;IAC3B,UAAU,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,eAAe,CAAC;IAwBnE,sDAAsD;IACtD,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,SAAS;IAKlC,2BAA2B;IACrB,IAAI,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC;IAKvD,8DAA8D;IAC9D,KAAK;CAGN;AAiTD,wCAAwC;AACxC,MAAM,MAAM,uBAAuB,GAAG;IACpC,sEAAsE;IACtE,OAAO,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;IACjE,wDAAwD;IACxD,KAAK,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;CAC5B,CAAC"}

package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts ADDED Viewed

@@ -0,0 +1,99 @@
+declare enum CipherType {
+    Aes256Gcm64 = 0,// Default cipher
+    Aes256Gcm96 = 1,
+    Aes256Gcm104 = 2,
+    Aes256Gcm112 = 3,
+    Aes256Gcm120 = 4,
+    Aes256Gcm128 = 5
+}
+/**
+ * The Signature ECC Mode is used to determine the length of the signature at the end of a nanotdf. This, in
+ * combination with the previous HAS_SIGNATURE section, describe the signature of the nanotdf. The following table
+ * describes the valid values and the associated ECC Params.
+ */
+declare enum CurveName {
+    Secp256R1 = 0,
+    Secp384R1 = 1,
+    Secp521R1 = 2
+}
+export declare enum ResourceLocatorProtocol {
+    Http = 0,
+    Https = 1,
+    Unreserverd = 2,
+    SharedResourceDirectory = 255
+}
+export declare enum PolicyType {
+    Remote = 0,
+    EmbeddedText = 1,
+    EmbeddedEncrypted = 2,// Default policy
+    EmbeddedEncryptedPKA = 3
+}
+/**
+ * Resource Locator interface
+ */
+export interface ResourceLocator {
+    protocol: ResourceLocatorProtocol;
+    length: number;
+    body: string;
+}
+/**
+ * Policy interface
+ */
+export interface Policy {
+    type: PolicyType;
+    binding: Uint8Array;
+}
+/**
+ * Remote policy interface
+ */
+export interface RemotePolicy extends Policy {
+    protocol: ResourceLocatorProtocol;
+    urn: string;
+}
+/**
+ * Embedded policy interface
+ */
+export interface EmbeddedPolicy extends Policy {
+    content: Uint8Array;
+}
+/**
+ * Header interface
+ */
+export interface Header {
+    magicNumberVersion: Uint8Array;
+    kas: ResourceLocator;
+    useECDSABinding: boolean;
+    ephemeralCurveName: CurveName;
+    hasSignature: boolean;
+    signatureCurveName: CurveName;
+    symmetricCipher: CipherType;
+    authTagLength: number;
+    policy: RemotePolicy | EmbeddedPolicy;
+    ephemeralPublicKey: Uint8Array;
+}
+/**
+ * Payload interface
+ */
+export interface Payload {
+    iv: Uint8Array;
+    ciphertext: Uint8Array;
+    authTag: Uint8Array;
+    ciphertextAuthTag: Uint8Array;
+}
+/**
+ * Signature interface
+ */
+export interface Signature {
+    publicKey: Uint8Array;
+    signature: Uint8Array;
+}
+/**
+ * NanoTDF interface
+ */
+export interface NanoTDF {
+    header: Header;
+    payload: Payload;
+    signature: Signature;
+}
+export {};
+//# sourceMappingURL=NanoTDF.d.ts.map

package/dist/types/src/tdf/NanoTDF/NanoTDF.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"NanoTDF.d.ts","sourceRoot":"","sources":["../../../../../src/tdf/NanoTDF/NanoTDF.ts"],"names":[],"mappings":"AAAA,aAAK,UAAU;IACb,WAAW,IAAA,CAAE,iBAAiB;IAC9B,WAAW,IAAA;IACX,YAAY,IAAA;IACZ,YAAY,IAAA;IACZ,YAAY,IAAA;IACZ,YAAY,IAAA;CACb;AAED;;;;GAIG;AACH,aAAK,SAAS;IACZ,SAAS,IAAA;IACT,SAAS,IAAA;IACT,SAAS,IAAA;CACV;AAED,oBAAY,uBAAuB;IACjC,IAAI,IAAA;IACJ,KAAK,IAAA;IACL,WAAW,IAAA;IACX,uBAAuB,MAAO;CAC/B;AAED,oBAAY,UAAU;IACpB,MAAM,IAAA;IACN,YAAY,IAAA;IACZ,iBAAiB,IAAA,CAAE,iBAAiB;IACpC,oBAAoB,IAAA;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,uBAAuB,CAAC;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,UAAU,CAAC;IACjB,OAAO,EAAE,UAAU,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,YAAa,SAAQ,MAAM;IAC1C,QAAQ,EAAE,uBAAuB,CAAC;IAClC,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,WAAW,cAAe,SAAQ,MAAM;IAC5C,OAAO,EAAE,UAAU,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,MAAM;IAErB,kBAAkB,EAAE,UAAU,CAAC;IAG/B,GAAG,EAAE,eAAe,CAAC;IAGrB,eAAe,EAAE,OAAO,CAAC;IACzB,kBAAkB,EAAE,SAAS,CAAC;IAG9B,YAAY,EAAE,OAAO,CAAC;IACtB,kBAAkB,EAAE,SAAS,CAAC;IAC9B,eAAe,EAAE,UAAU,CAAC;IAE5B,aAAa,EAAE,MAAM,CAAC;IAGtB,MAAM,EAAE,YAAY,GAAG,cAAc,CAAC;IAGtC,kBAAkB,EAAE,UAAU,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,UAAU,CAAC;IACf,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,EAAE,UAAU,CAAC;IACpB,iBAAiB,EAAE,UAAU,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,SAAS,CAAC;CACtB"}

