xypriss 9.7.7 → 9.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. package/README.md +3 -1
  2. package/dist/cjs/src/plugins/api/PluginAPI.js +32 -0
  3. package/dist/cjs/src/plugins/api/PluginAPI.js.map +1 -1
  4. package/dist/cjs/src/plugins/const/PluginHookIds.js +45 -18
  5. package/dist/cjs/src/plugins/const/PluginHookIds.js.map +1 -1
  6. package/dist/cjs/src/plugins/core/PermissionManager.js +43 -11
  7. package/dist/cjs/src/plugins/core/PermissionManager.js.map +1 -1
  8. package/dist/cjs/src/plugins/core/manager/PluginInterceptor.js +1 -0
  9. package/dist/cjs/src/plugins/core/manager/PluginInterceptor.js.map +1 -1
  10. package/dist/cjs/src/plugins/core/manager/PluginSecurity.js +86 -6
  11. package/dist/cjs/src/plugins/core/manager/PluginSecurity.js.map +1 -1
  12. package/dist/cjs/src/server/components/fastapi/console/ConsoleInterceptor.js +0 -1
  13. package/dist/cjs/src/server/components/fastapi/console/ConsoleInterceptor.js.map +1 -1
  14. package/dist/cjs/src/server/components/multi-server/MultiServerApp.js +3 -2
  15. package/dist/cjs/src/server/components/multi-server/MultiServerApp.js.map +1 -1
  16. package/dist/cjs/src/server/const/XRUNTIME-HEADER.js +6 -0
  17. package/dist/cjs/src/server/const/XRUNTIME-HEADER.js.map +1 -0
  18. package/dist/cjs/src/server/core/ResponseEnhancer.js +10 -0
  19. package/dist/cjs/src/server/core/ResponseEnhancer.js.map +1 -1
  20. package/dist/cjs/src/server/core/XHSCProtocol.js +33 -27
  21. package/dist/cjs/src/server/core/XHSCProtocol.js.map +1 -1
  22. package/dist/cjs/src/server/core/XyDiagnosticsManager.js +2 -2
  23. package/dist/cjs/src/server/core/XyDiagnosticsManager.js.map +1 -1
  24. package/dist/cjs/src/server/core/XyServerCreator.js +15 -7
  25. package/dist/cjs/src/server/core/XyServerCreator.js.map +1 -1
  26. package/dist/cjs/src/server/middleware/MiddlewareManager.js +51 -44
  27. package/dist/cjs/src/server/middleware/MiddlewareManager.js.map +1 -1
  28. package/dist/cjs/src/xhsc/fs/FSHelpers.js.map +1 -1
  29. package/dist/esm/src/plugins/api/PluginAPI.js +32 -0
  30. package/dist/esm/src/plugins/api/PluginAPI.js.map +1 -1
  31. package/dist/esm/src/plugins/const/PluginHookIds.js +45 -19
  32. package/dist/esm/src/plugins/const/PluginHookIds.js.map +1 -1
  33. package/dist/esm/src/plugins/core/PermissionManager.js +43 -11
  34. package/dist/esm/src/plugins/core/PermissionManager.js.map +1 -1
  35. package/dist/esm/src/plugins/core/manager/PluginInterceptor.js +1 -0
  36. package/dist/esm/src/plugins/core/manager/PluginInterceptor.js.map +1 -1
  37. package/dist/esm/src/plugins/core/manager/PluginSecurity.js +86 -6
  38. package/dist/esm/src/plugins/core/manager/PluginSecurity.js.map +1 -1
  39. package/dist/esm/src/server/components/fastapi/console/ConsoleInterceptor.js +0 -1
  40. package/dist/esm/src/server/components/fastapi/console/ConsoleInterceptor.js.map +1 -1
  41. package/dist/esm/src/server/components/multi-server/MultiServerApp.js +3 -2
  42. package/dist/esm/src/server/components/multi-server/MultiServerApp.js.map +1 -1
  43. package/dist/esm/src/server/const/XRUNTIME-HEADER.js +4 -0
  44. package/dist/esm/src/server/const/XRUNTIME-HEADER.js.map +1 -0
  45. package/dist/esm/src/server/core/ResponseEnhancer.js +10 -0
  46. package/dist/esm/src/server/core/ResponseEnhancer.js.map +1 -1
  47. package/dist/esm/src/server/core/XHSCProtocol.js +34 -28
  48. package/dist/esm/src/server/core/XHSCProtocol.js.map +1 -1
  49. package/dist/esm/src/server/core/XyDiagnosticsManager.js +2 -2
  50. package/dist/esm/src/server/core/XyDiagnosticsManager.js.map +1 -1
  51. package/dist/esm/src/server/core/XyServerCreator.js +15 -7
  52. package/dist/esm/src/server/core/XyServerCreator.js.map +1 -1
  53. package/dist/esm/src/server/middleware/MiddlewareManager.js +51 -44
  54. package/dist/esm/src/server/middleware/MiddlewareManager.js.map +1 -1
  55. package/dist/esm/src/xhsc/fs/FSHelpers.js.map +1 -1
