@blamejs/core 0.9.12 → 0.9.15

package/lib/middleware/idempotency-key.js

@@ -44,6 +44,11 @@ var nodeCrypto    = require("node:crypto");
 var lazyRequire   = require("../lazy-require");
 var numericBounds = require("../numeric-bounds");
 var safeBuffer    = require("../safe-buffer");
+var safeJson      = require("../safe-json");
+var safeSql       = require("../safe-sql");
+var bCrypto       = require("../crypto");
+var cryptoField   = require("../crypto-field");
+var vault         = require("../vault");
 var { defineClass } = require("../framework-error");
 
 var audit          = lazyRequire(function () { return require("../audit"); });
@@ -124,6 +129,250 @@ function memoryStore(opts) {
   };
 }
 
+// Operator-supplied table name is validated via b.safeSql.validateIdentifier
+// — single source of truth for the framework's SQL-identifier shape
+// (ASCII identifier chars only, 63-char cap, no reserved words). Direct
+// interpolation is safe once the validator throws on bad input.
+
+/**
+ * @primitive b.middleware.idempotencyKey.dbStore
+ * @signature b.middleware.idempotencyKey.dbStore(opts)
+ * @since     0.9.14
+ * @status    stable
+ * @related   b.middleware.idempotencyKey, b.middleware.idempotencyKey.memoryStore, b.db, b.cryptoField
+ *
+ * Persistent-backed store for `idempotencyKey` middleware. Implements
+ * the same three-method interface as `memoryStore` (`get` / `set` /
+ * `delete`) but stores records in a SQLite-shaped database — the
+ * framework's internal `b.db`, an operator-supplied better-sqlite3
+ * instance, or any object exposing `prepare(sql) → { run, get, all }`.
+ *
+ * Use `dbStore` instead of `memoryStore` when:
+ *
+ *   - multiple processes share the request-handling fleet (forks
+ *     behind a load balancer, multi-instance K8s deployment) and a
+ *     retry can land on a different process than the original;
+ *   - the daemon may restart between the original request and the
+ *     retry (graceful rolling deploy, OOM kill, planned reboot) —
+ *     `memoryStore` is volatile, `dbStore` survives the restart;
+ *   - audit / compliance review needs to walk historic
+ *     idempotency cache decisions queryable with
+ *     `SELECT k, status_code, expires_at FROM <tableName>` —
+ *     non-sealed columns are forensic-queryable without unsealing.
+ *
+ * **Defense-in-depth defaults (since 0.9.15) — both can be opted out:**
+ *
+ *   - `hashKeys: true` — operator-supplied keys are sha3-512
+ *     namespace-hashed via `b.crypto.namespaceHash("idempotency-key",
+ *     key)` before insert/lookup. The `k` column carries the hash, not
+ *     the raw key. Operator keys often carry PII (order numbers,
+ *     emails, vendor prefixes); the DB never sees them.
+ *   - `seal: true` — `headers` and `body` columns are sealed via
+ *     `b.cryptoField.sealRow` (vault-managed key, AEAD envelope) so a
+ *     DB dump leaks neither cached response bodies nor headers.
+ *     Requires `b.vault.init(...)` to have run; falls back to plain-
+ *     text with a one-shot audit warning when vault isn't ready, so
+ *     test-fixture / boot-script callers still work.
+ *
+ * Lazily-expired: `get(key)` returns `null` for any row whose
+ * `expires_at` has passed. The cleanup is scoped by the observed
+ * `expires_at` so a concurrent upsert from a sibling process isn't
+ * clobbered.
+ *
+ * **Schema (v0.9.15, split columns):**
+ *
+ * ```
+ *   k             TEXT PRIMARY KEY   -- hashed key when hashKeys=true
+ *   fingerprint   TEXT NOT NULL      -- request method+path+body digest
+ *   status_code   INTEGER NOT NULL   -- forensic-queryable
+ *   headers       TEXT NOT NULL      -- JSON, sealed when seal=true
+ *   body          TEXT NOT NULL      -- base64, sealed when seal=true
+ *   expires_at    INTEGER NOT NULL
+ * ```
+ *
+ * **Migration note**: v0.9.14 used a single `v` JSON envelope column.
+ * Operators with a v0.9.14 table must `DROP TABLE <tableName>;` (or