package/dist/types/src/types/index.d.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import PolicyTypeEnum from '../nanotdf/enum/PolicyTypeEnum.js';
+export type InputSource = ReadableStream<Uint8Array> | Uint8Array | string | ArrayBuffer | Promise<ReadableStream<Uint8Array>>;
+type Header = {
+    magicNumberVersion: string[];
+    kas: {
+        protocol: number;
+        length: number;
+        body: string;
+    };
+    eccBindingMode: {
+        useECDSABinding: boolean;
+        ephemeralCurveName: number;
+    };
+    symmetricPayloadConfig: {
+        hasSignature: boolean;
+        signatureCurveName: number;
+        symmetricCipher: number;
+    };
+    ephemeralPublicKey: string[];
+};
+type HeaderPolicy = {
+    type: PolicyTypeEnum;
+    content: string[];
+    binding: string[];
+};
+type RemotePolicy = {
+    protocol: number;
+    length: number;
+    body: string;
+};
+export type PlainEmbeddedHeader = Header & {
+    policy: HeaderPolicy;
+};
+export type EmbeddedHeader = Header & {
+    policy: HeaderPolicy;
+};
+export type RemoteHeader = Header & {
+    policy: {
+        type: PolicyTypeEnum;
+        remotePolicy: RemotePolicy;
+        binding: string[];
+    };
+};
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/types/src/types/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/types/index.ts"],"names":[],"mappings":"AAAA,OAAO,cAAc,MAAM,mCAAmC,CAAC;AAE/D,MAAM,MAAM,WAAW,GACnB,cAAc,CAAC,UAAU,CAAC,GAC1B,UAAU,GACV,MAAM,GACN,WAAW,GACX,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC;AAExC,KAAK,MAAM,GAAG;IACZ,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,GAAG,EAAE;QACH,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,cAAc,EAAE;QACd,eAAe,EAAE,OAAO,CAAC;QACzB,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,sBAAsB,EAAE;QACtB,YAAY,EAAE,OAAO,CAAC;QACtB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,kBAAkB,EAAE,MAAM,EAAE,CAAC;CAC9B,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,IAAI,EAAE,cAAc,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG;IACzC,MAAM,EAAE,YAAY,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG;IACpC,MAAM,EAAE,YAAY,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG;IAClC,MAAM,EAAE;QACN,IAAI,EAAE,cAAc,CAAC;QACrB,YAAY,EAAE,YAAY,CAAC;QAC3B,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;CACH,CAAC"}

package/dist/types/tdf3/index.d.ts CHANGED Viewed

@@ -7,12 +7,11 @@ import { Client, Errors, TDF3Client } from './src/index.js';
 import { type KeyInfo, SplitKey, type EncryptionInformation } from './src/models/encryption-information.js';
 import { AuthProvider, type HttpMethod, HttpRequest, withHeaders } from '../src/auth/auth.js';
 import { AesGcmCipher } from './src/ciphers/aes-gcm-cipher.js';
-import * as AuthProviders from '../src/auth/providers.js';
-import { version, clientType } from '../src/version.js';
+import { NanoTDFClient, NanoTDFDatasetClient, AuthProviders, version, clientType } from '../src/nanoindex.js';
 import { Algorithms, type AlgorithmName, type AlgorithmUrn } from './src/ciphers/algorithms.js';
 import { type Chunker } from '../src/seekable.js';
 export type { AlgorithmName, AlgorithmUrn, AuthProvider, Chunker, CryptoService, DecryptResult, EncryptResult, HttpMethod, PemKeyPair, EncryptKeyMiddleware, EncryptStreamMiddleware, DecryptKeyMiddleware, DecryptStreamMiddleware, SplitStep, };
-export { AesGcmCipher, Algorithms, AuthProviders, Binary, Client, ClientConfig, DecoratedReadableStream, DecryptParams, DecryptParamsBuilder, DecryptSource, EncryptionInformation, EncryptParams, EncryptParamsBuilder, Errors, HttpRequest, KeyInfo, SplitKey, TDF3Client, clientType, createSessionKeys, withHeaders, version, };
+export { AesGcmCipher, Algorithms, AuthProviders, Binary, Client, ClientConfig, DecoratedReadableStream, DecryptParams, DecryptParamsBuilder, DecryptSource, EncryptionInformation, EncryptParams, EncryptParamsBuilder, Errors, HttpRequest, KeyInfo, NanoTDFClient, NanoTDFDatasetClient, SplitKey, TDF3Client, clientType, createSessionKeys, withHeaders, version, };
 export * as WebCryptoService from './src/crypto/index.js';
-export { type CreateOptions, type CreateZTDFOptions, type DecoratedStream, type Keys, type OpenTDFOptions, type ReadOptions, type TDFReader, OpenTDF, } from '../src/opentdf.js';
