feat: Refactor kvstore and vault to use features and logging
- Remove hardcoded dependencies in kvstore Cargo.toml; use features instead. This allows for more flexible compilation for different targets (native vs. WASM). - Improve logging in vault crate using the `log` crate. This makes debugging easier and provides more informative output during execution. Native tests use `env_logger`, WASM tests use `console_log`. - Update README to reflect new logging best practices. - Add cfg attributes to native and wasm modules to improve clarity. - Update traits.rs to specify Send + Sync behavior expectations.
This commit is contained in:
@@ -18,7 +18,10 @@ chacha20poly1305 = "0.10"
|
||||
k256 = { version = "0.13", features = ["ecdsa"] }
|
||||
ed25519-dalek = "2.1"
|
||||
rand_core = "0.6"
|
||||
log = "0.4"
|
||||
thiserror = "1"
|
||||
env_logger = "0.11"
|
||||
console_log = "1"
|
||||
serde = { version = "1", features = ["derive"] }
|
||||
serde_json = "1.0"
|
||||
hex = "0.4"
|
||||
|
||||
@@ -12,22 +12,20 @@
|
||||
|
||||
## Logging Best Practices
|
||||
|
||||
This crate uses the [`log`](https://docs.rs/log) crate for all logging. To see logs in your application or tests, you must initialize a logger:
|
||||
This crate uses the [`log`](https://docs.rs/log) crate for logging. For native tests, use [`env_logger`](https://docs.rs/env_logger); for WASM tests, use [`console_log`](https://docs.rs/console_log).
|
||||
|
||||
- **Native (desktop/server):**
|
||||
- Add `env_logger` as a dev-dependency.
|
||||
- Initialize in your main or test:
|
||||
```rust
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
```
|
||||
- **WASM (browser):**
|
||||
- Add `console_log` as a dev-dependency.
|
||||
- Initialize in your main or test:
|
||||
```rust
|
||||
console_log::init_with_level(log::Level::Debug).expect("error initializing logger");
|
||||
```
|
||||
- Native (in tests):
|
||||
```rust
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
log::info!("test started");
|
||||
```
|
||||
- WASM (in tests):
|
||||
```rust
|
||||
console_log::init_with_level(log::Level::Debug).expect("error initializing logger");
|
||||
log::debug!("wasm test started");
|
||||
```
|
||||
|
||||
Then use logging macros (`log::debug!`, `log::info!`, `log::warn!`, `log::error!`) throughout your code and tests.
|
||||
Use `log::debug!`, `log::info!`, `log::error!`, etc., throughout the codebase for consistent and idiomatic logging. Do not prefix messages with [DEBUG], [ERROR], etc. The log level is handled by the logger.
|
||||
|
||||
## Usage Example
|
||||
|
||||
|
||||
157
vault/src/lib.rs
157
vault/src/lib.rs
@@ -18,22 +18,7 @@ use crate::crypto::random_salt;
|
||||
use crate::crypto::cipher::{encrypt_chacha20, decrypt_chacha20, encrypt_aes_gcm, decrypt_aes_gcm};
|
||||
use signature::SignatureEncoding;
|
||||
// TEMP: File-based debug logger for crypto troubleshooting
|
||||
#[cfg(not(target_arch = "wasm32"))]
|
||||
fn debug_log(msg: &str) {
|
||||
use std::fs::OpenOptions;
|
||||
use std::io::Write;
|
||||
let mut f = OpenOptions::new()
|
||||
.create(true)
|
||||
.append(true)
|
||||
.open("/tmp/vault_crypto_debug.log")
|
||||
.unwrap();
|
||||
writeln!(f, "{}", msg).unwrap();
|
||||
}
|
||||
|
||||
#[cfg(target_arch = "wasm32")]
|
||||
fn debug_log(_msg: &str) {
|
||||
// No-op in WASM
|
||||
}
|
||||
use log::{debug, info, error};
|
||||
|
||||
/// Vault: Cryptographic keyspace and operations
|
||||
pub struct Vault<S: KVStore> {
|
||||
@@ -46,30 +31,30 @@ fn encrypt_with_nonce_prepended(key: &[u8], plaintext: &[u8], cipher: &str) -> R
|
||||
use crate::crypto::random_salt;
|
||||
use crate::crypto;
|
||||
let nonce = random_salt(12);
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] nonce: {}", hex::encode(&nonce)));
|
||||
debug!("nonce: {}", hex::encode(&nonce));
|
||||
let (ct, _key_hex) = match cipher {
|
||||
"chacha20poly1305" => {
|
||||
let ct = encrypt_chacha20(key, plaintext, &nonce)
|
||||
.map_err(|e| VaultError::Crypto(e))?;
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] ct: {}", hex::encode(&ct)));
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] key: {}", hex::encode(key)));
|
||||
debug!("ct: {}", hex::encode(&ct));
|
||||
debug!("key: {}", hex::encode(key));
|
||||
(ct, hex::encode(key))
|
||||
},
|
||||
"aes-gcm" => {
|
||||
let ct = encrypt_aes_gcm(key, plaintext, &nonce)
|
||||
.map_err(|e| VaultError::Crypto(e))?;
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] ct: {}", hex::encode(&ct)));
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] key: {}", hex::encode(key)));
|
||||
debug!("ct: {}", hex::encode(&ct));
|
||||
debug!("key: {}", hex::encode(key));
|
||||
(ct, hex::encode(key))
|
||||
},
