mc/metacrypt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
31 Commits 1 Branch 2 Tags
be3b9d7fe0a0e5b328682938be3570fa087ae966
Commit Graph

7 Commits

Author SHA1 Message Date
Kyle Isom
be3b9d7fe0 Add user-to-user encryption engine with ECDH key exchange and AES-256-GCM 
Implements the complete user engine for multi-recipient envelope encryption:
- ECDH key agreement (X25519, P-256, P-384) with HKDF-derived wrapping keys
- Per-message random DEK wrapped individually for each recipient
- 9 operations: register, provision, get-public-key, list-users, encrypt,
  decrypt, re-encrypt, rotate-key, delete-user
- Auto-provisioning of sender and recipients on encrypt
- Role-based authorization (admin-only provision/delete, user-only decrypt)
- gRPC UserService with proto definitions and REST API routes
- 16 comprehensive tests covering lifecycle, crypto roundtrips, multi-recipient,
  key rotation, auth enforcement, and algorithm variants

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-16 19:44:11 -07:00
Kyle Isom
4deb469a9d Fix missing gRPC interceptor registrations for RevokeCert, DeleteCert, SignCSR 
RevokeCert and DeleteCert were not registered in sealRequired, authRequired,
or adminRequired method sets, so the auth interceptor never ran for those
calls and CallerInfo arrived as nil, producing "authentication required".
SignCSR had the same gap in sealRequired and authRequired.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 13:42:43 -07:00
Kyle Isom
8215aaccc5 Add grpcserver test coverage 
- Add comprehensive test file for internal/grpcserver package
- Cover interceptors, system, engine, policy, and auth handlers
- Cover pbToRule/ruleToPB conversion helpers
- 37 tests total; CA/PKI/ACME and Login/Logout skipped (require live deps)

Co-authored-by: Junie <junie@jetbrains.com>
 2026-03-15 13:07:42 -07:00
Kyle Isom
ad167aed9b Checkpoint: grpc auth fix, issuer list/detail, v2 protos, architecture docs 
Co-authored-by: Junie <junie@jetbrains.com>
 2026-03-15 11:39:13 -07:00
Kyle Isom
fbaf79a8a0 Fix gosec, govet, and errorlint linter errors 
Co-authored-by: Junie <junie@jetbrains.com>
 2026-03-15 10:16:28 -07:00
Kyle Isom
44e5e6e174 Checkpoint: auth, engine, seal, server, grpc updates 
Co-authored-by: Junie <junie@jetbrains.com>
 2026-03-15 10:15:47 -07:00
Kyle Isom
cc1ac2e255 Separate web UI into standalone metacrypt-web binary 
The vault server holds in-memory unsealed state (KEK, engine keys) that
is lost on restart, requiring a full unseal ceremony. Previously the web
UI ran inside the vault process, so any UI change forced a restart and
re-unseal.

This change extracts the web UI into a separate metacrypt-web binary
that communicates with the vault over an authenticated gRPC connection.
The web server carries no sealed state and can be restarted freely.

- gen/metacrypt/v1/: generated Go bindings from proto/metacrypt/v1/
- internal/grpcserver/: full gRPC server implementation (System, Auth,
  Engine, PKI, Policy, ACME services) with seal/auth/admin interceptors
- internal/webserver/: web server with gRPC vault client; templates
  embedded via web/embed.go (no runtime web/ directory needed)
- cmd/metacrypt-web/: standalone binary entry point
- internal/config: added [web] section (listen_addr, vault_grpc, etc.)
- internal/server/routes.go: removed all web UI routes and handlers
- cmd/metacrypt/server.go: starts gRPC server alongside HTTP server
- Deploy: Dockerfile builds both binaries, docker-compose adds
  metacrypt-web service, new metacrypt-web.service systemd unit,
  Makefile gains proto/metacrypt-web targets

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-15 10:15:47 -07:00