@virtru/dsp-sdk 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. package/CHANGELOG.md +8 -1
  2. package/README.md +81 -3
  3. package/dist/src/fips.d.ts +7 -0
  4. package/dist/src/fips.js +12 -0
  5. package/dist/src/lib/dsp.d.ts +17 -1
  6. package/dist/src/lib/dsp.js +28 -5
  7. package/package.json +23 -2
  8. package/.prettierrc +0 -3
  9. package/.rush/temp/chunked-rush-logs/dsp-sdk._phase_build.chunks.jsonl +0 -12
  10. package/.rush/temp/chunked-rush-logs/dsp-sdk._phase_test.chunks.jsonl +0 -383
  11. package/.rush/temp/package-deps__phase_build.json +0 -76
  12. package/.rush/temp/shrinkwrap-deps.json +0 -1262
  13. package/CHANGELOG.json +0 -299
  14. package/buf.gen.yaml +0 -17
  15. package/buf.yaml +0 -4
  16. package/config/jest.config.json +0 -6
  17. package/config/rig.json +0 -8
  18. package/dist/tests/dsp-client.test.d.ts +0 -1
  19. package/dist/tests/dsp-client.test.js +0 -73
  20. package/dist/tests/dsp.test.d.ts +0 -1
  21. package/dist/tests/dsp.test.js +0 -92
  22. package/dist/tests/fips-crypto.unit.test.d.ts +0 -1
  23. package/dist/tests/fips-crypto.unit.test.js +0 -258
  24. package/dist/tests/mocks/create-export-artifacts.d.ts +0 -2
  25. package/dist/tests/mocks/create-export-artifacts.js +0 -13
  26. package/dist/tests/mocks/tagging-pdp-tag.d.ts +0 -2
  27. package/dist/tests/mocks/tagging-pdp-tag.js +0 -11
  28. package/dist/tests/mocks/well-known-configuration.d.ts +0 -2
  29. package/dist/tests/mocks/well-known-configuration.js +0 -12
  30. package/dist/tests/setup-msw.d.ts +0 -9
  31. package/dist/tests/setup-msw.js +0 -30
  32. package/dist/tests/setup-unit.d.ts +0 -7
  33. package/dist/tests/setup-unit.js +0 -70
  34. package/eslint.config.mjs +0 -28
  35. package/lib-commonjs/src/gen/buf/validate/validate_pb.js +0 -487
  36. package/lib-commonjs/src/gen/config/v1/config_pb.js +0 -142
  37. package/lib-commonjs/src/gen/config/v1/kas_config_pb.js +0 -72
  38. package/lib-commonjs/src/gen/config/v1/meta_pb.js +0 -36
  39. package/lib-commonjs/src/gen/config/v1/outlook_config_pb.js +0 -67
  40. package/lib-commonjs/src/gen/config/v1/secureviewer_config_pb.js +0 -67
  41. package/lib-commonjs/src/gen/config/v1/tagging_pb.js +0 -246
  42. package/lib-commonjs/src/gen/google/api/annotations_pb.js +0 -33
  43. package/lib-commonjs/src/gen/google/api/http_pb.js +0 -44
  44. package/lib-commonjs/src/gen/policyimportexport/v1/policy_import_export_pb.js +0 -93
  45. package/lib-commonjs/src/gen/shared/v1/shared_pb.js +0 -95
  46. package/lib-commonjs/src/gen/tagging/pdp/v2/tagging_pb.js +0 -277
  47. package/lib-commonjs/src/gen/version/v1/version_pb.js +0 -40
  48. package/lib-commonjs/src/gen/virtru/common/common_pb.js +0 -76
  49. package/lib-commonjs/src/gen/virtru/policy/certificates/v1/certificates_pb.js +0 -77
  50. package/lib-commonjs/src/gen/virtru/policy/objects_pb.js +0 -143
  51. package/lib-commonjs/src/index.js +0 -48
  52. package/lib-commonjs/src/lib/client.js +0 -66
  53. package/lib-commonjs/src/lib/consts.js +0 -10
  54. package/lib-commonjs/src/lib/dsp.js +0 -49
  55. package/lib-commonjs/src/lib/fips-crypto/asymmetric.js +0 -126
  56. package/lib-commonjs/src/lib/fips-crypto/key-format.js +0 -243
  57. package/lib-commonjs/src/lib/fips-crypto/keys.js +0 -134
  58. package/lib-commonjs/src/lib/fips-crypto/primitives.js +0 -112
  59. package/lib-commonjs/src/lib/fips-crypto/symmetric.js +0 -162
  60. package/lib-commonjs/src/lib/fips-crypto-service.js +0 -57
  61. package/lib-commonjs/src/lib/utils.js +0 -401
  62. package/lib-commonjs/tests/dsp-client.test.js +0 -75
  63. package/lib-commonjs/tests/dsp.test.js +0 -94
  64. package/lib-commonjs/tests/fips-crypto.unit.test.js +0 -260
  65. package/lib-commonjs/tests/mocks/create-export-artifacts.js +0 -17
  66. package/lib-commonjs/tests/mocks/tagging-pdp-tag.js +0 -15
  67. package/lib-commonjs/tests/mocks/well-known-configuration.js +0 -16
  68. package/lib-commonjs/tests/setup-msw.js +0 -33
  69. package/lib-commonjs/tests/setup-unit.js +0 -72
  70. package/public/virtru.wasm +0 -0
  71. package/src/gen/buf/validate/validate_pb.ts +0 -4879
  72. package/src/gen/config/formatters/testdata/v1/test_pb.ts +0 -287
  73. package/src/gen/config/v1/config_connect.ts +0 -111
  74. package/src/gen/config/v1/config_pb.ts +0 -439
  75. package/src/gen/config/v1/kas_config_pb.ts +0 -183
  76. package/src/gen/config/v1/meta_pb.ts +0 -72
  77. package/src/gen/config/v1/outlook_config_pb.ts +0 -242
  78. package/src/gen/config/v1/secureviewer_config_pb.ts +0 -161
  79. package/src/gen/config/v1/tagging_pb.ts +0 -456
  80. package/src/gen/google/api/annotations_pb.ts +0 -43
  81. package/src/gen/google/api/http_pb.ts +0 -486
  82. package/src/gen/helloworld/v1/helloworld_connect.ts +0 -49
