implemented Pillar 10: Zero-Trust Security.

Author: ProgrammerKR

src/compiler/parser/ast.c

@@ -359,6 +359,16 @@ Expr *createSanitizeExpr(Expr *value, int line, int column) {
   return expr;
 }
 
+Expr *createCryptoExpr(Expr *val, bool isEncrypt, int line, int column) {
+  Expr *expr = ALLOCATE(Expr, 1);
+  expr->type = EXPR_CRYPTO;
+  expr->line = line;
+  expr->column = column;
+  expr->as.crypto.value = val;
+  expr->as.crypto.isEncrypt = isEncrypt;
+  return expr;
+}
+
 // --- Statement Creation Functions ---
 
 Stmt *createExpressionStmt(Expr *expression, int line, int column) {
@@ -645,6 +655,16 @@ Stmt *createGPUBlockStmt(const char *kernelName, StmtList *body, int line, int c
   return stmt;
 }
 
+Stmt *createVerifyStmt(const char *identityName, StmtList *body, int line, int column) {
+  Stmt *stmt = ALLOCATE(Stmt, 1);
+  stmt->type = STMT_VERIFY;
+  stmt->line = line;
+  stmt->column = column;
+  stmt->as.verify_stmt.identityName = strdup(identityName);
+  stmt->as.verify_stmt.body = body;
+  return stmt;
+}
+
 // --- Free Functions ---
 
 void freeExpr(Expr *expr) {
@@ -732,6 +752,9 @@ void freeExpr(Expr *expr) {
   case EXPR_SANITIZE:
     freeExpr(expr->as.sanitize.value);
     break;
+  case EXPR_CRYPTO:
+    freeExpr(expr->as.crypto.value);
+    break;
   }
 
   FREE(Expr, expr);
@@ -859,6 +882,10 @@ void freeStmt(Stmt *stmt) {
     if(stmt->as.gpu_block.kernelName) free(stmt->as.gpu_block.kernelName);
     if(stmt->as.gpu_block.body) freeStmtList(stmt->as.gpu_block.body);
     break;
+  case STMT_VERIFY:
+    free(stmt->as.verify_stmt.identityName);
+    if(stmt->as.verify_stmt.body) freeStmtList(stmt->as.verify_stmt.body);
+    break;
   }
 
   FREE(Stmt, stmt);

src/compiler/parser/parser.c

@@ -28,6 +28,7 @@ static Stmt *distributedDecl(Parser *p); // Forward
 static Stmt *modelDecl(Parser *p); // Forward
 static Stmt *quantumStmt(Parser *p); // Forward
 static Stmt *gpuStmt(Parser *p); // Forward
+static Stmt *verifyStmt(Parser *p); // Forward
 static Stmt *useDecl(Parser *p);
 static Stmt *forStmt(Parser *p);
 static Stmt *ifStmt(Parser *p);
@@ -276,6 +277,8 @@ static Stmt *declaration(Parser *p) {
     return quantumStmt(p);
   if (match(p, 1, TOKEN_GPU))
     return gpuStmt(p);
+  if (match(p, 1, TOKEN_VERIFY))
+    return verifyStmt(p);
 
   return statement(p);
 }
@@ -1013,17 +1016,30 @@ static Expr *call(Parser *p) {
     }
   }
 
-  return expr;
-}
-
 static Expr *primary(Parser *p) {
   if (match(p, 1, TOKEN_SANITIZE)) {
-      consume(p, TOKEN_LEFT_PAREN, "Expect '(' after sanitize.");
+    consume(p, TOKEN_LEFT_PAREN, "Expect '(' after sanitize.");
+    Expr *val = expression(p);
+    consume(p, TOKEN_RIGHT_PAREN, "Expect ')' after sanitize expression.");
+    return createSanitizeExpr(val, p->previous.line, 0); 
+  }
+  
+  if (match(p, 1, TOKEN_ENCRYPT)) {
+      consume(p, TOKEN_LEFT_PAREN, "Expect '(' after encrypt.");
       Expr *val = expression(p);
-      consume(p, TOKEN_RIGHT_PAREN, "Expect ')'.");
-      return createSanitizeExpr(val, p->previous.line, 0);
+      consume(p, TOKEN_RIGHT_PAREN, "Expect ')' after encrypt expression.");
+      // Optional 'using <key>' parsing could be added here
+      return createCryptoExpr(val, true, p->previous.line, 0);
   }
-  if (match(p, 1, TOKEN_FALSE)) return createLiteralExpr((Value){VAL_BOOL, {.boolean = false}}, p->previous.line, 0);
+  
+  if (match(p, 1, TOKEN_DECRYPT)) {
+      consume(p, TOKEN_LEFT_PAREN, "Expect '(' after decrypt.");
+      Expr *val = expression(p);
+      consume(p, TOKEN_RIGHT_PAREN, "Expect ')' after decrypt expression.");
+      return createCryptoExpr(val, false, p->previous.line, 0);
+  }
+
+  if (match(p, 1, TOKEN_FALSE)) return createLiteralExpr(LITERAL_BOOL, "false", p->previous.line, 0);
   if (match(p, 1, TOKEN_TRUE)) return createLiteralExpr((Value){VAL_BOOL, {.boolean = true}}, p->previous.line, 0);
   if (match(p, 1, TOKEN_NULL)) {
     return createLiteralExpr(NULL_VAL, p->previous.line, 0);

src/compiler/type_checker.c

@@ -624,6 +624,18 @@ static void checkStmt(TypeChecker* checker, Stmt* stmt) {
             break;
         }
 
+        case STMT_VERIFY: {
+            beginScope(checker);
+            StmtList* body = stmt->as.verify_stmt.body;
+            if (body) {
+                for(int i=0; i<body->count; i++) {
+                     checkStmt(checker, body->items[i]);
+                }
+            }
+            endScope(checker);
+            break;
+        }
+
         default:
             break;
     }