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] unsupported cipher: {}", cipher));
|
||||
debug!("unsupported cipher: {}", cipher);
|
||||
return Err(VaultError::Other(format!("Unsupported cipher: {cipher}")));
|
||||
}
|
||||
};
|
||||
let mut blob = nonce.clone();
|
||||
blob.extend_from_slice(&ct);
|
||||
debug_log(&format!("[DEBUG][ENCRYPT_HELPER] ENCRYPTED (nonce|ct): {}", hex::encode(&blob)));
|
||||
debug!("ENCRYPTED (nonce|ct): {}", hex::encode(&blob));
|
||||
Ok(blob)
|
||||
}
|
||||
|
||||
@@ -82,50 +67,50 @@ impl<S: KVStore> Vault<S> {
|
||||
pub async fn create_keyspace(&mut self, name: &str, password: &[u8], kdf: &str, cipher: &str, tags: Option<Vec<String>>) -> Result<(), VaultError> {
|
||||
// Check if keyspace already exists
|
||||
if self.storage.get(name).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?.is_some() {
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] ERROR: keyspace '{}' already exists", name));
|
||||
debug!("keyspace '{}' already exists", name);
|
||||
return Err(VaultError::Crypto("Keyspace already exists".to_string()));
|
||||
}
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] entry: name={}", name));
|
||||
debug!("entry: name={}", name);
|
||||
use crate::crypto::{random_salt, kdf};
|
||||
use crate::data::{KeyspaceMetadata, KeyspaceData};
|
||||
use serde_json;
|
||||
|
||||
// 1. Generate salt
|
||||
let salt = random_salt(16);
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] salt: {:?}", salt));
|
||||
debug!("salt: {:?}", salt);
|
||||
// 2. Derive key
|
||||
let key = match kdf {
|
||||
"scrypt" => match kdf::derive_key_scrypt(password, &salt, 32) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] kdf scrypt error: {}", e));
|
||||
debug!("kdf scrypt error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"pbkdf2" => kdf::derive_key_pbkdf2(password, &salt, 32, 10_000),
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] unsupported KDF: {}", kdf));
|
||||
debug!("unsupported KDF: {}", kdf);
|
||||
return Err(VaultError::Other(format!("Unsupported KDF: {kdf}")));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] derived key: {} bytes", key.len()));
|
||||
debug!("derived key: {} bytes", key.len());
|
||||
// 3. Prepare initial keyspace data
|
||||
let keyspace_data = KeyspaceData { keypairs: vec![] };
|
||||
let plaintext = match serde_json::to_vec(&keyspace_data) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] serde_json error: {}", e));
|
||||
debug!("serde_json error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] plaintext serialized: {} bytes", plaintext.len()));
|
||||
debug!("plaintext serialized: {} bytes", plaintext.len());
|
||||
// 4. Generate nonce (12 bytes for both ciphers)
|
||||
let nonce = random_salt(12);
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] nonce: {}", hex::encode(&nonce)));
|
||||
debug!("nonce: {}", hex::encode(&nonce));
|
||||
// 5. Encrypt
|
||||
let encrypted_blob = encrypt_with_nonce_prepended(&key, &plaintext, cipher)?;
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] encrypted_blob: {} bytes", encrypted_blob.len()));
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] encrypted_blob (hex): {}", hex::encode(&encrypted_blob)));
|
||||
debug!("encrypted_blob: {} bytes", encrypted_blob.len());
|
||||
debug!("encrypted_blob (hex): {}", hex::encode(&encrypted_blob));
|
||||
// 6. Compose metadata
|
||||
let metadata = KeyspaceMetadata {
|
||||
name: name.to_string(),
|
||||
@@ -140,12 +125,12 @@ impl<S: KVStore> Vault<S> {
|
||||
let meta_bytes = match serde_json::to_vec(&metadata) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][CREATE_KEYSPACE] serde_json metadata error: {}", e));
|
||||
debug!("serde_json metadata error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
self.storage.set(name, &meta_bytes).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
debug_log("[DEBUG][CREATE_KEYSPACE] success");
|
||||
debug!("success");
|
||||
Ok(())
|
||||
}
|
||||
|
||||
@@ -167,18 +152,15 @@ impl<S: KVStore> Vault<S> {
|
||||
|
||||
/// Unlock a keyspace by name and password, returning the decrypted data
|
||||
pub async fn unlock_keyspace(&self, name: &str, password: &[u8]) -> Result<KeyspaceData, VaultError> {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] entry: name={} password={}", name, hex::encode(password)));
|
||||
debug!("unlock_keyspace entry: name={}", name);
|
||||
use crate::crypto::{kdf};
|
||||
use serde_json;
|
||||
// 1. Fetch keyspace metadata
|
||||
let meta_bytes = self.storage.get(name).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] got meta_bytes: {}", meta_bytes.as_ref().map(|v| v.len()).unwrap_or(0)));
|
||||
let meta_bytes = meta_bytes.ok_or(VaultError::KeyspaceNotFound(name.to_string()))?;
