life-as-api 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +377 -0
- package/dist/agent/finance-agent.d.ts +44 -0
- package/dist/agent/finance-agent.js +75 -0
- package/dist/agent/finance-agent.js.map +1 -0
- package/dist/agent/legal-agent.d.ts +44 -0
- package/dist/agent/legal-agent.js +76 -0
- package/dist/agent/legal-agent.js.map +1 -0
- package/dist/agent/medical-agent.d.ts +44 -0
- package/dist/agent/medical-agent.js +75 -0
- package/dist/agent/medical-agent.js.map +1 -0
- package/dist/agent/trusted-agent-registry.d.ts +53 -0
- package/dist/agent/trusted-agent-registry.js +57 -0
- package/dist/agent/trusted-agent-registry.js.map +1 -0
- package/dist/audit/audit-chain-verifier.d.ts +10 -0
- package/dist/audit/audit-chain-verifier.js +67 -0
- package/dist/audit/audit-chain-verifier.js.map +1 -0
- package/dist/audit/audit-log.d.ts +48 -0
- package/dist/audit/audit-log.js +74 -0
- package/dist/audit/audit-log.js.map +1 -0
- package/dist/audit/sqlite-audit-log.d.ts +29 -0
- package/dist/audit/sqlite-audit-log.js +142 -0
- package/dist/audit/sqlite-audit-log.js.map +1 -0
- package/dist/auth/access-context-issuer.d.ts +18 -0
- package/dist/auth/access-context-issuer.js +88 -0
- package/dist/auth/access-context-issuer.js.map +1 -0
- package/dist/auth/assert-authorized-for-subject.d.ts +2 -0
- package/dist/auth/assert-authorized-for-subject.js +20 -0
- package/dist/auth/assert-authorized-for-subject.js.map +1 -0
- package/dist/auth/backend-context-minting-boundary.d.ts +23 -0
- package/dist/auth/backend-context-minting-boundary.js +281 -0
- package/dist/auth/backend-context-minting-boundary.js.map +1 -0
- package/dist/auth/default-authorization-policy.d.ts +7 -0
- package/dist/auth/default-authorization-policy.js +64 -0
- package/dist/auth/default-authorization-policy.js.map +1 -0
- package/dist/auth/fake-auth-adapter.d.ts +7 -0
- package/dist/auth/fake-auth-adapter.js +27 -0
- package/dist/auth/fake-auth-adapter.js.map +1 -0
- package/dist/auth/http-client.d.ts +12 -0
- package/dist/auth/http-client.js +7 -0
- package/dist/auth/http-client.js.map +1 -0
- package/dist/auth/in-memory-grant-resolver.d.ts +21 -0
- package/dist/auth/in-memory-grant-resolver.js +73 -0
- package/dist/auth/in-memory-grant-resolver.js.map +1 -0
- package/dist/auth/in-memory-tenant-boundary.d.ts +16 -0
- package/dist/auth/in-memory-tenant-boundary.js +37 -0
- package/dist/auth/in-memory-tenant-boundary.js.map +1 -0
- package/dist/auth/jwks-key-ring-auth-adapter.d.ts +38 -0
- package/dist/auth/jwks-key-ring-auth-adapter.js +123 -0
- package/dist/auth/jwks-key-ring-auth-adapter.js.map +1 -0
- package/dist/auth/jwks-key-ring.d.ts +25 -0
- package/dist/auth/jwks-key-ring.js +111 -0
- package/dist/auth/jwks-key-ring.js.map +1 -0
- package/dist/auth/jwt-auth-adapter.d.ts +15 -0
- package/dist/auth/jwt-auth-adapter.js +59 -0
- package/dist/auth/jwt-auth-adapter.js.map +1 -0
- package/dist/auth/jwt-core.d.ts +32 -0
- package/dist/auth/jwt-core.js +226 -0
- package/dist/auth/jwt-core.js.map +1 -0
- package/dist/auth/jwt-key-ring-auth-adapter.d.ts +16 -0
- package/dist/auth/jwt-key-ring-auth-adapter.js +58 -0
- package/dist/auth/jwt-key-ring-auth-adapter.js.map +1 -0
- package/dist/auth/oidc-discovery.d.ts +15 -0
- package/dist/auth/oidc-discovery.js +46 -0
- package/dist/auth/oidc-discovery.js.map +1 -0
- package/dist/auth/production-scoped-life-api.d.ts +58 -0
- package/dist/auth/production-scoped-life-api.js +802 -0
- package/dist/auth/production-scoped-life-api.js.map +1 -0
- package/dist/auth/proposal-scope-inspector.d.ts +3 -0
- package/dist/auth/proposal-scope-inspector.js +42 -0
- package/dist/auth/proposal-scope-inspector.js.map +1 -0
