[ARCH-342] Add Rename function. (#1694)

Author: pavel-raykov

keystore/admin.go

@@ -92,6 +92,13 @@ type SetMetadataUpdate struct {
 
 type SetMetadataResponse struct{}
 
+type RenameKeyRequest struct {
+	OldName string
+	NewName string
+}
+
+type RenameKeyResponse struct{}
+
 type Admin interface {
 	// CreateKeys creates multiple keys in a single atomic operation.
 	// The response preserves the order of the keys in the request.
@@ -118,6 +125,12 @@ type Admin interface {
 	// SetMetadata updates metadata for multiple keys in a single atomic operation.
 	// Returns ErrKeyNotFound if any key does not exist.
 	SetMetadata(ctx context.Context, req SetMetadataRequest) (SetMetadataResponse, error)
+
+	// RenameKey renames an existing key.
+	// Returns ErrKeyNotFound if the old key name does not exist,
+	// ErrKeyAlreadyExists if the new key name exists,
+	// ErrInvalidKeyName if the new key name is invalid.
+	RenameKey(ctx context.Context, req RenameKeyRequest) (RenameKeyResponse, error)
 }
 
 // UnimplementedAdmin returns ErrUnimplemented for all Admin methods.
@@ -143,6 +156,10 @@ func (UnimplementedAdmin) SetMetadata(ctx context.Context, req SetMetadataReques
 	return SetMetadataResponse{}, fmt.Errorf("Admin.SetMetadata: %w", ErrUnimplemented)
 }
 
+func (UnimplementedAdmin) RenameKey(ctx context.Context, req RenameKeyRequest) (RenameKeyResponse, error) {
+	return RenameKeyResponse{}, fmt.Errorf("Admin.RenameKey: %w", ErrUnimplemented)
+}
+
 func ValidKeyName(name string) error {
 	if name == "" {
 		return fmt.Errorf("key name cannot be empty")
@@ -364,3 +381,36 @@ func (ks *keystore) SetMetadata(ctx context.Context, req SetMetadataRequest) (Se
 	ks.keystore = ksCopy
 	return SetMetadataResponse{}, nil
 }
+
+func (ks *keystore) RenameKey(ctx context.Context, req RenameKeyRequest) (RenameKeyResponse, error) {
+	ks.mu.Lock()
+	defer ks.mu.Unlock()
+
+	if req.NewName == req.OldName {
+		return RenameKeyResponse{}, nil
+	}
+
+	if err := ValidKeyName(req.NewName); err != nil {
+		return RenameKeyResponse{}, fmt.Errorf("%w: %s", ErrInvalidKeyName, err)
+	}
+
+	if _, ok := ks.keystore[req.NewName]; ok {
+		return RenameKeyResponse{}, fmt.Errorf("%w: %s", ErrKeyAlreadyExists, req.NewName)
+	}
+
+	k, ok := ks.keystore[req.OldName]
+	if !ok {
+		return RenameKeyResponse{}, fmt.Errorf("%w: %s", ErrKeyNotFound, req.OldName)
+	}
+
+	ksCopy := maps.Clone(ks.keystore)
+	ksCopy[req.NewName] = k
+	delete(ksCopy, req.OldName)
+
+	if err := ks.save(ctx, ksCopy); err != nil {
+		return RenameKeyResponse{}, fmt.Errorf("failed to save keystore: %w", err)
+	}
+
+	ks.keystore = ksCopy
+	return RenameKeyResponse{}, nil
+}

keystore/admin_test.go

@@ -320,3 +320,94 @@ func TestKeystore_SetMetadata(t *testing.T) {
 		require.ErrorIs(t, err, keystore.ErrKeyNotFound)
 	})
 }
+
+func TestKeystore_RenameKey(t *testing.T) {
+	ctx := t.Context()
+	ks, err := keystore.LoadKeystore(ctx, keystore.NewMemoryStorage(), "ks")
+	require.NoError(t, err)
+	_, err = ks.CreateKeys(ctx, keystore.CreateKeysRequest{
+		Keys: []keystore.CreateKeyRequest{
+			{KeyName: "key1", KeyType: keystore.Ed25519},
+		},
+	})
+	require.NoError(t, err)
+	originalKey, err := ks.GetKeys(ctx, keystore.GetKeysRequest{
+		KeyNames: []string{"key1"},
+	})
+	require.NoError(t, err)
+	require.Len(t, originalKey.Keys, 1)
+
+	t.Run("rename non-existent key", func(t *testing.T) {
+		_, err = ks.RenameKey(ctx, keystore.RenameKeyRequest{
+			OldName: "key2",
+			NewName: "new-name",
+		})
+		require.ErrorIs(t, err, keystore.ErrKeyNotFound)
+	})
+
+	t.Run("rename to invalid name", func(t *testing.T) {
+		_, err = ks.RenameKey(ctx, keystore.RenameKeyRequest{
+			OldName: "key1",
+			NewName: "", // Empty name is invalid
+		})
+		require.ErrorIs(t, err, keystore.ErrInvalidKeyName)
+	})
+
+	t.Run("rename to existing name", func(t *testing.T) {
+		// Create another key
+		_, err = ks.CreateKeys(ctx, keystore.CreateKeysRequest{
+			Keys: []keystore.CreateKeyRequest{
+				{KeyName: "another", KeyType: keystore.Ed25519},
+			},
+		})
+		require.NoError(t, err)
+
+		_, err = ks.RenameKey(ctx, keystore.RenameKeyRequest{
+			OldName: "key1",
+			NewName: "another", // Name already exists
+		})
+		require.ErrorIs(t, err, keystore.ErrKeyAlreadyExists)
+	})
+
+	t.Run("rename to same name", func(t *testing.T) {
+		_, err = ks.RenameKey(ctx, keystore.RenameKeyRequest{
+			OldName: "key1",
+			NewName: "key1",
+		})
+		require.NoError(t, err)
+
+		// Verify the key still exists
+		resp, err := ks.GetKeys(ctx, keystore.GetKeysRequest{
+			KeyNames: []string{"key1"},
+		})
+		require.NoError(t, err)
+		require.Equal(t, resp, originalKey)
+	})
+
+	t.Run("successful rename", func(t *testing.T) {
+		// Rename the key
+		_, err = ks.RenameKey(ctx, keystore.RenameKeyRequest{
+			OldName: "key1",
+			NewName: "renamed",
+		})
+		require.NoError(t, err)
+
+		// Verify the key exists under new name
+		resp, err := ks.GetKeys(ctx, keystore.GetKeysRequest{
+			KeyNames: []string{"renamed"},
+		})
+		require.NoError(t, err)
+		require.Len(t, resp.Keys, 1)
+		require.Equal(t, resp.Keys[0].KeyInfo.Name, "renamed")
+
+		// set name to the old one for easier comparison
+		resp.Keys[0].KeyInfo.Name = "key1"
+		assert.Equal(t, resp, originalKey)
+
+		// Verify the old name no longer exists
+		resp, err = ks.GetKeys(ctx, keystore.GetKeysRequest{
+			KeyNames: []string{"key1"},
+		})
+		require.EqualError(t, err, "key not found: key1")
+	})
+}