ENG-1631: Add content encryption package (single org key, chunked AES-256-GCM)#3813
Merged
Conversation
…NG-1631) New leaf package providing content encryption for private ingredient artifacts under a single organization-wide AES-256 key. - Encrypt/Decrypt stream the v1 payload format with bounded memory; each chunk is sealed with a fresh CSPRNG nonce, with the chunk index and a final-chunk flag bound into the AEAD so reorder/truncation are detected. - The header (magic marker, version, key id, key fingerprint, chunk size) is hashed into every chunk's AAD, so tampering or stripping it fails closed. - Fingerprint plus a header-only pre-flight CheckKey reject a wrong key before the body is read. - Decrypt writes to a sibling temp file and renames on success, so a failed decrypt never leaves partial or unauthenticated plaintext at the destination. Tests cover round-trip across sizes, a fail-closed tamper suite, nonce uniqueness, wrong-key pre-flight, a v1 golden vector, and an import-boundary check (stdlib + internal/errs only). The package is CGO-free so pkg/runtime's reachable set stays CGO-free. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
MDrakos
approved these changes
Jun 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ENG-1631: Add content encryption package (single org key, chunked AES-256-GCM)
This adds
internal/artifactcrypto, a package that encrypts and decrypts files using an organization's single AES-256 key. It's the foundational piece of the private ingredient work (ENG-1563): the goal is to let customers share proprietary code through ActiveState without ActiveState ever being able to read it, by locking a package on the publisher's machine before upload and unlocking it only on machines that hold the org key.This package does the cryptography and nothing else — it's handed a key and given something to encrypt or decrypt. Fetching the key, wiring it into publish, and wiring it into the consume/install path are separate tickets in the epic. Encryption and decryption both fail closed: anything tampered with, truncated, or opened with the wrong key produces an error and never yields plaintext.
One thing worth knowing for review: the package uses
internal/errsfor error handling. This contradicts the ticket's "standard library only" acceptance criterion, but that criterion was written by an LLM, and we've decided State Tool error handling should stay centralized onerrs. The package is still CGO-free and pulls in nothing heavier (no platform API), which is the constraint that actually matters here.Covered by tests for round-trips, tamper detection, wrong-key rejection, and a golden vector that pins the on-disk format so it can't drift unnoticed.
🤖 Generated with Claude Code