-
Notifications
You must be signed in to change notification settings - Fork 63
/
Copy pathencrypted_data_key.ts
73 lines (65 loc) · 2.53 KB
/
encrypted_data_key.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
import {
readOnlyBinaryProperty,
readOnlyProperty,
frozenClass,
} from './immutable_class'
import { needs } from './needs'
/*
* This public interface to the encrypted data key (EDK) objects is provided for
* developers of CMMs and keyrings only. If you are a user of the AWS Encryption
* SDK and you are not developing your own CMMs and/or keyrings, you do not
* need to use it and you should not do so.
*/
/* The providerInfo is technically bytes.
* That most keyrings chose to use store this data as a string just convenience.
* It is easy and manageable to store pass utf8 strings around,
* however some keyrings may chose to use this field to store binary data.
* The raw AES keyrings are a notable example.
* To complicate matters, utf8 is "destructive" because of multi-byte characters.
* binary != decodeUtf8(encodeUtf8(binary))
* Any binary value above 127 will be interpreted as a multi-byte character.
* To support the simplicity of strings but the extensibility of binary
* I chose default to strings, but offer an optional binary property.
* All serialize/deserialize operations will prefer the binary value if present.
*
* *It is not required that the providerInfo string "equal" the binary rawInfo*
*
*/
export interface IEncryptedDataKey
extends Readonly<{
providerInfo: string
providerId: string
encryptedDataKey: Uint8Array
rawInfo?: Uint8Array
}> {}
export class EncryptedDataKey {
declare readonly providerInfo: string
declare readonly providerId: string
declare readonly encryptedDataKey: Uint8Array
declare readonly rawInfo?: Uint8Array
constructor(edkInput: IEncryptedDataKey) {
const { providerInfo, providerId, encryptedDataKey, rawInfo } = edkInput
needs(
typeof providerInfo === 'string' &&
providerInfo &&
typeof providerId === 'string' &&
providerId &&
encryptedDataKey instanceof Uint8Array &&
encryptedDataKey.byteLength,
'Malformed encrypted data key'
)
readOnlyProperty(this, 'providerInfo', providerInfo)
readOnlyProperty(this, 'providerId', providerId)
readOnlyBinaryProperty(this, 'encryptedDataKey', encryptedDataKey)
if (rawInfo instanceof Uint8Array) {
readOnlyBinaryProperty(this, 'rawInfo', rawInfo)
} else {
readOnlyProperty(this, 'rawInfo', undefined)
}
Object.setPrototypeOf(this, EncryptedDataKey.prototype)
Object.freeze(this)
}
}
frozenClass(EncryptedDataKey)