npm - @vorionsys/platform-core - Versions diffs - 0.1.0 - Mend

@vorionsys/platform-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1847) hide show

package/LICENSE +190 -0
package/README.md +88 -0
package/dist/a2a/attestation.d.ts +145 -0
package/dist/a2a/attestation.d.ts.map +1 -0
package/dist/a2a/attestation.js +353 -0
package/dist/a2a/attestation.js.map +1 -0
package/dist/a2a/chain-of-trust.d.ts +143 -0
package/dist/a2a/chain-of-trust.d.ts.map +1 -0
package/dist/a2a/chain-of-trust.js +422 -0
package/dist/a2a/chain-of-trust.js.map +1 -0
package/dist/a2a/index.d.ts +15 -0
package/dist/a2a/index.d.ts.map +1 -0
package/dist/a2a/index.js +23 -0
package/dist/a2a/index.js.map +1 -0
package/dist/a2a/openapi.d.ts +22 -0
package/dist/a2a/openapi.d.ts.map +1 -0
package/dist/a2a/openapi.js +1133 -0
package/dist/a2a/openapi.js.map +1 -0
package/dist/a2a/router.d.ts +167 -0
package/dist/a2a/router.d.ts.map +1 -0
package/dist/a2a/router.js +454 -0
package/dist/a2a/router.js.map +1 -0
package/dist/a2a/routes.d.ts +11 -0
package/dist/a2a/routes.d.ts.map +1 -0
package/dist/a2a/routes.js +442 -0
package/dist/a2a/routes.js.map +1 -0
package/dist/a2a/trust-negotiation.d.ts +119 -0
package/dist/a2a/trust-negotiation.d.ts.map +1 -0
package/dist/a2a/trust-negotiation.js +425 -0
package/dist/a2a/trust-negotiation.js.map +1 -0
package/dist/a2a/types.d.ts +413 -0
package/dist/a2a/types.d.ts.map +1 -0
package/dist/a2a/types.js +38 -0
package/dist/a2a/types.js.map +1 -0
package/dist/agent-registry/a3i-cache.d.ts +113 -0
package/dist/agent-registry/a3i-cache.d.ts.map +1 -0
package/dist/agent-registry/a3i-cache.js +305 -0
package/dist/agent-registry/a3i-cache.js.map +1 -0
package/dist/agent-registry/index.d.ts +14 -0
package/dist/agent-registry/index.d.ts.map +1 -0
package/dist/agent-registry/index.js +17 -0
package/dist/agent-registry/index.js.map +1 -0
package/dist/agent-registry/openapi.d.ts +23 -0
package/dist/agent-registry/openapi.d.ts.map +1 -0
package/dist/agent-registry/openapi.js +1377 -0
package/dist/agent-registry/openapi.js.map +1 -0
package/dist/agent-registry/routes.d.ts +10 -0
package/dist/agent-registry/routes.d.ts.map +1 -0
package/dist/agent-registry/routes.js +485 -0
package/dist/agent-registry/routes.js.map +1 -0
package/dist/agent-registry/service.d.ts +159 -0
package/dist/agent-registry/service.d.ts.map +1 -0
package/dist/agent-registry/service.js +652 -0
package/dist/agent-registry/service.js.map +1 -0
package/dist/agent-registry/tenant-service.d.ts +104 -0
package/dist/agent-registry/tenant-service.d.ts.map +1 -0
package/dist/agent-registry/tenant-service.js +313 -0
package/dist/agent-registry/tenant-service.js.map +1 -0
package/dist/api/auth.d.ts +55 -0
package/dist/api/auth.d.ts.map +1 -0
package/dist/api/auth.js +322 -0
package/dist/api/auth.js.map +1 -0
package/dist/api/errors.d.ts +146 -0
package/dist/api/errors.d.ts.map +1 -0
package/dist/api/errors.js +464 -0
package/dist/api/errors.js.map +1 -0
package/dist/api/index.d.ts +15 -0
package/dist/api/index.d.ts.map +1 -0
package/dist/api/index.js +19 -0
package/dist/api/index.js.map +1 -0
package/dist/api/middleware/api-key-enforcement.d.ts +131 -0
package/dist/api/middleware/api-key-enforcement.d.ts.map +1 -0
package/dist/api/middleware/api-key-enforcement.js +674 -0
package/dist/api/middleware/api-key-enforcement.js.map +1 -0
package/dist/api/middleware/audit.d.ts +151 -0
package/dist/api/middleware/audit.d.ts.map +1 -0
package/dist/api/middleware/audit.js +384 -0
package/dist/api/middleware/audit.js.map +1 -0
package/dist/api/middleware/dpop-enforcement.d.ts +176 -0
package/dist/api/middleware/dpop-enforcement.d.ts.map +1 -0
package/dist/api/middleware/dpop-enforcement.js +596 -0
package/dist/api/middleware/dpop-enforcement.js.map +1 -0
package/dist/api/middleware/index.d.ts +24 -0
package/dist/api/middleware/index.d.ts.map +1 -0
package/dist/api/middleware/index.js +43 -0
package/dist/api/middleware/index.js.map +1 -0
package/dist/api/middleware/metrics.d.ts +41 -0
package/dist/api/middleware/metrics.d.ts.map +1 -0
package/dist/api/middleware/metrics.js +150 -0
package/dist/api/middleware/metrics.js.map +1 -0
package/dist/api/middleware/rate-limits.d.ts +224 -0
package/dist/api/middleware/rate-limits.d.ts.map +1 -0
package/dist/api/middleware/rate-limits.js +686 -0
package/dist/api/middleware/rate-limits.js.map +1 -0
package/dist/api/middleware/rateLimit.d.ts +165 -0
package/dist/api/middleware/rateLimit.d.ts.map +1 -0
package/dist/api/middleware/rateLimit.js +477 -0
package/dist/api/middleware/rateLimit.js.map +1 -0
package/dist/api/middleware/redis-rate-limiter.d.ts +279 -0
package/dist/api/middleware/redis-rate-limiter.d.ts.map +1 -0
package/dist/api/middleware/redis-rate-limiter.js +1074 -0
package/dist/api/middleware/redis-rate-limiter.js.map +1 -0
package/dist/api/middleware/security-headers.d.ts +248 -0
package/dist/api/middleware/security-headers.d.ts.map +1 -0
package/dist/api/middleware/security-headers.js +410 -0
package/dist/api/middleware/security-headers.js.map +1 -0
package/dist/api/middleware/security.d.ts +156 -0
package/dist/api/middleware/security.d.ts.map +1 -0
package/dist/api/middleware/security.js +412 -0
package/dist/api/middleware/security.js.map +1 -0
package/dist/api/middleware/validation.d.ts +132 -0
package/dist/api/middleware/validation.d.ts.map +1 -0
package/dist/api/middleware/validation.js +363 -0
package/dist/api/middleware/validation.js.map +1 -0
package/dist/api/middleware/webhook-verify.d.ts +130 -0
package/dist/api/middleware/webhook-verify.d.ts.map +1 -0
package/dist/api/middleware/webhook-verify.js +366 -0
package/dist/api/middleware/webhook-verify.js.map +1 -0
package/dist/api/rate-limit.d.ts +115 -0
package/dist/api/rate-limit.d.ts.map +1 -0
package/dist/api/rate-limit.js +335 -0
package/dist/api/rate-limit.js.map +1 -0
package/dist/api/server.d.ts +37 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +2086 -0
package/dist/api/server.js.map +1 -0
package/dist/api/validation.d.ts +243 -0
package/dist/api/validation.d.ts.map +1 -0
package/dist/api/validation.js +247 -0
package/dist/api/validation.js.map +1 -0
package/dist/audit/compliance-reporter.d.ts +271 -0
package/dist/audit/compliance-reporter.d.ts.map +1 -0
package/dist/audit/compliance-reporter.js +587 -0
package/dist/audit/compliance-reporter.js.map +1 -0
package/dist/audit/db-store.d.ts +689 -0
package/dist/audit/db-store.d.ts.map +1 -0
package/dist/audit/db-store.js +589 -0
package/dist/audit/db-store.js.map +1 -0
package/dist/audit/event-schema.d.ts +605 -0
package/dist/audit/event-schema.d.ts.map +1 -0
package/dist/audit/event-schema.js +566 -0
package/dist/audit/event-schema.js.map +1 -0
package/dist/audit/index.d.ts +16 -0
package/dist/audit/index.d.ts.map +1 -0
package/dist/audit/index.js +44 -0
package/dist/audit/index.js.map +1 -0
package/dist/audit/security-events.d.ts +1624 -0
package/dist/audit/security-events.d.ts.map +1 -0
package/dist/audit/security-events.js +775 -0
package/dist/audit/security-events.js.map +1 -0
package/dist/audit/security-logger.d.ts +288 -0
package/dist/audit/security-logger.d.ts.map +1 -0
package/dist/audit/security-logger.js +820 -0
package/dist/audit/security-logger.js.map +1 -0
package/dist/audit/service.d.ts +206 -0
package/dist/audit/service.d.ts.map +1 -0
package/dist/audit/service.js +756 -0
package/dist/audit/service.js.map +1 -0
package/dist/audit/siem/elastic.d.ts +94 -0
package/dist/audit/siem/elastic.d.ts.map +1 -0
package/dist/audit/siem/elastic.js +412 -0
package/dist/audit/siem/elastic.js.map +1 -0
package/dist/audit/siem/index.d.ts +179 -0
package/dist/audit/siem/index.d.ts.map +1 -0
package/dist/audit/siem/index.js +368 -0
package/dist/audit/siem/index.js.map +1 -0
package/dist/audit/siem/loki.d.ts +100 -0
package/dist/audit/siem/loki.d.ts.map +1 -0
package/dist/audit/siem/loki.js +406 -0
package/dist/audit/siem/loki.js.map +1 -0
package/dist/audit/siem/splunk.d.ts +91 -0
package/dist/audit/siem/splunk.d.ts.map +1 -0
package/dist/audit/siem/splunk.js +375 -0
package/dist/audit/siem/splunk.js.map +1 -0
package/dist/audit/siem/types.d.ts +547 -0
package/dist/audit/siem/types.d.ts.map +1 -0
package/dist/audit/siem/types.js +270 -0
package/dist/audit/siem/types.js.map +1 -0
package/dist/audit/types.d.ts +410 -0
package/dist/audit/types.d.ts.map +1 -0
package/dist/audit/types.js +130 -0
package/dist/audit/types.js.map +1 -0
package/dist/auth/index.d.ts +10 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +10 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/mfa/index.d.ts +9 -0
package/dist/auth/mfa/index.d.ts.map +1 -0
package/dist/auth/mfa/index.js +9 -0
package/dist/auth/mfa/index.js.map +1 -0
package/dist/auth/mfa/totp.d.ts +222 -0
package/dist/auth/mfa/totp.d.ts.map +1 -0
package/dist/auth/mfa/totp.js +329 -0
package/dist/auth/mfa/totp.js.map +1 -0
package/dist/auth/piv-cac/card-removal-handler.d.ts +197 -0
package/dist/auth/piv-cac/card-removal-handler.d.ts.map +1 -0
package/dist/auth/piv-cac/card-removal-handler.js +560 -0
package/dist/auth/piv-cac/card-removal-handler.js.map +1 -0
package/dist/auth/piv-cac/certificate-auth.d.ts +117 -0
package/dist/auth/piv-cac/certificate-auth.d.ts.map +1 -0
package/dist/auth/piv-cac/certificate-auth.js +727 -0
package/dist/auth/piv-cac/certificate-auth.js.map +1 -0
package/dist/auth/piv-cac/certificate-mapper.d.ts +141 -0
package/dist/auth/piv-cac/certificate-mapper.d.ts.map +1 -0
package/dist/auth/piv-cac/certificate-mapper.js +569 -0
package/dist/auth/piv-cac/certificate-mapper.js.map +1 -0
package/dist/auth/piv-cac/crl-validator.d.ts +195 -0
package/dist/auth/piv-cac/crl-validator.d.ts.map +1 -0
package/dist/auth/piv-cac/crl-validator.js +824 -0
package/dist/auth/piv-cac/crl-validator.js.map +1 -0
package/dist/auth/piv-cac/index.d.ts +72 -0
package/dist/auth/piv-cac/index.d.ts.map +1 -0
package/dist/auth/piv-cac/index.js +172 -0
package/dist/auth/piv-cac/index.js.map +1 -0
package/dist/auth/piv-cac/ocsp-validator.d.ts +183 -0
package/dist/auth/piv-cac/ocsp-validator.d.ts.map +1 -0
package/dist/auth/piv-cac/ocsp-validator.js +657 -0
package/dist/auth/piv-cac/ocsp-validator.js.map +1 -0
package/dist/auth/piv-cac/piv-middleware.d.ts +95 -0
package/dist/auth/piv-cac/piv-middleware.d.ts.map +1 -0
package/dist/auth/piv-cac/piv-middleware.js +524 -0
package/dist/auth/piv-cac/piv-middleware.js.map +1 -0
package/dist/auth/piv-cac/piv-routes.d.ts +29 -0
package/dist/auth/piv-cac/piv-routes.d.ts.map +1 -0
package/dist/auth/piv-cac/piv-routes.js +534 -0
package/dist/auth/piv-cac/piv-routes.js.map +1 -0
package/dist/auth/piv-cac/pkcs11-provider.d.ts +280 -0
package/dist/auth/piv-cac/pkcs11-provider.d.ts.map +1 -0
package/dist/auth/piv-cac/pkcs11-provider.js +535 -0
package/dist/auth/piv-cac/pkcs11-provider.js.map +1 -0
package/dist/auth/piv-cac/types.d.ts +4098 -0
package/dist/auth/piv-cac/types.d.ts.map +1 -0
package/dist/auth/piv-cac/types.js +495 -0
package/dist/auth/piv-cac/types.js.map +1 -0
package/dist/basis/evaluator.d.ts +72 -0
package/dist/basis/evaluator.d.ts.map +1 -0
package/dist/basis/evaluator.js +275 -0
package/dist/basis/evaluator.js.map +1 -0
package/dist/basis/expression-evaluator.d.ts +77 -0
package/dist/basis/expression-evaluator.d.ts.map +1 -0
package/dist/basis/expression-evaluator.js +826 -0
package/dist/basis/expression-evaluator.js.map +1 -0
package/dist/basis/index.d.ts +13 -0
package/dist/basis/index.d.ts.map +1 -0
package/dist/basis/index.js +13 -0
package/dist/basis/index.js.map +1 -0
package/dist/basis/parser.d.ts +376 -0
package/dist/basis/parser.d.ts.map +1 -0
package/dist/basis/parser.js +178 -0
package/dist/basis/parser.js.map +1 -0
package/dist/basis/types.d.ts +115 -0
package/dist/basis/types.d.ts.map +1 -0
package/dist/basis/types.js +5 -0
package/dist/basis/types.js.map +1 -0
package/dist/car-extensions/aci-string-extensions.d.ts +10 -0
package/dist/car-extensions/aci-string-extensions.d.ts.map +1 -0
package/dist/car-extensions/aci-string-extensions.js +24 -0
package/dist/car-extensions/aci-string-extensions.js.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts +88 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.js +445 -0
package/dist/car-extensions/builtin-extensions/audit.js.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts +32 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.js +534 -0
package/dist/car-extensions/builtin-extensions/governance.js.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts +43 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.js +416 -0
package/dist/car-extensions/builtin-extensions/monitoring.js.map +1 -0
package/dist/car-extensions/car-string-extensions.d.ts +355 -0
package/dist/car-extensions/car-string-extensions.d.ts.map +1 -0
package/dist/car-extensions/car-string-extensions.js +473 -0
package/dist/car-extensions/car-string-extensions.js.map +1 -0
package/dist/car-extensions/executor.d.ts +208 -0
package/dist/car-extensions/executor.d.ts.map +1 -0
package/dist/car-extensions/executor.js +789 -0
package/dist/car-extensions/executor.js.map +1 -0
package/dist/car-extensions/index.d.ts +94 -0
package/dist/car-extensions/index.d.ts.map +1 -0
package/dist/car-extensions/index.js +159 -0
package/dist/car-extensions/index.js.map +1 -0
package/dist/car-extensions/registry.d.ts +217 -0
package/dist/car-extensions/registry.d.ts.map +1 -0
package/dist/car-extensions/registry.js +450 -0
package/dist/car-extensions/registry.js.map +1 -0
package/dist/car-extensions/service.d.ts +220 -0
package/dist/car-extensions/service.d.ts.map +1 -0
package/dist/car-extensions/service.js +486 -0
package/dist/car-extensions/service.js.map +1 -0
package/dist/car-extensions/types.d.ts +2269 -0
package/dist/car-extensions/types.d.ts.map +1 -0
package/dist/car-extensions/types.js +389 -0
package/dist/car-extensions/types.js.map +1 -0
package/dist/cognigate/index.d.ts +192 -0
package/dist/cognigate/index.d.ts.map +1 -0
package/dist/cognigate/index.js +435 -0
package/dist/cognigate/index.js.map +1 -0
package/dist/cognigate/sandbox/capability-broker.d.ts +166 -0
package/dist/cognigate/sandbox/capability-broker.d.ts.map +1 -0
package/dist/cognigate/sandbox/capability-broker.js +461 -0
package/dist/cognigate/sandbox/capability-broker.js.map +1 -0
package/dist/cognigate/sandbox/filesystem-policy.d.ts +139 -0
package/dist/cognigate/sandbox/filesystem-policy.d.ts.map +1 -0
package/dist/cognigate/sandbox/filesystem-policy.js +426 -0
package/dist/cognigate/sandbox/filesystem-policy.js.map +1 -0
package/dist/cognigate/sandbox/index.d.ts +17 -0
package/dist/cognigate/sandbox/index.d.ts.map +1 -0
package/dist/cognigate/sandbox/index.js +24 -0
package/dist/cognigate/sandbox/index.js.map +1 -0
package/dist/cognigate/sandbox/network-policy.d.ts +126 -0
package/dist/cognigate/sandbox/network-policy.d.ts.map +1 -0
package/dist/cognigate/sandbox/network-policy.js +382 -0
package/dist/cognigate/sandbox/network-policy.js.map +1 -0
package/dist/cognigate/sandbox/sandbox-service.d.ts +70 -0
package/dist/cognigate/sandbox/sandbox-service.d.ts.map +1 -0
package/dist/cognigate/sandbox/sandbox-service.js +472 -0
package/dist/cognigate/sandbox/sandbox-service.js.map +1 -0
package/dist/cognigate/sandbox/types.d.ts +376 -0
package/dist/cognigate/sandbox/types.d.ts.map +1 -0
package/dist/cognigate/sandbox/types.js +179 -0
package/dist/cognigate/sandbox/types.js.map +1 -0
package/dist/common/adapters/index.d.ts +34 -0
package/dist/common/adapters/index.d.ts.map +1 -0
