@techbulls/encrypted-s3-store 1.0.0 → 1.0.2

package/LICENSE.md

@@ -1,201 +1,21 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-1.  Definitions.
-
-    "License" shall mean the terms and conditions for use, reproduction,
-    and distribution as defined by Sections 1 through 9 of this document.
-
-    "Licensor" shall mean the copyright owner or entity authorized by
-    the copyright owner that is granting the License.
-
-    "Legal Entity" shall mean the union of the acting entity and all
-    other entities that control, are controlled by, or are under common
-    control with that entity. For the purposes of this definition,
-    "control" means (i) the power, direct or indirect, to cause the
-    direction or management of such entity, whether by contract or
-    otherwise, or (ii) ownership of fifty percent (50%) or more of the
-    outstanding shares, or (iii) beneficial ownership of such entity.
-
-    "You" (or "Your") shall mean an individual or Legal Entity
-    exercising permissions granted by this License.
-
-    "Source" form shall mean the preferred form for making modifications,
-    including but not limited to software source code, documentation
-    source, and configuration files.
-
-    "Object" form shall mean any form resulting from mechanical
-    transformation or translation of a Source form, including but
-    not limited to compiled object code, generated documentation,
-    and conversions to other media types.
-
-    "Work" shall mean the work of authorship, whether in Source or
-    Object form, made available under the License, as indicated by a
-    copyright notice that is included in or attached to the work
-    (an example is provided in the Appendix below).
-
-    "Derivative Works" shall mean any work, whether in Source or Object
-    form, that is based on (or derived from) the Work and for which the
-    editorial revisions, annotations, elaborations, or other modifications
-    represent, as a whole, an original work of authorship. For the purposes
-    of this License, Derivative Works shall not include works that remain
-    separable from, or merely link (or bind by name) to the interfaces of,
-    the Work and Derivative Works thereof.
-
-    "Contribution" shall mean any work of authorship, including
-    the original version of the Work and any modifications or additions
-    to that Work or Derivative Works thereof, that is intentionally
-    submitted to Licensor for inclusion in the Work by the copyright owner
-    or by an individual or Legal Entity authorized to submit on behalf of
-    the copyright owner. For the purposes of this definition, "submitted"
-    means any form of electronic, verbal, or written communication sent
-    to the Licensor or its representatives, including but not limited to
-    communication on electronic mailing lists, source code control systems,
-    and issue tracking systems that are managed by, or on behalf of, the
-    Licensor for the purpose of discussing and improving the Work, but
-    excluding communication that is conspicuously marked or otherwise
-    designated in writing by the copyright owner as "Not a Contribution."
-
-    "Contributor" shall mean Licensor and any individual or Legal Entity
-    on behalf of whom a Contribution has been received by Licensor and
-    subsequently incorporated within the Work.
-
-2.  Grant of Copyright License. Subject to the terms and conditions of
-    this License, each Contributor hereby grants to You a perpetual,
-    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-    copyright license to reproduce, prepare Derivative Works of,
-    publicly display, publicly perform, sublicense, and distribute the
-    Work and such Derivative Works in Source or Object form.
-
-3.  Grant of Patent License. Subject to the terms and conditions of
-    this License, each Contributor hereby grants to You a perpetual,
-    worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-    (except as stated in this section) patent license to make, have made,
-    use, offer to sell, sell, import, and otherwise transfer the Work,
-    where such license applies only to those patent claims licensable
-    by such Contributor that are necessarily infringed by their
-    Contribution(s) alone or by combination of their Contribution(s)
-    with the Work to which such Contribution(s) was submitted. If You
-    institute patent litigation against any entity (including a
-    cross-claim or counterclaim in a lawsuit) alleging that the Work
-    or a Contribution incorporated within the Work constitutes direct
-    or contributory patent infringement, then any patent licenses
-    granted to You under this License for that Work shall terminate
-    as of the date such litigation is filed.
-
-4.  Redistribution. You may reproduce and distribute copies of the
-    Work or Derivative Works thereof in any medium, with or without
-    modifications, and in Source or Object form, provided that You
-    meet the following conditions:
-
