Snider/Enchantrix
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Compare commits

base: Snider:main
Branches Tags
Snider:main
Snider:copilot/combine-multiple-prs-into-one
Snider:feature/performance-audit-8888965575970294432
Snider:dx-audit-9599199554970979354
Snider:fix/concurrency-audit-6373277621775270882
Snider:docs-audit-and-improvements-3233904153507806173
Snider:feat/api-audit-report-9331197364983009558
Snider:test-audit-report-17234624293555782161
Snider:audit/dependency-vulnerabilities-15973115210322069844
Snider:feat/add-complexity-audit-11640793045123307549
Snider:feat/add-owasp-audit-report-10427628290057265544
Snider:docs/add-security-audit-report-7235040608391266915
Snider:feat/error-handling-audit-416128256836383791
Snider:feat/security-audit-report-11780372985546158639
Snider:docs/auth-audit-1019635828147384713
Snider:dependabot/go_modules/golang.org/x/crypto-0.45.0
Snider:dependabot/go_modules/github.com/cloudflare/circl-1.6.1
Snider:feat-improve-pgp-coverage
Snider:gh-pages
Snider:feat-proxy-api
Snider:v0.0.5
Snider:v0.0.4
Snider:v0.0.3
Snider:v0.0.2
Snider:v0.0.1
..
compare: Snider:docs/auth-audit-1019635828147384713
Branches Tags
Snider:main
Snider:copilot/combine-multiple-prs-into-one
Snider:feature/performance-audit-8888965575970294432
Snider:dx-audit-9599199554970979354
Snider:fix/concurrency-audit-6373277621775270882
Snider:docs-audit-and-improvements-3233904153507806173
Snider:feat/api-audit-report-9331197364983009558
Snider:test-audit-report-17234624293555782161
Snider:audit/dependency-vulnerabilities-15973115210322069844
Snider:feat/add-complexity-audit-11640793045123307549
Snider:feat/add-owasp-audit-report-10427628290057265544
Snider:docs/add-security-audit-report-7235040608391266915
Snider:feat/error-handling-audit-416128256836383791
Snider:feat/security-audit-report-11780372985546158639
Snider:docs/auth-audit-1019635828147384713
Snider:dependabot/go_modules/golang.org/x/crypto-0.45.0
Snider:dependabot/go_modules/github.com/cloudflare/circl-1.6.1
Snider:feat-improve-pgp-coverage
Snider:gh-pages
Snider:feat-proxy-api
Snider:v0.0.5
Snider:v0.0.4
Snider:v0.0.3
Snider:v0.0.2
Snider:v0.0.1

1 commit
main ... docs/auth-

Author SHA1 Message Date
google-labs-jules[bot]
47b0fe4c92 docs: Add authentication and authorization audit report 
This commit adds the AUDIT-AUTH.md file, which contains the results of a security audit focused on authentication and authorization.

The audit found that the Enchantrix codebase, being a data transformation and encryption library, does not contain any user authentication or authorization mechanisms. Therefore, the report concludes that the audit scope is not applicable.

Co-authored-by: Snider <631881+Snider@users.noreply.github.com>
 2026-02-02 01:09:29 +00:00
25 changed files with 103 additions and 76 deletions
Show stats Expand all files Collapse all files

12
.forgejo/workflows/security-scan.yml
View file

@ -1,12 +0,0 @@
name: Security Scan
on:
push:
branches: [main, dev, 'feat/*']
pull_request:
branches: [main]
jobs:
security:
uses: core/go-devops/.forgejo/workflows/security-scan.yml@main
secrets: inherit

14
.forgejo/workflows/test.yml
View file

@ -1,14 +0,0 @@
name: Test
on:
push:
branches: [main, dev]
pull_request:
branches: [main]
jobs:
test:
uses: core/go-devops/.forgejo/workflows/go-test.yml@main
with:
race: true
coverage: true

53
AUDIT-AUTH.md Normal file
View file

@ -0,0 +1,53 @@
# Security Audit: Authentication & Authorization
## Executive Summary
This audit found that the Enchantrix codebase, in its current form, does not contain any user authentication or authorization mechanisms. The project is a data transformation and encryption library, supplemented by a command-line interface (`trix`), neither of which manages user identities, sessions, or access control.
Therefore, the requested audit of authentication and authorization flows is **not applicable**.
## Authentication Review
### Password Handling
- **Hashing Algorithm:** No password handling exists.
- **Salt Usage:** Not applicable.
- **Password Requirements:** Not applicable.
- **Reset Flow Security:** Not applicable.
### Session Management
- **Session ID Generation:** No session management is implemented.
- **Session Fixation Protection:** Not applicable.
- **Timeout Policies:** Not applicable.
- **Concurrent Session Handling:** Not applicable.
### Token Security
- **JWT Implementation:** No token-based authentication is used.
- **Token Storage:** Not applicable.
- **Refresh Token Rotation:** Not applicable.
- **Token Revocation:** Not applicable.
### Multi-factor Authentication
- **MFA Implementation:** No multi-factor authentication is present.
- **Bypass Vulnerabilities:** Not applicable.
- **Recovery Codes:** Not applicable.
## Authorization Review
### Access Control Model
- No access control model (RBAC, ABAC, ACL) is implemented.
### Permission Checks
- No permission checks exist.
### Privilege Escalation
- No user roles or privileges to escalate.
### API Authorization
- The project does not expose any user-facing APIs that would require authorization.
### Resource Ownership
- No concept of resource ownership by users.
## Conclusion
The audit scope is not applicable to the Enchantrix project. If user authentication and authorization features are added in the future, a new audit will be required.

