78 lines
2.9 KiB
Markdown
78 lines
2.9 KiB
Markdown
# WebAssembly Cryptography Module Scripts
|
|
|
|
This directory contains example scripts and documentation for the WebAssembly Cryptography Module's scripting and messaging capabilities.
|
|
|
|
## Directory Structure
|
|
|
|
- `rhai/`: Example Rhai scripts that demonstrate the cryptographic operations
|
|
- `examples/`: Documentation and code examples for messaging system integration
|
|
|
|
## Rhai Scripts
|
|
|
|
The `rhai/` directory contains example Rhai scripts that can be executed using the CLI:
|
|
|
|
```bash
|
|
hero-vault scripts/rhai/example.rhai
|
|
```
|
|
|
|
These scripts demonstrate how to use the cryptographic functions exposed to the Rhai scripting engine, including:
|
|
|
|
- Key space management
|
|
- Keypair operations
|
|
- Signing and verification
|
|
- Symmetric encryption and decryption
|
|
- Ethereum wallet operations
|
|
|
|
## Messaging Examples
|
|
|
|
The `examples/` directory contains documentation and code examples for integrating the WebAssembly Cryptography Module with messaging systems:
|
|
|
|
- `mycelium_example.md`: Example of using Mycelium for peer-to-peer, end-to-end encrypted messaging
|
|
- `nats_example.md`: Example of using NATS for high-performance, client-server messaging
|
|
|
|
These examples demonstrate how to:
|
|
|
|
1. Start a listener for remote script execution
|
|
2. Send scripts from remote systems
|
|
3. Process the results of script execution
|
|
4. Implement security measures for remote execution
|
|
|
|
## Creating Your Own Scripts
|
|
|
|
You can create your own Rhai scripts to automate cryptographic operations. The following functions are available in the scripting API:
|
|
|
|
### Key Space Management
|
|
|
|
- `create_key_space(name, password)`: Create a new key space with password
|
|
- `encrypt_key_space(password)`: Encrypt the current key space
|
|
- `decrypt_key_space(encrypted, password)`: Decrypt and load a key space
|
|
|
|
### Keypair Operations
|
|
|
|
- `create_keypair(name, password)`: Create a new keypair
|
|
- `select_keypair(name)`: Select a keypair for use
|
|
- `list_keypairs()`: List all keypairs in the current space
|
|
|
|
### Cryptographic Operations
|
|
|
|
- `sign(message)`: Sign a message with the selected keypair
|
|
- `verify(message, signature)`: Verify a signature
|
|
- `generate_key()`: Generate a symmetric key
|
|
- `encrypt(key, message)`: Encrypt a message with a symmetric key
|
|
- `decrypt(key, ciphertext)`: Decrypt a message with a symmetric key
|
|
|
|
### Ethereum Operations
|
|
|
|
- `create_ethereum_wallet()`: Create an Ethereum wallet
|
|
- `get_ethereum_address()`: Get the Ethereum address of the current wallet
|
|
|
|
## Security Considerations
|
|
|
|
When using scripts, especially with remote execution via messaging systems, consider the following security measures:
|
|
|
|
1. **Script Validation**: Validate scripts before execution to prevent malicious code
|
|
2. **Resource Limits**: Set appropriate limits on script execution to prevent denial of service
|
|
3. **Authentication**: Ensure that only authorized users or systems can execute scripts
|
|
4. **Sensitive Data**: Be careful about what data is returned in script results
|
|
5. **Encryption**: Use encrypted communication channels for remote script execution
|