- package/dist/auth/proposal-scoped-life-api.d.ts +21 -0
- package/dist/auth/proposal-scoped-life-api.js +168 -0
- package/dist/auth/proposal-scoped-life-api.js.map +1 -0
- package/dist/auth/rate-limited-context-minting-boundary.d.ts +27 -0
- package/dist/auth/rate-limited-context-minting-boundary.js +77 -0
- package/dist/auth/rate-limited-context-minting-boundary.js.map +1 -0
- package/dist/auth/revocation-aware-auth-adapter.d.ts +21 -0
- package/dist/auth/revocation-aware-auth-adapter.js +88 -0
- package/dist/auth/revocation-aware-auth-adapter.js.map +1 -0
- package/dist/auth/sqlite-grant-resolver.d.ts +8 -0
- package/dist/auth/sqlite-grant-resolver.js +78 -0
- package/dist/auth/sqlite-grant-resolver.js.map +1 -0
- package/dist/auth/sqlite-tenant-boundary.d.ts +7 -0
- package/dist/auth/sqlite-tenant-boundary.js +41 -0
- package/dist/auth/sqlite-tenant-boundary.js.map +1 -0
- package/dist/auth/static-jwt-key-ring.d.ts +13 -0
- package/dist/auth/static-jwt-key-ring.js +73 -0
- package/dist/auth/static-jwt-key-ring.js.map +1 -0
- package/dist/auth/subject-scoped-life-api.d.ts +14 -0
- package/dist/auth/subject-scoped-life-api.js +51 -0
- package/dist/auth/subject-scoped-life-api.js.map +1 -0
- package/dist/auth/test-context-minting-boundary.d.ts +13 -0
- package/dist/auth/test-context-minting-boundary.js +74 -0
- package/dist/auth/test-context-minting-boundary.js.map +1 -0
- package/dist/auth/types.d.ts +77 -0
- package/dist/auth/types.js +16 -0
- package/dist/auth/types.js.map +1 -0
- package/dist/compliance/subject-data-report.d.ts +43 -0
- package/dist/compliance/subject-data-report.js +155 -0
- package/dist/compliance/subject-data-report.js.map +1 -0
- package/dist/consent/consent-guard.d.ts +4 -0
- package/dist/consent/consent-guard.js +37 -0
- package/dist/consent/consent-guard.js.map +1 -0
- package/dist/consent/grant-registry.d.ts +7 -0
- package/dist/consent/grant-registry.js +13 -0
- package/dist/consent/grant-registry.js.map +1 -0
- package/dist/consent/intersect-selector.d.ts +3 -0
- package/dist/consent/intersect-selector.js +66 -0
- package/dist/consent/intersect-selector.js.map +1 -0
- package/dist/contract/diagnostics.d.ts +32 -0
- package/dist/contract/diagnostics.js +112 -0
- package/dist/contract/diagnostics.js.map +1 -0
- package/dist/contract/project-contracts.d.ts +5 -0
- package/dist/contract/project-contracts.js +159 -0
- package/dist/contract/project-contracts.js.map +1 -0
- package/dist/contract/types.d.ts +32 -0
- package/dist/contract/types.js +5 -0
- package/dist/contract/types.js.map +1 -0
- package/dist/crypto/aes-gcm.d.ts +11 -0
- package/dist/crypto/aes-gcm.js +78 -0
- package/dist/crypto/aes-gcm.js.map +1 -0
- package/dist/crypto/claim-serializer.d.ts +26 -0
- package/dist/crypto/claim-serializer.js +59 -0
- package/dist/crypto/claim-serializer.js.map +1 -0
- package/dist/crypto/sha256.d.ts +12 -0
- package/dist/crypto/sha256.js +40 -0
- package/dist/crypto/sha256.js.map +1 -0
- package/dist/crypto/static-key.d.ts +11 -0
- package/dist/crypto/static-key.js +60 -0
- package/dist/crypto/static-key.js.map +1 -0
- package/dist/crypto/types.d.ts +20 -0
- package/dist/crypto/types.js +8 -0
- package/dist/crypto/types.js.map +1 -0
- package/dist/datasource/trusted-data-source-registry.d.ts +51 -0
- package/dist/datasource/trusted-data-source-registry.js +57 -0
- package/dist/datasource/trusted-data-source-registry.js.map +1 -0
- package/dist/erasure/tombstone.d.ts +13 -0
- package/dist/erasure/tombstone.js +20 -0
- package/dist/erasure/tombstone.js.map +1 -0
- package/dist/evidence/evidence-backed-claim-creator.d.ts +48 -0
- package/dist/evidence/evidence-backed-claim-creator.js +107 -0
- package/dist/evidence/evidence-backed-claim-creator.js.map +1 -0