  56. package/dist/index.d.ts +47 -22
  57. package/package.json +74 -74
  58. package/scripts/migrate_to_xhs.ts +92 -0
  59. package/dist/cjs/src/server/components/fastapi/console/encryption/ConsoleEncryption.js +0 -216
  60. package/dist/cjs/src/server/components/fastapi/console/encryption/ConsoleEncryption.js.map +0 -1
  61. package/dist/esm/src/server/components/fastapi/console/encryption/ConsoleEncryption.js +0 -214
  62. package/dist/esm/src/server/components/fastapi/console/encryption/ConsoleEncryption.js.map +0 -1
@@ -0,0 +1,92 @@
1
+ import fs from "fs";
2
+ import path from "path";
3
+
4
+ const MAPPING: Record<string, string> = {
5
+ // Lifecycle
6
+ "PLG.LIFECYCLE.": "XHS.HOOK.LIFECYCLE.",
7
+
8
+ // HTTP Hooks
9
+ "PLG.HTTP.ON_REQUEST": "XHS.HOOK.HTTP.REQUEST",
10
+ "PLG.HTTP.ON_RESPONSE": "XHS.HOOK.HTTP.RESPONSE",
11
+ "PLG.HTTP.ON_ERROR": "XHS.HOOK.HTTP.ERROR",
12
+
13
+ // HTTP/Routing Permissions
14
+ "PLG.HTTP.MIDDLEWARE": "XHS.PERM.HTTP.MIDDLEWARE",
15
+ "PLG.HTTP.GLOBAL_MIDDLEWARE": "XHS.PERM.HTTP.GLOBAL_MIDDLEWARE",
16
+ "PLG.ROUTING.REGISTER_ROUTES": "XHS.PERM.ROUTING.REGISTER_ROUTES",
17
+ "PLG.ROUTING.BYPASS_NAMESPACE": "XHS.PERM.ROUTING.BYPASS_NAMESPACE",
18
+ "PLG.ROUTING.OVERWRITE_PROTECTED": "XHS.PERM.ROUTING.OVERWRITE_PROTECTED",
19
+
20
+ // Security
21
+ "PLG.SECURITY.ACCESS_CONFIGS": "XHS.PERM.SECURITY.CONFIGS",
22
+ "PLG.SECURITY.ACCESS_SENSITIVE_DATA": "XHS.PERM.SECURITY.SENSITIVE_DATA",
23
+ "PLG.SECURITY.ATTACK_DETECTED": "XHS.HOOK.SECURITY.ATTACK",
24
+ "PLG.SECURITY.RATE_LIMIT": "XHS.HOOK.SECURITY.RATE_LIMIT",
25
+
26
+ // Metrics
27
+ "PLG.METRICS.RESPONSE_TIME": "XHS.HOOK.METRICS.RESPONSE_TIME",
28
+ "PLG.METRICS.ROUTE_ERROR": "XHS.HOOK.METRICS.ROUTE_ERROR",
29
+
30
+ // Ops & Logging
31
+ "PLG.OPS.AUXILIARY_SERVER": "XHS.PERM.OPS.AUXILIARY_SERVER",
32
+ "PLG.LOGGING.CONSOLE_INTERCEPT": "XHS.PERM.LOGGING.CONSOLE_INTERCEPT",
33
+ };
34
+
35
+ const DIRS_TO_SCAN = ["src", "docs", "mods", "simulations", "tests"];
36
+ const FILES_TO_SCAN = ["README.md", "package.json"];
37
+
38
+ function migrateFile(filePath: string) {
39
+ let content = fs.readFileSync(filePath, "utf-8");
40
+ let changed = false;
41
+
42
+ for (const [oldId, newId] of Object.entries(MAPPING)) {
43
+ if (content.includes(oldId)) {
44
+ // Use regex for global replacement
45
+ const regex = new RegExp(oldId.replace(/\./g, "\\."), "g");
46
+ content = content.replace(regex, newId);
47
+ changed = true;
48
+ }
49
+ }
50
+
51
+ if (changed) {
52
+ fs.writeFileSync(filePath, content, "utf-8");
53
+ console.log(`[MIGRATED] ${filePath}`);
54
+ }
55
+ }
56
+
57
+ function walk(dir: string) {
58
+ const files = fs.readdirSync(dir);
59
+ for (const file of files) {
60
+ const fullPath = path.join(dir, file);
61
+ const stat = fs.statSync(fullPath);
62
+ if (stat.isDirectory()) {
63
+ if (file === "node_modules" || file === ".git" || file === "dist")
64
+ continue;
65
+ walk(fullPath);
66
+ } else {
67
+ const ext = path.extname(file);
68
+ if ([".ts", ".js", ".md", ".json", ".jsonc"].includes(ext)) {
69
+ migrateFile(fullPath);
70
+ }
71
+ }
72
+ }
73
+ }
74
+
75
+ console.log("Starting XHS Migration...");
76
+
77
+ for (const dir of DIRS_TO_SCAN) {
78
+ const absolutePath = path.resolve(process.cwd(), dir);
79
+ if (fs.existsSync(absolutePath)) {
80
+ walk(absolutePath);
81
+ }
82
+ }
83
+
84
+ for (const file of FILES_TO_SCAN) {
85
+ const absolutePath = path.resolve(process.cwd(), file);
86
+ if (fs.existsSync(absolutePath)) {
87
+ migrateFile(absolutePath);
88
+ }
89
+ }
90
+
91
+ console.log("Migration Complete!");
92
+
@@ -1,216 +0,0 @@
1
- 'use strict';
2
-
3
- var xyprissSecurity = require('xypriss-security');
4
- var nehoid = require('nehoid');
5
-
6
- /**
7
- * Console Encryption Module
8
- * Handles encryption and decryption of console logs using XyPrissJS crypto utilities
9
- */
10
- /**
11
- * Console Encryption Handler
12
