qsfs_core/

lib.rs

//! # qsfs-core: Quantum-Shield File System Core Library
//!
//! [![Crates.io](https://img.shields.io/crates/v/qsfs-core)](https://crates.io/crates/qsfs-core)
//! [![Documentation](https://docs.rs/qsfs-core/badge.svg)](https://docs.rs/qsfs-core)
//! [![License](https://img.shields.io/badge/license-MIT%2FApache--2.0-green)](https://github.com/AnubisQuantumCipher/quantum-shield/blob/main/LICENSE-MIT)
//!
//! **The world's most comprehensive post-quantum file encryption library with complete cryptographic suite**
//!
//! This crate provides the core cryptographic primitives and file format implementation for QSFS,
//! a quantum-resistant file encryption system that implements NIST-standardized post-quantum
//! cryptography with ML-DSA-87 digital signatures and a complete suite of encryption technologies.
//!
//! ## 🛡️ Complete Cryptographic Arsenal
//!
//! ### Post-Quantum Cryptography (CNSA 2.0 Compliant)
//! - **ML-KEM-1024** (FIPS 203) - Quantum-resistant key encapsulation, NIST Level 5 security
//! - **ML-DSA-87** (FIPS 204) - Post-quantum digital signatures, NIST Level 5 security
//! - **CNSA 2.0 Compliant** - Meets NSA Commercial National Security Algorithm Suite requirements
//!
//! ### Hybrid Classical Cryptography
//! - **X25519** - Elliptic curve Diffie-Hellman key exchange for additional security layers
//! - **Ed25519** - EdDSA signatures for classical authentication backup
//!
//! ### Authenticated Encryption (AEAD)
//! - **AES-256-GCM-SIV** - Nonce misuse-resistant authenticated encryption (default)
//! - **AES-256-GCM** - Standard authenticated encryption with additional data
//! - **ChaCha20-Poly1305** - Stream cipher with Poly1305 MAC for cascade encryption
//!
//! ### Key Derivation & Hashing
//! - **HKDF-SHA3-384** - Key derivation with enhanced domain separation
//! - **BLAKE3** - High-performance cryptographic hashing for file integrity
//! - **Argon2** - Memory-hard key derivation for password-based encryption
//!
//! ### Hardware Security Module (HSM) Support
//! - **PKCS#11** - Hardware security module integration via cryptoki
//! - **Hardware acceleration** - Optimized primitives using available CPU instructions
//!
//! ### Memory Safety & Security
//! - **Automatic zeroization** - Secure memory clearing using zeroize crate
//! - **Constant-time operations** - Side-channel attack resistance
//! - **Memory locking** - Prevents sensitive data from being swapped to disk
//! - **Secure permissions** - Atomic file operations with restricted access
//!
//! ## 🚀 Quick Start
//!
//! Add this to your `Cargo.toml`:
//!
//! ```toml
//! [dependencies]
//! qsfs-core = { version = "0.1.2", features = ["pq", "hybrid-x25519", "gcm-siv", "cascade", "hsm"] }
//! ```
//!
//! ### Basic Encryption with All Technologies
//!
//! ```rust,no_run
//! use qsfs_core::{seal, unseal, SealRequest, UnsealContext, Signer};
//! use tokio::fs::File;
//!
//! #[tokio::main]
//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
//!     // Generate or load cryptographic keys