  83. package/src/gen/helloworld/v1/helloworld_pb.ts +0 -104
  84. package/src/gen/kas/nanotdf/v1/nanotdf_rewrap_connect.ts +0 -39
  85. package/src/gen/kas/nanotdf/v1/nanotdf_rewrap_pb.ts +0 -207
  86. package/src/gen/policyimportexport/v1/policy_import_export_connect.ts +0 -56
  87. package/src/gen/policyimportexport/v1/policy_import_export_pb.ts +0 -332
  88. package/src/gen/shared/v1/shared_connect.ts +0 -61
  89. package/src/gen/shared/v1/shared_pb.ts +0 -240
  90. package/src/gen/shared/v2/shared_connect.ts +0 -39
  91. package/src/gen/shared/v2/shared_pb.ts +0 -122
  92. package/src/gen/tagging/pdp/v2/externalprocessors/processor_connect.ts +0 -156
  93. package/src/gen/tagging/pdp/v2/externalprocessors/processor_pb.ts +0 -709
  94. package/src/gen/tagging/pdp/v2/stanag/stanag_pb.ts +0 -953
  95. package/src/gen/tagging/pdp/v2/tagging_connect.ts +0 -73
  96. package/src/gen/tagging/pdp/v2/tagging_pb.ts +0 -1064
  97. package/src/gen/version/v1/version_connect.ts +0 -31
  98. package/src/gen/version/v1/version_pb.ts +0 -143
  99. package/src/gen/virtru/common/common_pb.ts +0 -201
  100. package/src/gen/virtru/policy/certificates/v1/certificates_connect.ts +0 -44
  101. package/src/gen/virtru/policy/certificates/v1/certificates_pb.ts +0 -305
  102. package/src/gen/virtru/policy/objects_pb.ts +0 -253
  103. package/src/gen/web-admin/v1/config_connect.ts +0 -52
  104. package/src/gen/web-admin/v1/config_pb.ts +0 -173
  105. package/src/index.ts +0 -62
  106. package/src/lib/client.ts +0 -90
  107. package/src/lib/consts.ts +0 -8
  108. package/src/lib/dsp.ts +0 -65
  109. package/src/lib/fips-crypto/asymmetric.ts +0 -162
  110. package/src/lib/fips-crypto/key-format.ts +0 -287
  111. package/src/lib/fips-crypto/keys.ts +0 -190
  112. package/src/lib/fips-crypto/primitives.ts +0 -197
  113. package/src/lib/fips-crypto/symmetric.ts +0 -213
  114. package/src/lib/fips-crypto-service.ts +0 -58
  115. package/src/lib/utils.test.ts +0 -415
  116. package/src/lib/utils.ts +0 -525
  117. package/src/vite-env.d.ts +0 -7
  118. package/temp/build/lint/_eslint-5eVG3S6w.json +0 -38
  119. package/temp/test/jest/haste-map-b055a9550e6d9f9b43d8ad29b1607278-49d19aee56a0732eca9c014a51272338-8710993d07b75a801b0956e67ffc46fa +0 -0
  120. package/tests/dsp-client.test.ts +0 -95
  121. package/tests/dsp.test.ts +0 -119
  122. package/tests/fips-crypto.unit.test.ts +0 -412
  123. package/tests/mocks/create-export-artifacts.ts +0 -16
  124. package/tests/mocks/tagging-pdp-tag.ts +0 -13
  125. package/tests/mocks/well-known-configuration.ts +0 -15
  126. package/tests/setup-msw.ts +0 -35
  127. package/tests/setup-unit.ts +0 -108
  128. package/tsconfig.json +0 -32
  129. package/update-protos.sh +0 -63
  130. package/vitest.config.ts +0 -48
@@ -1,76 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.MetadataUpdateEnumSchema = exports.MetadataUpdateEnum = exports.PageResponseSchema = exports.PageRequestSchema = exports.IdFqnIdentifierSchema = exports.MetadataMutableSchema = exports.MetadataSchema = exports.file_virtru_common_common = void 0;
9
- const codegenv1_1 = require("@bufbuild/protobuf/codegenv1");
10
- const validate_pb_1 = require("../../buf/validate/validate_pb");
11
- const wkt_1 = require("@bufbuild/protobuf/wkt");
12
- /**
13
- * Describes the file virtru/common/common.proto.
14
- */
15
- exports.file_virtru_common_common =
16
- /*@__PURE__*/
17
- (0, codegenv1_1.fileDesc)('Chp2aXJ0cnUvY29tbW9uL2NvbW1vbi5wcm90bxINdmlydHJ1LmNvbW1vbiLOAQoITWV0YWRhdGESLgoKY3JlYXRlZF9hdBgBIAEoCzIaLmdvb2dsZS5wcm90b2J1Zi5UaW1lc3RhbXASLgoKdXBkYXRlZF9hdBgCIAEoCzIaLmdvb2dsZS5wcm90b2J1Zi5UaW1lc3RhbXASMwoGbGFiZWxzGAMgAygLMiMudmlydHJ1LmNvbW1vbi5NZXRhZGF0YS5MYWJlbHNFbnRyeRotCgtMYWJlbHNFbnRyeRILCgNrZXkYASABKAkSDQoFdmFsdWUYAiABKAk6AjgBInwKD01ldGFkYXRhTXV0YWJsZRI6CgZsYWJlbHMYAyADKAsyKi52aXJ0cnUuY29tbW9uLk1ldGFkYXRhTXV0YWJsZS5MYWJlbHNFbnRyeRotCgtMYWJlbHNFbnRyeRILCgNrZXkYASABKAkSDQoFdmFsdWUYAiABKAk6AjgBIlkKD0lkRnFuSWRlbnRpZmllchIWCgJpZBgBIAEoCUIIukgFcgOwAQFIABIZCgNmcW4YAiABKAlCCrpIB3IFEAGIAQFIAEITCgppZGVudGlmaWVyEgW6SAIIASIsCgtQYWdlUmVxdWVzdBINCgVsaW1pdBgBIAEoBRIOCgZvZmZzZXQYAiABKAUiSgoMUGFnZVJlc3BvbnNlEhYKDmN1cnJlbnRfb2Zmc2V0GAEgASgFEhMKC25leHRfb2Zmc2V0GAIgASgFEg0KBXRvdGFsGAMgASgFKn0KEk1ldGFkYXRhVXBkYXRlRW51bRIkCiBNRVRBREFUQV9VUERBVEVfRU5VTV9VTlNQRUNJRklFRBAAEh8KG01FVEFEQVRBX1VQREFURV9FTlVNX0VYVEVORBABEiAKHE1FVEFEQVRBX1VQREFURV9FTlVNX1JFUExBQ0UQAkK9AQoRY29tLnZpcnRydS5jb21tb25CC0NvbW1vblByb3RvUAFaRmdpdGh1Yi5jb20vdmlydHJ1LWNvcnAvZGF0YS1zZWN1cml0eS1wbGF0Zm9ybS9zZGsvdjIvZ2VuL3ZpcnRydS9jb21tb26iAgNWQ1iqAg1WaXJ0cnUuQ29tbW9uygINVmlydHJ1XENvbW1vbuICGVZpcnRydVxDb21tb25cR1BCTWV0YWRhdGHqAg5WaXJ0cnU6OkNvbW1vbmIGcHJvdG8z', [validate_pb_1.file_buf_validate_validate, wkt_1.file_google_protobuf_timestamp]);
18
- /**
19
- * Describes the message virtru.common.Metadata.
