xah30
b8ce58ddf0
aura-crypto: X25519 + ML-KEM-768 (FIPS 203) hybrid KEM, HKDF-SHA256 session key derivation, ChaCha20-Poly1305 AeadSession with counter nonces; genuine NIST ACVP ML-KEM-768 KAT (decapsulation vector). 16 tests green, clippy clean. aura-pki: self-signed CA, server/client cert issuance (rcgen 0.14), mutual X.509 chain verification via rustls-webpki, CRL revocation. 8 tests green. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
34 lines
1.1 KiB
TOML
34 lines
1.1 KiB
TOML
[package]
|
|
name = "aura-crypto"
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
license.workspace = true
|
|
description = "Aura cryptographic core: hybrid X25519 + ML-KEM-768 KEM, HKDF, ChaCha20-Poly1305"
|
|
|
|
[dependencies]
|
|
# `getrandom`: enables ML-KEM's no-argument `generate_keypair()` / `encapsulate()` which use the
|
|
# system RNG internally. This avoids a rand_core major-version mismatch (this crate uses
|
|
# rand_core 0.6, while ml-kem's kem/crypto-common stack uses rand_core 0.10), so we never have to
|
|
# hand ml-kem an RNG handle. Feature is additive on top of the workspace's ["zeroize"].
|
|
ml-kem = { workspace = true, features = ["getrandom"] }
|
|
# `zeroize`: makes x25519_dalek::StaticSecret wipe itself on drop. Additive on top of the
|
|
# workspace's ["static_secrets"].
|
|
x25519-dalek = { workspace = true, features = ["zeroize"] }
|
|
hkdf.workspace = true
|
|
hmac.workspace = true
|
|
sha2.workspace = true
|
|
chacha20poly1305.workspace = true
|
|
rand.workspace = true
|
|
rand_core.workspace = true
|
|
zeroize.workspace = true
|
|
subtle.workspace = true
|
|
thiserror.workspace = true
|
|
|
|
[dev-dependencies]
|
|
hex.workspace = true
|
|
criterion.workspace = true
|
|
|
|
[[bench]]
|
|
name = "crypto"
|
|
harness = false
|