package/dist/common/adapters/index.js +46 -0
package/dist/common/adapters/index.js.map +1 -0
package/dist/common/adapters/memory-cache.d.ts +91 -0
package/dist/common/adapters/memory-cache.d.ts.map +1 -0
package/dist/common/adapters/memory-cache.js +201 -0
package/dist/common/adapters/memory-cache.js.map +1 -0
package/dist/common/adapters/memory-lock.d.ts +75 -0
package/dist/common/adapters/memory-lock.d.ts.map +1 -0
package/dist/common/adapters/memory-lock.js +219 -0
package/dist/common/adapters/memory-lock.js.map +1 -0
package/dist/common/adapters/memory-queue.d.ts +64 -0
package/dist/common/adapters/memory-queue.d.ts.map +1 -0
package/dist/common/adapters/memory-queue.js +233 -0
package/dist/common/adapters/memory-queue.js.map +1 -0
package/dist/common/adapters/memory-ratelimit.d.ts +78 -0
package/dist/common/adapters/memory-ratelimit.d.ts.map +1 -0
package/dist/common/adapters/memory-ratelimit.js +196 -0
package/dist/common/adapters/memory-ratelimit.js.map +1 -0
package/dist/common/adapters/memory-session.d.ts +105 -0
package/dist/common/adapters/memory-session.d.ts.map +1 -0
package/dist/common/adapters/memory-session.js +302 -0
package/dist/common/adapters/memory-session.js.map +1 -0
package/dist/common/adapters/provider.d.ts +47 -0
package/dist/common/adapters/provider.d.ts.map +1 -0
package/dist/common/adapters/provider.js +347 -0
package/dist/common/adapters/provider.js.map +1 -0
package/dist/common/adapters/types.d.ts +247 -0
package/dist/common/adapters/types.d.ts.map +1 -0
package/dist/common/adapters/types.js +11 -0
package/dist/common/adapters/types.js.map +1 -0
package/dist/common/alerts.d.ts +57 -0
package/dist/common/alerts.d.ts.map +1 -0
package/dist/common/alerts.js +216 -0
package/dist/common/alerts.js.map +1 -0
package/dist/common/authorization.d.ts +137 -0
package/dist/common/authorization.d.ts.map +1 -0
package/dist/common/authorization.js +270 -0
package/dist/common/authorization.js.map +1 -0
package/dist/common/canonical-bridge.d.ts +153 -0
package/dist/common/canonical-bridge.d.ts.map +1 -0
package/dist/common/canonical-bridge.js +236 -0
package/dist/common/canonical-bridge.js.map +1 -0
package/dist/common/canonical-json.d.ts +64 -0
package/dist/common/canonical-json.d.ts.map +1 -0
package/dist/common/canonical-json.js +95 -0
package/dist/common/canonical-json.js.map +1 -0
package/dist/common/circuit-breaker.d.ts +320 -0
package/dist/common/circuit-breaker.d.ts.map +1 -0
package/dist/common/circuit-breaker.js +887 -0
package/dist/common/circuit-breaker.js.map +1 -0
package/dist/common/config.d.ts +2053 -0
package/dist/common/config.d.ts.map +1 -0
package/dist/common/config.js +1314 -0
package/dist/common/config.js.map +1 -0
package/dist/common/contracts/index.d.ts +2 -0
package/dist/common/contracts/index.d.ts.map +1 -0
package/dist/common/contracts/index.js +2 -0
package/dist/common/contracts/index.js.map +1 -0
package/dist/common/contracts/output.d.ts +81 -0
package/dist/common/contracts/output.d.ts.map +1 -0
package/dist/common/contracts/output.js +38 -0
package/dist/common/contracts/output.js.map +1 -0
package/dist/common/crypto-utils.d.ts +103 -0
package/dist/common/crypto-utils.d.ts.map +1 -0
package/dist/common/crypto-utils.js +275 -0
package/dist/common/crypto-utils.js.map +1 -0
package/dist/common/crypto.d.ts +70 -0
package/dist/common/crypto.d.ts.map +1 -0
package/dist/common/crypto.js +201 -0
package/dist/common/crypto.js.map +1 -0
package/dist/common/database-resilience.d.ts +156 -0
package/dist/common/database-resilience.d.ts.map +1 -0
package/dist/common/database-resilience.js +269 -0
package/dist/common/database-resilience.js.map +1 -0
package/dist/common/db-metrics.d.ts +90 -0
package/dist/common/db-metrics.d.ts.map +1 -0
package/dist/common/db-metrics.js +219 -0
package/dist/common/db-metrics.js.map +1 -0
package/dist/common/db-pool.d.ts +307 -0
package/dist/common/db-pool.d.ts.map +1 -0
package/dist/common/db-pool.js +879 -0
package/dist/common/db-pool.js.map +1 -0
package/dist/common/db.d.ts +105 -0
package/dist/common/db.d.ts.map +1 -0
package/dist/common/db.js +216 -0
package/dist/common/db.js.map +1 -0
package/dist/common/debug-auth-middleware.d.ts +111 -0
package/dist/common/debug-auth-middleware.d.ts.map +1 -0
package/dist/common/debug-auth-middleware.js +285 -0
package/dist/common/debug-auth-middleware.js.map +1 -0
package/dist/common/di.d.ts +202 -0
package/dist/common/di.d.ts.map +1 -0
package/dist/common/di.js +219 -0
package/dist/common/di.js.map +1 -0
package/dist/common/encryption.d.ts +233 -0
package/dist/common/encryption.d.ts.map +1 -0
package/dist/common/encryption.js +527 -0
package/dist/common/encryption.js.map +1 -0
package/dist/common/error-sanitizer.d.ts +67 -0
package/dist/common/error-sanitizer.d.ts.map +1 -0
package/dist/common/error-sanitizer.js +298 -0
package/dist/common/error-sanitizer.js.map +1 -0
package/dist/common/errors.d.ts +229 -0
package/dist/common/errors.d.ts.map +1 -0
package/dist/common/errors.js +349 -0
package/dist/common/errors.js.map +1 -0
package/dist/common/expression/evaluator.d.ts +58 -0
package/dist/common/expression/evaluator.d.ts.map +1 -0
package/dist/common/expression/evaluator.js +326 -0
package/dist/common/expression/evaluator.js.map +1 -0
package/dist/common/expression/index.d.ts +180 -0
package/dist/common/expression/index.d.ts.map +1 -0
package/dist/common/expression/index.js +198 -0
package/dist/common/expression/index.js.map +1 -0
package/dist/common/expression/lexer.d.ts +69 -0
package/dist/common/expression/lexer.d.ts.map +1 -0
package/dist/common/expression/lexer.js +255 -0
package/dist/common/expression/lexer.js.map +1 -0
package/dist/common/expression/parser.d.ts +133 -0
package/dist/common/expression/parser.d.ts.map +1 -0
package/dist/common/expression/parser.js +293 -0
package/dist/common/expression/parser.js.map +1 -0
package/dist/common/group-membership.d.ts +119 -0
package/dist/common/group-membership.d.ts.map +1 -0
package/dist/common/group-membership.js +250 -0
package/dist/common/group-membership.js.map +1 -0
package/dist/common/index.d.ts +14 -0
package/dist/common/index.d.ts.map +1 -0
package/dist/common/index.js +15 -0
package/dist/common/index.js.map +1 -0
package/dist/common/leader-election.d.ts +40 -0
package/dist/common/leader-election.d.ts.map +1 -0
package/dist/common/leader-election.js +232 -0
package/dist/common/leader-election.js.map +1 -0
package/dist/common/lock.d.ts +77 -0
package/dist/common/lock.d.ts.map +1 -0
package/dist/common/lock.js +167 -0
package/dist/common/lock.js.map +1 -0
package/dist/common/logger.d.ts +19 -0
package/dist/common/logger.d.ts.map +1 -0
package/dist/common/logger.js +80 -0
package/dist/common/logger.js.map +1 -0
package/dist/common/metrics-registry.d.ts +48 -0
package/dist/common/metrics-registry.d.ts.map +1 -0
package/dist/common/metrics-registry.js +77 -0
package/dist/common/metrics-registry.js.map +1 -0
package/dist/common/metrics.d.ts +204 -0
package/dist/common/metrics.d.ts.map +1 -0
package/dist/common/metrics.js +497 -0
package/dist/common/metrics.js.map +1 -0
package/dist/common/operation-tracker.d.ts +137 -0
package/dist/common/operation-tracker.d.ts.map +1 -0
package/dist/common/operation-tracker.js +366 -0
package/dist/common/operation-tracker.js.map +1 -0
package/dist/common/provenance/chain.d.ts +54 -0
package/dist/common/provenance/chain.d.ts.map +1 -0
package/dist/common/provenance/chain.js +252 -0
package/dist/common/provenance/chain.js.map +1 -0
package/dist/common/provenance/index.d.ts +14 -0
package/dist/common/provenance/index.d.ts.map +1 -0
package/dist/common/provenance/index.js +19 -0
package/dist/common/provenance/index.js.map +1 -0
package/dist/common/provenance/query.d.ts +111 -0
package/dist/common/provenance/query.d.ts.map +1 -0
package/dist/common/provenance/query.js +310 -0
package/dist/common/provenance/query.js.map +1 -0
package/dist/common/provenance/storage.d.ts +297 -0
package/dist/common/provenance/storage.d.ts.map +1 -0
package/dist/common/provenance/storage.js +436 -0
package/dist/common/provenance/storage.js.map +1 -0
package/dist/common/provenance/tracker.d.ts +57 -0
package/dist/common/provenance/tracker.d.ts.map +1 -0
package/dist/common/provenance/tracker.js +209 -0
package/dist/common/provenance/tracker.js.map +1 -0
package/dist/common/provenance/types.d.ts +146 -0
package/dist/common/provenance/types.d.ts.map +1 -0
package/dist/common/provenance/types.js +10 -0
package/dist/common/provenance/types.js.map +1 -0
package/dist/common/random.d.ts +84 -0
package/dist/common/random.d.ts.map +1 -0
package/dist/common/random.js +130 -0
package/dist/common/random.js.map +1 -0
package/dist/common/redaction.d.ts +49 -0
package/dist/common/redaction.d.ts.map +1 -0
package/dist/common/redaction.js +217 -0
package/dist/common/redaction.js.map +1 -0
package/dist/common/redis-cluster.d.ts +538 -0
package/dist/common/redis-cluster.d.ts.map +1 -0
package/dist/common/redis-cluster.js +1539 -0
package/dist/common/redis-cluster.js.map +1 -0
package/dist/common/redis-resilience.d.ts +270 -0
package/dist/common/redis-resilience.d.ts.map +1 -0
package/dist/common/redis-resilience.js +586 -0
package/dist/common/redis-resilience.js.map +1 -0
package/dist/common/redis.d.ts +19 -0
package/dist/common/redis.d.ts.map +1 -0
package/dist/common/redis.js +73 -0
package/dist/common/redis.js.map +1 -0
package/dist/common/safe-json.d.ts +246 -0
package/dist/common/safe-json.d.ts.map +1 -0
package/dist/common/safe-json.js +442 -0
package/dist/common/safe-json.js.map +1 -0
package/dist/common/secret-generator.d.ts +142 -0
package/dist/common/secret-generator.d.ts.map +1 -0
package/dist/common/secret-generator.js +286 -0
package/dist/common/secret-generator.js.map +1 -0
package/dist/common/secure-fetch.d.ts +182 -0
package/dist/common/secure-fetch.d.ts.map +1 -0
package/dist/common/secure-fetch.js +657 -0
package/dist/common/secure-fetch.js.map +1 -0
package/dist/common/security-mode.d.ts +151 -0
package/dist/common/security-mode.d.ts.map +1 -0
package/dist/common/security-mode.js +482 -0
package/dist/common/security-mode.js.map +1 -0
package/dist/common/telemetry/index.d.ts +82 -0
package/dist/common/telemetry/index.d.ts.map +1 -0
package/dist/common/telemetry/index.js +198 -0
package/dist/common/telemetry/index.js.map +1 -0
package/dist/common/telemetry/instrumentation.d.ts +167 -0
package/dist/common/telemetry/instrumentation.d.ts.map +1 -0
package/dist/common/telemetry/instrumentation.js +492 -0
package/dist/common/telemetry/instrumentation.js.map +1 -0
package/dist/common/telemetry/metrics-bridge.d.ts +227 -0
package/dist/common/telemetry/metrics-bridge.d.ts.map +1 -0
package/dist/common/telemetry/metrics-bridge.js +437 -0
package/dist/common/telemetry/metrics-bridge.js.map +1 -0
package/dist/common/telemetry/middleware.d.ts +114 -0
package/dist/common/telemetry/middleware.d.ts.map +1 -0
package/dist/common/telemetry/middleware.js +353 -0
package/dist/common/telemetry/middleware.js.map +1 -0
package/dist/common/telemetry/propagation.d.ts +221 -0
package/dist/common/telemetry/propagation.d.ts.map +1 -0
package/dist/common/telemetry/propagation.js +409 -0
package/dist/common/telemetry/propagation.js.map +1 -0
package/dist/common/telemetry/spans.d.ts +295 -0
package/dist/common/telemetry/spans.d.ts.map +1 -0
package/dist/common/telemetry/spans.js +439 -0
package/dist/common/telemetry/spans.js.map +1 -0
package/dist/common/telemetry/tracer.d.ts +155 -0
package/dist/common/telemetry/tracer.d.ts.map +1 -0
package/dist/common/telemetry/tracer.js +343 -0
package/dist/common/telemetry/tracer.js.map +1 -0
package/dist/common/telemetry.d.ts +15 -0
package/dist/common/telemetry.d.ts.map +1 -0
package/dist/common/telemetry.js +61 -0
package/dist/common/telemetry.js.map +1 -0
package/dist/common/tenant-context.d.ts +253 -0
package/dist/common/tenant-context.d.ts.map +1 -0
package/dist/common/tenant-context.js +259 -0
package/dist/common/tenant-context.js.map +1 -0
package/dist/common/tenant-verification.d.ts +86 -0
package/dist/common/tenant-verification.d.ts.map +1 -0
package/dist/common/tenant-verification.js +184 -0
package/dist/common/tenant-verification.js.map +1 -0
package/dist/common/timeout.d.ts +40 -0
package/dist/common/timeout.d.ts.map +1 -0
package/dist/common/timeout.js +82 -0
package/dist/common/timeout.js.map +1 -0
package/dist/common/token-revocation.d.ts +44 -0
package/dist/common/token-revocation.d.ts.map +1 -0
package/dist/common/token-revocation.js +169 -0
package/dist/common/token-revocation.js.map +1 -0
package/dist/common/trace.d.ts +149 -0
package/dist/common/trace.d.ts.map +1 -0
package/dist/common/trace.js +328 -0
package/dist/common/trace.js.map +1 -0
package/dist/common/trust-cache.d.ts +263 -0
package/dist/common/trust-cache.d.ts.map +1 -0
package/dist/common/trust-cache.js +670 -0
package/dist/common/trust-cache.js.map +1 -0
package/dist/common/types.d.ts +351 -0
package/dist/common/types.d.ts.map +1 -0
package/dist/common/types.js +55 -0
package/dist/common/types.js.map +1 -0
package/dist/common/validation.d.ts +113 -0
package/dist/common/validation.d.ts.map +1 -0
package/dist/common/validation.js +221 -0
package/dist/common/validation.js.map +1 -0
package/dist/db/client.d.ts +72 -0
package/dist/db/client.d.ts.map +1 -0
package/dist/db/client.js +110 -0
package/dist/db/client.js.map +1 -0
package/dist/db/index.d.ts +9 -0
package/dist/db/index.d.ts.map +1 -0
package/dist/db/index.js +9 -0
package/dist/db/index.js.map +1 -0
package/dist/db/schema/merkle.d.ts +475 -0
package/dist/db/schema/merkle.d.ts.map +1 -0
package/dist/db/schema/merkle.js +100 -0
package/dist/db/schema/merkle.js.map +1 -0
package/dist/db/schema/proofs.d.ts +412 -0
package/dist/db/schema/proofs.d.ts.map +1 -0
package/dist/db/schema/proofs.js +63 -0
package/dist/db/schema/proofs.js.map +1 -0
package/dist/enforce/adapters.d.ts +73 -0
package/dist/enforce/adapters.d.ts.map +1 -0
package/dist/enforce/adapters.js +293 -0
package/dist/enforce/adapters.js.map +1 -0
package/dist/enforce/index.d.ts +213 -0
package/dist/enforce/index.d.ts.map +1 -0
package/dist/enforce/index.js +630 -0
package/dist/enforce/index.js.map +1 -0
package/dist/enforce/repository.d.ts +203 -0
package/dist/enforce/repository.d.ts.map +1 -0
package/dist/enforce/repository.js +359 -0
package/dist/enforce/repository.js.map +1 -0
package/dist/enforce/schema.d.ts +1198 -0
package/dist/enforce/schema.d.ts.map +1 -0
package/dist/enforce/schema.js +257 -0
package/dist/enforce/schema.js.map +1 -0
package/dist/friction/index.d.ts +235 -0
package/dist/friction/index.d.ts.map +1 -0
package/dist/friction/index.js +636 -0
package/dist/friction/index.js.map +1 -0
package/dist/friction/openapi.d.ts +23 -0
package/dist/friction/openapi.d.ts.map +1 -0
package/dist/friction/openapi.js +883 -0
package/dist/friction/openapi.js.map +1 -0
package/dist/friction/routes.d.ts +14 -0
package/dist/friction/routes.d.ts.map +1 -0
package/dist/friction/routes.js +206 -0
package/dist/friction/routes.js.map +1 -0
package/dist/governance/engine.d.ts +158 -0
package/dist/governance/engine.d.ts.map +1 -0
package/dist/governance/engine.js +248 -0
package/dist/governance/engine.js.map +1 -0
package/dist/governance/evaluator.d.ts +106 -0
package/dist/governance/evaluator.d.ts.map +1 -0
package/dist/governance/evaluator.js +277 -0
package/dist/governance/evaluator.js.map +1 -0
package/dist/governance/index.d.ts +11 -0
package/dist/governance/index.d.ts.map +1 -0
package/dist/governance/index.js +14 -0