20
- * Use `create(MetadataSchema)` to create a new message.
21
- */
22
- exports.MetadataSchema =
23
- /*@__PURE__*/
24
- (0, codegenv1_1.messageDesc)(exports.file_virtru_common_common, 0);
25
- /**
26
- * Describes the message virtru.common.MetadataMutable.
27
- * Use `create(MetadataMutableSchema)` to create a new message.
28
- */
29
- exports.MetadataMutableSchema =
30
- /*@__PURE__*/
31
- (0, codegenv1_1.messageDesc)(exports.file_virtru_common_common, 1);
32
- /**
33
- * Describes the message virtru.common.IdFqnIdentifier.
34
- * Use `create(IdFqnIdentifierSchema)` to create a new message.
35
- */
36
- exports.IdFqnIdentifierSchema =
37
- /*@__PURE__*/
38
- (0, codegenv1_1.messageDesc)(exports.file_virtru_common_common, 2);
39
- /**
40
- * Describes the message virtru.common.PageRequest.
41
- * Use `create(PageRequestSchema)` to create a new message.
42
- */
43
- exports.PageRequestSchema =
44
- /*@__PURE__*/
45
- (0, codegenv1_1.messageDesc)(exports.file_virtru_common_common, 3);
46
- /**
47
- * Describes the message virtru.common.PageResponse.
48
- * Use `create(PageResponseSchema)` to create a new message.
49
- */
50
- exports.PageResponseSchema =
51
- /*@__PURE__*/
52
- (0, codegenv1_1.messageDesc)(exports.file_virtru_common_common, 4);
53
- /**
54
- * @generated from enum virtru.common.MetadataUpdateEnum
55
- */
56
- var MetadataUpdateEnum;
57
- (function (MetadataUpdateEnum) {
58
- /**
59
- * @generated from enum value: METADATA_UPDATE_ENUM_UNSPECIFIED = 0;
60
- */
61
- MetadataUpdateEnum[MetadataUpdateEnum["UNSPECIFIED"] = 0] = "UNSPECIFIED";
62
- /**
63
- * @generated from enum value: METADATA_UPDATE_ENUM_EXTEND = 1;
64
- */
65
- MetadataUpdateEnum[MetadataUpdateEnum["EXTEND"] = 1] = "EXTEND";
66
- /**
67
- * @generated from enum value: METADATA_UPDATE_ENUM_REPLACE = 2;
68
- */
69
- MetadataUpdateEnum[MetadataUpdateEnum["REPLACE"] = 2] = "REPLACE";
70
- })(MetadataUpdateEnum || (exports.MetadataUpdateEnum = MetadataUpdateEnum = {}));
71
- /**
72
- * Describes the enum virtru.common.MetadataUpdateEnum.
73
- */
74
- exports.MetadataUpdateEnumSchema =
75
- /*@__PURE__*/
76
- (0, codegenv1_1.enumDesc)(exports.file_virtru_common_common, 0);
@@ -1,77 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.CertificateService = exports.RemoveCertificateFromNamespaceResponseSchema = exports.RemoveCertificateFromNamespaceRequestSchema = exports.AssignCertificateToNamespaceResponseSchema = exports.AssignCertificateToNamespaceRequestSchema = exports.ListCertificatesByNamespaceResponseSchema = exports.ListCertificatesByNamespaceRequestSchema = exports.NamespaceCertificateSchema = exports.file_virtru_policy_certificates_v1_certificates = void 0;
9
- const codegenv1_1 = require("@bufbuild/protobuf/codegenv1");
10
- const validate_pb_1 = require("../../../../buf/validate/validate_pb");
11
- const common_pb_1 = require("../../../common/common_pb");
12
- const objects_pb_1 = require("../../objects_pb");
13
- /**
14
- * Describes the file virtru/policy/certificates/v1/certificates.proto.
15
- */
16
- exports.file_virtru_policy_certificates_v1_certificates =
17
- /*@__PURE__*/
18
- (0, codegenv1_1.fileDesc)('CjB2aXJ0cnUvcG9saWN5L2NlcnRpZmljYXRlcy92MS9jZXJ0aWZpY2F0ZXMucHJvdG8SHXZpcnRydS5wb2xpY3kuY2VydGlmaWNhdGVzLnYxIl4KFE5hbWVzcGFjZUNlcnRpZmljYXRlEiEKDG5hbWVzcGFjZV9pZBgBIAEoCUILukgIyAEBcgOwAQESIwoOY2VydGlmaWNhdGVfaWQYAiABKAlCC7pICMgBAXIDsAEBIncKIkxpc3RDZXJ0aWZpY2F0ZXNCeU5hbWVzcGFjZVJlcXVlc3QSIQoMbmFtZXNwYWNlX2lkGAEgASgJQgu6SAjIAQFyA7ABARIuCgpwYWdpbmF0aW9uGAogASgLMhoudmlydHJ1LmNvbW1vbi5QYWdlUmVxdWVzdCKIAQojTGlzdENlcnRpZmljYXRlc0J5TmFtZXNwYWNlUmVzcG9uc2USMAoMY2VydGlmaWNhdGVzGAEgAygLMhoudmlydHJ1LnBvbGljeS5DZXJ0aWZpY2F0ZRIvCgpwYWdpbmF0aW9uGAogASgLMhsudmlydHJ1LmNvbW1vbi5QYWdlUmVzcG9uc2UiugMKI0Fzc2lnbkNlcnRpZmljYXRlVG9OYW1lc3BhY2VSZXF1ZXN0EiEKDG5hbWVzcGFjZV9pZBgBIAEoCUILukgIyAEBcgOwAQESEwoDcGVtGAIgASgJQga6SAPIAQESGwoGa2V5X2lkGAMgASgJQgu6SAjIAQFyA7ABARKdAQoNa2V5X2FsZ29yaXRobRgEIAEoDjIYLnZpcnRydS5wb2xpY3kuQWxnb3JpdGhtQmy6SGm6AWYKFWtleV9hbGdvcml0aG1fZGVmaW5lZBI0VGhlIGtleV9hbGdvcml0aG0gbXVzdCBiZSBvbmUgb2YgdGhlIGRlZmluZWQgdmFsdWVzLhoXdGhpcyBpbiBbMSwgMiwgMywgNCwgNV0SFAoEbmFtZRgFIAEoCUIGukgDyAEBEiwKCmtleV9zdGF0dXMYBiABKA4yGC52aXJ0cnUucG9saWN5LktleVN0YXR1cxIoCghrZXlfbW9kZRgHIAEoDjIWLnZpcnRydS5wb2xpY3kuS2V5TW9kZRIwCghtZXRhZGF0YRhkIAEoCzIeLnZpcnRydS5jb21tb24uTWV0YWRhdGFNdXRhYmxlIqsBCiRBc3NpZ25DZXJ0aWZpY2F0ZVRvTmFtZXNwYWNlUmVzcG9uc2USUgoVbmFtZXNwYWNlX2NlcnRpZmljYXRlGAEgASgLMjMudmlydHJ1LnBvbGljeS5jZXJ0aWZpY2F0ZXMudjEuTmFtZXNwYWNlQ2VydGlmaWNhdGUSLwoLY2VydGlmaWNhdGUYAiABKAsyGi52aXJ0cnUucG9saWN5LkNlcnRpZmljYXRlIoMBCiVSZW1vdmVDZXJ0aWZpY2F0ZUZyb21OYW1lc3BhY2VSZXF1ZXN0EloKFW5hbWVzcGFjZV9jZXJ0aWZpY2F0ZRgBIAEoCzIzLnZpcnRydS5wb2xpY3kuY2VydGlmaWNhdGVzLnYxLk5hbWVzcGFjZUNlcnRpZmljYXRlQga6SAPIAQEifAomUmVtb3ZlQ2VydGlmaWNhdGVGcm9tTmFtZXNwYWNlUmVzcG9uc2USUgoVbmFtZXNwYWNlX2NlcnRpZmljYXRlGAEgASgLMjMudmlydHJ1LnBvbGljeS5jZXJ0aWZpY2F0ZXMudjEuTmFtZXNwYWNlQ2VydGlmaWNhdGUymwQKEkNlcnRpZmljYXRlU2VydmljZRKmAQobTGlzdENlcnRpZmljYXRlc0J5TmFtZXNwYWNlEkEudmlydHJ1LnBvbGljeS5jZXJ0aWZpY2F0ZXMudjEuTGlzdENlcnRpZmljYXRlc0J5TmFtZXNwYWNlUmVxdWVzdBpCLnZpcnRydS5wb2xpY3kuY2VydGlmaWNhdGVzLnYxLkxpc3RDZXJ0aWZpY2F0ZXNCeU5hbWVzcGFjZVJlc3BvbnNlIgASqQEKHEFzc2lnbkNlcnRpZmljYXRlVG9OYW1lc3BhY2USQi52aXJ0cnUucG9saWN5LmNlcnRpZmljYXRlcy52MS5Bc3NpZ25DZXJ0aWZpY2F0ZVRvTmFtZXNwYWNlUmVxdWVzdBpDLnZpcnRydS5wb2xpY3kuY2VydGlmaWNhdGVzLnYxLkFzc2lnbkNlcnRpZmljYXRlVG9OYW1lc3BhY2VSZXNwb25zZSIAEq8BCh5SZW1vdmVDZXJ0aWZpY2F0ZUZyb21OYW1lc3BhY2USRC52aXJ0cnUucG9saWN5LmNlcnRpZmljYXRlcy52MS5SZW1vdmVDZXJ0aWZpY2F0ZUZyb21OYW1lc3BhY2VSZXF1ZXN0GkUudmlydHJ1LnBvbGljeS5jZXJ0aWZpY2F0ZXMudjEuUmVtb3ZlQ2VydGlmaWNhdGVGcm9tTmFtZXNwYWNlUmVzcG9uc2UiAEK0AgohY29tLnZpcnRydS5wb2xpY3kuY2VydGlmaWNhdGVzLnYxQhFDZXJ0aWZpY2F0ZXNQcm90b1ABWmVnaXRodWIuY29tL3ZpcnRydS1jb3JwL2RhdGEtc2VjdXJpdHktcGxhdGZvcm0vc2RrL3YyL2dlbi92aXJ0cnUvcG9saWN5L2NlcnRpZmljYXRlcy92MTtjZXJ0aWZpY2F0ZXN2MaICA1ZQQ6oCHVZpcnRydS5Qb2xpY3kuQ2VydGlmaWNhdGVzLlYxygIdVmlydHJ1XFBvbGljeVxDZXJ0aWZpY2F0ZXNcVjHiAilWaXJ0cnVcUG9saWN5XENlcnRpZmljYXRlc1xWMVxHUEJNZXRhZGF0YeoCIFZpcnRydTo6UG9saWN5OjpDZXJ0aWZpY2F0ZXM6OlYxYgZwcm90bzM', [
19
- validate_pb_1.file_buf_validate_validate,
20
- common_pb_1.file_virtru_common_common,
21
- objects_pb_1.file_virtru_policy_objects,
22
- ]);
23
- /**
24
- * Describes the message virtru.policy.certificates.v1.NamespaceCertificate.
25
- * Use `create(NamespaceCertificateSchema)` to create a new message.
26
- */
27
- exports.NamespaceCertificateSchema =
28
- /*@__PURE__*/
29
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 0);
30
- /**
31
- * Describes the message virtru.policy.certificates.v1.ListCertificatesByNamespaceRequest.
32
- * Use `create(ListCertificatesByNamespaceRequestSchema)` to create a new message.
33
- */
34
- exports.ListCertificatesByNamespaceRequestSchema =
35
- /*@__PURE__*/
36
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 1);
37
- /**
38
- * Describes the message virtru.policy.certificates.v1.ListCertificatesByNamespaceResponse.
39
- * Use `create(ListCertificatesByNamespaceResponseSchema)` to create a new message.
40
- */
41
- exports.ListCertificatesByNamespaceResponseSchema =
42
- /*@__PURE__*/
43
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 2);
44
- /**
45
- * Describes the message virtru.policy.certificates.v1.AssignCertificateToNamespaceRequest.
46
- * Use `create(AssignCertificateToNamespaceRequestSchema)` to create a new message.
47
- */
48
- exports.AssignCertificateToNamespaceRequestSchema =
49
- /*@__PURE__*/
50
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 3);
51
- /**
52
- * Describes the message virtru.policy.certificates.v1.AssignCertificateToNamespaceResponse.
53
- * Use `create(AssignCertificateToNamespaceResponseSchema)` to create a new message.
54
- */
55
- exports.AssignCertificateToNamespaceResponseSchema =
56
- /*@__PURE__*/
57
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 4);
58
- /**
59
- * Describes the message virtru.policy.certificates.v1.RemoveCertificateFromNamespaceRequest.