-    (a) You must give any other recipients of the Work or
-    Derivative Works a copy of this License; and
-
-    (b) You must cause any modified files to carry prominent notices
-    stating that You changed the files; and
-
-    (c) You must retain, in the Source form of any Derivative Works
-    that You distribute, all copyright, patent, trademark, and
-    attribution notices from the Source form of the Work,
-    excluding those notices that do not pertain to any part of
-    the Derivative Works; and
-
-    (d) If the Work includes a "NOTICE" text file as part of its
-    distribution, then any Derivative Works that You distribute must
-    include a readable copy of the attribution notices contained
-    within such NOTICE file, excluding those notices that do not
-    pertain to any part of the Derivative Works, in at least one
-    of the following places: within a NOTICE text file distributed
-    as part of the Derivative Works; within the Source form or
-    documentation, if provided along with the Derivative Works; or,
-    within a display generated by the Derivative Works, if and
-    wherever such third-party notices normally appear. The contents
-    of the NOTICE file are for informational purposes only and
-    do not modify the License. You may add Your own attribution
-    notices within Derivative Works that You distribute, alongside
-    or as an addendum to the NOTICE text from the Work, provided
-    that such additional attribution notices cannot be construed
-    as modifying the License.
-
-    You may add Your own copyright statement to Your modifications and
-    may provide additional or different license terms and conditions
-    for use, reproduction, or distribution of Your modifications, or
-    for any such Derivative Works as a whole, provided Your use,
-    reproduction, and distribution of the Work otherwise complies with
-    the conditions stated in this License.
-
-5.  Submission of Contributions. Unless You explicitly state otherwise,
-    any Contribution intentionally submitted for inclusion in the Work
-    by You to the Licensor shall be under the terms and conditions of
-    this License, without any additional terms or conditions.
-    Notwithstanding the above, nothing herein shall supersede or modify
-    the terms of any separate license agreement you may have executed
-    with Licensor regarding such Contributions.
-
-6.  Trademarks. This License does not grant permission to use the trade
-    names, trademarks, service marks, or product names of the Licensor,
-    except as required for reasonable and customary use in describing the
-    origin of the Work and reproducing the content of the NOTICE file.
-
-7.  Disclaimer of Warranty. Unless required by applicable law or
-    agreed to in writing, Licensor provides the Work (and each
-    Contributor provides its Contributions) on an "AS IS" BASIS,
-    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-    implied, including, without limitation, any warranties or conditions
-    of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-    PARTICULAR PURPOSE. You are solely responsible for determining the
-    appropriateness of using or redistributing the Work and assume any
-    risks associated with Your exercise of permissions under this License.
-
-8.  Limitation of Liability. In no event and under no legal theory,
-    whether in tort (including negligence), contract, or otherwise,
-    unless required by applicable law (such as deliberate and grossly
-    negligent acts) or agreed to in writing, shall any Contributor be
-    liable to You for damages, including any direct, indirect, special,
-    incidental, or consequential damages of any character arising as a
-    result of this License or out of the use or inability to use the
-    Work (including but not limited to damages for loss of goodwill,
-    work stoppage, computer failure or malfunction, or any and all
-    other commercial damages or losses), even if such Contributor
-    has been advised of the possibility of such damages.
-
-9.  Accepting Warranty or Additional Liability. While redistributing
-    the Work or Derivative Works thereof, You may choose to offer,
-    and charge a fee for, acceptance of support, warranty, indemnity,
-    or other liability obligations and/or rights consistent with this
-    License. However, in accepting such obligations, You may act only
-    on Your own behalf and on Your sole responsibility, not on behalf
-    of any other Contributor, and only if You agree to indemnify,
-    defend, and hold each Contributor harmless for any liability
-    incurred by, or claims asserted against, such Contributor by reason
-    of your accepting any such warranty or additional liability.
-
-END OF TERMS AND CONDITIONS
-
-APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-Copyright [yyyy] [name of copyright owner]
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+MIT License
+
+Copyright (c) Techbulls softtech Pvt. Ltd.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/client.d.ts