+ * pick a fresh `tableName`) before upgrading — `CREATE TABLE IF NOT
+ * EXISTS` won't migrate column layout. Pre-v1 the framework breaks
+ * across patch versions for security correctness.
+ *
+ * @opts
+ *   db:         object,   // required — sqlite-shaped: { prepare(sql) → { run, get, all } }
+ *   tableName?: string,   // default "blamejs_idempotency_keys"; validated via b.safeSql.validateIdentifier
+ *   init?:      boolean,  // default true — run CREATE TABLE IF NOT EXISTS at construction
+ *   hashKeys?:  boolean,  // default true — store sha3-512 namespace-hash of the key, not the raw key
+ *   seal?:      boolean,  // default true — seal headers + body via b.cryptoField when vault is ready
+ *
+ * @example
+ *   // single-process daemon, framework's internal sqlite, both defaults on:
+ *   var b = require("blamejs");
+ *   await b.vault.init({ dataDir: "/var/lib/myapp" });
+ *   await b.db.init({ dataDir: "/var/lib/myapp", schema: [] });
+ *   var store = b.middleware.idempotencyKey.dbStore({ db: b.db });
+ *   var mw = b.middleware.idempotencyKey({
+ *     store: store,
+ *     ttlMs: b.constants.TIME.hours(24),
+ *   });
+ *   app.use(mw);
+ */
+function dbStore(opts) {
+  opts = opts || {};
+  if (!opts.db || typeof opts.db !== "object" || typeof opts.db.prepare !== "function") {
+    throw new IdempotencyError("idempotency/bad-db",
+      "dbStore: opts.db must be a sqlite-shaped database with a `prepare(sql)` method", true);
+  }
+  var tableNameRaw = opts.tableName !== undefined ? opts.tableName : "blamejs_idempotency_keys";
+  // Quote-and-validate via safeSql.quoteIdentifier — runs
+  // validateIdentifier internally + emits the dialect-correct quoted
+  // form. Identifier always reaches SQL through the quoted form.
+  var qTable;
+  try { qTable = safeSql.quoteIdentifier(tableNameRaw, "sqlite"); }
+  catch (sqlErr) {
+    throw new IdempotencyError("idempotency/bad-table-name",
+      "dbStore: opts.tableName is not a valid SQL identifier: " +
+      (sqlErr && sqlErr.message ? sqlErr.message : String(sqlErr)), true);
+  }
+  var qIndex = safeSql.quoteIdentifier(tableNameRaw + "_expires_idx", "sqlite");
+  var doInit   = opts.init     !== false;
+  var hashKeys = opts.hashKeys !== false;
+  var sealReq  = opts.seal     !== false;
+  var db = opts.db;
+
+  // Probe vault readiness with a sentinel seal. If vault.init() hasn't
+  // run (test fixture / boot-script / operator simply hasn't wired the
+  // posture yet) sealing falls back to plaintext for the lifetime of
+  // this dbStore instance and a single audit warning emits so the
+  // posture gap is visible in the chain.
+  var sealEnabled = false;
+  if (sealReq) {
+    try {
+      vault.seal("__idempotency_seal_probe__");
+      sealEnabled = true;
+    } catch (_vaultErr) {
+      _emitAudit("idempotency.seal_skipped_no_vault",
+        { tableName: tableNameRaw,
+          reason: "vault.init() has not run; sealing falls back to plaintext" },
+        "warning");
+    }
+  }
+
+  // Register the table with cryptoField. registerTable is idempotent
+  // — subsequent dbStore() calls with the same tableName re-declare
+  // the same sealedFields and no-op.
+  if (sealEnabled) {
+    cryptoField.registerTable(tableNameRaw, {
+      sealedFields: ["headers", "body"],
+    });
+  }
+
+  if (doInit) {
+    db.prepare("CREATE TABLE IF NOT EXISTS " + qTable + " (" +
+      "k TEXT PRIMARY KEY, " +
+      "fingerprint TEXT NOT NULL, " +
+      "status_code INTEGER NOT NULL, " +
+      "headers TEXT NOT NULL, " +
+      "body TEXT NOT NULL, " +
+      "expires_at INTEGER NOT NULL)").run();
+    db.prepare("CREATE INDEX IF NOT EXISTS " + qIndex + " ON " +
+      qTable + "(expires_at)").run();
+  }
+
+  // Prepared statements. status_code + expires_at stay non-sealed
+  // so audit/forensic SELECTs don't have to unseal-everything.
+  var stmtGet = db.prepare(
+    "SELECT fingerprint, status_code, headers, body, expires_at FROM " +
