rho-cli 0.1.22

Rho CLI tools for encrypted agent collaboration, dataset publishing, controlled runs, and result release workflows
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105

# Native Crypto Plan

## Goal

Remove the runtime dependency on the `openssl` CLI.

Rho Git filters are invoked by normal Git clients, including GUI clients with
minimal `PATH` values. Shelling out to OpenSSL makes encryption dependent on
which OpenSSL or LibreSSL binary the caller happens to find. Rho should instead
ship as a self-contained Rust binary for its encryption operations.

## Scope

This pass replaces OpenSSL usage for:

- local X25519 encryption key generation in `rho id init`
- explicit file encryption/decryption in `rho crypto encrypt/decrypt`
- recipient envelope sealing/opening in `rho crypto seal/open`
- transparent Git clean/smudge encryption for protected paths

This does not replace SSH signing. `rho crypto sign/verify` still delegates to
`ssh-keygen -Y` because signatures currently use existing SSH identity keys.

## Algorithms

### Identity Encryption Keys

Use raw X25519 key material:

- private key file: base64 encoded 32-byte X25519 private scalar
- public key file: base64 encoded 32-byte X25519 public key
- public identity bundle: the same base64 public key string

The public key `algorithm` remains `x25519`.

### Symmetric Encryption

Use `ChaCha20Poly1305` with a random 96-bit nonce.

For repo-local transparent encryption:

- input key material is the repo key file bytes
- derive a 32-byte AEAD key with HKDF-SHA256
- info string: `rho transparent file v1`

For recipient envelopes:

- sender generates an ephemeral X25519 private key per recipient
- derive X25519 shared secret with recipient public key
- derive a 32-byte AEAD key with HKDF-SHA256
- info string: `rho recipient envelope v1`

## Envelope Shape

Transparent file envelope:

```yaml
version: 1
kind: rho_transparent_file
crypto:
  algorithm: chacha20poly1305-hkdf-sha256
  iterations: 0
  key_source: repo-local-key-file
  created_at: "..."
payload:
  nonce_base64: "..."
  ciphertext_base64: "..."
```

Recipient envelope:

```yaml
version: 1
kind: rho_recipient_envelope
crypto:
  algorithm: x25519-hkdf-sha256
  content_encryption: chacha20poly1305
  created_at: "..."
recipients:
  - identity_id: rho://id/github/user
    key_id: rho://key/github/user/x25519-1
    algorithm: x25519
    ephemeral_public_key: "..."
    nonce_base64: "..."
    ciphertext_base64: "..."
```

## Verification Plan

Run:

```bash
cargo test
bash tests/e2e/rho-recipient-crypto.sh
bash tests/e2e/rho-transparent-crypto.sh
bash tests/e2e/rho-auto-encrypt-policy.sh
bash tests/e2e/local-git-encrypted-collab.sh
bash tests/e2e/local-git-pi-sandbox-encrypted.sh
```

The live Pi/Gondolin test can then be run separately:

```bash
RHO_LOCAL_GIT_PI_LIVE=1 bash tests/e2e/local-git-pi-sandbox-encrypted.sh
```