Integrate BACKBEAT SDK and resolve KACHING license validation

Major integrations and fixes:
- Added BACKBEAT SDK integration for P2P operation timing
- Implemented beat-aware status tracking for distributed operations
- Added Docker secrets support for secure license management
- Resolved KACHING license validation via HTTPS/TLS
- Updated docker-compose configuration for clean stack deployment
- Disabled rollback policies to prevent deployment failures
- Added license credential storage (CHORUS-DEV-MULTI-001)

Technical improvements:
- BACKBEAT P2P operation tracking with phase management
- Enhanced configuration system with file-based secrets
- Improved error handling for license validation
- Clean separation of KACHING and CHORUS deployment stacks

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

vendor/filippo.io/age/internal/bech32/bech32.go

@@ -0,0 +1,173 @@
+// Copyright (c) 2017 Takatoshi Nakagawa
+// Copyright (c) 2019 The age Authors
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+// Package bech32 is a modified version of the reference implementation of BIP173.
+package bech32
+
+import (
+	"fmt"
+	"strings"
+)
+
+var charset = "qpzry9x8gf2tvdw0s3jn54khce6mua7l"
+
+var generator = []uint32{0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3}
+
+func polymod(values []byte) uint32 {
+	chk := uint32(1)
+	for _, v := range values {
+		top := chk >> 25
+		chk = (chk & 0x1ffffff) << 5
+		chk = chk ^ uint32(v)
+		for i := 0; i < 5; i++ {
+			bit := top >> i & 1
+			if bit == 1 {
+				chk ^= generator[i]
+			}
+		}
+	}
+	return chk
+}
+
+func hrpExpand(hrp string) []byte {
+	h := []byte(strings.ToLower(hrp))
+	var ret []byte
+	for _, c := range h {
+		ret = append(ret, c>>5)
+	}
+	ret = append(ret, 0)
+	for _, c := range h {
+		ret = append(ret, c&31)
+	}
+	return ret
+}
+
+func verifyChecksum(hrp string, data []byte) bool {
+	return polymod(append(hrpExpand(hrp), data...)) == 1
+}
+
+func createChecksum(hrp string, data []byte) []byte {
+	values := append(hrpExpand(hrp), data...)
+	values = append(values, []byte{0, 0, 0, 0, 0, 0}...)
+	mod := polymod(values) ^ 1
+	ret := make([]byte, 6)
+	for p := range ret {
+		shift := 5 * (5 - p)
+		ret[p] = byte(mod>>shift) & 31
+	}
+	return ret
+}
+
+func convertBits(data []byte, frombits, tobits byte, pad bool) ([]byte, error) {
+	var ret []byte
+	acc := uint32(0)
+	bits := byte(0)
+	maxv := byte(1<<tobits - 1)
+	for idx, value := range data {
+		if value>>frombits != 0 {
+			return nil, fmt.Errorf("invalid data range: data[%d]=%d (frombits=%d)", idx, value, frombits)
+		}
+		acc = acc<<frombits | uint32(value)
+		bits += frombits
+		for bits >= tobits {
+			bits -= tobits
+			ret = append(ret, byte(acc>>bits)&maxv)
+		}
+	}
+	if pad {
+		if bits > 0 {
+			ret = append(ret, byte(acc<<(tobits-bits))&maxv)
+		}
+	} else if bits >= frombits {
+		return nil, fmt.Errorf("illegal zero padding")
+	} else if byte(acc<<(tobits-bits))&maxv != 0 {
+		return nil, fmt.Errorf("non-zero padding")
+	}
+	return ret, nil
+}
+
+// Encode encodes the HRP and a bytes slice to Bech32. If the HRP is uppercase,
+// the output will be uppercase.
