waddling_errors_hash/

wdp.rs

//! WDP (Waddling Diagnostic Protocol) Conformant Hash Implementation
//!
//! This module provides hash functions that are fully conformant with the
//! WDP specification (Parts 5 and 7).
//!
//! ## WDP Part 5: Compact IDs
//!
//! Error codes are hashed using xxHash3 with the seed `0x000031762D706477`:
//! - Input is normalized (trimmed and uppercased)
//! - Output is 5 Base62 characters
//!
//! ## WDP Part 7: Namespaces
//!
//! Namespaces are hashed using xxHash3 with a different seed `0x31762D736E706477`:
//! - This prevents collisions between namespace and code hashes
//! - Combined format: `namespace_hash-code_hash` (e.g., `h4tYw2-81E9g`)
//!
//! ## Example
//!
//! ```
//! use waddling_errors_hash::wdp::{
//!     compute_wdp_hash,
//!     compute_wdp_namespace_hash,
//!     compute_wdp_full_id,
//! };
//!
//! // Hash an error code (WDP Part 5)
//! let hash = compute_wdp_hash("E.Auth.Token.001");
//! assert_eq!(hash.len(), 5);
//!
//! // Hash a namespace (WDP Part 7)
//! let ns_hash = compute_wdp_namespace_hash("auth_lib");
//! assert_eq!(ns_hash.len(), 5);
//!
//! // Combined identifier (namespace_hash-code_hash)
//! let full_id = compute_wdp_full_id("auth_lib", "E.Auth.Token.001");
//! assert_eq!(full_id.len(), 11); // 5 + 1 + 5
//! assert!(full_id.contains('-'));
//! ```

#[cfg(not(feature = "std"))]
extern crate alloc;

#[cfg(feature = "std")]
use std::string::String;

#[cfg(not(feature = "std"))]
use alloc::string::String;

use crate::base62::to_base62;

// =============================================================================
// WDP Seed Constants (NORMATIVE)
// =============================================================================

/// WDP v1 seed for error code hashes (Part 5: Compact IDs)
///
/// Seed string: `"wdp-v1"`
/// UTF-8 bytes: `[0x77, 0x64, 0x70, 0x2D, 0x76, 0x31]`
/// Zero-padded to 8 bytes: `[0x77, 0x64, 0x70, 0x2D, 0x76, 0x31, 0x00, 0x00]`
/// Little-endian u64: `0x000031762D706477`
///
/// This value is specified in WDP Part 5, Section 4.5.1.
pub const WDP_CODE_SEED: u64 = 0x000031762D706477;

/// WDP v1 seed for namespace hashes (Part 7: Namespaces)
///
/// Seed string: `"wdpns-v1"`
/// UTF-8 bytes: `[0x77, 0x64, 0x70, 0x6E, 0x73, 0x2D, 0x76, 0x31]`
/// Little-endian u64: `0x31762D736E706477`
///
/// This value is specified in WDP Part 7, Section 4.2.
pub const WDP_NAMESPACE_SEED: u64 = 0x31762D736E706477;

// =============================================================================
// Input Normalization (WDP Part 5, Section 3)
// =============================================================================

/// Normalize input for WDP hash computation
///
/// Per WDP Part 5, Section 3.3:
/// 1. Trim leading and trailing whitespace
/// 2. Convert to uppercase
///
/// This ensures case-insensitive lookups and typo resilience:
/// - `E.Auth.Token.001` → `E.AUTH.TOKEN.001`
/// - `e.auth.token.001` → `E.AUTH.TOKEN.001`
/// - `  E.Auth.Token.001  ` → `E.AUTH.TOKEN.001`
///
/// All produce the same hash.
#[inline]
pub fn normalize_wdp_input(input: &str) -> String {
    input.trim().to_uppercase()
}

// =============================================================================
// WDP Part 5: Compact ID Hash Functions
// =============================================================================