@@ -8,8 +8,6 @@
 import { S3Client } from '@aws-sdk/client-s3';
 import { IDownload, IUpload, ModeType } from './types.js';
 import { Readable } from 'node:stream';
-/** Re-export all AWS S3 SDK exports for convenience */
-export * from '@aws-sdk/client-s3';
 /**
  * S3 client wrapper with transparent end-to-end encryption support.
  *
@@ -144,4 +142,3 @@ export declare class S3ObjectStore {
         Metadata: Record<string, string> | undefined;
     }>;
 }
-//# sourceMappingURL=client.d.ts.map

package/dist/client.js

@@ -9,8 +9,6 @@ import { GetObjectCommand, PutObjectCommand } from '@aws-sdk/client-s3';
 import { deriveKey } from './utils.js';
 import { createCipheriv, createDecipheriv, randomBytes } from 'node:crypto';
 import { Readable } from 'node:stream';
-/** Re-export all AWS S3 SDK exports for convenience */
-export * from '@aws-sdk/client-s3';
 /**
  * S3 client wrapper with transparent end-to-end encryption support.
  *
@@ -248,4 +246,3 @@ export class S3ObjectStore {
         };
     }
 }
-//# sourceMappingURL=client.js.map

package/dist/index.d.ts

@@ -24,4 +24,3 @@
  */
 export * from './client.js';
 export * from './types.js';
-//# sourceMappingURL=index.d.ts.map

package/dist/index.js

@@ -24,4 +24,3 @@
  */
 export * from './client.js';
 export * from './types.js';
-//# sourceMappingURL=index.js.map

package/dist/types.d.ts

@@ -53,4 +53,3 @@ export interface IUpload extends PutObjectCommandInput {
 export interface IDownload extends GetObjectCommandInput {
     mode?: ModeType;
 }
-//# sourceMappingURL=types.d.ts.map

package/dist/types.js

@@ -6,4 +6,3 @@
  * @license Apache-2.0
  */
 export {};
-//# sourceMappingURL=types.js.map

package/dist/utils.d.ts

@@ -25,4 +25,3 @@
  * @see https://nodejs.org/api/crypto.html#cryptoscryptpassword-salt-keylen-options-callback
  */
 export declare const deriveKey: (key: string, salt: Buffer) => Promise<Buffer>;
-//# sourceMappingURL=utils.d.ts.map

package/dist/utils.js

@@ -51,4 +51,3 @@ export const deriveKey = async (key, salt) => {
     });
     return derivedKey;
 };
-//# sourceMappingURL=utils.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@techbulls/encrypted-s3-store",
-  "version": "1.0.0",
+  "version": "1.0.2",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -21,12 +21,11 @@
   },
   "keywords": [],
   "author": "Aditya Chaphekar <aditya.chaphekar@techbulls.com>",
-  "license": "Apache-2.0",
-  "licenses": [
-    {
-      "type": "Apache-2.0",
-      "url": "http://www.apache.org/licenses/LICENSE-2.0"
-    }
+  "license": "MIT",
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE.md"
   ],
   "packageManager": "pnpm@10.19.0",
   "devDependencies": {

package/.prettierignore

@@ -1,3 +0,0 @@
-dist
-node_modules
-pnpm-lock.yaml

package/.prettierrc

@@ -1,7 +0,0 @@
-{
-  "semi": true,
-  "singleQuote": true,
-  "tabWidth": 2,
-  "trailingComma": "es5",
-  "printWidth": 100
-}

package/dist/client.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAsC,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAElF,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,uDAAuD;AACvD,cAAc,oBAAoB,CAAC;AAEnC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,aAAa;IACxB,2EAA2E;IAC3E,IAAI,EAAE,QAAQ,CAAC;IAEf,oEAAoE;IACpE,GAAG,EAAE,MAAM,CAAC;IAEZ,sEAAsE;IACtE,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,4EAA4E;IAC5E,SAAS,SAAiB;IAE1B,6DAA6D;IAC7D,MAAM,EAAE,QAAQ,CAAC;IAEjB;;;;;;;;;;;;;;;;;;;OAmBG;gBACS,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,QAAQ;IAW3D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2CG;IACG,MAAM,CAAC,KAAK,EAAE,OAAO;IAwE3B;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,QAAQ,CAAC,KAAK,EAAE,SAAS;;;;;;CAiEhC"}