|
||||
let metadata: KeyspaceMetadata = serde_json::from_slice(&meta_bytes).map_err(|e| VaultError::Serialization(e.to_string()))?;
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] metadata: kdf={} cipher={} salt={:?} encrypted_blob_len={}", metadata.kdf, metadata.cipher, metadata.salt, metadata.encrypted_blob.len()));
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] ENCRYPTED_BLOB (hex): {}", hex::encode(&metadata.encrypted_blob)));
|
||||
if metadata.salt.len() != 16 {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] ERROR: salt length {} != 16", metadata.salt.len()));
|
||||
debug!("salt length {} != 16", metadata.salt.len());
|
||||
return Err(VaultError::Crypto("Salt length must be 16 bytes".to_string()));
|
||||
}
|
||||
// 2. Derive key
|
||||
@@ -186,57 +168,57 @@ impl<S: KVStore> Vault<S> {
|
||||
"scrypt" => match kdf::derive_key_scrypt(password, &metadata.salt, 32) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] kdf scrypt error: {}", e));
|
||||
debug!("kdf scrypt error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"pbkdf2" => kdf::derive_key_pbkdf2(password, &metadata.salt, 32, 10_000),
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] unsupported KDF: {}", metadata.kdf));
|
||||
debug!("unsupported KDF: {}", metadata.kdf);
|
||||
return Err(VaultError::Other(format!("Unsupported KDF: {}", metadata.kdf)));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] derived key: {} bytes", key.len()));
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] derived key (hex): {}", hex::encode(&key)));
|
||||
debug!("derived key: {} bytes", key.len());
|
||||
debug!("derived key (hex): {}", hex::encode(&key));
|
||||
// 3. Split nonce and ciphertext
|
||||
let ciphertext = &metadata.encrypted_blob;
|
||||
if ciphertext.len() < 12 {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] ciphertext too short: {}", ciphertext.len()));
|
||||
debug!("ciphertext too short: {}", ciphertext.len());
|
||||
return Err(VaultError::Crypto("Ciphertext too short".to_string()));
|
||||
}
|
||||
let (nonce, ct) = ciphertext.split_at(12);
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] nonce: {} ct: {}", hex::encode(nonce), hex::encode(ct)));
|
||||
debug!("nonce: {}", hex::encode(nonce));
|
||||
// 4. Decrypt
|
||||
let plaintext = match metadata.cipher.as_str() {
|
||||
"chacha20poly1305" => match decrypt_chacha20(&key, ct, nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] chacha20poly1305 error: {}", e));
|
||||
debug!("chacha20poly1305 error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"aes-gcm" => match decrypt_aes_gcm(&key, ct, nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] aes-gcm error: {}", e));
|
||||
debug!("aes-gcm error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] unsupported cipher: {}", metadata.cipher));
|
||||
debug!("unsupported cipher: {}", metadata.cipher);
|
||||
return Err(VaultError::Other(format!("Unsupported cipher: {}", metadata.cipher)));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] plaintext decrypted: {} bytes", plaintext.len()));
|
||||
debug!("plaintext decrypted: {} bytes", plaintext.len());
|
||||
// 4. Deserialize keyspace data
|
||||
let keyspace_data: KeyspaceData = match serde_json::from_slice(&plaintext) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][UNLOCK_KEYSPACE] serde_json data error: {}", e));
|
||||
debug!("serde_json data error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
debug_log("[DEBUG][UNLOCK_KEYSPACE] success");
|
||||
debug!("success");
|
||||
Ok(keyspace_data)
|
||||
}
|
||||
|
||||
@@ -316,17 +298,17 @@ impl<S: KVStore> Vault<S> {
|
||||
|
||||
/// Save the updated keyspace data (helper)
|
||||
async fn save_keyspace(&mut self, keyspace: &str, password: &[u8], data: &KeyspaceData) -> Result<(), VaultError> {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] entry: keyspace={} password={}", keyspace, hex::encode(password)));
|
||||
debug!("save_keyspace entry: keyspace={}", keyspace);
|
||||
use crate::crypto::kdf;
|
||||
use serde_json;
|
||||
// 1. Fetch metadata
|
||||
let meta_bytes = self.storage.get(keyspace).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] got meta_bytes: {}", meta_bytes.as_ref().map(|v| v.len()).unwrap_or(0)));
|
||||
debug!("got meta_bytes: {}", meta_bytes.as_ref().map(|v| v.len()).unwrap_or(0));
|
||||
let meta_bytes = meta_bytes.ok_or(VaultError::KeyspaceNotFound(keyspace.to_string()))?;
|
||||
let mut metadata: KeyspaceMetadata = serde_json::from_slice(&meta_bytes).map_err(|e| VaultError::Serialization(e.to_string()))?;
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] metadata: kdf={} cipher={} salt={:?}", metadata.kdf, metadata.cipher, metadata.salt));
