ci: merge staging to master

package.json

@@ -1,6 +1,6 @@
 {
   "name": "polykey",
-  "version": "1.2.1-alpha.14",
+  "version": "1.2.1-alpha.16",
   "homepage": "https://polykey.com",
   "author": "Matrix AI",
   "contributors": [

src/PolykeyAgent.ts

@@ -1,8 +1,8 @@
-import type { DeepPartial, FileSystem } from './types';
+import type { DeepPartial, FileSystem, ObjectEmpty } from './types';
 import type { PolykeyWorkerManagerInterface } from './workers/types';
 import type { TLSConfig } from './network/types';
-import type { SeedNodes, NodesOptions } from './nodes/types';
-import type { Key, KeysOptions } from './keys/types';
+import type { SeedNodes } from './nodes/types';
+import type { Key, PasswordOpsLimit, PasswordMemLimit } from './keys/types';
 import path from 'path';
 import process from 'process';
 import Logger from '@matrixai/logger';
@@ -54,26 +54,35 @@ type PolykeyAgentOptions = {
   seedNodes: SeedNodes;
   workers: number;
   ipv6Only: boolean;
-  keys: KeysOptions;
-  rpc: {
-    callTimeoutTime: number;
-    parserBufferSize: number;
-  };
+  keys: {
+    passwordOpsLimit: PasswordOpsLimit;
+    passwordMemLimit: PasswordMemLimit;
+    strictMemoryLock: boolean;
+    certDuration: number;
+    certRenewLeadTime: number;
+    recoveryCode: string;
+  } & (
+    | ObjectEmpty
+    | { recoveryCode: string }
+    | { privateKey: Buffer }
+    | { privateKeyPath: string }
+  );
   client: {
-    connectTimeoutTime: number;
     keepAliveTimeoutTime: number;
     keepAliveIntervalTime: number;
+    rpcCallTimeoutTime: number;
+    rpcParserBufferSize: number;
+  };
+  nodes: {
+    connectionIdleTimeoutTime: number;
+    connectionFindConcurrencyLimit: number;
+    connectionConnectTimeoutTime: number;
+    connectionKeepAliveTimeoutTime: number;
+    connectionKeepAliveIntervalTime: number;
+    connectionHolePunchIntervalTime: number;
+    rpcCallTimeoutTime: number;
+    rpcParserBufferSize: number;
   };
-  nodes: NodesOptions;
-};
-
-type PolykeyAgentStartOptions = {
-  clientServiceHost: string;
-  clientServicePort: number;
-  agentServiceHost: string;
-  agentServicePort: number;
-  ipv6Only: boolean;
-  workers: number;
 };
 
