vaultkeeper 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +39 -6
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +30 -1
- package/dist/index.d.ts +30 -1
- package/dist/index.js +38 -6
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -4,7 +4,7 @@ var child_process = require('child_process');
|
|
|
4
4
|
var fs5 = require('fs/promises');
|
|
5
5
|
var path5 = require('path');
|
|
6
6
|
var os4 = require('os');
|
|
7
|
-
var
|
|
7
|
+
var crypto4 = require('crypto');
|
|
8
8
|
var fs4 = require('fs');
|
|
9
9
|
var jose = require('jose');
|
|
10
10
|
|
|
@@ -29,7 +29,7 @@ function _interopNamespace(e) {
|
|
|
29
29
|
var fs5__namespace = /*#__PURE__*/_interopNamespace(fs5);
|
|
30
30
|
var path5__namespace = /*#__PURE__*/_interopNamespace(path5);
|
|
31
31
|
var os4__namespace = /*#__PURE__*/_interopNamespace(os4);
|
|
32
|
-
var
|
|
32
|
+
var crypto4__namespace = /*#__PURE__*/_interopNamespace(crypto4);
|
|
33
33
|
var fs4__namespace = /*#__PURE__*/_interopNamespace(fs4);
|
|
34
34
|
|
|
35
35
|
// src/errors.ts
|
|
@@ -197,6 +197,11 @@ var RotationInProgressError = class extends VaultError {
|
|
|
197
197
|
}
|
|
198
198
|
};
|
|
199
199
|
|
|
200
|
+
// src/backend/types.ts
|
|
201
|
+
function isListableBackend(backend) {
|
|
202
|
+
return "list" in backend && typeof backend.list === "function";
|
|
203
|
+
}
|
|
204
|
+
|
|
200
205
|
// src/backend/registry.ts
|
|
201
206
|
var BackendRegistry = class {
|
|
202
207
|
static backends = /* @__PURE__ */ new Map();
|
|
@@ -232,6 +237,33 @@ var BackendRegistry = class {
|
|
|
232
237
|
static getTypes() {
|
|
233
238
|
return Array.from(this.backends.keys());
|
|
234
239
|
}
|
|
240
|
+
/**
|
|
241
|
+
* Returns backend types that are available on the current system.
|
|
242
|
+
*
|
|
243
|
+
* @remarks
|
|
244
|
+
* Creates each registered backend via its factory, calls `isAvailable()`,
|
|
245
|
+
* and returns only the type identifiers whose backend reports availability.
|
|
246
|
+
* If a backend's `isAvailable()` call throws, that backend is excluded from
|
|
247
|
+
* the result rather than propagating the error.
|
|
248
|
+
*
|
|
249
|
+
* @returns Promise resolving to an array of available backend type identifiers
|
|
250
|
+
* @public
|
|
251
|
+
*/
|
|
252
|
+
static async getAvailableTypes() {
|
|
253
|
+
const entries = Array.from(this.backends.entries());
|
|
254
|
+
const results = await Promise.all(
|
|
255
|
+
entries.map(async ([type, factory]) => {
|
|
256
|
+
try {
|
|
257
|
+
const backend = factory();
|
|
258
|
+
const available = await backend.isAvailable();
|
|
259
|
+
return available ? type : null;
|
|
260
|
+
} catch {
|
|
261
|
+
return null;
|
|
262
|
+
}
|
|
263
|
+
})
|
|
264
|
+
);
|
|
265
|
+
return results.filter((type) => type !== null);
|
|
266
|
+
}
|
|
235
267
|
};
|
|
236
268
|
async function execCommand(command, args, options) {
|
|
237
269
|
const result = await execCommandFull(command, args);
|
|
@@ -265,7 +297,7 @@ path5__namespace.join(".vaultkeeper", "file");
|
|
|
265
297
|
path5__namespace.join(".vaultkeeper", "yubikey");
|
|
266
298
|
function hashExecutable(filePath) {
|
|
267
299
|
return new Promise((resolve, reject) => {
|
|
268
|
-
const hash =
|
|
300
|
+
const hash = crypto4__namespace.createHash("sha256");
|
|
269
301
|
const stream = fs4__namespace.createReadStream(filePath);
|
|
270
302
|
stream.on("data", (chunk) => {
|
|
271
303
|
hash.update(chunk);
|
|
@@ -565,10 +597,10 @@ var KeyManager = class {
|
|
|
565
597
|
#rotating = false;
|
|
566
598
|
/** Generate a new 32-byte key with a timestamp-based id. */
|
|
567
599
|
generateKey() {
|
|
568
|
-
const randomSuffix =
|
|
600
|
+
const randomSuffix = crypto4__namespace.randomBytes(4).toString("hex");
|
|
569
601
|
return {
|
|
570
602
|
id: `k-${String(Date.now())}-${randomSuffix}`,
|
|
571
|
-
key: new Uint8Array(
|
|
603
|
+
key: new Uint8Array(crypto4__namespace.randomBytes(32)),
|
|
572
604
|
createdAt: /* @__PURE__ */ new Date()
|
|
573
605
|
};
|
|
574
606
|
}
|
|
@@ -1236,7 +1268,7 @@ var VaultKeeper = class _VaultKeeper {
|
|
|
1236
1268
|
}
|
|
1237
1269
|
const now = Math.floor(Date.now() / 1e3);
|
|
1238
1270
|
const claims = {
|
|
1239
|
-
jti:
|
|
1271
|
+
jti: crypto4__namespace.randomUUID(),
|
|
1240
1272
|
exp: now + ttlMinutes * 60,
|
|
1241
1273
|
iat: now,
|
|
1242
1274
|
sub: secretName,
|
|
@@ -1476,5 +1508,6 @@ exports.TokenRevokedError = TokenRevokedError;
|
|
|
1476
1508
|
exports.UsageLimitExceededError = UsageLimitExceededError;
|
|
1477
1509
|
exports.VaultError = VaultError;
|
|
1478
1510
|
exports.VaultKeeper = VaultKeeper;
|
|
1511
|
+
exports.isListableBackend = isListableBackend;
|
|
1479
1512
|
//# sourceMappingURL=index.cjs.map
|
|
1480
1513
|
//# sourceMappingURL=index.cjs.map
|