/// Compute a WDP-conformant hash for an error code (Part 5: Compact IDs)
///
/// This function implements the WDP Part 5 specification:
/// 1. Normalize input (trim + uppercase)
/// 2. Hash with xxHash3 using seed `0x000031762D706477`
/// 3. Encode as 5-character Base62
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::compute_wdp_hash;
///
/// // All of these produce the same hash due to normalization:
/// let hash1 = compute_wdp_hash("E.Auth.Token.001");
/// let hash2 = compute_wdp_hash("E.AUTH.TOKEN.001");
/// let hash3 = compute_wdp_hash("e.auth.token.001");
/// let hash4 = compute_wdp_hash("  E.Auth.Token.001  ");
///
/// assert_eq!(hash1, hash2);
/// assert_eq!(hash2, hash3);
/// assert_eq!(hash3, hash4);
/// assert_eq!(hash1.len(), 5);
/// ```
///
/// # WDP Conformance
///
/// This function is fully conformant with WDP Part 5: Compact IDs.
pub fn compute_wdp_hash(input: &str) -> String {
    use xxhash_rust::xxh3::xxh3_64_with_seed;

    // Step 1: Normalize (trim + uppercase)
    let normalized = normalize_wdp_input(input);

    // Step 2: Hash with WDP seed
    let hash = xxh3_64_with_seed(normalized.as_bytes(), WDP_CODE_SEED);

    // Step 3: Convert to 5-char Base62
    hash_to_base62(hash)
}

/// Compute WDP hash without normalization (for pre-normalized input)
///
/// Use this when you know the input is already normalized (uppercase, trimmed).
/// This avoids the allocation from `to_uppercase()`.
///
/// # Safety Note
///
/// If the input is not properly normalized, the hash will differ from
/// `compute_wdp_hash()` and may not match other WDP implementations.
#[inline]
pub fn compute_wdp_hash_normalized(normalized_input: &str) -> String {
    use xxhash_rust::xxh3::xxh3_64_with_seed;

    let hash = xxh3_64_with_seed(normalized_input.as_bytes(), WDP_CODE_SEED);
    hash_to_base62(hash)
}

// =============================================================================
// WDP Part 7: Namespace Hash Functions
// =============================================================================

/// Compute a WDP-conformant hash for a namespace (Part 7: Namespaces)
///
/// This function implements the WDP Part 7 specification:
/// 1. Hash namespace with xxHash3 using seed `0x31762D736E706477`
/// 2. Encode as 5-character Base62
///
/// Note: Namespaces are NOT normalized (they should already be lowercase snake_case).
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::compute_wdp_namespace_hash;
///
/// let hash = compute_wdp_namespace_hash("auth_lib");
/// assert_eq!(hash.len(), 5);
/// ```
///
/// # WDP Conformance
///
/// This function is fully conformant with WDP Part 7: Namespaces.
pub fn compute_wdp_namespace_hash(namespace: &str) -> String {
    use xxhash_rust::xxh3::xxh3_64_with_seed;

    // Namespace uses different seed to prevent collisions with code hashes
    let hash = xxh3_64_with_seed(namespace.as_bytes(), WDP_NAMESPACE_SEED);
    hash_to_base62(hash)
}

// =============================================================================
// Combined Identifiers
// =============================================================================

/// Compute a full WDP identifier: `namespace_hash-code_hash`
///
/// Per WDP Part 7, Section 5.2, the combined format is:
/// - `namespace_hash`: 5 Base62 characters
/// - separator: single hyphen `-`
/// - `code_hash`: 5 Base62 characters
/// - Total: 11 characters
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::compute_wdp_full_id;
///
/// let full_id = compute_wdp_full_id("auth_lib", "E.Auth.Token.001");
/// assert_eq!(full_id.len(), 11);
/// assert!(full_id.contains('-'));
///
/// // Format: "h4tYw2-81E9g" (namespace_hash-code_hash)
/// let parts: Vec<&str> = full_id.split('-').collect();
/// assert_eq!(parts.len(), 2);
/// assert_eq!(parts[0].len(), 5); // namespace hash
/// assert_eq!(parts[1].len(), 5); // code hash
/// ```
///
/// # WDP Conformance
///
/// This function is fully conformant with WDP Part 5 and Part 7.
pub fn compute_wdp_full_id(namespace: &str, code: &str) -> String {
    let ns_hash = compute_wdp_namespace_hash(namespace);
    let code_hash = compute_wdp_hash(code);