package/dist/governance/index.js.map +1 -0
package/dist/governance/policy.d.ts +152 -0
package/dist/governance/policy.d.ts.map +1 -0
package/dist/governance/policy.js +152 -0
package/dist/governance/policy.js.map +1 -0
package/dist/index.d.ts +50 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +61 -0
package/dist/index.js.map +1 -0
package/dist/intent/adapters.d.ts +101 -0
package/dist/intent/adapters.d.ts.map +1 -0
package/dist/intent/adapters.js +250 -0
package/dist/intent/adapters.js.map +1 -0
package/dist/intent/audit.d.ts +119 -0
package/dist/intent/audit.d.ts.map +1 -0
package/dist/intent/audit.js +463 -0
package/dist/intent/audit.js.map +1 -0
package/dist/intent/classifier/index.d.ts +121 -0
package/dist/intent/classifier/index.d.ts.map +1 -0
package/dist/intent/classifier/index.js +232 -0
package/dist/intent/classifier/index.js.map +1 -0
package/dist/intent/classifier/patterns.d.ts +129 -0
package/dist/intent/classifier/patterns.d.ts.map +1 -0
package/dist/intent/classifier/patterns.js +471 -0
package/dist/intent/classifier/patterns.js.map +1 -0
package/dist/intent/classifier/risk.d.ts +177 -0
package/dist/intent/classifier/risk.d.ts.map +1 -0
package/dist/intent/classifier/risk.js +335 -0
package/dist/intent/classifier/risk.js.map +1 -0
package/dist/intent/cleanup.d.ts +24 -0
package/dist/intent/cleanup.d.ts.map +1 -0
package/dist/intent/cleanup.js +104 -0
package/dist/intent/cleanup.js.map +1 -0
package/dist/intent/consent.d.ts +238 -0
package/dist/intent/consent.d.ts.map +1 -0
package/dist/intent/consent.js +427 -0
package/dist/intent/consent.js.map +1 -0
package/dist/intent/escalation.d.ts +284 -0
package/dist/intent/escalation.d.ts.map +1 -0
package/dist/intent/escalation.js +618 -0
package/dist/intent/escalation.js.map +1 -0
package/dist/intent/gdpr-rate-limiter.d.ts +170 -0
package/dist/intent/gdpr-rate-limiter.d.ts.map +1 -0
package/dist/intent/gdpr-rate-limiter.js +385 -0
package/dist/intent/gdpr-rate-limiter.js.map +1 -0
package/dist/intent/gdpr.d.ts +323 -0
package/dist/intent/gdpr.d.ts.map +1 -0
package/dist/intent/gdpr.js +1013 -0
package/dist/intent/gdpr.js.map +1 -0
package/dist/intent/health.d.ts +214 -0
package/dist/intent/health.d.ts.map +1 -0
package/dist/intent/health.js +526 -0
package/dist/intent/health.js.map +1 -0
package/dist/intent/index.d.ts +565 -0
package/dist/intent/index.d.ts.map +1 -0
package/dist/intent/index.js +756 -0
package/dist/intent/index.js.map +1 -0
package/dist/intent/metrics.d.ts +399 -0
package/dist/intent/metrics.d.ts.map +1 -0
package/dist/intent/metrics.js +886 -0
package/dist/intent/metrics.js.map +1 -0
package/dist/intent/openapi.d.ts +22 -0
package/dist/intent/openapi.d.ts.map +1 -0
package/dist/intent/openapi.js +1674 -0
package/dist/intent/openapi.js.map +1 -0
package/dist/intent/planner/dependency.d.ts +78 -0
package/dist/intent/planner/dependency.d.ts.map +1 -0
package/dist/intent/planner/dependency.js +334 -0
package/dist/intent/planner/dependency.js.map +1 -0
package/dist/intent/planner/index.d.ts +130 -0
package/dist/intent/planner/index.d.ts.map +1 -0
package/dist/intent/planner/index.js +372 -0
package/dist/intent/planner/index.js.map +1 -0
package/dist/intent/planner/rollback.d.ts +92 -0
package/dist/intent/planner/rollback.d.ts.map +1 -0
package/dist/intent/planner/rollback.js +326 -0
package/dist/intent/planner/rollback.js.map +1 -0
package/dist/intent/planner/templates.d.ts +81 -0
package/dist/intent/planner/templates.d.ts.map +1 -0
package/dist/intent/planner/templates.js +560 -0
package/dist/intent/planner/templates.js.map +1 -0
package/dist/intent/planner/types.d.ts +38 -0
package/dist/intent/planner/types.d.ts.map +1 -0
package/dist/intent/planner/types.js +10 -0
package/dist/intent/planner/types.js.map +1 -0
package/dist/intent/queue.d.ts +150 -0
package/dist/intent/queue.d.ts.map +1 -0
package/dist/intent/queue.js +339 -0
package/dist/intent/queue.js.map +1 -0
package/dist/intent/queues.d.ts +176 -0
package/dist/intent/queues.d.ts.map +1 -0
package/dist/intent/queues.js +1393 -0
package/dist/intent/queues.js.map +1 -0
package/dist/intent/ratelimit.d.ts +147 -0
package/dist/intent/ratelimit.d.ts.map +1 -0
package/dist/intent/ratelimit.js +301 -0
package/dist/intent/ratelimit.js.map +1 -0
package/dist/intent/replay/comparator.d.ts +73 -0
package/dist/intent/replay/comparator.d.ts.map +1 -0
package/dist/intent/replay/comparator.js +320 -0
package/dist/intent/replay/comparator.js.map +1 -0
package/dist/intent/replay/index.d.ts +104 -0
package/dist/intent/replay/index.d.ts.map +1 -0
package/dist/intent/replay/index.js +487 -0
package/dist/intent/replay/index.js.map +1 -0
package/dist/intent/replay/simulator.d.ts +184 -0
package/dist/intent/replay/simulator.d.ts.map +1 -0
package/dist/intent/replay/simulator.js +512 -0
package/dist/intent/replay/simulator.js.map +1 -0
package/dist/intent/replay/snapshot.d.ts +149 -0
package/dist/intent/replay/snapshot.d.ts.map +1 -0
package/dist/intent/replay/snapshot.js +245 -0
package/dist/intent/replay/snapshot.js.map +1 -0
package/dist/intent/replay/types.d.ts +143 -0
package/dist/intent/replay/types.d.ts.map +1 -0
package/dist/intent/replay/types.js +10 -0
package/dist/intent/replay/types.js.map +1 -0
package/dist/intent/repository.d.ts +198 -0
package/dist/intent/repository.d.ts.map +1 -0
package/dist/intent/repository.js +538 -0
package/dist/intent/repository.js.map +1 -0
package/dist/intent/response-middleware.d.ts +156 -0
package/dist/intent/response-middleware.d.ts.map +1 -0
package/dist/intent/response-middleware.js +346 -0
package/dist/intent/response-middleware.js.map +1 -0
package/dist/intent/response.d.ts +267 -0
package/dist/intent/response.d.ts.map +1 -0
package/dist/intent/response.js +402 -0
package/dist/intent/response.js.map +1 -0
package/dist/intent/routes.d.ts +35 -0
package/dist/intent/routes.d.ts.map +1 -0
package/dist/intent/routes.js +1023 -0
package/dist/intent/routes.js.map +1 -0
package/dist/intent/scheduler.d.ts +45 -0
package/dist/intent/scheduler.d.ts.map +1 -0
package/dist/intent/scheduler.js +221 -0
package/dist/intent/scheduler.js.map +1 -0
package/dist/intent/schema.d.ts +3817 -0
package/dist/intent/schema.d.ts.map +1 -0
package/dist/intent/schema.js +631 -0
package/dist/intent/schema.js.map +1 -0
package/dist/intent/shutdown.d.ts +145 -0
package/dist/intent/shutdown.d.ts.map +1 -0
package/dist/intent/shutdown.js +468 -0
package/dist/intent/shutdown.js.map +1 -0
package/dist/intent/state-machine.d.ts +111 -0
package/dist/intent/state-machine.d.ts.map +1 -0
package/dist/intent/state-machine.js +242 -0
package/dist/intent/state-machine.js.map +1 -0
package/dist/intent/tracing.d.ts +152 -0
package/dist/intent/tracing.d.ts.map +1 -0
package/dist/intent/tracing.js +658 -0
package/dist/intent/tracing.js.map +1 -0
package/dist/intent/types.d.ts +188 -0
package/dist/intent/types.d.ts.map +1 -0
package/dist/intent/types.js +25 -0
package/dist/intent/types.js.map +1 -0
package/dist/intent/webhooks/delivery-repository.d.ts +80 -0
package/dist/intent/webhooks/delivery-repository.d.ts.map +1 -0
package/dist/intent/webhooks/delivery-repository.js +251 -0
package/dist/intent/webhooks/delivery-repository.js.map +1 -0
package/dist/intent/webhooks/dns-pinning.d.ts +30 -0
package/dist/intent/webhooks/dns-pinning.d.ts.map +1 -0
package/dist/intent/webhooks/dns-pinning.js +69 -0
package/dist/intent/webhooks/dns-pinning.js.map +1 -0
package/dist/intent/webhooks/index.d.ts +14 -0
package/dist/intent/webhooks/index.d.ts.map +1 -0
package/dist/intent/webhooks/index.js +17 -0
package/dist/intent/webhooks/index.js.map +1 -0
package/dist/intent/webhooks/signature.d.ts +47 -0
package/dist/intent/webhooks/signature.d.ts.map +1 -0
package/dist/intent/webhooks/signature.js +80 -0
package/dist/intent/webhooks/signature.js.map +1 -0
package/dist/intent/webhooks/ssrf-protection.d.ts +29 -0
package/dist/intent/webhooks/ssrf-protection.d.ts.map +1 -0
package/dist/intent/webhooks/ssrf-protection.js +161 -0
package/dist/intent/webhooks/ssrf-protection.js.map +1 -0
package/dist/intent/webhooks/types.d.ts +132 -0
package/dist/intent/webhooks/types.d.ts.map +1 -0
package/dist/intent/webhooks/types.js +14 -0
package/dist/intent/webhooks/types.js.map +1 -0
package/dist/intent/webhooks.d.ts +618 -0
package/dist/intent/webhooks.d.ts.map +1 -0
package/dist/intent/webhooks.js +1836 -0
package/dist/intent/webhooks.js.map +1 -0
package/dist/intent-gateway/ai-act-classifier.d.ts +18 -0
package/dist/intent-gateway/ai-act-classifier.d.ts.map +1 -0
package/dist/intent-gateway/ai-act-classifier.js +296 -0
package/dist/intent-gateway/ai-act-classifier.js.map +1 -0
package/dist/intent-gateway/index.d.ts +43 -0
package/dist/intent-gateway/index.d.ts.map +1 -0
package/dist/intent-gateway/index.js +236 -0
package/dist/intent-gateway/index.js.map +1 -0
package/dist/intent-gateway/jurisdiction-resolver.d.ts +19 -0
package/dist/intent-gateway/jurisdiction-resolver.d.ts.map +1 -0
package/dist/intent-gateway/jurisdiction-resolver.js +236 -0
package/dist/intent-gateway/jurisdiction-resolver.js.map +1 -0
package/dist/intent-gateway/policy-composer.d.ts +27 -0
package/dist/intent-gateway/policy-composer.d.ts.map +1 -0
package/dist/intent-gateway/policy-composer.js +418 -0
package/dist/intent-gateway/policy-composer.js.map +1 -0
package/dist/intent-gateway/regime-selector.d.ts +26 -0
package/dist/intent-gateway/regime-selector.d.ts.map +1 -0
package/dist/intent-gateway/regime-selector.js +185 -0
package/dist/intent-gateway/regime-selector.js.map +1 -0
package/dist/intent-gateway/types.d.ts +103 -0
package/dist/intent-gateway/types.d.ts.map +1 -0
package/dist/intent-gateway/types.js +85 -0
package/dist/intent-gateway/types.js.map +1 -0
package/dist/observability/alerts.d.ts +136 -0
package/dist/observability/alerts.d.ts.map +1 -0
package/dist/observability/alerts.js +485 -0
package/dist/observability/alerts.js.map +1 -0
package/dist/observability/health.d.ts +102 -0
package/dist/observability/health.d.ts.map +1 -0
package/dist/observability/health.js +415 -0
package/dist/observability/health.js.map +1 -0
package/dist/observability/index.d.ts +29 -0
package/dist/observability/index.d.ts.map +1 -0
package/dist/observability/index.js +72 -0
package/dist/observability/index.js.map +1 -0
package/dist/observability/logging.d.ts +90 -0
package/dist/observability/logging.d.ts.map +1 -0
package/dist/observability/logging.js +260 -0
package/dist/observability/logging.js.map +1 -0
package/dist/observability/metrics.d.ts +226 -0
package/dist/observability/metrics.d.ts.map +1 -0
package/dist/observability/metrics.js +527 -0
package/dist/observability/metrics.js.map +1 -0
package/dist/observability/tracing.d.ts +120 -0
package/dist/observability/tracing.d.ts.map +1 -0
package/dist/observability/tracing.js +285 -0
package/dist/observability/tracing.js.map +1 -0
package/dist/persistence/audit.d.ts +169 -0
package/dist/persistence/audit.d.ts.map +1 -0
package/dist/persistence/audit.js +342 -0
package/dist/persistence/audit.js.map +1 -0
package/dist/persistence/index.d.ts +13 -0
package/dist/persistence/index.d.ts.map +1 -0
package/dist/persistence/index.js +15 -0
package/dist/persistence/index.js.map +1 -0
package/dist/persistence/repository.d.ts +192 -0
package/dist/persistence/repository.d.ts.map +1 -0
package/dist/persistence/repository.js +223 -0
package/dist/persistence/repository.js.map +1 -0
package/dist/policy/diff.d.ts +88 -0
package/dist/policy/diff.d.ts.map +1 -0
package/dist/policy/diff.js +325 -0
package/dist/policy/diff.js.map +1 -0
package/dist/policy/distributed-cache.d.ts +205 -0
package/dist/policy/distributed-cache.d.ts.map +1 -0
package/dist/policy/distributed-cache.js +683 -0
package/dist/policy/distributed-cache.js.map +1 -0
package/dist/policy/evaluator.d.ts +102 -0
package/dist/policy/evaluator.d.ts.map +1 -0
package/dist/policy/evaluator.js +648 -0
package/dist/policy/evaluator.js.map +1 -0
package/dist/policy/index.d.ts +24 -0
package/dist/policy/index.d.ts.map +1 -0
package/dist/policy/index.js +27 -0
package/dist/policy/index.js.map +1 -0
package/dist/policy/loader.d.ts +63 -0
package/dist/policy/loader.d.ts.map +1 -0
package/dist/policy/loader.js +176 -0
package/dist/policy/loader.js.map +1 -0
package/dist/policy/service.d.ts +240 -0
package/dist/policy/service.d.ts.map +1 -0
package/dist/policy/service.js +1032 -0
package/dist/policy/service.js.map +1 -0
package/dist/policy/types.d.ts +220 -0
package/dist/policy/types.d.ts.map +1 -0
package/dist/policy/types.js +36 -0
package/dist/policy/types.js.map +1 -0
package/dist/policy/visual-builder/index.d.ts +201 -0
package/dist/policy/visual-builder/index.d.ts.map +1 -0
package/dist/policy/visual-builder/index.js +727 -0
package/dist/policy/visual-builder/index.js.map +1 -0
package/dist/policy/visual-builder/inheritance.d.ts +151 -0
package/dist/policy/visual-builder/inheritance.d.ts.map +1 -0
package/dist/policy/visual-builder/inheritance.js +314 -0
package/dist/policy/visual-builder/inheritance.js.map +1 -0
package/dist/policy/visual-builder/propagation.d.ts +146 -0
package/dist/policy/visual-builder/propagation.d.ts.map +1 -0
package/dist/policy/visual-builder/propagation.js +299 -0
package/dist/policy/visual-builder/propagation.js.map +1 -0
package/dist/policy/visual-builder/routes.d.ts +14 -0
package/dist/policy/visual-builder/routes.d.ts.map +1 -0
package/dist/policy/visual-builder/routes.js +528 -0
package/dist/policy/visual-builder/routes.js.map +1 -0
package/dist/policy/visual-builder/simulator.d.ts +161 -0
package/dist/policy/visual-builder/simulator.d.ts.map +1 -0
package/dist/policy/visual-builder/simulator.js +413 -0
package/dist/policy/visual-builder/simulator.js.map +1 -0
package/dist/policy/visual-builder/templates.d.ts +119 -0
package/dist/policy/visual-builder/templates.d.ts.map +1 -0
package/dist/policy/visual-builder/templates.js +627 -0
package/dist/policy/visual-builder/templates.js.map +1 -0
package/dist/proof/chain/index.d.ts +271 -0
package/dist/proof/chain/index.d.ts.map +1 -0
package/dist/proof/chain/index.js +483 -0
package/dist/proof/chain/index.js.map +1 -0
package/dist/proof/index.d.ts +206 -0
package/dist/proof/index.d.ts.map +1 -0
package/dist/proof/index.js +597 -0
package/dist/proof/index.js.map +1 -0
package/dist/proof/merkle-service.d.ts +194 -0
package/dist/proof/merkle-service.d.ts.map +1 -0
package/dist/proof/merkle-service.js +463 -0
package/dist/proof/merkle-service.js.map +1 -0
package/dist/proof/merkle.d.ts +118 -0
package/dist/proof/merkle.d.ts.map +1 -0
package/dist/proof/merkle.js +265 -0
package/dist/proof/merkle.js.map +1 -0
package/dist/security/ai-governance/access-policy.d.ts +197 -0
package/dist/security/ai-governance/access-policy.d.ts.map +1 -0
package/dist/security/ai-governance/access-policy.js +522 -0
package/dist/security/ai-governance/access-policy.js.map +1 -0
package/dist/security/ai-governance/audit-trail.d.ts +241 -0
package/dist/security/ai-governance/audit-trail.d.ts.map +1 -0
package/dist/security/ai-governance/audit-trail.js +645 -0
package/dist/security/ai-governance/audit-trail.js.map +1 -0
package/dist/security/ai-governance/bias-detection.d.ts +221 -0
package/dist/security/ai-governance/bias-detection.d.ts.map +1 -0
package/dist/security/ai-governance/bias-detection.js +615 -0
package/dist/security/ai-governance/bias-detection.js.map +1 -0
package/dist/security/ai-governance/index.d.ts +92 -0
package/dist/security/ai-governance/index.d.ts.map +1 -0
package/dist/security/ai-governance/index.js +184 -0