- package/dist/evidence/in-memory-raw-document-store.d.ts +26 -0
- package/dist/evidence/in-memory-raw-document-store.js +84 -0
- package/dist/evidence/in-memory-raw-document-store.js.map +1 -0
- package/dist/evidence/raw-document-store.d.ts +12 -0
- package/dist/evidence/raw-document-store.js +8 -0
- package/dist/evidence/raw-document-store.js.map +1 -0
- package/dist/evidence/source-evidence-validator.d.ts +4 -0
- package/dist/evidence/source-evidence-validator.js +14 -0
- package/dist/evidence/source-evidence-validator.js.map +1 -0
- package/dist/evidence/sqlite-raw-document-store.d.ts +19 -0
- package/dist/evidence/sqlite-raw-document-store.js +122 -0
- package/dist/evidence/sqlite-raw-document-store.js.map +1 -0
- package/dist/guardian/guardian-registry.d.ts +96 -0
- package/dist/guardian/guardian-registry.js +95 -0
- package/dist/guardian/guardian-registry.js.map +1 -0
- package/dist/index.d.ts +44 -0
- package/dist/index.js +72 -0
- package/dist/index.js.map +1 -0
- package/dist/observability/health.d.ts +12 -0
- package/dist/observability/health.js +16 -0
- package/dist/observability/health.js.map +1 -0
- package/dist/observability/logger.d.ts +21 -0
- package/dist/observability/logger.js +40 -0
- package/dist/observability/logger.js.map +1 -0
- package/dist/observability/metrics.d.ts +15 -0
- package/dist/observability/metrics.js +52 -0
- package/dist/observability/metrics.js.map +1 -0
- package/dist/persistence/backup.d.ts +24 -0
- package/dist/persistence/backup.js +251 -0
- package/dist/persistence/backup.js.map +1 -0
- package/dist/persistence/decryptability-scan.d.ts +10 -0
- package/dist/persistence/decryptability-scan.js +144 -0
- package/dist/persistence/decryptability-scan.js.map +1 -0
- package/dist/persistence/in-memory-unit-of-work.d.ts +11 -0
- package/dist/persistence/in-memory-unit-of-work.js +32 -0
- package/dist/persistence/in-memory-unit-of-work.js.map +1 -0
- package/dist/persistence/key-availability.d.ts +9 -0
- package/dist/persistence/key-availability.js +125 -0
- package/dist/persistence/key-availability.js.map +1 -0
- package/dist/persistence/sqlite/migrations.d.ts +9 -0
- package/dist/persistence/sqlite/migrations.js +535 -0
- package/dist/persistence/sqlite/migrations.js.map +1 -0
- package/dist/persistence/sqlite/schema.d.ts +10 -0
- package/dist/persistence/sqlite/schema.js +101 -0
- package/dist/persistence/sqlite/schema.js.map +1 -0
- package/dist/persistence/sqlite/sqlite-fact-store.d.ts +24 -0
- package/dist/persistence/sqlite/sqlite-fact-store.js +207 -0
- package/dist/persistence/sqlite/sqlite-fact-store.js.map +1 -0
- package/dist/persistence/sqlite/sqlite-source-registry.d.ts +17 -0
- package/dist/persistence/sqlite/sqlite-source-registry.js +132 -0
- package/dist/persistence/sqlite/sqlite-source-registry.js.map +1 -0
- package/dist/persistence/sqlite/sqlite-unit-of-work.d.ts +8 -0
- package/dist/persistence/sqlite/sqlite-unit-of-work.js +41 -0
- package/dist/persistence/sqlite/sqlite-unit-of-work.js.map +1 -0
- package/dist/persistence/sqlite/types.d.ts +24 -0
- package/dist/persistence/sqlite/types.js +28 -0
- package/dist/persistence/sqlite/types.js.map +1 -0
- package/dist/persistence/unit-of-work.d.ts +6 -0
- package/dist/persistence/unit-of-work.js +15 -0
- package/dist/persistence/unit-of-work.js.map +1 -0
- package/dist/proposal/accepted-claim-appender.d.ts +7 -0
- package/dist/proposal/accepted-claim-appender.js +16 -0
- package/dist/proposal/accepted-claim-appender.js.map +1 -0
- package/dist/proposal/in-memory-proposal-queue.d.ts +21 -0
- package/dist/proposal/in-memory-proposal-queue.js +218 -0
- package/dist/proposal/in-memory-proposal-queue.js.map +1 -0