 interface PolykeyAgent extends CreateDestroyStartStop {}
@@ -113,9 +122,9 @@ class PolykeyAgent {
   }: {
     password: string;
     options?: DeepPartial<PolykeyAgentOptions>;
+    fresh?: boolean;
     fs?: FileSystem;
     logger?: Logger;
-    fresh?: boolean;
   }): Promise<PolykeyAgent> {
     logger.info(`Creating ${this.name}`);
     const umask = 0o077;
@@ -131,18 +140,18 @@ class PolykeyAgent {
       workers: config.defaultsUser.workers,
       ipv6Only: config.defaultsUser.ipv6Only,
       keys: {
+        passwordOpsLimit: config.defaultsUser.passwordOpsLimit,
+        passwordMemLimit: config.defaultsUser.passwordMemLimit,
+        strictMemoryLock: config.defaultsUser.strictMemoryLock,
         certDuration: config.defaultsUser.certDuration,
         certRenewLeadTime: config.defaultsUser.certRenewLeadTime,
       },
-      rpc: {
-        callTimeoutTime: config.defaultsSystem.rpcCallTimeoutTime,
-        parserBufferSize: config.defaultsSystem.rpcParserBufferSize,
-      },
       client: {
-        connectTimoutTime: config.defaultsSystem.clientConnectTimeoutTime,
         keepAliveTimeoutTime: config.defaultsSystem.clientKeepAliveTimeoutTime,
         keepAliveIntervalTime:
           config.defaultsSystem.clientKeepAliveIntervalTime,
+        rpcCallTimeoutTime: config.defaultsSystem.rpcCallTimeoutTime,
+        rpcParserBufferSize: config.defaultsSystem.rpcParserBufferSize,
       },
       nodes: {
         connectionIdleTimeoutTime:
@@ -181,7 +190,6 @@ class PolykeyAgent {
     const dbPath = path.join(statePath, config.paths.dbBase);
     const keysPath = path.join(statePath, config.paths.keysBase);
     const vaultsPath = path.join(statePath, config.paths.vaultsBase);
-
     let status: Status | undefined;
     let schema: Schema | undefined;
     let keyRing: KeyRing | undefined;
@@ -217,11 +225,16 @@ class PolykeyAgent {
       });
       keyRing = await KeyRing.createKeyRing({
         keysPath,
-        options: optionsDefaulted.keys,
         fs,
         fresh,
         password,
         logger: logger.getChild(KeyRing.name),
+        passwordMemLimit: optionsDefaulted.keys.passwordMemLimit,
+        passwordOpsLimit: optionsDefaulted.keys.passwordOpsLimit,
+        privateKey: optionsDefaulted.keys.privateKey,
+        privateKeyPath: optionsDefaulted.keys.privateKeyPath,
+        recoveryCode: optionsDefaulted.keys.recoveryCode,
+        strictMemoryLock: optionsDefaulted.keys.strictMemoryLock,
       });
       db = await DB.createDB({
         dbPath,
@@ -256,7 +269,8 @@ class PolykeyAgent {
         db,
         keyRing,
         taskManager,
-        options: optionsDefaulted.keys,
+        certDuration: optionsDefaulted.keys.certDuration,
+        certRenewLeadTime: optionsDefaulted.keys.certRenewLeadTime,
         logger: logger.getChild(CertManager.name),
         fresh,
       });
@@ -310,7 +324,20 @@ class PolykeyAgent {
         nodeGraph,
         tlsConfig,
         seedNodes: optionsDefaulted.seedNodes,
-        options: optionsDefaulted.nodes,
+        connectionFindConcurrencyLimit:
+          optionsDefaulted.nodes.connectionFindConcurrencyLimit,
+        connectionIdleTimeoutTime:
+          optionsDefaulted.nodes.connectionIdleTimeoutTime,
+        connectionConnectTimeoutTime:
+          optionsDefaulted.nodes.connectionConnectTimeoutTime,
+        connectionKeepAliveTimeoutTime:
+          optionsDefaulted.nodes.connectionKeepAliveTimeoutTime,
+        connectionKeepAliveIntervalTime:
+          optionsDefaulted.nodes.connectionKeepAliveIntervalTime,
+        connectionHolePunchIntervalTime:
+          optionsDefaulted.nodes.connectionHolePunchIntervalTime,
+        rpcParserBufferSize: optionsDefaulted.nodes.rpcParserBufferSize,
+        rpcCallTimeoutTime: optionsDefaulted.nodes.rpcCallTimeoutTime,
         logger: logger.getChild(NodeConnectionManager.name),
       });
       nodeManager = new NodeManager({
@@ -387,8 +414,8 @@ class PolykeyAgent {
         ),
         keepAliveTimeoutTime: optionsDefaulted.client.keepAliveTimeoutTime,
         keepAliveIntervalTime: optionsDefaulted.client.keepAliveIntervalTime,
-        rpcCallTimeoutTime: optionsDefaulted.rpc.callTimeoutTime,
-        rpcParserBufferSize: optionsDefaulted.rpc.parserBufferSize,
+        rpcCallTimeoutTime: optionsDefaulted.client.rpcCallTimeoutTime,
+        rpcParserBufferSize: optionsDefaulted.client.rpcParserBufferSize,
         logger: logger.getChild(ClientService.name),
       });
     } catch (e) {
@@ -469,6 +496,7 @@ class PolykeyAgent {
   public readonly fs: FileSystem;
   public readonly logger: Logger;
   public readonly clientService: ClientService;
+  public readonly privateKeyPath: string;
   protected workerManager: PolykeyWorkerManagerInterface | undefined;
 
   protected handleEventCertManagerCertChange = async (
@@ -585,7 +613,19 @@ class PolykeyAgent {
     fresh = false,
   }: {
     password: string;
-    options?: Partial<PolykeyAgentStartOptions>;
+    options?: DeepPartial<{
+      clientServiceHost: string;
+      clientServicePort: number;
+      agentServiceHost: string;
+      agentServicePort: number;
+      ipv6Only: boolean;
+      workers: number;
+      keys:
+        | ObjectEmpty
+        | { recoveryCode: string }
+        | { privateKey: Buffer }
+        | { privateKeyPath: string };
+    }>;
     workers?: number;
     fresh?: boolean;
   }) {
@@ -610,6 +650,9 @@ class PolykeyAgent {
       await this.keyRing.start({
         password,
         fresh,
+        recoveryCode: optionsDefaulted.keys?.recoveryCode,
+        privateKey: optionsDefaulted.keys?.privateKey,
+        privateKeyPath: optionsDefaulted.keys?.privateKeyPath,
       });
       await this.db.start({
         crypto: {