|
||||
debug!("metadata: kdf={} cipher={} salt={:?}", metadata.kdf, metadata.cipher, metadata.salt);
|
||||
if metadata.salt.len() != 16 {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] ERROR: salt length {} != 16", metadata.salt.len()));
|
||||
debug!("salt length {} != 16", metadata.salt.len());
|
||||
return Err(VaultError::Crypto("Salt length must be 16 bytes".to_string()));
|
||||
}
|
||||
// 2. Derive key
|
||||
@@ -334,43 +316,43 @@ impl<S: KVStore> Vault<S> {
|
||||
"scrypt" => match kdf::derive_key_scrypt(password, &metadata.salt, 32) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] kdf scrypt error: {}", e));
|
||||
debug!("kdf scrypt error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"pbkdf2" => kdf::derive_key_pbkdf2(password, &metadata.salt, 32, 10_000),
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] unsupported KDF: {}", metadata.kdf));
|
||||
debug!("unsupported KDF: {}", metadata.kdf);
|
||||
return Err(VaultError::Other(format!("Unsupported KDF: {}", metadata.kdf)));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] derived key: {} bytes", key.len()));
|
||||
debug!("derived key: {} bytes", key.len());
|
||||
// 3. Serialize plaintext
|
||||
let plaintext = match serde_json::to_vec(data) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] serde_json data error: {}", e));
|
||||
debug!("serde_json data error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] plaintext serialized: {} bytes", plaintext.len()));
|
||||
debug!("plaintext serialized: {} bytes", plaintext.len());
|
||||
// 4. Generate nonce
|
||||
let nonce = random_salt(12);
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] nonce: {}", hex::encode(&nonce)));
|
||||
debug!("nonce: {}", hex::encode(&nonce));
|
||||
// 5. Encrypt
|
||||
let encrypted_blob = encrypt_with_nonce_prepended(&key, &plaintext, &metadata.cipher)?;
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] encrypted_blob: {} bytes", encrypted_blob.len()));
|
||||
debug!("encrypted_blob: {} bytes", encrypted_blob.len());
|
||||
// 6. Store new encrypted blob
|
||||
metadata.encrypted_blob = encrypted_blob;
|
||||
let meta_bytes = match serde_json::to_vec(&metadata) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][SAVE_KEYSPACE] serde_json metadata error: {}", e));
|
||||
debug!("serde_json metadata error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
self.storage.set(keyspace, &meta_bytes).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
debug_log("[DEBUG][SAVE_KEYSPACE] success");
|
||||
debug!("success");
|
||||
Ok(())
|
||||
}
|
||||
|
||||
@@ -433,62 +415,62 @@ impl<S: KVStore> Vault<S> {
|
||||
/// Encrypt a message using the keyspace symmetric cipher
|
||||
/// (for simplicity, uses keyspace password-derived key)
|
||||
pub async fn encrypt(&self, keyspace: &str, password: &[u8], plaintext: &[u8]) -> Result<Vec<u8>, VaultError> {
|
||||
debug_log("[DEBUG][ENTER] encrypt");
|
||||
debug_log(&format!("[DEBUG][encrypt] keyspace={}", keyspace));
|
||||
debug!("encrypt");
|
||||
debug!("keyspace={}", keyspace);
|
||||
use crate::crypto::{kdf};
|
||||
// 1. Load keyspace metadata
|
||||
let meta_bytes = self.storage.get(keyspace).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
let meta_bytes = match meta_bytes {
|
||||
Some(val) => val,
|
||||
None => {
|
||||
debug_log("[DEBUG][ERR] encrypt: keyspace not found");
|
||||
debug!("keyspace not found");
|
||||
return Err(VaultError::Other("Keyspace not found".to_string()));
|
||||
}
|
||||
};
|
||||
let meta: KeyspaceMetadata = match serde_json::from_slice(&meta_bytes) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: serialization error: {}", e));
|
||||
debug!("serialization error: {}", e);
|
||||
return Err(VaultError::Serialization(e.to_string()));
|
||||
}
|
||||
};
|
||||
debug_log(&format!("[DEBUG][encrypt] salt={:?} cipher={} (hex salt: {})", meta.salt, meta.cipher, hex::encode(&meta.salt)));
|
||||
debug!("salt={:?} cipher={} (hex salt: {})", meta.salt, meta.cipher, hex::encode(&meta.salt));
|
||||
// 2. Derive key
|
||||
let key = match meta.kdf.as_str() {
|
||||
"scrypt" => match kdf::derive_key_scrypt(password, &meta.salt, 32) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: kdf scrypt error: {}", e));
|
||||
debug!("kdf scrypt error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"pbkdf2" => kdf::derive_key_pbkdf2(password, &meta.salt, 32, 10_000),
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: unsupported KDF: {}", meta.kdf));
|
||||
debug!("unsupported KDF: {}", meta.kdf);
|
||||
return Err(VaultError::Other(format!("Unsupported KDF: {}", meta.kdf)));
|
||||
}
|
||||
};
|
||||
// 3. Generate nonce
|
||||
let nonce = random_salt(12);
|
||||
