npm - @digitaldefiance/node-express-suite - Versions diffs - 1.0.22 → 1.0.23 - Mend

@digitaldefiance/node-express-suite 1.0.22 → 1.0.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (633) hide show

package/README.md +4 -0
package/package.json +27 -32
package/src/application-base.ts +492 -0
package/src/application.ts +254 -0
package/src/backup-code.ts +336 -0
package/src/constants.ts +69 -0
package/src/controllers/base.ts +440 -0
package/{dist/controllers/index.d.ts → src/controllers/index.ts} +0 -1
package/src/controllers/user.ts +1451 -0
package/src/decorators/base-controller.ts +61 -0
package/src/decorators/controller.ts +109 -0
package/{dist/decorators/index.d.ts → src/decorators/index.ts} +0 -1
package/src/decorators/zod-validation.ts +57 -0
package/src/defaults.ts +94 -0
package/src/documents/base.ts +7 -0
package/src/documents/email-token.ts +14 -0
package/{dist/documents/index.d.ts → src/documents/index.ts} +0 -1
package/{dist/documents/mnemonic.d.ts → src/documents/mnemonic.ts} +5 -2
package/{dist/documents/role.d.ts → src/documents/role.ts} +5 -2
package/src/documents/used-direct-login-token.ts +7 -0
package/{dist/documents/user-role.d.ts → src/documents/user-role.ts} +5 -2
package/{dist/documents/user.d.ts → src/documents/user.ts} +4 -2
package/src/enumerations/base-model-name.ts +41 -0
package/{dist/enumerations/index.d.ts → src/enumerations/index.ts} +0 -1
package/src/enumerations/length-encoding-type.ts +6 -0
package/src/enumerations/schema-collection.ts +33 -0
package/src/enumerations/symmetric-error-type.ts +4 -0
package/src/environment.ts +770 -0
package/src/errors/express-validation.ts +21 -0
package/{dist/errors/index.d.ts → src/errors/index.ts} +0 -1
package/src/errors/invalid-backup-code-version.ts +14 -0
package/src/errors/invalid-jwt-token.ts +10 -0
package/src/errors/invalid-model.ts +11 -0
package/src/errors/invalid-new-password.ts +18 -0
package/src/errors/invalid-password.ts +13 -0
package/src/errors/missing-validated-data.ts +36 -0
package/src/errors/mnemonic-or-password-required.ts +12 -0
package/src/errors/model-not-registered.ts +11 -0
package/src/errors/mongoose-validation.ts +34 -0
package/src/errors/symmetric.ts +41 -0
package/src/errors/token-expired.ts +10 -0
package/src/get-language.ts +53 -0
package/src/get-timezone.ts +45 -0
package/{dist/index.d.ts → src/index.ts} +3 -2
package/{dist/interfaces/api-error-response.d.ts → src/interfaces/api-error-response.ts} +2 -2
package/src/interfaces/api-express-validation-error-response.ts +8 -0
package/src/interfaces/api-message-response.ts +3 -0
package/{dist/interfaces/api-mongo-validation-error-response.d.ts → src/interfaces/api-mongo-validation-error-response.ts} +2 -2
package/{dist/interfaces/api-responses/backup-codes-response.d.ts → src/interfaces/api-responses/backup-codes-response.ts} +2 -2
package/{dist/interfaces/api-responses/challenge-response.d.ts → src/interfaces/api-responses/challenge-response.ts} +3 -3
package/{dist/interfaces/api-responses/code-count-response.d.ts → src/interfaces/api-responses/code-count-response.ts} +2 -2
package/{dist/interfaces/api-responses/index.d.ts → src/interfaces/api-responses/index.ts} +0 -1
package/{dist/interfaces/api-responses/login-response.d.ts → src/interfaces/api-responses/login-response.ts} +4 -4
package/{dist/interfaces/api-responses/mnemonic-response.d.ts → src/interfaces/api-responses/mnemonic-response.ts} +2 -2
package/{dist/interfaces/api-responses/registration-response.d.ts → src/interfaces/api-responses/registration-response.ts} +3 -3
package/{dist/interfaces/api-responses/request-user-response.d.ts → src/interfaces/api-responses/request-user-response.ts} +2 -2
package/{dist/interfaces/application.d.ts → src/interfaces/application.ts} +7 -7
package/src/interfaces/backend-objects/email-token.ts +11 -0
package/{dist/interfaces/backend-objects/index.d.ts → src/interfaces/backend-objects/index.ts} +0 -1
package/{dist/interfaces/backend-objects/request-user.d.ts → src/interfaces/backend-objects/request-user.ts} +7 -2
package/{dist/interfaces/backend-objects/role.d.ts → src/interfaces/backend-objects/role.ts} +1 -1
package/src/interfaces/backend-objects/user.ts +9 -0
package/src/interfaces/checksum-config.ts +4 -0
package/src/interfaces/checksum-consts.ts +13 -0
package/{dist/interfaces/constants.d.ts → src/interfaces/constants.ts} +5 -5
package/src/interfaces/create-user-basics.ts +17 -0
package/src/interfaces/csp-config.ts +35 -0
package/src/interfaces/deep-partial.ts +3 -0
package/{dist/interfaces/discriminator-collections.d.ts → src/interfaces/discriminator-collections.ts} +3 -3
package/src/interfaces/email-service.ts +8 -0
package/src/interfaces/environment-mongo.ts +76 -0
package/src/interfaces/environment.ts +181 -0
package/src/interfaces/failable-result.ts +6 -0
package/src/interfaces/fec-consts.ts +4 -0
package/src/interfaces/handleable-error-options.ts +6 -0
package/{dist/interfaces/index.d.ts → src/interfaces/index.ts} +0 -1
package/src/interfaces/jwt-consts.ts +23 -0
package/src/interfaces/jwt-sign-response.ts +19 -0
package/src/interfaces/mongo-errors.ts +5 -0
package/src/interfaces/request-user.ts +50 -0
package/src/interfaces/required-string-keys.ts +26 -0
package/src/interfaces/schema.ts +31 -0
package/src/interfaces/server-init-result.ts +37 -0
package/src/interfaces/status-code-response.ts +7 -0
package/src/interfaces/symmetric-encryption-results.d.ts +5 -0
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -0
package/src/interfaces/symmetric-encryption-results.js.map +1 -0
package/src/interfaces/symmetric-encryption-results.ts +4 -0
package/{dist/interfaces/token-response.d.ts → src/interfaces/token-response.ts} +2 -2
package/src/middlewares/authenticate-crypto.ts +243 -0
package/src/middlewares/authenticate-token.ts +152 -0
package/src/middlewares/cleanup-crypto.ts +40 -0
