Re-exports§
pub use audit::AuditEvent;pub use audit::AuditWriter;pub use audit::JoinOutcome;pub use audit::NoopAuditWriter;pub use audit::VecAuditWriter;pub use bundle::AuthenticatedJoinBundle;pub use bundle::BundleError;pub use bundle::derive_mac_key;pub use bundle::open_bundle;pub use bundle::seal_bundle;pub use join_token::TOKEN_BYTE_LEN;pub use join_token::TOKEN_HEADER_LEN;pub use join_token::TOKEN_HEX_LEN;pub use join_token::TOKEN_MAC_LEN;pub use join_token::TokenError;pub use join_token::issue_token;pub use join_token::issue_token_bytes;pub use join_token::token_hash;pub use join_token::token_to_hex;pub use join_token::verify_token;pub use raft_backed_store::RaftBackedTokenStore;pub use raft_backed_store::apply_token_transition_to_mirror;pub use token_state::InMemoryTokenStore;pub use token_state::JoinTokenLifecycle;pub use token_state::JoinTokenState;pub use token_state::TokenStateBackend;pub use token_state::TokenStateError;pub use token_state::spawn_inflight_timeout;
Modules§
- audit
- Audit log entries for bootstrap join-token lifecycle events.
- bundle
- Authenticated join bundle: wraps the raw cred bytes sent to a joiner with an HMAC-SHA256 MAC so a MitM cannot substitute their own CA even if they intercept the token.
- join_
token - HMAC-SHA256 join-token issuance and constant-time verification.
- raft_
backed_ store - Raft-backed
TokenStateBackendfor crash-safe single-use enforcement. - token_
state - In-process token state machine for single-use join-token enforcement.