npm - taskover-mcp - Versions diffs - 1.1.0 → 1.2.0 - Mend

taskover-mcp 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/auth-flow.js +6 -53
package/auth-gate.js +253 -0
package/cloud-adapter.js +38 -15
package/crypto.js +386 -0
package/data-store.js +9352 -0
package/data-store.json-backup.js +1264 -0
package/db.js +2292 -0
package/image-moderator.js +491 -0
package/image-processor.js +160 -0
package/image-upload-service.js +398 -0
package/index.js +2294 -1433
package/migrate-json-to-sqlite.js +256 -0
package/package.json +29 -21
package/publish/auth-flow.js +275 -0
package/publish/cloud-adapter.js +246 -0
package/publish/credential-store.js +93 -0
package/publish/index.js +1433 -0
package/publish/package.json +21 -0
package/publish/tool-map.js +1146 -0
package/scripts/build-publish.sh +95 -0
package/scripts/test-auth-failure.js +68 -0
package/scripts/test-success.js +232 -0
package/scripts/test-validation.js +105 -0
package/tool-map.js +58 -0
/package/{README.md → publish/README.md} +0 -0

package/crypto.js ADDED Viewed

@@ -0,0 +1,386 @@
+/**
+ * S6A-1: Centralized Encryption Module
+ *
+ * All cryptographic primitives for TaskOver at-rest encryption.
+ * KEK (Key Encryption Key) derived from TASKOVER_MASTER_KEY env var.
+ * Per-user DEKs (Data Encryption Keys) wrapped with KEK.
+ *
+ * Ciphertext format: "v1:<iv_hex>:<ciphertext_hex>:<authTag_hex>"
+ */
+const crypto = require("crypto");
+// ===== STATE =====
+let _kek = null;        // Key Encryption Key (32 bytes from master key)
+let _hmacKey = null;    // HMAC key derived via HKDF from KEK
+let _initialized = false;
+// DEK cache: userId -> { dek: Buffer, expires: number }
+const _dekCache = new Map();
+const DEK_CACHE_MAX = 100;
+const DEK_CACHE_TTL = 5 * 60 * 1000; // 5 minutes
+// ===== ARGON2 (optional — falls back to scrypt) =====
+let argon2 = null;
+try {
+  argon2 = require("@node-rs/argon2");
+} catch (_) {
+  // Argon2 unavailable (Electron / dev), will use scrypt
+}
+// ===== INITIALIZATION =====
+function initCrypto(masterKeyHex) {
+  if (!masterKeyHex || typeof masterKeyHex !== "string") {
+    throw new Error("TASKOVER_MASTER_KEY must be a non-empty string");
+  }
+  const keyBuf = Buffer.from(masterKeyHex, "hex");
+  if (keyBuf.length !== 32) {
+    throw new Error("TASKOVER_MASTER_KEY must be exactly 64 hex characters (32 bytes)");
+  }
+  _kek = keyBuf;
+  // Derive independent HMAC key via HKDF
+  _hmacKey = crypto.hkdfSync("sha256", _kek, Buffer.alloc(0), Buffer.from("taskover-hmac-v1"), 32);
+  _initialized = true;
+}
+function isCryptoInitialized() {
+  return _initialized;
+}
+// ===== AES-256-GCM ENCRYPTION =====
+function encryptWithKey(plaintext, key) {
+  if (!plaintext && plaintext !== "") return null;
+  const iv = crypto.randomBytes(12); // 96-bit IV for GCM
+  const cipher = crypto.createCipheriv("aes-256-gcm", key, iv);
+  const plaintextBuf = Buffer.from(String(plaintext), "utf8");
+  const encrypted = Buffer.concat([cipher.update(plaintextBuf), cipher.final()]);
+  const authTag = cipher.getAuthTag(); // 16 bytes
+  return "v1:" + iv.toString("hex") + ":" + encrypted.toString("hex") + ":" + authTag.toString("hex");
+}
+function decryptWithKey(ciphertext, key) {
+  if (!ciphertext) return null;
+  const str = String(ciphertext);
+  // v1: GCM format