package/dist/client.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAY,MAAM,oBAAoB,CAAC;AAGlF,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC5E,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,uDAAuD;AACvD,cAAc,oBAAoB,CAAC;AAEnC;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,OAAO,aAAa;IAgBxB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,YAAY,MAAgB,EAAE,GAAY,EAAE,IAAe;QA1B3D,4EAA4E;QAC5E,cAAS,GAAG,aAAa,CAAC;QA0BxB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;QACpD,IAAI,CAAC,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,IAAI,gBAAgB,CAAW,CAAC;QAE/C,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,SAAS,CAAC;IAChC,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2CG;IACH,KAAK,CAAC,MAAM,CAAC,KAAc;QACzB,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED,4EAA4E;QAC5E,MAAM,IAAI,GACR,KAAK,EAAE,IAAI,KAAK,SAAS,IAAI,KAAK,EAAE,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAEtF,kDAAkD;QAClD,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CACrB,IAAI,gBAAgB,CAAC;gBACnB,GAAG,KAAK;gBACR,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM;aACpC,CAAC,CACH,CAAC;QACJ,CAAC;QAED,kDAAkD;QAElD,iDAAiD;QACjD,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC3B,mEAAmE;QACnE,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAE7B,iFAAiF;QACjF,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAElD,gCAAgC;QAChC,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QAE5D,kDAAkD;QAClD,IAAI,IAAY,CAAC;QACjB,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACzC,CAAC;aAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;QACpB,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,YAAY,UAAU,EAAE,CAAC;YAC5C,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACzF,CAAC;QAED,uBAAuB;QACvB,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAE3E,+EAA+E;QAC/E,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,kFAAkF;QAClF,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CACrB,IAAI,gBAAgB,CAAC;YACnB,GAAG,KAAK;YACR,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM;YACnC,IAAI,EAAE,aAAa;YACnB,aAAa,EAAE,aAAa,CAAC,MAAM;YACnC,QAAQ,EAAE;gBACR,GAAG,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;gBACzB,qCAAqC;gBACrC,UAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACjC,uCAAuC;gBACvC,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACrC,+CAA+C;gBAC/C,gBAAgB,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBAC5C,mDAAmD;gBACnD,kBAAkB,EAAE,aAAa;aAClC;SACF,CAAC,CACH,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,KAAK,CAAC,QAAQ,CAAC,KAAgB;QAC7B,+BAA+B;QAC/B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACrC,IAAI,gBAAgB,CAAC,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,CACxE,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QAED,4EAA4E;QAC5E,MAAM,IAAI,GACR,KAAK,EAAE,IAAI,KAAK,SAAS,IAAI,KAAK,EAAE,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAEtF,oDAAoD;QACpD,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3B,OAAO;gBACL,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAA2B,CAAC;gBACzD,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC5B,CAAC;QACJ,CAAC;QAED,yCAAyC;QAEzC,iDAAiD;QACjD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC;QACzC,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;QACtC,MAAM,UAAU,GAAG,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,aAAa,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,QAAQ,CAAC,kBAAkB,CAAC,CAAC;QAEhD,mEAAmE;QACnE,IAAI,CAAC,QAAQ,IAAI,CAAC,UAAU,IAAI,CAAC,aAAa,IAAI,UAAU,KAAK,aAAa,EAAE,CAAC;YAC/E,OAAO;gBACL,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,IAA2B,CAAC;gBACzD,WAAW,EAAE,QAAQ,CAAC,WAAW;gBACjC,aAAa,EAAE,QAAQ,CAAC,aAAa;gBACrC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC5B,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QAErD,2EAA2E;QAC3E,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAElD,iEAAiE;QACjE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;QAChE,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,6EAA6E;QAC7E,MAAM,eAAe,GAAI,QAAQ,CAAC,IAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAE9E,OAAO;YACL,IAAI,EAAE,eAAe;YACrB,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,aAAa,EAAE,QAAQ,CAAC,aAAa;YACrC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;SAC5B,CAAC;IACJ,CAAC;CACF"}

package/dist/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC"}

package/dist/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,cAAc,aAAa,CAAC;AAC5B,cAAc,YAAY,CAAC"}

package/dist/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAElF;;;;GAIG;AACH,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,aAAa,CAAC;AAEjD;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,WAAW,OAAQ,SAAQ,qBAAqB;IACpD,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,SAAU,SAAQ,qBAAqB;IACtD,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB"}

package/dist/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG"}

package/dist/utils.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAYA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,SAAS,GAAU,KAAK,MAAM,EAAE,MAAM,MAAM,KAAG,OAAO,CAAC,MAAM,CAkBzE,CAAC"}

package/dist/utils.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,MAAM,EAAiB,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,qDAAqD;AACrD,MAAM,WAAW,GAAG,SAAS,CAAyD,MAAM,CAAC,CAAC;AAE9F;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,EAAE,GAAW,EAAE,IAAY,EAAmB,EAAE;IAC5E,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,CAAC;IAED;;;;;OAKG;IACH,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE;QAClD,CAAC,EAAE,KAAK;QACR,CAAC,EAAE,CAAC;QACJ,CAAC,EAAE,CAAC;KACL,CAAC,CAAC;IAEH,OAAO,UAAoB,CAAC;AAC9B,CAAC,CAAC"}