+export { type CreateNanoTDFCollectionOptions, type CreateNanoTDFOptions, type CreateOptions, type CreateZTDFOptions, type DecoratedStream, type Keys, type OpenTDFOptions, type NanoTDFCollectionWriter, type ReadOptions, type TDFReader, OpenTDF, } from '../src/opentdf.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/types/tdf3/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../tdf3/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AACzC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yCAAyC,CAAC;AAClF,OAAO,EACL,KAAK,aAAa,EAClB,oBAAoB,EACpB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,oBAAoB,EACzB,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,EACzB,KAAK,uBAAuB,EAC5B,oBAAoB,EACpB,KAAK,SAAS,EACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,KAAK,YAAY,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC7E,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,UAAU,EAChB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EACL,KAAK,OAAO,EACZ,QAAQ,EACR,KAAK,qBAAqB,EAC3B,MAAM,wCAAwC,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC9F,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,~~KAAK~~,aAAa,~~MAAM~~,~~0BAA0B~~,~~CAAC;AAC1D~~,~~OAAO~~,~~EAAE~~,OAAO,~~EAAE~~,UAAU,~~EAAE~~,MAAM,~~mBAAmB~~,CAAC;~~AACxD~~,OAAO,EAAE,UAAU,EAAE,KAAK,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAChG,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAElD,YAAY,EACV,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,OAAO,EACP,aAAa,EACb,aAAa,EACb,aAAa,EACb,UAAU,EACV,UAAU,EACV,oBAAoB,EACpB,uBAAuB,EACvB,oBAAoB,EACpB,uBAAuB,EACvB,SAAS,GACV,CAAC;AAEF,OAAO,EACL,YAAY,EACZ,UAAU,EACV,aAAa,EACb,MAAM,EACN,MAAM,EACN,YAAY,EACZ,uBAAuB,EACvB,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,MAAM,EACN,WAAW,EACX,OAAO,EACP,QAAQ,EACR,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,WAAW,EACX,OAAO,GACR,CAAC;AAEF,OAAO,KAAK,gBAAgB,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,WAAW,EAChB,KAAK,SAAS,EACd,OAAO,GACR,MAAM,mBAAmB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../tdf3/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AACzC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yCAAyC,CAAC;AAClF,OAAO,EACL,KAAK,aAAa,EAClB,oBAAoB,EACpB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,oBAAoB,EACzB,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,EACzB,KAAK,uBAAuB,EAC5B,oBAAoB,EACpB,KAAK,SAAS,EACf,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,KAAK,YAAY,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC7E,OAAO,EACL,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,UAAU,EAChB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EACL,KAAK,OAAO,EACZ,QAAQ,EACR,KAAK,qBAAqB,EAC3B,MAAM,wCAAwC,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,KAAK,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC9F,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,OAAO,EACP,UAAU,EACX,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,KAAK,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAChG,OAAO,EAAE,KAAK,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAElD,YAAY,EACV,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,OAAO,EACP,aAAa,EACb,aAAa,EACb,aAAa,EACb,UAAU,EACV,UAAU,EACV,oBAAoB,EACpB,uBAAuB,EACvB,oBAAoB,EACpB,uBAAuB,EACvB,SAAS,GACV,CAAC;AAEF,OAAO,EACL,YAAY,EACZ,UAAU,EACV,aAAa,EACb,MAAM,EACN,MAAM,EACN,YAAY,EACZ,uBAAuB,EACvB,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,qBAAqB,EACrB,aAAa,EACb,oBAAoB,EACpB,MAAM,EACN,WAAW,EACX,OAAO,EACP,aAAa,EACb,oBAAoB,EACpB,QAAQ,EACR,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,WAAW,EACX,OAAO,GACR,CAAC;AAEF,OAAO,KAAK,gBAAgB,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,KAAK,8BAA8B,EACnC,KAAK,oBAAoB,EACzB,KAAK,aAAa,EAClB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,IAAI,EACT,KAAK,cAAc,EACnB,KAAK,uBAAuB,EAC5B,KAAK,WAAW,EAChB,KAAK,SAAS,EACd,OAAO,GACR,MAAM,mBAAmB,CAAC"}

package/dist/web/src/nanoclients.js ADDED Viewed

@@ -0,0 +1,287 @@
+import { Client, NanoTDF, encrypt, decrypt, encryptDataset, getHkdfSalt, DefaultParams, } from './nanotdf/index.js';
+import { keyAgreement } from './nanotdf-crypto/index.js';
+import { PolicyBuilder } from './tdf/Policy.js';
+import { fetchECKasPubKey } from './access.js';
+import { ConfigurationError } from './errors.js';
+// Define default options
+const defaultOptions = {
+    ecdsaBinding: false,
+};
+/**
+ * NanoTDF SDK Client. Deprecated in favor of OpenTDF.