+func Encode(hrp string, data []byte) (string, error) {
+	values, err := convertBits(data, 8, 5, true)
+	if err != nil {
+		return "", err
+	}
+	if len(hrp) < 1 {
+		return "", fmt.Errorf("invalid HRP: %q", hrp)
+	}
+	for p, c := range hrp {
+		if c < 33 || c > 126 {
+			return "", fmt.Errorf("invalid HRP character: hrp[%d]=%d", p, c)
+		}
+	}
+	if strings.ToUpper(hrp) != hrp && strings.ToLower(hrp) != hrp {
+		return "", fmt.Errorf("mixed case HRP: %q", hrp)
+	}
+	lower := strings.ToLower(hrp) == hrp
+	hrp = strings.ToLower(hrp)
+	var ret strings.Builder
+	ret.WriteString(hrp)
+	ret.WriteString("1")
+	for _, p := range values {
+		ret.WriteByte(charset[p])
+	}
+	for _, p := range createChecksum(hrp, values) {
+		ret.WriteByte(charset[p])
+	}
+	if lower {
+		return ret.String(), nil
+	}
+	return strings.ToUpper(ret.String()), nil
+}
+
+// Decode decodes a Bech32 string. If the string is uppercase, the HRP will be uppercase.
+func Decode(s string) (hrp string, data []byte, err error) {
+	if strings.ToLower(s) != s && strings.ToUpper(s) != s {
+		return "", nil, fmt.Errorf("mixed case")
+	}
+	pos := strings.LastIndex(s, "1")
+	if pos < 1 || pos+7 > len(s) {
+		return "", nil, fmt.Errorf("separator '1' at invalid position: pos=%d, len=%d", pos, len(s))
+	}
+	hrp = s[:pos]
+	for p, c := range hrp {
+		if c < 33 || c > 126 {
+			return "", nil, fmt.Errorf("invalid character human-readable part: s[%d]=%d", p, c)
+		}
+	}
+	s = strings.ToLower(s)
+	for p, c := range s[pos+1:] {
+		d := strings.IndexRune(charset, c)
+		if d == -1 {
+			return "", nil, fmt.Errorf("invalid character data part: s[%d]=%v", p, c)
+		}
+		data = append(data, byte(d))
+	}
+	if !verifyChecksum(hrp, data) {
+		return "", nil, fmt.Errorf("invalid checksum")
+	}
+	data, err = convertBits(data[:len(data)-6], 5, 8, false)
+	if err != nil {
+		return "", nil, err
+	}
+	return hrp, data, nil
+}

vendor/filippo.io/age/internal/format/format.go

@@ -0,0 +1,311 @@
+// Copyright 2019 The age Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package format implements the age file format.
+package format
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+)
+
+type Header struct {
+	Recipients []*Stanza
+	MAC        []byte
+}
+
+// Stanza is assignable to age.Stanza, and if this package is made public,
+// age.Stanza can be made a type alias of this type.
+type Stanza struct {
+	Type string
+	Args []string
+	Body []byte
+}
+
+var b64 = base64.RawStdEncoding.Strict()
+
+func DecodeString(s string) ([]byte, error) {
+	// CR and LF are ignored by DecodeString, but we don't want any malleability.
+	if strings.ContainsAny(s, "\n\r") {
+		return nil, errors.New(`unexpected newline character`)
+	}
+	return b64.DecodeString(s)
+}
+
+var EncodeToString = b64.EncodeToString
+
+const ColumnsPerLine = 64
+
+const BytesPerLine = ColumnsPerLine / 4 * 3
+
+// NewWrappedBase64Encoder returns a WrappedBase64Encoder that writes to dst.
+func NewWrappedBase64Encoder(enc *base64.Encoding, dst io.Writer) *WrappedBase64Encoder {
+	w := &WrappedBase64Encoder{dst: dst}
+	w.enc = base64.NewEncoder(enc, WriterFunc(w.writeWrapped))
+	return w
+}
+
+type WriterFunc func(p []byte) (int, error)
+
+func (f WriterFunc) Write(p []byte) (int, error) { return f(p) }
+
+// WrappedBase64Encoder is a standard base64 encoder that inserts an LF
+// character every ColumnsPerLine bytes. It does not insert a newline neither at
+// the beginning nor at the end of the stream, but it ensures the last line is
+// shorter than ColumnsPerLine, which means it might be empty.