- package/dist/proposal/policy-aware-proposal-queue.d.ts +23 -0
- package/dist/proposal/policy-aware-proposal-queue.js +162 -0
- package/dist/proposal/policy-aware-proposal-queue.js.map +1 -0
- package/dist/proposal/proposal-policy.d.ts +37 -0
- package/dist/proposal/proposal-policy.js +72 -0
- package/dist/proposal/proposal-policy.js.map +1 -0
- package/dist/proposal/proposal-queue.d.ts +13 -0
- package/dist/proposal/proposal-queue.js +15 -0
- package/dist/proposal/proposal-queue.js.map +1 -0
- package/dist/proposal/source-aware-claim-appender.d.ts +13 -0
- package/dist/proposal/source-aware-claim-appender.js +47 -0
- package/dist/proposal/source-aware-claim-appender.js.map +1 -0
- package/dist/proposal/sqlite-proposal-queue.d.ts +26 -0
- package/dist/proposal/sqlite-proposal-queue.js +282 -0
- package/dist/proposal/sqlite-proposal-queue.js.map +1 -0
- package/dist/resolution/resolve-claims.d.ts +4 -0
- package/dist/resolution/resolve-claims.js +101 -0
- package/dist/resolution/resolve-claims.js.map +1 -0
- package/dist/resolution/trust-profile.d.ts +12 -0
- package/dist/resolution/trust-profile.js +23 -0
- package/dist/resolution/trust-profile.js.map +1 -0
- package/dist/resolution/types.d.ts +15 -0
- package/dist/resolution/types.js +8 -0
- package/dist/resolution/types.js.map +1 -0
- package/dist/sdk/create-backend-integrated-life-api-for-test.d.ts +23 -0
- package/dist/sdk/create-backend-integrated-life-api-for-test.js +240 -0
- package/dist/sdk/create-backend-integrated-life-api-for-test.js.map +1 -0
- package/dist/sdk/create-life-api.d.ts +55 -0
- package/dist/sdk/create-life-api.js +251 -0
- package/dist/sdk/create-life-api.js.map +1 -0
- package/dist/sdk/create-sqlite-life-api.d.ts +33 -0
- package/dist/sdk/create-sqlite-life-api.js +654 -0
- package/dist/sdk/create-sqlite-life-api.js.map +1 -0
- package/dist/sdk/life-api.d.ts +27 -0
- package/dist/sdk/life-api.js +17 -0
- package/dist/sdk/life-api.js.map +1 -0
- package/dist/sdk/validation.d.ts +8 -0
- package/dist/sdk/validation.js +216 -0
- package/dist/sdk/validation.js.map +1 -0
- package/dist/source/in-memory-source-registry.d.ts +15 -0
- package/dist/source/in-memory-source-registry.js +104 -0
- package/dist/source/in-memory-source-registry.js.map +1 -0
- package/dist/source/source-aware-fact-store.d.ts +19 -0
- package/dist/source/source-aware-fact-store.js +40 -0
- package/dist/source/source-aware-fact-store.js.map +1 -0
- package/dist/source/source-kind-predicate-policy.d.ts +4 -0
- package/dist/source/source-kind-predicate-policy.js +62 -0
- package/dist/source/source-kind-predicate-policy.js.map +1 -0
- package/dist/source/source-registry.d.ts +11 -0
- package/dist/source/source-registry.js +12 -0
- package/dist/source/source-registry.js.map +1 -0
- package/dist/store/in-memory-fact-store.d.ts +25 -0
- package/dist/store/in-memory-fact-store.js +192 -0
- package/dist/store/in-memory-fact-store.js.map +1 -0
- package/dist/surface/context-query.d.ts +21 -0
- package/dist/surface/context-query.js +113 -0
- package/dist/surface/context-query.js.map +1 -0
- package/dist/surface/evidence-backed-context-query.d.ts +62 -0
- package/dist/surface/evidence-backed-context-query.js +240 -0
- package/dist/surface/evidence-backed-context-query.js.map +1 -0
- package/dist/types/access-context.d.ts +25 -0
- package/dist/types/access-context.js +6 -0
- package/dist/types/access-context.js.map +1 -0
- package/dist/types/claim.d.ts +48 -0
- package/dist/types/claim.js +5 -0
- package/dist/types/claim.js.map +1 -0
- package/dist/types/consent.d.ts +41 -0
- package/dist/types/consent.js +3 -0
- package/dist/types/consent.js.map +1 -0
- package/dist/types/crypto-boundary.d.ts +12 -0