package/eslint.config.js

@@ -1,23 +0,0 @@
-import eslint from '@eslint/js';
-import tseslint from 'typescript-eslint';
-import eslintConfigPrettier from 'eslint-config-prettier';
-import eslintPluginPrettier from 'eslint-plugin-prettier/recommended';
-
-/** @type {import('typescript-eslint').Config} */
-export default [
-  eslint.configs.recommended,
-  ...tseslint.configs.recommended,
-  eslintConfigPrettier,
-  eslintPluginPrettier,
-  {
-    ignores: ['dist/**', 'node_modules/**'],
-  },
-  {
-    files: ['**/*.ts'],
-    languageOptions: {
-      parserOptions: {
-        project: './tsconfig.json',
-      },
-    },
-  },
-];

package/src/client.ts

@@ -1,297 +0,0 @@
-/**
- * @fileoverview Core S3ObjectStore client implementation.
- * Provides transparent encryption/decryption for S3 objects using AES-256-GCM.
- *
- * @author Aditya Chaphekar <aditya.chaphekar@techbulls.com>
- * @license Apache-2.0
- */
-
-import { GetObjectCommand, PutObjectCommand, S3Client } from '@aws-sdk/client-s3';
-import { SdkStream } from '@aws-sdk/types';
-import { IDownload, IUpload, ModeType } from './types.js';
-import { deriveKey } from './utils.js';
-import { createCipheriv, createDecipheriv, randomBytes } from 'node:crypto';
-import { Readable } from 'node:stream';
-
-/** Re-export all AWS S3 SDK exports for convenience */
-export * from '@aws-sdk/client-s3';
-
-/**
- * S3 client wrapper with transparent end-to-end encryption support.
- *
- * Wraps an AWS S3 client to provide automatic encryption on upload
- * and decryption on download using AES-256-GCM with scrypt key derivation.
- *
- * @example
- * ```typescript
- * // Create an S3 client
- * const s3Client = new S3Client({ region: 'us-east-1' });
- *
- * // Create an encrypted store wrapper
- * const store = new S3ObjectStore(s3Client, 'my-secret-key');
- *
- * // Upload encrypted data
- * await store.upload({ Bucket: 'my-bucket', Key: 'secret.txt', Body: 'Sensitive data' });
- *
- * // Download and decrypt
- * const { Body } = await store.download({ Bucket: 'my-bucket', Key: 'secret.txt' });
- * ```
- */
-export class S3ObjectStore {
-  /** @type {ModeType} Current operation mode - 'encrypt' or 'passthrough' */
-  mode: ModeType;
-
-  /** @type {string} Encryption key used for AES-256-GCM encryption */
-  key: string;
-
-  /** @type {string | undefined} Default S3 bucket for all operations */
-  bucket?: string;
-
-  /** @type {string} Encryption algorithm identifier (always 'aes-256-gcm') */
-  algorithm = 'aes-256-gcm';
-
-  /** @type {S3Client} The underlying AWS S3 client instance */
-  client: S3Client;
-
-  /**
-   * Creates a new S3ObjectStore instance.
-   *
-   * @param client - An initialized AWS S3Client instance
-   * @param key - Encryption key for AES-256-GCM. Falls back to ENCRYPTION_KEY environment variable if not provided.
-   * @param mode - Operation mode ('encrypt' or 'passthrough'). Defaults to 'encrypt'.
-   * @throws {Error} If no encryption key is provided and ENCRYPTION_KEY environment variable is not set
-   *
-   * @example
-   * ```typescript
-   * // With explicit key
-   * const store = new S3ObjectStore(s3Client, 'my-secret-key');
-   *
-   * // With environment variable (ENCRYPTION_KEY)
-   * const store = new S3ObjectStore(s3Client);
-   *
-   * // With passthrough mode (no encryption)
-   * const store = new S3ObjectStore(s3Client, 'key', 'passthrough');
-   * ```
-   */
-  constructor(client: S3Client, key?: string, mode?: ModeType) {
-    this.client = client;
-    const envEncryptionKey = process.env.ENCRYPTION_KEY;
-    if (!key && !envEncryptionKey) {
-      throw new Error('Encryption key not provided.');
-    }
-    this.key = (key || envEncryptionKey) as string;
-
-    this.mode = mode ?? 'encrypt';
-  }
-
-  /**
-   * Uploads data to S3 with optional encryption.