package/dist/security/ai-governance/index.js.map +1 -0
package/dist/security/ai-governance/middleware.d.ts +110 -0
package/dist/security/ai-governance/middleware.d.ts.map +1 -0
package/dist/security/ai-governance/middleware.js +359 -0
package/dist/security/ai-governance/middleware.js.map +1 -0
package/dist/security/ai-governance/model-registry.d.ts +229 -0
package/dist/security/ai-governance/model-registry.d.ts.map +1 -0
package/dist/security/ai-governance/model-registry.js +535 -0
package/dist/security/ai-governance/model-registry.js.map +1 -0
package/dist/security/ai-governance/output-filter.d.ts +150 -0
package/dist/security/ai-governance/output-filter.d.ts.map +1 -0
package/dist/security/ai-governance/output-filter.js +561 -0
package/dist/security/ai-governance/output-filter.js.map +1 -0
package/dist/security/ai-governance/prompt-injection.d.ts +153 -0
package/dist/security/ai-governance/prompt-injection.d.ts.map +1 -0
package/dist/security/ai-governance/prompt-injection.js +614 -0
package/dist/security/ai-governance/prompt-injection.js.map +1 -0
package/dist/security/ai-governance/rate-limiter.d.ts +156 -0
package/dist/security/ai-governance/rate-limiter.d.ts.map +1 -0
package/dist/security/ai-governance/rate-limiter.js +541 -0
package/dist/security/ai-governance/rate-limiter.js.map +1 -0
package/dist/security/ai-governance/types.d.ts +594 -0
package/dist/security/ai-governance/types.d.ts.map +1 -0
package/dist/security/ai-governance/types.js +6 -0
package/dist/security/ai-governance/types.js.map +1 -0
package/dist/security/alerting/channels/base.d.ts +91 -0
package/dist/security/alerting/channels/base.d.ts.map +1 -0
package/dist/security/alerting/channels/base.js +128 -0
package/dist/security/alerting/channels/base.js.map +1 -0
package/dist/security/alerting/channels/email.d.ts +92 -0
package/dist/security/alerting/channels/email.d.ts.map +1 -0
package/dist/security/alerting/channels/email.js +418 -0
package/dist/security/alerting/channels/email.js.map +1 -0
package/dist/security/alerting/channels/http-base.d.ts +86 -0
package/dist/security/alerting/channels/http-base.d.ts.map +1 -0
package/dist/security/alerting/channels/http-base.js +133 -0
package/dist/security/alerting/channels/http-base.js.map +1 -0
package/dist/security/alerting/channels/index.d.ts +30 -0
package/dist/security/alerting/channels/index.d.ts.map +1 -0
package/dist/security/alerting/channels/index.js +22 -0
package/dist/security/alerting/channels/index.js.map +1 -0
package/dist/security/alerting/channels/pagerduty.d.ts +70 -0
package/dist/security/alerting/channels/pagerduty.d.ts.map +1 -0
package/dist/security/alerting/channels/pagerduty.js +248 -0
package/dist/security/alerting/channels/pagerduty.js.map +1 -0
package/dist/security/alerting/channels/slack.d.ts +55 -0
package/dist/security/alerting/channels/slack.d.ts.map +1 -0
package/dist/security/alerting/channels/slack.js +215 -0
package/dist/security/alerting/channels/slack.js.map +1 -0
package/dist/security/alerting/channels/sns.d.ts +87 -0
package/dist/security/alerting/channels/sns.d.ts.map +1 -0
package/dist/security/alerting/channels/sns.js +251 -0
package/dist/security/alerting/channels/sns.js.map +1 -0
package/dist/security/alerting/channels/webhook.d.ts +92 -0
package/dist/security/alerting/channels/webhook.d.ts.map +1 -0
package/dist/security/alerting/channels/webhook.js +203 -0
package/dist/security/alerting/channels/webhook.js.map +1 -0
package/dist/security/alerting/detector.d.ts +217 -0
package/dist/security/alerting/detector.d.ts.map +1 -0
package/dist/security/alerting/detector.js +725 -0
package/dist/security/alerting/detector.js.map +1 -0
package/dist/security/alerting/index.d.ts +57 -0
package/dist/security/alerting/index.d.ts.map +1 -0
package/dist/security/alerting/index.js +214 -0
package/dist/security/alerting/index.js.map +1 -0
package/dist/security/alerting/service.d.ts +190 -0
package/dist/security/alerting/service.d.ts.map +1 -0
package/dist/security/alerting/service.js +815 -0
package/dist/security/alerting/service.js.map +1 -0
package/dist/security/alerting/types.d.ts +2165 -0
package/dist/security/alerting/types.d.ts.map +1 -0
package/dist/security/alerting/types.js +278 -0
package/dist/security/alerting/types.js.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts +198 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.js +815 -0
package/dist/security/anomaly/detectors/account-compromise.js.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts +175 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.js +733 -0
package/dist/security/anomaly/detectors/data-exfiltration.js.map +1 -0
package/dist/security/anomaly/detectors/geographic.d.ts +100 -0
package/dist/security/anomaly/detectors/geographic.d.ts.map +1 -0
package/dist/security/anomaly/detectors/geographic.js +348 -0
package/dist/security/anomaly/detectors/geographic.js.map +1 -0
package/dist/security/anomaly/detectors/index.d.ts +86 -0
package/dist/security/anomaly/detectors/index.d.ts.map +1 -0
package/dist/security/anomaly/detectors/index.js +118 -0
package/dist/security/anomaly/detectors/index.js.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts +168 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.js +795 -0
package/dist/security/anomaly/detectors/lateral-movement.js.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts +177 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.js +741 -0
package/dist/security/anomaly/detectors/privilege-escalation.js.map +1 -0
package/dist/security/anomaly/detectors/temporal.d.ts +71 -0
package/dist/security/anomaly/detectors/temporal.d.ts.map +1 -0
package/dist/security/anomaly/detectors/temporal.js +398 -0
package/dist/security/anomaly/detectors/temporal.js.map +1 -0
package/dist/security/anomaly/detectors/volume.d.ts +97 -0
package/dist/security/anomaly/detectors/volume.d.ts.map +1 -0
package/dist/security/anomaly/detectors/volume.js +424 -0
package/dist/security/anomaly/detectors/volume.js.map +1 -0
package/dist/security/anomaly/index.d.ts +128 -0
package/dist/security/anomaly/index.d.ts.map +1 -0
package/dist/security/anomaly/index.js +378 -0
package/dist/security/anomaly/index.js.map +1 -0
package/dist/security/anomaly/types.d.ts +1209 -0
package/dist/security/anomaly/types.d.ts.map +1 -0
package/dist/security/anomaly/types.js +193 -0
package/dist/security/anomaly/types.js.map +1 -0
package/dist/security/api-keys/cache.d.ts +255 -0
package/dist/security/api-keys/cache.d.ts.map +1 -0
package/dist/security/api-keys/cache.js +595 -0
package/dist/security/api-keys/cache.js.map +1 -0
package/dist/security/api-keys/db-store.d.ts +150 -0
package/dist/security/api-keys/db-store.d.ts.map +1 -0
package/dist/security/api-keys/db-store.js +694 -0
package/dist/security/api-keys/db-store.js.map +1 -0
package/dist/security/api-keys/index.d.ts +29 -0
package/dist/security/api-keys/index.d.ts.map +1 -0
package/dist/security/api-keys/index.js +81 -0
package/dist/security/api-keys/index.js.map +1 -0
package/dist/security/api-keys/middleware.d.ts +164 -0
package/dist/security/api-keys/middleware.d.ts.map +1 -0
package/dist/security/api-keys/middleware.js +392 -0
package/dist/security/api-keys/middleware.js.map +1 -0
package/dist/security/api-keys/service.d.ts +226 -0
package/dist/security/api-keys/service.d.ts.map +1 -0
package/dist/security/api-keys/service.js +861 -0
package/dist/security/api-keys/service.js.map +1 -0
package/dist/security/api-keys/store.d.ts +241 -0
package/dist/security/api-keys/store.d.ts.map +1 -0
package/dist/security/api-keys/store.js +360 -0
package/dist/security/api-keys/store.js.map +1 -0
package/dist/security/api-keys/types.d.ts +718 -0
package/dist/security/api-keys/types.d.ts.map +1 -0
package/dist/security/api-keys/types.js +162 -0
package/dist/security/api-keys/types.js.map +1 -0
package/dist/security/brute-force.d.ts +390 -0
package/dist/security/brute-force.d.ts.map +1 -0
package/dist/security/brute-force.js +677 -0
package/dist/security/brute-force.js.map +1 -0
package/dist/security/config-validator.d.ts +152 -0
package/dist/security/config-validator.d.ts.map +1 -0
package/dist/security/config-validator.js +667 -0
package/dist/security/config-validator.js.map +1 -0
package/dist/security/crypto/fips-mode.d.ts +726 -0
package/dist/security/crypto/fips-mode.d.ts.map +1 -0
package/dist/security/crypto/fips-mode.js +1297 -0
package/dist/security/crypto/fips-mode.js.map +1 -0
package/dist/security/crypto/index.d.ts +203 -0
package/dist/security/crypto/index.d.ts.map +1 -0
package/dist/security/crypto/index.js +293 -0
package/dist/security/crypto/index.js.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts +125 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.js +530 -0
package/dist/security/crypto/post-quantum/benchmark.js.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts +146 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.js +662 -0
package/dist/security/crypto/post-quantum/dilithium.js.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts +267 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.js +457 -0
package/dist/security/crypto/post-quantum/hybrid.js.map +1 -0
package/dist/security/crypto/post-quantum/index.d.ts +166 -0
package/dist/security/crypto/post-quantum/index.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/index.js +236 -0
package/dist/security/crypto/post-quantum/index.js.map +1 -0
package/dist/security/crypto/post-quantum/kyber.d.ts +131 -0
package/dist/security/crypto/post-quantum/kyber.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/kyber.js +640 -0
package/dist/security/crypto/post-quantum/kyber.js.map +1 -0
package/dist/security/crypto/post-quantum/migration.d.ts +230 -0
package/dist/security/crypto/post-quantum/migration.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/migration.js +563 -0
package/dist/security/crypto/post-quantum/migration.js.map +1 -0
package/dist/security/crypto/post-quantum/types.d.ts +1056 -0
package/dist/security/crypto/post-quantum/types.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/types.js +350 -0
package/dist/security/crypto/post-quantum/types.js.map +1 -0
package/dist/security/crypto/shamir/comparison.d.ts +128 -0
package/dist/security/crypto/shamir/comparison.d.ts.map +1 -0
package/dist/security/crypto/shamir/comparison.js +423 -0
package/dist/security/crypto/shamir/comparison.js.map +1 -0
package/dist/security/crypto/shamir/index.d.ts +76 -0
package/dist/security/crypto/shamir/index.d.ts.map +1 -0
package/dist/security/crypto/shamir/index.js +155 -0
package/dist/security/crypto/shamir/index.js.map +1 -0
package/dist/security/crypto/shamir/proofs.d.ts +259 -0
package/dist/security/crypto/shamir/proofs.d.ts.map +1 -0
package/dist/security/crypto/shamir/proofs.js +605 -0
package/dist/security/crypto/shamir/proofs.js.map +1 -0
package/dist/security/crypto/shamir/property-tests.d.ts +104 -0
package/dist/security/crypto/shamir/property-tests.d.ts.map +1 -0
package/dist/security/crypto/shamir/property-tests.js +480 -0
package/dist/security/crypto/shamir/property-tests.js.map +1 -0
package/dist/security/crypto/shamir/security-analysis.d.ts +97 -0
package/dist/security/crypto/shamir/security-analysis.d.ts.map +1 -0
package/dist/security/crypto/shamir/security-analysis.js +503 -0
package/dist/security/crypto/shamir/security-analysis.js.map +1 -0
package/dist/security/crypto/shamir/test-vectors.d.ts +116 -0
package/dist/security/crypto/shamir/test-vectors.d.ts.map +1 -0
package/dist/security/crypto/shamir/test-vectors.js +377 -0
package/dist/security/crypto/shamir/test-vectors.js.map +1 -0
package/dist/security/crypto/shamir/types.d.ts +281 -0
package/dist/security/crypto/shamir/types.d.ts.map +1 -0
package/dist/security/crypto/shamir/types.js +82 -0
package/dist/security/crypto/shamir/types.js.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts +170 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.js +624 -0
package/dist/security/crypto/shamir/verified-shamir.js.map +1 -0
package/dist/security/csrf.d.ts +215 -0
package/dist/security/csrf.d.ts.map +1 -0
package/dist/security/csrf.js +467 -0
package/dist/security/csrf.js.map +1 -0
package/dist/security/distributed-state.d.ts +331 -0
package/dist/security/distributed-state.d.ts.map +1 -0
package/dist/security/distributed-state.js +768 -0
package/dist/security/distributed-state.js.map +1 -0
package/dist/security/dlp/index.d.ts +27 -0
package/dist/security/dlp/index.d.ts.map +1 -0
package/dist/security/dlp/index.js +54 -0
package/dist/security/dlp/index.js.map +1 -0
package/dist/security/dlp/scanner.d.ts +451 -0
package/dist/security/dlp/scanner.d.ts.map +1 -0
package/dist/security/dlp/scanner.js +1241 -0
package/dist/security/dlp/scanner.js.map +1 -0
package/dist/security/dpop.d.ts +260 -0
package/dist/security/dpop.d.ts.map +1 -0
package/dist/security/dpop.js +1058 -0
package/dist/security/dpop.js.map +1 -0
package/dist/security/encryption/decorators.d.ts +263 -0
package/dist/security/encryption/decorators.d.ts.map +1 -0
package/dist/security/encryption/decorators.js +359 -0
package/dist/security/encryption/decorators.js.map +1 -0
package/dist/security/encryption/index.d.ts +83 -0
package/dist/security/encryption/index.d.ts.map +1 -0
package/dist/security/encryption/index.js +140 -0
package/dist/security/encryption/index.js.map +1 -0
package/dist/security/encryption/key-provider.d.ts +335 -0
package/dist/security/encryption/key-provider.d.ts.map +1 -0
package/dist/security/encryption/key-provider.js +853 -0
package/dist/security/encryption/key-provider.js.map +1 -0
package/dist/security/encryption/middleware.d.ts +279 -0
package/dist/security/encryption/middleware.d.ts.map +1 -0
package/dist/security/encryption/middleware.js +493 -0
package/dist/security/encryption/middleware.js.map +1 -0
package/dist/security/encryption/service.d.ts +164 -0
package/dist/security/encryption/service.d.ts.map +1 -0
package/dist/security/encryption/service.js +623 -0
package/dist/security/encryption/service.js.map +1 -0
package/dist/security/encryption/types.d.ts +745 -0
package/dist/security/encryption/types.d.ts.map +1 -0
package/dist/security/encryption/types.js +229 -0
package/dist/security/encryption/types.js.map +1 -0
package/dist/security/error-sanitizer.d.ts +329 -0
package/dist/security/error-sanitizer.d.ts.map +1 -0
package/dist/security/error-sanitizer.js +700 -0
package/dist/security/error-sanitizer.js.map +1 -0
package/dist/security/fingerprint-service.d.ts +139 -0
package/dist/security/fingerprint-service.d.ts.map +1 -0
package/dist/security/fingerprint-service.js +240 -0
package/dist/security/fingerprint-service.js.map +1 -0
package/dist/security/headers/csp.d.ts +270 -0
package/dist/security/headers/csp.d.ts.map +1 -0
package/dist/security/headers/csp.js +655 -0
package/dist/security/headers/csp.js.map +1 -0
package/dist/security/headers/hsts.d.ts +161 -0
package/dist/security/headers/hsts.d.ts.map +1 -0
package/dist/security/headers/hsts.js +346 -0
package/dist/security/headers/hsts.js.map +1 -0
package/dist/security/headers/index.d.ts +47 -0
package/dist/security/headers/index.d.ts.map +1 -0
package/dist/security/headers/index.js +110 -0
package/dist/security/headers/index.js.map +1 -0
package/dist/security/headers/middleware.d.ts +70 -0
package/dist/security/headers/middleware.d.ts.map +1 -0
package/dist/security/headers/middleware.js +549 -0
package/dist/security/headers/middleware.js.map +1 -0
