- Fix#61: handleRotateKey and handleDeleteUser now zeroize stored
privBytes instead of calling Bytes() (which returns a copy). New
state populates privBytes; old references nil'd for GC.
- Add audit logging subsystem (internal/audit) with structured event
recording for cryptographic operations.
- Add audit log engine spec (engines/auditlog.md).
- Add ValidateName checks across all engines for path traversal (#48).
- Update AUDIT.md: all High findings resolved (0 open).
- Add REMEDIATION.md with detailed remediation tracking.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Web UI: Added browser-based management for all three remaining engines
(SSH CA, Transit, User E2E). Includes gRPC client wiring, handler files,
7 HTML templates, dashboard mount forms, and conditional navigation links.
Fixed REST API routes to match design specs (SSH CA cert singular paths,
Transit PATCH for update-key-config).
Security audit: Conducted full-system audit covering crypto core, all
engine implementations, API servers, policy engine, auth, deployment,
and documentation. Identified 42 new findings (#39-#80) across all
severity levels.
Remediation of all 8 High findings:
- #68: Replaced 14 JSON-injection-vulnerable error responses with safe
json.Encoder via writeJSONError helper
- #48: Added two-layer path traversal defense (barrier validatePath
rejects ".." segments; engine ValidateName enforces safe name pattern)
- #39: Extended RLock through entire crypto operations in barrier
Get/Put/Delete/List to eliminate TOCTOU race with Seal
- #40: Unified ReWrapKeys and seal_config UPDATE into single SQLite
transaction to prevent irrecoverable data loss on crash during MEK
rotation
- #49: Added resolveTTL to CA engine enforcing issuer MaxTTL ceiling
on handleIssue and handleSignCSR
- #61: Store raw ECDH private key bytes in userState for effective
zeroization on Seal
- #62: Fixed user engine policy resource path from mountPath to
mountName() so policy rules match correctly
- #69: Added newPolicyChecker helper and passed service-level policy
evaluation to all 25 typed REST handler engine.Request structs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implements the complete user engine for multi-recipient envelope encryption:
- ECDH key agreement (X25519, P-256, P-384) with HKDF-derived wrapping keys
- Per-message random DEK wrapped individually for each recipient
- 9 operations: register, provision, get-public-key, list-users, encrypt,
decrypt, re-encrypt, rotate-key, delete-user
- Auto-provisioning of sender and recipients on encrypt
- Role-based authorization (admin-only provision/delete, user-only decrypt)
- gRPC UserService with proto definitions and REST API routes
- 16 comprehensive tests covering lifecycle, crypto roundtrips, multi-recipient,
key rotation, auth enforcement, and algorithm variants
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