package/{dist/middlewares/index.d.ts → src/middlewares/index.ts} +0 -1
package/src/middlewares/set-global-context-language.ts +24 -0
package/src/middlewares.ts +120 -0
package/src/model-registry.ts +75 -0
package/src/models/email-token.ts +19 -0
package/{dist/models/index.d.ts → src/models/index.ts} +0 -1
package/src/models/mnemonic.ts +19 -0
package/src/models/role.ts +19 -0
package/src/models/used-direct-login-token.ts +23 -0
package/src/models/user-role.ts +17 -0
package/src/models/user.ts +19 -0
package/src/registry/email-service-registry.ts +24 -0
package/{dist/registry/index.d.ts → src/registry/index.ts} +0 -1
package/src/routers/api.ts +151 -0
package/src/routers/app.ts +258 -0
package/src/routers/base.ts +17 -0
package/{dist/routers/index.d.ts → src/routers/index.ts} +0 -1
package/src/schemas/email-token.ts +91 -0
package/{dist/schemas/index.d.ts → src/schemas/index.ts} +1 -2
package/src/schemas/mnemonic.ts +37 -0
package/src/schemas/role.ts +127 -0
package/src/schemas/schema.ts +140 -0
package/src/schemas/used-direct-login-token.ts +38 -0
package/src/schemas/user-role.ts +75 -0
package/src/schemas/user.ts +202 -0
package/src/services/backup-code.ts +316 -0
package/src/services/base.ts +33 -0
package/src/services/checksum.ts +161 -0
package/src/services/crc.ts +213 -0
package/src/services/database-initialization.ts +1479 -0
package/src/services/db-init-cache.d.ts +16 -0
package/src/services/direct-login-token.ts +62 -0
package/src/services/fec-usage-example.ts +102 -0
package/src/services/fec.ts +296 -0
package/{dist/services/index.d.ts → src/services/index.ts} +0 -1
package/src/services/jwt.ts +134 -0
package/src/services/key-wrapping.ts +434 -0
package/src/services/mnemonic.ts +167 -0
package/src/services/request-user.ts +62 -0
package/src/services/role.ts +396 -0
package/src/services/symmetric.ts +139 -0
package/src/services/system-user.ts +82 -0
package/src/services/user.ts +2137 -0
package/src/services/xor.ts +34 -0
package/src/types.d.ts +44 -0
package/src/types.ts +128 -0
package/src/utils.ts +1022 -0
package/dist/application-base.d.ts +0 -112
package/dist/application-base.d.ts.map +0 -1
package/dist/application-base.js +0 -301
package/dist/application-base.js.map +0 -1
package/dist/application.d.ts +0 -23
package/dist/application.d.ts.map +0 -1
package/dist/application.js +0 -126
package/dist/application.js.map +0 -1
package/dist/backup-code.d.ts +0 -67
package/dist/backup-code.d.ts.map +0 -1
package/dist/backup-code.js +0 -270
package/dist/backup-code.js.map +0 -1
package/dist/constants.d.ts +0 -16
package/dist/constants.d.ts.map +0 -1
package/dist/constants.js +0 -54
package/dist/constants.js.map +0 -1
package/dist/controllers/base.d.ts +0 -63
package/dist/controllers/base.d.ts.map +0 -1
package/dist/controllers/base.js +0 -269
package/dist/controllers/base.js.map +0 -1
package/dist/controllers/index.d.ts.map +0 -1
package/dist/controllers/index.js +0 -19
package/dist/controllers/index.js.map +0 -1
package/dist/controllers/user.d.ts +0 -45
package/dist/controllers/user.d.ts.map +0 -1
package/dist/controllers/user.js +0 -750
package/dist/controllers/user.js.map +0 -1
package/dist/decorators/base-controller.d.ts +0 -14
package/dist/decorators/base-controller.d.ts.map +0 -1
package/dist/decorators/base-controller.js +0 -49
package/dist/decorators/base-controller.js.map +0 -1
package/dist/decorators/controller.d.ts +0 -32
package/dist/decorators/controller.d.ts.map +0 -1
package/dist/decorators/controller.js +0 -67
package/dist/decorators/controller.js.map +0 -1
package/dist/decorators/index.d.ts.map +0 -1
package/dist/decorators/index.js +0 -20
package/dist/decorators/index.js.map +0 -1
package/dist/decorators/zod-validation.d.ts +0 -5
package/dist/decorators/zod-validation.d.ts.map +0 -1
package/dist/decorators/zod-validation.js +0 -47
package/dist/decorators/zod-validation.js.map +0 -1
package/dist/defaults.d.ts +0 -7
package/dist/defaults.d.ts.map +0 -1
package/dist/defaults.js +0 -83
package/dist/defaults.js.map +0 -1
package/dist/documents/base.d.ts +0 -3
package/dist/documents/base.d.ts.map +0 -1
package/dist/documents/base.js +0 -3
package/dist/documents/base.js.map +0 -1
package/dist/documents/email-token.d.ts +0 -8
package/dist/documents/email-token.d.ts.map +0 -1
package/dist/documents/email-token.js +0 -3
package/dist/documents/email-token.js.map +0 -1
package/dist/documents/index.d.ts.map +0 -1
package/dist/documents/index.js +0 -3
package/dist/documents/index.js.map +0 -1
package/dist/documents/mnemonic.d.ts.map +0 -1
package/dist/documents/mnemonic.js +0 -3
package/dist/documents/mnemonic.js.map +0 -1
package/dist/documents/role.d.ts.map +0 -1
package/dist/documents/role.js +0 -3
package/dist/documents/role.js.map +0 -1
package/dist/documents/used-direct-login-token.d.ts +0 -5
package/dist/documents/used-direct-login-token.d.ts.map +0 -1
package/dist/documents/used-direct-login-token.js +0 -3
package/dist/documents/used-direct-login-token.js.map +0 -1
package/dist/documents/user-role.d.ts.map +0 -1
package/dist/documents/user-role.js +0 -3
package/dist/documents/user-role.js.map +0 -1
package/dist/documents/user.d.ts.map +0 -1
package/dist/documents/user.js +0 -3
package/dist/documents/user.js.map +0 -1
package/dist/enumerations/base-model-name.d.ts +0 -38
package/dist/enumerations/base-model-name.d.ts.map +0 -1
package/dist/enumerations/base-model-name.js +0 -34
package/dist/enumerations/base-model-name.js.map +0 -1
package/dist/enumerations/index.d.ts.map +0 -1
package/dist/enumerations/index.js +0 -21
package/dist/enumerations/index.js.map +0 -1
package/dist/enumerations/length-encoding-type.d.ts +0 -7
package/dist/enumerations/length-encoding-type.d.ts.map +0 -1
package/dist/enumerations/length-encoding-type.js +0 -11
package/dist/enumerations/length-encoding-type.js.map +0 -1
package/dist/enumerations/schema-collection.d.ts +0 -34
