sneak/quak - quak - git.eeqj.de

sneak/quak

Fork 0

Commit Graph

Author	SHA1	Message	Date
sneak	8aecf977e9	Phase 2 green: implement crypto primitives Each stub is replaced with a thin wrapper over libsodium-wrappers-sumo: * init() awaits sodium.ready * toBase64 / toBase64URL / fromBase64 use sodium's base64 variants; fromBase64 tries all four (standard, standard-no-pad, URL-safe, URL-safe-no-pad) so callers don't have to know which form Ente delivered * deriveKEK is sodium.crypto_pwhash with ALG_ARGON2ID13 and 32-byte output * deriveLoginSubkey is sodium.crypto_kdf_derive_from_key(32, 1, 'loginctx', kek).slice(0, 16) per the upstream Ente clients * decryptBox is sodium.crypto_secretbox_open_easy * decryptSealed is sodium.crypto_box_seal_open * initStreamPull / pullStreamChunk wrap the secretstream pull API, throwing on authentication failure rather than returning false All 32 tests pass; make check is green.	2026-05-09 12:44:59 -07:00
sneak	676d42c5eb	Phase 2 red: crypto primitive tests and stub modules Tests for the entire crypto/ public surface, written against the API shape declared in the README. The accompanying src/crypto/ modules are stubs that throw 'not implemented' so the test files compile and tests fail with clear errors rather than module-not-found. Tests cover: * init() resolves and is idempotent * fromBase64 / toBase64 / toBase64URL round-trips, including URL-safe input with stripped padding (the form Ente uses for auth tokens) * deriveKEK matches sodium.crypto_pwhash with Argon2id parameters * deriveLoginSubkey matches sodium.crypto_kdf_derive_from_key with subkey id 1 and ctx 'loginctx', truncated to 16 bytes * decryptBox round-trips, rejects tampering, wrong key, wrong nonce * decryptSealed round-trips, rejects wrong keypair and tampering * Secretstream pull decrypts multi-chunk streams in order, exposes per-chunk tags, rejects tampering, wrong key, and out-of-order chunks * Constants STREAM_CHUNK_SIZE (4 MiB) and STREAM_CHUNK_OVERHEAD (17) Tests are commented to serve as the canonical API documentation per the README development workflow policy. Verified: 29 tests fail (red), 3 trivial constant tests pass; lint and fmt-check are green. eslint.config.mjs is updated to honour the leading-underscore convention for intentionally unused parameters (the stubs).	2026-05-09 12:43:52 -07:00

Author

SHA1

Message

Date

sneak

8aecf977e9

Phase 2 green: implement crypto primitives

Each stub is replaced with a thin wrapper over libsodium-wrappers-sumo:

  * init() awaits sodium.ready
  * toBase64 / toBase64URL / fromBase64 use sodium's base64 variants;
    fromBase64 tries all four (standard, standard-no-pad, URL-safe,
    URL-safe-no-pad) so callers don't have to know which form Ente
    delivered
  * deriveKEK is sodium.crypto_pwhash with ALG_ARGON2ID13 and 32-byte
    output
  * deriveLoginSubkey is sodium.crypto_kdf_derive_from_key(32, 1,
    'loginctx', kek).slice(0, 16) per the upstream Ente clients
  * decryptBox is sodium.crypto_secretbox_open_easy
  * decryptSealed is sodium.crypto_box_seal_open
  * initStreamPull / pullStreamChunk wrap the secretstream pull API,
    throwing on authentication failure rather than returning false

All 32 tests pass; make check is green.

2026-05-09 12:44:59 -07:00

sneak

676d42c5eb

Phase 2 red: crypto primitive tests and stub modules

Tests for the entire crypto/ public surface, written against the API
shape declared in the README. The accompanying src/crypto/ modules are
stubs that throw 'not implemented' so the test files compile and tests
fail with clear errors rather than module-not-found.

Tests cover:
  * init() resolves and is idempotent
  * fromBase64 / toBase64 / toBase64URL round-trips, including URL-safe
    input with stripped padding (the form Ente uses for auth tokens)
  * deriveKEK matches sodium.crypto_pwhash with Argon2id parameters
  * deriveLoginSubkey matches sodium.crypto_kdf_derive_from_key with
    subkey id 1 and ctx 'loginctx', truncated to 16 bytes
  * decryptBox round-trips, rejects tampering, wrong key, wrong nonce
  * decryptSealed round-trips, rejects wrong keypair and tampering
  * Secretstream pull decrypts multi-chunk streams in order, exposes
    per-chunk tags, rejects tampering, wrong key, and out-of-order chunks
  * Constants STREAM_CHUNK_SIZE (4 MiB) and STREAM_CHUNK_OVERHEAD (17)

Tests are commented to serve as the canonical API documentation per the
README development workflow policy. Verified: 29 tests fail (red), 3
trivial constant tests pass; lint and fmt-check are green.

eslint.config.mjs is updated to honour the leading-underscore convention
for intentionally unused parameters (the stubs).

2026-05-09 12:43:52 -07:00

2 Commits