crabka-security 0.3.0

Pure-logic auth primitives used by the broker and CLI.

No I/O, no async, no networking. The broker plumbs streams in; this crate produces verifiers, hashes, and TLS configs.

SASL/PLAIN verification

use std::collections::HashMap;
use crabka_security::{AuthMethod, verify_plain};

let mut users = HashMap::new();
users.insert("alice".to_string(), "wonderland".to_string());

let principal = verify_plain(&users, "alice", b"wonderland").unwrap();
assert_eq!(principal.name, "alice");
assert_eq!(principal.auth_method, AuthMethod::SaslPlain);

Storing SCRAM credentials

use crabka_security::{SaslMechanism, hash_scram_password};

let credential = hash_scram_password(b"correct horse battery staple", SaslMechanism::ScramSha512, 4096);
assert_eq!(credential.iterations, 4096);