7 commits

Author	SHA1	Message	Date
Snider	62482c7dc9	refactor: migrate imports to dappco.re/go/core/* paths ... Update module path from forge.lthn.ai/core/go-crypt to dappco.re/go/core/crypt. Migrate go-log, go-io, go-i18n imports to their new dappco.re/go/core/* paths with updated versions (core v0.5.0, log v0.1.0, io v0.2.0, i18n v0.2.0). Un-migrated modules (cli, go-store, go-inference) remain at forge.lthn.ai paths. Also fixes merge conflict marker and duplicate imports in crypt/openpgp/service.go, and updates CLAUDE.md to reflect new paths. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-22 01:43:27 +00:00
Snider	7468c38906	refactor: swap pkg/{io,log,i18n} imports to go-io/go-log/go-i18n ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 12:35:41 +00:00
Snider	d6aa25c5bf	refactor: apply go fix modernizers for Go 1.26 ... Automated fixes: interface{} → any, range-over-int, t.Context(), wg.Go(), strings.SplitSeq, strings.Builder, slices.Contains, maps helpers, min/max builtins. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 21:00:16 +00:00
Snider	301eac1d76	feat(auth): Phase 2 key management — Argon2id, rotation, revocation ... - Register now uses Argon2id (crypt.HashPassword) instead of LTHN hash - Login detects hash format: Argon2id (.hash) first, LTHN (.lthn) fallback - Transparent migration: successful legacy login re-hashes with Argon2id - RotateKeyPair: decrypt metadata with old password, generate new PGP keypair, re-encrypt, update hash, invalidate all sessions - RevokeKey: write JSON revocation record to .rev, invalidate sessions - IsRevoked: parse .rev for valid JSON (ignores legacy placeholder) - Login/CreateChallenge reject revoked users - HardwareKey interface (hardware.go): contract for PKCS#11/YubiKey - verifyPassword helper: shared Argon2id→LTHN fallback logic - 55 tests total, all pass with -race Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 02:27:03 +00:00
Snider	1aeabfd32b	feat(auth): add SessionStore interface with SQLite persistence ... Extract in-memory session map into SessionStore interface with two implementations: MemorySessionStore (default, backward-compatible) and SQLiteSessionStore (persistent via go-store). Add WithSessionStore option, background cleanup goroutine, and comprehensive tests including persistence verification and concurrency safety. Phase 1: Session Persistence — complete. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 01:44:51 +00:00
Snider	9331fc6eac	test(phase0): expand test coverage, security audit, and benchmarks ... Add 29 new tests across auth/, crypt/, and trust/ packages: - auth: concurrent sessions, token uniqueness, challenge expiry boundary, empty password, long/unicode usernames, air-gapped round-trip, expired refresh - crypt: wrong passphrase, empty/large plaintext, KDF determinism, HKDF info separation, checksum edge cases - trust: concurrent registry operations, tier validation, token expiry boundary, empty ScopedRepos behaviour, unknown capabilities Add benchmark suites: - crypt: Argon2, ChaCha20, AES-GCM, HMAC (1KB/1MB payloads) - trust: PolicyEvaluate (100 agents), RegistryGet, RegistryRegister Security audit documented in FINDINGS.md: - F1: LTHN hash used for password verification (medium) - F2: PGP private keys not zeroed after use (low, upstream limitation) - F3: Empty ScopedRepos bypasses repo scope check (medium) - F4: go vet clean, no math/rand, no secrets in error messages All tests pass with -race. go vet clean. Co-Authored-By: Virgil <virgil@lethean.io> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-20 01:14:41 +00:00
Claude	8498ecf890	feat: extract crypto/security packages from core/go ... ChaCha20-Poly1305, AES-256-GCM, Argon2 key derivation, OpenPGP challenge-response auth, and trust tier policy engine. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-16 15:25:54 +00:00