+ *
+ */
+export class NanoTDFClient extends Client {
+    /**
+     * Decrypt ciphertext
+     *
+     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
+     *
+     * @param ciphertext Ciphertext to decrypt
+     */
+    async decrypt(ciphertext) {
+        // Parse ciphertext
+        const nanotdf = NanoTDF.from(ciphertext);
+        // TODO: The version number should be fetched from the API
+        const version = '0.0.1';
+        const kasUrl = nanotdf.header.getKasRewrapUrl();
+        // Rewrap key on every request
+        const { unwrappedKey: ukey } = await this.rewrapKey(nanotdf.header.toBuffer(), kasUrl, nanotdf.header.magicNumberVersion, version);
+        if (!ukey) {
+            throw new Error('internal: key rewrap failure');
+        }
+        // Return decrypt promise
+        return decrypt(ukey, nanotdf);
+    }
+    /**
+     * Decrypt ciphertext of the legacy TDF, with the older, smaller i.v. calculation.
+     *
+     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
+     *
+     * @param ciphertext Ciphertext to decrypt
+     */
+    async decryptLegacyTDF(ciphertext) {
+        // Parse ciphertext
+        const nanotdf = NanoTDF.from(ciphertext, undefined, true);
+        const legacyVersion = '0.0.0';
+        // Rewrap key on every request
+        const { unwrappedKey: key } = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, legacyVersion);
+        if (!key) {
+            throw new Error('internal: failed unwrap');
+        }
+        // Return decrypt promise
+        return decrypt(key, nanotdf);
+    }
+    /**
+     * Encrypts the given data using the NanoTDF encryption scheme.
+     *
+     * @param data The data to be encrypted.
+     * @param options The encryption options (currently unused).
+     * @returns A promise that resolves to the encrypted data as an ArrayBuffer.
+     * @throws If the initialization vector is not a number.
+     */
+    async encrypt(data, options) {
+        // For encrypt always generate the client ephemeralKeyPair
+        const ephemeralKeyPair = await this.ephemeralKeyPair;
+        const initializationVector = this.iv;
+        if (typeof initializationVector !== 'number') {
+            throw new ConfigurationError('NanoTDF clients are single use. Please generate a new client and keypair.');
+        }
+        delete this.iv;
+        if (!this.kasPubKey) {
+            this.kasPubKey = await fetchECKasPubKey(this.kasUrl);
+        }
+        // Create a policy for the tdf
+        const policy = new PolicyBuilder();
+        // Add data attributes.
+        for (const dataAttribute of this.dataAttributes) {
+            const attribute = {
+                attribute: dataAttribute,
+                pubKey: this.kasPubKey.publicKey,
+                kasUrl: this.kasUrl,
+            };
+            policy.addAttribute(attribute);
+        }
+        if (this.dissems.length == 0 && this.dataAttributes.length == 0) {
+            console.warn('This policy has an empty attributes list and an empty dissemination list. This will allow any entity with a valid Entity Object to access this TDF.');
+        }
+        // Encrypt the policy.
+        const policyObjectAsStr = policy.toJSON();
+        // IV is always '1', since the new keypair is generated on encrypt
+        // using the same key is fine.
+        const lengthAsUint32 = new Uint32Array(1);
+        lengthAsUint32[0] = initializationVector;
+        const lengthAsUint24 = new Uint8Array(lengthAsUint32.buffer);
+        // NOTE: We are only interested in only first 3 bytes.
+        const payloadIV = new Uint8Array(12).fill(0);
+        payloadIV[9] = lengthAsUint24[2];
+        payloadIV[10] = lengthAsUint24[1];
+        payloadIV[11] = lengthAsUint24[0];
+        const mergedOptions = { ...defaultOptions, ...options };
+        return encrypt(policyObjectAsStr, this.kasPubKey, ephemeralKeyPair, payloadIV, data, mergedOptions.ecdsaBinding);
+    }
+}
+/**
+ * NanoTDF Dataset SDK Client
+ *
+ *
+ * @example
+ * ```
+ * import { clientSecretAuthProvider, NanoTDFDatasetClient } from '@opentdf/sdk';
+ *
+ * const OIDC_ENDPOINT = 'http://localhost:65432/auth/realms/opentdf';
+ * const KAS_URL = 'http://localhost:65432/api/kas/';
+ *
+ * const ciphertext = '...';
+ * const client = new NanoTDFDatasetClient({
+ *   authProvider: await clientSecretAuthProvider({
+ *     clientId: 'tdf-client',
+ *     clientSecret: '123-456',
+ *     exchange: 'client',
+ *     oidcOrigin: OIDC_ENDPOINT,
+ *   }),
+ *   kasEndpoint: KAS_URL,
+ * });
+ * const plaintext = client.decrypt(ciphertext);
+ * console.log('Plaintext', plaintext);
+ * ```
+ */
+export class NanoTDFDatasetClient extends Client {
+    /**
+     * Create new NanoTDF Dataset Client
+     *
+     * The Ephemeral Key Pair can either be provided or will be generate when fetching the entity object. Once set it
+     * cannot be changed. If a new ephemeral key is desired it a new client should be initialized.