- * Uses XyPrissJS encryption utilities for production-grade console log encryption
13
- */
14
- class ConsoleEncryption {
15
- constructor(config) {
16
- this.derivedKey = null;
17
- this.keyVersion = 1;
18
- this.config = config;
19
- this.logBuffer = {
20
- entries: [],
21
- maxSize: 1000, // Maximum number of encrypted logs to keep in memory
22
- currentSize: 0,
23
- };
24
- }
25
- /**
26
- * Encrypt a console log entry
27
- */
28
- async encryptLogEntry(call) {
29
- if (!this.config.enabled || !this.config.key) {
30
- throw new Error("Encryption is not enabled or key is not set");
31
- }
32
- try {
33
- // Prepare log data
34
- const logData = {
35
- method: call.method,
36
- args: call.args,
37
- timestamp: call.timestamp,
38
- level: call.level,
39
- source: call.source,
40
- stackTrace: call.stackTrace,
41
- };
42
- // Map our algorithm to EncryptionService algorithm
43
- const algorithm = this.config.algorithm === "aes-256-gcm"
44
- ? "aes-256-gcm"
45
- : "chacha20-poly1305";
46
- // Use XyPrissJS EncryptionService for production-grade encryption
47
- const encryptedData = await xyprissSecurity.EncryptionService.encrypt(logData, this.config.key, {
48
- algorithm,
49
- keyDerivationIterations: this.config.iterations,
50
- quantumSafe: algorithm === "chacha20-poly1305", // Enable quantum-safe features
51
- });
52
- // EncryptionService returns a JSON string with the encrypted package
53
- // We'll store it directly as our encrypted data
54
- const entry = {
55
- id: this.generateEntryId(),
56
- timestamp: call.timestamp,
57
- encrypted: encryptedData, // Store the entire encrypted package
58
- iv: "", // Not needed since EncryptionService handles this
59
- authTag: "", // Not needed since EncryptionService handles this
60
- salt: "", // Not needed since EncryptionService handles this
61
- metadata: {
62
- algorithm: this.config.algorithm || "aes-256-gcm",
63
- keyDerivation: this.config.keyDerivation || "pbkdf2",
64
- iterations: this.config.iterations || 100000,
65
- },
66
- };
67
- // Add to buffer
68
- this.addToBuffer(entry);
69
- return entry;
70
- }
71
- catch (error) {
72
- const errorMessage = error instanceof Error ? error.message : String(error);
73
- throw new Error(`Failed to encrypt log entry: ${errorMessage}`);
74
- }
75
- }
76
- /**
77
- * Decrypt a log entry
78
- */
79
- async decryptLogEntry(entry, key) {
80
- try {
81
- // The encrypted data is already in the format expected by EncryptionService
82
- const decryptedData = await xyprissSecurity.EncryptionService.decrypt(entry.encrypted, key);
83
- return decryptedData;
84
- }
85
- catch (error) {
86
- const errorMessage = error instanceof Error ? error.message : String(error);
87
- throw new Error(`Failed to decrypt log entry: ${errorMessage}`);
88
- }
89
- }
90
- /**
91
- * Get all encrypted logs from buffer
92
- */
93
- getEncryptedLogs() {
94
- return [...this.logBuffer.entries];
95
- }
96
- /**
97
- * Get encrypted logs as strings (for external transmission)
98
- */
99
- getEncryptedLogsAsStrings() {
100
- return this.logBuffer.entries.map((entry) => JSON.stringify(entry));
101
- }
102
- /**
103
- * Restore logs from encrypted strings
104
- */
105
- async restoreFromEncryptedStrings(encryptedStrings, key) {
106
- const results = [];
107
- for (const encryptedString of encryptedStrings) {
108
- try {
109
- const entry = JSON.parse(encryptedString);
110
- const decrypted = await this.decryptLogEntry(entry, key);
111
- results.push(decrypted);
112
- }
113
- catch (error) {
114
- const errorMessage = error instanceof Error ? error.message : String(error);
115
- console.warn(`Failed to restore encrypted log entry: ${errorMessage}`);
116
- }
117
- }
118
- return results;
119
- }
120
- /**
121
- * Clear the log buffer
122
- */
123
- clearBuffer() {
124
- // Securely wipe the buffer
125
- this.logBuffer.entries.forEach((entry) => {
126
- // Overwrite sensitive data
127
- entry.encrypted = "";
128
- entry.iv = "";