6
cmd/trix/main.go
View file

@ -5,9 +5,9 @@ import (
"io/ioutil"
"os"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"forge.lthn.ai/Snider/Enchantrix/pkg/trix"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/trix"
"github.com/spf13/cobra"
)

2
examples/checksums/main.go
View file

@ -9,7 +9,7 @@ package main
import (
"fmt"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/hash/main.go
View file

@ -9,7 +9,7 @@ package main
import (
"fmt"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/pgp_encrypt_decrypt/main.go
View file

@ -11,7 +11,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/pgp_generate_keys/main.go
View file

@ -11,7 +11,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/pgp_sign_verify/main.go
View file

@ -11,7 +11,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/pgp_symmetric_encrypt/main.go
View file

@ -11,7 +11,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/rsa/main.go
View file

@ -12,7 +12,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func main() {

2
examples/sigils/main.go
View file

@ -11,7 +11,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/enchantrix"
)
func main() {

4
examples/trix_container/main.go
View file

@ -12,8 +12,8 @@ import (
"log"
"time"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"forge.lthn.ai/Snider/Enchantrix/pkg/trix"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/trix"
)
func main() {

19
go.mod
View file

@ -1,23 +1,20 @@
module forge.lthn.ai/Snider/Enchantrix
module github.com/Snider/Enchantrix
go 1.25
require (
github.com/ProtonMail/go-crypto v1.3.0
github.com/spf13/cobra v1.10.2
github.com/spf13/cobra v1.10.1
github.com/stretchr/testify v1.11.1
golang.org/x/crypto v0.48.0
golang.org/x/crypto v0.43.0
)
require (
github.com/cloudflare/circl v1.6.3 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/cloudflare/circl v1.6.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/kr/pretty v0.3.1 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/rogpeppe/go-internal v1.14.1 // indirect
github.com/spf13/pflag v1.0.10 // indirect
golang.org/x/sys v0.41.0 // indirect
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/spf13/pflag v1.0.9 // indirect
golang.org/x/sys v0.37.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)

25
go.sum
View file

@ -1,23 +1,26 @@
github.com/ProtonMail/go-crypto v1.3.0 h1:ILq8+Sf5If5DCpHQp4PbZdS1J7HDFRXz/+xKBiRGFrw=
github.com/ProtonMail/go-crypto v1.3.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
github.com/cloudflare/circl v1.6.3 h1:9GPOhQGF9MCYUeXyMYlqTR6a5gTrgR/fBLXvUgtVcg8=
github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=
github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU=
github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s=
github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0=
github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY=
github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04=
golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0=
golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ=
golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

6
pkg/crypt/crypt.go
View file

@ -11,9 +11,9 @@ import (
"strconv"
"strings"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt/std/lthn"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt/std/pgp"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt/std/rsa"
"github.com/Snider/Enchantrix/pkg/crypt/std/lthn"
"github.com/Snider/Enchantrix/pkg/crypt/std/pgp"
"github.com/Snider/Enchantrix/pkg/crypt/std/rsa"
)
// Service is the main struct for the crypt service.

2
pkg/crypt/crypt_test.go
View file

@ -4,7 +4,7 @@ import (
"strings"
"testing"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/stretchr/testify/assert"
)

2
pkg/crypt/examples_test.go
View file

@ -4,7 +4,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/crypt"
)
func ExampleService_Hash() {

2
pkg/enchantrix/enchantrix_test.go
View file

@ -4,7 +4,7 @@ import (
"errors"
"testing"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/enchantrix"
"github.com/stretchr/testify/assert"
)

2
pkg/enchantrix/examples_test.go
View file

@ -4,7 +4,7 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/enchantrix"
)
func ExampleTransmute() {

2
pkg/trix/crypto.go
View file

@ -4,7 +4,7 @@ import (
"errors"
"time"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/enchantrix"
)
var (

2
pkg/trix/crypto_test.go
View file

@ -4,7 +4,7 @@ import (
"bytes"
"testing"
"forge.lthn.ai/Snider/Enchantrix/pkg/trix"
"github.com/Snider/Enchantrix/pkg/trix"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

4
pkg/trix/examples_test.go
View file

@ -4,8 +4,8 @@ import (
"fmt"
"log"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"forge.lthn.ai/Snider/Enchantrix/pkg/trix"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/trix"
)
func ExampleEncode() {

4
pkg/trix/trix.go
View file

@ -28,8 +28,8 @@ import (
"fmt"
"io"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"forge.lthn.ai/Snider/Enchantrix/pkg/enchantrix"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/enchantrix"
)
const (

4
pkg/trix/trix_test.go
View file

@ -8,8 +8,8 @@ import (
"reflect"
"testing"
"forge.lthn.ai/Snider/Enchantrix/pkg/crypt"
"forge.lthn.ai/Snider/Enchantrix/pkg/trix"
"github.com/Snider/Enchantrix/pkg/crypt"
"github.com/Snider/Enchantrix/pkg/trix"
"github.com/stretchr/testify/assert"
)