package/dist/security/headers/permissions-policy.d.ts +189 -0
package/dist/security/headers/permissions-policy.d.ts.map +1 -0
package/dist/security/headers/permissions-policy.js +508 -0
package/dist/security/headers/permissions-policy.js.map +1 -0
package/dist/security/headers/types.d.ts +1570 -0
package/dist/security/headers/types.d.ts.map +1 -0
package/dist/security/headers/types.js +281 -0
package/dist/security/headers/types.js.map +1 -0
package/dist/security/headers/validator.d.ts +36 -0
package/dist/security/headers/validator.d.ts.map +1 -0
package/dist/security/headers/validator.js +616 -0
package/dist/security/headers/validator.js.map +1 -0
package/dist/security/hsm/aws-cloudhsm.d.ts +157 -0
package/dist/security/hsm/aws-cloudhsm.d.ts.map +1 -0
package/dist/security/hsm/aws-cloudhsm.js +712 -0
package/dist/security/hsm/aws-cloudhsm.js.map +1 -0
package/dist/security/hsm/azure-hsm.d.ts +174 -0
package/dist/security/hsm/azure-hsm.d.ts.map +1 -0
package/dist/security/hsm/azure-hsm.js +792 -0
package/dist/security/hsm/azure-hsm.js.map +1 -0
package/dist/security/hsm/gcp-hsm.d.ts +184 -0
package/dist/security/hsm/gcp-hsm.d.ts.map +1 -0
package/dist/security/hsm/gcp-hsm.js +817 -0
package/dist/security/hsm/gcp-hsm.js.map +1 -0
package/dist/security/hsm/hsm-service.d.ts +264 -0
package/dist/security/hsm/hsm-service.d.ts.map +1 -0
package/dist/security/hsm/hsm-service.js +772 -0
package/dist/security/hsm/hsm-service.js.map +1 -0
package/dist/security/hsm/index.d.ts +248 -0
package/dist/security/hsm/index.d.ts.map +1 -0
package/dist/security/hsm/index.js +329 -0
package/dist/security/hsm/index.js.map +1 -0
package/dist/security/hsm/key-ceremony.d.ts +214 -0
package/dist/security/hsm/key-ceremony.d.ts.map +1 -0
package/dist/security/hsm/key-ceremony.js +636 -0
package/dist/security/hsm/key-ceremony.js.map +1 -0
package/dist/security/hsm/key-operations.d.ts +218 -0
package/dist/security/hsm/key-operations.d.ts.map +1 -0
package/dist/security/hsm/key-operations.js +625 -0
package/dist/security/hsm/key-operations.js.map +1 -0
package/dist/security/hsm/local-softHSM.d.ts +122 -0
package/dist/security/hsm/local-softHSM.d.ts.map +1 -0
package/dist/security/hsm/local-softHSM.js +786 -0
package/dist/security/hsm/local-softHSM.js.map +1 -0
package/dist/security/hsm/pkcs11-wrapper.d.ts +386 -0
package/dist/security/hsm/pkcs11-wrapper.d.ts.map +1 -0
package/dist/security/hsm/pkcs11-wrapper.js +1149 -0
package/dist/security/hsm/pkcs11-wrapper.js.map +1 -0
package/dist/security/hsm/provider.d.ts +333 -0
package/dist/security/hsm/provider.d.ts.map +1 -0
package/dist/security/hsm/provider.js +264 -0
package/dist/security/hsm/provider.js.map +1 -0
package/dist/security/hsm/thales-luna.d.ts +209 -0
package/dist/security/hsm/thales-luna.d.ts.map +1 -0
package/dist/security/hsm/thales-luna.js +820 -0
package/dist/security/hsm/thales-luna.js.map +1 -0
package/dist/security/incident/actions/block-ip.d.ts +82 -0
package/dist/security/incident/actions/block-ip.d.ts.map +1 -0
package/dist/security/incident/actions/block-ip.js +454 -0
package/dist/security/incident/actions/block-ip.js.map +1 -0
package/dist/security/incident/actions/collect-evidence.d.ts +93 -0
package/dist/security/incident/actions/collect-evidence.d.ts.map +1 -0
package/dist/security/incident/actions/collect-evidence.js +449 -0
package/dist/security/incident/actions/collect-evidence.js.map +1 -0
package/dist/security/incident/actions/index.d.ts +39 -0
package/dist/security/incident/actions/index.d.ts.map +1 -0
package/dist/security/incident/actions/index.js +52 -0
package/dist/security/incident/actions/index.js.map +1 -0
package/dist/security/incident/actions/isolate-system.d.ts +61 -0
package/dist/security/incident/actions/isolate-system.d.ts.map +1 -0
package/dist/security/incident/actions/isolate-system.js +369 -0
package/dist/security/incident/actions/isolate-system.js.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts +70 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.js +377 -0
package/dist/security/incident/actions/notify-stakeholders.js.map +1 -0
package/dist/security/incident/actions/revoke-credentials.d.ts +75 -0
package/dist/security/incident/actions/revoke-credentials.d.ts.map +1 -0
package/dist/security/incident/actions/revoke-credentials.js +320 -0
package/dist/security/incident/actions/revoke-credentials.js.map +1 -0
package/dist/security/incident/actions/scale-monitoring.d.ts +88 -0
package/dist/security/incident/actions/scale-monitoring.d.ts.map +1 -0
package/dist/security/incident/actions/scale-monitoring.js +473 -0
package/dist/security/incident/actions/scale-monitoring.js.map +1 -0
package/dist/security/incident/executor.d.ts +128 -0
package/dist/security/incident/executor.d.ts.map +1 -0
package/dist/security/incident/executor.js +695 -0
package/dist/security/incident/executor.js.map +1 -0
package/dist/security/incident/index.d.ts +220 -0
package/dist/security/incident/index.d.ts.map +1 -0
package/dist/security/incident/index.js +1284 -0
package/dist/security/incident/index.js.map +1 -0
package/dist/security/incident/notification.d.ts +68 -0
package/dist/security/incident/notification.d.ts.map +1 -0
package/dist/security/incident/notification.js +512 -0
package/dist/security/incident/notification.js.map +1 -0
package/dist/security/incident/playbooks/account-compromise.d.ts +13 -0
package/dist/security/incident/playbooks/account-compromise.d.ts.map +1 -0
package/dist/security/incident/playbooks/account-compromise.js +379 -0
package/dist/security/incident/playbooks/account-compromise.js.map +1 -0
package/dist/security/incident/playbooks/configuration-error.d.ts +17 -0
package/dist/security/incident/playbooks/configuration-error.d.ts.map +1 -0
package/dist/security/incident/playbooks/configuration-error.js +340 -0
package/dist/security/incident/playbooks/configuration-error.js.map +1 -0
package/dist/security/incident/playbooks/data-breach.d.ts +13 -0
package/dist/security/incident/playbooks/data-breach.d.ts.map +1 -0
package/dist/security/incident/playbooks/data-breach.js +394 -0
package/dist/security/incident/playbooks/data-breach.js.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts +13 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.js +540 -0
package/dist/security/incident/playbooks/denial-of-service.js.map +1 -0
package/dist/security/incident/playbooks/index.d.ts +36 -0
package/dist/security/incident/playbooks/index.d.ts.map +1 -0
package/dist/security/incident/playbooks/index.js +56 -0
package/dist/security/incident/playbooks/index.js.map +1 -0
package/dist/security/incident/playbooks/insider-threat.d.ts +18 -0
package/dist/security/incident/playbooks/insider-threat.d.ts.map +1 -0
package/dist/security/incident/playbooks/insider-threat.js +600 -0
package/dist/security/incident/playbooks/insider-threat.js.map +1 -0
package/dist/security/incident/playbooks/malware.d.ts +13 -0
package/dist/security/incident/playbooks/malware.d.ts.map +1 -0
package/dist/security/incident/playbooks/malware.js +515 -0
package/dist/security/incident/playbooks/malware.js.map +1 -0
package/dist/security/incident/playbooks/ransomware.d.ts +14 -0
package/dist/security/incident/playbooks/ransomware.d.ts.map +1 -0
package/dist/security/incident/playbooks/ransomware.js +693 -0
package/dist/security/incident/playbooks/ransomware.js.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts +13 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.js +412 -0
package/dist/security/incident/playbooks/unauthorized-access.js.map +1 -0
package/dist/security/incident/triggers.d.ts +120 -0
package/dist/security/incident/triggers.d.ts.map +1 -0
package/dist/security/incident/triggers.js +708 -0
package/dist/security/incident/triggers.js.map +1 -0
package/dist/security/incident/types.d.ts +1517 -0
package/dist/security/incident/types.d.ts.map +1 -0
package/dist/security/incident/types.js +222 -0
package/dist/security/incident/types.js.map +1 -0
package/dist/security/index.d.ts +59 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +295 -0
package/dist/security/index.js.map +1 -0
package/dist/security/injection-detector.d.ts +510 -0
package/dist/security/injection-detector.d.ts.map +1 -0
package/dist/security/injection-detector.js +1325 -0
package/dist/security/injection-detector.js.map +1 -0
package/dist/security/introspection.d.ts +137 -0
package/dist/security/introspection.d.ts.map +1 -0
package/dist/security/introspection.js +451 -0
package/dist/security/introspection.js.map +1 -0
package/dist/security/key-rotation.d.ts +213 -0
package/dist/security/key-rotation.d.ts.map +1 -0
package/dist/security/key-rotation.js +530 -0
package/dist/security/key-rotation.js.map +1 -0
package/dist/security/kms/aws-kms.d.ts +152 -0
package/dist/security/kms/aws-kms.d.ts.map +1 -0
package/dist/security/kms/aws-kms.js +808 -0
package/dist/security/kms/aws-kms.js.map +1 -0
package/dist/security/kms/index.d.ts +165 -0
package/dist/security/kms/index.d.ts.map +1 -0
package/dist/security/kms/index.js +351 -0
package/dist/security/kms/index.js.map +1 -0
package/dist/security/kms/local.d.ts +127 -0
package/dist/security/kms/local.d.ts.map +1 -0
package/dist/security/kms/local.js +682 -0
package/dist/security/kms/local.js.map +1 -0
package/dist/security/kms/types.d.ts +1000 -0
package/dist/security/kms/types.d.ts.map +1 -0
package/dist/security/kms/types.js +167 -0
package/dist/security/kms/types.js.map +1 -0
package/dist/security/kms/vault.d.ts +165 -0
package/dist/security/kms/vault.d.ts.map +1 -0
package/dist/security/kms/vault.js +820 -0
package/dist/security/kms/vault.js.map +1 -0
package/dist/security/mfa/index.d.ts +17 -0
package/dist/security/mfa/index.d.ts.map +1 -0
package/dist/security/mfa/index.js +37 -0
package/dist/security/mfa/index.js.map +1 -0
package/dist/security/mfa/mfa-middleware.d.ts +74 -0
package/dist/security/mfa/mfa-middleware.d.ts.map +1 -0
package/dist/security/mfa/mfa-middleware.js +244 -0
package/dist/security/mfa/mfa-middleware.js.map +1 -0
package/dist/security/mfa/mfa-service.d.ts +115 -0
package/dist/security/mfa/mfa-service.d.ts.map +1 -0
package/dist/security/mfa/mfa-service.js +509 -0
package/dist/security/mfa/mfa-service.js.map +1 -0
package/dist/security/mfa/mfa-store.d.ts +615 -0
package/dist/security/mfa/mfa-store.d.ts.map +1 -0
package/dist/security/mfa/mfa-store.js +431 -0
package/dist/security/mfa/mfa-store.js.map +1 -0
package/dist/security/mfa/types.d.ts +417 -0
package/dist/security/mfa/types.d.ts.map +1 -0
package/dist/security/mfa/types.js +123 -0
package/dist/security/mfa/types.js.map +1 -0
package/dist/security/middleware.d.ts +179 -0
package/dist/security/middleware.d.ts.map +1 -0
package/dist/security/middleware.js +534 -0
package/dist/security/middleware.js.map +1 -0
package/dist/security/pairwise-did.d.ts +157 -0
package/dist/security/pairwise-did.d.ts.map +1 -0
package/dist/security/pairwise-did.js +450 -0
package/dist/security/pairwise-did.js.map +1 -0
package/dist/security/pam/break-glass.d.ts +776 -0
package/dist/security/pam/break-glass.d.ts.map +1 -0
package/dist/security/pam/break-glass.js +1137 -0
package/dist/security/pam/break-glass.js.map +1 -0
package/dist/security/pam/index.d.ts +120 -0
package/dist/security/pam/index.d.ts.map +1 -0
package/dist/security/pam/index.js +179 -0
package/dist/security/pam/index.js.map +1 -0
package/dist/security/pam/jit-access.d.ts +482 -0
package/dist/security/pam/jit-access.d.ts.map +1 -0
package/dist/security/pam/jit-access.js +1030 -0
package/dist/security/pam/jit-access.js.map +1 -0
package/dist/security/pam/session-recording.d.ts +1007 -0
package/dist/security/pam/session-recording.d.ts.map +1 -0
package/dist/security/pam/session-recording.js +1047 -0
package/dist/security/pam/session-recording.js.map +1 -0
package/dist/security/password-hashing.d.ts +199 -0
package/dist/security/password-hashing.d.ts.map +1 -0
package/dist/security/password-hashing.js +366 -0
package/dist/security/password-hashing.js.map +1 -0
package/dist/security/password-policy.d.ts +304 -0
package/dist/security/password-policy.d.ts.map +1 -0
package/dist/security/password-policy.js +730 -0
package/dist/security/password-policy.js.map +1 -0
package/dist/security/pkce.d.ts +269 -0
package/dist/security/pkce.d.ts.map +1 -0
package/dist/security/pkce.js +408 -0
package/dist/security/pkce.js.map +1 -0
package/dist/security/policy-engine/built-in-policies.d.ts +90 -0
package/dist/security/policy-engine/built-in-policies.d.ts.map +1 -0
package/dist/security/policy-engine/built-in-policies.js +627 -0
package/dist/security/policy-engine/built-in-policies.js.map +1 -0
package/dist/security/policy-engine/condition-evaluator.d.ts +129 -0
package/dist/security/policy-engine/condition-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/condition-evaluator.js +647 -0
package/dist/security/policy-engine/condition-evaluator.js.map +1 -0
package/dist/security/policy-engine/engine.d.ts +200 -0
package/dist/security/policy-engine/engine.d.ts.map +1 -0
package/dist/security/policy-engine/engine.js +752 -0
package/dist/security/policy-engine/engine.js.map +1 -0
package/dist/security/policy-engine/index.d.ts +58 -0
package/dist/security/policy-engine/index.d.ts.map +1 -0
package/dist/security/policy-engine/index.js +80 -0
package/dist/security/policy-engine/index.js.map +1 -0
package/dist/security/policy-engine/middleware.d.ts +77 -0
package/dist/security/policy-engine/middleware.d.ts.map +1 -0
package/dist/security/policy-engine/middleware.js +375 -0
package/dist/security/policy-engine/middleware.js.map +1 -0
package/dist/security/policy-engine/rule-evaluator.d.ts +140 -0
package/dist/security/policy-engine/rule-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/rule-evaluator.js +593 -0
package/dist/security/policy-engine/rule-evaluator.js.map +1 -0
package/dist/security/policy-engine/types.d.ts +2855 -0
package/dist/security/policy-engine/types.d.ts.map +1 -0
package/dist/security/policy-engine/types.js +443 -0
package/dist/security/policy-engine/types.js.map +1 -0
package/dist/security/rbac/index.d.ts +317 -0
package/dist/security/rbac/index.d.ts.map +1 -0
package/dist/security/rbac/index.js +618 -0
package/dist/security/rbac/index.js.map +1 -0
package/dist/security/rbac/permissions.d.ts +305 -0
package/dist/security/rbac/permissions.d.ts.map +1 -0
package/dist/security/rbac/permissions.js +947 -0
package/dist/security/rbac/permissions.js.map +1 -0
package/dist/security/rbac/policy-engine.d.ts +542 -0
package/dist/security/rbac/policy-engine.d.ts.map +1 -0
package/dist/security/rbac/policy-engine.js +1244 -0
package/dist/security/rbac/policy-engine.js.map +1 -0
package/dist/security/rbac/roles.d.ts +478 -0
package/dist/security/rbac/roles.d.ts.map +1 -0
package/dist/security/rbac/roles.js +363 -0
package/dist/security/rbac/roles.js.map +1 -0
package/dist/security/refresh-token.d.ts +305 -0
package/dist/security/refresh-token.d.ts.map +1 -0
package/dist/security/refresh-token.js +674 -0
package/dist/security/refresh-token.js.map +1 -0
package/dist/security/request-integrity.d.ts +289 -0
package/dist/security/request-integrity.d.ts.map +1 -0
package/dist/security/request-integrity.js +663 -0
package/dist/security/request-integrity.js.map +1 -0
package/dist/security/revocation-check.d.ts +188 -0
package/dist/security/revocation-check.d.ts.map +1 -0
package/dist/security/revocation-check.js +606 -0
package/dist/security/revocation-check.js.map +1 -0
package/dist/security/revocation.d.ts +191 -0
package/dist/security/revocation.d.ts.map +1 -0