package/dist/enumerations/schema-collection.d.ts.map +0 -1
package/dist/enumerations/schema-collection.js +0 -38
package/dist/enumerations/schema-collection.js.map +0 -1
package/dist/enumerations/symmetric-error-type.d.ts +0 -5
package/dist/enumerations/symmetric-error-type.d.ts.map +0 -1
package/dist/enumerations/symmetric-error-type.js +0 -9
package/dist/enumerations/symmetric-error-type.js.map +0 -1
package/dist/environment.d.ts +0 -189
package/dist/environment.d.ts.map +0 -1
package/dist/environment.js +0 -618
package/dist/environment.js.map +0 -1
package/dist/errors/express-validation.d.ts +0 -9
package/dist/errors/express-validation.d.ts.map +0 -1
package/dist/errors/express-validation.js +0 -17
package/dist/errors/express-validation.js.map +0 -1
package/dist/errors/index.d.ts.map +0 -1
package/dist/errors/index.js +0 -29
package/dist/errors/index.js.map +0 -1
package/dist/errors/invalid-backup-code-version.d.ts +0 -6
package/dist/errors/invalid-backup-code-version.d.ts.map +0 -1
package/dist/errors/invalid-backup-code-version.js +0 -14
package/dist/errors/invalid-backup-code-version.js.map +0 -1
package/dist/errors/invalid-jwt-token.d.ts +0 -5
package/dist/errors/invalid-jwt-token.d.ts.map +0 -1
package/dist/errors/invalid-jwt-token.js +0 -11
package/dist/errors/invalid-jwt-token.js.map +0 -1
package/dist/errors/invalid-model.d.ts +0 -6
package/dist/errors/invalid-model.d.ts.map +0 -1
package/dist/errors/invalid-model.js +0 -13
package/dist/errors/invalid-model.js.map +0 -1
package/dist/errors/invalid-new-password.d.ts +0 -5
package/dist/errors/invalid-new-password.d.ts.map +0 -1
package/dist/errors/invalid-new-password.js +0 -14
package/dist/errors/invalid-new-password.js.map +0 -1
package/dist/errors/invalid-password.d.ts +0 -5
package/dist/errors/invalid-password.d.ts.map +0 -1
package/dist/errors/invalid-password.js +0 -14
package/dist/errors/invalid-password.js.map +0 -1
package/dist/errors/missing-validated-data.d.ts +0 -7
package/dist/errors/missing-validated-data.d.ts.map +0 -1
package/dist/errors/missing-validated-data.js +0 -34
package/dist/errors/missing-validated-data.js.map +0 -1
package/dist/errors/mnemonic-or-password-required.d.ts +0 -5
package/dist/errors/mnemonic-or-password-required.d.ts.map +0 -1
package/dist/errors/mnemonic-or-password-required.js +0 -13
package/dist/errors/mnemonic-or-password-required.js.map +0 -1
package/dist/errors/model-not-registered.d.ts +0 -5
package/dist/errors/model-not-registered.d.ts.map +0 -1
package/dist/errors/model-not-registered.js +0 -12
package/dist/errors/model-not-registered.js.map +0 -1
package/dist/errors/mongoose-validation.d.ts +0 -11
package/dist/errors/mongoose-validation.d.ts.map +0 -1
package/dist/errors/mongoose-validation.js +0 -16
package/dist/errors/mongoose-validation.js.map +0 -1
package/dist/errors/symmetric.d.ts +0 -8
package/dist/errors/symmetric.d.ts.map +0 -1
package/dist/errors/symmetric.js +0 -23
package/dist/errors/symmetric.js.map +0 -1
package/dist/errors/token-expired.d.ts +0 -5
package/dist/errors/token-expired.d.ts.map +0 -1
package/dist/errors/token-expired.js +0 -11
package/dist/errors/token-expired.js.map +0 -1
package/dist/get-language.d.ts +0 -2
package/dist/get-language.d.ts.map +0 -1
package/dist/get-language.js +0 -30
package/dist/get-language.js.map +0 -1
package/dist/get-timezone.d.ts +0 -3
package/dist/get-timezone.d.ts.map +0 -1
package/dist/get-timezone.js +0 -31
package/dist/get-timezone.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -40
package/dist/index.js.map +0 -1
package/dist/interfaces/api-error-response.d.ts.map +0 -1
package/dist/interfaces/api-error-response.js +0 -3
package/dist/interfaces/api-error-response.js.map +0 -1
package/dist/interfaces/api-express-validation-error-response.d.ts +0 -7
package/dist/interfaces/api-express-validation-error-response.d.ts.map +0 -1
package/dist/interfaces/api-express-validation-error-response.js +0 -3
package/dist/interfaces/api-express-validation-error-response.js.map +0 -1
package/dist/interfaces/api-message-response.d.ts +0 -4
package/dist/interfaces/api-message-response.d.ts.map +0 -1
package/dist/interfaces/api-message-response.js +0 -3
package/dist/interfaces/api-message-response.js.map +0 -1
package/dist/interfaces/api-mongo-validation-error-response.d.ts.map +0 -1
package/dist/interfaces/api-mongo-validation-error-response.js +0 -3
package/dist/interfaces/api-mongo-validation-error-response.js.map +0 -1
package/dist/interfaces/api-responses/backup-codes-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/backup-codes-response.js +0 -3
package/dist/interfaces/api-responses/backup-codes-response.js.map +0 -1
package/dist/interfaces/api-responses/challenge-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/challenge-response.js +0 -3
package/dist/interfaces/api-responses/challenge-response.js.map +0 -1
package/dist/interfaces/api-responses/code-count-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/code-count-response.js +0 -3
package/dist/interfaces/api-responses/code-count-response.js.map +0 -1
package/dist/interfaces/api-responses/index.d.ts.map +0 -1
package/dist/interfaces/api-responses/index.js +0 -24
package/dist/interfaces/api-responses/index.js.map +0 -1
package/dist/interfaces/api-responses/login-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/login-response.js +0 -3
package/dist/interfaces/api-responses/login-response.js.map +0 -1
package/dist/interfaces/api-responses/mnemonic-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/mnemonic-response.js +0 -3
package/dist/interfaces/api-responses/mnemonic-response.js.map +0 -1
package/dist/interfaces/api-responses/registration-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/registration-response.js +0 -3
package/dist/interfaces/api-responses/registration-response.js.map +0 -1
