samehabouelsaad/sal-modular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b0b6359be1
sal-modular/vault/README.md
Sameh Abouelsaad cea2d7e655 feat: Refactor kvstore and vault to use features and logging 
- Remove hardcoded dependencies in kvstore Cargo.toml; use features
  instead. This allows for more flexible compilation for different
  targets (native vs. WASM).
- Improve logging in vault crate using the `log` crate. This makes
  debugging easier and provides more informative output during
  execution.  Native tests use `env_logger`, WASM tests use
  `console_log`.
- Update README to reflect new logging best practices.
- Add cfg attributes to native and wasm modules to improve clarity.
- Update traits.rs to specify Send + Sync behavior expectations.
2025-05-15 16:42:19 +03:00

69 lines
2.6 KiB
Markdown
Raw Blame History

# vault: Cryptographic Vault for Native and WASM
`vault` provides a secure, async, and cross-platform cryptographic key management system. It leverages the `kvstore` crate for persistent storage and supports both native (desktop/server) and WASM (browser) environments.
## Features
- **Keyspace management**: Create, unlock, and manage encrypted keyspaces.
- **Keypair operations**: Add, remove, list, export, and use keypairs for signing and verification.
- **End-to-end encryption**: All key material is encrypted at rest using modern ciphers (ChaCha20Poly1305, AES-GCM).
- **Async API**: All operations are async and runtime-agnostic.
- **Cross-platform**: Native uses `sled` via `kvstore::native::NativeStore`, WASM uses IndexedDB via `kvstore::wasm::WasmStore`.
- **Pluggable logging**: Uses the standard `log` crate for logging, with recommended backends for native (`env_logger`) and WASM (`console_log`).
## Logging Best Practices
This crate uses the [`log`](https://docs.rs/log) crate for logging. For native tests, use [`env_logger`](https://docs.rs/env_logger); for WASM tests, use [`console_log`](https://docs.rs/console_log).
- Native (in tests):
```rust
let _ = env_logger::builder().is_test(true).try_init();
log::info!("test started");
```
- WASM (in tests):
```rust
console_log::init_with_level(log::Level::Debug).expect("error initializing logger");
log::debug!("wasm test started");
```
Use `log::debug!`, `log::info!`, `log::error!`, etc., throughout the codebase for consistent and idiomatic logging. Do not prefix messages with [DEBUG], [ERROR], etc. The log level is handled by the logger.
## Usage Example
```rust
use vault::{Vault, KeyType, KeyMetadata};
use kvstore::native::NativeStore;
#[tokio::main]
async fn main() {
let store = NativeStore::open("/tmp/vaultdb").unwrap();
let mut vault = Vault::new(store);
let keyspace = "myspace";
let password = b"secret";
vault.create_keyspace(keyspace, password, "pbkdf2", "chacha20poly1305", None).await.unwrap();
let key_id = vault.add_keypair(keyspace, password, KeyType::Ed25519, None).await.unwrap();
println!("Created keypair: {}", key_id);
}
```
For WASM/browser, use `kvstore::wasm::WasmStore` and initialize logging with `console_log`.
## Testing
### Native
```sh
cargo test -p vault --features native
```
### WASM
```sh
wasm-pack test --headless --firefox
```
## Security Notes
- All cryptographic operations use vetted RustCrypto crates.
- Password-based key derivation uses PBKDF2 by default (10,000 iterations).
- All sensitive data is encrypted before storage.
## License
MIT OR Apache-2.0
Reference in New Issue View Git Blame Copy Permalink