package/dist/security/revocation.js +522 -0
package/dist/security/revocation.js.map +1 -0
package/dist/security/secrets-rotation.d.ts +501 -0
package/dist/security/secrets-rotation.d.ts.map +1 -0
package/dist/security/secrets-rotation.js +934 -0
package/dist/security/secrets-rotation.js.map +1 -0
package/dist/security/secure-memory.d.ts +325 -0
package/dist/security/secure-memory.d.ts.map +1 -0
package/dist/security/secure-memory.js +595 -0
package/dist/security/secure-memory.js.map +1 -0
package/dist/security/security-service.d.ts +186 -0
package/dist/security/security-service.d.ts.map +1 -0
package/dist/security/security-service.js +531 -0
package/dist/security/security-service.js.map +1 -0
package/dist/security/service-auth/index.d.ts +20 -0
package/dist/security/service-auth/index.d.ts.map +1 -0
package/dist/security/service-auth/index.js +61 -0
package/dist/security/service-auth/index.js.map +1 -0
package/dist/security/service-auth/service-account.d.ts +357 -0
package/dist/security/service-auth/service-account.d.ts.map +1 -0
package/dist/security/service-auth/service-account.js +475 -0
package/dist/security/service-auth/service-account.js.map +1 -0
package/dist/security/service-auth/service-auth-middleware.d.ts +174 -0
package/dist/security/service-auth/service-auth-middleware.d.ts.map +1 -0
package/dist/security/service-auth/service-auth-middleware.js +461 -0
package/dist/security/service-auth/service-auth-middleware.js.map +1 -0
package/dist/security/service-auth/service-token.d.ts +391 -0
package/dist/security/service-auth/service-token.d.ts.map +1 -0
package/dist/security/service-auth/service-token.js +472 -0
package/dist/security/service-auth/service-token.js.map +1 -0
package/dist/security/session-manager.d.ts +177 -0
package/dist/security/session-manager.d.ts.map +1 -0
package/dist/security/session-manager.js +353 -0
package/dist/security/session-manager.js.map +1 -0
package/dist/security/session-store.d.ts +205 -0
package/dist/security/session-store.d.ts.map +1 -0
package/dist/security/session-store.js +581 -0
package/dist/security/session-store.js.map +1 -0
package/dist/security/siem/connector.d.ts +147 -0
package/dist/security/siem/connector.d.ts.map +1 -0
package/dist/security/siem/connector.js +254 -0
package/dist/security/siem/connector.js.map +1 -0
package/dist/security/siem/datadog.d.ts +81 -0
package/dist/security/siem/datadog.d.ts.map +1 -0
package/dist/security/siem/datadog.js +362 -0
package/dist/security/siem/datadog.js.map +1 -0
package/dist/security/siem/elastic.d.ts +83 -0
package/dist/security/siem/elastic.d.ts.map +1 -0
package/dist/security/siem/elastic.js +514 -0
package/dist/security/siem/elastic.js.map +1 -0
package/dist/security/siem/enrichment.d.ts +133 -0
package/dist/security/siem/enrichment.d.ts.map +1 -0
package/dist/security/siem/enrichment.js +434 -0
package/dist/security/siem/enrichment.js.map +1 -0
package/dist/security/siem/formatter.d.ts +118 -0
package/dist/security/siem/formatter.d.ts.map +1 -0
package/dist/security/siem/formatter.js +381 -0
package/dist/security/siem/formatter.js.map +1 -0
package/dist/security/siem/hooks.d.ts +107 -0
package/dist/security/siem/hooks.d.ts.map +1 -0
package/dist/security/siem/hooks.js +459 -0
package/dist/security/siem/hooks.js.map +1 -0
package/dist/security/siem/index.d.ts +83 -0
package/dist/security/siem/index.d.ts.map +1 -0
package/dist/security/siem/index.js +95 -0
package/dist/security/siem/index.js.map +1 -0
package/dist/security/siem/service.d.ts +153 -0
package/dist/security/siem/service.d.ts.map +1 -0
package/dist/security/siem/service.js +615 -0
package/dist/security/siem/service.js.map +1 -0
package/dist/security/siem/splunk.d.ts +76 -0
package/dist/security/siem/splunk.d.ts.map +1 -0
package/dist/security/siem/splunk.js +283 -0
package/dist/security/siem/splunk.js.map +1 -0
package/dist/security/siem/types.d.ts +1980 -0
package/dist/security/siem/types.d.ts.map +1 -0
package/dist/security/siem/types.js +268 -0
package/dist/security/siem/types.js.map +1 -0
package/dist/security/tee-production.d.ts +157 -0
package/dist/security/tee-production.d.ts.map +1 -0
package/dist/security/tee-production.js +792 -0
package/dist/security/tee-production.js.map +1 -0
package/dist/security/tee.d.ts +182 -0
package/dist/security/tee.d.ts.map +1 -0
package/dist/security/tee.js +1031 -0
package/dist/security/tee.js.map +1 -0
package/dist/security/threat-intel/bot-detection.d.ts +275 -0
package/dist/security/threat-intel/bot-detection.d.ts.map +1 -0
package/dist/security/threat-intel/bot-detection.js +890 -0
package/dist/security/threat-intel/bot-detection.js.map +1 -0
package/dist/security/threat-intel/credential-stuffing.d.ts +368 -0
package/dist/security/threat-intel/credential-stuffing.d.ts.map +1 -0
package/dist/security/threat-intel/credential-stuffing.js +957 -0
package/dist/security/threat-intel/credential-stuffing.js.map +1 -0
package/dist/security/threat-intel/index.d.ts +10 -0
package/dist/security/threat-intel/index.d.ts.map +1 -0
package/dist/security/threat-intel/index.js +18 -0
package/dist/security/threat-intel/index.js.map +1 -0
package/dist/security/threat-intel/ip-reputation.d.ts +323 -0
package/dist/security/threat-intel/ip-reputation.d.ts.map +1 -0
package/dist/security/threat-intel/ip-reputation.js +923 -0
package/dist/security/threat-intel/ip-reputation.js.map +1 -0
package/dist/security/token-lifecycle.d.ts +272 -0
package/dist/security/token-lifecycle.d.ts.map +1 -0
package/dist/security/token-lifecycle.js +732 -0
package/dist/security/token-lifecycle.js.map +1 -0
package/dist/security/token-lifetime.d.ts +206 -0
package/dist/security/token-lifetime.d.ts.map +1 -0
package/dist/security/token-lifetime.js +388 -0
package/dist/security/token-lifetime.js.map +1 -0
package/dist/security/trust-oracle/alerts.d.ts +202 -0
package/dist/security/trust-oracle/alerts.d.ts.map +1 -0
package/dist/security/trust-oracle/alerts.js +763 -0
package/dist/security/trust-oracle/alerts.js.map +1 -0
package/dist/security/trust-oracle/api.d.ts +116 -0
package/dist/security/trust-oracle/api.d.ts.map +1 -0
package/dist/security/trust-oracle/api.js +721 -0
package/dist/security/trust-oracle/api.js.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts +105 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.js +696 -0
package/dist/security/trust-oracle/continuous-monitoring.js.map +1 -0
package/dist/security/trust-oracle/data-sources.d.ts +126 -0
package/dist/security/trust-oracle/data-sources.d.ts.map +1 -0
package/dist/security/trust-oracle/data-sources.js +867 -0
package/dist/security/trust-oracle/data-sources.js.map +1 -0
package/dist/security/trust-oracle/index.d.ts +79 -0
package/dist/security/trust-oracle/index.d.ts.map +1 -0
package/dist/security/trust-oracle/index.js +206 -0
package/dist/security/trust-oracle/index.js.map +1 -0
package/dist/security/trust-oracle/oracle.d.ts +125 -0
package/dist/security/trust-oracle/oracle.d.ts.map +1 -0
package/dist/security/trust-oracle/oracle.js +489 -0
package/dist/security/trust-oracle/oracle.js.map +1 -0
package/dist/security/trust-oracle/reporting.d.ts +145 -0
package/dist/security/trust-oracle/reporting.d.ts.map +1 -0
package/dist/security/trust-oracle/reporting.js +1098 -0
package/dist/security/trust-oracle/reporting.js.map +1 -0
package/dist/security/trust-oracle/risk-scorer.d.ts +207 -0
package/dist/security/trust-oracle/risk-scorer.d.ts.map +1 -0
package/dist/security/trust-oracle/risk-scorer.js +1033 -0
package/dist/security/trust-oracle/risk-scorer.js.map +1 -0
package/dist/security/trust-oracle/types.d.ts +444 -0
package/dist/security/trust-oracle/types.d.ts.map +1 -0
package/dist/security/trust-oracle/types.js +6 -0
package/dist/security/trust-oracle/types.js.map +1 -0
package/dist/security/trust-oracle/vendor-registry.d.ts +228 -0
package/dist/security/trust-oracle/vendor-registry.d.ts.map +1 -0
package/dist/security/trust-oracle/vendor-registry.js +727 -0
package/dist/security/trust-oracle/vendor-registry.js.map +1 -0
package/dist/security/types.d.ts +1777 -0
package/dist/security/types.d.ts.map +1 -0
package/dist/security/types.js +388 -0
package/dist/security/types.js.map +1 -0
package/dist/security/webauthn/index.d.ts +47 -0
package/dist/security/webauthn/index.d.ts.map +1 -0
package/dist/security/webauthn/index.js +48 -0
package/dist/security/webauthn/index.js.map +1 -0
package/dist/security/webauthn/middleware.d.ts +109 -0
package/dist/security/webauthn/middleware.d.ts.map +1 -0
package/dist/security/webauthn/middleware.js +629 -0
package/dist/security/webauthn/middleware.js.map +1 -0
package/dist/security/webauthn/service.d.ts +179 -0
package/dist/security/webauthn/service.d.ts.map +1 -0
package/dist/security/webauthn/service.js +758 -0
package/dist/security/webauthn/service.js.map +1 -0
package/dist/security/webauthn/store.d.ts +240 -0
package/dist/security/webauthn/store.d.ts.map +1 -0
package/dist/security/webauthn/store.js +505 -0
package/dist/security/webauthn/store.js.map +1 -0
package/dist/security/webauthn/types.d.ts +678 -0
package/dist/security/webauthn/types.d.ts.map +1 -0
package/dist/security/webauthn/types.js +176 -0
package/dist/security/webauthn/types.js.map +1 -0
package/dist/security/zkp/circuits.d.ts +296 -0
package/dist/security/zkp/circuits.d.ts.map +1 -0
package/dist/security/zkp/circuits.js +771 -0
package/dist/security/zkp/circuits.js.map +1 -0
package/dist/security/zkp/commitment.d.ts +319 -0
package/dist/security/zkp/commitment.d.ts.map +1 -0
package/dist/security/zkp/commitment.js +591 -0
package/dist/security/zkp/commitment.js.map +1 -0
package/dist/security/zkp/compliance.d.ts +251 -0
package/dist/security/zkp/compliance.d.ts.map +1 -0
package/dist/security/zkp/compliance.js +734 -0
package/dist/security/zkp/compliance.js.map +1 -0
package/dist/security/zkp/index.d.ts +184 -0
package/dist/security/zkp/index.d.ts.map +1 -0
package/dist/security/zkp/index.js +285 -0
package/dist/security/zkp/index.js.map +1 -0
package/dist/security/zkp/integration.d.ts +289 -0
package/dist/security/zkp/integration.d.ts.map +1 -0
package/dist/security/zkp/integration.js +571 -0
package/dist/security/zkp/integration.js.map +1 -0
package/dist/security/zkp/prover.d.ts +158 -0
package/dist/security/zkp/prover.d.ts.map +1 -0
package/dist/security/zkp/prover.js +465 -0
package/dist/security/zkp/prover.js.map +1 -0
package/dist/security/zkp/snark-utils.d.ts +321 -0
package/dist/security/zkp/snark-utils.d.ts.map +1 -0
package/dist/security/zkp/snark-utils.js +640 -0
package/dist/security/zkp/snark-utils.js.map +1 -0
package/dist/security/zkp/types.d.ts +1192 -0
package/dist/security/zkp/types.d.ts.map +1 -0
package/dist/security/zkp/types.js +264 -0
package/dist/security/zkp/types.js.map +1 -0
package/dist/security/zkp/verifier.d.ts +111 -0
package/dist/security/zkp/verifier.d.ts.map +1 -0
package/dist/security/zkp/verifier.js +554 -0
package/dist/security/zkp/verifier.js.map +1 -0
package/dist/semantic-governance/context-validator.d.ts +158 -0
package/dist/semantic-governance/context-validator.d.ts.map +1 -0
package/dist/semantic-governance/context-validator.js +598 -0
package/dist/semantic-governance/context-validator.js.map +1 -0
package/dist/semantic-governance/credential-manager.d.ts +156 -0
package/dist/semantic-governance/credential-manager.d.ts.map +1 -0
package/dist/semantic-governance/credential-manager.js +438 -0
package/dist/semantic-governance/credential-manager.js.map +1 -0
package/dist/semantic-governance/dual-channel.d.ts +138 -0
package/dist/semantic-governance/dual-channel.d.ts.map +1 -0
package/dist/semantic-governance/dual-channel.js +333 -0
package/dist/semantic-governance/dual-channel.js.map +1 -0
package/dist/semantic-governance/index.d.ts +107 -0
package/dist/semantic-governance/index.d.ts.map +1 -0
package/dist/semantic-governance/index.js +141 -0
package/dist/semantic-governance/index.js.map +1 -0
package/dist/semantic-governance/inference-validator.d.ts +114 -0
package/dist/semantic-governance/inference-validator.d.ts.map +1 -0
package/dist/semantic-governance/inference-validator.js +390 -0
package/dist/semantic-governance/inference-validator.js.map +1 -0
package/dist/semantic-governance/instruction-validator.d.ts +146 -0
package/dist/semantic-governance/instruction-validator.d.ts.map +1 -0
package/dist/semantic-governance/instruction-validator.js +363 -0
package/dist/semantic-governance/instruction-validator.js.map +1 -0
package/dist/semantic-governance/integration.d.ts +253 -0
package/dist/semantic-governance/integration.d.ts.map +1 -0
package/dist/semantic-governance/integration.js +658 -0
package/dist/semantic-governance/integration.js.map +1 -0
package/dist/semantic-governance/output-validator.d.ts +135 -0
package/dist/semantic-governance/output-validator.d.ts.map +1 -0
package/dist/semantic-governance/output-validator.js +448 -0
package/dist/semantic-governance/output-validator.js.map +1 -0
package/dist/semantic-governance/service.d.ts +120 -0
package/dist/semantic-governance/service.d.ts.map +1 -0
package/dist/semantic-governance/service.js +527 -0
package/dist/semantic-governance/service.js.map +1 -0
package/dist/semantic-governance/types.d.ts +3925 -0
package/dist/semantic-governance/types.d.ts.map +1 -0
package/dist/semantic-governance/types.js +471 -0
package/dist/semantic-governance/types.js.map +1 -0
package/dist/trust-engine/car-integration.d.ts +263 -0
package/dist/trust-engine/car-integration.d.ts.map +1 -0
package/dist/trust-engine/car-integration.js +320 -0
package/dist/trust-engine/car-integration.js.map +1 -0
package/dist/trust-engine/context.d.ts +198 -0
package/dist/trust-engine/context.d.ts.map +1 -0
package/dist/trust-engine/context.js +308 -0
package/dist/trust-engine/context.js.map +1 -0
package/dist/trust-engine/diminishing-returns.d.ts +123 -0
package/dist/trust-engine/diminishing-returns.d.ts.map +1 -0
package/dist/trust-engine/diminishing-returns.js +197 -0
package/dist/trust-engine/diminishing-returns.js.map +1 -0
package/dist/trust-engine/index.d.ts +433 -0
package/dist/trust-engine/index.d.ts.map +1 -0
package/dist/trust-engine/index.js +1241 -0
package/dist/trust-engine/index.js.map +1 -0
package/dist/trust-engine/observability.d.ts +175 -0
package/dist/trust-engine/observability.d.ts.map +1 -0
package/dist/trust-engine/observability.js +246 -0
package/dist/trust-engine/observability.js.map +1 -0
package/dist/trust-engine/signal-diversity.d.ts +130 -0
package/dist/trust-engine/signal-diversity.d.ts.map +1 -0
package/dist/trust-engine/signal-diversity.js +238 -0
package/dist/trust-engine/signal-diversity.js.map +1 -0
package/dist/versioning/deprecation.d.ts +65 -0
package/dist/versioning/deprecation.d.ts.map +1 -0
package/dist/versioning/deprecation.js +199 -0
package/dist/versioning/deprecation.js.map +1 -0
package/dist/versioning/index.d.ts +46 -0
package/dist/versioning/index.d.ts.map +1 -0
package/dist/versioning/index.js +76 -0
package/dist/versioning/index.js.map +1 -0
package/dist/versioning/semver.d.ts +116 -0
package/dist/versioning/semver.d.ts.map +1 -0
package/dist/versioning/semver.js +321 -0
package/dist/versioning/semver.js.map +1 -0
package/package.json +161 -0

package/dist/security/crypto/fips-mode.js ADDED Viewed

@@ -0,0 +1,1297 @@
+/**
+ * FIPS 140-2 Compliant Cryptography Mode
+ *
+ * Provides FIPS 140-2 Level 1 compliant cryptographic operations for FedRAMP
+ * compliance. Enforces the use of only FIPS-approved algorithms and key lengths.