129
- entry.authTag = "";
130
- entry.salt = "";
131
- });
132
- this.logBuffer.entries = [];
133
- this.logBuffer.currentSize = 0;
134
- }
135
- /**
136
- * Update encryption configuration
137
- */
138
- updateConfig(newConfig) {
139
- this.config = { ...this.config, ...newConfig };
140
- // If key changed, invalidate derived key
141
- if (newConfig.key) {
142
- this.derivedKey = null;
143
- this.keyVersion++;
144
- }
145
- }
146
- /**
147
- * Get buffer statistics
148
- */
149
- getBufferStats() {
150
- const memoryUsage = this.logBuffer.entries.reduce((total, entry) => {
151
- return total + JSON.stringify(entry).length;
152
- }, 0);
153
- return {
154
- totalEntries: this.logBuffer.entries.length,
155
- bufferSize: this.logBuffer.currentSize,
156
- maxSize: this.logBuffer.maxSize,
157
- memoryUsage,
158
- };
159
- }
160
- // Private helper methods
161
- generateEntryId() {
162
- // Generate a unique ID for the log entry
163
- return nehoid.NehoID.generate({ prefix: "op.nehonix.log", size: 16 });
164
- }
165
- addToBuffer(entry) {
166
- // Add entry to buffer
167
- this.logBuffer.entries.push(entry);
168
- this.logBuffer.currentSize++;
169
- // Maintain buffer size limit
170
- if (this.logBuffer.currentSize > this.logBuffer.maxSize) {
171
- const removed = this.logBuffer.entries.shift();
172
- if (removed) {
173
- // Securely wipe removed entry
174
- removed.encrypted = "";
175
- removed.iv = "";
176
- removed.authTag = "";
177
- removed.salt = "";
178
- this.logBuffer.currentSize--;
179
- }
180
- }
181
- }
182
- /**
183
- * Export encrypted logs for external transmission
184
- */
185
- async exportForExternalLogging() {
186
- const logs = this.getEncryptedLogsAsStrings();
187
- return {
188
- logs,
189
- metadata: {
190
- totalLogs: logs.length,
191
- exportTimestamp: Date.now(),
192
- keyVersion: this.keyVersion,
193
- algorithm: this.config.algorithm || "aes-256-gcm",
194
- },
195
- };
196
- }
197
- /**
198
- * Batch encrypt multiple log entries for performance
199
- */
200
- async batchEncryptLogEntries(calls) {
201
- const results = [];
202
- for (const call of calls) {
203
- try {
204
- const encrypted = await this.encryptLogEntry(call);
205
- results.push(encrypted);
206
- }
207
- catch (error) {
208
- console.warn(`Failed to encrypt log entry: ${error.message}`);
209
- }
210
- }
211
- return results;
212
- }
213
- }
214
-
215
- exports.ConsoleEncryption = ConsoleEncryption;
216
- //# sourceMappingURL=ConsoleEncryption.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"ConsoleEncryption.js","sources":["../../../../../../../../src/server/components/fastapi/console/encryption/ConsoleEncryption.ts"],"sourcesContent":[null],"names":["EncryptionService","NehoID"],"mappings":";;;;;AAAA;;;AAGG;AA0BH;;;AAGG;MACU,iBAAiB,CAAA;AAM1B,IAAA,WAAA,CAAY,MAA+B,EAAA;QAHnC,IAAA,CAAA,UAAU,GAAkB,IAAI;QAChC,IAAA,CAAA,UAAU,GAAW,CAAC;AAG1B,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;QACpB,IAAI,CAAC,SAAS,GAAG;AACb,YAAA,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,IAAI;AACb,YAAA,WAAW,EAAE,CAAC;SACjB;IACL;AAEA;;AAEG;IACI,MAAM,eAAe,CACxB,IAA4B,EAAA;AAE5B,QAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;AAC1C,YAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;QAClE;AAEA,QAAA,IAAI;;AAEA,YAAA,MAAM,OAAO,GAAG;gBACZ,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC9B;;YAGD,MAAM,SAAS,GACX,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK;AACtB,kBAAE;kBACA,mBAAmB;;AAG7B,YAAA,MAAM,aAAa,GAAG,MAAMA,iCAAiB,CAAC,OAAO,CACjD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,GAAG,EACf;gBACI,SAAS;AACT,gBAAA,uBAAuB,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;AAC/C,gBAAA,WAAW,EAAE,SAAS,KAAK,mBAAmB;AACjD,aAAA,CACJ;;;AAID,YAAA,MAAM,KAAK,GAAsB;AAC7B,gBAAA,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;gBAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,aAAa;gBACxB,EAAE,EAAE,EAAE;gBACN,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