+type WrappedBase64Encoder struct {
+	enc     io.WriteCloser
+	dst     io.Writer
+	written int
+	buf     bytes.Buffer
+}
+
+func (w *WrappedBase64Encoder) Write(p []byte) (int, error) { return w.enc.Write(p) }
+
+func (w *WrappedBase64Encoder) Close() error {
+	return w.enc.Close()
+}
+
+func (w *WrappedBase64Encoder) writeWrapped(p []byte) (int, error) {
+	if w.buf.Len() != 0 {
+		panic("age: internal error: non-empty WrappedBase64Encoder.buf")
+	}
+	for len(p) > 0 {
+		toWrite := ColumnsPerLine - (w.written % ColumnsPerLine)
+		if toWrite > len(p) {
+			toWrite = len(p)
+		}
+		n, _ := w.buf.Write(p[:toWrite])
+		w.written += n
+		p = p[n:]
+		if w.written%ColumnsPerLine == 0 {
+			w.buf.Write([]byte("\n"))
+		}
+	}
+	if _, err := w.buf.WriteTo(w.dst); err != nil {
+		// We always return n = 0 on error because it's hard to work back to the
+		// input length that ended up written out. Not ideal, but Write errors
+		// are not recoverable anyway.
+		return 0, err
+	}
+	return len(p), nil
+}
+
+// LastLineIsEmpty returns whether the last output line was empty, either
+// because no input was written, or because a multiple of BytesPerLine was.
+//
+// Calling LastLineIsEmpty before Close is meaningless.
+func (w *WrappedBase64Encoder) LastLineIsEmpty() bool {
+	return w.written%ColumnsPerLine == 0
+}
+
+const intro = "age-encryption.org/v1\n"
+
+var stanzaPrefix = []byte("->")
+var footerPrefix = []byte("---")
+
+func (r *Stanza) Marshal(w io.Writer) error {
+	if _, err := w.Write(stanzaPrefix); err != nil {
+		return err
+	}
+	for _, a := range append([]string{r.Type}, r.Args...) {
+		if _, err := io.WriteString(w, " "+a); err != nil {
+			return err
+		}
+	}
+	if _, err := io.WriteString(w, "\n"); err != nil {
+		return err
+	}
+	ww := NewWrappedBase64Encoder(b64, w)
+	if _, err := ww.Write(r.Body); err != nil {
+		return err
+	}
+	if err := ww.Close(); err != nil {
+		return err
+	}
+	_, err := io.WriteString(w, "\n")
+	return err
+}
+
+func (h *Header) MarshalWithoutMAC(w io.Writer) error {
+	if _, err := io.WriteString(w, intro); err != nil {
+		return err
+	}
+	for _, r := range h.Recipients {
+		if err := r.Marshal(w); err != nil {
+			return err
+		}
+	}
+	_, err := fmt.Fprintf(w, "%s", footerPrefix)
+	return err
+}
+
+func (h *Header) Marshal(w io.Writer) error {
+	if err := h.MarshalWithoutMAC(w); err != nil {
+		return err
+	}
+	mac := b64.EncodeToString(h.MAC)
+	_, err := fmt.Fprintf(w, " %s\n", mac)
+	return err
+}
+
+type StanzaReader struct {
+	r   *bufio.Reader
+	err error
+}
+
+func NewStanzaReader(r *bufio.Reader) *StanzaReader {
+	return &StanzaReader{r: r}
+}
+
+func (r *StanzaReader) ReadStanza() (s *Stanza, err error) {
+	// Read errors are unrecoverable.