-   *
-   * In 'encrypt' mode:
-   * - Generates a random 12-byte IV (Initialization Vector)
-   * - Generates a random 16-byte salt for key derivation
-   * - Derives a 256-bit key using scrypt
-   * - Encrypts the data using AES-256-GCM
-   * - Stores encryption metadata (IV, salt, auth tag) in S3 object metadata
-   *
-   * In 'passthrough' mode:
-   * - Uploads data directly without encryption
-   *
-   * @param input - S3 PutObject parameters with optional mode override
-   * @returns Promise resolving to the S3 PutObject response
-   * @throws {Error} If Body is not provided
-   * @throws {Error} If Body type is not supported (only string, Buffer, Uint8Array)
-   *
-   * @example
-   * ```typescript
-   * // Upload a string
-   * await store.upload({ Bucket: 'my-bucket', Key: 'file.txt', Body: 'Hello World' });
-   *
-   * // Upload a Buffer
-   * await store.upload({ Bucket: 'my-bucket', Key: 'data.bin', Body: Buffer.from([0x01, 0x02]) });
-   *
-   * // Upload with custom metadata
-   * await store.upload({
-   *   Bucket: 'my-bucket',
-   *   Key: 'file.txt',
-   *   Body: 'content',
-   *   ContentType: 'text/plain',
-   *   Metadata: { 'custom-header': 'value' }
-   * });
-   *
-   * // Upload without encryption (per-operation override)
-   * await store.upload({
-   *   Bucket: 'my-bucket',
-   *   Key: 'public.txt',
-   *   Body: 'not sensitive',
-   *   mode: 'passthrough'
-   * });
-   * ```
-   */
-  async upload(input: IUpload) {
-    if (!input.Body) {
-      throw new Error('Body is required for upload');
-    }
-
-    /** Resolve mode: input.mode takes precedence, fallback to client default */
-    const mode =
-      input?.mode === 'encrypt' || input?.mode === 'passthrough' ? input.mode : this.mode;
-
-    /** Passthrough mode: upload without encryption */
-    if (mode === 'passthrough') {
-      return this.client.send(
-        new PutObjectCommand({
-          ...input,
-          Bucket: input.Bucket || this.bucket,
-        })
-      );
-    }
-
-    /** Encrypt mode: encrypt data before uploading */
-
-    /** @type {Buffer} iv - 96-bit IV for GCM mode */
-    const iv = randomBytes(12);
-    /** @type {Buffer} salt - 128-bit salt for scrypt key derivation */
-    const salt = randomBytes(16);
-
-    /** Derive encryption key using scrypt (memory-hard, resistant to GPU attacks) */
-    const secretKey = await deriveKey(this.key, salt);
-
-    /** Create AES-256-GCM cipher */
-    const cipher = createCipheriv('aes-256-gcm', secretKey, iv);
-
-    /** Convert input body to Buffer for encryption */
-    let data: Buffer;
-    if (typeof input.Body === 'string') {
-      data = Buffer.from(input.Body, 'utf8');
-    } else if (Buffer.isBuffer(input.Body)) {
-      data = input.Body;
-    } else if (input.Body instanceof Uint8Array) {
-      data = Buffer.from(input.Body);
-    } else {
-      throw new Error('Unsupported Body type: only string, Buffer, or Uint8Array supported');
-    }
-
-    /** Encrypt the data */
-    const encryptedBody = Buffer.concat([cipher.update(data), cipher.final()]);
-
-    /** Get the GCM authentication tag (ensures data integrity and authenticity) */
-    const authTag = cipher.getAuthTag();
-
-    /** Upload encrypted data with encryption metadata stored in S3 object metadata */
-    return this.client.send(
-      new PutObjectCommand({
-        ...input,
-        Bucket: input.Bucket || this.bucket,
-        Body: encryptedBody,
-        ContentLength: encryptedBody.length,
-        Metadata: {
-          ...(input.Metadata || {}),
-          /** @description Base64-encoded IV */
-          'x-amz-iv': iv.toString('base64'),
-          /** @description Base64-encoded salt */
-          'x-amz-salt': salt.toString('base64'),
-          /** @description Base64-encoded GCM auth tag */