debug_log(&format!("[DEBUG][encrypt] nonce={:?} (hex nonce: {})", nonce, hex::encode(&nonce)));
|
||||
debug!("nonce={:?} (hex nonce: {})", nonce, hex::encode(&nonce));
|
||||
// 4. Encrypt
|
||||
let ciphertext = match meta.cipher.as_str() {
|
||||
"chacha20poly1305" => match encrypt_chacha20(&key, plaintext, &nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: chacha20poly1305 error: {}", e));
|
||||
debug!("chacha20poly1305 error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"aes-gcm" => match encrypt_aes_gcm(&key, plaintext, &nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: aes-gcm error: {}", e));
|
||||
debug!("aes-gcm error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][ERR] encrypt: unsupported cipher: {}", meta.cipher));
|
||||
debug!("unsupported cipher: {}", meta.cipher);
|
||||
return Err(VaultError::Other(format!("Unsupported cipher: {}", meta.cipher)));
|
||||
}
|
||||
};
|
||||
@@ -501,58 +483,57 @@ pub async fn encrypt(&self, keyspace: &str, password: &[u8], plaintext: &[u8]) -
|
||||
/// Decrypt a message using the keyspace symmetric cipher
|
||||
/// (for simplicity, uses keyspace password-derived key)
|
||||
pub async fn decrypt(&self, keyspace: &str, password: &[u8], ciphertext: &[u8]) -> Result<Vec<u8>, VaultError> {
|
||||
debug_log("[DEBUG][ENTER] decrypt");
|
||||
debug_log(&format!("[DEBUG][decrypt] keyspace={}", keyspace));
|
||||
debug!("decrypt");
|
||||
debug!("keyspace={}", keyspace);
|
||||
use crate::crypto::{kdf};
|
||||
// 1. Fetch metadata
|
||||
let meta_bytes = self.storage.get(keyspace).await.map_err(|e| VaultError::Storage(format!("{e:?}")))?;
|
||||
let meta_bytes = meta_bytes.ok_or(VaultError::KeyspaceNotFound(keyspace.to_string()))?;
|
||||
let metadata: KeyspaceMetadata = serde_json::from_slice(&meta_bytes).map_err(|e| VaultError::Serialization(e.to_string()))?;
|
||||
debug_log(&format!("[DEBUG][decrypt] salt={:?} cipher={} (hex salt: {})", metadata.salt, metadata.cipher, hex::encode(&metadata.salt)));
|
||||
debug!("salt={:?} cipher={} (hex salt: {})", metadata.salt, metadata.cipher, hex::encode(&metadata.salt));
|
||||
// 2. Derive key
|
||||
let key = match metadata.kdf.as_str() {
|
||||
"scrypt" => match kdf::derive_key_scrypt(password, &metadata.salt, 32) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: storage error: {:?}", e));
|
||||
debug!("storage error: {:?}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"pbkdf2" => kdf::derive_key_pbkdf2(password, &metadata.salt, 32, 10_000),
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: unsupported KDF: {}", metadata.kdf));
|
||||
debug!("unsupported KDF: {}", metadata.kdf);
|
||||
return Err(VaultError::Other(format!("Unsupported KDF: {}", metadata.kdf)));
|
||||
}
|
||||
};
|
||||
// 3. Split nonce and ciphertext
|
||||
if ciphertext.len() < 12 {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: ciphertext too short: {}", ciphertext.len()));
|
||||
debug!("ciphertext too short: {}", ciphertext.len());
|
||||
return Err(VaultError::Crypto("Ciphertext too short".to_string()));
|
||||
}
|
||||
let (nonce, ct) = ciphertext.split_at(12);
|
||||
debug_log(&format!("[DEBUG][decrypt] nonce={:?} (hex nonce: {})", nonce, hex::encode(nonce)));
|
||||
debug!("nonce={:?} (hex nonce: {})", nonce, hex::encode(nonce));
|
||||
// 4. Decrypt
|
||||
let plaintext = match metadata.cipher.as_str() {
|
||||
"chacha20poly1305" => match decrypt_chacha20(&key, ct, nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: chacha20poly1305 error: {}", e));
|
||||
debug!("chacha20poly1305 error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
"aes-gcm" => match decrypt_aes_gcm(&key, ct, nonce) {
|
||||
Ok(val) => val,
|
||||
Err(e) => {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: aes-gcm error: {}", e));
|
||||
debug!("aes-gcm error: {}", e);
|
||||
return Err(VaultError::Crypto(e));
|
||||
}
|
||||
},
|
||||
_ => {
|
||||
debug_log(&format!("[DEBUG][ERR] decrypt: unsupported cipher: {}", metadata.cipher));
|
||||
debug!("unsupported cipher: {}", metadata.cipher);
|
||||
return Err(VaultError::Other(format!("Unsupported cipher: {}", metadata.cipher)));
|
||||
}
|
||||
};
|
||||
Ok(plaintext)
|
||||
}
|
||||
|
||||
} // <-- Close the impl block
|
||||
|
||||
@@ -3,20 +3,12 @@
|
||||
use vault::{Vault, KeyType, KeyMetadata};
|
||||
use kvstore::native::NativeStore;
|
||||
|
||||
fn debug_log(msg: &str) {
|
||||
use std::fs::OpenOptions;
|
||||
use std::io::Write;
|
||||
let mut f = OpenOptions::new()
|
||||
.create(true)
|
||||
.append(true)
|
||||
.open("vault_crypto_debug.log")
|
||||
.unwrap();
|
||||
writeln!(f, "{}", msg).unwrap();
|
||||
}
|
||||
use log::{debug, info, error};
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_keypair_management_and_crypto() {