+	if r.err != nil {
+		return nil, r.err
+	}
+	defer func() { r.err = err }()
+
+	s = &Stanza{}
+
+	line, err := r.r.ReadBytes('\n')
+	if err != nil {
+		return nil, fmt.Errorf("failed to read line: %w", err)
+	}
+	if !bytes.HasPrefix(line, stanzaPrefix) {
+		return nil, fmt.Errorf("malformed stanza opening line: %q", line)
+	}
+	prefix, args := splitArgs(line)
+	if prefix != string(stanzaPrefix) || len(args) < 1 {
+		return nil, fmt.Errorf("malformed stanza: %q", line)
+	}
+	for _, a := range args {
+		if !isValidString(a) {
+			return nil, fmt.Errorf("malformed stanza: %q", line)
+		}
+	}
+	s.Type = args[0]
+	s.Args = args[1:]
+
+	for {
+		line, err := r.r.ReadBytes('\n')
+		if err != nil {
+			return nil, fmt.Errorf("failed to read line: %w", err)
+		}
+
+		b, err := DecodeString(strings.TrimSuffix(string(line), "\n"))
+		if err != nil {
+			if bytes.HasPrefix(line, footerPrefix) || bytes.HasPrefix(line, stanzaPrefix) {
+				return nil, fmt.Errorf("malformed body line %q: stanza ended without a short line\nnote: this might be a file encrypted with an old beta version of age or rage; use age v1.0.0-beta6 or rage to decrypt it", line)
+			}
+			return nil, errorf("malformed body line %q: %v", line, err)
+		}
+		if len(b) > BytesPerLine {
+			return nil, errorf("malformed body line %q: too long", line)
+		}
+		s.Body = append(s.Body, b...)
+		if len(b) < BytesPerLine {
+			// A stanza body always ends with a short line.
+			return s, nil
+		}
+	}
+}
+
+type ParseError struct {
+	err error
+}
+
+func (e *ParseError) Error() string {
+	return "parsing age header: " + e.err.Error()
+}
+
+func (e *ParseError) Unwrap() error {
+	return e.err
+}
+
+func errorf(format string, a ...interface{}) error {
+	return &ParseError{fmt.Errorf(format, a...)}
+}
+
+// Parse returns the header and a Reader that begins at the start of the
+// payload.
+func Parse(input io.Reader) (*Header, io.Reader, error) {
+	h := &Header{}
+	rr := bufio.NewReader(input)
+
+	line, err := rr.ReadString('\n')
+	if err != nil {
+		return nil, nil, errorf("failed to read intro: %w", err)
+	}
+	if line != intro {
+		return nil, nil, errorf("unexpected intro: %q", line)
+	}
+
+	sr := NewStanzaReader(rr)
+	for {
+		peek, err := rr.Peek(len(footerPrefix))
+		if err != nil {
+			return nil, nil, errorf("failed to read header: %w", err)
+		}
+
+		if bytes.Equal(peek, footerPrefix) {
+			line, err := rr.ReadBytes('\n')
+			if err != nil {
+				return nil, nil, fmt.Errorf("failed to read header: %w", err)
+			}
+
+			prefix, args := splitArgs(line)
+			if prefix != string(footerPrefix) || len(args) != 1 {
+				return nil, nil, errorf("malformed closing line: %q", line)
+			}
+			h.MAC, err = DecodeString(args[0])
+			if err != nil || len(h.MAC) != 32 {
+				return nil, nil, errorf("malformed closing line %q: %v", line, err)
+			}
+			break
+		}
+
+		s, err := sr.ReadStanza()
+		if err != nil {
+			return nil, nil, fmt.Errorf("failed to parse header: %w", err)
+		}
+		h.Recipients = append(h.Recipients, s)
+	}
+
+	// If input is a bufio.Reader, rr might be equal to input because
+	// bufio.NewReader short-circuits. In this case we can just return it (and
+	// we would end up reading the buffer twice if we prepended the peek below).
