JefeOS now has a full secrets vault — the first of three target appliances on the roadmap. vault init, type a master password, and you have ChaCha20-Poly1305 AEAD encryption protecting secrets stored directly on the NTFS filesystem. All operable over SSH.
The Architecture
The vault runs entirely in kernel space. SHA-256 derives a 32-byte master key from the password. Each secret gets a unique 12-byte nonce (4 bytes random + 4 bytes counter + 4 bytes padding), then ChaCha20-Poly1305 encrypts the plaintext with a 16-byte authentication tag prepended. Wrong password? The Poly1305 MAC verification fails and you get a clean "Authentication failed" instead of garbage decryption.
| Component | Implementation |
|---|---|
| Cipher | ChaCha20-Poly1305 AEAD (same cipher as our SSH transport) |
| KDF | SHA-256(password) → 32-byte master key |
| Nonce | 12 bytes: RNG + incrementing counter |
| Storage | NTFS root directory, /__vault_<key>.enc |
| Audit | Timestamped append-only log at /__vault_audit.log |
Working Around NTFS Bugs
JefeOS's NTFS driver has a known bug: add_directory_entry() silently fails for non-root directories because newly created dirs have INDEX_ROOT only (no INDEX_ALLOCATION), and the code path that handles small directories doesn't properly insert entries. The workaround: store all vault files flat in the root directory with a __vault_ prefix. Not elegant, but it works reliably until the NTFS indexing is fixed.
A second NTFS quirk: the directory entry file_size field is never updated after write_file(). The vault list command works around this by opening each file to read the actual size from the file handle rather than trusting the directory entry metadata.
The Command Set
| Command | Function |
|---|---|
vault init <password> | Derive master key, unlock vault |
vault lock | Secure-zero the master key from memory |
vault status | Lock state, cipher info, secret count |
vault set <key> <value> | Encrypt and store a secret |
vault get <key> | Decrypt and display a secret |
vault list | List all stored secrets with sizes |
vault delete <key> | Remove a secret from storage |
vault export | Hex dump of all encrypted vault files |
vault audit | Display timestamped access log |
Testing Over SSH
The entire test suite runs via plink from the Windows host. 22 automated tests covering CRUD operations, lock/unlock cycles, wrong-password authentication failure, audit logging, and bare subcommand usage handlers. Two subtleties discovered during testing: the audit log file was initially appearing in vault list output (fixed with a prefix filter), and vault export was returning zero secrets because it filtered on the stale directory entry size (removed the check).
What Ships
- Full secrets vault with ChaCha20-Poly1305 AEAD encryption
- Master password authentication with Poly1305 MAC verification
- Persistent NTFS storage surviving reboots
- Append-only audit log with timestamps for all vault operations
- Secure memory zeroing on vault lock
- All commands work over SSH for remote secrets management
What's Next
- NTFS subdirectory indexing fix (currently all vault files stored flat in root)
- Next appliance: Ecosystem Health Monitor (HTTP/S client for endpoint checks)
- POSIX parity sprints: file descriptors, environment variables, signals