+    qTable + " WHERE k = ?");
+  var stmtUpsert = db.prepare(
+    "INSERT INTO " + qTable +
+    "(k, fingerprint, status_code, headers, body, expires_at) " +
+    "VALUES (?, ?, ?, ?, ?, ?) " +
+    "ON CONFLICT(k) DO UPDATE SET " +
+    "  fingerprint = excluded.fingerprint, " +
+    "  status_code = excluded.status_code, " +
+    "  headers     = excluded.headers, " +
+    "  body        = excluded.body, " +
+    "  expires_at  = excluded.expires_at");
+  var stmtDeleteStale = db.prepare("DELETE FROM " + qTable +
+    " WHERE k = ? AND expires_at <= ?");
+  var stmtDelete = db.prepare("DELETE FROM " + qTable + " WHERE k = ?");
+
+  function _k(rawKey) {
+    if (!hashKeys) return rawKey;
+    return bCrypto.namespaceHash("idempotency-key", rawKey);
+  }
+
+  return {
+    get: function (rawKey) {
+      var row = stmtGet.get(_k(rawKey));
+      if (!row) return null;
+      if (row.expires_at < Date.now()) {
+        stmtDeleteStale.run(_k(rawKey), row.expires_at);
+        return null;
+      }
+      var liveRow = row;
+      if (sealEnabled) {
+        try { liveRow = cryptoField.unsealRow(tableNameRaw, row); }
+        catch (_unsealErr) {
+          // Decryption failed (key rotation gap / corrupt envelope).
+          // Treat as miss + drop the row so the handler runs fresh
+          // and we capture a re-sealable replacement.
+          stmtDeleteStale.run(_k(rawKey), row.expires_at);
+          return null;
+        }
+      }
+      var headersObj;
+      try {
+        headersObj = safeJson.parse(liveRow.headers, { maxBytes: 4 * 1024 * 1024 });               // allow:raw-byte-literal — 4 MiB headers ceiling
+      } catch (_jsonErr) {
+        // Parse failure has two distinct causes:
+        //   1. Genuine corruption (truncated row, encoding mishap) — drop.
+        //   2. The row was sealed by a sibling process (vault: prefix
+        //      present) but THIS process has sealEnabled=false (vault
+        //      not initialized OR opts.seal=false). The row is valid
+        //      cross-process state we just can't read locally;
+        //      DELETING it would clobber another process's cache and
+        //      turn a hit into a miss with potential side-effect re-
+        //      execution. Treat as miss + LEAVE the row in place.
+        //      Per Codex P1 on PR #45.
+        var lookedSealed = typeof liveRow.headers === "string" &&
+          liveRow.headers.indexOf("vault:") === 0;
+        if (!lookedSealed) {
+          stmtDeleteStale.run(_k(rawKey), row.expires_at);
+        }
+        return null;
+      }
+      return {
+        fingerprint: liveRow.fingerprint,
+        statusCode:  liveRow.status_code,
+        headers:     headersObj,
+        body:        liveRow.body,
+      };
+    },
+    set: function (rawKey, value, ttlMs) {
+      var rowOut = {
+        k:           _k(rawKey),
+        fingerprint: value.fingerprint,
+        status_code: value.statusCode,
+        headers:     JSON.stringify(value.headers || {}),
+        body:        value.body || "",
+        expires_at:  Date.now() + ttlMs,
+      };
+      if (sealEnabled) {
+        rowOut = cryptoField.sealRow(tableNameRaw, rowOut);
+      }
+      stmtUpsert.run(
+        rowOut.k, rowOut.fingerprint, rowOut.status_code,
+        rowOut.headers, rowOut.body, rowOut.expires_at);
+    },
+    delete: function (rawKey) {
+      stmtDelete.run(_k(rawKey));
+    },
+    _tableName:   tableNameRaw,
+    _hashKeys:    hashKeys,
+    _sealEnabled: sealEnabled,
+  };
+}
+
 function _validateStore(store, where) {
   if (!store || typeof store !== "object") {
     throw new IdempotencyError("idempotency/bad-store",
@@ -420,5 +669,6 @@ function _redactKey(key) {
 module.exports = create;
 module.exports.create     = create;
 module.exports.memoryStore = memoryStore;
+module.exports.dbStore     = dbStore;
 module.exports.DEFAULT_METHODS = DEFAULT_METHODS;
 module.exports.IdempotencyError = IdempotencyError;