    #[cfg(feature = "std")]
    {
        format!("{}-{}", ns_hash, code_hash)
    }

    #[cfg(not(feature = "std"))]
    {
        use alloc::format;
        format!("{}-{}", ns_hash, code_hash)
    }
}

/// Parse a WDP full identifier into namespace hash and code hash
///
/// Returns `Some((namespace_hash, code_hash))` if valid, `None` otherwise.
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::parse_wdp_full_id;
///
/// // With namespace
/// let result = parse_wdp_full_id("h4tYw-81E9g");
/// assert_eq!(result, Some(("h4tYw", "81E9g")));
///
/// // Without namespace (legacy 5-char format)
/// let result = parse_wdp_full_id("81E9g");
/// assert_eq!(result, Some(("", "81E9g")));
///
/// // Invalid
/// let result = parse_wdp_full_id("invalid");
/// assert_eq!(result, None);
/// ```
pub fn parse_wdp_full_id(full_id: &str) -> Option<(&str, &str)> {
    if full_id.len() == 5 && full_id.chars().all(|c| c.is_ascii_alphanumeric()) {
        // Legacy format: just code hash
        Some(("", full_id))
    } else if full_id.len() == 11 {
        // Full format: namespace_hash-code_hash (no allocation needed)
        // Expected format: XXXXX-XXXXX where X is alphanumeric
        let bytes = full_id.as_bytes();
        if bytes[5] == b'-'
            && full_id[..5].chars().all(|c| c.is_ascii_alphanumeric())
            && full_id[6..].chars().all(|c| c.is_ascii_alphanumeric())
        {
            Some((&full_id[..5], &full_id[6..]))
        } else {
            None
        }
    } else {
        None
    }
}

// =============================================================================
// Verification Functions
// =============================================================================

/// Verify that a hash matches the input code (WDP-conformant)
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::{compute_wdp_hash, verify_wdp_hash};
///
/// let code = "E.Auth.Token.001";
/// let hash = compute_wdp_hash(code);
///
/// assert!(verify_wdp_hash(code, &hash));
/// assert!(verify_wdp_hash("e.auth.token.001", &hash)); // Case-insensitive!
/// assert!(!verify_wdp_hash("E.Auth.Token.002", &hash));
/// ```
pub fn verify_wdp_hash(input: &str, hash: &str) -> bool {
    compute_wdp_hash(input) == hash
}

/// Verify that a namespace hash matches the input namespace
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::{compute_wdp_namespace_hash, verify_wdp_namespace_hash};
///
/// let namespace = "auth_lib";
/// let hash = compute_wdp_namespace_hash(namespace);
///
/// assert!(verify_wdp_namespace_hash(namespace, &hash));
/// assert!(!verify_wdp_namespace_hash("other_lib", &hash));
/// ```
pub fn verify_wdp_namespace_hash(namespace: &str, hash: &str) -> bool {
    compute_wdp_namespace_hash(namespace) == hash
}

// =============================================================================
// Compile-Time (const) Hash Functions
// =============================================================================

/// Base62 character set for const evaluation
const BASE62_CHARS_CONST: &[u8; 62] =
    b"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

/// Convert a u64 hash to a 5-character Base62 array (const-compatible)
///
/// This is a const fn version of hash_to_base62 that returns a fixed-size array
/// instead of a String, making it suitable for compile-time evaluation.
#[inline]
pub const fn const_hash_to_base62(hash: u64) -> [u8; 5] {
    // Take first 5 bytes (40 bits) of the hash
    let bytes: [u8; 5] = [
        (hash >> 32) as u8,
        (hash >> 24) as u8,
        (hash >> 16) as u8,
        (hash >> 8) as u8,
        hash as u8,
    ];

