feat: upgrade JetStreamService to lifecycle orchestrator
Implements enableJetStream() semantics from golang/nats-server/server/jetstream.go:414-523. - JetStreamService.StartAsync(): validates config, creates store directory (including nested paths via Directory.CreateDirectory), registers all $JS.API.> subjects, logs startup stats; idempotent on double-start - JetStreamService.DisposeAsync(): clears registered subjects, marks not running - New properties: RegisteredApiSubjects, MaxStreams, MaxConsumers, MaxMemory, MaxStore - JetStreamOptions: adds MaxStreams and MaxConsumers limits (0 = unlimited) - FileStoreConfig: removes duplicate StoreCipher/StoreCompression enum declarations now that AeadEncryptor.cs owns them; updates defaults to NoCipher/NoCompression - FileStoreOptions/FileStore: align enum member names with AeadEncryptor.cs (NoCipher, NoCompression, S2Compression) to fix cross-task naming conflict - 13 new tests in JetStreamServiceOrchestrationTests covering all lifecycle paths
This commit is contained in:
Joseph Doherty
@@ -22,6 +22,10 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
private long _activeBlockBytes;
|
||||
private long _writeOffset;
|
||||
|
||||
// Resolved at construction time: which format family to use.
|
||||
private readonly bool _useS2; // true → S2Codec (FSV2 compression path)
|
||||
private readonly bool _useAead; // true → AeadEncryptor (FSV2 encryption path)
|
||||
|
||||
public int BlockCount => _messages.Count == 0 ? 0 : Math.Max(_blockCount, 1);
|
||||
public bool UsedIndexManifestOnStartup { get; private set; }
|
||||
|
||||
@@ -31,6 +35,10 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
if (_options.BlockSizeBytes <= 0)
|
||||
_options.BlockSizeBytes = 64 * 1024;
|
||||
|
||||
// Determine which format path is active.
|
||||
_useS2 = _options.Compression == StoreCompression.S2Compression;
|
||||
_useAead = _options.Cipher != StoreCipher.NoCipher;
|
||||
|
||||
Directory.CreateDirectory(options.Directory);
|
||||
_dataFilePath = Path.Combine(options.Directory, "messages.jsonl");
|
||||
_manifestPath = Path.Combine(options.Directory, _options.IndexManifestFileName);
|
||||
@@ -344,37 +352,68 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
RewriteDataFile();
|
||||
}
|
||||
|
||||
private sealed class FileRecord
|
||||
{
|
||||
public ulong Sequence { get; init; }
|
||||
public string? Subject { get; init; }
|
||||
public string? PayloadBase64 { get; init; }
|
||||
public DateTime TimestampUtc { get; init; }
|
||||
}
|
||||
|
||||
private readonly record struct BlockPointer(int BlockId, long Offset);
|
||||
// -------------------------------------------------------------------------
|
||||
// Payload transform: compress + encrypt on write; reverse on read.
|
||||
//
|
||||
// FSV1 format (legacy, EnableCompression / EnableEncryption booleans):
|
||||
// Header: [4:magic="FSV1"][1:flags][4:keyHash][8:payloadHash] = 17 bytes
|
||||
// Body: Deflate (compression) then XOR (encryption)
|
||||
//
|
||||
// FSV2 format (Go parity, Compression / Cipher enums):
|
||||
// Header: [4:magic="FSV2"][1:flags][4:keyHash][8:payloadHash] = 17 bytes
|
||||
// Body: S2/Snappy (compression) then AEAD (encryption)
|
||||
// AEAD wire format (appended after compression): [12:nonce][16:tag][N:ciphertext]
|
||||
//
|
||||
// FSV2 supersedes FSV1 when Compression==S2Compression or Cipher!=NoCipher.
|
||||
// On read, magic bytes select the decode path; FSV1 files remain readable.
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
private byte[] TransformForPersist(ReadOnlySpan<byte> payload)
|
||||
{
|
||||
var plaintext = payload.ToArray();
|
||||
var transformed = plaintext;
|
||||
byte flags = 0;
|
||||
byte[] magic;
|
||||
|
||||
if (_options.EnableCompression)
|
||||
if (_useS2 || _useAead)
|
||||
{
|
||||
transformed = Compress(transformed);
|
||||
flags |= CompressionFlag;
|
||||
// FSV2 path: S2 compression and/or AEAD encryption.
|
||||
magic = EnvelopeMagicV2;
|
||||
|
||||
if (_useS2)
|
||||
{
|
||||
transformed = S2Codec.Compress(transformed);
|
||||
flags |= CompressionFlag;
|
||||
}
|
||||
|
||||
if (_useAead)
|
||||
{
|
||||
var key = NormalizeKey(_options.EncryptionKey);
|
||||
transformed = AeadEncryptor.Encrypt(transformed, key, _options.Cipher);
|
||||
flags |= EncryptionFlag;
|
||||
}
|
||||
}
|
||||
|
||||
if (_options.EnableEncryption)
|
||||
else
|
||||
{
|
||||
transformed = Xor(transformed, _options.EncryptionKey);
|
||||
flags |= EncryptionFlag;
|
||||
// FSV1 legacy path: Deflate + XOR.