package/dist/interfaces/api-responses/request-user-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/request-user-response.js +0 -3
package/dist/interfaces/api-responses/request-user-response.js.map +0 -1
package/dist/interfaces/application.d.ts.map +0 -1
package/dist/interfaces/application.js +0 -3
package/dist/interfaces/application.js.map +0 -1
package/dist/interfaces/backend-objects/email-token.d.ts +0 -4
package/dist/interfaces/backend-objects/email-token.d.ts.map +0 -1
package/dist/interfaces/backend-objects/email-token.js +0 -3
package/dist/interfaces/backend-objects/email-token.js.map +0 -1
package/dist/interfaces/backend-objects/index.d.ts.map +0 -1
package/dist/interfaces/backend-objects/index.js +0 -21
package/dist/interfaces/backend-objects/index.js.map +0 -1
package/dist/interfaces/backend-objects/request-user.d.ts.map +0 -1
package/dist/interfaces/backend-objects/request-user.js +0 -3
package/dist/interfaces/backend-objects/request-user.js.map +0 -1
package/dist/interfaces/backend-objects/role.d.ts.map +0 -1
package/dist/interfaces/backend-objects/role.js +0 -3
package/dist/interfaces/backend-objects/role.js.map +0 -1
package/dist/interfaces/backend-objects/user.d.ts +0 -4
package/dist/interfaces/backend-objects/user.d.ts.map +0 -1
package/dist/interfaces/backend-objects/user.js +0 -3
package/dist/interfaces/backend-objects/user.js.map +0 -1
package/dist/interfaces/checksum-config.d.ts +0 -5
package/dist/interfaces/checksum-config.d.ts.map +0 -1
package/dist/interfaces/checksum-config.js +0 -3
package/dist/interfaces/checksum-config.js.map +0 -1
package/dist/interfaces/checksum-consts.d.ts +0 -11
package/dist/interfaces/checksum-consts.d.ts.map +0 -1
package/dist/interfaces/checksum-consts.js +0 -3
package/dist/interfaces/checksum-consts.js.map +0 -1
package/dist/interfaces/constants.d.ts.map +0 -1
package/dist/interfaces/constants.js +0 -3
package/dist/interfaces/constants.js.map +0 -1
package/dist/interfaces/create-user-basics.d.ts +0 -18
package/dist/interfaces/create-user-basics.d.ts.map +0 -1
package/dist/interfaces/create-user-basics.js +0 -3
package/dist/interfaces/create-user-basics.js.map +0 -1
package/dist/interfaces/csp-config.d.ts +0 -14
package/dist/interfaces/csp-config.d.ts.map +0 -1
package/dist/interfaces/csp-config.js +0 -3
package/dist/interfaces/csp-config.js.map +0 -1
package/dist/interfaces/deep-partial.d.ts +0 -4
package/dist/interfaces/deep-partial.d.ts.map +0 -1
package/dist/interfaces/deep-partial.js +0 -3
package/dist/interfaces/deep-partial.js.map +0 -1
package/dist/interfaces/discriminator-collections.d.ts.map +0 -1
package/dist/interfaces/discriminator-collections.js +0 -3
package/dist/interfaces/discriminator-collections.js.map +0 -1
package/dist/interfaces/email-service.d.ts +0 -4
package/dist/interfaces/email-service.d.ts.map +0 -1
package/dist/interfaces/email-service.js +0 -3
package/dist/interfaces/email-service.js.map +0 -1
package/dist/interfaces/environment-mongo.d.ts +0 -76
package/dist/interfaces/environment-mongo.d.ts.map +0 -1
package/dist/interfaces/environment-mongo.js +0 -3
package/dist/interfaces/environment-mongo.js.map +0 -1
package/dist/interfaces/environment.d.ts +0 -181
package/dist/interfaces/environment.d.ts.map +0 -1
package/dist/interfaces/environment.js +0 -3
package/dist/interfaces/environment.js.map +0 -1
package/dist/interfaces/failable-result.d.ts +0 -7
package/dist/interfaces/failable-result.d.ts.map +0 -1
package/dist/interfaces/failable-result.js +0 -3
package/dist/interfaces/failable-result.js.map +0 -1
package/dist/interfaces/fec-consts.d.ts +0 -5
package/dist/interfaces/fec-consts.d.ts.map +0 -1
package/dist/interfaces/fec-consts.js +0 -3
package/dist/interfaces/fec-consts.js.map +0 -1
package/dist/interfaces/handleable-error-options.d.ts +0 -7
package/dist/interfaces/handleable-error-options.d.ts.map +0 -1
package/dist/interfaces/handleable-error-options.js +0 -3
package/dist/interfaces/handleable-error-options.js.map +0 -1
package/dist/interfaces/index.d.ts.map +0 -1
package/dist/interfaces/index.js +0 -46
package/dist/interfaces/index.js.map +0 -1
package/dist/interfaces/jwt-consts.d.ts +0 -11
package/dist/interfaces/jwt-consts.d.ts.map +0 -1
package/dist/interfaces/jwt-consts.js +0 -3
package/dist/interfaces/jwt-consts.js.map +0 -1
package/dist/interfaces/jwt-sign-response.d.ts +0 -11
package/dist/interfaces/jwt-sign-response.d.ts.map +0 -1
package/dist/interfaces/jwt-sign-response.js +0 -3
package/dist/interfaces/jwt-sign-response.js.map +0 -1
package/dist/interfaces/mongo-errors.d.ts +0 -5
package/dist/interfaces/mongo-errors.d.ts.map +0 -1
package/dist/interfaces/mongo-errors.js +0 -3
package/dist/interfaces/mongo-errors.js.map +0 -1
package/dist/interfaces/request-user.d.ts +0 -42
package/dist/interfaces/request-user.d.ts.map +0 -1
package/dist/interfaces/request-user.js +0 -3
package/dist/interfaces/request-user.js.map +0 -1
package/dist/interfaces/required-string-keys.d.ts +0 -22
package/dist/interfaces/required-string-keys.d.ts.map +0 -1
package/dist/interfaces/required-string-keys.js +0 -3
package/dist/interfaces/required-string-keys.js.map +0 -1
package/dist/interfaces/schema.d.ts +0 -29
package/dist/interfaces/schema.d.ts.map +0 -1
package/dist/interfaces/schema.js +0 -3
package/dist/interfaces/schema.js.map +0 -1
package/dist/interfaces/server-init-result.d.ts +0 -35
package/dist/interfaces/server-init-result.d.ts.map +0 -1
package/dist/interfaces/server-init-result.js +0 -3
package/dist/interfaces/server-init-result.js.map +0 -1
package/dist/interfaces/status-code-response.d.ts +0 -7
package/dist/interfaces/status-code-response.d.ts.map +0 -1
package/dist/interfaces/status-code-response.js +0 -3
package/dist/interfaces/status-code-response.js.map +0 -1
package/dist/interfaces/symmetric-encryption-results.d.ts +0 -5
package/dist/interfaces/symmetric-encryption-results.d.ts.map +0 -1