package/lib/migrations.js

@@ -38,7 +38,7 @@
  * down() succeeds.
  */
 
-var path = require("path");
+var nodePath = require("path");
 var atomicFile = require("./atomic-file");
 var dbSchema = require("./db-schema");
 var lazyRequire = require("./lazy-require");
@@ -200,7 +200,7 @@ function _acquireLock(db, opts) {
 function _releaseLock(db, holder) {
   // Only release our own lock — a process whose deploy was killed
   // shouldn't have its lock cleared by an unrelated next deploy unless
-  // the operator explicitly used the staleAfterMs path.
+  // the operator explicitly used the staleAfterMs nodePath.
   try {
     db.prepare(
       "DELETE FROM " + Q_LOCK_TABLE + " WHERE scope = 'lock' AND lockedBy = ?"
@@ -234,7 +234,7 @@ function _resolveDb(opts) {
 }
 
 function _loadMigration(file, dir) {
-  var fullPath = path.join(dir, file);
+  var fullPath = nodePath.join(dir, file);
   // Drop the require cache for this path before loading so a test that
   // changes a migration file between calls picks up the new content.
   // Production deployments would always restart the process, but this

package/lib/mtls-ca.js

@@ -52,8 +52,8 @@
  *   Mutual TLS Certificate Authority — internal CA cert issuance, mTLS gate setup, fingerprint pinning.
  */
 
-var fs = require("fs");
-var path = require("path");
+var nodeFs = require("fs");
+var nodePath = require("path");
 var nodeCrypto = require("node:crypto");
 var atomicFile = require("./atomic-file");
 var C = require("./constants");
@@ -101,10 +101,10 @@ var VALID_SEAL_MODES = { required: 1, disabled: 1 };
 // through unchanged. The pre-v0.8.58 shape always joined under
 // dataDir, which silently overrode an operator-supplied absolute
 // path (e.g. `MTLS_CA_KEY=/etc/ssl/ca.key` → `<dataDir>/etc/ssl/ca.key`).
-// Standard Node `path.join` semantics already preserve absolute
+// Standard Node `nodePath.join` semantics already preserve absolute
 // arguments — the always-join was an oversight, not by design.
 function _absoluteOrUnderDataDir(dataDir, p) {
-  return path.isAbsolute(p) ? p : path.join(dataDir, p);
+  return nodePath.isAbsolute(p) ? p : nodePath.join(dataDir, p);
 }
 
 function _resolvePaths(dataDir, paths) {
@@ -202,8 +202,8 @@ function create(opts) {
   // the first initCA() / generateClientCert() call fails with ENOENT
   // on `ca.key.tmp` because the atomic-file write expects the parent
   // dir to exist.
-  if (!fs.existsSync(opts.dataDir)) {
-    fs.mkdirSync(opts.dataDir, { recursive: true, mode: 0o700 });
+  if (!nodeFs.existsSync(opts.dataDir)) {
+    nodeFs.mkdirSync(opts.dataDir, { recursive: true, mode: 0o700 });
   }
   var paths = _resolvePaths(opts.dataDir, opts.paths);
   var vault = opts.vault || null;
@@ -228,10 +228,10 @@ function create(opts) {
   }
 
   function keyExists() {
-    return fs.existsSync(paths.caKey) || fs.existsSync(paths.caKeySealed);
+    return nodeFs.existsSync(paths.caKey) || nodeFs.existsSync(paths.caKeySealed);
   }
   function exists() {
-    return keyExists() && fs.existsSync(paths.caCert);
+    return keyExists() && nodeFs.existsSync(paths.caCert);
   }
 