,EAAE;AACR,gBAAA,QAAQ,EAAE;AACN,oBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACjD,oBAAA,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,QAAQ;AACpD,oBAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM;AAC/C,iBAAA;aACJ;;AAGD,YAAA,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;AAEvB,YAAA,OAAO,KAAK;QAChB;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,eAAe,CACxB,KAAwB,EACxB,GAAW,EAAA;AAEX,QAAA,IAAI;;AAEA,YAAA,MAAM,aAAa,GAAG,MAAMA,iCAAiB,CAAC,OAAO,CACjD,KAAK,CAAC,SAAS,EACf,GAAG,CACN;AAED,YAAA,OAAO,aAAuC;QAClD;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;IACI,gBAAgB,GAAA;QACnB,OAAO,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;IACtC;AAEA;;AAEG;IACI,yBAAyB,GAAA;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvE;AAEA;;AAEG;AACI,IAAA,MAAM,2BAA2B,CACpC,gBAA0B,EAC1B,GAAW,EAAA;QAEX,MAAM,OAAO,GAA6B,EAAE;AAE5C,QAAA,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE;AAC5C,YAAA,IAAI;gBACA,MAAM,KAAK,GAAsB,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC;gBAC5D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC;AACxD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAK,EAAE;AACZ,gBAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,gBAAA,OAAO,CAAC,IAAI,CACR,0CAA0C,YAAY,CAAA,CAAE,CAC3D;YACL;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AAEA;;AAEG;IACI,WAAW,GAAA;;QAEd,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,KAAI;;AAErC,YAAA,KAAK,CAAC,SAAS,GAAG,EAAE;AACpB,YAAA,KAAK,CAAC,EAAE,GAAG,EAAE;AACb,YAAA,KAAK,CAAC,OAAO,GAAG,EAAE;AAClB,YAAA,KAAK,CAAC,IAAI,GAAG,EAAE;AACnB,QAAA,CAAC,CAAC;AAEF,QAAA,IAAI,CAAC,SAAS,CAAC,OAAO,GAAG,EAAE;AAC3B,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,CAAC;IAClC;AAEA;;AAEG;AACI,IAAA,YAAY,CAAC,SAA2C,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,EAAE;;AAG9C,QAAA,IAAI,SAAS,CAAC,GAAG,EAAE;AACf,YAAA,IAAI,CAAC,UAAU,GAAG,IAAI;YACtB,IAAI,CAAC,UAAU,EAAE;QACrB;IACJ;AAEA;;AAEG;IACI,cAAc,GAAA;AAMjB,QAAA,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,KAAK,KAAI;YAC/D,OAAO,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,MAAM;QAC/C,CAAC,EAAE,CAAC,CAAC;QAEL,OAAO;AACH,YAAA,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM;AAC3C,YAAA,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;AACtC,YAAA,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,WAAW;SACd;IACL;;IAIQ,eAAe,GAAA;;AAEnB,QAAA,OAAOC,aAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAClE;AAEQ,IAAA,WAAW,CAAC,KAAwB,EAAA;;QAExC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;AAClC,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;;AAG5B,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE;YACrD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE;YAC9C,IAAI,OAAO,EAAE;;AAET,gBAAA,OAAO,CAAC,SAAS,GAAG,EAAE;AACtB,gBAAA,OAAO,CAAC,EAAE,GAAG,EAAE;AACf,gBAAA,OAAO,CAAC,OAAO,GAAG,EAAE;AACpB,gBAAA,OAAO,CAAC,IAAI,GAAG,EAAE;AACjB,gBAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;YAChC;QACJ;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,wBAAwB,GAAA;AASjC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,EAAE;QAE7C,OAAO;YACH,IAAI;AACJ,YAAA,QAAQ,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,MAAM;AACtB,gBAAA,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;AAC3B,gBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACpD,aAAA;SACJ;IACL;AAEA;;AAEG;IACI,MAAM,sBAAsB,CAC/B,KAA+B,EAAA;QAE/B,MAAM,OAAO,GAAwB,EAAE;AAEvC,QAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;AACtB,YAAA,IAAI;gBACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC;AAClD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAU,EAAE;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAA,6BAAA,EAAgC,KAAK,CAAC,OAAO,CAAA,CAAE,CAAC;YACjE;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AACH;;;;"}
@@ -1,214 +0,0 @@
1
- import { EncryptionService } from 'xypriss-security';
2
- import { NehoID } from 'nehoid';
3
-
4
- /**
5
- * Console Encryption Module
6
