Snider 116d20db4a

Security Scan / security (push) Waiting to run

Details

Test / test (push) Waiting to run

Details

chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig)

Co-Authored-By: Virgil <virgil@lethean.io>

2026-02-23 06:45:33 +00:00

1.8 KiB

Raw Blame History

go-crypt

Cryptographic primitives, authentication, and trust policy engine for the Lethean agent platform. Provides symmetric encryption (ChaCha20-Poly1305 and AES-256-GCM with Argon2id KDF), OpenPGP challenge-response authentication with online and air-gapped courier modes, Argon2id password hashing, RSA-OAEP key generation, RFC-0004 deterministic content hashing, and a three-tier agent trust policy engine with an audit log and approval queue.

Module: forge.lthn.ai/core/go-crypt Licence: EUPL-1.2 Language: Go 1.25

Quick Start

import (
    "forge.lthn.ai/core/go-crypt/crypt"
    "forge.lthn.ai/core/go-crypt/auth"
    "forge.lthn.ai/core/go-crypt/trust"
)

// Encrypt with ChaCha20-Poly1305 + Argon2id KDF
ciphertext, err := crypt.Encrypt(plaintext, passphrase)

// OpenPGP authentication
a := auth.New(medium, auth.WithSessionStore(auth.NewSQLiteSessionStore(dbPath)))
session, err := a.Login(userID, password)

// Trust policy evaluation
engine := trust.NewPolicyEngine(registry)
decision := engine.Evaluate("Charon", "repo.push", "core/go-crypt")

Documentation

Architecture — crypt primitives, auth protocol, trust tiers, policy engine
Development Guide — building, testing, security standards
Project History — completed phases and known limitations

Build & Test

go test ./...
go test -race ./...
go build ./...

Licence

European Union Public Licence 1.2 — see LICENCE for details.