bytelyst/learning_ai_common_plat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4de3974a26
learning_ai_common_plat/packages/field-encrypt/src/dek-store-memory.ts
saravanakumardb1 bb3f5385fc feat(field-encrypt): create @bytelyst/field-encrypt package with AES-256-GCM envelope encryption 
- 10 source files: types, aes-gcm, 3 key providers (memory/env/akv), envelope, key-cache, dek-store, guards, migration, factory
- 42 Vitest tests: AES-GCM roundtrips, tamper detection, unicode, 100KB payloads, key providers, DEK cache TTL/LRU, envelope lifecycle, migration (dry-run + idempotent), config validation
- AKV MEK creation script (scripts/create-encryption-keys.sh) for 10 product MEKs
- .env.example updated with FIELD_ENCRYPT_* vars
2026-03-21 09:18:10 -07:00

28 lines
657 B
TypeScript
Raw Blame History

/**
* @bytelyst/field-encrypt — In-memory DEK store
*
* Default DEK store for dev/test. Production should use a Cosmos-backed store.
*/
import type { DekStore, WrappedDek } from './types.js';
export class MemoryDekStore implements DekStore {
private readonly deks = new Map<string, WrappedDek>();
async get(dekId: string): Promise<WrappedDek | null> {
return this.deks.get(dekId) ?? null;
}
async put(dek: WrappedDek): Promise<void> {
this.deks.set(dek.dekId, dek);
}
async listIds(): Promise<string[]> {
return [...this.deks.keys()];
}
async delete(dekId: string): Promise<void> {
this.deks.delete(dekId);
}
}
Reference in New Issue View Git Blame Copy Permalink