- package/dist/types/crypto-boundary.js +15 -0
- package/dist/types/crypto-boundary.js.map +1 -0
- package/dist/types/evidence.d.ts +31 -0
- package/dist/types/evidence.js +8 -0
- package/dist/types/evidence.js.map +1 -0
- package/dist/types/fact-store.d.ts +24 -0
- package/dist/types/fact-store.js +12 -0
- package/dist/types/fact-store.js.map +1 -0
- package/dist/types/ids.d.ts +36 -0
- package/dist/types/ids.js +11 -0
- package/dist/types/ids.js.map +1 -0
- package/dist/types/proposal.d.ts +38 -0
- package/dist/types/proposal.js +7 -0
- package/dist/types/proposal.js.map +1 -0
- package/dist/types/source.d.ts +33 -0
- package/dist/types/source.js +6 -0
- package/dist/types/source.js.map +1 -0
- package/dist/types/trust.d.ts +24 -0
- package/dist/types/trust.js +5 -0
- package/dist/types/trust.js.map +1 -0
- package/dist/utilities/deep-freeze.d.ts +1 -0
- package/dist/utilities/deep-freeze.js +17 -0
- package/dist/utilities/deep-freeze.js.map +1 -0
- package/package.json +55 -0
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
// InMemoryUnitOfWork — Slice-18.
|
|
2
|
+
//
|
|
3
|
+
// UNIT_OF_WORK_IN_MEMORY_ATOMIC_BEHAVIOR_001: snapshot all three InMemory stores before
|
|
4
|
+
// the fn, restore all on throw — zero writes survive a failure mid-fn.
|
|
5
|
+
//
|
|
6
|
+
// This class imports concrete InMemory classes (not interfaces) because snapshot/restore
|
|
7
|
+
// methods are internal to those classes and not part of any store interface.
|
|
8
|
+
export class InMemoryUnitOfWork {
|
|
9
|
+
_docStore;
|
|
10
|
+
_srcReg;
|
|
11
|
+
_factStore;
|
|
12
|
+
constructor(_docStore, _srcReg, _factStore) {
|
|
13
|
+
this._docStore = _docStore;
|
|
14
|
+
this._srcReg = _srcReg;
|
|
15
|
+
this._factStore = _factStore;
|
|
16
|
+
}
|
|
17
|
+
async run(fn) {
|
|
18
|
+
const docSnap = this._docStore._uowSnapshot();
|
|
19
|
+
const srcSnap = this._srcReg._uowSnapshot();
|
|
20
|
+
const factSnap = this._factStore._uowSnapshot();
|
|
21
|
+
try {
|
|
22
|
+
return await fn();
|
|
23
|
+
}
|
|
24
|
+
catch (err) {
|
|
25
|
+
this._docStore._uowRestore(docSnap);
|
|
26
|
+
this._srcReg._uowRestore(srcSnap);
|
|
27
|
+
this._factStore._uowRestore(factSnap);
|
|
28
|
+
throw err;
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=in-memory-unit-of-work.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"in-memory-unit-of-work.js","sourceRoot":"","sources":["../../src/persistence/in-memory-unit-of-work.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,EAAE;AACF,wFAAwF;AACxF,uEAAuE;AACvE,EAAE;AACF,yFAAyF;AACzF,6EAA6E;AAO7E,MAAM,OAAO,kBAAkB;IAEV;IACA;IACA;IAHnB,YACmB,SAAoC,EACpC,OAAkC,EAClC,UAA6B;QAF7B,cAAS,GAAT,SAAS,CAA2B;QACpC,YAAO,GAAP,OAAO,CAA2B;QAClC,eAAU,GAAV,UAAU,CAAmB;IAC7C,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAI,EAAoB;QAC/B,MAAM,OAAO,GAAI,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;QAC/C,MAAM,OAAO,GAAI,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;QAChD,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,EAAE,CAAC;QACpB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACpC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { KeyProvider } from "../crypto/types.js";
|
|
2
|
+
export interface KeyAvailabilityResult {
|
|
3
|
+
readonly status: "ok" | "failed";
|
|
4
|
+
readonly checkedAt: string;
|
|
5
|
+
readonly requiredKeyCount?: number;
|
|
6
|
+
readonly missingKeyCount?: number;
|
|
7
|
+
readonly errorName?: string;
|
|
8
|
+
}
|
|
9
|
+
export declare function validateBackupKeyAvailability(sourcePath: string, keyProvider: KeyProvider): Promise<KeyAvailabilityResult>;
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
// D4b — Key Availability Validation boundary.