+  if (str.startsWith("v1:")) {
+    const parts = str.split(":");
+    if (parts.length !== 4) throw new Error("Invalid v1 ciphertext format");
+    const iv = Buffer.from(parts[1], "hex");
+    const encrypted = Buffer.from(parts[2], "hex");
+    const authTag = Buffer.from(parts[3], "hex");
+    const decipher = crypto.createDecipheriv("aes-256-gcm", key, iv);
+    decipher.setAuthTag(authTag);
+    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+    return decrypted.toString("utf8");
+  }
+  // Legacy CBC fallback (iv_hex:ciphertext_hex, no auth tag)
+  const [ivHex, encHex] = str.split(":");
+  if (!ivHex || !encHex) throw new Error("Invalid legacy ciphertext format");
+  const iv = Buffer.from(ivHex, "hex");
+  const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
+  let decrypted = decipher.update(encHex, "hex", "utf8");
+  decrypted += decipher.final("utf8");
+  return decrypted;
+}
+// ===== DEK MANAGEMENT =====
+function generateDEK() {
+  if (!_initialized) throw new Error("Crypto not initialized");
+  const dek = crypto.randomBytes(32);
+  const encryptedDek = encryptWithKey(dek.toString("hex"), _kek);
+  return { dek, encryptedDek };
+}
+function decryptDEK(encryptedDek) {
+  if (!_initialized) throw new Error("Crypto not initialized");
+  if (!encryptedDek) return null;
+  const dekHex = decryptWithKey(encryptedDek, _kek);
+  return Buffer.from(dekHex, "hex");
+}
+function reEncryptDEK(encryptedDek, newKEK) {
+  // Decrypt with current KEK, re-encrypt with new KEK
+  const dekHex = decryptWithKey(encryptedDek, _kek);
+  return encryptWithKey(dekHex, newKEK);
+}
+// ===== FIELD-LEVEL ENCRYPTION =====
+function encryptField(plaintext, dek) {
+  if (plaintext == null || plaintext === "") return plaintext;
+  if (!dek) return plaintext;
+  return encryptWithKey(String(plaintext), dek);
+}
+function decryptField(ciphertext, dek) {
+  if (ciphertext == null || ciphertext === "") return ciphertext;
+  if (!dek) return ciphertext;
+  const str = String(ciphertext);
+  // Only decrypt if it has the v1: prefix (migration window: plaintext passes through)
+  if (!str.startsWith("v1:")) return ciphertext;
+  return decryptWithKey(str, dek);
+}
+// ===== BLIND INDEX (HMAC) =====
+function blindIndex(value) {
+  if (!_initialized) throw new Error("Crypto not initialized");
+  if (!value) return null;
+  return crypto.createHmac("sha256", _hmacKey).update(String(value)).digest("hex");
+}
+// ===== PASSWORD HASHING =====
+// OWASP recommended Argon2id parameters
+const ARGON2_OPTS = {
+  memoryCost: 19456,   // 19 MiB
+  timeCost: 2,
+  parallelism: 1,
+  outputLen: 64,
+};
+function hashPasswordSync(password) {
+  const salt = crypto.randomBytes(16).toString("hex");
+  if (argon2) {
+    try {
+      const hash = argon2.hashSync(password, {
+        memoryCost: ARGON2_OPTS.memoryCost,
+        timeCost: ARGON2_OPTS.timeCost,
+        parallelism: ARGON2_OPTS.parallelism,
+        outputLen: ARGON2_OPTS.outputLen,
+        salt: Buffer.from(salt, "hex"),
+      });
+      return { hash, salt, algorithm: "argon2id" };
+    } catch (_) {
+      // Fall through to scrypt
+    }
+  }
+  // Fallback: scrypt
+  const hash = crypto.scryptSync(password, salt, 64).toString("hex");
+  return { hash, salt, algorithm: "scrypt" };
+}
+function verifyPasswordSync(password, storedHash, salt, algorithm) {
