multimodel-dev-os 3.2.0 → 3.5.0

package/tests/unit/registry-public-signing.test.js

@@ -0,0 +1,109 @@
+import { describe, it, expect } from 'vitest';
+import {
+  generateEd25519KeyPair,
+  signEd25519Payload,
+  verifyEd25519Payload,
+  createCanonicalPayload,
+  normalizePublicKey
+} from '../../src/registry/signing.js';
+
+describe('Registry Public Signing — Ed25519 Key Generation', () => {
+  it('generates valid PEM format keys', () => {
+    const { publicKey, privateKey } = generateEd25519KeyPair();
+    expect(publicKey).toContain('-----BEGIN PUBLIC KEY-----');
+    expect(publicKey).toContain('-----END PUBLIC KEY-----');
+    expect(privateKey).toContain('-----BEGIN PRIVATE KEY-----');
+    expect(privateKey).toContain('-----END PRIVATE KEY-----');
+  });
+});
+
+describe('Registry Public Signing — Ed25519 Sign/Verify', () => {
+  it('signs and verifies a payload successfully', () => {
+    const { publicKey, privateKey } = generateEd25519KeyPair();
+    const payload = 'test-canonical-payload-data';
+    const signature = signEd25519Payload(privateKey, payload);
+
+    expect(signature).toBeTruthy();
+    expect(typeof signature).toBe('string');
+    // Base64 signature check
+    expect(signature).toMatch(/^[a-zA-Z0-9+/=]+$/);
+
+    const verified = verifyEd25519Payload(publicKey, payload, signature);
+    expect(verified).toBe(true);
+  });
+
+  it('fails verification for a tampered payload', () => {
+    const { publicKey, privateKey } = generateEd25519KeyPair();
+    const payload = 'original-payload';
+    const signature = signEd25519Payload(privateKey, payload);
+
+    const verified = verifyEd25519Payload(publicKey, 'tampered-payload', signature);
+    expect(verified).toBe(false);
+  });
+
+  it('fails verification for an invalid signature', () => {
+    const { publicKey } = generateEd25519KeyPair();
+    const verified = verifyEd25519Payload(publicKey, 'payload', 'not-a-valid-base64-signature!');
+    expect(verified).toBe(false);
+  });
+
+  it('fails verification with a different key', () => {
+    const pairA = generateEd25519KeyPair();
+    const pairB = generateEd25519KeyPair();
+    const payload = 'some-payload';
+    const signature = signEd25519Payload(pairA.privateKey, payload);
+
+    const verified = verifyEd25519Payload(pairB.publicKey, payload, signature);
+    expect(verified).toBe(false);
+  });
+});
+
+describe('Registry Public Signing — Canonical Payload Determinism', () => {
+  it('generates identical payload regardless of key insertion order', () => {
+    const obj1 = { name: 'registry-a', version: '1.0.0', catalog_hash: 'hash123' };
+    const obj2 = { catalog_hash: 'hash123', name: 'registry-a', version: '1.0.0' };
+    const fields = ['name', 'version', 'catalog_hash'];
+
+    const payload1 = createCanonicalPayload(obj1, fields);
+    const payload2 = createCanonicalPayload(obj2, fields);
+
+    expect(payload1).toBe(payload2);
+    // Keys sorted alphabetically: catalog_hash, name, version
+    const parsed = JSON.parse(payload1);
+    const keys = Object.keys(parsed);
+    expect(keys).toEqual(['catalog_hash', 'name', 'version']);
+  });
+
+  it('handles nested objects deterministically by sorting their keys', () => {
+    const obj1 = {
+      name: 'registry-b',
+      metadata: { z: 3, a: 1, m: 2 }
+    };
+    const obj2 = {
+      metadata: { a: 1, m: 2, z: 3 },
+      name: 'registry-b'
+    };
+    const fields = ['name', 'metadata'];
+
+    const payload1 = createCanonicalPayload(obj1, fields);
+    const payload2 = createCanonicalPayload(obj2, fields);
+
+    expect(payload1).toBe(payload2);
+    expect(payload1).toContain('"metadata":{"a":1,"m":2,"z":3}');
+  });
+});
+
+describe('Registry Public Signing — normalizePublicKey', () => {
+  it('keeps PEM headers intact if already present', () => {
+    const raw = '-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=\n-----END PUBLIC KEY-----';
+    expect(normalizePublicKey(raw)).toBe(raw);
+  });
+
+  it('wraps a raw base64 string into PEM format', () => {