    // Combine into a 40-bit number
    let mut num: u64 = 0;
    num = (num << 8) | (bytes[0] as u64);
    num = (num << 8) | (bytes[1] as u64);
    num = (num << 8) | (bytes[2] as u64);
    num = (num << 8) | (bytes[3] as u64);
    num = (num << 8) | (bytes[4] as u64);

    // Convert to base62
    let mut result = [0u8; 5];
    let mut n = num;

    // Manual unrolling since we can't use for loops in const fn on mutable state easily
    result[4] = BASE62_CHARS_CONST[(n % 62) as usize];
    n /= 62;
    result[3] = BASE62_CHARS_CONST[(n % 62) as usize];
    n /= 62;
    result[2] = BASE62_CHARS_CONST[(n % 62) as usize];
    n /= 62;
    result[1] = BASE62_CHARS_CONST[(n % 62) as usize];
    n /= 62;
    result[0] = BASE62_CHARS_CONST[(n % 62) as usize];

    result
}

/// Compute WDP hash at compile time from a byte slice
///
/// This function uses const_xxh3 for compile-time hash computation.
/// The input should be pre-normalized (uppercase ASCII bytes).
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::{const_wdp_hash_bytes, const_hash_to_base62};
///
/// const HASH: u64 = const_wdp_hash_bytes(b"E.AUTH.TOKEN.001");
/// const BASE62: [u8; 5] = const_hash_to_base62(HASH);
/// ```
#[inline]
pub const fn const_wdp_hash_bytes(input: &[u8]) -> u64 {
    use xxhash_rust::const_xxh3::xxh3_64_with_seed;
    xxh3_64_with_seed(input, WDP_CODE_SEED)
}

/// Compute a WDP-conformant hash at compile time
///
/// This is a const fn that computes the hash from pre-normalized uppercase bytes.
/// Returns a 5-byte array that can be converted to a &str.
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::const_wdp_hash;
///
/// const HASH_BYTES: [u8; 5] = const_wdp_hash(b"E.AUTH.TOKEN.001");
/// // Convert to str at compile time if needed
/// ```
#[inline]
pub const fn const_wdp_hash(normalized_uppercase_input: &[u8]) -> [u8; 5] {
    let hash = const_wdp_hash_bytes(normalized_uppercase_input);
    const_hash_to_base62(hash)
}

/// Format a sequence number as 3-digit zero-padded string bytes
///
/// Returns a 3-byte array with the formatted number.
/// Used for building WDP-conformant error codes at compile time.
///
/// # Panics
///
/// Panics if `seq_num` is 0 or greater than 999 (WDP spec requires 001-999).
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::const_format_sequence;
///
/// assert_eq!(&const_format_sequence(1), b"001");
/// assert_eq!(&const_format_sequence(42), b"042");
/// assert_eq!(&const_format_sequence(999), b"999");
/// ```
#[inline]
pub const fn const_format_sequence(seq_num: u16) -> [u8; 3] {
    // WDP spec requires sequence numbers 001-999
    assert!(
        seq_num > 0,
        "Sequence number cannot be 0. WDP spec requires 001-999."
    );
    assert!(
        seq_num <= 999,
        "Sequence number exceeds 999. WDP spec requires 001-999."
    );

    let d0 = (seq_num / 100) % 10;
    let d1 = (seq_num / 10) % 10;
    let d2 = seq_num % 10;