//!     let ml_kem_pk = /* load ML-KEM-1024 public key */;
//!     let x25519_pk = /* load X25519 public key */;
//!     let signer = Signer::generate()?; // ML-DSA-87 signer
//!
//!     // Encrypt with complete quantum-resistant suite
//!     let request = SealRequest {
//!         input_path: "sensitive-document.pdf",
//!         recipients: vec![(
//!             "alice".to_string(),
//!             ml_kem_pk,
//!             x25519_pk,
//!         )],
//!         header_sign_mldsa_sk: None,
//!         chunk_size: 131072, // 128KB chunks for streaming
//!         signer: Some(&signer), // ML-DSA-87 signatures
//!     };
//!
//!     // Seal with all encryption technologies
//!     seal(request, "document.qsfs").await?;
//!
//!     // Decrypt with signature verification
//!     let input = File::open("document.qsfs").await?;
//!     let context = UnsealContext {
//!         mlkem_sk: &ml_kem_sk,
//!         x25519_sk: Some(x25519_sk),
//!         allow_unsigned: false, // Require signatures
//!         trust_any_signer: false, // Use trust store
//!     };
//!
//!     unseal(input, "decrypted.pdf", context).await?;
//!     println!("✅ File decrypted and signature verified!");
//!
//!     Ok(())
//! }
//! ```
//!
//! ## 🔧 Feature Flags
//!
//! Enable specific cryptographic technologies:
//!
//! ```toml
//! [dependencies]
//! qsfs-core = { version = "0.1.2", features = [
//!     "pq",           # Post-quantum: ML-KEM-1024 + ML-DSA-87
//!     "hybrid-x25519", # Hybrid: X25519 + Ed25519
//!     "gcm-siv",      # AES-256-GCM-SIV (nonce misuse resistant)
//!     "gcm",          # AES-256-GCM (standard AEAD)
//!     "cascade",      # ChaCha20-Poly1305 cascade encryption
//!     "hsm",          # Hardware Security Module support
//!     "wasm",         # WebAssembly compatibility
//! ] }
//! ```
//!
//! ## 📊 Security Specifications
//!
//! | Component | Algorithm | Key Size | Security Level | Quantum Safe |
//! |-----------|-----------|----------|----------------|--------------|
//! | **Key Encapsulation** | ML-KEM-1024 | 1568 bytes | NIST Level 5 | ✅ Yes |
//! | **Digital Signatures** | ML-DSA-87 | 4864 bytes | NIST Level 5 | ✅ Yes |
//! | **Hybrid Key Exchange** | X25519 | 32 bytes | ~128-bit | ❌ No |
//! | **Symmetric Encryption** | AES-256-GCM-SIV | 256 bits | 128-bit | ✅ Yes |
//! | **Stream Cipher** | ChaCha20-Poly1305 | 256 bits | 128-bit | ✅ Yes |
//! | **Key Derivation** | HKDF-SHA3-384 | Variable | 192-bit | ✅ Yes |
//! | **File Integrity** | BLAKE3 | 256 bits | 128-bit | ✅ Yes |
//!
//! ## 🏗️ Architecture
//!
//! The library is organized into specialized modules:
//!
//! - **[`derivation`]** - Key derivation functions and cryptographic key management
//! - **[`header`]** - File format header parsing, serialization, and metadata
//! - **[`streaming`]** - Streaming AEAD for efficient large file processing
//! - **[`security`]** - Memory safety, system security, and side-channel protection
//! - **[`signer`]** - ML-DSA-87 digital signature creation and verification




