Skip to content

feat(format): rename default prefix from ak to ak_v1 for versioned key format#28

Merged
Athroniaeth merged 3 commits into
developmentfrom
feat/revised-safety-standards
Mar 6, 2026
Merged

feat(format): rename default prefix from ak to ak_v1 for versioned key format#28
Athroniaeth merged 3 commits into
developmentfrom
feat/revised-safety-standards

Conversation

@Athroniaeth

Copy link
Copy Markdown
Owner

No description provided.

Athroniaeth and others added 3 commits February 28, 2026 15:52
…enumeration

OWASP API2:2023: move hash verification before ensure_valid() so a caller
with a wrong secret always receives 401 InvalidKey, regardless of whether
the key is inactive or expired. Adds regression test and updates mermaid
flow diagrams to reflect the STATE_CHECK step after COMPARE.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
…re-hashing

Bcrypt silently truncates input at 72 bytes. Concatenating key_secret (64
chars) with a pepper could push the combined string past that limit, causing
the tail characters to be ignored — two distinct secrets could produce the
same hash.

Fix: _apply_pepper() now computes HMAC-SHA256(pepper, secret), producing a
fixed 32-byte digest that is always well within bcrypt's input limit. The
pepper remains cryptographically bound to the secret as the HMAC key.

This is a breaking change: hashes stored under the old concatenation scheme
will not verify with the new implementation; affected keys must be re-issued.

Also updates README, docs/index.md, and docs/schema.mermaid to document the
NIST SP 800-132 compliance entry, the OWASP API2:2023 bullet (missing from
docs/index.md), the STATE_CHECK node (missing from the docs/index.md diagram),
and the NOTE_ARGON annotation to cover both Argon2 and Bcrypt strategies.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
@Athroniaeth Athroniaeth merged commit c3057d1 into development Mar 6, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant