#![cfg(not(target_arch = "wasm32"))] //! Tests for vault keypair management and crypto operations use vault::{Vault, KeyType, KeyMetadata}; use kvstore::native::NativeStore; fn debug_log(msg: &str) { use std::fs::OpenOptions; use std::io::Write; let mut f = OpenOptions::new() .create(true) .append(true) .open("vault_crypto_debug.log") .unwrap(); writeln!(f, "{}", msg).unwrap(); } #[tokio::test] async fn test_keypair_management_and_crypto() { debug_log("[DEBUG][TEST] test_keypair_management_and_crypto started"); // Use NativeStore for native tests #[cfg(not(target_arch = "wasm32"))] let store = NativeStore::open("vault_native_test").expect("Failed to open native store"); #[cfg(not(target_arch = "wasm32"))] let mut vault = Vault::new(store); #[cfg(target_arch = "wasm32")] compile_error!("This test is not intended for wasm32 targets"); let keyspace = &format!("testspace_{}", chrono::Utc::now().timestamp_nanos()); let password = b"supersecret"; debug_log(&format!("[DEBUG][TEST] keyspace: {} password: {}", keyspace, hex::encode(password))); debug_log("[DEBUG][TEST] before create_keyspace"); vault.create_keyspace(keyspace, password, "pbkdf2", "chacha20poly1305", None).await.unwrap(); debug_log(&format!("[DEBUG][TEST] after create_keyspace: keyspace={} password={}", keyspace, hex::encode(password))); debug_log("[DEBUG][TEST] before add Ed25519 keypair"); let key_id = vault.add_keypair(keyspace, password, KeyType::Ed25519, Some(KeyMetadata { name: Some("edkey".into()), created_at: None, tags: None })).await; match &key_id { Ok(_) => debug_log("[DEBUG][TEST] after add Ed25519 keypair (Ok)"), Err(e) => debug_log(&format!("[DEBUG][TEST] after add Ed25519 keypair (Err): {:?}", e)), } let key_id = key_id.unwrap(); debug_log("[DEBUG][TEST] before add secp256k1 keypair"); let secp_id = vault.add_keypair(keyspace, password, KeyType::Secp256k1, Some(KeyMetadata { name: Some("secpkey".into()), created_at: None, tags: None })).await.unwrap(); debug_log("[DEBUG][TEST] before list_keypairs"); let keys = vault.list_keypairs(keyspace, password).await.unwrap(); assert_eq!(keys.len(), 2); debug_log("[DEBUG][TEST] before export Ed25519 keypair"); let (priv_bytes, pub_bytes) = vault.export_keypair(keyspace, password, &key_id).await.unwrap(); assert!(!priv_bytes.is_empty() && !pub_bytes.is_empty()); debug_log("[DEBUG][TEST] before sign Ed25519"); let msg = b"hello world"; let sig = vault.sign(keyspace, password, &key_id, msg).await.unwrap(); debug_log("[DEBUG][TEST] before verify Ed25519"); let ok = vault.verify(keyspace, password, &key_id, msg, &sig).await.unwrap(); assert!(ok); debug_log("[DEBUG][TEST] before sign secp256k1"); let sig2 = vault.sign(keyspace, password, &secp_id, msg).await.unwrap(); debug_log("[DEBUG][TEST] before verify secp256k1"); let ok2 = vault.verify(keyspace, password, &secp_id, msg, &sig2).await.unwrap(); assert!(ok2); // Encrypt and decrypt let ciphertext = vault.encrypt(keyspace, password, msg).await.unwrap(); let plaintext = vault.decrypt(keyspace, password, &ciphertext).await.unwrap(); assert_eq!(plaintext, msg); // Remove a keypair vault.remove_keypair(keyspace, password, &key_id).await.unwrap(); let keys = vault.list_keypairs(keyspace, password).await.unwrap(); assert_eq!(keys.len(), 1); }