cli-password-manager/key_management.plain at main · Codeplain-ai/cli-password-manager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
---
import:
  - vault_reqs
exported_concepts:
  - :KeyManagementModule:
---

***definitions***

- :KeyManagementModule: is module for managing :EncryptionKey: derivation and KDF parameters.

***implementation reqs***

- The code should be implemented in the key_management folder.

- The implemented code should be a module (:KeyManagementModule:) that can be used by other modules of :Vault: system.

***functional specs***

- Implement a function to generate a cryptographically secure random salt for Argon2id KDF using appropriate randomness sources and salt length according to security best practices.

- Implement a get_default_params function to define default Argon2id parameters (memory cost, time cost, and parallelism)
  - The function should return the set of default Argon2id parameters.

- Implement the core Argon2id key derivation function
  - The function should take :MasterPassword: and KDF parameters as input and return the derived key

- Implement the get_key function that take :MasterPassword: as input, obtains the default KDF parameters or KDF parameters from input and returns the derived key and KDF parameters.