+	if rr == input {
+		return h, rr, nil
+	}
+	// Otherwise, unwind the bufio overread and return the unbuffered input.
+	buf, err := rr.Peek(rr.Buffered())
+	if err != nil {
+		return nil, nil, errorf("internal error: %v", err)
+	}
+	payload := io.MultiReader(bytes.NewReader(buf), input)
+	return h, payload, nil
+}
+
+func splitArgs(line []byte) (string, []string) {
+	l := strings.TrimSuffix(string(line), "\n")
+	parts := strings.Split(l, " ")
+	return parts[0], parts[1:]
+}
+
+func isValidString(s string) bool {
+	if len(s) == 0 {
+		return false
+	}
+	for _, c := range s {
+		if c < 33 || c > 126 {
+			return false
+		}
+	}
+	return true
+}

vendor/filippo.io/age/internal/stream/stream.go

@@ -0,0 +1,230 @@
+// Copyright 2019 The age Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package stream implements a variant of the STREAM chunked encryption scheme.
+package stream
+
+import (
+	"crypto/cipher"
+	"errors"
+	"fmt"
+	"io"
+
+	"golang.org/x/crypto/chacha20poly1305"
+)
+
+const ChunkSize = 64 * 1024
+
+type Reader struct {
+	a   cipher.AEAD
+	src io.Reader
+
+	unread []byte // decrypted but unread data, backed by buf
+	buf    [encChunkSize]byte
+
+	err   error
+	nonce [chacha20poly1305.NonceSize]byte
+}
+
+const (
+	encChunkSize  = ChunkSize + chacha20poly1305.Overhead
+	lastChunkFlag = 0x01
+)
+
+func NewReader(key []byte, src io.Reader) (*Reader, error) {
+	aead, err := chacha20poly1305.New(key)
+	if err != nil {
+		return nil, err
+	}
+	return &Reader{
+		a:   aead,
+		src: src,
+	}, nil
+}
+
+func (r *Reader) Read(p []byte) (int, error) {
+	if len(r.unread) > 0 {
+		n := copy(p, r.unread)
+		r.unread = r.unread[n:]
+		return n, nil
+	}
+	if r.err != nil {
+		return 0, r.err
+	}
+	if len(p) == 0 {
+		return 0, nil
+	}
+
+	last, err := r.readChunk()
+	if err != nil {
+		r.err = err
+		return 0, err
+	}
+
+	n := copy(p, r.unread)
+	r.unread = r.unread[n:]
+
+	if last {
+		// Ensure there is an EOF after the last chunk as expected. In other
+		// words, check for trailing data after a full-length final chunk.
+		// Hopefully, the underlying reader supports returning EOF even if it
+		// had previously returned an EOF to ReadFull.
+		if _, err := r.src.Read(make([]byte, 1)); err == nil {
+			r.err = errors.New("trailing data after end of encrypted file")
+		} else if err != io.EOF {
+			r.err = fmt.Errorf("non-EOF error reading after end of encrypted file: %w", err)
+		} else {
+			r.err = io.EOF
+		}
+	}
+
+	return n, nil
+}
+
+// readChunk reads the next chunk of ciphertext from r.src and makes it available
+// in r.unread. last is true if the chunk was marked as the end of the message.
+// readChunk must not be called again after returning a last chunk or an error.
+func (r *Reader) readChunk() (last bool, err error) {
+	if len(r.unread) != 0 {
+		panic("stream: internal error: readChunk called with dirty buffer")
+	}
+
+	in := r.buf[:]
+	n, err := io.ReadFull(r.src, in)
+	switch {
+	case err == io.EOF:
+		// A message can't end without a marked chunk. This message is truncated.
+		return false, io.ErrUnexpectedEOF
+	case err == io.ErrUnexpectedEOF:
+		// The last chunk can be short, but not empty unless it's the first and
+		// only chunk.