|
|
2
|
+
//
|
|
3
|
+
// PRODUCTION_KEY_INVENTORY_BOUNDARY_SPECIFIED_001: key inventory (which keyIds
|
|
4
|
+
// are referenced in the DB/backup), key availability (whether the provider
|
|
5
|
+
// resolves them), and decryptability (whether resolved key material actually
|
|
6
|
+
// decrypts stored ciphertext) are three separate concerns. This module covers
|
|
7
|
+
// inventory + availability only. Decryptability validation is deferred to D4c.
|
|
8
|
+
// PRODUCTION_KEY_INVENTORY_NO_KEY_MATERIAL_EXPOSURE_001:
|
|
9
|
+
// validateBackupKeyAvailability never returns, logs, or exposes raw keyId
|
|
10
|
+
// strings, key bytes, CryptoKey objects, decrypted payloads, or entity IDs.
|
|
11
|
+
// KeyId enumeration is internal to the function — strings are used only to
|
|
12
|
+
// call keyProvider.getKey() and are never present in the result type.
|
|
13
|
+
// PRODUCTION_RESTORE_KEY_AVAILABILITY_VALIDATION_SPECIFIED_001:
|
|
14
|
+
// validateBackupKeyAvailability(sourcePath, keyProvider) is the specified
|
|
15
|
+
// offline utility for confirming all referenced keyIds are resolvable before
|
|
16
|
+
// restore. Result is KeyAvailabilityResult with aggregate counts and status
|
|
17
|
+
// only — no raw keyId strings, no key material, no entity IDs.
|
|
18
|
+
// PRODUCTION_KEY_INVENTORY_NOT_HEALTHCHECK_DEFAULT_001: key availability
|
|
19
|
+
// scanning is not part of the default healthCheck bundle method. This
|
|
20
|
+
// utility is an offline pre-restore operator tool only — not a live-system
|
|
21
|
+
// diagnostic.
|
|
22
|
+
// PRODUCTION_KEY_INVENTORY_NOT_PRODUCT_API_001:
|
|
23
|
+
// validateBackupKeyAvailability is not on ProductionApiBundle,
|
|
24
|
+
// ProductionScopedLifeApi, or the package root export.
|
|
25
|
+
// PRODUCTION_BACKUP_DECRYPTABILITY_NOT_RECOVERY_CLAIM_001: no combination of
|
|
26
|
+
// validateBackup, validateBackupKeyAvailability, and healthCheck constitutes
|
|
27
|
+
// a disaster recovery guarantee, SLA, or operational production readiness
|
|
28
|
+
// claim. Key availability does not prove correct key material.
|
|
29
|
+
// PRODUCTION_RESTORE_DECRYPTABILITY_SCAN_DEFERRED_001: full decryptability
|
|
30
|
+
// validation (decrypt attempt on stored ciphertext) is deferred to D4c.
|
|
31
|
+
// A keyId that resolves in the provider may still have wrong key bytes —
|
|
32
|
+
// that failure surfaces only at decrypt time (CRYPTO_TAMPER_DETECTED_001).
|
|
33
|
+
import Database from "better-sqlite3";
|
|
34
|
+
// ─── Key inventory SQL ────────────────────────────────────────────────────────
|
|
35
|
+
// Enumerates distinct referenced keyIds from all encrypted persistence columns:
|
|
36
|
+
// claims.encrypted_payload — JSON EncryptedBlob with $.keyId
|
|
37
|
+
// raw_documents.encrypted_blob — JSON EncryptedBlob with $.keyId
|
|
38
|
+
// proposals.payload_key_id — TEXT denormalized copy of the proposal keyId
|
|
39
|
+
// KeyId strings are processed internally only — never returned to callers.
