Mountain/IPC/WindServiceHandlers/Encryption/mod.rs
1
2//! Encryption handlers for VS Code's `IEncryptionService` channel.
3//! `encryption:encrypt` and `encryption:decrypt` are called by the
4//! workbench to store and retrieve secrets (extension secrets, auth tokens,
5//! GitHub Copilot key, etc.). We use AES-256-GCM via the `ring` crate;
6//! the 256-bit key is derived once per process from the machine's hardware
7//! UUID (macOS `IOPlatformExpertDevice` / Linux `/etc/machine-id` /
8//! Windows `MachineGuid`) so ciphertext is stable across restarts but
9//! unreadable on a different machine without the original key.
10
11pub mod Decrypt;
12
13pub mod Encrypt;
14
15pub mod Key;