package/dist/interfaces/symmetric-encryption-results.js.map +0 -1
package/dist/interfaces/token-response.d.ts.map +0 -1
package/dist/interfaces/token-response.js +0 -3
package/dist/interfaces/token-response.js.map +0 -1
package/dist/middlewares/authenticate-crypto.d.ts +0 -13
package/dist/middlewares/authenticate-crypto.d.ts.map +0 -1
package/dist/middlewares/authenticate-crypto.js +0 -146
package/dist/middlewares/authenticate-crypto.js.map +0 -1
package/dist/middlewares/authenticate-token.d.ts +0 -24
package/dist/middlewares/authenticate-token.d.ts.map +0 -1
package/dist/middlewares/authenticate-token.js +0 -102
package/dist/middlewares/authenticate-token.js.map +0 -1
package/dist/middlewares/cleanup-crypto.d.ts +0 -7
package/dist/middlewares/cleanup-crypto.d.ts.map +0 -1
package/dist/middlewares/cleanup-crypto.js +0 -32
package/dist/middlewares/cleanup-crypto.js.map +0 -1
package/dist/middlewares/index.d.ts.map +0 -1
package/dist/middlewares/index.js +0 -21
package/dist/middlewares/index.js.map +0 -1
package/dist/middlewares/set-global-context-language.d.ts +0 -3
package/dist/middlewares/set-global-context-language.d.ts.map +0 -1
package/dist/middlewares/set-global-context-language.js +0 -14
package/dist/middlewares/set-global-context-language.js.map +0 -1
package/dist/middlewares.d.ts +0 -18
package/dist/middlewares.d.ts.map +0 -1
package/dist/middlewares.js +0 -76
package/dist/middlewares.js.map +0 -1
package/dist/model-registry.d.ts +0 -23
package/dist/model-registry.d.ts.map +0 -1
package/dist/model-registry.js +0 -47
package/dist/model-registry.js.map +0 -1
package/dist/models/email-token.d.ts +0 -11
package/dist/models/email-token.d.ts.map +0 -1
package/dist/models/email-token.js +0 -11
package/dist/models/email-token.js.map +0 -1
package/dist/models/index.d.ts.map +0 -1
package/dist/models/index.js +0 -23
package/dist/models/index.js.map +0 -1
package/dist/models/mnemonic.d.ts +0 -11
package/dist/models/mnemonic.d.ts.map +0 -1
package/dist/models/mnemonic.js +0 -11
package/dist/models/mnemonic.js.map +0 -1
package/dist/models/role.d.ts +0 -11
package/dist/models/role.d.ts.map +0 -1
package/dist/models/role.js +0 -11
package/dist/models/role.js.map +0 -1
package/dist/models/used-direct-login-token.d.ts +0 -11
package/dist/models/used-direct-login-token.d.ts.map +0 -1
package/dist/models/used-direct-login-token.js +0 -11
package/dist/models/used-direct-login-token.js.map +0 -1
package/dist/models/user-role.d.ts +0 -6
package/dist/models/user-role.d.ts.map +0 -1
package/dist/models/user-role.js +0 -10
package/dist/models/user-role.js.map +0 -1
package/dist/models/user.d.ts +0 -7
package/dist/models/user.d.ts.map +0 -1
package/dist/models/user.js +0 -11
package/dist/models/user.js.map +0 -1
package/dist/registry/email-service-registry.d.ts +0 -9
package/dist/registry/email-service-registry.d.ts.map +0 -1
package/dist/registry/email-service-registry.js +0 -17
package/dist/registry/email-service-registry.js.map +0 -1
package/dist/registry/index.d.ts.map +0 -1
package/dist/registry/index.js +0 -6
package/dist/registry/index.js.map +0 -1
package/dist/routers/api.d.ts +0 -27
package/dist/routers/api.d.ts.map +0 -1
package/dist/routers/api.js +0 -44
package/dist/routers/api.js.map +0 -1
package/dist/routers/app.d.ts +0 -28
package/dist/routers/app.d.ts.map +0 -1
package/dist/routers/app.js +0 -182
package/dist/routers/app.js.map +0 -1
package/dist/routers/base.d.ts +0 -12
package/dist/routers/base.d.ts.map +0 -1
package/dist/routers/base.js +0 -12
package/dist/routers/base.js.map +0 -1
package/dist/routers/index.d.ts.map +0 -1
package/dist/routers/index.js +0 -20
package/dist/routers/index.js.map +0 -1
package/dist/schemas/email-token.d.ts +0 -38
package/dist/schemas/email-token.d.ts.map +0 -1
package/dist/schemas/email-token.js +0 -56
package/dist/schemas/email-token.js.map +0 -1
package/dist/schemas/index.d.ts.map +0 -1
package/dist/schemas/index.js +0 -24
package/dist/schemas/index.js.map +0 -1
package/dist/schemas/mnemonic.d.ts +0 -20
package/dist/schemas/mnemonic.d.ts.map +0 -1
package/dist/schemas/mnemonic.js +0 -30
package/dist/schemas/mnemonic.js.map +0 -1
package/dist/schemas/role.d.ts +0 -32
package/dist/schemas/role.d.ts.map +0 -1
package/dist/schemas/role.js +0 -86
package/dist/schemas/role.js.map +0 -1
package/dist/schemas/schema.d.ts +0 -40
package/dist/schemas/schema.d.ts.map +0 -1
package/dist/schemas/schema.js +0 -64
package/dist/schemas/schema.js.map +0 -1
package/dist/schemas/used-direct-login-token.d.ts +0 -27
package/dist/schemas/used-direct-login-token.d.ts.map +0 -1
package/dist/schemas/used-direct-login-token.js +0 -23
package/dist/schemas/used-direct-login-token.js.map +0 -1
package/dist/schemas/user-role.d.ts +0 -29
package/dist/schemas/user-role.d.ts.map +0 -1
package/dist/schemas/user-role.js +0 -54
package/dist/schemas/user-role.js.map +0 -1
package/dist/schemas/user.d.ts +0 -21
package/dist/schemas/user.d.ts.map +0 -1
package/dist/schemas/user.js +0 -178
package/dist/schemas/user.js.map +0 -1
package/dist/services/backup-code.d.ts +0 -78
package/dist/services/backup-code.d.ts.map +0 -1
package/dist/services/backup-code.js +0 -180
package/dist/services/backup-code.js.map +0 -1
package/dist/services/base.d.ts +0 -13
package/dist/services/base.d.ts.map +0 -1
package/dist/services/base.js +0 -14
package/dist/services/base.js.map +0 -1
package/dist/services/checksum.d.ts +0 -67
package/dist/services/checksum.d.ts.map +0 -1
package/dist/services/checksum.js +0 -175
package/dist/services/checksum.js.map +0 -1
package/dist/services/crc.d.ts +0 -87
package/dist/services/crc.d.ts.map +0 -1
package/dist/services/crc.js +0 -198
package/dist/services/crc.js.map +0 -1
package/dist/services/database-initialization.d.ts +0 -105
package/dist/services/database-initialization.d.ts.map +0 -1
package/dist/services/database-initialization.js +0 -779
