feat: add SPI-based CredentialFrameworkProvider resolution to PkiBootstrap via ServiceLoader
feat: add PkiBootstrap.openCredentialFramework() for provider-driven credential framework initialization
feat: register BcX509CredentialFrameworkProvider in META-INF/services
feat: introduce ConfigurableProvider.validateConfig(ProviderConfig) as a standard provider-side validation hook
fix: move generic backendId consistency validation into the default ConfigurableProvider validation routine
fix: enforce provider-local configuration validation from allocate() so direct provider use remains safe outside bootstrap
fix: add provider-specific validateConfig implementations for bootstrap-managed providers based on consumed configuration keys
fix: report unknown provider configuration keys through provider-local JUL warning logs without exposing values
fix: fail fast on malformed consumed configuration values instead of silently falling back where invalid input would mask operator error
fix: extend PkiBootstrapTest to cover CredentialFrameworkProvider bootstrap path
fix: extend PkiBootstrapTest to cover async and crypto.workflow initialization paths whose prefixed properties are cleared in test setup
fix: add negative bootstrap/provider validation coverage for backend mismatch and invalid configured values
docs: expand JavaDoc and package-level documentation for CredentialFrameworkProvider bootstrap wiring, ServiceLoader usage, and configuration validation behavior
chore: keep PkiBootstrap independent from implementation-specific BC framework classes and preserve provider autonomy over validation and diagnostics
Closes#3 spent @2h
feat: move integrations from lib to ext
feat: move content export from lib to ext
feat: rename affected packages for separate module distribution
chore: update Gradle module wiring
chore: adjust JPMS descriptors and dependencies
docs: update module structure documentation
fix: harden FsCodec determinism and persisted type round-trips
fix: align CSR PoP verification with standards-compatible signature validation
fix: make async approval deny propagation deterministic in signing bus tests
chore: reduce IDE/Gradle drift by strengthening regression coverage
Introduce a generic asynchronous bus used for internal PKI workflows,
with resilient sweep support and symmetric primitive/wrapper type
compatibility for dispatch handling.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
- Introduce a universal ConfigurableProvider/ProviderConfig abstraction
for ServiceLoader-based components and align PKI bootstrapping
utilities with it.
- Document deterministic provider selection, property-based
configuration conventions, and security requirements (never log config
values), including package-level documentation for spi, spi.store and
spi.bootstrap.
fix: harden audit runtime, fix gzip scanning, add bounds and docs
- Fix FileAuditSink concatenated gzip scan by shielding underlying
stream
- Use JUnit @TempDir for filesystem-backed tests
- Bound InMemoryAuditSink with deterministic ring buffer
- Add ServiceLoader smoke test and expand DefaultAuditService coverage
- Improve JavaDoc and logging across audit implementation
feat: add deterministic tests for PkiBootstrap with real SPI providers
- add JUnit 5 test suite for PkiBootstrap
- cover SPI selection for filesystem PkiStore and audit sinks
- use @TempDir for filesystem-backed providers
- register test ServiceLoader providers under src/test/resources
- ensure deterministic bootstrap behavior via system properties
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce a deterministic filesystem-backed PkiStore implementation
under zeroecho.pki.impl.fs.
Key characteristics:
- write-once semantics for immutable objects with explicit failure on
overwrite
- history tracking for mutable records with full audit trail
- atomic writes using NIO (temp + move) with best-effort durability
- strict snapshot export supporting time-travel reconstruction
- configurable history retention (ON_WRITE policy)
- no secrets logged; JUL-only diagnostics for anomalies
Includes comprehensive JUnit 5 tests validating:
- write-once enforcement
- history creation and overwrite semantics
- strict snapshot export (failure and positive selection cases)
- deterministic on-disk layout and structure
This implementation is intentionally non-public and serves as a
reference and validation baseline for future persistence backends.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
