feature: port from python client lib

2026-01-17 12:02:08 +01:00 · 2026-01-17 12:02:08 +01:00 · fd1a3b50cb
commit fd1a3b50cb
parent 129c6cd004
29 changed files with 3141 additions and 2 deletions
--- a/src/core/memory/node.ts
+++ b/src/core/memory/node.ts
@ -0,0 +1,41 @@
+/**
+ * Node.js secure memory implementation (pure JavaScript)
+ * 
+ * LIMITATIONS:
+ * - This is a pure JavaScript implementation without native addons
+ * - Cannot lock memory (no mlock support without native addon)
+ * - JavaScript GC controls memory lifecycle
+ * - Best effort: immediate zeroing to minimize exposure time
+ * 
+ * FUTURE ENHANCEMENT:
+ * A native addon can be implemented separately to provide true mlock support.
+ * See the native/ directory for an optional native implementation.
+ */
+
+import { SecureMemory, ProtectionInfo } from '../../types/crypto';
+
+export class NodeSecureMemory implements SecureMemory {
+    /**
+     * Zero memory immediately
+     * Note: This doesn't prevent JavaScript GC from moving/copying the data
+     */
+    zeroMemory(data: ArrayBuffer): void {
+        const view = new Uint8Array(data);
+        view.fill(0);
+    }
+
+    /**
+     * Get protection information
+     */
+    getProtectionInfo(): ProtectionInfo {
+        return {
+            canLock: false,
+            isPlatformSecure: false,
+            method: 'zero-only',
+            details:
+                'Node.js environment (pure JS): memory locking not available without native addon. ' +
+                'Using immediate zeroing only. ' +
+                'For enhanced security, consider implementing the optional native addon (see native/ directory).',
+        };
+    }
+}