Skip to main content

codlet_core/
lib.rs

1#![forbid(unsafe_code)]
2#![cfg_attr(not(feature = "std"), no_std)]
3#![doc = include_str!("../README.md")]
4
5//! # codlet-core
6//!
7//! Runtime-neutral authentication primitives. This crate contains pure types,
8//! policy objects, cryptographic lookup-key derivation, lifecycle state
9//! machines, and storage *traits*. It deliberately contains no web framework,
10//! database, or async-executor dependencies (RFC-002).
11//!
12//! ## Boundary
13//!
14//! codlet authenticates a subject. The host application authorizes that
15//! subject (RFC-001). Nothing in this crate decides community membership,
16//! roles, permissions, or resource access.
17//!
18//! ## Status
19//!
20//! This is the Phase 0 skeleton. The modules below are introduced by their
21//! respective RFCs as implementation lands:
22//!
23//! - `code`    — code policy, generation, normalization, validation (RFC-003)
24//! - `hashing` — HMAC lookup-key derivation, key providers, domain separation,
25//!               key versioning (RFC-004)
26//! - `state`   — pure lifecycle classifiers: claim / token-consume / session
27//!               validation (RFC-005/006/007)
28//! - `store`   — `CodeStore`, `SessionStore`, `FormTokenStore`,
29//!               `RateLimitStore` traits (RFC-005..008)
30//! - `error`   — internal vs public-safe error model (RFC-012/021)
31//!
32//! Until those RFCs are accepted and implemented, this crate exposes only the
33//! crate-level documentation and version constant below.
34
35/// The codlet wire/format version embedded in domain-separated HMAC inputs.
36///
37/// Bumping this is a breaking change to every stored lookup key and MUST be
38/// accompanied by a key-version migration (RFC-004).
39pub const FORMAT_VERSION: &str = "codlet/v1";
40
41// Modules are added here as their RFCs are implemented. Keeping them out of the
42// skeleton avoids shipping placeholder security code, which would be worse than
43// an honest absence.
44//
45// pub mod code;     // RFC-003
46// pub mod hashing;  // RFC-004
47// pub mod state;    // RFC-005/006/007
48// pub mod store;    // RFC-005..008
49// pub mod error;    // RFC-012/021
50
51#[cfg(test)]
52mod tests {
53    use super::*;
54
55    #[test]
56    fn format_version_is_stable() {
57        // Guard against an accidental format bump. Changing this string is a
58        // breaking change requiring a key-version migration (RFC-004).
59        assert_eq!(FORMAT_VERSION, "codlet/v1");
60    }
61}