60
- * Use `create(RemoveCertificateFromNamespaceRequestSchema)` to create a new message.
61
- */
62
- exports.RemoveCertificateFromNamespaceRequestSchema =
63
- /*@__PURE__*/
64
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 5);
65
- /**
66
- * Describes the message virtru.policy.certificates.v1.RemoveCertificateFromNamespaceResponse.
67
- * Use `create(RemoveCertificateFromNamespaceResponseSchema)` to create a new message.
68
- */
69
- exports.RemoveCertificateFromNamespaceResponseSchema =
70
- /*@__PURE__*/
71
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_certificates_v1_certificates, 6);
72
- /**
73
- * @generated from service virtru.policy.certificates.v1.CertificateService
74
- */
75
- exports.CertificateService =
76
- /*@__PURE__*/
77
- (0, codegenv1_1.serviceDesc)(exports.file_virtru_policy_certificates_v1_certificates, 0);
@@ -1,143 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.KeyModeSchema = exports.KeyMode = exports.KeyStatusSchema = exports.KeyStatus = exports.AlgorithmSchema = exports.Algorithm = exports.CertificateMappingSchema = exports.CertificateSchema = exports.file_virtru_policy_objects = void 0;
9
- const codegenv1_1 = require("@bufbuild/protobuf/codegenv1");
10
- const validate_pb_1 = require("../../buf/validate/validate_pb");
11
- const common_pb_1 = require("../common/common_pb");
12
- /**
13
- * Describes the file virtru/policy/objects.proto.
14
- */
15
- exports.file_virtru_policy_objects =
16
- /*@__PURE__*/
17
- (0, codegenv1_1.fileDesc)('Cht2aXJ0cnUvcG9saWN5L29iamVjdHMucHJvdG8SDXZpcnRydS5wb2xpY3kinwIKC0NlcnRpZmljYXRlEgoKAmlkGAEgASgJEg4KBmtleV9pZBgCIAEoCRIvCg1rZXlfYWxnb3JpdGhtGAMgASgOMhgudmlydHJ1LnBvbGljeS5BbGdvcml0aG0SLAoKa2V5X3N0YXR1cxgEIAEoDjIYLnZpcnRydS5wb2xpY3kuS2V5U3RhdHVzEhQKA3BlbRgFIAEoCUIHukgEcgIQARIVCgRuYW1lGAYgASgJQge6SARyAhABEigKCGtleV9tb2RlGAcgASgOMhYudmlydHJ1LnBvbGljeS5LZXlNb2RlEhMKC2ZpbmdlcnByaW50GAggASgJEikKCG1ldGFkYXRhGGQgASgLMhcudmlydHJ1LmNvbW1vbi5NZXRhZGF0YSKXAQoSQ2VydGlmaWNhdGVNYXBwaW5nEhQKAmlkGAEgASgJQgi6SAVyA7ABARIgCg5jZXJ0aWZpY2F0ZV9pZBgCIAEoCUIIukgFcgOwAQESHgoMbmFtZXNwYWNlX2lkGAMgASgJQgi6SAVyA7ABARIpCghtZXRhZGF0YRhkIAEoCzIXLnZpcnRydS5jb21tb24uTWV0YWRhdGEqmwEKCUFsZ29yaXRobRIZChVBTEdPUklUSE1fVU5TUEVDSUZJRUQQABIWChJBTEdPUklUSE1fUlNBXzIwNDgQARIWChJBTEdPUklUSE1fUlNBXzQwOTYQAhIVChFBTEdPUklUSE1fRUNfUDI1NhADEhUKEUFMR09SSVRITV9FQ19QMzg0EAQSFQoRQUxHT1JJVEhNX0VDX1A1MjEQBSpWCglLZXlTdGF0dXMSGgoWS0VZX1NUQVRVU19VTlNQRUNJRklFRBAAEhUKEUtFWV9TVEFUVVNfQUNUSVZFEAESFgoSS0VZX1NUQVRVU19ST1RBVEVEEAIqlAEKB0tleU1vZGUSGAoUS0VZX01PREVfVU5TUEVDSUZJRUQQABIcChhLRVlfTU9ERV9DT05GSUdfUk9PVF9LRVkQARIeChpLRVlfTU9ERV9QUk9WSURFUl9ST09UX0tFWRACEhMKD0tFWV9NT0RFX1JFTU9URRADEhwKGEtFWV9NT0RFX1BVQkxJQ19LRVlfT05MWRAEQr4BChFjb20udmlydHJ1LnBvbGljeUIMT2JqZWN0c1Byb3RvUAFaRmdpdGh1Yi5jb20vdmlydHJ1LWNvcnAvZGF0YS1zZWN1cml0eS1wbGF0Zm9ybS9zZGsvdjIvZ2VuL3ZpcnRydS9wb2xpY3miAgNWUFiqAg1WaXJ0cnUuUG9saWN5ygINVmlydHJ1XFBvbGljeeICGVZpcnRydVxQb2xpY3lcR1BCTWV0YWRhdGHqAg5WaXJ0cnU6OlBvbGljeWIGcHJvdG8z', [validate_pb_1.file_buf_validate_validate, common_pb_1.file_virtru_common_common]);
18
- /**
19
- * Describes the message virtru.policy.Certificate.
20
- * Use `create(CertificateSchema)` to create a new message.
21
- */
22
- exports.CertificateSchema =
23
- /*@__PURE__*/
24
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_objects, 0);
25
- /**
26
- * Describes the message virtru.policy.CertificateMapping.
27
- * Use `create(CertificateMappingSchema)` to create a new message.
28
- */
29
- exports.CertificateMappingSchema =
30
- /*@__PURE__*/
31
- (0, codegenv1_1.messageDesc)(exports.file_virtru_policy_objects, 1);
32
- /**
33
- * @generated from enum virtru.policy.Algorithm
34
- */
35
- var Algorithm;
36
- (function (Algorithm) {
37
- /**
38
- * @generated from enum value: ALGORITHM_UNSPECIFIED = 0;
39
- */
40
- Algorithm[Algorithm["UNSPECIFIED"] = 0] = "UNSPECIFIED";
41
- /**
42
- * @generated from enum value: ALGORITHM_RSA_2048 = 1;
43
- */
44
- Algorithm[Algorithm["RSA_2048"] = 1] = "RSA_2048";
45
- /**
46
- * @generated from enum value: ALGORITHM_RSA_4096 = 2;
47
- */
48
- Algorithm[Algorithm["RSA_4096"] = 2] = "RSA_4096";
49
- /**
50
- * @generated from enum value: ALGORITHM_EC_P256 = 3;
51
- */
52
- Algorithm[Algorithm["EC_P256"] = 3] = "EC_P256";
53
- /**
54
- * @generated from enum value: ALGORITHM_EC_P384 = 4;
55
- */
56
- Algorithm[Algorithm["EC_P384"] = 4] = "EC_P384";
57
- /**
58
- * @generated from enum value: ALGORITHM_EC_P521 = 5;
59
- */
60
- Algorithm[Algorithm["EC_P521"] = 5] = "EC_P521";
61
- })(Algorithm || (exports.Algorithm = Algorithm = {}));
62
- /**
63
- * Describes the enum virtru.policy.Algorithm.
