prettier

opentdf · Jul 31, 2024 · 7c4df1d · 7c4df1d
1 parent 3e8cca7
commit 7c4df1d
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 35 deletions.
diff --git a/lib/src/access.ts b/lib/src/access.ts
@@ -1,4 +1,5 @@
 import { type AuthProvider } from './auth/auth.js';
+import { pemToCryptoPublicKey } from './utils.js';
 
 export class RewrapRequest {
   signedRequestToken = '';
@@ -49,13 +50,13 @@ export async function fetchWrappedKey(
   return response.json();
 }
 
-export async function fetchECKasPubKey(kasEndpoint: string): Promise<string> {
+export async function fetchECKasPubKey(kasEndpoint: string): Promise<CryptoKey> {
   const kasPubKeyResponse = await fetch(`${kasEndpoint}/kas_public_key?algorithm=ec:secp256r1`);
   if (!kasPubKeyResponse.ok) {
     throw new Error(
       `Unable to validate KAS [${kasEndpoint}]. Received [${kasPubKeyResponse.status}:${kasPubKeyResponse.statusText}]`
     );
   }
-  return kasPubKeyResponse.json();
+  const pem = await kasPubKeyResponse.json();
+  return pemToCryptoPublicKey(pem);
 }
-
diff --git a/lib/src/index.ts b/lib/src/index.ts
@@ -10,21 +10,8 @@ import {
 } from './nanotdf/index.js';
 import { keyAgreement } from './nanotdf-crypto/index.js';
 import { TypedArray, createAttribute, Policy } from './tdf/index.js';
-import { AuthProvider } from './auth/auth.js';
 import { fetchECKasPubKey } from './access.js';
 import { ClientConfig } from './nanotdf/Client.js';
-import { pemToCryptoPublicKey } from './utils.js';
-
-async function fetchKasPubKey(kasUrl: string): Promise<CryptoKey> {
-  const kasPubKeyResponse = await fetch(`${kasUrl}/kas_public_key?algorithm=ec:secp256r1`);
-  if (!kasPubKeyResponse.ok) {
-    throw new Error(
-      `Unable to validate KAS [${kasUrl}]. Received [${kasPubKeyResponse.status}:${kasPubKeyResponse.statusText}]`
-    );
-  }
-  const pem = await kasPubKeyResponse.json();
-  return pemToCryptoPublicKey(pem);
-}
 
 /**
  * NanoTDF SDK Client

diff --git a/lib/tdf3/src/client/builders.ts b/lib/tdf3/src/client/builders.ts
@@ -45,7 +45,7 @@ export type EncryptParams = {
   eo?: EntityObject;
   payloadKey?: Binary;
   keyMiddleware?: EncryptKeyMiddleware;
-  splitPlan?: SplitStep[],
+  splitPlan?: SplitStep[];
   streamMiddleware?: EncryptStreamMiddleware;
 };
 

diff --git a/lib/tdf3/src/client/index.ts b/lib/tdf3/src/client/index.ts
@@ -330,10 +330,10 @@ export class Client {
     });
     if (clientConfig.kasPublicKey) {
       this.kasKeys[this.kasEndpoint] = Promise.resolve({
-          url: this.kasEndpoint,
-          algorithm: 'rsa:2048',
-          publicKey: clientConfig.kasPublicKey,
-        });
+        url: this.kasEndpoint,
+        algorithm: 'rsa:2048',
+        publicKey: clientConfig.kasPublicKey,
+      });
     }
     for (const kasEndpoint of this.allowedKases) {
       if (kasEndpoint in this.kasKeys) {
@@ -373,7 +373,6 @@ export class Client {
     splitPlan,
   }: EncryptParams): Promise<DecoratedReadableStream> {
     const dpopKeys = await this.dpopKeys;
-    const kasPublicKey = await this.kasPublicKey;
 
     const policyObject = asPolicy(scope);
     validatePolicyObject(policyObject);
@@ -391,9 +390,9 @@ export class Client {
       attributeSet = s;
     }
 