   function status() {
@@ -243,7 +243,7 @@ function create(opts) {
         current:    generation,
       };
     }
-    var pem = fs.readFileSync(paths.caCert);
+    var pem = nodeFs.readFileSync(paths.caCert);
     var gen = parseGeneration(pem);
     return {
       exists:     true,
@@ -257,8 +257,8 @@ function create(opts) {
   // caKeySealedMode dispatch. Returns Buffer of PEM bytes, or throws
   // with a precise reason when the mode rejects the on-disk form.
   function loadKey() {
-    var hasPlain  = fs.existsSync(paths.caKey);
-    var hasSealed = fs.existsSync(paths.caKeySealed);
+    var hasPlain  = nodeFs.existsSync(paths.caKey);
+    var hasSealed = nodeFs.existsSync(paths.caKeySealed);
     if (!hasPlain && !hasSealed) {
       throw new MtlsCaError("mtls-ca/missing-key",
         "no CA key on disk at " + paths.caKey + " or " + paths.caKeySealed);
@@ -269,7 +269,7 @@ function create(opts) {
           "CA_KEY_SEALED='required' but " + paths.caKeySealed + " does not exist");
       }
       _requireVault("sealed CA key load");
-      var sealedBytes = fs.readFileSync(paths.caKeySealed, "utf8").trim();
+      var sealedBytes = nodeFs.readFileSync(paths.caKeySealed, "utf8").trim();
       var pem = vault.unseal(sealedBytes);
       if (!pem) {
         throw new MtlsCaError("mtls-ca/unseal-failed",
@@ -282,15 +282,15 @@ function create(opts) {
       throw new MtlsCaError("mtls-ca/plain-required",
         "caKeySealedMode='disabled' but " + paths.caKey + " does not exist");
     }
-    return fs.readFileSync(paths.caKey);
+    return nodeFs.readFileSync(paths.caKey);
   }
 
   function loadCert() {
-    if (!fs.existsSync(paths.caCert)) {
+    if (!nodeFs.existsSync(paths.caCert)) {
       throw new MtlsCaError("mtls-ca/missing-cert",
         "no CA cert on disk at " + paths.caCert);
     }
-    return fs.readFileSync(paths.caCert);
+    return nodeFs.readFileSync(paths.caCert);
   }
 
   // Atomic commit: write .tmp + atomic rename for both key and cert.
@@ -311,22 +311,22 @@ function create(opts) {
     try {
       if (sealed) {
         _requireVault("sealed CA key commit");
-        fs.writeFileSync(keyTmp, vault.seal(opts2.caKeyPem), { mode: 0o600 });
+        nodeFs.writeFileSync(keyTmp, vault.seal(opts2.caKeyPem), { mode: 0o600 });
       } else {
-        fs.writeFileSync(keyTmp, opts2.caKeyPem, { mode: 0o600 });
+        nodeFs.writeFileSync(keyTmp, opts2.caKeyPem, { mode: 0o600 });
       }
-      fs.writeFileSync(certTmp, opts2.caCertPem, { mode: 0o644 });
-      fs.renameSync(keyTmp, keyDest);
-      fs.renameSync(certTmp, paths.caCert);
+      nodeFs.writeFileSync(certTmp, opts2.caCertPem, { mode: 0o644 });
+      nodeFs.renameSync(keyTmp, keyDest);
+      nodeFs.renameSync(certTmp, paths.caCert);
     } catch (e) {
       // Best-effort cleanup of half-written tmp files; the original
       // commit error is what we re-raise. Log cleanup failures at debug
       // so a genuinely-broken filesystem state surfaces in operator logs
       // rather than getting silently swallowed.
-      try { if (fs.existsSync(keyTmp))  fs.unlinkSync(keyTmp); }
-      catch (cleanupErr) { caLog.debug("cleanup-failed", { op: "fs.unlinkSync", path: keyTmp, error: cleanupErr.message }); }
-      try { if (fs.existsSync(certTmp)) fs.unlinkSync(certTmp); }
-      catch (cleanupErr) { caLog.debug("cleanup-failed", { op: "fs.unlinkSync", path: certTmp, error: cleanupErr.message }); }
+      try { if (nodeFs.existsSync(keyTmp))  nodeFs.unlinkSync(keyTmp); }
+      catch (cleanupErr) { caLog.debug("cleanup-failed", { op: "nodeFs.unlinkSync", path: keyTmp, error: cleanupErr.message }); }
+      try { if (nodeFs.existsSync(certTmp)) nodeFs.unlinkSync(certTmp); }
+      catch (cleanupErr) { caLog.debug("cleanup-failed", { op: "nodeFs.unlinkSync", path: certTmp, error: cleanupErr.message }); }
       throw new MtlsCaError("mtls-ca/commit-failed",
         "atomic CA commit failed: " + ((e && e.message) || String(e)));
     }
@@ -381,13 +381,13 @@ function create(opts) {
   // ---- Revocation registry + CRL ----
 
