Skip to main content

Foundation Bridge Developer Guide

Foundation Bridge Developer Guide

Overview

Package: @bluefly/foundation-bridge Version: Latest License: GPL-2.0+

Production-grade integration layer for Apple technology stack, GnuPG cryptography, and Duo Security multi-factor authentication.

Key Features

  • Apple Technology Stack: macOS, iOS, iPadOS, Swift Foundation, Security Framework
  • Cryptography Services: GnuPG encryption, PGP operations, key management, S/MIME
  • Authentication: Duo Security MFA, push notifications, U2F/WebAuthn, TOTP
  • Secure Key Storage: Keychain integration, Secure Enclave, HSM support
  • Certificate Management: X.509 operations, CSR, certificate validation
  • Encryption Operations: AES-256, RSA, ECC, hybrid encryption

Installation

npm install @bluefly/foundation-bridge

Prerequisites

# macOS
brew install gnupg

# Ubuntu/Debian
apt-get install gnupg

# Verify
gpg --version

Quick Start

GnuPG Service

import { GnuPGService } from '@bluefly/foundation-bridge';

const gpg = new GnuPGService({
  homedir: '~/.gnupg',
  armor: true,
});

// Generate key pair
const key = await gpg.generateKey({
  name: 'John Doe',
  email: 'john@example.com',
  passphrase: 'secure-passphrase',
  keyType: 'RSA',
  keyLength: 4096,
  expiration: '2y',
});

// Encrypt message
const encrypted = await gpg.encrypt({
  message: 'Confidential data',
  recipients: ['john@example.com'],
  armor: true,
});

// Decrypt message
const decrypted = await gpg.decrypt({
  message: encrypted,
  passphrase: 'secure-passphrase',
});

Digital Signatures

// Sign message
const signature = await gpg.sign({
  message: 'Important document',
  keyId: key.keyId,
  passphrase: 'secure-passphrase',
  detached: true,
});

// Verify signature
const verification = await gpg.verify({
  message: 'Important document',
  signature: signature,
});

console.log('Valid:', verification.valid);

Duo Authentication

import { DuoService } from '@bluefly/foundation-bridge';

const duo = new DuoService({
  integrationKey: process.env.DUO_INTEGRATION_KEY,
  secretKey: process.env.DUO_SECRET_KEY,
  apiHostname: 'api-xxxxxxxx.duosecurity.com',
});

// Enroll user
const enrollment = await duo.enrollUser({
  username: 'john@example.com',
  email: 'john@example.com',
  phone: '+1-555-0123',
});

// Authenticate with push
const authResult = await duo.authenticate({
  username: 'john@example.com',
  factor: 'push',
  device: 'auto',
});

if (authResult.result === 'allow') {
  console.log('Authentication successful');
}

Apple Keychain

import { KeychainService } from '@bluefly/foundation-bridge';

const keychain = new KeychainService();

// Store secret
await keychain.setItem({
  service: 'llm-platform',
  account: 'api-key',
  password: 'secret-api-key-123',
  accessGroup: 'com.bluefly.llm',
});

// Retrieve secret
const secret = await keychain.getItem({
  service: 'llm-platform',
  account: 'api-key',
});

API Reference

GnuPG API

  • POST /api/v1/gnupg/keys/generate - Generate key pair
  • POST /api/v1/gnupg/encrypt - Encrypt message
  • POST /api/v1/gnupg/decrypt - Decrypt message
  • POST /api/v1/gnupg/sign - Sign message
  • POST /api/v1/gnupg/verify - Verify signature

Duo API

  • POST /api/v1/duo/enroll - Enroll user
  • POST /api/v1/duo/auth - Authenticate user
  • GET /api/v1/duo/devices - List user devices

Keychain API

  • POST /api/v1/keychain/items - Store item
  • GET /api/v1/keychain/items/:service/:account - Retrieve item
  • DELETE /api/v1/keychain/items/:service/:account - Delete item

Configuration

Environment Variables

# GnuPG
GNUPG_HOME=~/.gnupg
GNUPG_ARMOR=true

# Duo Security
DUO_INTEGRATION_KEY=your-integration-key
DUO_SECRET_KEY=your-secret-key

# Server
PORT=3007

Testing

npm test
npm run test:integration
npm run test:coverage

Documentation