+ *
+ * FIPS 140-2 Approved Algorithms:
+ * - Symmetric Encryption: AES-128, AES-256 (GCM, CBC, CTR modes)
+ * - Hash Functions: SHA-256, SHA-384, SHA-512 (NO SHA-1, MD5)
+ * - Asymmetric: RSA (2048+ bits), ECDSA (P-256, P-384, P-521)
+ * - MACs: HMAC-SHA256, HMAC-SHA384, HMAC-SHA512
+ * - Key Derivation: PBKDF2, HKDF with approved hash functions
+ * - Transport: TLS 1.2+ only
+ *
+ * Security Guarantees:
+ * - Algorithm validation before every operation
+ * - Key length enforcement per algorithm
+ * - Comprehensive audit logging
+ * - Runtime enforcement with configurable strict mode
+ *
+ * @packageDocumentation
+ * @module security/crypto/fips-mode
+ */
+import * as crypto from 'node:crypto';
+import { randomUUID } from 'node:crypto';
+import { z } from 'zod';
+import { createLogger } from '../../common/logger.js';
+const logger = createLogger({ component: 'fips-crypto' });
+// =============================================================================
+// FIPS Constants
+// =============================================================================
+/**
+ * FIPS 140-2 approved symmetric encryption algorithms
+ */
+export const FIPS_SYMMETRIC_ALGORITHMS = {
+    'AES-128-GCM': 'aes-128-gcm',
+    'AES-256-GCM': 'aes-256-gcm',
+    'AES-128-CBC': 'aes-128-cbc',
+    'AES-256-CBC': 'aes-256-cbc',
+    'AES-128-CTR': 'aes-128-ctr',
+    'AES-256-CTR': 'aes-256-ctr',
+};
+/**
+ * FIPS 140-2 approved hash algorithms
+ */
+export const FIPS_HASH_ALGORITHMS = {
+    'SHA-256': 'sha256',
+    'SHA-384': 'sha384',
+    'SHA-512': 'sha512',
+};
+/**
+ * FIPS 140-2 approved HMAC algorithms
+ */
+export const FIPS_HMAC_ALGORITHMS = {
+    'HMAC-SHA256': 'sha256',
+    'HMAC-SHA384': 'sha384',
+    'HMAC-SHA512': 'sha512',
+};
+/**
+ * FIPS 140-2 approved asymmetric algorithms
+ */
+export const FIPS_ASYMMETRIC_ALGORITHMS = {
+    'RSA-2048': 'rsa',
+    'RSA-3072': 'rsa',
+    'RSA-4096': 'rsa',
+    'ECDSA-P256': 'ec',
+    'ECDSA-P384': 'ec',
+    'ECDSA-P521': 'ec',
+};
+/**
+ * FIPS 140-2 approved ECDSA curves
+ */
+export const FIPS_ECDSA_CURVES = {
+    'P-256': 'prime256v1',
+    'P-384': 'secp384r1',
+    'P-521': 'secp521r1',
+};
+/**
+ * FIPS 140-2 minimum key lengths by algorithm type
+ */
+export const FIPS_MINIMUM_KEY_LENGTHS = {
+    aes: 128,
+    rsa: 2048,
+    'ec-p256': 256,
+    'ec-p384': 384,
+    'ec-p521': 521,
+    hmac: 128,
+};
+/**
+ * Non-FIPS algorithms that should be rejected
+ */
+export const NON_FIPS_ALGORITHMS = [
+    'md5',
+    'sha1',
+    'sha-1',
+    'des',
+    '3des',
+    'des-ede',
+    'des-ede3',
+    'rc2',
+    'rc4',
+    'blowfish',
+    'bf',
+    'idea',
+    'cast',
+    'cast5',
+    'seed',
+];
+/**
+ * FIPS-approved TLS versions
+ */
+export const FIPS_TLS_VERSIONS = ['TLSv1.2', 'TLSv1.3'];
+/**
+ * Non-FIPS TLS versions that should be rejected
+ */
+export const NON_FIPS_TLS_VERSIONS = ['SSLv2', 'SSLv3', 'TLSv1', 'TLSv1.1'];
+export const fipsModeConfigSchema = z.object({
+    enabled: z.boolean().default(false),
+    strictMode: z.boolean().default(true),
+    allowedAlgorithms: z.array(z.string()).default([
+        ...Object.values(FIPS_SYMMETRIC_ALGORITHMS),
+        ...Object.values(FIPS_HASH_ALGORITHMS),
+    ]),
+    minimumKeyLengths: z.record(z.string(), z.number()).default(FIPS_MINIMUM_KEY_LENGTHS),
+    auditAllCryptoOperations: z.boolean().default(true),
+    alertOnViolations: z.boolean().default(true),
+});
+/**
+ * Default FIPS mode configuration
+ */
+export const DEFAULT_FIPS_CONFIG = {
+    enabled: process.env['VORION_FIPS_MODE'] === 'true',
+    strictMode: true,
+    allowedAlgorithms: [
+        ...Object.values(FIPS_SYMMETRIC_ALGORITHMS),
+        ...Object.values(FIPS_HASH_ALGORITHMS),
+    ],
+    minimumKeyLengths: { ...FIPS_MINIMUM_KEY_LENGTHS },
+    auditAllCryptoOperations: true,
+    alertOnViolations: true,
+};
+/**
+ * Crypto operation types for audit logging
+ */
+export const CryptoOperationType = {
+    ENCRYPT: 'encrypt',
+    DECRYPT: 'decrypt',
+    HASH: 'hash',
+    HMAC: 'hmac',
+    SIGN: 'sign',
+    VERIFY: 'verify',
+    KEY_DERIVE: 'key_derive',
+    RANDOM: 'random',
+    KEY_GENERATE: 'key_generate',
+};
+export const cryptoOperationSchema = z.object({
+    type: z.nativeEnum(CryptoOperationType),
+    algorithm: z.string().min(1),
+    keyLength: z.number().int().positive().optional(),
+    curve: z.string().optional(),
+    hashFunction: z.string().optional(),
+    context: z.record(z.unknown()).optional(),
+});
+export const fipsViolationSchema = z.object({
+    id: z.string().uuid(),
+    timestamp: z.coerce.date(),
+    type: z.enum(['algorithm', 'key_length', 'hash', 'tls', 'certificate']),
+    operation: cryptoOperationSchema,
+    reason: z.string(),
+    blocked: z.boolean(),
+    stackTrace: z.string().optional(),
+});
+export const fipsAuditEntrySchema = z.object({
+    id: z.string().uuid(),
+    timestamp: z.coerce.date(),
+    operationType: z.nativeEnum(CryptoOperationType),
+    algorithm: z.string(),
+    keyLength: z.number().int().positive().optional(),
+    success: z.boolean(),
+    fipsCompliant: z.boolean(),
+    durationMs: z.number().nonnegative(),
+    error: z.string().optional(),
+    requestId: z.string().optional(),
+    userId: z.string().optional(),
+    tenantId: z.string().optional(),
+});
+export const DEFAULT_CERT_VALIDATION_OPTIONS = {
+    minRSAKeySize: 2048,
+    minECDSACurve: 'P-256',
+    requireTLS12: true,
+    rejectWeakCipherSuites: true,
+};
+// =============================================================================
+// FIPS Error
+// =============================================================================
+/**
+ * Error codes for FIPS operations
+ */
+export const FIPSErrorCode = {
+    /** Non-FIPS algorithm attempted */
+    NON_FIPS_ALGORITHM: 'FIPS_NON_COMPLIANT_ALGORITHM',
+    /** Key length below minimum */
+    INSUFFICIENT_KEY_LENGTH: 'FIPS_INSUFFICIENT_KEY_LENGTH',
+    /** Non-FIPS hash function */
+    NON_FIPS_HASH: 'FIPS_NON_COMPLIANT_HASH',
+    /** Non-FIPS TLS version */
+    NON_FIPS_TLS: 'FIPS_NON_COMPLIANT_TLS',
+    /** Weak certificate */
+    WEAK_CERTIFICATE: 'FIPS_WEAK_CERTIFICATE',
+    /** Provider not initialized */
+    NOT_INITIALIZED: 'FIPS_NOT_INITIALIZED',
+    /** Operation failed */
+    OPERATION_FAILED: 'FIPS_OPERATION_FAILED',
+    /** Invalid configuration */
+    INVALID_CONFIG: 'FIPS_INVALID_CONFIG',
+};
+/**
+ * Custom error class for FIPS operations
+ */
+export class FIPSError extends Error {
+    code;
+    details;
+    constructor(message, code, details) {
+        super(message);
+        this.code = code;
+        this.details = details;
+        this.name = 'FIPSError';
+    }
+}
+// =============================================================================
+// Validation Functions
+// =============================================================================
+/**
+ * Validate if an algorithm is FIPS 140-2 compliant
+ *
+ * @param algorithm - The algorithm name to validate
+ * @returns true if the algorithm is FIPS compliant
+ */
+export function validateAlgorithm(algorithm) {
+    const normalizedAlgorithm = algorithm.toLowerCase().replace(/_/g, '-');
+    // Check if it's a known non-FIPS algorithm
+    if (NON_FIPS_ALGORITHMS.some(nonFips => normalizedAlgorithm.includes(nonFips.toLowerCase()))) {
+        return false;
+    }
+    // Check against approved algorithms
+    const approvedAlgorithms = [
+        ...Object.values(FIPS_SYMMETRIC_ALGORITHMS),
+        ...Object.values(FIPS_HASH_ALGORITHMS),
+        ...Object.values(FIPS_HMAC_ALGORITHMS),
+    ].map(a => a.toLowerCase());
+    // Direct match
+    if (approvedAlgorithms.includes(normalizedAlgorithm)) {
+        return true;
+    }
+    // Check for AES variants
+    if (normalizedAlgorithm.startsWith('aes-')) {
+        const match = normalizedAlgorithm.match(/aes-(\d+)/);
+        if (match) {
+            const keySize = parseInt(match[1], 10);
+            return keySize === 128 || keySize === 192 || keySize === 256;
+        }
+    }
+    // Check for SHA-2 variants
+    if (normalizedAlgorithm.startsWith('sha') && !normalizedAlgorithm.includes('sha1')) {
+        return ['sha256', 'sha384', 'sha512', 'sha-256', 'sha-384', 'sha-512'].includes(normalizedAlgorithm);
+    }
+    return false;
+}
+/**
+ * Validate if a key length meets FIPS 140-2 requirements
+ *
+ * @param algorithm - The algorithm type
+ * @param keyLength - The key length in bits
+ * @returns true if the key length is FIPS compliant
+ */
+export function validateKeyLength(algorithm, keyLength) {
+    const normalizedAlgorithm = algorithm.toLowerCase();
+    // AES key lengths
+    if (normalizedAlgorithm.includes('aes')) {
+        return keyLength >= 128 && [128, 192, 256].includes(keyLength);
+    }
+    // RSA key lengths
+    if (normalizedAlgorithm.includes('rsa')) {
+        return keyLength >= 2048;
+    }
+    // ECDSA key lengths (based on curve)
+    if (normalizedAlgorithm.includes('ec') || normalizedAlgorithm.includes('ecdsa')) {
+        return keyLength >= 256 && [256, 384, 521].includes(keyLength);
+    }
+    // HMAC key lengths
+    if (normalizedAlgorithm.includes('hmac')) {
+        return keyLength >= 128;
+    }
+    // Default minimum
+    return keyLength >= 128;
+}
+/**
+ * Validate if a hash function is FIPS 140-2 compliant
+ *
+ * @param hashFunction - The hash function name
+ * @returns true if the hash is FIPS compliant
+ */
+export function validateHash(hashFunction) {
+    const normalizedHash = hashFunction.toLowerCase().replace(/_/g, '-');
+    // Explicitly reject non-FIPS hashes
+    const nonFIPSHashes = ['md5', 'sha1', 'sha-1', 'md4', 'md2', 'ripemd'];
+    if (nonFIPSHashes.some(h => normalizedHash.includes(h))) {
+        return false;
+    }
+    // Check approved hashes
+    const approvedHashes = ['sha256', 'sha384', 'sha512', 'sha-256', 'sha-384', 'sha-512'];
+    return approvedHashes.includes(normalizedHash);
+}
+/**
+ * Validate if a complete crypto operation is FIPS 140-2 compliant
+ *
+ * @param operation - The crypto operation to validate
+ * @returns true if the operation is FIPS compliant
+ */
+export function isFIPSCompliant(operation) {
+    // Validate algorithm
+    if (!validateAlgorithm(operation.algorithm)) {
+        return false;
+    }
+    // Validate key length if provided
+    if (operation.keyLength !== undefined) {
+        if (!validateKeyLength(operation.algorithm, operation.keyLength)) {
+            return false;
+        }
+    }
+    // Validate hash function if provided
+    if (operation.hashFunction !== undefined) {
+        if (!validateHash(operation.hashFunction)) {
+            return false;
+        }
+    }
+    // Validate ECDSA curve if provided
+    if (operation.curve !== undefined) {
+        const approvedCurves = Object.values(FIPS_ECDSA_CURVES);
+        const curveNames = Object.keys(FIPS_ECDSA_CURVES);
+        if (!approvedCurves.includes(operation.curve) &&
+            !curveNames.includes(operation.curve)) {
+            return false;
+        }
+    }
+    return true;
+}
+/**
+ * Validate TLS version
+ *
+ * @param tlsVersion - The TLS version string
+ * @returns true if the TLS version is FIPS compliant
+ */
+export function validateTLSVersion(tlsVersion) {
+    const normalized = tlsVersion.replace(/\s+/g, '');
+    return FIPS_TLS_VERSIONS.includes(normalized);
+}
+/**
+ * Validate cipher suite
+ *
+ * @param cipherSuite - The cipher suite string
+ * @returns true if the cipher suite is FIPS compliant
+ */
+export function validateCipherSuite(cipherSuite) {
+    const weakCiphers = [
+        'RC4',
+        'DES',
+        '3DES',
+        'MD5',
+        'SHA1',
+        'NULL',
+        'EXPORT',
+        'anon',
+        'IDEA',
+    ];
+    const normalizedSuite = cipherSuite.toUpperCase();
+    return !weakCiphers.some(weak => normalizedSuite.includes(weak));
+}
+// =============================================================================
+// FIPS Crypto Provider
+// =============================================================================
+/**
+ * FIPS 140-2 Compliant Crypto Provider
+ *
+ * Provides cryptographic operations that enforce FIPS 140-2 compliance.
+ * All operations are validated and audited.
+ *
+ * @example
+ * ```typescript
+ * const provider = new FIPSCryptoProvider();
+ * await provider.initialize();
+ *
+ * // Encrypt data
+ * const encrypted = await provider.fipsEncrypt(
+ *   Buffer.from('sensitive data'),
+ *   key,
+ *   'aes-256-gcm'
+ * );
+ *
+ * // Hash data
+ * const hash = await provider.fipsHash(
+ *   Buffer.from('data'),
+ *   'sha256'
+ * );
+ * ```
+ */
+export class FIPSCryptoProvider {
+    config;
+    auditCallbacks = [];
+    violations = [];
+    initialized = false;
+    constructor(config = {}) {
+        this.config = { ...DEFAULT_FIPS_CONFIG, ...config };
+    }
+    /**
+     * Initialize the FIPS crypto provider
+     */
+    async initialize() {
+        if (this.initialized) {
+            logger.warn('FIPSCryptoProvider already initialized');
+            return;
+        }
+        logger.info({
+            enabled: this.config.enabled,
+            strictMode: this.config.strictMode,
+            auditEnabled: this.config.auditAllCryptoOperations,
+        }, 'Initializing FIPSCryptoProvider');
+        // Check if Node.js has FIPS mode available
+        if (this.config.enabled) {
+            try {
+                // Check for FIPS module availability
+                const fipsEnabled = crypto.getFips?.() ?? false;
+                if (!fipsEnabled) {
+                    logger.warn('Node.js FIPS mode is not enabled. Software-based FIPS validation will be used.');
+                }
+            }
+            catch {
+                logger.warn('Unable to check Node.js FIPS status');
+            }
+        }
+        this.initialized = true;
+        logger.info('FIPSCryptoProvider initialized');
+    }
+    /**
+     * Ensure the provider is initialized
+     */
+    ensureInitialized() {
+        if (!this.initialized) {
+            throw new FIPSError('FIPSCryptoProvider not initialized. Call initialize() first.', FIPSErrorCode.NOT_INITIALIZED);
+        }
+    }
+    /**
+     * Get current configuration
+     */
+    getConfig() {
+        return { ...this.config };
+    }
+    /**
+     * Check if FIPS mode is enabled
+     */
+    isFIPSModeEnabled() {
+        return this.config.enabled;
+    }
+    /**
+     * Register an audit callback
+     */
+    onAudit(callback) {
+        this.auditCallbacks.push(callback);
+    }
+    /**
+     * Get recorded violations
+     */
+    getViolations() {
+        return [...this.violations];
+    }
+    /**
+     * Clear recorded violations
+     */
+    clearViolations() {
+        this.violations.length = 0;
+    }
+    /**
+     * Emit audit event
+     */
+    async emitAudit(entry) {
+        if (!this.config.auditAllCryptoOperations)
+            return;
+        for (const callback of this.auditCallbacks) {
+            try {
+                await callback(entry);
+            }
+            catch (error) {
+                logger.error({ error, entryId: entry.id }, 'FIPS audit callback failed');
+            }
+        }
+    }
+    /**
+     * Record a FIPS violation
+     */
+    async recordViolation(type, operation, reason, blocked) {
+        const violation = {
+            id: randomUUID(),
+            timestamp: new Date(),
+            type,
+            operation,
+            reason,
+            blocked,
+            stackTrace: new Error().stack,
+        };
+        this.violations.push(violation);
+        logger.warn({
+            violationId: violation.id,
+            type,
+            algorithm: operation.algorithm,
+            reason,
+            blocked,
+        }, 'FIPS violation detected');
+        if (this.config.alertOnViolations && this.config.alertCallback) {
+            try {
+                await this.config.alertCallback(violation);
+            }
+            catch (error) {
+                logger.error({ error, violationId: violation.id }, 'FIPS alert callback failed');
+            }
+        }
+    }
+    /**
+     * Validate and potentially block a crypto operation
+     */
+    async validateOperation(operation) {
+        if (!this.config.enabled) {
+            return; // FIPS mode disabled, allow all operations
+        }
+        const compliant = isFIPSCompliant(operation);
+        if (!compliant) {
+            let violationType = 'algorithm';
+            let reason = `Non-FIPS algorithm: ${operation.algorithm}`;
+            if (!validateAlgorithm(operation.algorithm)) {
+                violationType = 'algorithm';
+                reason = `Non-FIPS algorithm: ${operation.algorithm}`;
+            }
+            else if (operation.keyLength !== undefined &&
+                !validateKeyLength(operation.algorithm, operation.keyLength)) {
+                violationType = 'key_length';
+                reason = `Insufficient key length ${operation.keyLength} bits for ${operation.algorithm}`;
+            }
+            else if (operation.hashFunction !== undefined &&
+                !validateHash(operation.hashFunction)) {
+                violationType = 'hash';
+                reason = `Non-FIPS hash function: ${operation.hashFunction}`;
+            }
+            await this.recordViolation(violationType, operation, reason, this.config.strictMode);
+            if (this.config.strictMode) {
+                throw new FIPSError(`FIPS violation: ${reason}`, violationType === 'algorithm'
+                    ? FIPSErrorCode.NON_FIPS_ALGORITHM
+                    : violationType === 'key_length'
+                        ? FIPSErrorCode.INSUFFICIENT_KEY_LENGTH
+                        : FIPSErrorCode.NON_FIPS_HASH, { operation });
+            }
+        }
+    }
+    /**
+     * Create audit entry helper
+     */
+    createAuditEntry(operationType, algorithm, keyLength, success, fipsCompliant, durationMs, error) {
+        return {
+            id: randomUUID(),
+            timestamp: new Date(),
+            operationType,
+            algorithm,
+            keyLength,
+            success,
+            fipsCompliant,
+            durationMs,
+            error,
+        };
+    }
+    // ===========================================================================
+    // FIPS-Compliant Crypto Operations
+    // ===========================================================================
+    /**
+     * FIPS-compliant encryption
+     *
+     * Only allows FIPS 140-2 approved algorithms (AES-128, AES-256 in GCM, CBC, CTR modes)
+     *
+     * @param data - Data to encrypt
+     * @param key - Encryption key
+     * @param algorithm - FIPS-approved algorithm (default: aes-256-gcm)
+     * @returns Encrypted data with IV and auth tag
+     */
+    async fipsEncrypt(data, key, algorithm = 'aes-256-gcm') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const keyLengthBits = key.length * 8;
+        const operation = {
+            type: CryptoOperationType.ENCRYPT,
+            algorithm,
+            keyLength: keyLengthBits,
+        };
+        try {
+            await this.validateOperation(operation);
+            const isGCM = algorithm.includes('gcm');
+            const isCTR = algorithm.includes('ctr');
+            const ivLength = isGCM || isCTR ? 12 : 16;
+            const iv = crypto.randomBytes(ivLength);
+            let ciphertext;
+            let authTag;
+            if (isGCM) {
+                const cipherOptions = { authTagLength: 16 };
+                const cipher = crypto.createCipheriv(algorithm, key, iv, cipherOptions);
+                ciphertext = Buffer.concat([cipher.update(data), cipher.final()]);
+                authTag = cipher.getAuthTag();
+            }
+            else {
+                const cipher = crypto.createCipheriv(algorithm, key, iv);
+                ciphertext = Buffer.concat([cipher.update(data), cipher.final()]);
+            }
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.ENCRYPT, algorithm, keyLengthBits, true, true, durationMs));
+            return { ciphertext, iv, authTag };
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.ENCRYPT, algorithm, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS encryption failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant decryption
+     *
+     * Only allows FIPS 140-2 approved algorithms
+     *
+     * @param ciphertext - Encrypted data
+     * @param key - Decryption key
+     * @param iv - Initialization vector
+     * @param algorithm - FIPS-approved algorithm (default: aes-256-gcm)
+     * @param authTag - Authentication tag (required for GCM mode)
+     * @returns Decrypted data
+     */
+    async fipsDecrypt(ciphertext, key, iv, algorithm = 'aes-256-gcm', authTag) {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const keyLengthBits = key.length * 8;
+        const operation = {
+            type: CryptoOperationType.DECRYPT,
+            algorithm,
+            keyLength: keyLengthBits,
+        };
+        try {
+            await this.validateOperation(operation);
+            const isGCM = algorithm.includes('gcm');
+            let plaintext;
+            if (isGCM) {
+                if (!authTag) {
+                    throw new FIPSError('Authentication tag required for GCM mode', FIPSErrorCode.OPERATION_FAILED, { algorithm });
+                }
+                const decipherOptions = { authTagLength: 16 };
+                const decipher = crypto.createDecipheriv(algorithm, key, iv, decipherOptions);
+                decipher.setAuthTag(authTag);
+                plaintext = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+            }
+            else {
+                const decipher = crypto.createDecipheriv(algorithm, key, iv);
+                plaintext = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
+            }
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.DECRYPT, algorithm, keyLengthBits, true, true, durationMs));
+            return plaintext;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.DECRYPT, algorithm, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS decryption failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant hashing
+     *
+     * Only allows SHA-2 family (SHA-256, SHA-384, SHA-512)