    [b'0' + d0 as u8, b'0' + d1 as u8, b'0' + d2 as u8]
}

/// Compute WDP hash from error code parts at compile time
///
/// Takes the four parts of an error code (severity, component, primary, sequence)
/// and computes the WDP-conformant hash. All string inputs must be uppercase.
///
/// # Arguments
///
/// * `severity` - Severity character as byte (e.g., b'E', b'W', b'C')
/// * `component` - Component value as uppercase bytes (e.g., b"AUTH")
/// * `primary` - Primary value as uppercase bytes (e.g., b"TOKEN")
/// * `seq_num` - Sequence number (1-999)
///
/// # Example
///
/// ```
/// use waddling_errors_hash::wdp::const_wdp_hash_from_parts;
///
/// // Hash for "E.AUTH.TOKEN.001"
/// const HASH: [u8; 5] = const_wdp_hash_from_parts(b'E', b"AUTH", b"TOKEN", 1);
/// ```
#[inline]
pub const fn const_wdp_hash_from_parts(
    severity: u8,
    component: &[u8],
    primary: &[u8],
    seq_num: u16,
) -> [u8; 5] {
    // Maximum expected length: 1 (severity) + 1 (.) + 16 (component) + 1 (.) + 16 (primary) + 1 (.) + 3 (seq) = 39
    // Using 64 bytes for safety
    let mut buffer = [0u8; 64];
    let mut pos = 0;

    // Severity
    buffer[pos] = severity;
    pos += 1;

    // Dot
    buffer[pos] = b'.';
    pos += 1;

    // Component (uppercase)
    let mut i = 0;
    while i < component.len() {
        buffer[pos] = to_uppercase_byte(component[i]);
        pos += 1;
        i += 1;
    }

    // Dot
    buffer[pos] = b'.';
    pos += 1;

    // Primary (uppercase)
    i = 0;
    while i < primary.len() {
        buffer[pos] = to_uppercase_byte(primary[i]);
        pos += 1;
        i += 1;
    }

    // Dot
    buffer[pos] = b'.';
    pos += 1;

    // Sequence number (3-digit zero-padded)
    let seq_bytes = const_format_sequence(seq_num);
    buffer[pos] = seq_bytes[0];
    buffer[pos + 1] = seq_bytes[1];
    buffer[pos + 2] = seq_bytes[2];
    pos += 3;

    // Compute hash on the constructed code string
    const_wdp_hash(slice_to_len(&buffer, pos))
}

/// Convert a byte to uppercase (const-compatible)
#[inline]
const fn to_uppercase_byte(b: u8) -> u8 {
    if b >= b'a' && b <= b'z' { b - 32 } else { b }
}

/// Create a slice of specific length from an array (const-compatible workaround)
///
/// Note: In const context, we can't return a slice directly from an array slice,
/// so we use the hash function that takes the full buffer and length hint.
#[inline]
const fn slice_to_len(buffer: &[u8; 64], len: usize) -> &[u8] {
    // Cap length to buffer bounds
    let capped_len = if len > buffer.len() {
        buffer.len()
    } else {
        len
    };
    // Safe slice indexing - works in const context since Rust 1.71
    buffer.split_at(capped_len).0
}

// =============================================================================
// Internal Helpers
// =============================================================================

/// Convert xxHash3 output to 5-character Base62
///
/// Takes the first 40 bits (5 bytes) of the hash and encodes as Base62.
#[inline]
fn hash_to_base62(hash: u64) -> String {
    let bytes = [
        (hash >> 32) as u8,
        (hash >> 24) as u8,
        (hash >> 16) as u8,
        (hash >> 8) as u8,
        hash as u8,
    ];
    to_base62(&bytes)
}

// =============================================================================
// Tests
// =============================================================================

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_wdp_code_seed_value() {
        // Verify the seed constant matches the calculation
        let seed_bytes = b"wdp-v1";
        let mut padded = [0u8; 8];
        padded[..6].copy_from_slice(seed_bytes);
        let calculated = u64::from_le_bytes(padded);
        assert_eq!(calculated, WDP_CODE_SEED);
        assert_eq!(WDP_CODE_SEED, 0x000031762D706477);
    }

    #[test]
    fn test_wdp_namespace_seed_value() {
        // Verify the namespace seed constant matches the WDP spec
        // Seed string: "wdpns-v1" (exactly 8 bytes)
        // UTF-8 bytes: [0x77, 0x64, 0x70, 0x6E, 0x73, 0x2D, 0x76, 0x31]
        // Little-endian u64: 0x31762D736E706477
        let seed_bytes = b"wdpns-v1";
        let calculated = u64::from_le_bytes(*seed_bytes);
        assert_eq!(calculated, WDP_NAMESPACE_SEED);
        assert_eq!(WDP_NAMESPACE_SEED, 0x31762D736E706477);
    }

