SEAL-js is a TypeScript implementation of Secure Evidence Attribution Label (SEAL) according to Version 1.1.4, 5-October-2024.
It should run out of the box in modern browsers as well as Node.js
This library is under active development and not fully functional yet. Proceed with caution!
- ✅ Read SEAL metadata
- ✅ DNS record lookup
- ✅ Parse DNS record
- ✅ Parse signature format
- ✅ Compute the digest
- ✅ Compute the Double Digest
- ✅ Hash the digest
- ✅ Validate the digest
- ❌ Write SEAL metadata
- ✅ JPEG
- ✅ PNG
- ✅ GIF
- ✅ WEBP
- ✅ HEIC
- 🚧 AVIF
- ✅ PNM/PPM/PGM
- ✅ SVG
- ✅ TIFF
- ✅ DICOM
- ❌ BMP (no metadata support)
- ❌ FAX (No. Seriously, just no.)
- ✅ AAC
- 🚧 AVIF
- ✅ M4A
- ✅ MKA
- ✅ MP3
- ✅ MP3+ID3
- ✅ MPEG
- ✅ WAV
- ✅ MP4
- 🚧 3GP
- 🚧 AVI
- 🚧 AVIF
- 🚧 HEIF
- 🚧 HEVC
- 🚧 DIVX
- 🚧 MKV
- 🚧 MOV/Quicktime
- ✅ MPEG
- 🚧 WEBM
- ✅ XML
- ✅ HTML
- ✅ Plain Text
- 🚧 OpenDocument (docx, pptx, etc.)
- ✅ EXIF (Nested EXIF records are unsupported due to the ambiguous scope.)
- ✅ XMP (Nested XMP records are unsupported due to the ambiguous scope.)
- 🚧 RIFF
- 🚧 ISO-BMFF
- ✅ Matroska
- 🚧 ZIP (The OpenDocument formats use ZIP.)
Example usage in a Node.js environment:
import path from 'path'
import { readFileSync } from 'node:fs';
import { SEAL, mediaAsset } from './dist/seal.js';
if (process.argv.length < 3) {
console.error('Missing filename');
process.exit(1);
}
// Read the asset file
const buf = readFileSync(process.argv[2]).buffer;
let asset = new mediaAsset(buf, path.basename(process.argv[2]));
if (asset.seal_segments.length > 0) {
SEAL.parse(asset);
console.log(await SEAL.validateSig(asset))
};TODO
Contributions are welcome!
Distributed under MIT License. See LICENSE and LICENSE-typescriptfor more information.