+    const raw = 'MCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=';
+    const normalized = normalizePublicKey(raw);
+    expect(normalized).toContain('-----BEGIN PUBLIC KEY-----');
+    expect(normalized).toContain('-----END PUBLIC KEY-----');
+    expect(normalized.replace(/\s+/g, '')).toContain(raw);
+  });
+});

package/tests/unit/registry-signature-policy.test.js

@@ -0,0 +1,100 @@
+import { describe, it, expect } from 'vitest';
+import { verifySignatureBlock } from '../../src/registry/signing.js';
+
+describe('Registry Signature Policy — Unsigned Registries', () => {
+  const manifest = {
+    registry_name: 'test-registry',
+    publisher: 'Test Publisher',
+    version: '1.0.0',
+    catalog_hash: 'sha256:abc'
+  };
+
+  it('allows unsigned bundled registry by default', () => {
+    const policy = {
+      allow_unsigned_bundled: true,
+      allow_unsigned_local: true,
+      allow_unsigned_remote: false,
+      require_signature: false
+    };
+    const source = { name: 'bundled', type: 'local' };
+    const res = verifySignatureBlock({ manifest, policy, source });
+    expect(res.verified).toBe(true);
+    expect(res.status).toBe('unsigned');
+  });
+
+  it('allows unsigned local registry by default', () => {
+    const policy = {
+      allow_unsigned_bundled: true,
+      allow_unsigned_local: true,
+      allow_unsigned_remote: false,
+      require_signature: false
+    };
+    const source = { name: 'my-local-registry', type: 'local' };
+    const res = verifySignatureBlock({ manifest, policy, source });
+    expect(res.verified).toBe(true);
+    expect(res.status).toBe('unsigned');
+  });
+
+  it('blocks unsigned remote registry by default if allow_unsigned_remote is false', () => {
+    const policy = {
+      allow_unsigned_bundled: true,
+      allow_unsigned_local: true,
+      allow_unsigned_remote: false,
+      require_signature: false
+    };
+    const source = { name: 'official', type: 'remote' };
+    const res = verifySignatureBlock({ manifest, policy, source });
+    expect(res.verified).toBe(false);
+    expect(res.error).toContain('Unsigned remote registries are not allowed');
+  });
+
+  it('allows unsigned remote registry if explicitly permitted by policy', () => {
+    const policy = {
+      allow_unsigned_bundled: true,
+      allow_unsigned_local: true,
+      allow_unsigned_remote: true,
+      require_signature: false
+    };
+    const source = { name: 'official', type: 'remote' };
+    const res = verifySignatureBlock({ manifest, policy, source });
+    expect(res.verified).toBe(true);
+    expect(res.status).toBe('unsigned');
+  });
+
+  it('blocks unsigned registry if require_signature is true', () => {
+    const policy = {
+      allow_unsigned_bundled: true,
+      allow_unsigned_local: true,
+      allow_unsigned_remote: true,
+      require_signature: true
+    };
+    const source = { name: 'bundled', type: 'local' };
+    const res = verifySignatureBlock({ manifest, policy, source });
+    expect(res.verified).toBe(false);
+    expect(res.error).toContain('Signature is required by policy but missing');
+  });
+});
+
+describe('Registry Signature Policy — Allowed Algorithms', () => {
+  const manifest = {
+    registry_name: 'test-registry',
+    publisher: 'Test Publisher',
+    version: '1.0.0',
+    catalog_hash: 'sha256:abc',
+    signature: {
+      algorithm: 'rsa-sha256', // Unsupported / not allowed algorithm
+      key_id: 'active-key',
+      signature: 'sig',
+      signed_fields: ['registry_name', 'version']
+    }
+  };
+
+  it('fails verification if algorithm is not allowed', () => {
+    const policy = {
+      allowed_signature_algorithms: ['ed25519', 'hmac-sha256']
+    };
+    const res = verifySignatureBlock({ manifest, policy });
+    expect(res.verified).toBe(false);
+    expect(res.errors[0]).toContain('not allowed by policy');
+  });
+});

package/tests/unit/registry-signing.test.js

@@ -0,0 +1,193 @@
+import { describe, it, expect, beforeAll, afterAll } from 'vitest';