- * Handles encryption and decryption of console logs using XyPrissJS crypto utilities
7
- */
8
- /**
9
- * Console Encryption Handler
10
- * Uses XyPrissJS encryption utilities for production-grade console log encryption
11
- */
12
- class ConsoleEncryption {
13
- constructor(config) {
14
- this.derivedKey = null;
15
- this.keyVersion = 1;
16
- this.config = config;
17
- this.logBuffer = {
18
- entries: [],
19
- maxSize: 1000, // Maximum number of encrypted logs to keep in memory
20
- currentSize: 0,
21
- };
22
- }
23
- /**
24
- * Encrypt a console log entry
25
- */
26
- async encryptLogEntry(call) {
27
- if (!this.config.enabled || !this.config.key) {
28
- throw new Error("Encryption is not enabled or key is not set");
29
- }
30
- try {
31
- // Prepare log data
32
- const logData = {
33
- method: call.method,
34
- args: call.args,
35
- timestamp: call.timestamp,
36
- level: call.level,
37
- source: call.source,
38
- stackTrace: call.stackTrace,
39
- };
40
- // Map our algorithm to EncryptionService algorithm
41
- const algorithm = this.config.algorithm === "aes-256-gcm"
42
- ? "aes-256-gcm"
43
- : "chacha20-poly1305";
44
- // Use XyPrissJS EncryptionService for production-grade encryption
45
- const encryptedData = await EncryptionService.encrypt(logData, this.config.key, {
46
- algorithm,
47
- keyDerivationIterations: this.config.iterations,
48
- quantumSafe: algorithm === "chacha20-poly1305", // Enable quantum-safe features
49
- });
50
- // EncryptionService returns a JSON string with the encrypted package
51
- // We'll store it directly as our encrypted data
52
- const entry = {
53
- id: this.generateEntryId(),
54
- timestamp: call.timestamp,
55
- encrypted: encryptedData, // Store the entire encrypted package
56
- iv: "", // Not needed since EncryptionService handles this
57
- authTag: "", // Not needed since EncryptionService handles this
58
- salt: "", // Not needed since EncryptionService handles this
59
- metadata: {
60
- algorithm: this.config.algorithm || "aes-256-gcm",
61
- keyDerivation: this.config.keyDerivation || "pbkdf2",
62
- iterations: this.config.iterations || 100000,
63
- },
64
- };
65
- // Add to buffer
66
- this.addToBuffer(entry);
67
- return entry;
68
- }
69
- catch (error) {
70
- const errorMessage = error instanceof Error ? error.message : String(error);
71
- throw new Error(`Failed to encrypt log entry: ${errorMessage}`);
72
- }
73
- }
74
- /**
75
- * Decrypt a log entry
76
- */
77
- async decryptLogEntry(entry, key) {
78
- try {
79
- // The encrypted data is already in the format expected by EncryptionService
80
- const decryptedData = await EncryptionService.decrypt(entry.encrypted, key);
81
- return decryptedData;
82
- }
83
- catch (error) {
84
- const errorMessage = error instanceof Error ? error.message : String(error);
85
- throw new Error(`Failed to decrypt log entry: ${errorMessage}`);
86
- }
87
- }
88
- /**
89
- * Get all encrypted logs from buffer
90
- */
91
- getEncryptedLogs() {
92
- return [...this.logBuffer.entries];
93
- }
94
- /**
95
- * Get encrypted logs as strings (for external transmission)
96
- */
97
- getEncryptedLogsAsStrings() {
98
- return this.logBuffer.entries.map((entry) => JSON.stringify(entry));
99
- }
100
- /**
101
- * Restore logs from encrypted strings
102
- */
103
- async restoreFromEncryptedStrings(encryptedStrings, key) {
104
- const results = [];
105
- for (const encryptedString of encryptedStrings) {
106
- try {
107
- const entry = JSON.parse(encryptedString);
108
- const decrypted = await this.decryptLogEntry(entry, key);
109
- results.push(decrypted);
110
- }
111
- catch (error) {
112
- const errorMessage = error instanceof Error ? error.message : String(error);
113
- console.warn(`Failed to restore encrypted log entry: ${errorMessage}`);
114
- }
115
- }
116
- return results;
117
- }
118
- /**
119
- * Clear the log buffer
120
- */
121
- clearBuffer() {
122
- // Securely wipe the buffer
123
- this.logBuffer.entries.forEach((entry) => {