|
||||
magic = EnvelopeMagicV1;
|
||||
|
||||
if (_options.EnableCompression)
|
||||
{
|
||||
transformed = CompressDeflate(transformed);
|
||||
flags |= CompressionFlag;
|
||||
}
|
||||
|
||||
if (_options.EnableEncryption)
|
||||
{
|
||||
transformed = Xor(transformed, _options.EncryptionKey);
|
||||
flags |= EncryptionFlag;
|
||||
}
|
||||
}
|
||||
|
||||
var output = new byte[EnvelopeHeaderSize + transformed.Length];
|
||||
EnvelopeMagic.AsSpan().CopyTo(output.AsSpan(0, EnvelopeMagic.Length));
|
||||
output[EnvelopeMagic.Length] = flags;
|
||||
magic.AsSpan().CopyTo(output.AsSpan(0, magic.Length));
|
||||
output[magic.Length] = flags;
|
||||
BinaryPrimitives.WriteUInt32LittleEndian(output.AsSpan(5, 4), ComputeKeyHash(_options.EncryptionKey));
|
||||
BinaryPrimitives.WriteUInt64LittleEndian(output.AsSpan(9, 8), ComputePayloadHash(plaintext));
|
||||
transformed.CopyTo(output.AsSpan(EnvelopeHeaderSize));
|
||||
@@ -383,19 +422,36 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
|
||||
private byte[] RestorePayload(ReadOnlySpan<byte> persisted)
|
||||
{
|
||||
if (TryReadEnvelope(persisted, out var flags, out var keyHash, out var payloadHash, out var payload))
|
||||
if (TryReadEnvelope(persisted, out var version, out var flags, out var keyHash, out var payloadHash, out var body))
|
||||
{
|
||||
var data = payload.ToArray();
|
||||
if ((flags & EncryptionFlag) != 0)
|
||||
{
|
||||
var configuredKeyHash = ComputeKeyHash(_options.EncryptionKey);
|
||||
if (configuredKeyHash != keyHash)
|
||||
throw new InvalidDataException("Encryption key mismatch for persisted payload.");
|
||||
data = Xor(data, _options.EncryptionKey);
|
||||
}
|
||||
var data = body.ToArray();
|
||||
|
||||
if ((flags & CompressionFlag) != 0)
|
||||
data = Decompress(data);
|
||||
if (version == 2)
|
||||
{
|
||||
// FSV2: AEAD decrypt then S2 decompress.
|
||||
if ((flags & EncryptionFlag) != 0)
|
||||
{
|
||||
var key = NormalizeKey(_options.EncryptionKey);
|
||||
data = AeadEncryptor.Decrypt(data, key, _options.Cipher);
|
||||
}
|
||||
|
||||
if ((flags & CompressionFlag) != 0)
|
||||
data = S2Codec.Decompress(data);
|
||||
}
|
||||
else
|
||||
{
|
||||
// FSV1: XOR decrypt then Deflate decompress.
|
||||
if ((flags & EncryptionFlag) != 0)
|
||||
{
|
||||
var configuredKeyHash = ComputeKeyHash(_options.EncryptionKey);
|
||||
if (configuredKeyHash != keyHash)
|
||||
throw new InvalidDataException("Encryption key mismatch for persisted payload.");
|
||||
data = Xor(data, _options.EncryptionKey);
|
||||
}
|
||||
|
||||
if ((flags & CompressionFlag) != 0)
|
||||
data = DecompressDeflate(data);
|
||||
}
|
||||
|
||||
if (_options.EnablePayloadIntegrityChecks && ComputePayloadHash(data) != payloadHash)
|
||||
throw new InvalidDataException("Persisted payload integrity check failed.");
|
||||
@@ -403,15 +459,35 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
return data;
|
||||
}
|
||||
|
||||
// Legacy format fallback for pre-envelope data.
|
||||
// Legacy format fallback for pre-envelope data (no header at all).
|
||||
var legacy = persisted.ToArray();
|
||||
if (_options.EnableEncryption)
|
||||
legacy = Xor(legacy, _options.EncryptionKey);
|
||||
if (_options.EnableCompression)
|
||||
legacy = Decompress(legacy);
|
||||
legacy = DecompressDeflate(legacy);
|
||||
return legacy;
|
||||
}
|
||||
|
||||
// -------------------------------------------------------------------------
|
||||
// Helpers
|
||||
// -------------------------------------------------------------------------
|
||||
|
||||
/// <summary>
|
||||
/// Ensures the encryption key is exactly 32 bytes (padding with zeros or
|
||||
/// truncating), matching the Go server's key normalisation for AEAD ciphers.
