feat: Update SAL Vault examples and documentation

- Renamed examples directory to `_archive` to reflect legacy status. - Updated README.md to reflect current status of vault module, including migration from Sameh's implementation to Lee's. - Temporarily disabled Rhai scripting integration for the vault. - Added notes regarding current and future development steps.
2025-07-10 14:03:43 +03:00
parent 61f5331804
commit 6e5d9b35e8
58 changed files with 1576 additions and 278 deletions
--- a/vault/_archive/tests/crypto_tests.rs
+++ b/vault/_archive/tests/crypto_tests.rs
@@ -0,0 +1,121 @@
+use sal_vault::error::CryptoError;
+use sal_vault::keyspace::{KeyPair, KeySpace};
+use sal_vault::symmetric::implementation::{
+    decrypt_symmetric, encrypt_symmetric, generate_symmetric_key,
+};
+
+#[test]
+fn test_symmetric_key_generation() {
+    let key1 = generate_symmetric_key();
+    let key2 = generate_symmetric_key();
+
+    // Keys should be different
+    assert_ne!(key1, key2);
+
+    // Keys should be 32 bytes
+    assert_eq!(key1.len(), 32);
+    assert_eq!(key2.len(), 32);
+}
+
+#[test]
+fn test_symmetric_encryption_decryption() {
+    let key = generate_symmetric_key();
+    let message = b"Hello, World!";
+
+    // Encrypt the message
+    let encrypted = encrypt_symmetric(&key, message).expect("Encryption should succeed");
+
+    // Encrypted data should be different from original
+    assert_ne!(encrypted.as_slice(), message);
+
+    // Decrypt the message
+    let decrypted = decrypt_symmetric(&key, &encrypted).expect("Decryption should succeed");
+
+    // Decrypted data should match original
+    assert_eq!(decrypted.as_slice(), message);
+}
+
+#[test]
+fn test_symmetric_encryption_with_wrong_key() {
+    let key1 = generate_symmetric_key();
+    let key2 = generate_symmetric_key();
+    let message = b"Secret message";
+
+    // Encrypt with key1
+    let encrypted = encrypt_symmetric(&key1, message).expect("Encryption should succeed");
+
+    // Try to decrypt with key2 (should fail)
+    let result = decrypt_symmetric(&key2, &encrypted);
+    assert!(result.is_err());
+}
+
+#[test]
+fn test_keyspace_creation() {
+    let mut keyspace = KeySpace::new("test_space");
+
+    assert_eq!(keyspace.name, "test_space");
+    assert!(keyspace.keypairs.is_empty());
+
+    // Add a keypair
+    keyspace
+        .add_keypair("test_key")
+        .expect("Adding keypair should succeed");
+
+    assert_eq!(keyspace.keypairs.len(), 1);
+    assert!(keyspace.keypairs.contains_key("test_key"));
+}
+
+#[test]
+fn test_keypair_creation() {
+    let keypair = KeyPair::new("test_keypair");
+
+    // Test that we can get the public key
+    let public_key = keypair.pub_key();
+    assert!(!public_key.is_empty());
+
+    // Test signing and verification
+    let message = b"test message";
+    let signature = keypair.sign(message);
+
+    let is_valid = keypair
+        .verify(message, &signature)
+        .expect("Verification should succeed");
+    assert!(is_valid);
+
+    // Test with wrong message
+    let wrong_message = b"wrong message";
+    let is_valid = keypair
+        .verify(wrong_message, &signature)
+        .expect("Verification should succeed");
+    assert!(!is_valid);
+}
+
+#[test]
+fn test_keyspace_serialization() {
+    let mut keyspace = KeySpace::new("test_space");
+    keyspace
+        .add_keypair("test_key")
+        .expect("Adding keypair should succeed");
+
+    // Serialize
+    let serialized = serde_json::to_string(&keyspace).expect("Serialization should succeed");
+
+    // Deserialize
+    let deserialized: KeySpace =
+        serde_json::from_str(&serialized).expect("Deserialization should succeed");
