core/go-crypt
8
0
Fork 0
Code Issues 5 Pull requests 1 Projects Releases Packages Wiki Activity Actions

security: review cryptographic implementations #1

New issue
Closed
opened 2026-02-16 17:01:36 +00:00 by Clotho · 0 comments
Clotho commented 2026-02-16 17:01:36 +00:00
Member
Copy link

Security audit of core/go-crypt. Check:

  1. Key generation uses cryptographically secure random sources
  2. No hardcoded keys, salts, or IVs
  3. Deprecated algorithms are flagged (MD5, SHA1 for signing, etc.)
  4. Error handling doesn't leak sensitive data
  5. Memory handling — sensitive data cleared after use where possible

Post findings as a comment. Do not make code changes.

Security audit of core/go-crypt. Check: 1. Key generation uses cryptographically secure random sources 2. No hardcoded keys, salts, or IVs 3. Deprecated algorithms are flagged (MD5, SHA1 for signing, etc.) 4. Error handling doesn't leak sensitive data 5. Memory handling — sensitive data cleared after use where possible Post findings as a comment. Do not make code changes.
Clotho added the
clotho
security
 labels 2026-02-16 17:01:36 +00:00
Snider added reference main 2026-02-16 17:44:39 +00:00
Clotho was assigned by Snider 2026-02-16 17:44:54 +00:00
Snider added the
darbs-claude
 label 2026-02-16 17:45:29 +00:00
Clotho removed the
clotho
 label 2026-02-20 01:59:47 +00:00
Sign in to join this conversation.
main
Branches Tags
Clear current reference
dev
main
ax/review-fixes
agent/ax-review--banned-imports--test-naming
Clear current reference
v0.2.1
v0.2.0
v0.1.12
v0.1.11
v0.1.10
v0.1.9
v0.1.8
v0.1.7
v0.1.6
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
needs-review

   
needs-review
  
athena

Assign to Athena AI agent (M3 Ultra)

  
athena-gemini

Dispatch to Gemini CLI on M3 Ultra

  
audit

Code audit task

  
clotho

Assign to Clotho AI agent for processing

  
clotho-gemini

Dispatch to Gemini CLI on darbs (AU)

  
codex

Dispatch to Codex CLI on gateway for analysis

  
darbs-claude

Dispatch to Claude on darbs (AU)

  
security

Security review task

  
wiki

Documentation/wiki update

No labels
needs-review
needs-review
athena
athena-gemini
audit
clotho
clotho-gemini
codex
darbs-claude
security
wiki
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
Clotho
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: core/go-crypt#1
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?