+     * There is no performance impact for creating a new client IFF the ephemeral key pair is provided.
+     *
+     * @param clientConfig OIDC client credentials
+     * @param kasUrl Key access service URL
+     * @param ephemeralKeyPair (optional) ephemeral key pair to use
+     * @param maxKeyIterations Max iteration to performe without a key rotation
+     */
+    constructor(opts) {
+        if (opts.maxKeyIterations &&
+            opts.maxKeyIterations > NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS) {
+            throw new ConfigurationError(`key iteration exceeds max iterations(${NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS})`);
+        }
+        super(opts);
+        this.maxKeyIteration = opts.maxKeyIterations || NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS;
+        this.keyIterationCount = 0;
+    }
+    /**
+     * Encrypt data
+     *
+     * Pass a string, TypedArray, or ArrayBuffer data and get a promise which resolves ciphertext
+     *
+     * @param data to decrypt
+     */
+    async encrypt(data, options) {
+        // Intial encrypt
+        if (this.keyIterationCount == 0) {
+            const mergedOptions = { ...defaultOptions, ...options };
+            this.ecdsaBinding = mergedOptions.ecdsaBinding;
+            // For encrypt always generate the client ephemeralKeyPair
+            const ephemeralKeyPair = await this.ephemeralKeyPair;
+            if (!this.kasPubKey) {
+                this.kasPubKey = await fetchECKasPubKey(this.kasUrl);
+            }
+            // Create a policy for the tdf
+            const policy = new PolicyBuilder();
+            // Add data attributes.
+            for (const dataAttribute of this.dataAttributes) {
+                const attribute = {
+                    attribute: dataAttribute,
+                    kasPubKey: this.kasPubKey.publicKey,
+                    kasUrl: this.kasUrl,
+                };
+                policy.addAttribute(attribute);
+            }
+            if (this.dissems.length == 0 || this.dataAttributes.length == 0) {
+                console.warn('This policy has an empty attributes list and an empty dissemination list. This will allow any entity with a valid Entity Object to access this TDF.');
+            }
+            // Encrypt the policy.
+            const policyObjectAsStr = policy.toJSON();
+            const ivVector = this.generateIV();
+            // Generate a symmetric key.
+            this.symmetricKey = await keyAgreement(ephemeralKeyPair.privateKey, await this.kasPubKey.key, await getHkdfSalt(DefaultParams.magicNumberVersion));
+            const nanoTDFBuffer = await encrypt(policyObjectAsStr, this.kasPubKey, ephemeralKeyPair, ivVector, data, this.ecdsaBinding);
+            // Cache the header and increment the key iteration
+            if (!this.cachedHeader) {
+                const nanoTDF = NanoTDF.from(nanoTDFBuffer);
+                this.cachedHeader = nanoTDF.header;
+            }
+            this.keyIterationCount += 1;
+            return nanoTDFBuffer;
+        }
+        this.keyIterationCount += 1;
+        if (!this.cachedHeader) {
+            throw new ConfigurationError('invalid dataset client: empty nanoTDF header');
+        }
+        if (!this.symmetricKey) {
+            throw new ConfigurationError('invalid dataset client: empty dek');
+        }
+        this.keyIterationCount += 1;
+        if (this.keyIterationCount == this.maxKeyIteration) {
+            // reset the key iteration
+            this.keyIterationCount = 0;
+        }
+        const ivVector = this.generateIV();
+        return encryptDataset(this.symmetricKey, this.cachedHeader, ivVector, data);
+    }
+    /**
+     * Decrypt ciphertext
+     *
+     * Pass a base64 string, TypedArray, or ArrayBuffer ciphertext and get a promise which resolves plaintext
+     *
+     * @param ciphertext Ciphertext to decrypt
+     */
+    async decrypt(ciphertext) {
+        // Parse ciphertext
+        const nanotdf = NanoTDF.from(ciphertext);
+        if (!this.cachedEphemeralKey) {
+            // First decrypt
+            return this.rewrapAndDecrypt(nanotdf);
+        }
+        // Other encrypts
+        if (this.cachedEphemeralKey.toString() == nanotdf.header.ephemeralPublicKey.toString()) {
+            const ukey = this.unwrappedKey;
+            if (!ukey) {
+                // These should have thrown already.
+                throw new Error('internal: key rewrap failure');
+            }
+            // Return decrypt promise
+            return decrypt(ukey, nanotdf);
+        }
+        else {
+            return this.rewrapAndDecrypt(nanotdf);
+        }
+    }
+    async rewrapAndDecrypt(nanotdf) {
+        // TODO: The version number should be fetched from the API
+        const version = '0.0.1';
+        // Rewrap key on every request
+        const { unwrappedKey: ukey } = await this.rewrapKey(nanotdf.header.toBuffer(), nanotdf.header.getKasRewrapUrl(), nanotdf.header.magicNumberVersion, version);
+        if (!ukey) {
+            // These should have thrown already.