+
+    assert_eq!(deserialized.name, keyspace.name);
+    assert_eq!(deserialized.keypairs.len(), keyspace.keypairs.len());
+}
+
+#[test]
+fn test_error_types() {
+    let error = CryptoError::InvalidKeyLength;
+    assert_eq!(error.to_string(), "Invalid key length");
+
+    let error = CryptoError::EncryptionFailed("test error".to_string());
+    assert_eq!(error.to_string(), "Encryption failed: test error");
+
+    let error = CryptoError::KeypairNotFound("test_key".to_string());
+    assert_eq!(error.to_string(), "Keypair not found: test_key");
+}
--- a/vault/_archive/tests/rhai/basic_crypto.rhai
+++ b/vault/_archive/tests/rhai/basic_crypto.rhai
@@ -0,0 +1,83 @@
+// basic_crypto.rhai
+// Basic cryptographic operations test
+
+print("=== Testing Basic Cryptographic Operations ===");
+
+// Test symmetric encryption
+print("Testing symmetric encryption...");
+let key = generate_key();
+let message = "Hello, World!";
+
+let encrypted = encrypt(key, message);
+let decrypted = decrypt(key, encrypted);
+
+if decrypted != message {
+    throw "Symmetric encryption/decryption failed";
+}
+print("✓ Symmetric encryption works correctly");
+
+// Test keyspace creation
+print("Testing keyspace creation...");
+clear_session();
+
+let created = create_key_space("test_space", "secure_password");
+if !created {
+    throw "Failed to create keyspace";
+}
+print("✓ Keyspace created successfully");
+
+// Test keyspace selection
+print("Testing keyspace selection...");
+let selected = select_keyspace("test_space");
+if !selected {
+    throw "Failed to select keyspace";
+}
+print("✓ Keyspace selected successfully");
+
+// Test keypair creation
+print("Testing keypair creation...");
+let keypair_created = create_keypair("test_keypair");
+if !keypair_created {
+    throw "Failed to create keypair";
+}
+print("✓ Keypair created successfully");
+
+// Test keypair selection
+print("Testing keypair selection...");
+let keypair_selected = select_keypair("test_keypair");
+if !keypair_selected {
+    throw "Failed to select keypair";
+}
+print("✓ Keypair selected successfully");
+
+// Test public key retrieval
+print("Testing public key retrieval...");
+let pub_key = keypair_pub_key();
+if pub_key == "" {
+    throw "Failed to get public key";
+}
+print("✓ Public key retrieved: " + pub_key);
+
+// Test signing and verification
+print("Testing digital signatures...");
+let test_message = "This is a test message for signing";
+let signature = sign(test_message);
+
+if signature == "" {
+    throw "Failed to sign message";
+}
+
+let is_valid = verify(test_message, signature);
+if !is_valid {
+    throw "Signature verification failed";
+}
+print("✓ Digital signature works correctly");
+
+// Test with wrong message
+let wrong_valid = verify("Wrong message", signature);
+if wrong_valid {
+    throw "Signature should not be valid for wrong message";
+}
+print("✓ Signature correctly rejects wrong message");
+
+print("=== All basic crypto tests passed! ===");
--- a/vault/_archive/tests/rhai/keyspace_management.rhai
+++ b/vault/_archive/tests/rhai/keyspace_management.rhai
@@ -0,0 +1,122 @@
+// keyspace_management.rhai
+// Advanced keyspace and keypair management test
+
+print("=== Testing Keyspace Management ===");
+
+// Clear any existing session
+clear_session();
+
+// Test creating multiple keyspaces
+print("Creating multiple keyspaces...");
+let space1_created = create_key_space("personal", "personal_password");
+let space2_created = create_key_space("business", "business_password");
+let space3_created = create_key_space("testing", "testing_password");
+
+if !space1_created || !space2_created || !space3_created {
+    throw "Failed to create one or more keyspaces";
