salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
114 Commits 1 Branch 0 Tags
d5370783d464f435b0bed0cdc2af6808726c5db9
Commit Graph

114 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
salvacybersec
239e2c214c feat(01-foundation-03): implement AES-256-GCM encryption and Argon2id key derivation 
- Encrypt/Decrypt using AES-256-GCM with random nonce prepended to ciphertext
- ErrCiphertextTooShort sentinel error for malformed ciphertext
- DeriveKey using Argon2id RFC 9106 params (time=1, mem=64MB, threads=4, keyLen=32)
- NewSalt generates cryptographically random 16-byte salt
 2026-04-05 00:04:33 +03:00
salvacybersec
4fcdc42c70 feat(01-02): provider YAML schema structs with validation and reference YAML files 
- Provider, Pattern, VerifySpec, RegistryStats structs in schema.go
- UnmarshalYAML validates format_version >= 1 and last_verified non-empty
- Three reference YAML files: openai, anthropic, huggingface
 2026-04-05 00:04:29 +03:00
salvacybersec
7994220fbe chore(01-01): initialize Go module with Phase 1 dependencies 
- go mod init github.com/salvacybersec/keyhunter
- Pin cobra v1.10.2, viper v1.21.0, ants v2.12.0 to exact versions
- Add modernc.org/sqlite v1.48.1 (CGO-free, pure Go)
- Add petar-dambovaliev/aho-corasick, x/crypto, x/time, lipgloss, testify
- tools.go with build tag to pin dependencies not yet imported in production code
 2026-04-05 00:04:06 +03:00
salvacybersec
2ef54f7196 test(01-foundation-03): add failing tests for storage layer 
- Tests for AES-256-GCM encrypt/decrypt roundtrip
- Tests for Argon2id key derivation determinism
- Tests for SQLite open with schema tables
- Tests for SaveFinding/ListFindings with encryption contract
- Tests verify raw BLOB does not contain plaintext key
 2026-04-05 00:04:06 +03:00
salvacybersec
ebaf7d7c2d test(01-02): add failing tests for provider schema validation and registry 2026-04-05 00:03:55 +03:00
salvacybersec
fb8a1f002b fix(01-foundation): address all checker blockers and warnings in phase plans 2026-04-04 23:57:01 +03:00
salvacybersec
684b67cb73 docs(01-foundation): create phase 1 plan — 5 plans across 3 execution waves 
Wave 0: module init + test scaffolding (01-01)
Wave 1: provider registry (01-02) + storage layer (01-03) in parallel
Wave 2: scan engine pipeline (01-04, depends on 01-02)
Wave 3: CLI wiring + integration checkpoint (01-05, depends on all)

Covers all 16 Phase 1 requirements: CORE-01 through CORE-07, STOR-01 through STOR-03,
CLI-01 through CLI-05, PROV-10.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 23:44:09 +03:00
salvacybersec
c573b97a68 docs(phase-1): add validation strategy 2026-04-04 23:33:07 +03:00
salvacybersec
fa3916a417 docs(phase-1): research foundation phase 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 23:32:10 +03:00
salvacybersec
ee92aad4cf docs: create roadmap (18 phases) 2026-04-04 19:12:41 +03:00
salvacybersec
6803863833 docs: define v1 requirements 2026-04-04 19:05:33 +03:00
salvacybersec
6c3a84b1ff docs: complete project research 2026-04-04 19:03:12 +03:00
salvacybersec
c8e744cb48 docs: initialize project 2026-04-04 18:54:39 +03:00
salvacybersec
f3773d2895 chore: add project config 2026-04-04 18:53:45 +03:00