124
- // Overwrite sensitive data
125
- entry.encrypted = "";
126
- entry.iv = "";
127
- entry.authTag = "";
128
- entry.salt = "";
129
- });
130
- this.logBuffer.entries = [];
131
- this.logBuffer.currentSize = 0;
132
- }
133
- /**
134
- * Update encryption configuration
135
- */
136
- updateConfig(newConfig) {
137
- this.config = { ...this.config, ...newConfig };
138
- // If key changed, invalidate derived key
139
- if (newConfig.key) {
140
- this.derivedKey = null;
141
- this.keyVersion++;
142
- }
143
- }
144
- /**
145
- * Get buffer statistics
146
- */
147
- getBufferStats() {
148
- const memoryUsage = this.logBuffer.entries.reduce((total, entry) => {
149
- return total + JSON.stringify(entry).length;
150
- }, 0);
151
- return {
152
- totalEntries: this.logBuffer.entries.length,
153
- bufferSize: this.logBuffer.currentSize,
154
- maxSize: this.logBuffer.maxSize,
155
- memoryUsage,
156
- };
157
- }
158
- // Private helper methods
159
- generateEntryId() {
160
- // Generate a unique ID for the log entry
161
- return NehoID.generate({ prefix: "op.nehonix.log", size: 16 });
162
- }
163
- addToBuffer(entry) {
164
- // Add entry to buffer
165
- this.logBuffer.entries.push(entry);
166
- this.logBuffer.currentSize++;
167
- // Maintain buffer size limit
168
- if (this.logBuffer.currentSize > this.logBuffer.maxSize) {
169
- const removed = this.logBuffer.entries.shift();
170
- if (removed) {
171
- // Securely wipe removed entry
172
- removed.encrypted = "";
173
- removed.iv = "";
174
- removed.authTag = "";
175
- removed.salt = "";
176
- this.logBuffer.currentSize--;
177
- }
178
- }
179
- }
180
- /**
181
- * Export encrypted logs for external transmission
182
- */
183
- async exportForExternalLogging() {
184
- const logs = this.getEncryptedLogsAsStrings();
185
- return {
186
- logs,
187
- metadata: {
188
- totalLogs: logs.length,
189
- exportTimestamp: Date.now(),
190
- keyVersion: this.keyVersion,
191
- algorithm: this.config.algorithm || "aes-256-gcm",
192
- },
193
- };
194
- }
195
- /**
196
- * Batch encrypt multiple log entries for performance
197
- */
198
- async batchEncryptLogEntries(calls) {
199
- const results = [];
200
- for (const call of calls) {
201
- try {
202
- const encrypted = await this.encryptLogEntry(call);
203
- results.push(encrypted);
204
- }
205
- catch (error) {
206
- console.warn(`Failed to encrypt log entry: ${error.message}`);
207
- }
208
- }
209
- return results;
210
- }
211
- }
212
-
213
- export { ConsoleEncryption };
214
- //# sourceMappingURL=ConsoleEncryption.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"ConsoleEncryption.js","sources":["../../../../../../../../src/server/components/fastapi/console/encryption/ConsoleEncryption.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAAA;;;AAGG;AA0BH;;;AAGG;MACU,iBAAiB,CAAA;AAM1B,IAAA,WAAA,CAAY,MAA+B,EAAA;QAHnC,IAAA,CAAA,UAAU,GAAkB,IAAI;QAChC,IAAA,CAAA,UAAU,GAAW,CAAC;AAG1B,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;QACpB,IAAI,CAAC,SAAS,GAAG;AACb,YAAA,OAAO,EAAE,EAAE;YACX,OAAO,EAAE,IAAI;AACb,YAAA,WAAW,EAAE,CAAC;SACjB;IACL;AAEA;;AAEG;IACI,MAAM,eAAe,CACxB,IAA4B,EAAA;AAE5B,QAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE;AAC1C,YAAA,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC;QAClE;AAEA,QAAA,IAAI;;AAEA,YAAA,MAAM,OAAO,GAAG;gBACZ,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC9B;;YAGD,MAAM,SAAS,GACX,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK;AACtB,kBAAE;kBACA,mBAAmB;;AAG7B,YAAA,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CACjD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,GAAG,EACf;gBACI,SAAS;AACT,gBAAA,uBAAuB,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;AAC/C,gBAAA,WAAW,EAAE,SAAS,KAAK,mBAAmB;AACjD,aAAA,CACJ;;;AAID,YAAA,MAAM,KAAK,GAAsB;AAC7B,gBAAA,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;gBAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,aAAa;gBACxB,EAAE,EAAE,EAAE;gBACN,