+}
+print("✓ Multiple keyspaces created successfully");
+
+// Test listing keyspaces
+print("Testing keyspace listing...");
+let spaces = list_keyspaces();
+if spaces.len() < 3 {
+    throw "Should have at least 3 keyspaces";
+}
+print("✓ Keyspaces listed: " + spaces.len() + " found");
+
+// Test working with personal keyspace
+print("Working with personal keyspace...");
+select_keyspace("personal");
+
+// Create multiple keypairs in personal space
+create_keypair("main_key");
+create_keypair("backup_key");
+create_keypair("signing_key");
+
+let personal_keypairs = list_keypairs();
+if personal_keypairs.len() != 3 {
+    throw "Personal keyspace should have 3 keypairs";
+}
+print("✓ Personal keyspace has " + personal_keypairs.len() + " keypairs");
+
+// Test working with business keyspace
+print("Working with business keyspace...");
+select_keyspace("business");
+
+// Create keypairs in business space
+create_keypair("company_key");
+create_keypair("contract_key");
+
+let business_keypairs = list_keypairs();
+if business_keypairs.len() != 2 {
+    throw "Business keyspace should have 2 keypairs";
+}
+print("✓ Business keyspace has " + business_keypairs.len() + " keypairs");
+
+// Test switching between keypairs
+print("Testing keypair switching...");
+select_keypair("company_key");
+let company_pubkey = keypair_pub_key();
+
+select_keypair("contract_key");
+let contract_pubkey = keypair_pub_key();
+
+if company_pubkey == contract_pubkey {
+    throw "Different keypairs should have different public keys";
+}
+print("✓ Keypair switching works correctly");
+
+// Test signing with different keypairs
+print("Testing signatures with different keypairs...");
+let message = "Business contract data";
+
+select_keypair("company_key");
+let company_signature = sign(message);
+
+select_keypair("contract_key");
+let contract_signature = sign(message);
+
+if company_signature == contract_signature {
+    throw "Different keypairs should produce different signatures";
+}
+print("✓ Different keypairs produce different signatures");
+
+// Test cross-verification (should fail)
+select_keypair("company_key");
+let company_valid = verify(message, contract_signature);
+if company_valid {
+    throw "Company key should not verify contract key signature";
+}
+print("✓ Cross-verification correctly fails");
+
+// Test correct verification
+let correct_valid = verify(message, company_signature);
+if !correct_valid {
+    throw "Company key should verify its own signature";
+}
+print("✓ Self-verification works correctly");
+
+// Test session isolation
+print("Testing session isolation...");
+select_keyspace("testing");
+let testing_keypairs = list_keypairs();
+if testing_keypairs.len() != 0 {
+    throw "Testing keyspace should be empty";
+}
+print("✓ Keyspaces are properly isolated");
+
+// Test error handling
+print("Testing error handling...");
+let invalid_select = select_keyspace("non_existent");
+if invalid_select {
+    throw "Should not be able to select non-existent keyspace";
+}
+
+let invalid_keypair = select_keypair("non_existent");
+if invalid_keypair {
+    throw "Should not be able to select non-existent keypair";
+}
+print("✓ Error handling works correctly");
+
+print("=== All keyspace management tests passed! ===");
--- a/vault/_archive/tests/rhai_integration_tests.rs
+++ b/vault/_archive/tests/rhai_integration_tests.rs
@@ -0,0 +1,243 @@
+use rhai::{Engine, EvalAltResult};
+use sal_vault::rhai::*;
+use std::sync::Mutex;
+
+// NOTE: These tests use global state (SESSION and KEYSPACE_REGISTRY) and are automatically
+// serialized using a global mutex to prevent test interference during parallel execution.