-          'x-amz-auth-tag': authTag.toString('base64'),
-          /** @description Encryption algorithm identifier */
-          'x-amz-encryption': 'aes-256-gcm',
-        },
-      })
-    );
-  }
-
-  /**
-   * Downloads data from S3 with optional decryption.
-   *
-   * In 'encrypt' mode:
-   * - Retrieves encryption metadata (IV, salt, auth tag) from S3 object metadata
-   * - Derives the decryption key using scrypt with the stored salt
-   * - Decrypts the data using AES-256-GCM
-   * - Verifies data integrity using the authentication tag
-   *
-   * In 'passthrough' mode:
-   * - Returns the data stream directly without decryption
-   *
-   * @param input - S3 GetObject parameters with optional mode override
-   * @returns Promise resolving to an object containing the decrypted Body stream and metadata
-   * @throws {Error} If no body is returned from S3
-   * @throws {Error} If authentication tag verification fails (data tampering detected)
-   *
-   * @example
-   * ```typescript
-   * const { Body, ContentType } = await store.download({ Bucket: 'my-bucket', Key: 'file.txt' });
-   *
-   * // Read the stream
-   * const chunks: Buffer[] = [];
-   * for await (const chunk of Body) {
-   *   chunks.push(chunk);
-   * }
-   * const content = Buffer.concat(chunks).toString('utf8');
-   * ```
-   */
-  async download(input: IDownload) {
-    /** Fetch the object from S3 */
-    const response = await this.client.send(
-      new GetObjectCommand({ ...input, Bucket: input.Bucket || this.bucket })
-    );
-
-    if (!response.Body) {
-      throw new Error('No body returned from S3');
-    }
-
-    /** Resolve mode: input.mode takes precedence, fallback to client default */
-    const mode =
-      input?.mode === 'encrypt' || input?.mode === 'passthrough' ? input.mode : this.mode;
-
-    /** Passthrough mode: download without encryption */
-    if (mode === 'passthrough') {
-      return {
-        Body: Readable.from(response.Body as SdkStream<Readable>),
-        ContentType: response.ContentType,
-        ContentLength: response.ContentLength,
-        Metadata: response.Metadata,
-      };
-    }
-
-    /** Encrypt mode: decrypt the response */
-
-    /** Extract encryption metadata from S3 object */
-    const metadata = response.Metadata || {};
-    const ivBase64 = metadata['x-amz-iv'];
-    const saltBase64 = metadata['x-amz-salt'];
-    const authTagBase64 = metadata['x-amz-auth-tag'];
-    const encryption = metadata['x-amz-encryption'];
-
-    /** If encryption metadata is missing, return unencrypted stream */
-    if (!ivBase64 || !saltBase64 || !authTagBase64 || encryption !== 'aes-256-gcm') {
-      return {
-        Body: Readable.from(response.Body as SdkStream<Readable>),
-        ContentType: response.ContentType,
-        ContentLength: response.ContentLength,
-        Metadata: response.Metadata,
-      };
-    }
-
-    /** Decode encryption parameters from Base64 */
-    const iv = Buffer.from(ivBase64, 'base64');
-    const salt = Buffer.from(saltBase64, 'base64');
-    const authTag = Buffer.from(authTagBase64, 'base64');
-
-    /** Derive the decryption key using the same salt used during encryption */
-    const secretKey = await deriveKey(this.key, salt);
-
-    /** Create AES-256-GCM decipher and set the authentication tag */
-    const decipher = createDecipheriv('aes-256-gcm', secretKey, iv);
-    decipher.setAuthTag(authTag);
-
-    /** Pipe the encrypted stream through the decipher to get decrypted output */
-    const decryptedStream = (response.Body as SdkStream<Readable>).pipe(decipher);
-
-    return {
-      Body: decryptedStream,
-      ContentType: response.ContentType,
-      ContentLength: response.ContentLength,
-      Metadata: response.Metadata,
-    };
-  }
-}