|
||||
debug_log("[DEBUG][TEST] test_keypair_management_and_crypto started");
|
||||
let _ = env_logger::builder().is_test(true).try_init();
|
||||
debug!("test_keypair_management_and_crypto started");
|
||||
// Use NativeStore for native tests
|
||||
#[cfg(not(target_arch = "wasm32"))]
|
||||
let store = NativeStore::open("vault_native_test").expect("Failed to open native store");
|
||||
@@ -27,39 +19,39 @@ async fn test_keypair_management_and_crypto() {
|
||||
let keyspace = &format!("testspace_{}", chrono::Utc::now().timestamp_nanos());
|
||||
let password = b"supersecret";
|
||||
|
||||
debug_log(&format!("[DEBUG][TEST] keyspace: {} password: {}", keyspace, hex::encode(password)));
|
||||
debug_log("[DEBUG][TEST] before create_keyspace");
|
||||
debug!("keyspace: {} password: {}", keyspace, hex::encode(password));
|
||||
debug!("before create_keyspace");
|
||||
vault.create_keyspace(keyspace, password, "pbkdf2", "chacha20poly1305", None).await.unwrap();
|
||||
|
||||
debug_log(&format!("[DEBUG][TEST] after create_keyspace: keyspace={} password={}", keyspace, hex::encode(password)));
|
||||
debug_log("[DEBUG][TEST] before add Ed25519 keypair");
|
||||
debug!("after create_keyspace: keyspace={} password={}", keyspace, hex::encode(password));
|
||||
debug!("before add Ed25519 keypair");
|
||||
let key_id = vault.add_keypair(keyspace, password, KeyType::Ed25519, Some(KeyMetadata { name: Some("edkey".into()), created_at: None, tags: None })).await;
|
||||
match &key_id {
|
||||
Ok(_) => debug_log("[DEBUG][TEST] after add Ed25519 keypair (Ok)"),
|
||||
Err(e) => debug_log(&format!("[DEBUG][TEST] after add Ed25519 keypair (Err): {:?}", e)),
|
||||
Ok(_) => debug!("after add Ed25519 keypair (Ok)"),
|
||||
Err(e) => debug!("after add Ed25519 keypair (Err): {:?}", e),
|
||||
}
|
||||
let key_id = key_id.unwrap();
|
||||
debug_log("[DEBUG][TEST] before add secp256k1 keypair");
|
||||
debug!("before add secp256k1 keypair");
|
||||
let secp_id = vault.add_keypair(keyspace, password, KeyType::Secp256k1, Some(KeyMetadata { name: Some("secpkey".into()), created_at: None, tags: None })).await.unwrap();
|
||||
|
||||
debug_log("[DEBUG][TEST] before list_keypairs");
|
||||
debug!("before list_keypairs");
|
||||
let keys = vault.list_keypairs(keyspace, password).await.unwrap();
|
||||
assert_eq!(keys.len(), 2);
|
||||
|
||||
debug_log("[DEBUG][TEST] before export Ed25519 keypair");
|
||||
debug!("before export Ed25519 keypair");
|
||||
let (priv_bytes, pub_bytes) = vault.export_keypair(keyspace, password, &key_id).await.unwrap();
|
||||
assert!(!priv_bytes.is_empty() && !pub_bytes.is_empty());
|
||||
|
||||
debug_log("[DEBUG][TEST] before sign Ed25519");
|
||||
debug!("before sign Ed25519");
|
||||
let msg = b"hello world";
|
||||
let sig = vault.sign(keyspace, password, &key_id, msg).await.unwrap();
|
||||
debug_log("[DEBUG][TEST] before verify Ed25519");
|
||||
debug!("before verify Ed25519");
|
||||
let ok = vault.verify(keyspace, password, &key_id, msg, &sig).await.unwrap();
|
||||
assert!(ok);
|
||||
|
||||
debug_log("[DEBUG][TEST] before sign secp256k1");
|
||||
debug!("before sign secp256k1");
|
||||
let sig2 = vault.sign(keyspace, password, &secp_id, msg).await.unwrap();
|
||||
debug_log("[DEBUG][TEST] before verify secp256k1");
|
||||
debug!("before verify secp256k1");
|
||||
let ok2 = vault.verify(keyspace, password, &secp_id, msg, &sig2).await.unwrap();
|
||||
assert!(ok2);
|
||||
|
||||
|
||||
@@ -10,107 +10,108 @@ wasm_bindgen_test_configure!(run_in_browser);
|
||||
#[wasm_bindgen_test(async)]
|
||||
async fn wasm_test_keypair_management_and_crypto() {
|
||||
console_error_panic_hook::set_once();
|
||||
console_log::init_with_level(log::Level::Debug).expect("error initializing logger");
|
||||
let store = WasmStore::open("vault_idb_test").await.expect("Failed to open IndexedDB store");
|
||||
let mut vault = Vault::new(store);
|
||||
let keyspace = "wasmspace";
|
||||
let password = b"supersecret";
|
||||
println!("[DEBUG] Initialized vault and IndexedDB store");
|
||||
log::debug!("Initialized vault and IndexedDB store");
|
||||
|
||||
// Step 1: Create keyspace
|
||||
match vault.create_keyspace(keyspace, password, "pbkdf2", "chacha20poly1305", None).await {
|
||||
Ok(_) => println!("[DEBUG] Created keyspace"),
|
||||
Err(e) => { println!("[ERROR] Failed to create keyspace: {:?}", e); return; }
|
||||
Ok(_) => log::debug!("Created keyspace"),
|
||||
Err(e) => { log::debug!("Failed to create keyspace: {:?}", e); return; }
|
||||
}
|
||||
|
||||
// Step 2: Add Ed25519 keypair
|
||||
let key_id = match vault.add_keypair(keyspace, password, KeyType::Ed25519, Some(KeyMetadata { name: Some("edkey".into()), created_at: None, tags: None })).await {