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,EAAE;AACR,gBAAA,QAAQ,EAAE;AACN,oBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACjD,oBAAA,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,QAAQ;AACpD,oBAAA,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM;AAC/C,iBAAA;aACJ;;AAGD,YAAA,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;AAEvB,YAAA,OAAO,KAAK;QAChB;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,eAAe,CACxB,KAAwB,EACxB,GAAW,EAAA;AAEX,QAAA,IAAI;;AAEA,YAAA,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CACjD,KAAK,CAAC,SAAS,EACf,GAAG,CACN;AAED,YAAA,OAAO,aAAuC;QAClD;QAAE,OAAO,KAAK,EAAE;AACZ,YAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,CAAA,CAAE,CAAC;QACnE;IACJ;AAEA;;AAEG;IACI,gBAAgB,GAAA;QACnB,OAAO,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;IACtC;AAEA;;AAEG;IACI,yBAAyB,GAAA;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvE;AAEA;;AAEG;AACI,IAAA,MAAM,2BAA2B,CACpC,gBAA0B,EAC1B,GAAW,EAAA;QAEX,MAAM,OAAO,GAA6B,EAAE;AAE5C,QAAA,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE;AAC5C,YAAA,IAAI;gBACA,MAAM,KAAK,GAAsB,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC;gBAC5D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC;AACxD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAK,EAAE;AACZ,gBAAA,MAAM,YAAY,GACd,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;AAC1D,gBAAA,OAAO,CAAC,IAAI,CACR,0CAA0C,YAAY,CAAA,CAAE,CAC3D;YACL;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AAEA;;AAEG;IACI,WAAW,GAAA;;QAEd,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,KAAI;;AAErC,YAAA,KAAK,CAAC,SAAS,GAAG,EAAE;AACpB,YAAA,KAAK,CAAC,EAAE,GAAG,EAAE;AACb,YAAA,KAAK,CAAC,OAAO,GAAG,EAAE;AAClB,YAAA,KAAK,CAAC,IAAI,GAAG,EAAE;AACnB,QAAA,CAAC,CAAC;AAEF,QAAA,IAAI,CAAC,SAAS,CAAC,OAAO,GAAG,EAAE;AAC3B,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,CAAC;IAClC;AAEA;;AAEG;AACI,IAAA,YAAY,CAAC,SAA2C,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,EAAE;;AAG9C,QAAA,IAAI,SAAS,CAAC,GAAG,EAAE;AACf,YAAA,IAAI,CAAC,UAAU,GAAG,IAAI;YACtB,IAAI,CAAC,UAAU,EAAE;QACrB;IACJ;AAEA;;AAEG;IACI,cAAc,GAAA;AAMjB,QAAA,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,KAAK,KAAI;YAC/D,OAAO,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,MAAM;QAC/C,CAAC,EAAE,CAAC,CAAC;QAEL,OAAO;AACH,YAAA,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM;AAC3C,YAAA,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW;AACtC,YAAA,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO;YAC/B,WAAW;SACd;IACL;;IAIQ,eAAe,GAAA;;AAEnB,QAAA,OAAO,MAAM,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAClE;AAEQ,IAAA,WAAW,CAAC,KAAwB,EAAA;;QAExC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;AAClC,QAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;;AAG5B,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE;YACrD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE;YAC9C,IAAI,OAAO,EAAE;;AAET,gBAAA,OAAO,CAAC,SAAS,GAAG,EAAE;AACtB,gBAAA,OAAO,CAAC,EAAE,GAAG,EAAE;AACf,gBAAA,OAAO,CAAC,OAAO,GAAG,EAAE;AACpB,gBAAA,OAAO,CAAC,IAAI,GAAG,EAAE;AACjB,gBAAA,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;YAChC;QACJ;IACJ;AAEA;;AAEG;AACI,IAAA,MAAM,wBAAwB,GAAA;AASjC,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,yBAAyB,EAAE;QAE7C,OAAO;YACH,IAAI;AACJ,YAAA,QAAQ,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,MAAM;AACtB,gBAAA,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE;gBAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;AAC3B,gBAAA,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,aAAa;AACpD,aAAA;SACJ;IACL;AAEA;;AAEG;IACI,MAAM,sBAAsB,CAC/B,KAA+B,EAAA;QAE/B,MAAM,OAAO,GAAwB,EAAE;AAEvC,QAAA,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;AACtB,YAAA,IAAI;gBACA,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC;AAClD,gBAAA,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B;YAAE,OAAO,KAAU,EAAE;gBACjB,OAAO,CAAC,IAAI,CAAC,CAAA,6BAAA,EAAgC,KAAK,CAAC,OAAO,CAAA,CAAE,CAAC;YACjE;QACJ;AAEA,QAAA,OAAO,OAAO;IAClB;AACH;;;;"}