Add web UI for SSH CA, Transit, and User engines; full security audit and remediation
Web UI: Added browser-based management for all three remaining engines (SSH CA, Transit, User E2E). Includes gRPC client wiring, handler files, 7 HTML templates, dashboard mount forms, and conditional navigation links. Fixed REST API routes to match design specs (SSH CA cert singular paths, Transit PATCH for update-key-config). Security audit: Conducted full-system audit covering crypto core, all engine implementations, API servers, policy engine, auth, deployment, and documentation. Identified 42 new findings (#39-#80) across all severity levels. Remediation of all 8 High findings: - #68: Replaced 14 JSON-injection-vulnerable error responses with safe json.Encoder via writeJSONError helper - #48: Added two-layer path traversal defense (barrier validatePath rejects ".." segments; engine ValidateName enforces safe name pattern) - #39: Extended RLock through entire crypto operations in barrier Get/Put/Delete/List to eliminate TOCTOU race with Seal - #40: Unified ReWrapKeys and seal_config UPDATE into single SQLite transaction to prevent irrecoverable data loss on crash during MEK rotation - #49: Added resolveTTL to CA engine enforcing issuer MaxTTL ceiling on handleIssue and handleSignCSR - #61: Store raw ECDH private key bytes in userState for effective zeroization on Seal - #62: Fixed user engine policy resource path from mountPath to mountName() so policy rules match correctly - #69: Added newPolicyChecker helper and passed service-level policy evaluation to all 25 typed REST handler engine.Request structs Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
162
web/templates/user.html
Normal file
162
web/templates/user.html
Normal file
@@ -0,0 +1,162 @@
|
||||
{{define "title"}} - User Crypto: {{.MountName}}{{end}}
|
||||
{{define "content"}}
|
||||
<div class="page-header">
|
||||
<h2>User Crypto: {{.MountName}}</h2>
|
||||
<div class="page-meta">
|
||||
<a href="/dashboard">← Dashboard</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{{if .Error}}<div class="error">{{.Error}}</div>{{end}}
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Your Key</div>
|
||||
{{if .OwnKey}}
|
||||
<table class="kv-table">
|
||||
<tbody>
|
||||
<tr><th>Username</th><td>{{.OwnKey.Username}}</td></tr>
|
||||
<tr><th>Algorithm</th><td><code>{{.OwnKey.Algorithm}}</code></td></tr>
|
||||
<tr><th>Public Key</th><td><code style="word-break:break-all;">{{.OwnKey.PublicKey}}</code></td></tr>
|
||||
</tbody>
|
||||
</table>
|
||||
{{else}}
|
||||
<p>You have no keypair registered.</p>
|
||||
<form method="post" action="/user/register">
|
||||
{{csrfField}}
|
||||
<div class="form-actions">
|
||||
<button type="submit">Register</button>
|
||||
</div>
|
||||
</form>
|
||||
{{end}}
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Encrypt</div>
|
||||
{{if .EncryptResult}}
|
||||
<div class="success">
|
||||
<p>Encrypted successfully.</p>
|
||||
<div class="form-group">
|
||||
<label>Envelope (JSON)</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{.EncryptResult}}</textarea>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
<form method="post" action="/user/encrypt">
|
||||
{{csrfField}}
|
||||
<div class="form-group">
|
||||
<label for="enc_recipients">Recipients <small style="text-transform:none;letter-spacing:0;">(one username per line)</small></label>
|
||||
<textarea id="enc_recipients" name="recipients" rows="2" required></textarea>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="enc_plaintext">Plaintext <small style="text-transform:none;letter-spacing:0;">(base64)</small></label>
|
||||
<textarea id="enc_plaintext" name="plaintext" rows="3" class="pem-input" required></textarea>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="enc_metadata">Metadata <small style="text-transform:none;letter-spacing:0;">(optional, authenticated but unencrypted)</small></label>
|
||||
<input type="text" id="enc_metadata" name="metadata" placeholder="">
|
||||
</div>
|
||||
<div class="form-actions">
|
||||
<button type="submit">Encrypt</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Decrypt</div>
|
||||
{{if .DecryptResult}}
|
||||
<div class="success">
|
||||
<p>Decrypted successfully. Sender: <code>{{.DecryptResult.Sender}}</code>{{if .DecryptResult.Metadata}} — Metadata: {{.DecryptResult.Metadata}}{{end}}</p>
|
||||
<div class="form-group">
|
||||
<label>Plaintext (base64)</label>
|
||||
<textarea rows="3" class="pem-input" readonly>{{.DecryptResult.Plaintext}}</textarea>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
<form method="post" action="/user/decrypt">
|
||||
{{csrfField}}
|
||||
<div class="form-group">
|
||||
<label for="dec_envelope">Envelope (JSON)</label>
|
||||
<textarea id="dec_envelope" name="envelope" rows="6" class="pem-input" required></textarea>
|
||||
</div>
|
||||
<div class="form-actions">
|
||||
<button type="submit">Decrypt</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Re-Encrypt</div>
|
||||
{{if .ReEncryptResult}}
|
||||
<div class="success">
|
||||
<p>Re-encrypted successfully.</p>
|
||||
<div class="form-group">
|
||||
<label>Updated Envelope (JSON)</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{.ReEncryptResult}}</textarea>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
<form method="post" action="/user/re-encrypt">
|
||||
{{csrfField}}
|
||||
<div class="form-group">
|
||||
<label for="reenc_envelope">Envelope (JSON)</label>
|
||||
<textarea id="reenc_envelope" name="envelope" rows="6" class="pem-input" required></textarea>
|
||||
</div>
|
||||
<div class="form-actions">
|
||||
<button type="submit">Re-Encrypt</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
{{if .OwnKey}}
|
||||
<div class="card">
|
||||
<div class="card-title">Key Rotation</div>
|
||||
<p>Rotating your key generates a new keypair. Existing envelopes encrypted to your old key will become unreadable unless re-encrypted first.</p>
|
||||
<form method="post" action="/user/rotate">
|
||||
{{csrfField}}
|
||||
<button type="submit" class="btn-danger" onclick="return confirm('Rotate your key? Existing envelopes will be unreadable unless re-encrypted first.')">Rotate Key</button>
|
||||
</form>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Registered Users</div>
|
||||
{{if .Users}}
|
||||
<div class="table-wrapper">
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Username</th>
|
||||
<th>Actions</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{{range .Users}}
|
||||
<tr>
|
||||
<td><a href="/user/key/{{.}}">{{.}}</a></td>
|
||||
<td><a href="/user/key/{{.}}">View Key</a></td>
|
||||
</tr>
|
||||
{{end}}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
{{else}}
|
||||
<p>No users registered.</p>
|
||||
{{end}}
|
||||
|
||||
{{if .IsAdmin}}
|
||||
<details style="margin-top: 1rem;">
|
||||
<summary>Provision User</summary>
|
||||
<form method="post" action="/user/provision">
|
||||
{{csrfField}}
|
||||
<div class="form-group">
|
||||
<label for="prov_username">Username</label>
|
||||
<input type="text" id="prov_username" name="username" placeholder="alice" required>
|
||||
</div>
|
||||
<div class="form-actions">
|
||||
<button type="submit">Provision</button>
|
||||
</div>
|
||||
</form>
|
||||
</details>
|
||||
{{end}}
|
||||
</div>
|
||||
{{end}}
|
||||
Reference in New Issue
Block a user