+            throw new Error('internal: key rewrap failure');
+        }
+        this.cachedEphemeralKey = nanotdf.header.ephemeralPublicKey;
+        this.unwrappedKey = ukey;
+        // Return decrypt promise
+        return decrypt(ukey, nanotdf);
+    }
+    generateIV() {
+        const iv = this.iv;
+        if (iv === undefined) {
+            // iv has passed the maximum iteration count for this dek
+            throw new ConfigurationError('dataset full');
+        }
+        // assert iv ∈ ℤ ∩ (0, 2^24)
+        if (!Number.isInteger(iv) || iv <= 0 || 0xff_ffff < iv) {
+            // Something has fiddled with the iv outside of the expected behavior
+            // could indicate a race condition, e.g. if two workers or handlers are
+            // processing the file at once, for example.
+            throw new Error('internal: invalid state');
+        }
+        const lengthAsUint32 = new Uint32Array(1);
+        lengthAsUint32[0] = iv;
+        const lengthAsUint24 = new Uint8Array(lengthAsUint32.buffer);
+        // NOTE: We are only interested in only first 3 bytes.
+        const ivVector = new Uint8Array(Client.IV_SIZE).fill(0);
+        ivVector[9] = lengthAsUint24[2];
+        ivVector[10] = lengthAsUint24[1];
+        ivVector[11] = lengthAsUint24[0];
+        // Increment the IV
+        if (iv == 0xff_ffff) {
+            delete this.iv;
+        }
+        else {
+            this.iv = iv + 1;
+        }
+        return ivVector;
+    }
+}
+// Total unique IVs(2^24 -1) used for encrypting the nano tdf payloads
+// IV starts from 1 since the 0 IV is reserved for policy encryption
+NanoTDFDatasetClient.NTDF_MAX_KEY_ITERATIONS = 8388606;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmFub2NsaWVudHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvbmFub2NsaWVudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUNMLE1BQU0sRUFDTixPQUFPLEVBRVAsT0FBTyxFQUNQLE9BQU8sRUFDUCxjQUFjLEVBQ2QsV0FBVyxFQUNYLGFBQWEsR0FDZCxNQUFNLG9CQUFvQixDQUFDO0FBQzVCLE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUN6RCxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDaEQsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBRS9DLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQVFqRCx5QkFBeUI7QUFDekIsTUFBTSxjQUFjLEdBQW1CO0lBQ3JDLFlBQVksRUFBRSxLQUFLO0NBQ3BCLENBQUM7QUFFRjs7O0dBR0c7QUFDSCxNQUFNLE9BQU8sYUFBYyxTQUFRLE1BQU07SUFDdkM7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxVQUFvQztRQUNoRCxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUV6QywwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3hCLE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLENBQUM7UUFFaEQsOEJBQThCO1FBQzlCLE1BQU0sRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLEdBQUcsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUNqRCxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxFQUN6QixNQUFNLEVBQ04sT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsRUFDakMsT0FBTyxDQUNSLENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDVixNQUFNLElBQUksS0FBSyxDQUFDLDhCQUE4QixDQUFDLENBQUM7UUFDbEQsQ0FBQztRQUNELHlCQUF5QjtRQUN6QixPQUFPLE9BQU8sQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDaEMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFvQztRQUN6RCxtQkFBbUI7UUFDbkIsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxDQUFDO1FBRTFELE1BQU0sYUFBYSxHQUFHLE9BQU8sQ0FBQztRQUM5Qiw4QkFBOEI7UUFDOUIsTUFBTSxFQUFFLFlBQVksRUFBRSxHQUFHLEVBQUUsR0FBRyxNQUFNLElBQUksQ0FBQyxTQUFTLENBQ2hELE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLEVBQ3pCLE9BQU8sQ0FBQyxNQUFNLENBQUMsZUFBZSxFQUFFLEVBQ2hDLE9BQU8sQ0FBQyxNQUFNLENBQUMsa0JBQWtCLEVBQ2pDLGFBQWEsQ0FDZCxDQUFDO1FBRUYsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO1FBQzdDLENBQUM7UUFDRCx5QkFBeUI7UUFDekIsT0FBTyxPQUFPLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQy9CLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUE4QixFQUFFLE9BQXdCO1FBQ3BFLDBEQUEwRDtRQUMxRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sSUFBSSxDQUFDLGdCQUFnQixDQUFDO1FBQ3JELE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUVyQyxJQUFJLE9BQU8sb0JBQW9CLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDN0MsTUFBTSxJQUFJLGtCQUFrQixDQUMxQiwyRUFBMkUsQ0FDNUUsQ0FBQztRQUNKLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFZixJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3BCLElBQUksQ0FBQyxTQUFTLEdBQUcsTUFBTSxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdkQsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixNQUFNLE1BQU0sR0FBRyxJQUFJLGFBQWEsRUFBRSxDQUFDO1FBRW5DLHVCQUF1QjtRQUN2QixLQUFLLE1BQU0sYUFBYSxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztZQUNoRCxNQUFNLFNBQVMsR0FBb0I7Z0JBQ2pDLFNBQVMsRUFBRSxhQUFhO2dCQUN4QixNQUFNLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTO2dCQUNoQyxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU07YUFDcEIsQ0FBQztZQUNGLE1BQU0sQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDakMsQ0FBQztRQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sQ0FBQyxJQUFJLENBQ1YscUpBQXFKLENBQ3RKLENBQUM7UUFDSixDQUFDO1FBRUQsc0JBQXNCO1FBQ3RCLE1BQU0saUJBQWlCLEdBQUcsTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBRTFDLGtFQUFrRTtRQUNsRSw4QkFBOEI7UUFDOUIsTUFBTSxjQUFjLEdBQUcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDMUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxHQUFHLG9CQUFvQixDQUFDO1FBRXpDLE1BQU0sY0FBYyxHQUFHLElBQUksVUFBVSxDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUU3RCxzREFBc0Q7UUFDdEQsTUFBTSxTQUFTLEdBQUcsSUFBSSxVQUFVLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzdDLFNBQVMsQ0FBQyxDQUFDLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakMsU0FBUyxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNsQyxTQUFTLENBQUMsRUFBRSxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWxDLE1BQU0sYUFBYSxHQUFtQixFQUFFLEdBQUcsY0FBYyxFQUFFLEdBQUcsT0FBTyxFQUFFLENBQUM7UUFDeEUsT0FBTyxPQUFPLENBQ1osaUJBQWlCLEVBQ2pCLElBQUksQ0FBQyxTQUFTLEVBQ2QsZ0JBQWdCLEVBQ2hCLFNBQVMsRUFDVCxJQUFJLEVBQ0osYUFBYSxDQUFDLFlBQVksQ0FDM0IsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQU1EOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0F3Qkc7QUFDSCxNQUFNLE9BQU8sb0JBQXFCLFNBQVEsTUFBTTtJQWE5Qzs7Ozs7Ozs7Ozs7T0FXRztJQUNILFlBQVksSUFBbUI7UUFDN0IsSUFDRSxJQUFJLENBQUMsZ0JBQWdCO1lBQ3JCLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxvQkFBb0IsQ0FBQyx1QkFBdUIsRUFDcEUsQ0FBQztZQUNELE1BQU0sSUFBSSxrQkFBa0IsQ0FDMUIsd0NBQXdDLG9CQUFvQixDQUFDLHVCQUF1QixHQUFHLENBQ3hGLENBQUM7UUFDSixDQUFDO1FBQ0QsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRVosSUFBSSxDQUFDLGVBQWUsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLElBQUksb0JBQW9CLENBQUMsdUJBQXVCLENBQUM7UUFDN0YsSUFBSSxDQUFDLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUM3QixDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUE4QixFQUFFLE9BQXdCO1FBQ3BFLGlCQUFpQjtRQUNqQixJQUFJLElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUNoQyxNQUFNLGFBQWEsR0FBbUIsRUFBRSxHQUFHLGNBQWMsRUFBRSxHQUFHLE9BQU8sRUFBRSxDQUFDO1lBQ3hFLElBQUksQ0FBQyxZQUFZLEdBQUcsYUFBYSxDQUFDLFlBQVksQ0FBQztZQUMvQywwREFBMEQ7WUFDMUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQztZQUVyRCxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO2dCQUNwQixJQUFJLENBQUMsU0FBUyxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ3ZELENBQUM7WUFFRCw4QkFBOEI7WUFDOUIsTUFBTSxNQUFNLEdBQUcsSUFBSSxhQUFhLEVBQUUsQ0FBQztZQUVuQyx1QkFBdUI7WUFDdkIsS0FBSyxNQUFNLGFBQWEsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ2hELE1BQU0sU0FBUyxHQUFHO29CQUNoQixTQUFTLEVBQUUsYUFBYTtvQkFDeEIsU0FBUyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUztvQkFDbkMsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2lCQUNwQixDQUFDO2dCQUNGLE1BQU0sQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDLENBQUM7WUFDakMsQ0FBQztZQUVELElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUNoRSxPQUFPLENBQUMsSUFBSSxDQUNWLHFKQUFxSixDQUN0SixDQUFDO1lBQ0osQ0FBQztZQUVELHNCQUFzQjtZQUN0QixNQUFNLGlCQUFpQixHQUFHLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUUxQyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFFbkMsNEJBQTRCO1lBQzVCLElBQUksQ0FBQyxZQUFZLEdBQUcsTUFBTSxZQUFZLENBQ3BDLGdCQUFnQixDQUFDLFVBQVUsRUFDM0IsTUFBTSxJQUFJLENBQUMsU0FBUyxDQUFDLEdBQUcsRUFDeEIsTUFBTSxXQUFXLENBQUMsYUFBYSxDQUFDLGtCQUFrQixDQUFDLENBQ3BELENBQUM7WUFFRixNQUFNLGFBQWEsR0FBRyxNQUFNLE9BQU8sQ0FDakMsaUJBQWlCLEVBQ2pCLElBQUksQ0FBQyxTQUFTLEVBQ2QsZ0JBQWdCLEVBQ2hCLFFBQVEsRUFDUixJQUFJLEVBQ0osSUFBSSxDQUFDLFlBQVksQ0FDbEIsQ0FBQztZQUVGLG1EQUFtRDtZQUNuRCxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO2dCQUN2QixNQUFNLE9BQU8sR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO2dCQUM1QyxJQUFJLENBQUMsWUFBWSxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUM7WUFDckMsQ0FBQztZQUVELElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUM7WUFFNUIsT0FBTyxhQUFhLENBQUM7UUFDdkIsQ0FBQztRQUVELElBQUksQ0FBQyxpQkFBaUIsSUFBSSxDQUFDLENBQUM7UUFFNUIsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN2QixNQUFNLElBQUksa0JBQWtCLENBQUMsOENBQThDLENBQUMsQ0FBQztRQUMvRSxDQUFDO1FBQ0QsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUN2QixNQUFNLElBQUksa0JBQWtCLENBQUMsbUNBQW1DLENBQUMsQ0FBQztRQUNwRSxDQUFDO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixJQUFJLENBQUMsQ0FBQztRQUM1QixJQUFJLElBQUksQ0FBQyxpQkFBaUIsSUFBSSxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDbkQsMEJBQTBCO1lBQzFCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDN0IsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUVuQyxPQUFPLGNBQWMsQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQzlFLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLFVBQW9DO1FBQ2hELG1CQUFtQjtRQUNuQixNQUFNLE9BQU8sR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXpDLElBQUksQ0FBQyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztZQUM3QixnQkFBZ0I7WUFDaEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDeEMsQ0FBQztRQUVELGlCQUFpQjtRQUNqQixJQUFJLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsRUFBRSxFQUFFLENBQUM7WUFDdkYsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQztZQUMvQixJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQ1Ysb0NBQW9DO2dCQUNwQyxNQUFNLElBQUksS0FBSyxDQUFDLDhCQUE4QixDQUFDLENBQUM7WUFDbEQsQ0FBQztZQUNELHlCQUF5QjtZQUN6QixPQUFPLE9BQU8sQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDaEMsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN4QyxDQUFDO0lBQ0gsQ0FBQztJQUVELEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFnQjtRQUNyQywwREFBMEQ7UUFDMUQsTUFBTSxPQUFPLEdBQUcsT0FBTyxDQUFDO1FBQ3hCLDhCQUE4QjtRQUM5QixNQUFNLEVBQUUsWUFBWSxFQUFFLElBQUksRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsQ0FDakQsT0FBTyxDQUFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsRUFDekIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxlQUFlLEVBQUUsRUFDaEMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsRUFDakMsT0FBTyxDQUNSLENBQUM7UUFDRixJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDVixvQ0FBb0M7WUFDcEMsTUFBTSxJQUFJLEtBQUssQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO1FBQ2xELENBQUM7UUFFRCxJQUFJLENBQUMsa0JBQWtCLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQztRQUM1RCxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksQ0FBQztRQUV6Qix5QkFBeUI7UUFDekIsT0FBTyxPQUFPLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRCxVQUFVO1FBQ1IsTUFBTSxFQUFFLEdBQUcsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUNuQixJQUFJLEVBQUUsS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUNyQix5REFBeUQ7WUFDekQsTUFBTSxJQUFJLGtCQUFrQixDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBQy9DLENBQUM7UUFDRCw0QkFBNEI7UUFDNUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxTQUFTLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdkQscUVBQXFFO1lBQ3JFLHVFQUF1RTtZQUN2RSw0Q0FBNEM7WUFDNUMsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO1FBQzdDLENBQUM7UUFFRCxNQUFNLGNBQWMsR0FBRyxJQUFJLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUMxQyxjQUFjLENBQUMsQ0FBQyxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBRXZCLE1BQU0sY0FBYyxHQUFHLElBQUksVUFBVSxDQUFDLGNBQWMsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUU3RCxzREFBc0Q7UUFDdEQsTUFBTSxRQUFRLEdBQUcsSUFBSSxVQUFVLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUN4RCxRQUFRLENBQUMsQ0FBQyxDQUFDLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2hDLFFBQVEsQ0FBQyxFQUFFLENBQUMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxHQUFHLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVqQyxtQkFBbUI7UUFDbkIsSUFBSSxFQUFFLElBQUksU0FBUyxFQUFFLENBQUM7WUFDcEIsT0FBTyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBQ2pCLENBQUM7YUFBTSxDQUFDO1lBQ04sSUFBSSxDQUFDLEVBQUUsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBQ25CLENBQUM7UUFFRCxPQUFPLFFBQVEsQ0FBQztJQUNsQixDQUFDOztBQXRORCxzRUFBc0U7QUFDdEUsb0VBQW9FO0FBQ3BELDRDQUF1QixHQUFHLE9BQU8sQ0FBQyJ9

package/dist/web/src/nanoindex.js ADDED Viewed

@@ -0,0 +1,5 @@
+export * as AuthProviders from './auth/providers.js';
+export { attributeFQNsAsValues } from './policy/api.js';
+export * from './nanoclients.js';
+export { version, clientType } from './version.js';
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmFub2luZGV4LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL25hbm9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssYUFBYSxNQUFNLHFCQUFxQixDQUFDO0FBQ3JELE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3hELGNBQWMsa0JBQWtCLENBQUM7QUFDakMsT0FBTyxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxjQUFjLENBQUMifQ==