Function: ztdfEncrypt(encryptParams: ZtdfEncryptParameters)
The ztdfEncrypt function performs symmetric encryption of data using the Zero Trust Data Format (ZTDF).
Description
This function takes a ZtdfEncryptParameters object as input, which contains the encryption parameters.
Parameters
sdsdkEncryptParameters: object containing encryption parameters.
data
- Type:
Uint8Array
- Max Length: 10Mo
- Description: Data to be encrypted.
mimeType
- Type:
string
- Description: MIME type of the data.
dataAttributes
- Type:
array
- Description: Array of attributes related to the data to be encrypted. Can be an empty array.
Data attributes are used during the decryption process to enforce Attribute-Based Access Control (ABAC). These attributes enable granular authorization decisions by verifying that the requesting user or system meets the defined security policies before granting access to encrypted data.
kas.baseKasUrl
- Type:
string
- Description: Base URL of the KAS.
kas.tenantId
- Type:
string
- Description: Tenant ID of the KAS.
kas.keyAccessProtocol
- Type:
string
- Description: Key access protocol (currently only "symmetric_kas" is supported).
kas.authentication.mode
- Type:
string
- Description: Authentication mode ("basic" or "bearer").
kas.authentication.value
- Type:
string
- Description: Authentication value (API key or JWT value).
Return
Promise containing an SdsdkZtdf object representing the encrypted ZTDF container.
Example
javascript
const { ztdfEncrypt, ztdfDecrypt } = require('sdsdk');
const encryptParams = {
data: new TextEncoder().encode('Data to be encrypted'),
mimeType: 'application/octet-stream',
dataAttributes: [{ attribute: 'value' }],
kas: {
baseKasUrl: 'https://kmaas.com',
tenantId: '1234567890',
keyAccessProtocol: 'symmetric_kas',
authentication: {
mode: 'basic',
value: 'API key or JWT value',
},
},
};
ztdfEncrypt(encryptParams).then((result) => {
console.log(result.manifest);
console.log(result.payload);
});