xah30
bb835e4ca7
aura-proto: 5-byte wire header + Frame codec (§6.1/§6.3); transport-agnostic handshake state machine (§6.2) over split tokio AsyncRead/AsyncWrite — hybrid X25519+ML-KEM-768 KEM, SHA-256 transcript, mutual X.509 auth with ECDSA-P256 transcript signatures (ring), constant-time HMAC Finished; Session with sliding-window replay protection. 13 tests green, clippy clean. Handshake message order pinned (resolves spec diagram ambiguity); reader/writer taken by value since Session owns both halves. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
32 lines
1.1 KiB
TOML
32 lines
1.1 KiB
TOML
[package]
|
|
name = "aura-proto"
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
license.workspace = true
|
|
description = "Aura protocol: wire format, hybrid PKI handshake state machine, session"
|
|
|
|
[dependencies]
|
|
aura-crypto.workspace = true
|
|
aura-pki.workspace = true
|
|
bytes.workspace = true
|
|
serde.workspace = true
|
|
bincode.workspace = true
|
|
zeroize.workspace = true
|
|
hmac.workspace = true
|
|
sha2.workspace = true
|
|
rand.workspace = true
|
|
rustls-pki-types.workspace = true
|
|
thiserror.workspace = true
|
|
# Handshake signatures (ECDSA P-256 / SHA-256, ASN.1 DER). Already in the workspace lockfile.
|
|
ring = "0.17"
|
|
# Parse leaf cert DER (extract the EC SubjectPublicKeyInfo point) and decode PEM blocks
|
|
# (certificates + PKCS#8 keys) to DER. Already a workspace dependency and used by aura-pki, so
|
|
# this adds no new resolution and lets us avoid pulling in rustls-pemfile.
|
|
x509-parser.workspace = true
|
|
# The handshake and session are async over tokio::io::{AsyncRead, AsyncWrite}, so tokio must be a
|
|
# normal dependency (available via the workspace `full` feature set), not only a dev-dependency.
|
|
tokio.workspace = true
|
|
|
|
[dev-dependencies]
|
|
tokio.workspace = true
|