keyhunter

salvacybersec/keyhunter

Fork 0

Commit Graph

Author	SHA1	Message	Date
salvacybersec	239e2c214c	feat(01-foundation-03): implement AES-256-GCM encryption and Argon2id key derivation - Encrypt/Decrypt using AES-256-GCM with random nonce prepended to ciphertext - ErrCiphertextTooShort sentinel error for malformed ciphertext - DeriveKey using Argon2id RFC 9106 params (time=1, mem=64MB, threads=4, keyLen=32) - NewSalt generates cryptographically random 16-byte salt	2026-04-05 00:04:33 +03:00
salvacybersec	2ef54f7196	test(01-foundation-03): add failing tests for storage layer - Tests for AES-256-GCM encrypt/decrypt roundtrip - Tests for Argon2id key derivation determinism - Tests for SQLite open with schema tables - Tests for SaveFinding/ListFindings with encryption contract - Tests verify raw BLOB does not contain plaintext key	2026-04-05 00:04:06 +03:00

Author

SHA1

Message

Date

salvacybersec

239e2c214c

feat(01-foundation-03): implement AES-256-GCM encryption and Argon2id key derivation

- Encrypt/Decrypt using AES-256-GCM with random nonce prepended to ciphertext
- ErrCiphertextTooShort sentinel error for malformed ciphertext
- DeriveKey using Argon2id RFC 9106 params (time=1, mem=64MB, threads=4, keyLen=32)
- NewSalt generates cryptographically random 16-byte salt

2026-04-05 00:04:33 +03:00

salvacybersec

2ef54f7196

test(01-foundation-03): add failing tests for storage layer

- Tests for AES-256-GCM encrypt/decrypt roundtrip
- Tests for Argon2id key derivation determinism
- Tests for SQLite open with schema tables
- Tests for SaveFinding/ListFindings with encryption contract
- Tests verify raw BLOB does not contain plaintext key

2026-04-05 00:04:06 +03:00

2 Commits