EVFS: encrypted vault container#69
Merged
Merged
Conversation
VaultFull, VaultLocked, SegmentNotFound, VaultCorrupted.
Module root with format, segment, and wal submodules.
VaultHeader (32B), SegmentEntry with generation counters and per-segment compression, SegmentIndex with best-fit allocator, free-region merging, padded serialization (64KB), layout constants, and 27 unit tests.
feat(evfs): vault format structures and segment index
HKDF domain-separated sub-keys (cipher/nonce/index), generation-aware nonce derivation, compress-then-encrypt pipeline with MIME-aware skip, BLAKE3 checksums with constant-time verification (subtle), CSPRNG pre-allocation in 64KB chunks, secure erase with fsync. 23 tests.
HKDF domain-separated sub-keys (cipher/nonce/index), generation-aware nonce derivation for both segments and index, compress-then-encrypt pipeline with MIME-aware skip, BLAKE3 checksums with constant-time verification (subtle), CSPRNG pre-allocation in 64KB chunks, secure erase with fsync, intermediate buffer zeroization. 26 tests.
…cryption feat(evfs): add per-segment encryption, checksums, and secure deletion
…recovery feat(evfs): WAL crash recovery and advisory file locking
- Add ENCRYPTED_INDEX_SIZE (INDEX_PAD_SIZE + 28) for on-disk layout
- Update DATA_REGION_OFFSET and shadow/WAL offsets accordingly
- Add total_vault_size() helper for vault file preallocation
- Add pub(super) aead_encrypt_random_nonce and aead_decrypt_with_stored_nonce
for index encryption without generation-based nonce derivation
- Add VaultHandle (opaque) holding file, keys, index, WAL, and lock
- Implement vault_create, vault_open, vault_write, vault_read,
vault_delete, vault_list, vault_capacity, vault_close
- Compress-then-encrypt pipeline with MIME-aware skip
- BLAKE3 checksum on original plaintext (pre-compression)
- Free-list allocation with best-fit search and adjacent merge
- WAL crash recovery with snapshot size validation
- Shadow index fallback when primary is corrupted
- Zeroize master key and plaintext data after use
- Safe usize cast for 32-bit platform compatibility
feat(evfs): implement Vault Rust API with VaultHandle
feat(evfs): add Dart VaultService wrapper and integration tests
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
.vaultencrypted container with per-segment AEAD encryption (AES-256-GCM / ChaCha20-Poly1305), BLAKE3integrity checksums, and WAL-based crash recovery
— never stored directly
VaultServicewrapper and 17 integration tests covering the full Dart → FRB → Rust → FRB → Dartpipeline
Architecture
.vault file layout:
Header (32B) → Primary Index (64KB encrypted) → Data Region (segments + CSPRNG fill) → Shadow Index (64KB
encrypted)
{vault_path}.wal — undo journal for crash recovery
{vault_path}.lock — advisory flock
→ write segment → flush dual index → WAL commit
Key Design Decisions
HKDF(nonce_key, segment_index || generation)— generationincrements on every overwrite
OsRngbytessubtle::ConstantTimeEqfor nonce verification and checksum validationFiles Changed
rust/src/core/evfs/format.rsrust/src/core/evfs/segment.rsrust/src/core/evfs/wal.rsrust/src/api/evfs/mod.rslib/src/evfs/vault_service.dartlib/m_security.dartVaultServiceexportintegration_test/evfs_test.dartrust/src/frb_generated.rsRust Tests (248 total, all pass)
EVFS unit tests cover: header roundtrip, index serialization, allocation/deallocation/merge, generation counters,
key derivation domain separation, nonce uniqueness, segment encrypt/decrypt with all compression modes, MIME-aware
skip, index encryption, checksum verification, secure erase, pre-allocation, WAL entry roundtrip/CRC/recovery, file
locking
Integration Tests (17)
Core lifecycle (10): create/write/close/open/read roundtrip, multiple segments, overwrite, read nonexistent
throws, delete, vault full, wrong key, concurrent open locked, list names, capacity info
Compression (4): zstd auto-decompression, brotli auto-decompression, MIME-aware skip (.jpg), mixed algorithms
in same vault
Integrity & recovery (3): tampered segment detection, WAL crash recovery, corrupted primary index falls back to
shadow
Verification
cargo check --features compression— cleancargo clippy --features compression --all-targets— no warningsflutter analyze lib/ integration_test/— no issues