|
||||
Ok(id) => { println!("[DEBUG] Added Ed25519 keypair: {}", id); id },
|
||||
Err(e) => { println!("[ERROR] Failed to add Ed25519 keypair: {:?}", e); return; }
|
||||
Ok(id) => { log::debug!("Added Ed25519 keypair: {}", id); id },
|
||||
Err(e) => { log::debug!("Failed to add Ed25519 keypair: {:?}", e); return; }
|
||||
};
|
||||
|
||||
// Step 3: Add Secp256k1 keypair
|
||||
let secp_id = match vault.add_keypair(keyspace, password, KeyType::Secp256k1, Some(KeyMetadata { name: Some("secpkey".into()), created_at: None, tags: None })).await {
|
||||
Ok(id) => { println!("[DEBUG] Added Secp256k1 keypair: {}", id); id },
|
||||
Err(e) => { println!("[ERROR] Failed to add Secp256k1 keypair: {:?}", e); return; }
|
||||
Ok(id) => { log::debug!("Added Secp256k1 keypair: {}", id); id },
|
||||
Err(e) => { log::debug!("Failed to add Secp256k1 keypair: {:?}", e); return; }
|
||||
};
|
||||
|
||||
// Step 4: List keypairs
|
||||
let keys = match vault.list_keypairs(keyspace, password).await {
|
||||
Ok(keys) => { println!("[DEBUG] Listed keypairs: {:?}", keys); keys },
|
||||
Err(e) => { println!("[ERROR] Failed to list keypairs: {:?}", e); return; }
|
||||
Ok(keys) => { log::debug!("Listed keypairs: {:?}", keys); keys },
|
||||
Err(e) => { log::debug!("Failed to list keypairs: {:?}", e); return; }
|
||||
};
|
||||
if keys.len() != 2 {
|
||||
println!("[ERROR] Expected 2 keypairs, got {}", keys.len());
|
||||
log::debug!("Expected 2 keypairs, got {}", keys.len());
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 5: Export Ed25519 keypair
|
||||
let (priv_bytes, pub_bytes) = match vault.export_keypair(keyspace, password, &key_id).await {
|
||||
Ok((priv_bytes, pub_bytes)) => {
|
||||
println!("[DEBUG] Exported Ed25519 keypair, priv: {} bytes, pub: {} bytes", priv_bytes.len(), pub_bytes.len());
|
||||
log::debug!("Exported Ed25519 keypair, priv: {} bytes, pub: {} bytes", priv_bytes.len(), pub_bytes.len());
|
||||
(priv_bytes, pub_bytes)
|
||||
},
|
||||
Err(e) => { println!("[ERROR] Failed to export Ed25519 keypair: {:?}", e); return; }
|
||||
Err(e) => { log::debug!("Failed to export Ed25519 keypair: {:?}", e); return; }
|
||||
};
|
||||
if priv_bytes.is_empty() || pub_bytes.is_empty() {
|
||||
println!("[ERROR] Exported Ed25519 keypair bytes are empty");
|
||||
log::debug!("Exported Ed25519 keypair bytes are empty");
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 6: Sign and verify with Ed25519
|
||||
let msg = b"hello wasm";
|
||||
let sig = match vault.sign(keyspace, password, &key_id, msg).await {
|
||||
Ok(sig) => { println!("[DEBUG] Signed message with Ed25519"); sig },
|
||||
Err(e) => { println!("[ERROR] Failed to sign with Ed25519: {:?}", e); return; }
|
||||
Ok(sig) => { log::debug!("Signed message with Ed25519"); sig },
|
||||
Err(e) => { log::debug!("Failed to sign with Ed25519: {:?}", e); return; }
|
||||
};
|
||||
let ok = match vault.verify(keyspace, password, &key_id, msg, &sig).await {
|
||||
Ok(ok) => { println!("[DEBUG] Verified Ed25519 signature: {}", ok); ok },
|
||||
Err(e) => { println!("[ERROR] Failed to verify Ed25519 signature: {:?}", e); return; }
|
||||
Ok(ok) => { log::debug!("Verified Ed25519 signature: {}", ok); ok },
|
||||
Err(e) => { log::debug!("Failed to verify Ed25519 signature: {:?}", e); return; }
|
||||
};
|
||||
if !ok {
|
||||
println!("[ERROR] Ed25519 signature verification failed");
|
||||
log::debug!("Ed25519 signature verification failed");
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 7: Sign and verify with Secp256k1
|
||||
let sig2 = match vault.sign(keyspace, password, &secp_id, msg).await {
|
||||
Ok(sig) => { println!("[DEBUG] Signed message with Secp256k1"); sig },
|
||||
Err(e) => { println!("[ERROR] Failed to sign with Secp256k1: {:?}", e); return; }
|
||||
Ok(sig) => { log::debug!("Signed message with Secp256k1"); sig },
|
||||
Err(e) => { log::debug!("Failed to sign with Secp256k1: {:?}", e); return; }
|
||||
};
|
||||
let ok2 = match vault.verify(keyspace, password, &secp_id, msg, &sig2).await {
|
||||
Ok(ok) => { println!("[DEBUG] Verified Secp256k1 signature: {}", ok); ok },
|
||||
Err(e) => { println!("[ERROR] Failed to verify Secp256k1 signature: {:?}", e); return; }
|
||||
Ok(ok) => { log::debug!("Verified Secp256k1 signature: {}", ok); ok },
|
||||
Err(e) => { log::debug!("Failed to verify Secp256k1 signature: {:?}", e); return; }
|
||||
};
|
||||
if !ok2 {
|
||||
println!("[ERROR] Secp256k1 signature verification failed");
|
||||
log::debug!("Secp256k1 signature verification failed");
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 8: Encrypt and decrypt
|
||||
let ciphertext = match vault.encrypt(keyspace, password, msg).await {