64
- */
65
- exports.AlgorithmSchema =
66
- /*@__PURE__*/
67
- (0, codegenv1_1.enumDesc)(exports.file_virtru_policy_objects, 0);
68
- /**
69
- * @generated from enum virtru.policy.KeyStatus
70
- */
71
- var KeyStatus;
72
- (function (KeyStatus) {
73
- /**
74
- * @generated from enum value: KEY_STATUS_UNSPECIFIED = 0;
75
- */
76
- KeyStatus[KeyStatus["UNSPECIFIED"] = 0] = "UNSPECIFIED";
77
- /**
78
- * @generated from enum value: KEY_STATUS_ACTIVE = 1;
79
- */
80
- KeyStatus[KeyStatus["ACTIVE"] = 1] = "ACTIVE";
81
- /**
82
- * @generated from enum value: KEY_STATUS_ROTATED = 2;
83
- */
84
- KeyStatus[KeyStatus["ROTATED"] = 2] = "ROTATED";
85
- })(KeyStatus || (exports.KeyStatus = KeyStatus = {}));
86
- /**
87
- * Describes the enum virtru.policy.KeyStatus.
88
- */
89
- exports.KeyStatusSchema =
90
- /*@__PURE__*/
91
- (0, codegenv1_1.enumDesc)(exports.file_virtru_policy_objects, 1);
92
- /**
93
- * Describes the management and operational mode of a cryptographic key.
94
- *
95
- * @generated from enum virtru.policy.KeyMode
96
- */
97
- var KeyMode;
98
- (function (KeyMode) {
99
- /**
100
- * KEY_MODE_UNSPECIFIED: Default, unspecified key mode. Indicates an uninitialized or error state.
101
- *
102
- * @generated from enum value: KEY_MODE_UNSPECIFIED = 0;
103
- */
104
- KeyMode[KeyMode["UNSPECIFIED"] = 0] = "UNSPECIFIED";
105
- /**
106
- * KEY_MODE_CONFIG_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
107
- * sourced from local configuration. Unwrapping and all cryptographic operations are performed locally.
108
- *
109
- * @generated from enum value: KEY_MODE_CONFIG_ROOT_KEY = 1;
110
- */
111
- KeyMode[KeyMode["CONFIG_ROOT_KEY"] = 1] = "CONFIG_ROOT_KEY";
112
- /**
113
- * KEY_MODE_PROVIDER_ROOT_KEY: Local key management where the private key is wrapped by a Key Encryption Key (KEK)
114
- * managed by an external provider (e.g., a Hardware Security Module or Cloud KMS).
115
- * Key unwrapping is delegated to the external provider; subsequent cryptographic operations
116
- * are performed locally using the unwrapped key.
117
- *
118
- * @generated from enum value: KEY_MODE_PROVIDER_ROOT_KEY = 2;
119
- */
120
- KeyMode[KeyMode["PROVIDER_ROOT_KEY"] = 2] = "PROVIDER_ROOT_KEY";
121
- /**
122
- * KEY_MODE_REMOTE: Remote key management where the private key is stored in, and all cryptographic
123
- * operations are performed by, a remote Key Management Service (KMS) or HSM.
124
- * The private key material never leaves the secure boundary of the remote system.
125
- *
126
- * @generated from enum value: KEY_MODE_REMOTE = 3;
127
- */
128
- KeyMode[KeyMode["REMOTE"] = 3] = "REMOTE";
129
- /**
130
- * KEY_MODE_PUBLIC_KEY_ONLY: Public key only mode. Used when only a public key is available or required,
131
- * typically for wrapping operations (e.g., encrypting a Data Encryption Key (DEK) for an external KAS).
132
- * The corresponding private key is not managed or accessible by this system.
133
- *
134
- * @generated from enum value: KEY_MODE_PUBLIC_KEY_ONLY = 4;
135
- */
136
- KeyMode[KeyMode["PUBLIC_KEY_ONLY"] = 4] = "PUBLIC_KEY_ONLY";
137
- })(KeyMode || (exports.KeyMode = KeyMode = {}));
138
- /**
139
- * Describes the enum virtru.policy.KeyMode.
