Skip to content

Build encrypted token storage #4

New issue
New issue
Open
Open
Build encrypted token storage#4
Labels
enhancementNew feature or requestsecuritySecurity-related issues
@Hozyne-OpenBak

Description

@Hozyne-OpenBak
Hozyne-OpenBak
opened on Feb 21, 2026

Part of #2

Securely store OAuth tokens at rest.

Tasks:

  • AES-256-GCM encryption
  • PBKDF2 key derivation
  • JSON storage format (~/.infershield/tokens.json)
  • Read/write/delete operations

Security:

  • Master key from INFERSHIELD_MASTER_KEY env var
  • Random IV per token
  • Store: {iv, authTag, ciphertext}

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestsecuritySecurity-related issues

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions