samehabouelsaad/sal-modular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7d7f94f114
sal-modular/vault
History
Sameh Abouelsaad 7d7f94f114 Feat: add vault module
2025-05-15 15:29:47 +03:00
..
src Feat: add vault module 2025-05-15 15:29:47 +03:00
tests Feat: add vault module 2025-05-15 15:29:47 +03:00
vault_native_test Feat: add vault module 2025-05-15 15:29:47 +03:00
Cargo.toml Feat: add vault module 2025-05-15 15:29:47 +03:00
README.md Feat: add vault module 2025-05-15 15:29:47 +03:00
vault_crypto_debug.log Feat: add vault module 2025-05-15 15:29:47 +03:00

README.md

vault: Cryptographic Vault for Native and WASM

vault provides a secure, async, and cross-platform cryptographic key management system. It leverages the kvstore crate for persistent storage and supports both native (desktop/server) and WASM (browser) environments.

Features

  • Keyspace management: Create, unlock, and manage encrypted keyspaces.
  • Keypair operations: Add, remove, list, export, and use keypairs for signing and verification.
  • End-to-end encryption: All key material is encrypted at rest using modern ciphers (ChaCha20Poly1305, AES-GCM).
  • Async API: All operations are async and runtime-agnostic.
  • Cross-platform: Native uses sled via kvstore::native::NativeStore, WASM uses IndexedDB via kvstore::wasm::WasmStore.
  • Pluggable logging: Uses the standard log crate for logging, with recommended backends for native (env_logger) and WASM (console_log).

Logging Best Practices

This crate uses the log crate for all logging. To see logs in your application or tests, you must initialize a logger:

  • Native (desktop/server):
    • Add env_logger as a dev-dependency.
    • Initialize in your main or test: 
      let _ = env_logger::builder().is_test(true).try_init();
  • WASM (browser):
    • Add console_log as a dev-dependency.
    • Initialize in your main or test: 
      console_log::init_with_level(log::Level::Debug).expect("error initializing logger");

Then use logging macros (log::debug!, log::info!, log::warn!, log::error!) throughout your code and tests.

Usage Example

use vault::{Vault, KeyType, KeyMetadata};
use kvstore::native::NativeStore;

#[tokio::main]
async fn main() {
    let store = NativeStore::open("/tmp/vaultdb").unwrap();
    let mut vault = Vault::new(store);
    let keyspace = "myspace";
    let password = b"secret";
    vault.create_keyspace(keyspace, password, "pbkdf2", "chacha20poly1305", None).await.unwrap();
    let key_id = vault.add_keypair(keyspace, password, KeyType::Ed25519, None).await.unwrap();
    println!("Created keypair: {}", key_id);
}

For WASM/browser, use kvstore::wasm::WasmStore and initialize logging with console_log.

Testing

Native

cargo test -p vault --features native

WASM

wasm-pack test --headless --firefox

Security Notes

  • All cryptographic operations use vetted RustCrypto crates.
  • Password-based key derivation uses PBKDF2 by default (10,000 iterations).
  • All sensitive data is encrypted before storage.

License

MIT OR Apache-2.0