Environment Setup
Install package
Content
- sdsdk.tar.gz: contains the SDSDK package in 3 formats: UMD, MJS and CJS for Node and Web platforms. Theses platforms are different in terms of use and installation.
- sbom-all.json: Complete SBOM - Software Bill of Materials - This file includes a comprehensive list of all dependencies, covering both production and development dependencies, providing a full overview of the software components.
- sbom-prod.json: Production SBOM - Software Bill of Materials - This file lists only the production dependencies.
- sdsdk_sha256.txt: contains the SHA256 hash of the sdsdk.tar.gz file.
- sdsdk_doc.tar.gz: contains a static HTML documentation of the SDSDK product.
Check integrity
It is recommended to check the integrity of the sdsdk.tar.gz prior to manipulation:
bash
sha256sum -c sdsdk_sha256.txtCompatibility
Stormshield guarantees the correct functioning of the SDK on the following versions:
| Platform | Version |
|---|---|
| Node.js | 20 |
| Firefox | 139 |
| Chromium | 138 |
Installation in Node.js environments (via npm)
Install package with npm
bash
npm install ./sdsdk.tar.gzThen, you can use sdsdk in your code as follows:
javascript
import { ztdfEncrypt } from 'sdsdk';
const ztdf = await ztdfEncrypt(...)Installation in Web environments (HTML)
bash
## Unpack SDK
tar -xzf sdsdk.tar.gzTo use the UMD format, add the following tag:
html
<script src="./path-to-sdsk/sdsdk/dist/sdsdk.js"></script>To use the ESM format, add the following tag:
html
<script type="module">
// Import exemple
import { ztdfEncrypt, ztdfDecrypt } from './path-to-sdsk/sdsdk/dist/sdsdk.mjs';
ztdfEncrypt(...)
</script>KAS setup
The Key Access Server (KAS) is the server that enables you to securely store your keys. The SDSDK is compatible with Stormshield KMaaS. You must configure a Crypto API application in your KMaaS. For more information, refer to the KMaaS documentation.
Network
To ensure communication, the SDSDK must be able to contact the KAS server via HTTPS.
Egress traffic URL:
| Deployment | URL |
|---|---|
| On-premise | URL of the server hosting the service (refer to KMaaS documentation for more information) |
| SaaS | https://cse.mysds.io |
HTTP endpoint:
| Endpoint | Description |
|---|---|
| https://<kmaas-url>/api/v1/<tenant-id>/crypto/encrypt | KMaaS Crypto API encrypt endpoint |
| https://<kmaas-url>/api/v1/<tenant-id>/crypto/decrypt | KMaaS Crypto API decrypt endpoint |
HTTP methods:
| Method | Description |
|---|---|
| POST | Used to contact the Crypto API endpoint |
| OPTIONS | Used for Cross-Origin Resource Sharing (CORS) preflight requests, in web environment |