+import { existsSync, mkdirSync, rmSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import {
+  loadSigningKey,
+  generateSigningKey,
+  saveSigningKey,
+  signPayload,
+  verifySignature,
+  getSigningKeyPath
+} from '../../src/registry/signing.js';
+
+const tempDir = join(process.cwd(), 'temp-signing-test');
+
+describe('Registry Signing — loadSigningKey', () => {
+  beforeAll(() => {
+    mkdirSync(join(tempDir, '.ai'), { recursive: true });
+  });
+
+  afterAll(() => {
+    if (existsSync(tempDir)) {
+      rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
+  it('returns null when no signing key file exists', () => {
+    const noKeyDir = join(tempDir, 'no-key-dir');
+    mkdirSync(noKeyDir, { recursive: true });
+    const result = loadSigningKey(noKeyDir);
+    expect(result).toBeNull();
+  });
+
+  it('returns the key string when a valid key file exists', () => {
+    const validKey = 'a'.repeat(64);
+    writeFileSync(join(tempDir, '.ai', 'registry-signing-key'), validKey + '\n', 'utf8');
+    const result = loadSigningKey(tempDir);
+    expect(result).toBe(validKey);
+  });
+
+  it('throws if the key file contains a malformed key', () => {
+    const badKeyDir = join(tempDir, 'bad-key-dir');
+    mkdirSync(join(badKeyDir, '.ai'), { recursive: true });
+    writeFileSync(join(badKeyDir, '.ai', 'registry-signing-key'), 'too-short', 'utf8');
+    expect(() => loadSigningKey(badKeyDir)).toThrow('malformed');
+  });
+
+  it('throws if the key file contains wrong-length hex', () => {
+    const badKeyDir2 = join(tempDir, 'bad-key-dir2');
+    mkdirSync(join(badKeyDir2, '.ai'), { recursive: true });
+    // 63 hex chars — one short
+    writeFileSync(join(badKeyDir2, '.ai', 'registry-signing-key'), 'a'.repeat(63), 'utf8');
+    expect(() => loadSigningKey(badKeyDir2)).toThrow('malformed');
+  });
+
+  it('getSigningKeyPath returns expected path', () => {
+    const expected = join(tempDir, '.ai', 'registry-signing-key');
+    expect(getSigningKeyPath(tempDir)).toBe(expected);
+  });
+});
+
+describe('Registry Signing — generateSigningKey + saveSigningKey', () => {
+  const genDir = join(process.cwd(), 'temp-signing-gen');
+
+  beforeAll(() => {
+    mkdirSync(join(genDir, '.ai'), { recursive: true });
+  });
+
+  afterAll(() => {
+    if (existsSync(genDir)) {
+      rmSync(genDir, { recursive: true, force: true });
+    }
+  });
+
+  it('generateSigningKey returns a 64-char lowercase hex string', () => {
+    const key = generateSigningKey();
+    expect(key).toMatch(/^[0-9a-f]{64}$/);
+  });
+
+  it('generateSigningKey returns different values each call (random)', () => {
+    const key1 = generateSigningKey();
+    const key2 = generateSigningKey();
+    expect(key1).not.toBe(key2);
+  });
+
+  it('saveSigningKey writes a valid key that loadSigningKey can read back', () => {
+    const key = generateSigningKey();
+    saveSigningKey(genDir, key);
+    const loaded = loadSigningKey(genDir);
+    expect(loaded).toBe(key);
+  });
+
+  it('saveSigningKey creates .ai/ directory if it does not exist', () => {
+    const freshDir = join(process.cwd(), 'temp-signing-fresh');
+    try {
+      const key = generateSigningKey();
+      saveSigningKey(freshDir, key);
+      expect(existsSync(join(freshDir, '.ai', 'registry-signing-key'))).toBe(true);
+      const loaded = loadSigningKey(freshDir);
+      expect(loaded).toBe(key);
+    } finally {
+      if (existsSync(freshDir)) {
+        rmSync(freshDir, { recursive: true, force: true });
+      }
+    }
+  });
+});
+
+describe('Registry Signing — signPayload', () => {
+  const validKey = 'f'.repeat(64);
+
+  it('returns a 64-char lowercase hex HMAC-SHA256 digest', () => {
+    const sig = signPayload(validKey, 'test-payload');
+    expect(sig).toMatch(/^[0-9a-f]{64}$/);
+  });
+
+  it('produces the same output for the same key and payload (deterministic)', () => {
+    const sig1 = signPayload(validKey, 'same-payload');
+    const sig2 = signPayload(validKey, 'same-payload');
+    expect(sig1).toBe(sig2);
