core/go-crypt
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
28 commits 1 branch 5 tags 336 KiB
Commit graph

6 commits

Author SHA1 Message Date
Claude
9e7a19243f
chore: fmt.Errorf(static) → errors.New
Some checks failed
Security Scan / security (pull_request) Failing after 15s
Details
Test / test (pull_request) Failing after 10m43s
Details 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 16:30:08 +00:00
Snider
ee58e790a0 feat: modernise to Go 1.26 iterators and stdlib helpers
Some checks failed
Security Scan / security (push) Failing after 11s
Details
Test / test (push) Failing after 29s
Details 
Add iter.Seq iterators for trust registry (ListSeq), audit log
(EventsSeq, QuerySeq), and approval store (PendingSeq). Use
slices.DeleteFunc in session store, slices.SortFunc in testcmd,
range-over-int in benchmarks.

Co-Authored-By: Gemini <noreply@google.com>
Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-23 05:47:13 +00:00
Claude
5ea42689d3
chore: migrate Snider deps from github.com to forge.lthn.ai 
Update Enchantrix reference in comment and dependency versions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 21:41:49 +00:00
Snider
d6aa25c5bf refactor: apply go fix modernizers for Go 1.26 
Automated fixes: interface{} → any, range-over-int, t.Context(),
wg.Go(), strings.SplitSeq, strings.Builder, slices.Contains,
maps helpers, min/max builtins.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-22 21:00:16 +00:00
Snider
9331fc6eac test(phase0): expand test coverage, security audit, and benchmarks 
Add 29 new tests across auth/, crypt/, and trust/ packages:
- auth: concurrent sessions, token uniqueness, challenge expiry boundary,
  empty password, long/unicode usernames, air-gapped round-trip, expired refresh
- crypt: wrong passphrase, empty/large plaintext, KDF determinism, HKDF info
  separation, checksum edge cases
- trust: concurrent registry operations, tier validation, token expiry boundary,
  empty ScopedRepos behaviour, unknown capabilities

Add benchmark suites:
- crypt: Argon2, ChaCha20, AES-GCM, HMAC (1KB/1MB payloads)
- trust: PolicyEvaluate (100 agents), RegistryGet, RegistryRegister

Security audit documented in FINDINGS.md:
- F1: LTHN hash used for password verification (medium)
- F2: PGP private keys not zeroed after use (low, upstream limitation)
- F3: Empty ScopedRepos bypasses repo scope check (medium)
- F4: go vet clean, no math/rand, no secrets in error messages

All tests pass with -race. go vet clean.

Co-Authored-By: Virgil <virgil@lethean.io>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 01:14:41 +00:00
Claude
8498ecf890
feat: extract crypto/security packages from core/go 
ChaCha20-Poly1305, AES-256-GCM, Argon2 key derivation, OpenPGP
challenge-response auth, and trust tier policy engine.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 15:25:54 +00:00