    #[test]
    fn test_normalize_wdp_input() {
        assert_eq!(normalize_wdp_input("E.Auth.Token.001"), "E.AUTH.TOKEN.001");
        assert_eq!(normalize_wdp_input("e.auth.token.001"), "E.AUTH.TOKEN.001");
        assert_eq!(
            normalize_wdp_input("  E.Auth.Token.001  "),
            "E.AUTH.TOKEN.001"
        );
        assert_eq!(normalize_wdp_input("E.AUTH.TOKEN.001"), "E.AUTH.TOKEN.001");
    }

    #[test]
    fn test_compute_wdp_hash_length() {
        let hash = compute_wdp_hash("E.Auth.Token.001");
        assert_eq!(hash.len(), 5);
        assert!(hash.chars().all(|c| c.is_ascii_alphanumeric()));
    }

    #[test]
    fn test_compute_wdp_hash_deterministic() {
        let hash1 = compute_wdp_hash("E.Auth.Token.001");
        let hash2 = compute_wdp_hash("E.Auth.Token.001");
        assert_eq!(hash1, hash2);
    }

    #[test]
    fn test_compute_wdp_hash_case_insensitive() {
        let hash1 = compute_wdp_hash("E.Auth.Token.001");
        let hash2 = compute_wdp_hash("E.AUTH.TOKEN.001");
        let hash3 = compute_wdp_hash("e.auth.token.001");
        let hash4 = compute_wdp_hash("E.auth.Token.001");

        assert_eq!(hash1, hash2);
        assert_eq!(hash2, hash3);
        assert_eq!(hash3, hash4);
    }

    #[test]
    fn test_compute_wdp_hash_whitespace_insensitive() {
        let hash1 = compute_wdp_hash("E.Auth.Token.001");
        let hash2 = compute_wdp_hash("  E.Auth.Token.001  ");
        let hash3 = compute_wdp_hash("\tE.Auth.Token.001\n");

        assert_eq!(hash1, hash2);
        assert_eq!(hash2, hash3);
    }

    #[test]
    fn test_different_codes_produce_different_hashes() {
        let hash1 = compute_wdp_hash("E.Auth.Token.001");
        let hash2 = compute_wdp_hash("E.Auth.Token.002");
        assert_ne!(hash1, hash2);
    }

    #[test]
    fn test_compute_wdp_namespace_hash_length() {
        let hash = compute_wdp_namespace_hash("auth_lib");
        assert_eq!(hash.len(), 5);
        assert!(hash.chars().all(|c| c.is_ascii_alphanumeric()));
    }

    #[test]
    fn test_namespace_and_code_seeds_differ() {
        // Same input, different seeds should produce different hashes
        let input = "test";
        use xxhash_rust::xxh3::xxh3_64_with_seed;

        let code_hash = xxh3_64_with_seed(input.as_bytes(), WDP_CODE_SEED);
        let ns_hash = xxh3_64_with_seed(input.as_bytes(), WDP_NAMESPACE_SEED);

        assert_ne!(code_hash, ns_hash);
    }

    #[test]
    fn test_compute_wdp_full_id_format() {
        let full_id = compute_wdp_full_id("auth_lib", "E.Auth.Token.001");

        assert_eq!(full_id.len(), 11);
        assert!(full_id.contains('-'));

        let parts: Vec<&str> = full_id.split('-').collect();
        assert_eq!(parts.len(), 2);
        assert_eq!(parts[0].len(), 5);
        assert_eq!(parts[1].len(), 5);
    }

    #[test]
    fn test_compute_wdp_full_id_components() {
        let namespace = "auth_lib";
        let code = "E.Auth.Token.001";

        let ns_hash = compute_wdp_namespace_hash(namespace);
        let code_hash = compute_wdp_hash(code);
        let full_id = compute_wdp_full_id(namespace, code);

        let expected = format!("{}-{}", ns_hash, code_hash);
        assert_eq!(full_id, expected);
    }