+  });
+
+  it('produces different output for different payloads', () => {
+    const sig1 = signPayload(validKey, 'payload-A');
+    const sig2 = signPayload(validKey, 'payload-B');
+    expect(sig1).not.toBe(sig2);
+  });
+
+  it('produces different output for different keys', () => {
+    const key1 = 'a'.repeat(64);
+    const key2 = 'b'.repeat(64);
+    const sig1 = signPayload(key1, 'same-payload');
+    const sig2 = signPayload(key2, 'same-payload');
+    expect(sig1).not.toBe(sig2);
+  });
+
+  it('throws for an invalid key (non-hex)', () => {
+    expect(() => signPayload('not-a-valid-key'.padEnd(64, 'z'), 'payload')).toThrow('Invalid signing key');
+  });
+
+  it('throws for an invalid key (wrong length)', () => {
+    expect(() => signPayload('abc', 'payload')).toThrow('Invalid signing key');
+  });
+
+  it('throws if payload is not a string', () => {
+    expect(() => signPayload(validKey, 12345)).toThrow('Payload to sign must be a string');
+  });
+});
+
+describe('Registry Signing — verifySignature', () => {
+  const key = 'c'.repeat(64);
+  const payload = 'catalog-sha256-hash-string';
+
+  it('returns true for a valid signature', () => {
+    const sig = signPayload(key, payload);
+    expect(verifySignature(key, payload, sig)).toBe(true);
+  });
+
+  it('returns false for a tampered payload', () => {
+    const sig = signPayload(key, payload);
+    expect(verifySignature(key, 'tampered-payload', sig)).toBe(false);
+  });
+
+  it('returns false for a wrong key', () => {
+    const sig = signPayload(key, payload);
+    const wrongKey = 'd'.repeat(64);
+    expect(verifySignature(wrongKey, payload, sig)).toBe(false);
+  });
+
+  it('returns false for a corrupted signature', () => {
+    const sig = signPayload(key, payload);
+    // Flip first char
+    const corruptedSig = (sig[0] === 'a' ? 'b' : 'a') + sig.slice(1);
+    expect(verifySignature(key, payload, corruptedSig)).toBe(false);
+  });
+
+  it('returns false for non-string arguments', () => {
+    expect(verifySignature(null, payload, 'sig')).toBe(false);
+    expect(verifySignature(key, null, 'sig')).toBe(false);
+    expect(verifySignature(key, payload, null)).toBe(false);
+  });
+
+  it('returns false for mismatched-length signature', () => {
+    expect(verifySignature(key, payload, 'abc')).toBe(false);
+  });
+
+  it('uses timing-safe comparison — does not short-circuit on length match', () => {
+    // We can't test timing directly, but we verify the correctness of the logic:
+    // two sigs of equal length but different values must still return false
+    const sig = signPayload(key, payload);
+    const fakeMatchLength = 'e'.repeat(64); // Same 64-char hex length, wrong value
+    expect(verifySignature(key, payload, fakeMatchLength)).toBe(false);
+  });
+});

package/tests/unit/registry-trust-store.test.js

@@ -0,0 +1,133 @@
+import { describe, it, expect, beforeAll, afterAll } from 'vitest';
+import { existsSync, mkdirSync, rmSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { loadTrustedKeys } from '../../src/registry/trust-store.js';
+import { verifySignatureBlock } from '../../src/registry/signing.js';
+
+const tempDir = join(process.cwd(), 'temp-trust-store-test');
+
+describe('Registry Trust Store — loadTrustedKeys', () => {
+  beforeAll(() => {
+    mkdirSync(join(tempDir, '.ai', 'registries'), { recursive: true });
+  });
+
+  afterAll(() => {
+    if (existsSync(tempDir)) {
+      rmSync(tempDir, { recursive: true, force: true });
+    }
+  });
+
+  it('returns empty array when no trusted-keys.yaml exists', () => {
+    const noKeysDir = join(tempDir, 'no-keys-dir');
+    mkdirSync(noKeysDir, { recursive: true });
+    const result = loadTrustedKeys(noKeysDir);
+    expect(result).toEqual([]);
+  });
+
+  it('returns parsed trusted keys list when trusted-keys.yaml exists', () => {
+    const yamlContent = `
+trusted_publishers:
+  - key_id: official-key
+    name: Official Maintainer
+    algorithm: ed25519
+    public_key: "-----BEGIN PUBLIC KEY-----\\n..."