package/src/index.ts

@@ -1,26 +0,0 @@
-/**
- * @fileoverview Main entry point for the Encrypted S3 Store library.
- *
- * This library provides transparent end-to-end encryption for AWS S3 objects
- * using AES-256-GCM encryption with scrypt key derivation.
- *
- * @module encrypted-s3-store
- * @author Aditya Chaphekar <aditya.chaphekar@techbulls.com>
- * @license Apache-2.0
- *
- * @example
- * ```typescript
- * import { S3ObjectStore, S3Client } from '@techbulls/encrypted-s3-store';
- *
- * const s3Client = new S3Client({ region: 'us-east-1' });
- * const store = new S3ObjectStore(s3Client, 'my-secret-key');
- *
- * // Upload with automatic encryption
- * await store.upload({ Bucket: 'my-bucket', Key: 'file.txt', Body: 'Hello World' });
- *
- * // Download with automatic decryption
- * const result = await store.download({ Bucket: 'my-bucket', Key: 'file.txt' });
- * ```
- */
-export * from './client.js';
-export * from './types.js';

package/src/types.ts

@@ -1,59 +0,0 @@
-/**
- * @fileoverview Type definitions for the Encrypted S3 Store library.
- * Contains configuration interfaces and utility types used throughout the library.
- *
- * @author Aditya Chaphekar <aditya.chaphekar@techbulls.com>
- * @license Apache-2.0
- */
-
-import { GetObjectCommandInput, PutObjectCommandInput } from '@aws-sdk/client-s3';
-
-/**
- * Operation mode for the S3ObjectStore.
- * - 'encrypt': Enables transparent AES-256-GCM encryption for all uploads/downloads
- * - 'passthrough': Data is stored and retrieved without encryption
- */
-export type ModeType = 'encrypt' | 'passthrough';
-
-/**
- * Upload input options extending S3 PutObjectCommandInput.
- * Allows specifying a per-operation encryption mode override.
- *
- * @extends PutObjectCommandInput
- *
- * @property mode - Optional override for the operation mode. If not specified, uses the client's default mode.
- *
- * @example
- * ```typescript
- * const uploadInput: IUpload = {
- *   Bucket: 'my-bucket',
- *   Key: 'file.txt',
- *   Body: 'content',
- *   mode: 'passthrough' // Override to skip encryption for this upload
- * };
- * ```
- */
-export interface IUpload extends PutObjectCommandInput {
-  mode?: ModeType;
-}
-
-/**
- * Download input options extending S3 GetObjectCommandInput.
- * Allows specifying a per-operation encryption mode override.
- *
- * @extends GetObjectCommandInput
- *
- * @property mode - Optional override for the operation mode. If not specified, uses the client's default mode.
- *
- * @example
- * ```typescript
- * const downloadInput: IDownload = {
- *   Bucket: 'my-bucket',
- *   Key: 'file.txt',
- *   mode: 'passthrough' // Override to skip decryption for this download
- * };
- * ```
- */
-export interface IDownload extends GetObjectCommandInput {
-  mode?: ModeType;
-}

package/src/utils.ts

@@ -1,57 +0,0 @@
-/**
- * @fileoverview Utility functions for encryption key derivation.
- *
- * @author Aditya Chaphekar <aditya.chaphekar@techbulls.com>
- * @license Apache-2.0
- */
-import { scrypt, ScryptOptions } from 'node:crypto';
-import { promisify } from 'node:util';
-
-/** Promisified version of Node.js scrypt function */
-const scryptAsync = promisify<string | Buffer, Buffer, number, ScryptOptions, Buffer>(scrypt);
-
-/**
- * Derives a 256-bit encryption key from a password using scrypt.
- *
- * Scrypt is a memory-hard key derivation function that provides strong
- * resistance against brute-force attacks, including GPU-based attacks.
- *
- * Security parameters:
- * - N (cost): 16384 (2^14) - CPU/memory cost parameter
- * - r (blockSize): 8 - block size parameter
- * - p (parallelization): 1 - parallelization parameter
- * - Output: 32 bytes (256 bits for AES-256)
- *
- * @param key - The user's encryption password/key
- * @param salt - Random salt (should be 16 bytes, stored with encrypted data)
- * @returns Promise resolving to 32-byte Buffer containing the derived key
- * @throws {Error} If encryption key is empty or not provided
- *
- * @example
- * ```typescript
- * const salt = crypto.randomBytes(16);
- * const derivedKey = await deriveKey('my-secret-password', salt);
- * // derivedKey is a 32-byte Buffer suitable for AES-256
- * ```
- *
- * @see https://nodejs.org/api/crypto.html#cryptoscryptpassword-salt-keylen-options-callback
- */
-export const deriveKey = async (key: string, salt: Buffer): Promise<Buffer> => {
-  if (!key) {
-    throw new Error('Encryption key is required');
-  }
-
-  /**
-   * Derive key using scrypt with secure parameters.
-   * - N=16384: Memory cost (must be power of 2)
-   * - r=8: Block size
-   * - p=1: Parallelization factor
-   */
-  const derivedKey = await scryptAsync(key, salt, 32, {
-    N: 16384,
-    r: 8,
-    p: 1,
-  });
-
-  return derivedKey as Buffer;
-};

package/tsconfig.json

@@ -1,17 +0,0 @@
-{
-  "compilerOptions": {
-    "target": "ES2020",
-    "module": "ESNext",
-    "moduleResolution": "Node",
-    "outDir": "dist",
-    "declaration": true,
-    "declarationMap": true,
-    "sourceMap": true,
-    "strict": true,
-    "esModuleInterop": true,
-    "skipLibCheck": true,
-    "forceConsistentCasingInFileNames": true
-  },
-  "include": ["src"],
-  "exclude": ["node_modules", "dist"]
-}