140
- */
141
- exports.KeyModeSchema =
142
- /*@__PURE__*/
143
- (0, codegenv1_1.enumDesc)(exports.file_virtru_policy_objects, 2);
@@ -1,48 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.singlecontainer = exports.AuthProviders = exports.tdfSpecVersion = exports.clientType = exports.version = exports.createDSP = exports.DSP = exports.validateJWSCertificateChain = exports.getTrustedCertificates = exports.flattenObligations = exports.getUserEntitlements = exports.getObligations = exports.createOpenTDFClient = exports.createAuthProvider = exports.createAuthInterceptor = exports.PlatformClient = exports.DSPClient = exports.dspConnectWeb = exports.dspConnect = void 0;
9
- /**
10
- * Exports Connect RPC and Connect Web RPC
11
- */
12
- var platform_1 = require("@opentdf/sdk/platform");
13
- Object.defineProperty(exports, "dspConnect", { enumerable: true, get: function () { return platform_1.platformConnect; } });
14
- Object.defineProperty(exports, "dspConnectWeb", { enumerable: true, get: function () { return platform_1.platformConnectWeb; } });
15
- /**
16
- * Exports the platform client
17
- */
18
- var client_1 = require("./lib/client");
19
- Object.defineProperty(exports, "DSPClient", { enumerable: true, get: function () { return client_1.DSPClient; } });
20
- var platform_2 = require("@opentdf/sdk/platform");
21
- Object.defineProperty(exports, "PlatformClient", { enumerable: true, get: function () { return platform_2.PlatformClient; } });
22
- var utils_1 = require("./lib/utils");
23
- Object.defineProperty(exports, "createAuthInterceptor", { enumerable: true, get: function () { return utils_1.createAuthInterceptor; } });
24
- Object.defineProperty(exports, "createAuthProvider", { enumerable: true, get: function () { return utils_1.createAuthProvider; } });
25
- Object.defineProperty(exports, "createOpenTDFClient", { enumerable: true, get: function () { return utils_1.createOpenTDFClient; } });
26
- Object.defineProperty(exports, "getObligations", { enumerable: true, get: function () { return utils_1.getObligations; } });
27
- Object.defineProperty(exports, "getUserEntitlements", { enumerable: true, get: function () { return utils_1.getUserEntitlements; } });
28
- Object.defineProperty(exports, "flattenObligations", { enumerable: true, get: function () { return utils_1.flattenObligations; } });
29
- Object.defineProperty(exports, "getTrustedCertificates", { enumerable: true, get: function () { return utils_1.getTrustedCertificates; } });
30
- Object.defineProperty(exports, "validateJWSCertificateChain", { enumerable: true, get: function () { return utils_1.validateJWSCertificateChain; } });
31
- /**
32
- * Exports the DSP wrapper of OpenTDF
33
- */
34
- var dsp_1 = require("./lib/dsp");
35
- Object.defineProperty(exports, "DSP", { enumerable: true, get: function () { return dsp_1.DSP; } });
36
- Object.defineProperty(exports, "createDSP", { enumerable: true, get: function () { return dsp_1.createDSP; } });
37
- /**
38
- * Exports components of OpenTDF
39
- */
40
- var sdk_1 = require("@opentdf/sdk");
41
- Object.defineProperty(exports, "version", { enumerable: true, get: function () { return sdk_1.version; } });
42
- Object.defineProperty(exports, "clientType", { enumerable: true, get: function () { return sdk_1.clientType; } });
43
- Object.defineProperty(exports, "tdfSpecVersion", { enumerable: true, get: function () { return sdk_1.tdfSpecVersion; } });
44
- // export AuthProvider during transition period
45
- // TODO: remove this export once the SDK is updated to deprecate the AuthProvider
46
- var sdk_2 = require("@opentdf/sdk");
47
- Object.defineProperty(exports, "AuthProviders", { enumerable: true, get: function () { return sdk_2.AuthProviders; } });
48
- exports.singlecontainer = require("@opentdf/sdk/singlecontainer");
@@ -1,66 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.DSPClient = void 0;
9
- const connect_1 = require("@connectrpc/connect");
10
- const connect_web_1 = require("@connectrpc/connect-web");
11
- const config_pb_1 = require("../gen/config/v1/config_pb");
12
- const policy_import_export_pb_1 = require("../gen/policyimportexport/v1/policy_import_export_pb");
13
- const shared_pb_1 = require("../gen/shared/v1/shared_pb");
14
- const tagging_pb_1 = require("../gen/tagging/pdp/v2/tagging_pb");
15
- const version_pb_1 = require("../gen/version/v1/version_pb");
16
- const certificates_pb_1 = require("../gen/virtru/policy/certificates/v1/certificates_pb");
17
- const utils_1 = require("./utils");
18
- /**
19
- * A client for interacting with the DSP using the Connect RPC framework.
20
- *
21
- * This client supports custom interceptors, which can be used to add
22
- * authentication headers or other custom logic to outgoing requests.
23
- *
24
- */
25
- class DSPClient {
26
- constructor(options) {
27
- Object.defineProperty(this, "v1", {
28
- enumerable: true,
29
- configurable: true,
30
- writable: true,
31
- value: void 0
32
- });
33
- Object.defineProperty(this, "v2", {
34
- enumerable: true,
35
- configurable: true,
36
- writable: true,
37
- value: void 0
38
- });
39
- const interceptors = [];
40
- if (!options.platformUrl) {
41
- throw new Error('platformUrl is required for DSP client');
42
- }
43
- if (options.authProvider) {
44
- const authInterceptor = (0, utils_1.createAuthInterceptor)(options.authProvider);
45
- interceptors.push(authInterceptor);
46
- }
47
- if (options.interceptors?.length) {
48
- interceptors.push(...options.interceptors);
49
- }
50
- const transport = (0, connect_web_1.createConnectTransport)({
51
- baseUrl: options.platformUrl,
52
- interceptors,
53
- });
54
- this.v1 = {
55
- configService: (0, connect_1.createClient)(config_pb_1.ConfigService, transport),
56
- policyArtifactService: (0, connect_1.createClient)(policy_import_export_pb_1.PolicyArtifactService, transport),
57
- sharedService: (0, connect_1.createClient)(shared_pb_1.SharedService, transport),
58
- versionService: (0, connect_1.createClient)(version_pb_1.VersionService, transport),
59
- certificateService: (0, connect_1.createClient)(certificates_pb_1.CertificateService, transport),
60
- };
61
- this.v2 = {
62
- taggingPDPService: (0, connect_1.createClient)(tagging_pb_1.TaggingPDPService, transport),
63
- };
64
- }
65
- }
66
- exports.DSPClient = DSPClient;
@@ -1,10 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.MAX_CERT_BYTES = exports.MAX_CERTS = void 0;
9
- exports.MAX_CERTS = 10; // reasonable upper bound for chain depth
10
- exports.MAX_CERT_BYTES = 64 * 1024; // 64KB per certificate
@@ -1,49 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.DSP = void 0;
9
- exports.createDSP = createDSP;
10
- const sdk_1 = require("@opentdf/sdk");
11
- const platform_1 = require("@opentdf/sdk/platform");
12
- const client_1 = require("./client");
13
- class DSP extends sdk_1.OpenTDF {
14
- constructor(options) {
15
- super(options);
16
- Object.defineProperty(this, "services", {
17
- enumerable: true,
18
- configurable: true,
19
- writable: true,
20
- value: void 0
21
- });
22
- if (!options.platformUrl) {
23
- throw new Error('platformUrl is required for DSP client');
24
- }
25
- const dspClient = new client_1.DSPClient({
26
- platformUrl: options.platformUrl,
27
- interceptors: options.interceptors,
28
- authProvider: options.authProvider,
29
- });
30
- const platformClient = new platform_1.PlatformClient({
31
- platformUrl: options.platformUrl,
32
- interceptors: options.interceptors,
33
- authProvider: options.authProvider,
34
- });
35
- this.services = {
36
- v1: {
37
- ...platformClient.v1,
38
- ...dspClient.v1,
39
- },
40
- v2: {
41
- ...dspClient.v2,
42
- },
43
- };
44
- }
45
- }
46
- exports.DSP = DSP;
47
- function createDSP(options) {
48
- return new DSP(options);
49
- }
@@ -1,126 +0,0 @@
1
- "use strict";
2
- /*
3
- * Copyright (c) Virtru Corporation. All rights reserved.
4
- *
5
- * Your use of this file is governed by the Virtu Terms of Service <https://www.virtru.com/terms-of-service/>.