+  if (!password || !storedHash || !salt) return false;
+  if (algorithm === "argon2id" && argon2) {
+    try {
+      return argon2.verifySync(storedHash, password);
+    } catch (_) {
+      return false;
+    }
+  }
+  if (algorithm === "scrypt" || !algorithm) {
+    const hash = crypto.scryptSync(password, salt, 64).toString("hex");
+    return safeCompare(hash, storedHash);
+  }
+  if (algorithm === "sha256") {
+    const hash = crypto.createHash("sha256").update(password + salt).digest("hex");
+    return safeCompare(hash, storedHash);
+  }
+  // Unknown algorithm — try scrypt then sha256
+  const scryptHash = crypto.scryptSync(password, salt, 64).toString("hex");
+  if (safeCompare(scryptHash, storedHash)) return true;
+  const sha256Hash = crypto.createHash("sha256").update(password + salt).digest("hex");
+  return safeCompare(sha256Hash, storedHash);
+}
+function passwordNeedsUpgrade(algorithm) {
+  if (!algorithm || algorithm === "sha256" || algorithm === "scrypt") {
+    return argon2 ? "argon2id" : (algorithm === "sha256" ? "scrypt" : null);
+  }
+  return null; // argon2id is current best
+}
+// ===== BACKUP CODES =====
+function hashBackupCode(code) {
+  const salt = crypto.randomBytes(16).toString("hex");
+  const hash = crypto.createHash("sha256").update(code + salt).digest("hex");
+  return { hash, salt };
+}
+function verifyBackupCode(code, storedHash, salt) {
+  const hash = crypto.createHash("sha256").update(code + salt).digest("hex");
+  return safeCompare(hash, storedHash);
+}
+function verifyBackupCodeLegacy(code, storedHash) {
+  const hash = crypto.createHash("sha256").update(code).digest("hex");
+  return safeCompare(hash, storedHash);
+}
+// ===== BACKUP FILE ENCRYPTION =====
+const BACKUP_MAGIC = Buffer.from("TOBE"); // TaskOver Backup Encrypted
+const BACKUP_VERSION = 1;
+function encryptBackup(inputPath, outputPath) {
+  if (!_initialized) throw new Error("Crypto not initialized");
+  const fs = require("fs");
+  const plaintext = fs.readFileSync(inputPath);
+  // Random file key, wrapped with KEK
+  const fileKey = crypto.randomBytes(32);
+  const wrappedKey = encryptWithKey(fileKey.toString("hex"), _kek);
+  const wrappedKeyBuf = Buffer.from(wrappedKey, "utf8");
+  // Encrypt file content
+  const iv = crypto.randomBytes(12);
+  const cipher = crypto.createCipheriv("aes-256-gcm", fileKey, iv);
+  const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
+  const authTag = cipher.getAuthTag();
+  // Header: TOBE + version(1) + wrappedKeyLen(2) + wrappedKey + iv(12) + authTag(16) + ciphertext
+  const header = Buffer.alloc(4 + 1 + 2);
+  BACKUP_MAGIC.copy(header, 0);
+  header.writeUInt8(BACKUP_VERSION, 4);
+  header.writeUInt16BE(wrappedKeyBuf.length, 5);
+  fs.writeFileSync(outputPath, Buffer.concat([header, wrappedKeyBuf, iv, authTag, encrypted]));
+}
+function decryptBackup(inputPath, outputPath) {
+  if (!_initialized) throw new Error("Crypto not initialized");
+  const fs = require("fs");
+  const data = fs.readFileSync(inputPath);
+  // Minimum: 4 magic + 1 version + 2 keyLen + 1 wrappedKey + 12 iv + 16 authTag + 1 ciphertext = 37
+  if (data.length < 37) throw new Error("Backup file too small — truncated or corrupt");
+  // Parse header
+  const magic = data.subarray(0, 4);