package/dist/services/database-initialization.js.map +0 -1
package/dist/services/direct-login-token.d.ts +0 -9
package/dist/services/direct-login-token.d.ts.map +0 -1
package/dist/services/direct-login-token.js +0 -41
package/dist/services/direct-login-token.js.map +0 -1
package/dist/services/fec-usage-example.d.ts +0 -38
package/dist/services/fec-usage-example.d.ts.map +0 -1
package/dist/services/fec-usage-example.js +0 -77
package/dist/services/fec-usage-example.js.map +0 -1
package/dist/services/fec.d.ts +0 -46
package/dist/services/fec.d.ts.map +0 -1
package/dist/services/fec.js +0 -192
package/dist/services/fec.js.map +0 -1
package/dist/services/index.d.ts.map +0 -1
package/dist/services/index.js +0 -35
package/dist/services/index.js.map +0 -1
package/dist/services/jwt.d.ts +0 -33
package/dist/services/jwt.d.ts.map +0 -1
package/dist/services/jwt.js +0 -90
package/dist/services/jwt.js.map +0 -1
package/dist/services/key-wrapping.d.ts +0 -60
package/dist/services/key-wrapping.d.ts.map +0 -1
package/dist/services/key-wrapping.js +0 -311
package/dist/services/key-wrapping.js.map +0 -1
package/dist/services/mnemonic.d.ts +0 -61
package/dist/services/mnemonic.d.ts.map +0 -1
package/dist/services/mnemonic.js +0 -112
package/dist/services/mnemonic.js.map +0 -1
package/dist/services/request-user.d.ts +0 -20
package/dist/services/request-user.d.ts.map +0 -1
package/dist/services/request-user.js +0 -50
package/dist/services/request-user.js.map +0 -1
package/dist/services/role.d.ts +0 -88
package/dist/services/role.d.ts.map +0 -1
package/dist/services/role.js +0 -263
package/dist/services/role.js.map +0 -1
package/dist/services/symmetric.d.ts +0 -42
package/dist/services/symmetric.d.ts.map +0 -1
package/dist/services/symmetric.js +0 -101
package/dist/services/symmetric.js.map +0 -1
package/dist/services/system-user.d.ts +0 -17
package/dist/services/system-user.d.ts.map +0 -1
package/dist/services/system-user.js +0 -46
package/dist/services/system-user.js.map +0 -1
package/dist/services/user.d.ts +0 -320
package/dist/services/user.d.ts.map +0 -1
package/dist/services/user.js +0 -1373
package/dist/services/user.js.map +0 -1
package/dist/services/xor.d.ts +0 -24
package/dist/services/xor.d.ts.map +0 -1
package/dist/services/xor.js +0 -37
package/dist/services/xor.js.map +0 -1
package/dist/types.d.ts +0 -70
package/dist/types.d.ts.map +0 -1
package/dist/types.js +0 -14
package/dist/types.js.map +0 -1
package/dist/utils.d.ts +0 -202
package/dist/utils.d.ts.map +0 -1
package/dist/utils.js +0 -786
package/dist/utils.js.map +0 -1
/package/{dist → src}/interfaces/symmetric-encryption-results.js +0 -0

package/src/services/backup-code.ts ADDED Viewed

@@ -0,0 +1,316 @@
+import {
+  EmailString,
+  MemberType,
+  SecureBuffer,
+  SecureString,
+} from '@digitaldefiance/ecies-lib';
+import {
+  Member as BackendMember,
+  ECIESService,
+} from '@digitaldefiance/node-ecies-lib';
+import {
+  IBackupCode,
+  InvalidBackupCodeError,
+  ITokenRole,
+} from '@digitaldefiance/suite-core-lib';
+import { timingSafeEqual } from 'crypto';
+import { ClientSession, Types } from 'mongoose';
+import { BackupCode } from '../backup-code';
+import { Constants as AppConstants } from '../constants';
+import { IBaseDocument, IUserDocument } from '../documents';
+import { InvalidBackupCodeVersionError } from '../errors/invalid-backup-code-version';
+import { IApplication } from '../interfaces/application';
+import { BaseService } from './base';
+import { KeyWrappingService } from './index';
+import { RoleService } from './role';
+import { SymmetricService } from './symmetric';
+import { SystemUserService } from './system-user';
+import { Environment } from '../environment';
+import { IConstants } from '../interfaces';
+/**
+ * Service handling generation, storage, validation, consumption, and recovery using backup codes.
+ *
+ * v1 scheme:
+ * - Code: 32 lowercase alphanumerics (a–z0–9), displayed as 8 groups of 4: xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx
+ * - Checksum/tag: HKDF-SHA256(codeUtf8, salt, "backup-checksum") → 32 bytes (stored as hex)
+ * - KDF for encryption key: Argon2id(codeUtf8, salt) → 32 bytes
+ * - Encryption: SymmetricService AEAD (encryptedData must embed IV + authTag + ciphertext)
+ * - Wrapping: AEAD blob wrapped with system user's asymmetric key (ECIES)
+ */
+export class BackupCodeService<
+  I = Types.ObjectId,
+  D extends Date = Date,
+  TTokenRole extends ITokenRole<I, D> = ITokenRole<I, D>,
+  TApplication extends IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants> = IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants>,
+> extends BaseService {
+  private readonly eciesService: ECIESService;
+  private systemUser?: BackendMember;
+  private readonly keyWrappingService: KeyWrappingService;
+  private readonly roleService: RoleService<I, D, TTokenRole>;
+  /**
+   * Construct a BackupCodeService.
+   */
+  constructor(
+    application: TApplication,
+    eciesService: ECIESService,
+    keyWrappingService: KeyWrappingService,
+    roleService: RoleService<I, D, TTokenRole>,
+  ) {
+    super(application);
+    this.eciesService = eciesService;
+    this.keyWrappingService = keyWrappingService;
+    this.roleService = roleService;
+  }
+  /**
+   * Get the lazily-initialized system user for key wrapping/unwrapping.
+   */
+  private getSystemUser(): BackendMember {
+    if (!this.systemUser) {
+      this.systemUser = SystemUserService.getSystemUser(
+        this.application.environment,
+      );
+    }
+    return this.systemUser;
+  }
+  /**
+   * Forcibly set the system user (for database initialization)
+   * @param user
+   */
+  public setSystemUser(user: BackendMember): void {
+    this.systemUser = user;
+  }
+  /**
+   * v1: Consume (validate and remove) a backup code via constant-time checksum match.