   function _loadRevocations() {
-    if (!fs.existsSync(paths.revocations)) return { revocations: [] };
+    if (!nodeFs.existsSync(paths.revocations)) return { revocations: [] };
     try {
       // safeJson.parse caps depth + size + protects against
       // proto-pollution; the revocation file is under the operator's
       // dataDir but a tampered or truncated file shouldn't be able to
       // corrupt the rotator process.
-      var json = safeJson.parse(fs.readFileSync(paths.revocations, "utf8"),
+      var json = safeJson.parse(nodeFs.readFileSync(paths.revocations, "utf8"),
         { maxBytes: C.BYTES.mib(16) });
       if (!json || !Array.isArray(json.revocations)) return { revocations: [] };
       return json;

package/lib/mtls-engine-default.js

@@ -32,8 +32,8 @@ var nodeCrypto = require("node:crypto");
 var pki = require("./vendor/pki.cjs");
 
 var C = require("./constants");
-var crypto = require("./crypto");
-var nb = require("./numeric-bounds");
+var bCrypto = require("./crypto");
+var numericBounds = require("./numeric-bounds");
 var { FrameworkError } = require("./framework-error");
 
 var x509 = pki.x509;
@@ -231,7 +231,7 @@ async function generateCa(opts) {
   var keys = await webcrypto.subtle.generateKey(CA_KEY_ALG, true, CA_KEY_USAGES);
   var now  = new Date();
   var ca = await x509.X509CertificateGenerator.createSelfSigned({
-    serialNumber: crypto.generateToken(C.BYTES.bytes(16)),
+    serialNumber: bCrypto.generateToken(C.BYTES.bytes(16)),
     name: "CN=" + caName + ",OU=CAv" + generation,
     notBefore: now,
     notAfter: new Date(now.getTime() + C.TIME.days(CA_VALIDITY_DAYS)),
@@ -255,7 +255,7 @@ async function signClientCert(opts) {
     throw new MtlsEngineError("mtls-engine/missing-arg",
       "signClientCert requires { cn, caCertPem, caKeyPem }");
   }
-  nb.requirePositiveFiniteIntIfPresent(opts.validityDays,
+  numericBounds.requirePositiveFiniteIntIfPresent(opts.validityDays,
     "signClientCert: validityDays", MtlsEngineError, "mtls-engine/bad-validity-days");
   var validityDays = opts.validityDays !== undefined
     ? opts.validityDays : LEAF_DEFAULT_DAYS;
@@ -314,7 +314,7 @@ async function signClientCert(opts) {
   if (sanExt) extensions.push(sanExt);
 
   var clientCert = await x509.X509CertificateGenerator.create({
-    serialNumber: crypto.generateToken(C.BYTES.bytes(16)),
+    serialNumber: bCrypto.generateToken(C.BYTES.bytes(16)),
     subject: "CN=" + cn,
     issuer: caCert.subject,
     notBefore: now,

package/lib/network-dns.js

@@ -4,7 +4,7 @@ var dns = require("node:dns");
 var net = require("node:net");
 var nodeCrypto = require("node:crypto");
 var https = require("node:https");
-var tls = require("node:tls");
+var nodeTls = require("node:tls");
 var dnsPromises = dns.promises;
 
 var C = require("./constants");
@@ -561,7 +561,7 @@ function _dotConnect() {
     ecdhCurve:  C.TLS_GROUP_CURVE_STR,
   };
   if (STATE.dot.ca) connectOpts.ca = STATE.dot.ca;
-  var sock = tls.connect(connectOpts);
+  var sock = nodeTls.connect(connectOpts);
   // The pool entry is ref()'d while a query is in flight and unref()'d
   // when idle — _dotLookup toggles this around its query. Calling
   // unref() unconditionally here let node exit during a normal lookup

package/lib/network-nts.js

@@ -1,6 +1,6 @@
 "use strict";
 
-var tls = require("node:tls");
+var nodeTls = require("node:tls");
 var dgram = require("node:dgram");
 var nodeCrypto = require("node:crypto");
 