+  if (!magic.equals(BACKUP_MAGIC)) throw new Error("Not a TaskOver encrypted backup");
+  const version = data.readUInt8(4);
+  if (version !== BACKUP_VERSION) throw new Error(`Unsupported backup version: ${version}`);
+  const wrappedKeyLen = data.readUInt16BE(5);
+  if (wrappedKeyLen === 0 || 7 + wrappedKeyLen + 12 + 16 > data.length) {
+    throw new Error(`Invalid wrapped key length: ${wrappedKeyLen} (file is ${data.length} bytes)`);
+  }
+  let offset = 7;
+  const wrappedKey = data.subarray(offset, offset + wrappedKeyLen).toString("utf8");
+  offset += wrappedKeyLen;
+  const iv = data.subarray(offset, offset + 12);
+  offset += 12;
+  const authTag = data.subarray(offset, offset + 16);
+  offset += 16;
+  const encrypted = data.subarray(offset);
+  // Unwrap file key
+  const fileKeyHex = decryptWithKey(wrappedKey, _kek);
+  const fileKey = Buffer.from(fileKeyHex, "hex");
+  // Decrypt
+  const decipher = crypto.createDecipheriv("aes-256-gcm", fileKey, iv);
+  decipher.setAuthTag(authTag);
+  const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+  fs.writeFileSync(outputPath, decrypted);
+}
+// ===== DEK CACHE =====
+function getCachedDEK(userId, encryptedDek) {
+  if (!encryptedDek) return null;
+  const cached = _dekCache.get(userId);
+  if (cached && cached.expires > Date.now() && cached.encryptedDek === encryptedDek) {
+    return cached.dek;
+  }
+  const dek = decryptDEK(encryptedDek);
+  if (!dek) return null;
+  // Evict oldest if at capacity
+  if (_dekCache.size >= DEK_CACHE_MAX) {
+    const oldestKey = _dekCache.keys().next().value;
+    _dekCache.delete(oldestKey);
+  }
+  _dekCache.set(userId, { dek, encryptedDek, expires: Date.now() + DEK_CACHE_TTL });
+  return dek;
+}
+function clearDEKCache(userId) {
+  if (userId) {
+    _dekCache.delete(userId);
+  } else {
+    _dekCache.clear();
+  }
+}
+// ===== LOGGING GUARD =====
+const SENSITIVE_PATTERNS = /^(password|secret|token|key|salt|hash|mfa|totp|dek|kek|authorization|cookie|credential|api_key|apikey)/i;
+function redactForLogging(obj) {
+  if (!obj || typeof obj !== "object") return obj;
+  if (Array.isArray(obj)) return obj.map(redactForLogging);
+  const result = {};
+  for (const [k, v] of Object.entries(obj)) {
+    if (SENSITIVE_PATTERNS.test(k)) {
+      result[k] = "[REDACTED]";
+    } else if (typeof v === "object" && v !== null) {
+      result[k] = redactForLogging(v);
+    } else {
+      result[k] = v;
+    }
+  }
+  return result;
+}
+// ===== HELPERS =====
+function safeCompare(a, b) {
+  if (typeof a !== "string" || typeof b !== "string") return false;
+  const bufA = Buffer.from(a);
+  const bufB = Buffer.from(b);
+  if (bufA.length !== bufB.length) {
+    // Compare against self to keep constant time, then return false
+    crypto.timingSafeEqual(bufA, bufA);
+    return false;
+  }
+  return crypto.timingSafeEqual(bufA, bufB);
+}
+// ===== EXPORTS =====
+module.exports = {
+  initCrypto,
+  isCryptoInitialized,
+  encryptWithKey,
+  decryptWithKey,
+  generateDEK,
+  decryptDEK,
+  reEncryptDEK,
+  encryptField,
+  decryptField,
+  blindIndex,
+  hashPasswordSync,
+  verifyPasswordSync,
+  passwordNeedsUpgrade,
+  hashBackupCode,
+  verifyBackupCode,
+  verifyBackupCodeLegacy,
+  encryptBackup,
+  decryptBackup,
+  getCachedDEK,
+  clearDEKCache,
+  redactForLogging,
+  safeCompare,
+};