+    scopes:
+      - registry
+    status: active
+`;
+    writeFileSync(join(tempDir, '.ai', 'registries', 'trusted-keys.yaml'), yamlContent, 'utf8');
+    const result = loadTrustedKeys(tempDir);
+    expect(result).toHaveLength(1);
+    expect(result[0].key_id).toBe('official-key');
+    expect(result[0].name).toBe('Official Maintainer');
+  });
+});
+
+describe('Registry Trust Store — Status & Scope Validation', () => {
+  const trustedKeys = [
+    {
+      key_id: 'active-key',
+      name: 'Active Key',
+      algorithm: 'ed25519',
+      public_key: 'MCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=',
+      scopes: ['registry'],
+      status: 'active'
+    },
+    {
+      key_id: 'disabled-key',
+      name: 'Disabled Key',
+      algorithm: 'ed25519',
+      public_key: 'MCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=',
+      scopes: ['registry'],
+      status: 'disabled'
+    },
+    {
+      key_id: 'revoked-key',
+      name: 'Revoked Key',
+      algorithm: 'ed25519',
+      public_key: 'MCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=',
+      scopes: ['registry'],
+      status: 'revoked'
+    },
+    {
+      key_id: 'wrong-scope-key',
+      name: 'Wrong Scope Key',
+      algorithm: 'ed25519',
+      public_key: 'MCowBQYDK2VwAyEA9vWwyE5+fY0dvEzl9S1UcvtoMkOAIDhDCzZAkP+CVNo=',
+      scopes: ['other'],
+      status: 'active'
+    }
+  ];
+
+  const manifestTemplate = {
+    registry_name: 'test-registry',
+    publisher: 'Test Publisher',
+    version: '1.0.0',
+    catalog_hash: 'sha256:abc',
+    signature: {
+      algorithm: 'ed25519',
+      key_id: 'active-key',
+      signature: 'sig',
+      signed_fields: ['registry_name', 'version', 'catalog_hash']
+    }
+  };
+
+  it('fails verification if key is disabled', () => {
+    const manifest = {
+      ...manifestTemplate,
+      signature: {
+        ...manifestTemplate.signature,
+        key_id: 'disabled-key'
+      }
+    };
+    const res = verifySignatureBlock({ manifest, trustedKeys });
+    expect(res.verified).toBe(false);
+    expect(res.errors[0]).toContain('must be active');
+  });
+
+  it('fails verification if key is revoked', () => {
+    const manifest = {
+      ...manifestTemplate,
+      signature: {
+        ...manifestTemplate.signature,
+        key_id: 'revoked-key'
+      }
+    };
+    const res = verifySignatureBlock({ manifest, trustedKeys });
+    expect(res.verified).toBe(false);
+    expect(res.errors[0]).toContain('must be active');
+  });
+
+  it('fails verification if scope does not include registry or catalog', () => {
+    const manifest = {
+      ...manifestTemplate,
+      signature: {
+        ...manifestTemplate.signature,
+        key_id: 'wrong-scope-key'
+      }
+    };
+    const res = verifySignatureBlock({ manifest, trustedKeys });
+    expect(res.verified).toBe(false);
+    expect(res.errors[0]).toContain('does not have required scope');
+  });
+});