feat: US-026 - Fix pg auth method discrepancy between local and CI

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: NathanFlurry

packages/secure-exec-core/isolate-runtime/src/inject/require-setup.ts

@@ -1051,6 +1051,23 @@
               });
             };
 
+            SandboxSubtle.deriveBits = function deriveBits(algorithm, baseKey, length) {
+              return Promise.resolve().then(function() {
+                var algo = normalizeAlgo(algorithm);
+                var reqAlgo = Object.assign({}, algo);
+                if (reqAlgo.hash) reqAlgo.hash = normalizeAlgo(reqAlgo.hash);
+                if (reqAlgo.salt) reqAlgo.salt = toBase64(reqAlgo.salt);
+                var result2 = JSON.parse(subtleCall({
+                  op: 'deriveBits',
+                  algorithm: reqAlgo,
+                  key: baseKey._keyData,
+                  length: length,
+                }));
+                var buf = Buffer.from(result2.data, 'base64');
+                return buf.buffer.slice(buf.byteOffset, buf.byteOffset + buf.byteLength);
+              });
+            };
+
             SandboxSubtle.sign = function sign(algorithm, key, data) {
               return Promise.resolve().then(function() {
                 var result2 = JSON.parse(subtleCall({

packages/secure-exec-core/src/generated/isolate-runtime.ts

@@ -889,6 +889,27 @@ export async function setupRequire(
 				}
 				throw new Error(`Unsupported decrypt algorithm: ${algoName}`);
 			}
+			case "deriveBits": {
+				const { algorithm, key, length } = req;
+				const algoName = algorithm.name;
+				if (algoName === "PBKDF2") {
+					const password = Buffer.from(key._raw, "base64");
+					const salt = Buffer.from(algorithm.salt, "base64");
+					const iterations = algorithm.iterations;
+					const hashAlgo = normalizeHash(algorithm.hash);
+					const keylen = length / 8;
+					return JSON.stringify({
+						data: pbkdf2Sync(
+							password,
+							salt,
+							iterations,
+							keylen,
+							hashAlgo,
+						).toString("base64"),
+					});
+				}
+				throw new Error(`Unsupported deriveBits algorithm: ${algoName}`);
+			}
 			case "sign": {
 				const { key, data } = req;
 				const dataBytes = Buffer.from(data, "base64");

packages/secure-exec-node/src/bridge-setup.ts

@@ -172,7 +172,6 @@ describe.skipIf(skipReason)("e2e-docker", () => {
 				POSTGRES_USER: "testuser",
 				POSTGRES_PASSWORD: "testpass",
 				POSTGRES_DB: "testdb",
-				POSTGRES_HOST_AUTH_METHOD: "trust",
 			},
 			healthCheck: ["pg_isready", "-U", "testuser", "-d", "testdb"],
 			healthCheckTimeout: 30_000,

packages/secure-exec/tests/e2e-docker.test.ts

@@ -464,8 +464,8 @@
         "Typecheck passes"
       ],
       "priority": 26,
-      "passes": false,
-      "notes": "Local uses POSTGRES_HOST_AUTH_METHOD: trust (password bypassed), CI defaults to scram-sha-256. This means the SCRAM crypto path is only tested in CI and never locally. If a developer breaks crypto support needed for SCRAM, they won't catch it locally."
+      "passes": true,
+      "notes": "Fixed: Removed POSTGRES_HOST_AUTH_METHOD: trust from local Docker setup. Implemented subtle.deriveBits (PBKDF2) in both guest-side SandboxSubtle and host-side bridge dispatcher. Local and CI now both use scram-sha-256 authentication. All pg fixtures pass with SCRAM auth."
     },
     {
       "id": "US-027",

scripts/ralph/prd.json

@@ -19,7 +19,7 @@ PRD: ralph/cli-tool-sandbox-tests (7 stories)
 - `createHostCommandExecutor()` wraps `node:child_process.spawn` as a `CommandExecutor` for sandbox bash tool tests
 - TCP socket bridge: guest calls `_netSocketConnectRaw.applySync()` → host creates real `net.Socket` → events dispatched back via `_netSocketDispatch` applySync callback
 - `wrapNetworkAdapter` in `permissions.ts` must forward ALL adapter methods — new methods added to NetworkAdapter interface need corresponding forwarding in the wrapper
-- pg library uses Web Crypto `subtle.deriveBits` for SCRAM-SHA-256 auth — this is NOT implemented in sandbox; use `POSTGRES_HOST_AUTH_METHOD: "trust"` to bypass
+- pg library uses Web Crypto `subtle.deriveBits` for SCRAM-SHA-256 auth — implemented in sandbox crypto.subtle bridge (guest: SandboxSubtle.deriveBits in require-setup.ts, host: deriveBits case in bridge-setup.ts using pbkdf2Sync)
 
 ---
 
@@ -60,7 +60,21 @@ PRD: ralph/cli-tool-sandbox-tests (7 stories)
   - CRITICAL: `wrapNetworkAdapter` in `permissions.ts` must forward ALL new adapter methods — this was the root cause of a silent failure where the adapter's `netSocketConnect` was never called
   - The net module was previously a "deferred core module" stub (Proxy that throws on any method call) — must remove from `_deferredCoreModules` set when implementing
   - `loadPolyfillRef` in `bridge-setup.ts` must also return null for `net` to prevent node-stdlib-browser's stub from being loaded
-  - Postgres 16 defaults to SCRAM-SHA-256 auth which needs `subtle.deriveBits` — not available in sandbox yet; `trust` auth is the workaround
+  - Postgres 16 defaults to SCRAM-SHA-256 auth which needs `subtle.deriveBits` — now implemented in sandbox crypto.subtle bridge
   - The adapter's socketId counter is reused from `nextUpgradeSocketId` — bridge-setup must use the adapter's returned socketId, not its own counter
 ---
 
+## 2026-03-19T20:46 - US-026
+- Implemented `subtle.deriveBits` in sandbox crypto bridge to support SCRAM-SHA-256 Postgres authentication
+- Removed `POSTGRES_HOST_AUTH_METHOD: "trust"` from local Docker setup so local and CI both use scram-sha-256
+- Files changed:
+  - `packages/secure-exec-node/src/bridge-setup.ts` — added `deriveBits` case to host-side crypto.subtle dispatcher (uses Node's `pbkdf2Sync`)
+  - `packages/secure-exec-core/isolate-runtime/src/inject/require-setup.ts` — added `SandboxSubtle.deriveBits` guest-side implementation
+  - `packages/secure-exec/tests/e2e-docker.test.ts` — removed `POSTGRES_HOST_AUTH_METHOD: "trust"` from Postgres container env
+  - `scripts/ralph/progress.txt` — updated codebase patterns
+- **Learnings for future iterations:**
+  - `subtle.deriveBits` for PBKDF2 maps directly to Node's `pbkdf2Sync(password, salt, iterations, keylen, digest)` — the algorithm object carries salt/iterations/hash, the key carries the password in `_raw`
+  - Guest-side `SandboxSubtle` methods must serialize algorithm-specific fields (salt as base64, hash as normalized name) before crossing the bridge
+  - After adding a new subtle operation, the bridge/isolate-runtime must be rebuilt (`pnpm turbo build`) and fixture caches cleared to pick up the regenerated code
+---
+