chore(docs): Adds documentation on some recent changes (#348)

Co-authored-by: Paul Flynn <43211074+pflynn-virtru@users.noreply.github.com>
opentdf · Sep 19, 2024 · ced163d · ced163d
1 parent 4e54c0d
commit ced163d
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 1 deletion.
diff --git a/lib/src/access.ts b/lib/src/access.ts
@@ -52,19 +52,33 @@ export async function fetchWrappedKey(
 
 export type KasPublicKeyAlgorithm = 'ec:secp256r1' | 'rsa:2048';
 
+/**
+ * Information about one of a KAS's published public keys.
+ * A KAS may publish multiple keys with a given algorithm type.
+ */
 export type KasPublicKeyInfo = {
+  /** The locator to the given KAS associated with this key */
   url: string;
+
+  /** The encryption algorithm the key is to be used with. */
   algorithm: KasPublicKeyAlgorithm;
+
+  /** If present, an identifier which is tied to this specific key. */
   kid?: string;
+
+  /** The key value, encoded within a PEM envelope */
   publicKey: string;
+
+  /** A subtle crypto version of the key.
+   * This can be used for wrapping key data for key access objects (with RSA)
+   * or to derive key data (with EC keys). */
   key: Promise<CryptoKey>;
 };
 
 /**
  * If we have KAS url but not public key we can fetch it from KAS, fetching
  * the value from `${kas}/kas_public_key`.
  */
-
 export async function fetchECKasPubKey(kasEndpoint: string): Promise<KasPublicKeyInfo> {
   validateSecureUrl(kasEndpoint);
   const pkUrlV2 = `${kasEndpoint}/v2/kas_public_key?algorithm=ec:secp256r1&v=2`;

diff --git a/lib/src/nanotdf/models/ResourceLocator.ts b/lib/src/nanotdf/models/ResourceLocator.ts
@@ -36,6 +36,15 @@ export default class ResourceLocator {
     readonly idType: ResourceLocatorIdentifierEnum = ResourceLocatorIdentifierEnum.None
   ) {}
 
+  /**
+   * Construct a new URL or URL + identifier pair, for use with NanoTDF envelopes.
+   * @param url The URL to encrypt; `http` and `https` schemes are supported
+   * @param identifier An optional identifier.
+   *    For KAS URLs, this is usually a public key identifier (kid). Limit 32 characters
+   * @returns a value representing the URL and identifier, if present.
+   *    This method throws an Error if the URL is invalid or of the wrong schema,
+   *    or if the identifier is an unsupported value.
+   */
   static fromURL(url: string, identifier?: string): ResourceLocator {
     const [protocolStr, body] = url.split('://');