kryoptic-lib 1.5.1

A PKCS #11 software token written in Rust
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

[workspace]
members = ["ossl", "cdylib", "tools"]
default-members = [".", "ossl", "cdylib"]

[workspace.package]
version = "1.5.1"
edition = "2024"
description = "A PKCS #11 software token written in Rust"
homepage = "https://github.com/latchset/kryoptic"
repository = "https://github.com/latchset/kryoptic"
license = "GPL-3.0-or-later"

[workspace.dependencies]
kryoptic-lib = { version = "1.5.1", path = ".", default-features = false }
ossl = { version = "1.5.1",  path = "ossl", default-features = false }

[package]
name = "kryoptic-lib"
version.workspace = true
edition.workspace = true
description.workspace = true
homepage.workspace = true
repository.workspace = true
license.workspace = true

exclude = [
    ".github/*",
    "openssl/*",
    "testdata/CMACGenAES128.rsp",
    "testdata/CMACGenAES192.rsp",
    "testdata/CMACGenAES256.rsp",
    "testdata/KDFCTR_gen.txt",
    "testdata/KDFFeedback_gen.txt",
    "testdata/kwtestvectors/KWP_AD_128.txt",
    "testdata/kwtestvectors/KWP_AD_192.txt",
    "testdata/kwtestvectors/KWP_AD_256.txt",
    "testdata/kwtestvectors/KWP_AE_128.txt",
    "testdata/kwtestvectors/KWP_AE_192.txt",
    "testdata/kwtestvectors/KWP_AE_256.txt",
    "testdata/kwtestvectors/KW_AD_128.txt",
    "testdata/kwtestvectors/KW_AD_192.txt",
    "testdata/kwtestvectors/KW_AD_256.txt",
    "testdata/kwtestvectors/KW_AE_128.txt",
    "testdata/kwtestvectors/KW_AE_192.txt",
    "testdata/kwtestvectors/KW_AE_256.txt",
    "testdata/slh_dsa_test_vectors.json",
]

[lib]
test = true

[build-dependencies]
bindgen = "0.72"

[dependencies]
asn1 = "0.24"
bimap = "0.6.3"
bitflags = "2.4.1"
constant_time_eq = "0.4.2"
data-encoding = "2.4.0"
hex = "0.4.3"
itertools = "0.14.0"
libc = "0.2.151"
log = { version = "0.4.27", default-features = false, features = ["std"], optional = true }
num-bigint = "0.4.4"
num-integer = "0.1.45"
num-traits = "0.2.17"
rusqlite = { version = "0.38.0", optional = true }
serde = { version = "1.0.180", features = ["derive"] }
serde_json = "1.0.104"
serial_test = "3.1.1"
simplelog = { version = "0.12.2", default-features = false, optional = true }
toml = { version = "1.0.2", default-features = false, features = ["display", "parse", "serde"] }
uuid = { version = "1.4.1", features = ["v4", "v8"] }
vsprintf = { version = "2.0.0", optional = true }
ossl.workspace = true

[features]
aes = []
ecc = []
ecdsa = ["ecc"]
ecdh = ["ecc"]
eddsa = ["ecc", "ossl/ossl320"]
ec_montgomery = ["ecc"]
ffdh = []
hash = []
hkdf = ["hmac"]
hmac = ["hash"]
no_sha1 = []
pbkdf2 = ["hmac"]
profiles = []
rsa = []
sp800_108 = []
sshkdf = []
tlskdf = []
simplekdf = []

# Databases
sqlitedb = ["dep:rusqlite", "aes", "hkdf", "pbkdf2"]
nssdb = ["dep:rusqlite", "aes", "hmac", "pbkdf2"]

default = ["standard", "dynamic"]

ecc_min = ["ecdsa", "ecdh"]
ecc_all = ["ecc_min", "ec_montgomery", "eddsa"]
hash_all = ["hash", "hmac"]
kdf_all = ["hkdf", "pbkdf2", "sp800_108", "sshkdf", "tlskdf", "simplekdf"]

standard = ["sqlitedb", "ecc_all", "ffdh", "hash_all", "kdf_all", "rsa"]

fips = ["ossl/fips", "sqlitedb", "rusqlite/bundled", "aes", "ecc_all", "ffdh",
"hash_all", "kdf_all", "rsa", "pqc", "dep:vsprintf"]

dynamic = ["ossl/dynamic"] # Builds against system libcrypto.so

log = ["dep:log", "dep:simplelog", "ossl/log"] # Enables error/info tracing
slow = [] # Enables slow tests

mlkem = ["ossl/ossl350"]
mldsa = ["hash", "ossl/ossl350"]
slhdsa = ["hash", "ossl/ossl350"]

pqc = ["mlkem", "mldsa", "slhdsa"]

minimal = ["sqlitedb", "aes", "ecc_min", "hash_all", "rsa"]

ossl400 = ["ossl/ossl400"]
vsprintf = ["dep:vsprintf"]