|
|
40
|
+
const KEY_INVENTORY_SQL = `
|
|
41
|
+
SELECT key_id FROM (
|
|
42
|
+
SELECT DISTINCT JSON_EXTRACT(encrypted_payload, '$.keyId') AS key_id
|
|
43
|
+
FROM claims
|
|
44
|
+
UNION
|
|
45
|
+
SELECT DISTINCT JSON_EXTRACT(encrypted_blob, '$.keyId') AS key_id
|
|
46
|
+
FROM raw_documents
|
|
47
|
+
UNION
|
|
48
|
+
SELECT DISTINCT payload_key_id AS key_id
|
|
49
|
+
FROM proposals
|
|
50
|
+
)
|
|
51
|
+
WHERE key_id IS NOT NULL
|
|
52
|
+
`;
|
|
53
|
+
// ─── validateBackupKeyAvailability ────────────────────────────────────────────
|
|
54
|
+
// Opens a backup file (or any migrated SQLite file) read-only and verifies that
|
|
55
|
+
// every referenced keyId can be resolved by the provided KeyProvider.
|
|
56
|
+
//
|
|
57
|
+
// Algorithm:
|
|
58
|
+
// 1. Open the file read-only.
|
|
59
|
+
// 2. Run KEY_INVENTORY_SQL to enumerate distinct referenced keyIds internally.
|
|
60
|
+
// 3. For each keyId, call keyProvider.getKey(keyId).
|
|
61
|
+
// - undefined → count as missing.
|
|
62
|
+
// - getKey() throws (e.g. KMS unavailable) → count as missing.
|
|
63
|
+
// 4. Return { status, checkedAt, requiredKeyCount, missingKeyCount }.
|
|
64
|
+
//
|
|
65
|
+
// Guarantees:
|
|
66
|
+
// - Never throws — all errors return { status: "failed", errorName }.
|
|
67
|
+
// - Closes the read-only connection before returning.
|
|
68
|
+
// - Does not decrypt any payload (D4c).
|
|
69
|
+
// - Does not write to any table or emit audit events.
|
|
70
|
+
// - Does not call logger or safeLog.
|
|
71
|
+
// - Does not return keyId strings, key bytes, or entity IDs.
|
|
72
|
+
// - requiredKeyCount and missingKeyCount are omitted when the inventory
|
|
73
|
+
// query fails (DB open error, SQL error) — per D4b spec §5.2.
|
|
74
|
+
// - Wrong key material (registered keyId but wrong bytes) is not detected
|
|
75
|
+
// here — that failure surfaces at decrypt time via CRYPTO_TAMPER_DETECTED_001.
|
|
76
|
+
export async function validateBackupKeyAvailability(sourcePath, keyProvider) {
|
|
77
|
+
const checkedAt = new Date().toISOString();
|
|
78
|
+
let db;
|
|
79
|
+
try {
|
|
80
|
+
db = new Database(sourcePath, { readonly: true, fileMustExist: true });
|
|
81
|
+
// Enumerate distinct referenced keyIds internally — strings stay in-process.
|
|
82
|
+
const rows = db
|
|
83
|
+
.prepare(KEY_INVENTORY_SQL)
|
|
84
|
+
.all();
|
|
85
|
+
const requiredKeyCount = rows.length;
|
|
86
|
+
// Check each referenced keyId against the provider.
|
|
87
|
+
// Per-key getKey failures count as missing — they do not escalate to an
|
|
88
|
+
// inventory failure. Only the DB open and SQL step can produce the
|
|
89
|
+
// inventory-failure path (outer catch, counts omitted).
|
|
90
|
+
let missingKeyCount = 0;
|
|
91
|
+
for (const row of rows) {
|
|
92
|
+
let desc;
|
|
93
|
+
try {
|
|
94
|
+
desc = await keyProvider.getKey(row.key_id);
|
|
95
|
+
}
|
|
96
|
+
catch {
|
|
97
|
+
// Provider threw (e.g. KMS down) — treat as missing, fail closed.
|
|
98
|
+
missingKeyCount++;
|
|
99
|
+
continue;
|
|
100
|
+
}
|
|
101
|
+
if (desc === undefined) {
|
|
102
|
+
missingKeyCount++;
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
if (missingKeyCount > 0) {
|
|
106
|
+
return { status: "failed", checkedAt, requiredKeyCount, missingKeyCount };
|
|
107
|
+
}
|
|
108
|
+
return { status: "ok", checkedAt, requiredKeyCount, missingKeyCount: 0 };
|
|
109
|
+
}
|
|
110
|
+
catch (err) {
|
|
111
|
+
// DB open or inventory query failed — omit counts per D4b spec §5.2.