//! ## 🔒 Security Properties
//!
//! ### Quantum Resistance
//! - **Post-quantum algorithms** protect against Shor's algorithm (breaks RSA/ECC)
//! - **Large key sizes** provide security against Grover's algorithm
//! - **NIST standardized** algorithms with extensive cryptanalysis
//!
//! ### Forward Secrecy
//! - **Ephemeral key exchange** ensures past sessions remain secure
//! - **Perfect forward secrecy** through ephemeral X25519 keys
//! - **Session isolation** prevents compromise propagation
//!
//! ### Non-Repudiation
//! - **ML-DSA-87 signatures** provide cryptographic proof of origin
//! - **Trust store management** for signer verification
//! - **Canonical serialization** ensures deterministic signatures
//!
//! ### Integrity Protection
//! - **AEAD authentication** detects any tampering
//! - **BLAKE3 hashing** for file-level integrity
//! - **Digital signatures** for authenticity verification
//!
//! ## 🌐 Platform Compatibility
//!
//! | Platform | Status | Notes |
//! |----------|--------|-------|
//! | Linux x86_64 | ✅ Full Support | Primary development platform |
//! | Linux ARM64 | ✅ Full Support | Raspberry Pi 4+ compatible |
//! | macOS Intel | ✅ Full Support | Hardware acceleration available |
//! | macOS Apple Silicon | ✅ Full Support | Native ARM64 optimizations |
//! | Windows x64 | ✅ Full Support | MSVC and GNU toolchains |
//! | FreeBSD | 🟡 Experimental | Community maintained |
//! | WebAssembly | 🟡 Limited | Basic functionality with `wasm` feature |
//!
//! ## 📚 Examples
//!
//! ### Multi-Recipient Encryption
//!
//! ```rust,no_run
//! use qsfs_core::{seal, SealRequest, Signer};
//!
//! #[tokio::main]
//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
//!     let signer = Signer::generate()?;
//!     
//!     let request = SealRequest {
//!         input_path: "company-secrets.tar.gz",
//!         recipients: vec![
//!             ("alice".to_string(), alice_mlkem_pk, alice_x25519_pk),
//!             ("bob".to_string(), bob_mlkem_pk, bob_x25519_pk),
//!             ("charlie".to_string(), charlie_mlkem_pk, charlie_x25519_pk),
//!         ],
//!         header_sign_mldsa_sk: None,
//!         chunk_size: 262144, // 256KB chunks
//!         signer: Some(&signer),
//!     };
//!
//!     seal(request, "secrets.qsfs").await?;
//!     println!("✅ Encrypted for {} recipients", request.recipients.len());
//!     Ok(())
//! }
//! ```
//!
//! ### HSM Integration
//!
//! ```rust,no_run
//! #[cfg(feature = "hsm")]
//! use qsfs_core::security::hsm;
//!
//! #[cfg(feature = "hsm")]
//! #[tokio::main]
//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
//!     // Initialize HSM connection
//!     let hsm = hsm::initialize_pkcs11("/usr/lib/libpkcs11.so")?;
//!     
//!     // Use HSM for key operations
//!     let key_handle = hsm.generate_key("AES", 256)?;
//!     
//!     // Encrypt using HSM-stored keys
//!     // ... encryption logic with HSM integration
//!     
//!     Ok(())
//! }
//! ```
//!
//! ## 🔧 Advanced Configuration
//!
//! ### Custom Chunk Sizes
//!
//! ```rust,no_run
//! // Small files: 64KB chunks for lower latency
//! let small_file_request = SealRequest {
//!     chunk_size: 65536,
//!     // ... other fields
//! };
//!
//! // Large files: 1MB chunks for better throughput
//! let large_file_request = SealRequest {
//!     chunk_size: 1048576,
//!     // ... other fields
//! };
//! ```
//!
//! ### Algorithm Selection
//!
//! ```rust,no_run
//! use qsfs_core::suite::SuiteId;
//!
//! // Force specific AEAD algorithm
//! let suite = SuiteId::Aes256GcmSiv; // Nonce misuse resistant
//! let suite = SuiteId::Aes256Gcm;    // Standard AEAD
//! ```
//!
//! ## 🛠️ Integration Guide
//!
//! ### Error Handling
//!
//! ```rust,no_run
//! use qsfs_core::{seal, SealRequest};
//! use anyhow::Result;
//!
//! async fn secure_encrypt(input: &str, output: &str) -> Result<()> {
//!     let request = SealRequest {
//!         // ... configuration
//!     };
//!
//!     match seal(request, output).await {
//!         Ok(()) => {
//!             println!("✅ Encryption successful");
//!             Ok(())
//!         }
//!         Err(e) => {
//!             eprintln!("❌ Encryption failed: {}", e);
//!             Err(e)
//!         }
//!     }
//! }
//! ```
//!
//! ### Memory Management
//!
//! ```rust,no_run
//! use qsfs_core::security::{disable_core_dumps, lock_memory};
//!
//! fn secure_initialization() -> Result<(), Box<dyn std::error::Error>> {
//!     // Disable core dumps to prevent key leakage
//!     disable_core_dumps()?;
//!     
//!     // Lock sensitive memory pages
//!     let sensitive_data = vec![0u8; 1024];
//!     lock_memory(&sensitive_data)?;
//!     
//!     // ... cryptographic operations
//!     
//!     // Memory is automatically zeroized on drop
//!     Ok(())
//! }
//! ```
//!
//! ## 📖 Further Reading
//!
//! - [NIST Post-Quantum Cryptography Standards](https://csrc.nist.gov/projects/post-quantum-cryptography)
//! - [NSA CNSA 2.0 Guidelines](https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF)
//! - [Quantum-Shield Security Analysis](https://github.com/AnubisQuantumCipher/quantum-shield/blob/main/docs/SECURITY_ANALYSIS.md)
//! - [Complete Command Reference](https://github.com/AnubisQuantumCipher/quantum-shield/blob/main/docs/COMMAND_REFERENCE.md)