+   */
+  public useBackupCodeV1(
+    encryptedBackupCodes: Array<IBackupCode>,
+    backupCode: string,
+  ): { newCodesArray: Array<IBackupCode>; code: IBackupCode } {
+    const normalizedCode = BackupCode.normalizeCode(backupCode);
+    if (!AppConstants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
+      throw new InvalidBackupCodeError();
+    }
+    const codeBytes = Buffer.from(normalizedCode, 'utf8');
+    try {
+      for (const code of encryptedBackupCodes) {
+        if (code.version !== BackupCode.BackupCodeVersion) continue;
+        const checksumSalt = Buffer.from(code.checksumSalt, 'hex');
+        const expected = BackupCode.hkdfSha256(
+          codeBytes,
+          checksumSalt,
+          Buffer.from('backup-checksum'),
+          32,
+        );
+        if (
+          code.checksum.length === expected.length * 2 &&
+          timingSafeEqual(Buffer.from(code.checksum, 'hex'), expected)
+        ) {
+          const checksumHex = expected.toString('hex');
+          return {
+            newCodesArray: encryptedBackupCodes.filter(
+              (c) => c.checksum !== checksumHex,
+            ),
+            code,
+          };
+        }
+      }
+      throw new InvalidBackupCodeError();
+    } finally {
+      codeBytes.fill(0);
+    }
+  }
+  /**
+   * Consume a backup code by first detecting the version and then dispatching to the appropriate handler.
+   */
+  public useBackupCode(
+    encryptedBackupCodes: Array<IBackupCode>,
+    backupCode: string,
+  ): { newCodesArray: Array<IBackupCode>; code: IBackupCode } {
+    const version = BackupCode.detectBackupCodeVersion(
+      encryptedBackupCodes,
+      backupCode,
+    );
+    switch (version) {
+      case BackupCode.BackupCodeVersion:
+        return this.useBackupCodeV1(
+          encryptedBackupCodes.filter(
+            (c) => c.version === BackupCode.BackupCodeVersion,
+          ),
+          backupCode,
+        );
+      default:
+        throw new InvalidBackupCodeVersionError(version);
+    }
+  }
+  /**
+   * v1: Recover a user's private key using a backup code.
+   */
+  public async recoverKeyWithBackupCodeV1(
+    userDoc: IUserDocument,
+    backupCode: string,
+    newPassword?: SecureString,
+    session?: ClientSession,
+  ): Promise<{
+    userDoc: IUserDocument;
+    user: BackendMember;
+    codeCount: number;
+  }> {
+    const normalizedCode = BackupCode.normalizeCode(backupCode);
+    return await this.withTransaction<{
+      userDoc: IUserDocument;
+      user: BackendMember;
+      codeCount: number;
+    }>(
+      async (sess: ClientSession | undefined) => {
+        const { code, newCodesArray } = this.useBackupCodeV1(
+          userDoc.backupCodes,
+          normalizedCode,
+        );
+        userDoc.backupCodes = newCodesArray;
+        let decryptionKey: Buffer | undefined;
+        try {
+          const adminMember = this.getSystemUser();
+          decryptionKey = await BackupCode.getBackupKeyV1(
+            code.checksumSalt,
+            normalizedCode,
+          );
+          const privateKeyUnwrapped = adminMember.decryptData(
+            Buffer.from(code.encrypted, 'hex'),
+          );
+          const decryptedPrivateKey = new SecureBuffer(
+            SymmetricService.decryptBuffer(privateKeyUnwrapped, decryptionKey),
+          );
+          const memberType: MemberType = await this.roleService.getMemberType(
+            userDoc,
+            session,
+          );
+          const user = new BackendMember(
+            this.eciesService,
+            memberType,
+            userDoc.username,
+            new EmailString(userDoc.email),
+            Buffer.from(userDoc.publicKey, 'hex'),
+            decryptedPrivateKey,
+            undefined,
+            userDoc._id,
+            new Date(userDoc.createdAt),
+            new Date(userDoc.updatedAt),
+          );
+          if (!newPassword) {
+            await userDoc.save({ session: sess });
+            return {
+              userDoc,
+              user,
+              codeCount: newCodesArray.length,
+            };
+          }
+          const wrapped = this.keyWrappingService.wrapSecret(
+            decryptedPrivateKey,
+            newPassword,
+          );
+          userDoc.passwordWrappedPrivateKey = wrapped;
+          await userDoc.save({ session: sess });
+          return { userDoc, user, codeCount: newCodesArray.length };
+        } finally {
+          if (decryptionKey) decryptionKey.fill(0);
+        }
+      },
+      session,
+      {
+        timeoutMs: this.application.environment.mongo.transactionTimeout * 5,
+      },
+    );
+  }
+  /**
+   * Recover a user's private key using a backup code (version-dispatched).
+   */
+  public async recoverKeyWithBackupCode(
+    userDoc: IUserDocument,
+    backupCode: string,
+    newPassword?: SecureString,
+    session?: ClientSession,
+  ): Promise<{
+    userDoc: IUserDocument;
+    user: BackendMember;
+    codeCount: number;
+  }> {
+    const version = BackupCode.detectBackupCodeVersion(
+      userDoc.backupCodes,
+      backupCode,
+    );
+    switch (version) {
+      case BackupCode.BackupCodeVersion:
+        return this.recoverKeyWithBackupCodeV1(
+          userDoc,
+          backupCode,
+          newPassword,
+          session,
+        );
+      default:
+        throw new InvalidBackupCodeVersionError(version);
+    }
+  }
+  /**
+   * Rewrap system-wrapped AEAD blobs from old system key to new one without touching inner AEAD.