6
- */
7
- Object.defineProperty(exports, "__esModule", { value: true });
8
- exports.generateKeyPair = generateKeyPair;
9
- exports.generateSigningKeyPair = generateSigningKeyPair;
10
- exports.encryptWithPublicKey = encryptWithPublicKey;
11
- exports.decryptWithPrivateKey = decryptWithPrivateKey;
12
- exports.sign = sign;
13
- exports.verify = verify;
14
- exports.generateECKeyPair = generateECKeyPair;
15
- exports.deriveKeyFromECDH = deriveKeyFromECDH;
16
- const singlecontainer_1 = require("@opentdf/sdk/singlecontainer");
17
- const singlecontainer_2 = require("@opentdf/sdk/singlecontainer");
18
- const sdk_1 = require("@opentdf/sdk");
19
- const primitives_1 = require("./primitives");
20
- const keys_1 = require("./keys");
21
- // ─── Key Generation ───────────────────────────────────────────────────────────
22
- const ENC_DEC_METHODS = ['encrypt', 'decrypt'];
23
- const SIGN_VERIFY_METHODS = ['sign', 'verify'];
24
- const RSA_OAEP_PARAMS = {
25
- name: 'RSA-OAEP',
26
- modulusLength: 2048,
27
- publicExponent: [1, 0, 1],
28
- hash: 'SHA-256',
29
- };
30
- const RS256_PARAMS = {
31
- name: 'RSASSA-PKCS1-v1_5',
32
- modulusLength: 2048,
33
- publicExponent: [1, 0, 1],
34
- hash: 'SHA-256',
35
- };
36
- /**
37
- * Generate an RSA key pair for encryption/decryption (RSA-OAEP).
38
- *
39
- * VirtruCrypto generates a single combined keypair handle. Both the PublicKey
40
- * and PrivateKey opaque wrappers reference the same VirtruCryptoKey — the
41
- * handle already carries all necessary usages. No export/re-import needed.
42
- */
43
- async function generateKeyPair(_size) {
44
- const crypto = await (0, primitives_1.getVirtruCrypto)();
45
- const combined = await crypto.generateKey(RSA_OAEP_PARAMS, true, ENC_DEC_METHODS);
46
- return (0, keys_1.wrapKeyPair)(combined, combined, 'rsa:2048');
47
- }
48
- /**
49
- * Generate an RSA key pair for signing/verification (RSASSA-PKCS1-v1_5).
50
- */
51
- async function generateSigningKeyPair() {
52
- const crypto = await (0, primitives_1.getVirtruCrypto)();
53
- const combined = await crypto.generateKey(RS256_PARAMS, true, SIGN_VERIFY_METHODS);
54
- return (0, keys_1.wrapKeyPair)(combined, combined, 'rsa:2048');
55
- }
56
- // ─── RSA Encrypt / Decrypt ────────────────────────────────────────────────────
57
- /**
58
- * Encrypt with RSA-OAEP public key.
59
- * Accepts Binary payload or a SymmetricKey for key-wrapping.
60
- */
61
- async function encryptWithPublicKey(payload, publicKey) {
62
- const crypto = await (0, primitives_1.getVirtruCrypto)();
63
- let payloadBytes;
64
- if ((0, keys_1.isSymmetricKey)(payload)) {
65
- payloadBytes = await crypto.exportKey('raw', (0, keys_1.unwrapSymmetricKey)(payload));
66
- }
67
- else {
68
- payloadBytes = new Uint8Array(payload.asArrayBuffer());
69
- }
70
- const vKey = (0, keys_1.unwrapPublicKey)(publicKey);
71
- const encrypted = await crypto.encrypt(RSA_OAEP_PARAMS, vKey, payloadBytes);
72
- return singlecontainer_1.Binary.fromArrayBuffer(encrypted.buffer);
73
- }
74
- /**
75
- * Decrypt with RSA-OAEP private key.
76
- */
77
- async function decryptWithPrivateKey(encryptedPayload, privateKey) {
78
- const crypto = await (0, primitives_1.getVirtruCrypto)();
79
- const vKey = (0, keys_1.unwrapPrivateKey)(privateKey);
80
- const payloadBytes = new Uint8Array(encryptedPayload.asArrayBuffer());
81
- const decrypted = await crypto.decrypt(RSA_OAEP_PARAMS, vKey, payloadBytes);
82
- return singlecontainer_1.Binary.fromArrayBuffer(decrypted.buffer);
83
- }
84
- // ─── Sign / Verify ────────────────────────────────────────────────────────────
85
- /**
86
- * Sign data with an RSA private key (RS256 only).
87
- * VirtruCrypto requires pre-hashed data, so the data is SHA-256 hashed first.
88
- */
89
- async function sign(data, privateKey, algorithm) {
90
- if (algorithm !== 'RS256') {
91
- throw new sdk_1.ConfigurationError(`Signing algorithm '${algorithm}' not supported in FIPS mode. Only RS256 is supported.`);
92
- }
93
- const crypto = await (0, primitives_1.getVirtruCrypto)();
94
- const vKey = (0, keys_1.unwrapPrivateKey)(privateKey);
95
- // VirtruCrypto signs a pre-computed hash, not raw data
96
- const hash = await crypto.digest({ name: 'SHA-256' }, data);
97
- const sig = await crypto.sign(RS256_PARAMS, vKey, new Uint8Array(hash));
98
- return new Uint8Array(sig);
99
- }
100
- /**
101
- * Verify an RS256 signature.
102
- * VirtruCrypto requires pre-hashed data.
103
- */
104
- async function verify(data, signature, publicKey, algorithm) {
105
- if (algorithm !== 'RS256') {
106
- throw new sdk_1.ConfigurationError(`Verification algorithm '${algorithm}' not supported in FIPS mode. Only RS256 is supported.`);
107
- }
108
- const crypto = await (0, primitives_1.getVirtruCrypto)();
109
- const vKey = (0, keys_1.unwrapPublicKey)(publicKey);
110
- const hash = await crypto.digest({ name: 'SHA-256' }, data);
111
- try {
112
- return await crypto.verify(RS256_PARAMS, vKey, signature, new Uint8Array(hash));
113
- }
114
- catch (e) {
115
- if (e === 'Signature verification error')
116
- return false;
117
- throw e;
118
- }
119
- }
120
- // ─── EC Stubs (unsupported in FIPS mode) ─────────────────────────────────────
121
- async function generateECKeyPair(_curve) {
122
- throw new sdk_1.ConfigurationError('EC key generation is not supported in FIPS mode.');
123
- }
124
- async function deriveKeyFromECDH(_privateKey, _publicKey, _hkdfParams) {
125
- throw new sdk_1.ConfigurationError('ECDH key derivation is not supported in FIPS mode.');
126
- }