@@ -258,7 +258,7 @@ function performKeHandshake(opts) {
       ecdhCurve:      C.TLS_GROUP_CURVE_STR,
     };
     if (opts.ca) connectOpts.ca = opts.ca;
-    var sock = tls.connect(connectOpts);
+    var sock = nodeTls.connect(connectOpts);
     var timer = setTimeout(function () {
       try { sock.destroy(); } catch (_e) { /* best-effort socket teardown */ }
       done(new NtsError("nts/ke-timeout", "NTS-KE handshake timed out after " + timeoutMs + "ms"));

package/lib/network-proxy.js

@@ -3,7 +3,7 @@
 var http = require("node:http");
 var https = require("node:https");
 var net = require("node:net");
-var tls = require("node:tls");
+var nodeTls = require("node:tls");
 
 var C = require("./constants");
 var lazyRequire = require("./lazy-require");
@@ -155,7 +155,7 @@ function _proxyAuthHeader(proxyUrl) {
 function _connectThroughTunnel(proxyUrl, targetHost, targetPort, callback) {
   var proxyPort = proxyUrl.port || (proxyUrl.protocol === "https:" ? DEFAULT_HTTPS_PORT : DEFAULT_HTTP_PORT);
   var proxySocket = proxyUrl.protocol === "https:"
-    ? tls.connect({
+    ? nodeTls.connect({
         host:       proxyUrl.hostname,
         port:       proxyPort,
         servername: proxyUrl.hostname,
@@ -212,7 +212,7 @@ function agentFor(targetUrl) {
     agent.createConnection = function (options, cb) {
       _connectThroughTunnel(proxy, options.host, options.port, function (err, tunnel) {
         if (err) return cb(err);
-        var secure = tls.connect({
+        var secure = nodeTls.connect({
           socket:     tunnel,
           servername: options.servername || options.host,
           minVersion: "TLSv1.3",

package/lib/network-smtp-policy.js

@@ -58,7 +58,7 @@ var zlib = require("node:zlib");
 var asn1 = require("./asn1-der");
 var lazyRequire = require("./lazy-require");
 var validateOpts = require("./validate-opts");
-var crypto = require("./crypto");
+var bCrypto = require("./crypto");
 var safeUrl = require("./safe-url");
 var safeJson = require("./safe-json");
 var C = require("./constants");
@@ -561,7 +561,7 @@ function tlsRptRecordShape(opts) {
 
 function _genReportId() {
   // RFC 8460 §4.4 requires uniqueness — use timestamp + random token.
-  return Date.now() + "-" + crypto.generateToken(C.BYTES.bytes(8));
+  return Date.now() + "-" + bCrypto.generateToken(C.BYTES.bytes(8));
 }
 
 // ---- TLS-RPT policy fetch (RFC 8460 §3) ----

package/lib/network-tls.js

@@ -1,12 +1,12 @@
 "use strict";
 
-var tls = require("node:tls");
-var fs = require("node:fs");
-var path = require("node:path");
+var nodeTls = require("node:tls");
+var nodeFs = require("node:fs");
+var nodePath = require("node:path");
 var net = require("node:net");
 var nodeCrypto = require("node:crypto");
 
-var blamejsCrypto = require("./crypto");
+var bCrypto = require("./crypto");
 var C = require("./constants");
 var safeBuffer = require("./safe-buffer");
 var validateOpts = require("./validate-opts");
@@ -85,14 +85,14 @@ function _isPathLike(s) {
 }
 
 function _readPath(p) {
-  var stat = fs.statSync(p);
+  var stat = nodeFs.statSync(p);
   if (stat.isDirectory()) {
-    var files = fs.readdirSync(p)
+    var files = nodeFs.readdirSync(p)
       .filter(function (f) { return /\.(pem|crt|cer)$/i.test(f); })
       .sort();
-    return files.map(function (f) { return fs.readFileSync(path.join(p, f), "utf8"); }).join("\n");
+    return files.map(function (f) { return nodeFs.readFileSync(nodePath.join(p, f), "utf8"); }).join("\n");
   }
-  return fs.readFileSync(p, "utf8");
+  return nodeFs.readFileSync(p, "utf8");
 }
 
