Generated 2026-03-29 by punishing audit. Updated 2026-04-04 (CRG D→C blitz).
| Category | Count | Notes |
|---|---|---|
| Unit tests | 24 | Inline #[test] in source: attestation(4), content_store(4), delta(4), keys(4), metadata(3), obliteration(7), operations(4), transaction(3), lib(1) |
| P2P (Property) | 6 | crates/januskey-cli/tests/p2p_test.rs: content↔metadata, keys↔attestation, transaction↔operations roundtrips |
| E2E | 7 | crates/januskey-cli/tests/e2e_test.rs: full lifecycle, multi-key txns, delta chains, roundtrips, error cases |
| Aspect (Security) | 6 | crates/januskey-cli/tests/aspect_test.rs: obliteration unrecoverability, DoD compliance, proof generation, concurrent erasure |
| Concurrency | 5 | crates/januskey-cli/tests/concurrency_test.rs: concurrent key ops, transaction isolation, content store concurrency, race condition safety |
| Benchmarks | 8 | Criterion: hashing(6 sizes), content_store(3), obliteration(3), transactions(2), key_derivation(1), attestation(3), delta(2), metadata(2) |
Source modules: ~26 Rust source files across januskey crate
- Content↔metadata roundtrips with hash verification
- Key↔attestation linkage and entry creation
- Transaction↔operations grouping and consistency
- Deduplication verification (content-addressed storage)
- Attestation chain integrity (3-link verification)
- Full key lifecycle: generate → store → attest → retrieve
- Multi-key transaction: 3 keys, 3 operations, commit verification
- Delta chain: 3-version evolution with full history recovery
- Content store roundtrip: write → verify hash → read → delete → unrecoverable
- Deduplication across multiple keys (single physical copy)
- Error cases: nonexistent key reads, malformed JSON detection
- Obliteration unrecoverability: 3-pass DoD 5220.22-M overwrites verified, file deletion confirmed
- Revocation marking: Obliterated keys marked "revoked" with proof references
- DoD compliance: Exactly 3 passes (0x00, 0xFF, 0x00) verified in sequence
- Obliteration proofs: Proofs generated with content hash, timestamp, commitment
- Concurrent access: Obliteration during concurrent reads doesn't leak data
- Independent obliteration: Multiple keys can be obliterated selectively without affecting others
- Concurrent key operations (10 threads): no deadlock, all succeed
- Transaction isolation: uncommitted changes invisible until commit
- Concurrent transactions: 5 independent transactions run concurrently
- Content store concurrency: 20 concurrent writers all succeed without collision
- Race condition safety: commit/rollback races don't corrupt state
- Hashing (sha2): 6 sizes from 32B to 1MB
- Content store: write/retrieve/dedup ops with real SHA256
- Obliteration: 3-pass overwrite at 1KB/4KB/64KB sizes
- Transactions: begin/commit overhead, operation log append
- Key derivation: SHA256 PBKDF chain (1000 iterations)
- Attestation: entry generation, audit log append, signature verification
- Delta operations: diff computation (3 sizes), 10-link chain verification
- Metadata: JSON serialization/deserialization roundtrips
ACHIEVED: CRG C (from CRG D after 2026-04-04 blitz)
- 24 unit tests (existing)
- 6 P2P property tests (new)
- 7 E2E integration tests (new)
- 6 aspect/security tests (new) — CRITICAL for key management
- 5 concurrency tests (new)
- 8 criterion benchmarks (extended)
Total: 56 tests + 8 benchmarks = 64 verification points
CRG C requirements met: ✅ P2P property tests (delta roundtrips, ACID verification, attestation invariants) ✅ E2E tests (full key lifecycle, multi-key transactions, content store roundtrips) ✅ Aspect tests (security: obliteration, concurrency, isolation) ✅ Benchmarks baselined (6+ categories, 20+ measurement points)
tests/fuzz/placeholder.txtis a scorecard placeholder inherited from rsr-template-repo — it does NOT provide real fuzz testing- Replace with an actual fuzz harness (see rsr-template-repo/tests/fuzz/README.adoc) or remove the file
- Priority: P2 — creates false impression of fuzz coverage