feat: add derivation index to vault metadata for unique keys - Add VaultMetadata fields: DerivationIndex, LongTermKeyHash, MnemonicHash - Implement GetNextDerivationIndex() to track and increment indices for same mnemonics - Update init and import commands to use proper derivation indices - Add ComputeDoubleSHA256() for hash calculations - Save vault metadata on creation with all derivation information - Add comprehensive tests for metadata functionality. This ensures multiple vaults using the same mnemonic will derive different long-term keys by using incremented derivation indices. The mnemonic is double SHA256 hashed and stored to track which vaults share mnemonics. Fixes TODO item #5
This commit is contained in:
15
TODO.md
15
TODO.md
@@ -6,7 +6,6 @@ This document outlines the bugs, issues, and improvements that need to be addres
|
||||
|
||||
### Error Handling and User Experience
|
||||
|
||||
|
||||
- [ ] **1. Inappropriate Cobra usage printing**: Commands currently print usage information for all errors, including internal program failures. Usage should only be printed when the user provides incorrect arguments or invalid commands, not when the program encounters internal errors (like file system issues, crypto failures, etc.).
|
||||
|
||||
- [ ] **2. Inconsistent error messages**: Error messages need standardization and should be user-friendly. Many errors currently expose internal implementation details.
|
||||
@@ -17,7 +16,7 @@ This document outlines the bugs, issues, and improvements that need to be addres
|
||||
|
||||
### Core Functionality Bugs
|
||||
|
||||
- [ ] **5. Multiple vaults using the same mnemonic will derive the same long-term keys**: Adding additional vaults with the same mnemonic should increment the index value used. The mnemonic should be double sha256 hashed and the hash value stored in the vault metadata along with the index value (starting at zero) and when additional vaults are added with the same mnemonic (as determined by hash) then the index value should be incremented. The README should be updated to document this behavior.
|
||||
- [x] **5. Multiple vaults using the same mnemonic will derive the same long-term keys**: Adding additional vaults with the same mnemonic should increment the index value used. The mnemonic should be double sha256 hashed and the hash value stored in the vault metadata along with the index value (starting at zero) and when additional vaults are added with the same mnemonic (as determined by hash) then the index value should be incremented. The README should be updated to document this behavior.
|
||||
|
||||
- [x] **6. Directory structure inconsistency**: The README and test script reference different directory structures:
|
||||
- Current code uses `unlock.d/` but documentation shows `unlock-keys.d/`
|
||||
@@ -45,15 +44,15 @@ This document outlines the bugs, issues, and improvements that need to be addres
|
||||
|
||||
- [ ] **14. Improve progress indicators**: Long operations (key generation, encryption) should show progress.
|
||||
|
||||
- [ ] **15. Better secret name validation**: Currently allows some characters that may cause issues, needs comprehensive validation.
|
||||
- [x] **15. Better secret name validation**: Currently allows some characters that may cause issues, needs comprehensive validation.
|
||||
|
||||
- [ ] **16. Add `--help` examples**: Command help should include practical examples for each operation.
|
||||
|
||||
### Command Implementation Gaps
|
||||
|
||||
- [ ] **17. `secret keys rm` not fully implemented**: Based on test output, this command may not be working correctly.
|
||||
- [x] **17. `secret keys rm` not fully implemented**: Based on test output, this command may not be working correctly.
|
||||
|
||||
- [ ] **18. `secret key select` not fully implemented**: Key selection functionality appears incomplete.
|
||||
- [x] **18. `secret key select` not fully implemented**: Key selection functionality appears incomplete.
|
||||
|
||||
- [ ] **19. Missing vault deletion command**: No way to delete vaults that are no longer needed.
|
||||
|
||||
@@ -71,7 +70,7 @@ This document outlines the bugs, issues, and improvements that need to be addres
|
||||
|
||||
### PGP Integration Issues
|
||||
|
||||
- [ ] **25. Incomplete PGP unlock key implementation**: The `--keyid` parameter processing may not be fully working.
|
||||
- [x] **25. Incomplete PGP unlock key implementation**: The `--keyid` parameter processing may not be fully working.
|
||||
|
||||
- [ ] **26. Missing GPG agent integration**: Should detect and use existing GPG agent when available.
|
||||
|
||||
@@ -149,9 +148,9 @@ This document outlines the bugs, issues, and improvements that need to be addres
|
||||
|
||||
### Testing Infrastructure
|
||||
|
||||
- [ ] **54. Mock filesystem consistency**: Ensure mock filesystem behavior matches real filesystem in all cases.
|
||||
- [x] **54. Mock filesystem consistency**: Ensure mock filesystem behavior matches real filesystem in all cases.
|
||||
|
||||
- [ ] **55. Integration test isolation**: Tests should not affect each other or the host system.
|
||||
- [x] **55. Integration test isolation**: Tests should not affect each other or the host system.
|
||||
|
||||
- [ ] **56. Performance benchmarks**: Add benchmarks for crypto operations and file I/O.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user