+   */
+  public async rewrapAllUsersBackupCodes(
+    fetchBatch: (afterId?: string, limit?: number) => Promise<IUserDocument[]>,
+    saveUser: (user: IUserDocument) => Promise<void>,
+    oldSystem: BackendMember,
+    newSystem: BackendMember,
+    options?: { batchSize?: number; onProgress?: (count: number) => void },
+  ): Promise<number> {
+    const batchSize = options?.batchSize ?? 500;
+    let processed = 0;
+    let afterId: string | undefined;
+    for (;;) {
+      const users = await fetchBatch(afterId, batchSize);
+      if (!users.length) break;
+      for (const user of users) {
+        let modified = false;
+        for (const bc of user.backupCodes ?? []) {
+          try {
+            const sealed = oldSystem.decryptData(
+              Buffer.from(bc.encrypted, 'hex'),
+            );
+            const rewrapped = newSystem.encryptData(sealed).toString('hex');
+            if (rewrapped !== bc.encrypted) {
+              bc.encrypted = rewrapped;
+              modified = true;
+            }
+          } catch (e) {
+            throw new Error(
+              `Failed to rewrap backup code for user ${user._id}: ${
+                (e as Error).message
+              }`,
+            );
+          }
+        }
+        if (modified) {
+          await saveUser(user);
+          processed++;
+          options?.onProgress?.(processed);
+        }
+      }
+      afterId =
+        (users[users.length - 1]?._id as unknown as string) ?? undefined;
+    }
+    return processed;
+  }
+}

package/src/services/base.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { ClientSession, Types } from 'mongoose';
+import { IApplication } from '../interfaces/application';
+import { TransactionCallback } from '../types';
+import {
+  TransactionOptions,
+  withTransaction as utilsWithTransaction,
+} from '../utils';
+import { IBaseDocument } from '../documents';
+import { Environment } from '../environment';
+import { IConstants } from '../interfaces';
+export class BaseService<TApplication extends IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants> = IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants>> {
+  protected readonly application: TApplication;
+  constructor(application: TApplication) {
+    this.application = application;
+  }
+  public async withTransaction<T>(
+    callback: TransactionCallback<T>,
+    session?: ClientSession,
+    options?: TransactionOptions,
+    ...args: any
+  ) {
+    return await utilsWithTransaction<T>(
+      this.application.db.connection,
+      this.application.environment.mongo.useTransactions,
+      session,
+      callback,
+      options ?? {},
+      ...args,
+    );
+  }
+}

package/src/services/checksum.ts ADDED Viewed

@@ -0,0 +1,161 @@
+import {
+  ChecksumBuffer,
+  ChecksumString,
+} from '@digitaldefiance/node-ecies-lib';
+import { createHash } from 'crypto';
+import { promises as fs } from 'fs';
+import { CHECKSUM } from '../constants';
+import { IChecksumConfig } from '../interfaces/checksum-config';
+export class ChecksumService {
+  private readonly config: IChecksumConfig;
+  constructor(config?: Partial<IChecksumConfig>) {
+    this.config = {
+      algorithm: CHECKSUM.ALGORITHM,
+      encoding: CHECKSUM.ENCODING,
+      ...config,
+    };
+  }
+  /**
+   * Calculate a checksum for a buffer
+   * @param data - The data to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksum(data: Buffer): ChecksumBuffer {
+    const hash = createHash(this.config.algorithm);
+    hash.update(data);
+    const digest = hash.digest();
+    return Buffer.from(digest) as ChecksumBuffer;
+  }
+  /**
+   * Calculate a checksum for multiple buffers
+   * @param buffers - The buffers to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForBuffers(buffers: Buffer[]): ChecksumBuffer {
+    const hash = createHash(this.config.algorithm);
+    for (const buffer of buffers) {
+      hash.update(buffer);
+    }
+    const digest = hash.digest();
+    return Buffer.from(digest) as ChecksumBuffer;
+  }
+  /**
+   * Calculate a checksum for a string
+   * @param str - The string to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForString(str: string): ChecksumBuffer {
+    return this.calculateChecksum(Buffer.from(str, 'utf8'));
+  }
+  /**
+   * Compare two checksums for equality
+   * @param checksum1 - The first checksum
+   * @param checksum2 - The second checksum
+   * @returns True if the checksums are equal, false otherwise
+   */
+  public compareChecksums(
+    checksum1: ChecksumBuffer,
+    checksum2: ChecksumBuffer,
+  ): boolean {
+    if (
+      checksum1.length !== CHECKSUM.SHA3_BUFFER_LENGTH ||
+      checksum2.length !== CHECKSUM.SHA3_BUFFER_LENGTH
+    ) {
+      return false;
+    }
+    return checksum1.equals(checksum2);
+  }
+  /**
+   * Convert a checksum to a hex string
+   * @param checksum - The checksum to convert
+   * @returns The checksum as a hex string
+   */
+  public checksumToHexString(checksum: ChecksumBuffer): ChecksumString {
+    return checksum.toString(CHECKSUM.ENCODING) as ChecksumString;
+  }
+  /**
+   * Convert a hex string to a checksum
+   * @param hexString - The hex string to convert
+   * @returns The checksum as a Buffer
+   */
+  public hexStringToChecksum(hexString: string): ChecksumBuffer {
+    if (hexString.length !== CHECKSUM.SHA3_BUFFER_LENGTH * 2) {
+      throw new Error('Invalid checksum hex string length');
+    }
+    return Buffer.from(hexString, CHECKSUM.ENCODING) as ChecksumBuffer;
+  }
+  /**
+   * Validate a checksum buffer
+   * @param checksum - The checksum to validate
+   * @returns True if the checksum is valid, false otherwise
+   */
+  public validateChecksum(checksum: ChecksumBuffer): boolean {
+    return checksum.length === CHECKSUM.SHA3_BUFFER_LENGTH;
+  }
+  /**
+   * Calculate a checksum for a file
+   * @param filePath - The path to the file
+   * @returns The checksum as a Buffer
+   */
+  public async calculateChecksumForFile(
+    filePath: string,
+  ): Promise<ChecksumBuffer> {
+    // Removed dynamic import by using the data service to read file data
+    // This is a temporary solution that can be replaced with a proper file service
+    // The implementation now delegates file reading to the caller
+    const buffer = Buffer.from(await this.readFile(filePath));
+    return this.calculateChecksum(buffer);
+  }
+  /**
+   * Internal file reading method
+   * @private
+   */
+  private async readFile(filePath: string): Promise<Buffer> {
+    // Import fs using a static import that's available at module load time
+    // This solves the dynamic import/require issues
+    try {
+      return await fs.readFile(filePath);
+    } catch {
+      throw new Error(`Failed to read file at path: ${filePath}`);
+    }
+  }
+  /**
+   * Calculate a checksum for a stream
+   * @param stream - The readable stream
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForStream(
+    stream: NodeJS.ReadableStream,
+  ): Promise<ChecksumBuffer> {
+    return new Promise((resolve, reject) => {
+      const hash = createHash(this.config.algorithm);
+      stream.on('data', (chunk) => {
+        // Ensure chunk is a Buffer before updating hash
+        if (Buffer.isBuffer(chunk)) {
+          hash.update(chunk);
+        } else if (typeof chunk === 'number') {
+          hash.update(Buffer.from([chunk]));
+        } else {
+          hash.update(Buffer.from(chunk));
+        }
+      });
+      stream.on('end', () => {
+        const digest = hash.digest();
+        resolve(Buffer.from(digest) as ChecksumBuffer);
+      });
+      stream.on('error', reject);
+    });
+  }
+}