 function addCa(pemOrPath, opts) {
@@ -101,7 +101,7 @@ function addCa(pemOrPath, opts) {
   var raw = pemOrPath;
   if (typeof pemOrPath === "string" && _isPathLike(pemOrPath)) {
     var stat;
-    try { stat = fs.statSync(pemOrPath); } catch (_e) {
+    try { stat = nodeFs.statSync(pemOrPath); } catch (_e) {
       throw new TlsTrustError("tls/empty-pem", "tls.addCa: input has no PEM marker and is not a readable path: " +
         pemOrPath);
     }
@@ -408,7 +408,7 @@ function applyToContext(opts) {
   var base = Object.assign({}, opts.base || {});
   var caStrings = STATE.cas.map(function (e) { return e.pem; });
   if (STATE.systemTrust) {
-    var rootCAs = tls.rootCertificates;
+    var rootCAs = nodeTls.rootCertificates;
     if (Array.isArray(rootCAs)) {
       caStrings = caStrings.concat(rootCAs);
     }
@@ -719,7 +719,7 @@ function _connectAndCheckOcsp(opts, requireStapled) {
     var connectOpts = Object.assign({}, opts, { requestOCSP: true });
     var sock;
     try {
-      sock = tls.connect(connectOpts);
+      sock = nodeTls.connect(connectOpts);
     } catch (e) {
       reject(new TlsTrustError("tls/connect-failed",
         "tls.connect threw: " + ((e && e.message) || String(e))));
@@ -1110,7 +1110,7 @@ function evaluateOcspResponse(ocspDer, opts) {
     // critical here (the OCSP response is CA-signed and signature
     // already verified) but matches the project discipline.
     // (Audit 2026-05-11.)
-    if (!blamejsCrypto.timingSafeEqual(parsed.basic.nonce, opts.expectedNonce)) {
+    if (!bCrypto.timingSafeEqual(parsed.basic.nonce, opts.expectedNonce)) {
       return { ok: false, status: parsed.status, signatureValid: true,
                errors: ["OCSP nonce mismatch — possible replay or wrong responder"] };
     }
@@ -2182,7 +2182,7 @@ var ct = Object.freeze({
     if (!Buffer.isBuffer(sthRoot) || sthRoot.length !== 32) {                    // allow:raw-byte-literal — RFC 9162 SHA-256 digest length
       return { valid: false, reason: "bad-sth-root" };
     }
-    if (!blamejsCrypto.timingSafeEqual(computedRoot, sthRoot)) {
+    if (!bCrypto.timingSafeEqual(computedRoot, sthRoot)) {
       return { valid: false, reason: "root-mismatch",
                computedRoot: computedRoot.toString("hex") };
     }
@@ -2201,7 +2201,7 @@ var ct = Object.freeze({
         var computedSecond = _ctVerifyConsistencyPath(
           opts.consistency.firstSize, opts.sthFromLog.treeSize,
           opts.consistency.proof || [], firstRoot);
-        var ok = blamejsCrypto.timingSafeEqual(computedSecond, sthRoot);
+        var ok = bCrypto.timingSafeEqual(computedSecond, sthRoot);
         consistencyResult = {
           ok: ok,
           computedSecondRoot: computedSecond.toString("hex"),
@@ -2256,7 +2256,7 @@ var ct = Object.freeze({
       return { valid: false, reason: "consistency-walk-failed",
                error: (e && e.message) || String(e) };
     }
-    if (!blamejsCrypto.timingSafeEqual(computed, secondRoot)) {
+    if (!bCrypto.timingSafeEqual(computed, secondRoot)) {
       return { valid: false, reason: "root-mismatch",
                computedRoot: computed.toString("hex") };
     }
@@ -2500,7 +2500,7 @@ function _isEchSupported() {
   // immediately-destroyed socket. Any non-throwing path = supported.
   var supported = false;
   try {
-    var probe = tls.connect({
+    var probe = nodeTls.connect({
       host:    "127.0.0.1",
       port:    1,
       ech:     Buffer.alloc(0),
@@ -2651,7 +2651,7 @@ function connectWithEch(opts) {
       }
 
       var sock;
-      try { sock = tls.connect(connectOpts); }
+      try { sock = nodeTls.connect(connectOpts); }
       catch (e) {
         reject(new NetworkTlsError("tls/ech-connect-failed",
           "connectWithEch: tls.connect threw: " + ((e && e.message) || String(e))));