pub mod derivation;
mod header;
mod pq;
mod streaming;
mod security;
pub mod suite;
pub mod pae;
pub mod signer;
pub mod canonical;

use anyhow::Result;
use derivation::{derive_file_nonce_seed, hkdf_expand_keys, ContentEncryptionKey, derive_kek, wrap_dek, unwrap_dek};
pub use header::{Header, RecipientEntry, SignatureMetadata};
use crate::suite::SuiteId;
use pq::mlkem;
use tokio::{fs::File, io::AsyncReadExt};
use base64::{engine::general_purpose, Engine as _};
use rand::RngCore;
use std::io::Write;
use secrecy::ExposeSecret;
use tempfile::NamedTempFile;
use std::path::Path;
use security::{disable_core_dumps, set_secure_permissions};
pub use signer::{Signer, TrustStore, verify_signature, default_trustdb_path, auto_provision_signer};
pub use canonical::{CanonicalHeader, SignatureMetadata as CanonicalSignatureMetadata};

#[cfg(feature="pq")]
use pqcrypto_traits::kem::{SharedSecret as SharedSecretTrait, Ciphertext as CiphertextTrait};
#[cfg(feature="pq")]
use pqcrypto_traits::sign::PublicKey as PublicKeyTrait;

pub struct SealRequest<'a> {
    pub input_path: &'a str,
    pub recipients: Vec<(String, pqcrypto_mlkem::mlkem1024::PublicKey, [u8;32])>,
    pub header_sign_mldsa_sk: Option<pqcrypto_mldsa::mldsa87::SecretKey>,
    pub chunk_size: usize,
    pub signer: Option<&'a Signer>,
}

pub struct UnsealContext<'a> {
    pub mlkem_sk: &'a pqcrypto_mlkem::mlkem1024::SecretKey,
    pub x25519_sk: Option<[u8;32]>,
    pub allow_unsigned: bool,
    pub trust_any_signer: bool,
}

pub async fn seal(req: SealRequest<'_>, output_path: &str) -> Result<()> {
    // Disable core dumps for security
    disable_core_dumps().ok();
    
    // 1) Prepare header (no plaintext fingerprint in clear)
    
    // 2) Generate CEK and wrap for each recipient
    let cek = ContentEncryptionKey::generate()?;
    let mut recipients = Vec::new();
    
    // Ephemeral X25519 key for this file
    #[cfg(feature="hybrid-x25519")]
    let eph_x_sk = {
        let rng = rand::rngs::OsRng;
        x25519_dalek::StaticSecret::random_from_rng(rng)
    };
    #[cfg(feature="hybrid-x25519")]
    let eph_x_pk = x25519_dalek::PublicKey::from(&eph_x_sk);

    // Generate per-file kdf_salt (v2.1)
    let mut kdf_salt = [0u8; 32];
    rand::rngs::OsRng.fill_bytes(&mut kdf_salt);

    for (label, mlkem_pk, recip_x25519_pk_bytes) in req.recipients {
        let (ss, ct) = mlkem::encapsulate(&mlkem_pk);

        #[cfg(feature="hybrid-x25519")]
        let kek = {
            let recip_x_pk = x25519_dalek::PublicKey::from(recip_x25519_pk_bytes);
            let x_ss = eph_x_sk.diffie_hellman(&recip_x_pk);
            derive_kek(ss.as_bytes(), x_ss.as_bytes(), Some(&kdf_salt))
        };

    #[cfg(not(feature="hybrid-x25519"))]
    let kek = {
            // Always KDF the shared secret (even when not hybrid)
            derive_kek(ss.as_bytes(), &[], Some(&kdf_salt))
        };

        // Wrap DEK under KEK
        let mut wrap_nonce = [0u8;12];
        rand::rngs::OsRng.fill_bytes(&mut wrap_nonce);
        let wrapped_dek = wrap_dek(&kek, &wrap_nonce, cek.expose_secret())?;

        // Recipient fingerprint
        let x25519_pk_fpr = {
            let h = blake3::hash(&recip_x25519_pk_bytes);
            let mut f = [0u8;8]; f.copy_from_slice(&h.as_bytes()[..8]); f
        };

        recipients.push(RecipientEntry {
            label,
            mlkem_ct: ct.as_bytes().to_vec(),
            wrap: wrapped_dek.clone(), // legacy mirror
            wrapped_dek,
            wrap_nonce,
            x25519_pk_fpr,
            x25519_pub: recip_x25519_pk_bytes.to_vec(),
        });
    }

