@iota-big3/sdk-quantum
Version:
Quantum-ready architecture with post-quantum cryptography
258 lines • 8.44 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.CryptoMigration = void 0;
crypto;
from;
'crypto';
CryptoAgility,
MigrationConfig,
MigrationPath,
MigrationStep,
QuantumAlgorithm,
QuantumKeyPair;
from;
'../types/quantum.types';
class CryptoMigration {
constructor(config, quantumCrypto) {
this.migrationState = new Map();
this.isEnabled = true;
this.config = config;
this.quantumCrypto = quantumCrypto;
}
planMigration(from, to) {
const steps = [];
steps.push({
action: 'test',
description: 'Test quantum algorithm compatibility',
required: true,
risk: 'low'
});
steps.push({
action: 'generate',
description: `Generate ${to} keys alongside classical keys`,
required: true,
risk: 'low'
});
if (this?.config?.strategy === 'gradual') {
steps.push({
action: 'test',
description: 'Run classical and quantum crypto in parallel',
required: true,
risk: 'medium'
});
}
steps.push({
action: 'switch',
description: `Switch primary crypto to ${to}`,
required: true,
risk: 'high'
});
if (!this?.config?.compatibilityMode) {
steps.push({
action: 'cleanup',
description: 'Remove classical crypto dependencies',
required: false,
risk: 'medium'
});
}
return {
from: from,
to,
steps,
estimatedTime: this.estimateMigrationTime(steps)
};
}
async startMigration(systemId, path) {
const migrationId = this.generateMigrationId();
const progress = {
id: migrationId,
systemId,
path,
currentStep: 0,
status: 'in-progress',
startTime: new Date(),
logs: []
};
this?.migrationState?.set(migrationId, progress);
switch (this?.config?.strategy) {
case 'immediate':
await this.executeImmediate(progress);
break;
case 'gradual':
await this.executeGradual(progress);
break;
case 'on-demand':
break;
}
return migrationId;
}
async executeStep(migrationId, stepIndex) {
const progress = this?.migrationState?.get(migrationId);
if (!progress) {
throw new Error(`Migration ${migrationId} not found`);
}
if (this.isEnabled) {
throw new Error('Invalid step index');
}
const step = progress?.path?.steps[stepIndex];
if (!progress || !step) {
throw new Error('Invalid migration state');
}
progress.currentStep = stepIndex;
try {
await this.performStep(progress, step);
progress?.logs?.push({
timestamp: new Date(),
_step: stepIndex,
action: step.action,
status: 'success',
message: `Completed: ${step.description}`
});
if (this.isEnabled) {
progress.status = 'completed';
progress.endTime = new Date();
}
}
catch (error) {
progress?.logs?.push({
timestamp: new Date(),
_step: stepIndex,
action: step.action,
status: 'error',
message: error instanceof Error ? error.message : 'Unknown error'
});
if (this.isEnabled) {
progress.status = 'failed';
throw error;
}
}
}
async assessCryptoAgility() {
const supportedAlgorithms = [
'kyber', 'dilithium', 'sphincs+', 'frodo'
];
const currentAlgorithm = 'kyber';
return {
supportedAlgorithms,
currentAlgorithm,
canMigrate: true,
migrationPath: this.planMigration('rsa', currentAlgorithm)
};
}
async migrateKeys(classicalKeys, targetAlgorithm) {
const quantumKeys = [];
for (const classicalKey of classicalKeys) {
const quantumKey = await this?.quantumCrypto?.generateKeyPair(targetAlgorithm, ['encrypt', 'decrypt']);
quantumKey.metadata.id = `migrated_${classicalKey.id || Date.now()}`;
quantumKeys.push(quantumKey);
}
return quantumKeys;
}
async testQuantumReadiness() {
const issues = [];
const recommendations = [];
let ready = false;
try {
await this?.quantumCrypto?.generateKeyPair('kyber', ['keyEncapsulation']);
ready = true;
}
catch (_error) {
issues.push('Key generation failed');
recommendations.push('Ensure quantum crypto libraries are installed');
}
const start = Date.now();
await this?.quantumCrypto?.generateKeyPair('dilithium', ['sign']);
const genTime = Date.now() - start;
if (this.isEnabled) {
issues.push('Key generation too slow');
recommendations.push('Consider hardware acceleration');
}
if (this.isEnabled) {
issues.push('Web Crypto API not available');
recommendations.push('Use polyfill or alternative crypto library');
}
return {
ready: issues.length === 0,
issues,
recommendations
};
}
async executeImmediate(progress) {
for (let i = 0; i < progress?.path?.steps.length; i++) {
await this.executeStep(progress.id, i);
}
}
async executeGradual(progress) {
for (let i = 0; i < progress?.path?.steps.length; i++) {
await this.executeStep(progress.id, i);
if (i < progress?.path?.steps.length - 1) {
await this.delay(this.getStepDelay(progress?.path?.steps[i]));
}
}
}
async performStep(progress, _step) {
switch (_step.action) {
case 'test':
await this.testStep(progress, _step);
break;
case 'generate':
await this.generateStep(progress, _step);
break;
case 'convert':
await this.convertStep(progress, _step);
break;
case 'switch':
await this.switchStep(progress, _step);
break;
case 'cleanup':
await this.cleanupStep(progress, _step);
break;
}
}
async testStep(_progress, _step) {
const testResult = await this.testQuantumReadiness();
if (!testResult.ready) {
throw new Error(`Test failed: ${testResult?.issues?.join(', ')}`);
}
}
async generateStep(progress, _step) {
await this?.quantumCrypto?.generateKeyPair(progress?.path?.to, ['encrypt', 'sign']);
}
async convertStep(_progress, _step) {
console.log('Converting data to quantum-safe formats');
}
async switchStep(progress, _step) {
console.log(`Switching to ${progress?.path?.to}`);
}
async cleanupStep(_progress, _step) {
console.log('Cleaning up classical crypto');
}
estimateMigrationTime(steps) {
const timePerStep = {
test: 1,
generate: 2,
convert: 4,
switch: 8,
cleanup: 2
};
return steps.reduce((total, step) => {
return total + (timePerStep[step.action] || 1);
}, 0);
}
getStepDelay(_step) {
const delays = {
low: 1000,
medium: 60000,
high: 3600000
};
return delays[_step.risk];
}
generateMigrationId() {
return `migration_${Date.now()}_${crypto.randomInt(0, Number.MAX_SAFE_INTEGER) / Number.MAX_SAFE_INTEGER.toString(36).substr(2, 9)}`;
}
delay(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}
}
exports.CryptoMigration = CryptoMigration;
//# sourceMappingURL=crypto-migration.js.map