Termix

dennii/Termix

Fork 0

Commit Graph

Author	SHA1	Message	Date
ZacharyZcR	a501df8dde	Fix database encryption write operations and initialization This commit fixes critical issues with the database encryption system: Database Write Operations Fixed: - Modified credential creation/update operations to use EncryptedDBOperations - Fixed SSH data and credential access to properly decrypt data - All sensitive data writes now go through encryption layer Database Schema Migration: - Added missing columns (private_key, public_key, detected_key_type) to ssh_credentials table - Fixed "no such column" SQLite errors during encrypted operations Application Startup Order: - Fixed DatabaseEncryption initialization timing issues - Moved encryption-dependent modules to load after encryption initialization - Prevents "DatabaseEncryption not initialized" errors Key Management Improvements: - Enhanced EncryptedDBOperations.insert() to return properly decrypted data with all fields - Fixed TypeScript type issues with database insert operations - Improved error handling for database encryption context All credential operations now properly encrypt sensitive data including SSH keys, passwords, and authentication tokens before writing to database.	2025-09-16 09:52:30 +08:00
ZacharyZcR	18f67d22bc	Improve encryption security: expand field coverage and add key validation - Add encryption for oidc_identifier field to protect OAuth identities - Encrypt ssh_credentials.key and publicKey fields for comprehensive coverage - Add key strength validation requiring 32+ chars with complexity rules - Prevent weak environment variable keys from compromising system - Maintain backward compatibility while closing security gaps 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-09-16 08:14:27 +08:00

Author

SHA1

Message

Date

ZacharyZcR

a501df8dde

Fix database encryption write operations and initialization

This commit fixes critical issues with the database encryption system:

**Database Write Operations Fixed:**
- Modified credential creation/update operations to use EncryptedDBOperations
- Fixed SSH data and credential access to properly decrypt data
- All sensitive data writes now go through encryption layer

**Database Schema Migration:**
- Added missing columns (private_key, public_key, detected_key_type) to ssh_credentials table
- Fixed "no such column" SQLite errors during encrypted operations

**Application Startup Order:**
- Fixed DatabaseEncryption initialization timing issues
- Moved encryption-dependent modules to load after encryption initialization
- Prevents "DatabaseEncryption not initialized" errors

**Key Management Improvements:**
- Enhanced EncryptedDBOperations.insert() to return properly decrypted data with all fields
- Fixed TypeScript type issues with database insert operations
- Improved error handling for database encryption context

All credential operations now properly encrypt sensitive data including SSH keys,
passwords, and authentication tokens before writing to database.

2025-09-16 09:52:30 +08:00

ZacharyZcR

18f67d22bc

Improve encryption security: expand field coverage and add key validation

- Add encryption for oidc_identifier field to protect OAuth identities
- Encrypt ssh_credentials.key and publicKey fields for comprehensive coverage
- Add key strength validation requiring 32+ chars with complexity rules
- Prevent weak environment variable keys from compromising system
- Maintain backward compatibility while closing security gaps

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-09-16 08:14:27 +08:00

2 Commits