    // 4) Derive keys and file-id from CEK with enhanced domain separation
    let confirm = b"qsfs_confirm_v2";
    let keys = hkdf_expand_keys(cek.expose_secret(), Some(confirm));
    let file_id = derive_file_nonce_seed(cek.expose_secret());
    
    let mut hdr = header::Header {
        magic: *b"QSFS2\0",
        chunk_size: req.chunk_size as u32,
        file_id,
        blake3_of_plain: [0u8;32],
        suite: SuiteId::current(),
        kdf_salt: Some(kdf_salt),
        recipients,
        #[cfg(feature="hybrid-x25519")]
        eph_x25519_pk: *eph_x_pk.as_bytes(),
        #[cfg(not(feature="hybrid-x25519"))]
        eph_x25519_pk: [0u8;32],
        mldsa_sig: vec![],
        ed25519_sig: vec![],
        signature_metadata: None,
        fin: 1,
    };
    
    // Sign header with ML-DSA-87 if signer is provided
    if let Some(signer) = req.signer {
        let canonical_bytes = CanonicalHeader::serialize(&hdr)?;
        let signature = signer.sign(&canonical_bytes)?;
        
        let sig_metadata = CanonicalSignatureMetadata::new(
            signer.id_hex(),
            signer.pk.as_bytes().to_vec(),
            signature.clone(),
        );
        
        hdr.mldsa_sig = signature;
        hdr.signature_metadata = Some(SignatureMetadata {
            signer_id: sig_metadata.signer_id,
            algorithm: sig_metadata.algorithm,
            public_key: sig_metadata.public_key,
        });
    }
    
    // 5) Atomic write: use temporary file with secure permissions
    let output_dir = Path::new(output_path).parent().unwrap_or(Path::new("."));
    let mut temp_file = NamedTempFile::new_in(output_dir)?;
    
    // Set secure permissions on temporary file
    set_secure_permissions(temp_file.path()).ok();
    
    let hdr_bytes = postcard::to_allocvec(&hdr)?;

    // Write header length + header + encrypted stream
    temp_file.write_all(&(hdr_bytes.len() as u32).to_be_bytes())?;
    temp_file.write_all(&hdr_bytes)?;

    let aad = hdr.aead_aad();
    streaming::encrypt_stream(
        req.input_path,
        temp_file.as_file_mut(),
        req.chunk_size,
        file_id,
        &aad,
        keys.aes_k1.expose_secret(),
        None,
    ).await?;

    // Ensure data is written to disk before atomic rename
    temp_file.as_file_mut().sync_all()?;
    
    // Atomic rename
    temp_file.persist(output_path)?;
    
    Ok(())
}

pub async fn unseal(mut input: File, output_path: &str, ctx: UnsealContext<'_>) -> Result<()> {
    // Disable core dumps for security
    disable_core_dumps().ok();
    
    // 1) Read header length and header
    let mut len_buf = [0u8; 4];
    input.read_exact(&mut len_buf).await?;
    let hdr_len = u32::from_be_bytes(len_buf) as usize;
    
    if hdr_len > 1024 * 1024 {
        return Err(anyhow::anyhow!("Header too large: {}", hdr_len));
    }
    
    let mut hdr_buf = vec![0u8; hdr_len];
    input.read_exact(&mut hdr_buf).await?;
    let hdr: Header = postcard::from_bytes(&hdr_buf)?;
    // Enforce magic/version
    if hdr.magic != *b"QSFS2\0" {
        return Err(anyhow::anyhow!("Unrecognized file format (bad magic)"));
    }
    
    // 2) Verify signature if present (default behavior)
    if !hdr.mldsa_sig.is_empty() {
        // Signature is present - verify it
        let canonical_bytes = CanonicalHeader::serialize(&hdr)?;
        
        if let Some(sig_metadata) = &hdr.signature_metadata {
            let public_key_bytes = general_purpose::STANDARD
                .decode(&sig_metadata.public_key)
                .map_err(|e| anyhow::anyhow!("Invalid public key base64: {}", e))?;
            