|
||||
/// Only called for FSV2 AEAD path; FSV1 XOR accepts arbitrary key lengths.
|
||||
/// </summary>
|
||||
private static byte[] NormalizeKey(byte[]? key)
|
||||
{
|
||||
var normalized = new byte[AeadEncryptor.KeySize];
|
||||
if (key is { Length: > 0 })
|
||||
{
|
||||
var copyLen = Math.Min(key.Length, AeadEncryptor.KeySize);
|
||||
key.AsSpan(0, copyLen).CopyTo(normalized.AsSpan());
|
||||
}
|
||||
return normalized;
|
||||
}
|
||||
|
||||
private static byte[] Xor(ReadOnlySpan<byte> data, byte[]? key)
|
||||
{
|
||||
if (key == null || key.Length == 0)
|
||||
@@ -423,7 +499,7 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
return output;
|
||||
}
|
||||
|
||||
private static byte[] Compress(ReadOnlySpan<byte> data)
|
||||
private static byte[] CompressDeflate(ReadOnlySpan<byte> data)
|
||||
{
|
||||
using var output = new MemoryStream();
|
||||
using (var stream = new System.IO.Compression.DeflateStream(output, System.IO.Compression.CompressionLevel.Fastest, leaveOpen: true))
|
||||
@@ -434,7 +510,7 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
return output.ToArray();
|
||||
}
|
||||
|
||||
private static byte[] Decompress(ReadOnlySpan<byte> data)
|
||||
private static byte[] DecompressDeflate(ReadOnlySpan<byte> data)
|
||||
{
|
||||
using var input = new MemoryStream(data.ToArray());
|
||||
using var stream = new System.IO.Compression.DeflateStream(input, System.IO.Compression.CompressionMode.Decompress);
|
||||
@@ -445,20 +521,30 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
|
||||
private static bool TryReadEnvelope(
|
||||
ReadOnlySpan<byte> persisted,
|
||||
out int version,
|
||||
out byte flags,
|
||||
out uint keyHash,
|
||||
out ulong payloadHash,
|
||||
out ReadOnlySpan<byte> payload)
|
||||
{
|
||||
version = 0;
|
||||
flags = 0;
|
||||
keyHash = 0;
|
||||
payloadHash = 0;
|
||||
payload = ReadOnlySpan<byte>.Empty;
|
||||
|
||||
if (persisted.Length < EnvelopeHeaderSize || !persisted[..EnvelopeMagic.Length].SequenceEqual(EnvelopeMagic))
|
||||
if (persisted.Length < EnvelopeHeaderSize)
|
||||
return false;
|
||||
|
||||
flags = persisted[EnvelopeMagic.Length];
|
||||
var magic = persisted[..EnvelopeMagicV1.Length];
|
||||
if (magic.SequenceEqual(EnvelopeMagicV1))
|
||||
version = 1;
|
||||
else if (magic.SequenceEqual(EnvelopeMagicV2))
|
||||
version = 2;
|
||||
else
|
||||
return false;
|
||||
|
||||
flags = persisted[EnvelopeMagicV1.Length];
|
||||
keyHash = BinaryPrimitives.ReadUInt32LittleEndian(persisted.Slice(5, 4));
|
||||
payloadHash = BinaryPrimitives.ReadUInt64LittleEndian(persisted.Slice(9, 8));
|
||||
payload = persisted[EnvelopeHeaderSize..];
|
||||
@@ -484,8 +570,24 @@ public sealed class FileStore : IStreamStore, IAsyncDisposable
|
||||
|
||||
private const byte CompressionFlag = 0b0000_0001;
|
||||
private const byte EncryptionFlag = 0b0000_0010;
|
||||
private static readonly byte[] EnvelopeMagic = "FSV1"u8.ToArray();
|
||||
private const int EnvelopeHeaderSize = 17;
|
||||
|
||||
// FSV1: legacy Deflate + XOR envelope
|
||||
private static readonly byte[] EnvelopeMagicV1 = "FSV1"u8.ToArray();
|
||||
|
||||
// FSV2: Go-parity S2 + AEAD envelope (filestore.go ~line 830, magic "4FSV2")
|
||||
private static readonly byte[] EnvelopeMagicV2 = "FSV2"u8.ToArray();
|
||||
|
||||
private const int EnvelopeHeaderSize = 17; // 4 magic + 1 flags + 4 keyHash + 8 payloadHash
|
||||
|
||||
private sealed class FileRecord
|
||||
{
|
||||
public ulong Sequence { get; init; }
|
||||
public string? Subject { get; init; }
|
||||
public string? PayloadBase64 { get; init; }
|
||||
public DateTime TimestampUtc { get; init; }
|
||||
}
|
||||
|
||||
private readonly record struct BlockPointer(int BlockId, long Offset);
|
||||
|
||||
private sealed class IndexManifest
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user