rethink-public/envelope_crypto
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 4 Tags 97 KiB
313b0c7d56
Commit Graph

2 Commits

Author SHA1 Message Date
disqualifier
313b0c7d56 fix: forward password to private-key fingerprinting (v0.1.1) 
get_rsa_key_fingerprint(is_private=True) called load_pem_private_key(password=None),
so an encrypted private key raised a raw TypeError. add an optional password param
forwarded to the load; unencrypted keys ignore it.

verified: encrypted private key fingerprints with its password and matches the
public key's fingerprint; missing password still raises.

Signed-off-by: disqualifier <dev@disqualifier.me>
 2026-06-28 15:53:04 -04:00
disqualifier
659aa7849d add package: pyproject + src 
EnvelopeCrypto: hybrid envelope encryption for dict records — a random
AES-256-GCM data key (DEK) encrypts the data, wrapped per-system via
RSA-OAEP (SHA-256) for distribution. config-free (DEK + key paths
injected), storage-agnostic, object-only. covers bootstrap/self_test,
authorize/deauthorize, rotate + reencrypt, and record-level decrypt.
src/ layout, hatchling build, cryptography backend.

Signed-off-by: disqualifier <dev@disqualifier.me>
 2026-06-24 21:36:43 -04:00