            // Verify signature
            let signature_valid = verify_signature(&canonical_bytes, &hdr.mldsa_sig, &public_key_bytes)?;
            if !signature_valid {
                return Err(anyhow::anyhow!("❌ ML-DSA-87 signature verification failed"));
            }
            
            // Check trust store unless --trust-any-signer is specified
            if !ctx.trust_any_signer {
                let trust_store = TrustStore::load_from_file(default_trustdb_path()?)?;
                if !trust_store.is_trusted(&sig_metadata.signer_id) {
                    return Err(anyhow::anyhow!(
                        "❌ Signer not trusted: {} (use 'qsfs trust add' or --trust-any-signer)", 
                        sig_metadata.signer_id
                    ));
                }
            }
            
            eprintln!("✅ ML-DSA-87 signature verified: {}", sig_metadata.signer_id);
        } else {
            return Err(anyhow::anyhow!("❌ Signature present but metadata missing"));
        }
    } else {
        // No signature present
        if !ctx.allow_unsigned {
            return Err(anyhow::anyhow!(
                "❌ File is not signed. Use --allow-unsigned to decrypt unsigned files (security risk)"
            ));
        }
        eprintln!("⚠️  Processing unsigned file (--allow-unsigned specified)");
    }

    // 3) Try to decrypt CEK with our key (verifiable decapsulation)
    let mut cek_bytes = None;
    for rec in &hdr.recipients {
        if let Ok(ct) = pqcrypto_mlkem::mlkem1024::Ciphertext::from_bytes(&rec.mlkem_ct) {
            let ss = mlkem::decapsulate(&ct, ctx.mlkem_sk);
            #[cfg(feature="hybrid-x25519")]
            {
                if let Some(xsk) = ctx.x25519_sk {
                    let recip_x_sk = x25519_dalek::StaticSecret::from(xsk);
                    let eph_x_pk = x25519_dalek::PublicKey::from(hdr.eph_x25519_pk);
                    let x_ss = recip_x_sk.diffie_hellman(&eph_x_pk);
                    let kek = derive_kek(ss.as_bytes(), x_ss.as_bytes(), hdr.kdf_salt.as_ref().map(|s| s.as_slice()));
                    if rec.wrapped_dek.len() == 48 {
                        if let Ok(cek) = unwrap_dek(&kek, &rec.wrap_nonce, &rec.wrapped_dek) {
                            cek_bytes = Some((cek, b"qsfs_confirm_v2".to_vec()));
                            break;
                        }
                    }
                } else {
                    return Err(anyhow::anyhow!("X25519 secret required for hybrid decrypt"));
                }
            }
            #[cfg(not(feature="hybrid-x25519"))]
            {
                // Non-hybrid: use KEK derived from ML-KEM SS and unwrap via AES-GCM
                let kek = derive_kek(ss.as_bytes(), &[], hdr.kdf_salt.as_ref().map(|s| s.as_slice()));
                if rec.wrapped_dek.len() == 48 {
                    if let Ok(cek) = unwrap_dek(&kek, &rec.wrap_nonce, &rec.wrapped_dek) {
                        cek_bytes = Some((cek, b"qsfs_confirm_v2".to_vec()));
                        break;
                    }
                }
            }
        }
    }
    
    let (cek, confirm) = cek_bytes.ok_or_else(|| anyhow::anyhow!("No matching recipient key"))?;
    
    // 4) Derive keys from CEK
    let keys = hkdf_expand_keys(&cek, Some(&confirm));
    
    // 5) Atomic write: use temporary file with secure permissions
    let output_dir = Path::new(output_path).parent().unwrap_or(Path::new("."));
    let mut temp_file = NamedTempFile::new_in(output_dir)?;
    
    // Set secure permissions on temporary file
    set_secure_permissions(temp_file.path()).ok();
    
    let aad = hdr.aead_aad();
    let mut rest = input;
    streaming::decrypt_stream(&mut rest, temp_file.as_file_mut(), hdr.file_id, &aad,
        keys.aes_k1.expose_secret(),
        None,
    ).await?;

    // Ensure data is written to disk before atomic rename
    temp_file.as_file_mut().sync_all()?;
    
    // Atomic rename
    temp_file.persist(output_path)?;
    
    Ok(())
}