Expand description
CoreVPN Cryptographic Primitives
This crate provides the cryptographic foundation for CoreVPN, using only audited, pure-Rust implementations. No OpenSSL dependency.
§Security Principles
- All key material implements
Zeroizefor secure memory clearing - Constant-time comparisons for all authentication operations
- No custom cryptography - only well-audited implementations
- Perfect Forward Secrecy through ephemeral key exchange
Re-exports§
pub use error::CryptoError;pub use error::Result;pub use keys::StaticSecret;pub use keys::PublicKey;pub use keys::SigningKey;pub use keys::VerifyingKey;pub use keys::Signature;pub use keys::KeyPair;pub use cipher::Cipher;pub use cipher::CipherSuite;pub use cipher::DataChannelKey;pub use cipher::PacketCipher;pub use kdf::derive_keys;pub use kdf::KeyMaterial;pub use cert::CertificateAuthority;pub use cert::Certificate;pub use cert::CertificateRequest;pub use hmac_auth::HmacAuth;
Modules§
- cert
- X.509 Certificate generation and management
- cipher
- Symmetric cipher implementations for data channel encryption
- error
- Cryptographic error types
- hmac_
auth - HMAC Authentication for OpenVPN tls-auth / tls-crypt
- kdf
- Key Derivation Functions
- keys
- Cryptographic key types with secure memory handling
Functions§
- generate_
packet_ id - Generate a cryptographically secure packet ID
- generate_
session_ id - Generate a cryptographically secure session ID
- random_
bytes - Securely generate random bytes