+
+// Global test mutex to ensure tests run sequentially
+static TEST_MUTEX: Mutex<()> = Mutex::new(());
+
+#[cfg(test)]
+mod rhai_integration_tests {
+    use super::*;
+
+    fn create_test_engine() -> Engine {
+        let mut engine = Engine::new();
+        register_crypto_module(&mut engine).expect("Failed to register crypto module");
+        engine
+    }
+
+    #[test]
+    fn test_rhai_module_registration() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        // Test that the functions are registered by checking if they exist
+        let script = r#"
+            // Test that all crypto functions are available
+            let functions_exist = true;
+            
+            // We can't actually call these without proper setup, but we can verify they're registered
+            // by checking that the engine doesn't throw "function not found" errors
+            functions_exist
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_symmetric_encryption_functions() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test symmetric encryption functions
+            let key = generate_key();
+            let message = "Hello, World!";
+            
+            let encrypted = encrypt(key, message);
+            let decrypted = decrypt(key, encrypted);
+            
+            decrypted == message
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_keyspace_functions() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test keyspace functions
+            clear_session();
+            
+            let created = create_key_space("test_space", "password123");
+            if !created {
+                throw "Failed to create key space";
+            }
+            
+            let selected = select_keyspace("test_space");
+            if !selected {
+                throw "Failed to select keyspace";
+            }
+            
+            true
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_keypair_functions() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test keypair functions
+            clear_session();
+            
+            // Create and select keyspace
+            create_key_space("test_space", "password123");
+            select_keyspace("test_space");
+            
+            // Create keypair
+            let created = create_keypair("test_keypair");
+            if !created {
+                throw "Failed to create keypair";
+            }
+            
+            // Select keypair
+            let selected = select_keypair("test_keypair");
+            if !selected {
+                throw "Failed to select keypair";
+            }
+            
+            // Get public key
+            let pub_key = keypair_pub_key();
+            if pub_key == "" {
+                throw "Failed to get public key";
+            }
+            
+            true
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_signing_functions() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test signing and verification functions
+            clear_session();
+            
+            // Setup keyspace and keypair
+            create_key_space("test_space", "password123");
+            select_keyspace("test_space");
+            create_keypair("test_keypair");
+            select_keypair("test_keypair");
+            
+            // Test signing and verification
+            let message = "test message";
+            let signature = sign(message);
+            
+            if signature == "" {
+                throw "Failed to sign message";
+            }
+            
+            let is_valid = verify(message, signature);
+            if !is_valid {
+                throw "Signature verification failed";
+            }
+            
+            // Test with wrong message
+            let wrong_is_valid = verify("wrong message", signature);
+            if wrong_is_valid {
+                throw "Signature should not be valid for wrong message";
+            }
+            
+            true
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_session_management() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test session management
+            clear_session();
+            
+            // Create multiple keyspaces
+            create_key_space("space1", "password1");
+            create_key_space("space2", "password2");
+            
+            // Test listing keyspaces
+            let spaces = list_keyspaces();
+            let space_count = count_keyspaces();
+            if space_count < 2 {
+                throw "Should have at least 2 keyspaces";
+            }
+            
+            // Test selecting different keyspaces
+            select_keyspace("space1");
+            create_keypair("keypair1");
+            
+            select_keyspace("space2");
+            create_keypair("keypair2");
+            
+            // Test listing keypairs in current space
+            let keypairs = list_keypairs();
+            let keypair_count = count_keypairs();
+            if keypair_count != 1 {
+                throw "Should have exactly 1 keypair in space2";
+            }
+            
+            true
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        if let Err(ref e) = result {
+            println!("Script error: {}", e);
+        }
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+
+    #[test]
+    fn test_error_handling() {
+        let _guard = TEST_MUTEX.lock().unwrap();
+        let engine = create_test_engine();
+
+        let script = r#"
+            // Test error handling
+            clear_session();
+            
+            // Try to select non-existent keyspace
+            let selected = select_keyspace("non_existent");
+            if selected {
+                throw "Should not be able to select non-existent keyspace";
+            }
+            
+            // Try to create keypair without keyspace
+            let created = create_keypair("test_keypair");
+            if created {
+                throw "Should not be able to create keypair without keyspace";
+            }
+            
+            true
+        "#;
+
+        let result: Result<bool, Box<EvalAltResult>> = engine.eval(script);
+        assert!(result.is_ok());
+        assert_eq!(result.unwrap(), true);
+    }
+}