    #[test]
    fn test_parse_wdp_full_id() {
        // Full format
        let result = parse_wdp_full_id("h4tYw-81E9g");
        assert_eq!(result, Some(("h4tYw", "81E9g")));

        // Legacy format (5-char)
        let result = parse_wdp_full_id("81E9g");
        assert_eq!(result, Some(("", "81E9g")));

        // Invalid formats
        assert_eq!(parse_wdp_full_id(""), None);
        assert_eq!(parse_wdp_full_id("123"), None);
        assert_eq!(parse_wdp_full_id("invalid-format-here"), None);
        assert_eq!(parse_wdp_full_id("h4tYw--81E9g"), None);
    }

    #[test]
    fn test_verify_wdp_hash() {
        let code = "E.Auth.Token.001";
        let hash = compute_wdp_hash(code);

        assert!(verify_wdp_hash(code, &hash));
        assert!(verify_wdp_hash("e.auth.token.001", &hash)); // Case-insensitive
        assert!(!verify_wdp_hash("E.Auth.Token.002", &hash));
    }

    #[test]
    fn test_verify_wdp_namespace_hash() {
        let namespace = "auth_lib";
        let hash = compute_wdp_namespace_hash(namespace);

        assert!(verify_wdp_namespace_hash(namespace, &hash));
        assert!(!verify_wdp_namespace_hash("other_lib", &hash));
    }

    // ==========================================================================
    // Official WDP Test Vector Verification
    // ==========================================================================
    // These tests verify against official test vectors from wdp-specs repo:
    // test-vectors/data/namespaces.json and test-vectors/data/compact-ids.json
    // ==========================================================================

    #[test]
    fn test_wdp_official_namespace_vectors() {
        // From wdp-specs/test-vectors/data/namespaces.json
        let test_vectors = [
            ("auth_lib", "05o5h"),
            ("user_service", "oFN7q"),
            ("order_service", "mulMW"),
            ("my_app", "XPb13"),
            ("a", "ECjXV"),
            ("payment_gateway", "jJcx6"),
            ("http2_client", "eXm0X"),
            ("payment_lib", "MVYh6"),
        ];

        for (namespace, expected_hash) in test_vectors {
            let actual = compute_wdp_namespace_hash(namespace);
            assert_eq!(
                actual, expected_hash,
                "Namespace '{}' expected hash '{}' but got '{}'",
                namespace, expected_hash, actual
            );
        }
    }

    #[test]
    fn test_wdp_official_code_hash_vectors() {
        // From wdp-specs/test-vectors/data/namespaces.json (combined_identifiers section)
        // Code hashes are normalized (uppercased) before hashing
        let test_vectors = [
            ("E.Auth.Token.001", "V6a0B"),
            ("E.Database.Connection.021", "gjyGQ"),
        ];

        for (code, expected_hash) in test_vectors {
            let actual = compute_wdp_hash(code);
            assert_eq!(
                actual, expected_hash,
                "Code '{}' expected hash '{}' but got '{}'",
                code, expected_hash, actual
            );
        }
    }

    #[test]
    fn test_wdp_official_combined_identifier_vectors() {
        // From wdp-specs/test-vectors/data/namespaces.json
        let test_vectors = [
            ("auth_lib", "E.Auth.Token.001", "05o5h-V6a0B"),
            ("payment_lib", "E.Auth.Token.001", "MVYh6-V6a0B"),
            ("user_service", "E.Database.Connection.021", "oFN7q-gjyGQ"),
        ];

        for (namespace, code, expected_combined) in test_vectors {
            let actual = compute_wdp_full_id(namespace, code);
            assert_eq!(
                actual, expected_combined,
                "Combined ID for '{}:{}' expected '{}' but got '{}'",
                namespace, code, expected_combined, actual
            );
        }
    }
}