+		if !nonceIsZero(&r.nonce) && n == r.a.Overhead() {
+			return false, errors.New("last chunk is empty, try age v1.0.0, and please consider reporting this")
+		}
+		in = in[:n]
+		last = true
+		setLastChunkFlag(&r.nonce)
+	case err != nil:
+		return false, err
+	}
+
+	outBuf := make([]byte, 0, ChunkSize)
+	out, err := r.a.Open(outBuf, r.nonce[:], in, nil)
+	if err != nil && !last {
+		// Check if this was a full-length final chunk.
+		last = true
+		setLastChunkFlag(&r.nonce)
+		out, err = r.a.Open(outBuf, r.nonce[:], in, nil)
+	}
+	if err != nil {
+		return false, errors.New("failed to decrypt and authenticate payload chunk")
+	}
+
+	incNonce(&r.nonce)
+	r.unread = r.buf[:copy(r.buf[:], out)]
+	return last, nil
+}
+
+func incNonce(nonce *[chacha20poly1305.NonceSize]byte) {
+	for i := len(nonce) - 2; i >= 0; i-- {
+		nonce[i]++
+		if nonce[i] != 0 {
+			break
+		} else if i == 0 {
+			// The counter is 88 bits, this is unreachable.
+			panic("stream: chunk counter wrapped around")
+		}
+	}
+}
+
+func setLastChunkFlag(nonce *[chacha20poly1305.NonceSize]byte) {
+	nonce[len(nonce)-1] = lastChunkFlag
+}
+
+func nonceIsZero(nonce *[chacha20poly1305.NonceSize]byte) bool {
+	return *nonce == [chacha20poly1305.NonceSize]byte{}
+}
+
+type Writer struct {
+	a         cipher.AEAD
+	dst       io.Writer
+	unwritten []byte // backed by buf
+	buf       [encChunkSize]byte
+	nonce     [chacha20poly1305.NonceSize]byte
+	err       error
+}
+
+func NewWriter(key []byte, dst io.Writer) (*Writer, error) {
+	aead, err := chacha20poly1305.New(key)
+	if err != nil {
+		return nil, err
+	}
+	w := &Writer{
+		a:   aead,
+		dst: dst,
+	}
+	w.unwritten = w.buf[:0]
+	return w, nil
+}
+
+func (w *Writer) Write(p []byte) (n int, err error) {
+	// TODO: consider refactoring with a bytes.Buffer.
+	if w.err != nil {
+		return 0, w.err
+	}
+	if len(p) == 0 {
+		return 0, nil
+	}
+
+	total := len(p)
+	for len(p) > 0 {
+		freeBuf := w.buf[len(w.unwritten):ChunkSize]
+		n := copy(freeBuf, p)
+		p = p[n:]
+		w.unwritten = w.unwritten[:len(w.unwritten)+n]
+
+		if len(w.unwritten) == ChunkSize && len(p) > 0 {
+			if err := w.flushChunk(notLastChunk); err != nil {
+				w.err = err
+				return 0, err
+			}
+		}
+	}
+	return total, nil
+}
+
+// Close flushes the last chunk. It does not close the underlying Writer.
+func (w *Writer) Close() error {
+	if w.err != nil {
+		return w.err
+	}
+
+	w.err = w.flushChunk(lastChunk)
+	if w.err != nil {
+		return w.err
+	}
+
+	w.err = errors.New("stream.Writer is already closed")
+	return nil
+}
+
+const (
+	lastChunk    = true
+	notLastChunk = false
+)
+
+func (w *Writer) flushChunk(last bool) error {
+	if !last && len(w.unwritten) != ChunkSize {
+		panic("stream: internal error: flush called with partial chunk")
+	}
+
+	if last {
+		setLastChunkFlag(&w.nonce)
+	}
+	buf := w.a.Seal(w.buf[:0], w.nonce[:], w.unwritten, nil)
+	_, err := w.dst.Write(buf)
+	w.unwritten = w.buf[:0]
+	incNonce(&w.nonce)
+	return err
+}