+     *
+     * @param data - Data to hash
+     * @param algorithm - FIPS-approved hash algorithm (default: sha256)
+     * @returns Hash digest
+     */
+    async fipsHash(data, algorithm = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const operation = {
+            type: CryptoOperationType.HASH,
+            algorithm,
+        };
+        try {
+            await this.validateOperation(operation);
+            const hash = crypto.createHash(algorithm);
+            hash.update(data);
+            const digest = hash.digest();
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.HASH, algorithm, undefined, true, true, durationMs));
+            return digest;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.HASH, algorithm, undefined, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS hash failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant HMAC
+     *
+     * Only allows HMAC-SHA256, HMAC-SHA384, HMAC-SHA512
+     *
+     * @param data - Data to authenticate
+     * @param key - HMAC key
+     * @param algorithm - Hash algorithm for HMAC (default: sha256)
+     * @returns HMAC digest
+     */
+    async fipsHmac(data, key, algorithm = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const keyLengthBits = key.length * 8;
+        const operation = {
+            type: CryptoOperationType.HMAC,
+            algorithm: `hmac-${algorithm}`,
+            keyLength: keyLengthBits,
+            hashFunction: algorithm,
+        };
+        try {
+            await this.validateOperation(operation);
+            const hmac = crypto.createHmac(algorithm, key);
+            hmac.update(data);
+            const digest = hmac.digest();
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.HMAC, `hmac-${algorithm}`, keyLengthBits, true, true, durationMs));
+            return digest;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.HMAC, `hmac-${algorithm}`, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS HMAC failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant digital signature
+     *
+     * Only allows RSA (2048+ bits) and ECDSA (P-256, P-384, P-521)
+     *
+     * @param data - Data to sign
+     * @param privateKey - Private key for signing
+     * @param algorithm - Signing algorithm (default: sha256)
+     * @returns Digital signature
+     */
+    async fipsSign(data, privateKey, algorithm = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        // Determine key type and length
+        let keyType = 'rsa';
+        let keyLengthBits;
+        let curve;
+        if (typeof privateKey !== 'string') {
+            const keyDetails = privateKey.asymmetricKeyDetails;
+            if (keyDetails) {
+                if ('modulusLength' in keyDetails) {
+                    keyType = 'rsa';
+                    keyLengthBits = keyDetails.modulusLength;
+                }
+                else if ('namedCurve' in keyDetails) {
+                    keyType = 'ec';
+                    curve = keyDetails.namedCurve;
+                    // Map curve to key length
+                    if (curve === 'prime256v1' || curve === 'P-256')
+                        keyLengthBits = 256;
+                    else if (curve === 'secp384r1' || curve === 'P-384')
+                        keyLengthBits = 384;
+                    else if (curve === 'secp521r1' || curve === 'P-521')
+                        keyLengthBits = 521;
+                }
+            }
+        }
+        const operation = {
+            type: CryptoOperationType.SIGN,
+            algorithm: `${keyType}-${algorithm}`,
+            keyLength: keyLengthBits,
+            hashFunction: algorithm,
+            curve,
+        };
+        try {
+            await this.validateOperation(operation);
+            const sign = crypto.createSign(algorithm);
+            sign.update(data);
+            const signature = sign.sign(privateKey);
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.SIGN, `${keyType}-${algorithm}`, keyLengthBits, true, true, durationMs));
+            return signature;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.SIGN, `${keyType}-${algorithm}`, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS sign failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant signature verification
+     *
+     * @param data - Data that was signed
+     * @param signature - Signature to verify
+     * @param publicKey - Public key for verification
+     * @param algorithm - Hash algorithm used for signing (default: sha256)
+     * @returns true if signature is valid
+     */
+    async fipsVerify(data, signature, publicKey, algorithm = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        let keyType = 'rsa';
+        let keyLengthBits;
+        if (typeof publicKey !== 'string') {
+            const keyDetails = publicKey.asymmetricKeyDetails;
+            if (keyDetails) {
+                if ('modulusLength' in keyDetails) {
+                    keyType = 'rsa';
+                    keyLengthBits = keyDetails.modulusLength;
+                }
+                else if ('namedCurve' in keyDetails) {
+                    keyType = 'ec';
+                }
+            }
+        }
+        const operation = {
+            type: CryptoOperationType.VERIFY,
+            algorithm: `${keyType}-${algorithm}`,
+            keyLength: keyLengthBits,
+            hashFunction: algorithm,
+        };
+        try {
+            await this.validateOperation(operation);
+            const verify = crypto.createVerify(algorithm);
+            verify.update(data);
+            const isValid = verify.verify(publicKey, signature);
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.VERIFY, `${keyType}-${algorithm}`, keyLengthBits, true, true, durationMs));
+            return isValid;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.VERIFY, `${keyType}-${algorithm}`, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS verify failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { algorithm });
+        }
+    }
+    /**
+     * FIPS-compliant random bytes generation
+     *
+     * Uses DRBG (Deterministic Random Bit Generator) compliant with SP 800-90A
+     *
+     * @param length - Number of bytes to generate
+     * @returns Random bytes
+     */
+    async fipsRandomBytes(length) {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const operation = {
+            type: CryptoOperationType.RANDOM,
+            algorithm: 'drbg',
+            context: { length },
+        };
+        try {
+            // Node.js uses OpenSSL's DRBG which is FIPS compliant
+            const bytes = crypto.randomBytes(length);
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.RANDOM, 'drbg', undefined, true, true, durationMs));
+            return bytes;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.RANDOM, 'drbg', undefined, false, true, durationMs, errorMessage));
+            throw new FIPSError(`FIPS random generation failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED);
+        }
+    }
+    /**
+     * FIPS-compliant key derivation using PBKDF2
+     *
+     * @param password - Password to derive key from
+     * @param salt - Salt value
+     * @param iterations - Number of iterations (minimum 1000)
+     * @param keyLength - Desired key length in bytes
+     * @param digest - Hash algorithm (default: sha256)
+     * @returns Derived key
+     */
+    async fipsPBKDF2(password, salt, iterations, keyLength, digest = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const operation = {
+            type: CryptoOperationType.KEY_DERIVE,
+            algorithm: 'pbkdf2',
+            keyLength: keyLength * 8,
+            hashFunction: digest,
+        };
+        try {
+            await this.validateOperation(operation);
+            // NIST SP 800-132 recommends at least 1000 iterations
+            if (iterations < 1000) {
+                throw new FIPSError('PBKDF2 iterations must be at least 1000 for FIPS compliance', FIPSErrorCode.INVALID_CONFIG, { iterations });
+            }
+            const derivedKey = await new Promise((resolve, reject) => {
+                crypto.pbkdf2(password, salt, iterations, keyLength, digest, (err, key) => {
+                    if (err)
+                        reject(err);
+                    else
+                        resolve(key);
+                });
+            });
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_DERIVE, 'pbkdf2', keyLength * 8, true, true, durationMs));
+            return derivedKey;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_DERIVE, 'pbkdf2', keyLength * 8, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS PBKDF2 failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { digest });
+        }
+    }
+    /**
+     * FIPS-compliant key derivation using HKDF
+     *
+     * @param ikm - Input keying material
+     * @param salt - Salt value
+     * @param info - Context and application specific information
+     * @param keyLength - Desired key length in bytes
+     * @param digest - Hash algorithm (default: sha256)
+     * @returns Derived key
+     */
+    async fipsHKDF(ikm, salt, info, keyLength, digest = 'sha256') {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        const operation = {
+            type: CryptoOperationType.KEY_DERIVE,
+            algorithm: 'hkdf',
+            keyLength: keyLength * 8,
+            hashFunction: digest,
+        };
+        try {
+            await this.validateOperation(operation);
+            const derivedKey = await new Promise((resolve, reject) => {
+                crypto.hkdf(digest, ikm, salt, info, keyLength, (err, key) => {
+                    if (err)
+                        reject(err);
+                    else
+                        resolve(Buffer.from(key));
+                });
+            });
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_DERIVE, 'hkdf', keyLength * 8, true, true, durationMs));
+            return derivedKey;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_DERIVE, 'hkdf', keyLength * 8, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS HKDF failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { digest });
+        }
+    }
+    /**
+     * Generate FIPS-compliant key pair
+     *
+     * @param type - Key type ('rsa' or 'ec')
+     * @param options - Key generation options
+     * @returns Key pair
+     */
+    async fipsGenerateKeyPair(type, options = {}) {
+        this.ensureInitialized();
+        const startTime = performance.now();
+        let keyLengthBits;
+        let curve;
+        if (type === 'rsa') {
+            keyLengthBits = options.modulusLength ?? 2048;
+            if (keyLengthBits < 2048) {
+                throw new FIPSError(`RSA key length must be at least 2048 bits for FIPS compliance`, FIPSErrorCode.INSUFFICIENT_KEY_LENGTH, { keyLength: keyLengthBits });
+            }
+        }
+        else {
+            curve = options.namedCurve ?? 'prime256v1';
+            const validCurves = Object.values(FIPS_ECDSA_CURVES);
+            const curveNames = Object.keys(FIPS_ECDSA_CURVES);
+            if (!validCurves.includes(curve) && !curveNames.includes(curve)) {
+                throw new FIPSError(`ECDSA curve must be P-256, P-384, or P-521 for FIPS compliance`, FIPSErrorCode.NON_FIPS_ALGORITHM, { curve });
+            }
+            // Map curve to key length
+            if (curve === 'prime256v1' || curve === 'P-256')
+                keyLengthBits = 256;
+            else if (curve === 'secp384r1' || curve === 'P-384')
+                keyLengthBits = 384;
+            else if (curve === 'secp521r1' || curve === 'P-521')
+                keyLengthBits = 521;
+        }
+        const operation = {
+            type: CryptoOperationType.KEY_GENERATE,
+            algorithm: type,
+            keyLength: keyLengthBits,
+            curve,
+        };
+        try {
+            await this.validateOperation(operation);
+            const keyPair = await new Promise((resolve, reject) => {
+                if (type === 'rsa') {
+                    crypto.generateKeyPair('rsa', {
+                        modulusLength: keyLengthBits,
+                        publicExponent: 65537,
+                    }, (err, publicKey, privateKey) => {
+                        if (err)
+                            reject(err);
+                        else
+                            resolve({ publicKey, privateKey });
+                    });
+                }
+                else {
+                    crypto.generateKeyPair('ec', {
+                        namedCurve: curve,
+                    }, (err, publicKey, privateKey) => {
+                        if (err)
+                            reject(err);
+                        else
+                            resolve({ publicKey, privateKey });
+                    });
+                }
+            });
+            const durationMs = performance.now() - startTime;
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_GENERATE, type, keyLengthBits, true, true, durationMs));
+            return keyPair;
+        }
+        catch (error) {
+            const durationMs = performance.now() - startTime;
+            const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+            await this.emitAudit(this.createAuditEntry(CryptoOperationType.KEY_GENERATE, type, keyLengthBits, false, isFIPSCompliant(operation), durationMs, errorMessage));
+            if (error instanceof FIPSError) {
+                throw error;
+            }
+            throw new FIPSError(`FIPS key generation failed: ${errorMessage}`, FIPSErrorCode.OPERATION_FAILED, { type, options });
+        }
+    }
+    // ===========================================================================
+    // Certificate Validation
+    // ===========================================================================
+    /**
+     * Validate certificate for FIPS compliance
+     *
+     * @param cert - X.509 certificate (PEM format or X509Certificate object)
+     * @param options - Validation options
+     * @returns Validation result
+     */
+    validateCertificate(cert, options = DEFAULT_CERT_VALIDATION_OPTIONS) {
+        const errors = [];
+        const warnings = [];
+        try {
+            const x509 = typeof cert === 'string' ? new crypto.X509Certificate(cert) : cert;
+            // Get public key details
+            const publicKey = x509.publicKey;
+            const keyDetails = publicKey.asymmetricKeyDetails;
+            if (keyDetails) {
+                // Check RSA key size
+                if ('modulusLength' in keyDetails) {
+                    const keySize = keyDetails.modulusLength;
+                    if (keySize !== undefined && keySize < options.minRSAKeySize) {
+                        errors.push(`RSA key size ${keySize} bits is below minimum ${options.minRSAKeySize} bits`);
+                    }
+                }
+                // Check ECDSA curve
+                if ('namedCurve' in keyDetails) {
+                    const curve = keyDetails.namedCurve;
+                    const curveStrengths = {
+                        'prime256v1': 256,
+                        'P-256': 256,
+                        'secp384r1': 384,
+                        'P-384': 384,
+                        'secp521r1': 521,
+                        'P-521': 521,
+                    };
+                    const minCurveStrengths = {
+                        'P-256': 256,
+                        'P-384': 384,
+                        'P-521': 521,
+                    };
+                    const curveStrength = curveStrengths[curve ?? ''] ?? 0;
+                    const minStrength = minCurveStrengths[options.minECDSACurve] ?? 256;
+                    if (curveStrength < minStrength) {
+                        errors.push(`ECDSA curve ${curve} is weaker than minimum ${options.minECDSACurve}`);
+                    }
+                    // Check for non-FIPS curves
+                    if (!curveStrengths[curve ?? '']) {
+                        errors.push(`ECDSA curve ${curve} is not FIPS approved`);
+                    }
+                }
+            }
+            // Check signature algorithm
+            // Note: X509Certificate doesn't expose signatureAlgorithm directly,
+            // we check the raw certificate string or fingerprint algorithm
+            const certString = x509.toString();
+            if (certString.includes('sha1WithRSAEncryption') ||
+                certString.includes('SHA1') ||
+                certString.includes('sha1')) {
+                errors.push('Certificate uses SHA-1 signature algorithm which is not FIPS approved');
+            }
+            if (certString.includes('md5WithRSAEncryption') ||
+                certString.includes('MD5') ||
+                certString.includes('md5')) {
+                errors.push('Certificate uses MD5 signature algorithm which is not FIPS approved');
+            }
+            // Check validity dates
+            const now = new Date();
+            const notBefore = new Date(x509.validFrom);
+            const notAfter = new Date(x509.validTo);
+            if (now < notBefore) {
+                errors.push('Certificate is not yet valid');
+            }
+            if (now > notAfter) {
+                errors.push('Certificate has expired');
+            }
+            // Check for short validity period (warning only)
+            const validityDays = (notAfter.getTime() - notBefore.getTime()) / (1000 * 60 * 60 * 24);
+            if (validityDays > 825) {
+                // Apple/browser requirements
+                warnings.push(`Certificate validity period (${Math.floor(validityDays)} days) exceeds recommended maximum of 825 days`);
+            }
+        }
+        catch (error) {
+            errors.push(`Certificate parsing failed: ${error instanceof Error ? error.message : 'Unknown error'}`);
+        }
+        return {
+            valid: errors.length === 0,
+            errors,
+            warnings,
+        };
+    }
+    /**
+     * Shutdown the provider
+     */
+    async shutdown() {
+        logger.info('Shutting down FIPSCryptoProvider');
+        this.initialized = false;
+        this.violations.length = 0;
+        logger.info('FIPSCryptoProvider shutdown complete');
+    }
+}
+// =============================================================================
+// Global FIPS Mode
+// =============================================================================
+let globalFIPSMode = process.env['VORION_FIPS_MODE'] === 'true';
+let defaultProvider = null;
+/**
+ * Enable global FIPS mode
+ */
+export function enableFIPSMode() {
+    globalFIPSMode = true;
+    logger.info('Global FIPS mode enabled');
+}
+/**
+ * Disable global FIPS mode
+ */
+export function disableFIPSMode() {
+    globalFIPSMode = false;
+    logger.info('Global FIPS mode disabled');
+}
+/**
+ * Check if global FIPS mode is enabled
+ */
+export function isFIPSModeEnabled() {
+    return globalFIPSMode;
+}
+/**
+ * Get the default FIPS crypto provider
+ */
+export function getFIPSCryptoProvider() {
+    if (!defaultProvider) {
+        defaultProvider = new FIPSCryptoProvider({
+            enabled: globalFIPSMode,
+        });
+    }
+    return defaultProvider;
+}
+/**
+ * Set a custom FIPS crypto provider as the default
+ */
+export function setFIPSCryptoProvider(provider) {
+    defaultProvider = provider;
+}
+/**
+ * Reset the default FIPS crypto provider (for testing)
+ */
+export async function resetFIPSCryptoProvider() {
+    if (defaultProvider) {
+        await defaultProvider.shutdown();
+        defaultProvider = null;
+    }
+}
+// =============================================================================
+// Convenience Functions
+// =============================================================================
+/**
+ * FIPS-compliant encrypt using default provider
+ */
+export async function fipsEncrypt(data, key, algorithm = 'aes-256-gcm') {
+    const provider = getFIPSCryptoProvider();
+    if (!provider['initialized']) {
+        await provider.initialize();
+    }
+    return provider.fipsEncrypt(data, key, algorithm);
+}
+/**
+ * FIPS-compliant decrypt using default provider
+ */
+export async function fipsDecrypt(ciphertext, key, iv, algorithm = 'aes-256-gcm', authTag) {
+    const provider = getFIPSCryptoProvider();
+    if (!provider['initialized']) {
+        await provider.initialize();
+    }
+    return provider.fipsDecrypt(ciphertext, key, iv, algorithm, authTag);
+}
+/**
+ * FIPS-compliant hash using default provider
+ */
+export async function fipsHash(data, algorithm = 'sha256') {
+    const provider = getFIPSCryptoProvider();
+    if (!provider['initialized']) {
+        await provider.initialize();
+    }
+    return provider.fipsHash(data, algorithm);
+}
+/**
+ * FIPS-compliant sign using default provider
+ */
+export async function fipsSign(data, privateKey, algorithm = 'sha256') {
+    const provider = getFIPSCryptoProvider();
+    if (!provider['initialized']) {
+        await provider.initialize();
+    }
+    return provider.fipsSign(data, privateKey, algorithm);
+}
+/**
+ * FIPS-compliant random bytes using default provider
+ */
+export async function fipsRandomBytes(length) {
+    const provider = getFIPSCryptoProvider();
+    if (!provider['initialized']) {
+        await provider.initialize();
+    }
+    return provider.fipsRandomBytes(length);
+}
+// =============================================================================
+// Factory Functions
+// =============================================================================
+/**
+ * Create a new FIPSCryptoProvider instance
+ */
+export function createFIPSCryptoProvider(config) {
+    return new FIPSCryptoProvider(config);
+}
+/**
+ * Create FIPSCryptoProvider from environment variables
+ */
+export function createFIPSCryptoProviderFromEnv() {
+    return new FIPSCryptoProvider({
+        enabled: process.env['VORION_FIPS_MODE'] === 'true',
+        strictMode: process.env['VORION_FIPS_STRICT'] !== 'false',
+        auditAllCryptoOperations: process.env['VORION_FIPS_AUDIT'] !== 'false',
+        alertOnViolations: process.env['VORION_FIPS_ALERT'] !== 'false',
+    });
+}
+//# sourceMappingURL=fips-mode.js.map