-    const splits: SplitStep[] = splitPlan || [{kas: this.kasEndpoint}]
+    const splits: SplitStep[] = splitPlan || [{ kas: this.kasEndpoint }];
     encryptionInformation.keyAccess = await Promise.all(
-      splits.map(async ({kas, sid}) => {
+      splits.map(async ({ kas, sid }) => {
         const kasPublicKey = await this.kasKeys[kas];
         return buildKeyAccess({
           attributeSet,

diff --git a/lib/tdf3/src/models/encryption-information.ts b/lib/tdf3/src/models/encryption-information.ts
@@ -83,7 +83,9 @@ export class SplitKey {
       splitIds.length,
       this.cryptoService
     );
-    const splitsByName = Object.fromEntries(splitIds.map((sid, index) => [sid, unwrappedKeySplitBuffers[index]]));
+    const splitsByName = Object.fromEntries(
+      splitIds.map((sid, index) => [sid, unwrappedKeySplitBuffers[index]])
+    );
 
     const keyAccessObjects = [];
     for (const item of this.keyAccess) {
@@ -143,7 +145,7 @@ export class SplitKey {
     const policyForManifest = base64.encode(JSON.stringify(policy));
 
     return {
-      type: 'flat',
+      type: 'split',
       keyAccess: keyAccessObjects,
       method: {
         algorithm,

diff --git a/lib/tdf3/src/tdf.ts b/lib/tdf3/src/tdf.ts
@@ -804,27 +804,39 @@ async function loadTDFStream(
   return { manifest, zipReader, centralDirectory };
 }
 
-export function splitLookupTableFactory(keyAccess: KeyAccessObject[], allowedKases: string[]): Record<string, Record<string, KeyAccessObject>> {
-  const splitIds = new Set(keyAccess.map(({sid}) => sid || ''));
-  const accessibleSplits = new Set(keyAccess.filter(({url}) => allowedKases.includes(url)).map(({sid}) => sid));
+export function splitLookupTableFactory(
+  keyAccess: KeyAccessObject[],
+  allowedKases: string[]
+): Record<string, Record<string, KeyAccessObject>> {
+  const splitIds = new Set(keyAccess.map(({ sid }) => sid || ''));
+  const accessibleSplits = new Set(
+    keyAccess.filter(({ url }) => allowedKases.includes(url)).map(({ sid }) => sid)
+  );
   if (splitIds.size > accessibleSplits.size) {
-    const disallowedKases = new Set(keyAccess.filter(({url}) => !allowedKases.includes(url)).map(({url}) => url));
+    const disallowedKases = new Set(
+      keyAccess.filter(({ url }) => !allowedKases.includes(url)).map(({ url }) => url)
+    );
     throw new KasDecryptError(
-      `Unreconstructable key - disallowed KASes include: [${JSON.stringify(disallowedKases)}] from splitIds [${JSON.stringify(splitIds)}]`
+      `Unreconstructable key - disallowed KASes include: [${JSON.stringify(
+        disallowedKases
+      )}] from splitIds [${JSON.stringify(splitIds)}]`
     );
   }
-  const splitPotentials: Record<string, Record<string, KeyAccessObject>> = Object.fromEntries([...splitIds].map(s => [s, {}]));
+  const splitPotentials: Record<string, Record<string, KeyAccessObject>> = Object.fromEntries(
+    [...splitIds].map((s) => [s, {}])
+  );
   for (const kao of keyAccess) {
-    const disjunction  = splitPotentials[kao.sid || ''];
+    const disjunction = splitPotentials[kao.sid || ''];
     if (kao.url in disjunction) {
-      throw new KasDecryptError(`TODO: Fallback to no split ids. Repetition found for [${kao.url}] on split [${kao.sid}]`);
+      throw new KasDecryptError(
+        `TODO: Fallback to no split ids. Repetition found for [${kao.url}] on split [${kao.sid}]`
+      );
     }
     if (allowedKases.includes(kao.url)) {
       disjunction[kao.url] = kao;
     }
   }
   return splitPotentials;
-
 }
 
 async function unwrapKey({