|
|
112
|
+
return {
|
|
113
|
+
status: "failed",
|
|
114
|
+
checkedAt,
|
|
115
|
+
...(err instanceof Error ? { errorName: err.name } : {}),
|
|
116
|
+
};
|
|
117
|
+
}
|
|
118
|
+
finally {
|
|
119
|
+
try {
|
|
120
|
+
db?.close();
|
|
121
|
+
}
|
|
122
|
+
catch { /* ignore close errors */ }
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
//# sourceMappingURL=key-availability.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-availability.js","sourceRoot":"","sources":["../../src/persistence/key-availability.ts"],"names":[],"mappings":"AAAA,8CAA8C;AAC9C,EAAE;AACF,+EAA+E;AAC/E,6EAA6E;AAC7E,+EAA+E;AAC/E,gFAAgF;AAChF,iFAAiF;AACjF,yDAAyD;AACzD,4EAA4E;AAC5E,8EAA8E;AAC9E,6EAA6E;AAC7E,wEAAwE;AACxE,gEAAgE;AAChE,4EAA4E;AAC5E,+EAA+E;AAC/E,8EAA8E;AAC9E,iEAAiE;AACjE,yEAAyE;AACzE,wEAAwE;AACxE,6EAA6E;AAC7E,gBAAgB;AAChB,gDAAgD;AAChD,iEAAiE;AACjE,yDAAyD;AACzD,6EAA6E;AAC7E,+EAA+E;AAC/E,4EAA4E;AAC5E,iEAAiE;AACjE,2EAA2E;AAC3E,0EAA0E;AAC1E,2EAA2E;AAC3E,6EAA6E;AAE7E,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAgBtC,iFAAiF;AACjF,gFAAgF;AAChF,iEAAiE;AACjE,mEAAmE;AACnE,8EAA8E;AAC9E,2EAA2E;AAC3E,MAAM,iBAAiB,GAAG;;;;;;;;;;;;CAYzB,CAAC;AAEF,iFAAiF;AACjF,gFAAgF;AAChF,sEAAsE;AACtE,EAAE;AACF,aAAa;AACb,gCAAgC;AAChC,iFAAiF;AACjF,uDAAuD;AACvD,uCAAuC;AACvC,oEAAoE;AACpE,wEAAwE;AACxE,EAAE;AACF,cAAc;AACd,wEAAwE;AACxE,wDAAwD;AACxD,0CAA0C;AAC1C,wDAAwD;AACxD,uCAAuC;AACvC,+DAA+D;AAC/D,0EAA0E;AAC1E,kEAAkE;AAClE,4EAA4E;AAC5E,mFAAmF;AACnF,MAAM,CAAC,KAAK,UAAU,6BAA6B,CACjD,UAAkB,EAClB,WAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,IAAI,EAAiC,CAAC;IAEtC,IAAI,CAAC;QACH,EAAE,GAAG,IAAI,QAAQ,CAAC,UAAU,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAEvE,6EAA6E;QAC7E,MAAM,IAAI,GAAG,EAAE;aACZ,OAAO,CAAC,iBAAiB,CAAC;aAC1B,GAAG,EAA+B,CAAC;QACtC,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC;QAErC,oDAAoD;QACpD,wEAAwE;QACxE,mEAAmE;QACnE,wDAAwD;QACxD,IAAI,eAAe,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,IAA+B,CAAC;YACpC,IAAI,CAAC;gBACH,IAAI,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,kEAAkE;gBAClE,eAAe,EAAE,CAAC;gBAClB,SAAS;YACX,CAAC;YACD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;gBACvB,eAAe,EAAE,CAAC;YACpB,CAAC;QACH,CAAC;QAED,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,CAAC;QAC5E,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,CAAC,EAAE,CAAC;IAC3E,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,qEAAqE;QACrE,OAAO;YACL,MAAM,EAAE,QAAQ;YAChB,SAAS;YACT,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,IAAI,CAAC;YAAC,EAAE,EAAE,KAAK,EAAE,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,yBAAyB,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { Database } from "better-sqlite3";
|
|
2
|
+
export declare const CURRENT_SCHEMA_VERSION = 10;
|
|
3
|
+
export declare function verifyCurrentSchema(db: Database): {
|
|
4
|
+
ok: true;
|
|
5
|
+
} | {
|
|
6
|
+
ok: false;
|
|
7
|
+
missing: string[];
|
|
8
|
+
};
|
|
9
|
+
export declare function runMigrations(db: Database): void;
|