|
||||
Ok(ct) => { println!("[DEBUG] Encrypted message"); ct },
|
||||
Err(e) => { println!("[ERROR] Failed to encrypt message: {:?}", e); return; }
|
||||
Ok(ct) => { log::debug!("Encrypted message"); ct },
|
||||
Err(e) => { log::debug!("Failed to encrypt message: {:?}", e); return; }
|
||||
};
|
||||
let plaintext = match vault.decrypt(keyspace, password, &ciphertext).await {
|
||||
Ok(pt) => { println!("[DEBUG] Decrypted message"); pt },
|
||||
Err(e) => { println!("[ERROR] Failed to decrypt message: {:?}", e); return; }
|
||||
Ok(pt) => { log::debug!("Decrypted message"); pt },
|
||||
Err(e) => { log::debug!("Failed to decrypt message: {:?}", e); return; }
|
||||
};
|
||||
if plaintext != msg {
|
||||
println!("[ERROR] Decrypted message does not match original");
|
||||
log::debug!("Decrypted message does not match original");
|
||||
return;
|
||||
}
|
||||
|
||||
// Step 9: Remove Ed25519 keypair
|
||||
match vault.remove_keypair(keyspace, password, &key_id).await {
|
||||
Ok(_) => println!("[DEBUG] Removed Ed25519 keypair"),
|
||||
Err(e) => { println!("[ERROR] Failed to remove Ed25519 keypair: {:?}", e); return; }
|
||||
Ok(_) => log::debug!("Removed Ed25519 keypair"),
|
||||
Err(e) => { log::debug!("Failed to remove Ed25519 keypair: {:?}", e); return; }
|
||||
}
|
||||
let keys = match vault.list_keypairs(keyspace, password).await {
|
||||
Ok(keys) => { println!("[DEBUG] Listed keypairs after removal: {:?}", keys); keys },
|
||||
Err(e) => { println!("[ERROR] Failed to list keypairs after removal: {:?}", e); return; }
|
||||
Ok(keys) => { log::debug!("Listed keypairs after removal: {:?}", keys); keys },
|
||||
Err(e) => { log::debug!("Failed to list keypairs after removal: {:?}", e); return; }
|
||||
};
|
||||
if keys.len() != 1 {
|
||||
println!("[ERROR] Expected 1 keypair after removal, got {}", keys.len());
|
||||
log::debug!("Expected 1 keypair after removal, got {}", keys.len());
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,121 +0,0 @@
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Err): Crypto("decryption error: aead::Error")
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747303028801159410 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747303028801159410 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747303185421006752 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747303185421006752 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747303743371199079 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747303743371199079 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] before verify Ed25519
|
||||
[DEBUG][TEST] before sign secp256k1
|
||||
[DEBUG][TEST] before verify secp256k1
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747304555613901420 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747304555613901420 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] before verify Ed25519
|
||||
[DEBUG][TEST] before sign secp256k1
|
||||
[DEBUG][TEST] before verify secp256k1
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747310570021504019 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747310570021504019 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747310702751219893 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747310702751219893 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] before verify Ed25519
|
||||
[DEBUG][TEST] before sign secp256k1
|
||||
[DEBUG][TEST] before verify secp256k1
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747311247795239358 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747311247795239358 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] before verify Ed25519
|
||||
[DEBUG][TEST] before sign secp256k1
|
||||
[DEBUG][TEST] before verify secp256k1
|
||||
[DEBUG][TEST] test_keypair_management_and_crypto started
|
||||
[DEBUG][TEST] keyspace: testspace_1747311770351800477 password: 7375706572736563726574
|
||||
[DEBUG][TEST] before create_keyspace
|
||||
[DEBUG][TEST] after create_keyspace: keyspace=testspace_1747311770351800477 password=7375706572736563726574
|
||||
[DEBUG][TEST] before add Ed25519 keypair
|
||||
[DEBUG][TEST] after add Ed25519 keypair (Ok)
|
||||
[DEBUG][TEST] before add secp256k1 keypair
|
||||
[DEBUG][TEST] before list_keypairs
|
||||
[DEBUG][TEST] before export Ed25519 keypair
|
||||
[DEBUG][TEST] before sign Ed25519
|
||||
[DEBUG][TEST] before verify Ed25519
|
||||
[DEBUG][TEST] before sign secp256k1
|
||||
[DEBUG][TEST] before verify secp256k1
|
||||
Binary file not shown.
Binary file not shown.
BIN
vault/vault_native_test/snap.000000000000E741
Normal file
BIN
vault/vault_native_test/snap.000000000000E741
Normal file
Binary file not shown.
Reference in New Issue
Block a user