fabi/PiCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(v1.1.7-crypto): master-key infra + encryption helpers

Browse Source 
Add picloud_shared::crypto: AES-256-GCM encrypt/decrypt envelope
(12-byte CSPRNG nonce, 128-bit tag appended to ciphertext) plus a
MasterKey sourced from PICLOUD_SECRET_KEY (base64 of 32 bytes), with
a deterministic dev-key fallback gated on PICLOUD_DEV_MODE=true. Unset
key without dev mode is fatal. Key rotation is out of v1.1.7 scope.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
MechaCat02
2026-06-04 20:50:22 +02:00
parent 64ad978a89
commit dc2e4fa01f
5 changed files with 472 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Cargo.toml
View File

@@ -81,6 +81,13 @@ sha2 = "0.10"
hmac = "0.12"
base64 = "0.22"
data-encoding = "2.6"
# AES-256-GCM at-rest encryption for per-app secrets + the realtime
# signing key (v1.1.7). Audited, pure-Rust RustCrypto AEAD.
aes-gcm = { version = "0.10", features = ["aes", "alloc"] }
# Outbound SMTP email (v1.1.7). Async transport over the Tokio runtime
# with rustls TLS; built messages for text + multipart-alternative.
lettre = { version = "0.11", default-features = false, features = ["smtp-transport", "tokio1-rustls-tls", "builder", "hostname"] }
# Stdlib utility crates (v1.1.0 stdlib PR — registered into the
# Rhai engine as the regex::/random::/etc. namespaces)