crypto_core/
lib.rs

1//! Crypto Core - Cryptographic Primitives for R-SRP Ultra
2//!
3//! Provides SHA-256/SHA-512, BLAKE3, Ed25519, and RSA-PSS implementations
4//! with HSM integration support.
5
6pub mod entropy;
7pub mod error;
8pub mod hash;
9pub mod hsm;
10pub mod merkle;
11pub mod signature;
12
13use serde::{Deserialize, Serialize};
14
15/// Hash algorithm selection
16#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default)]
17#[serde(rename_all = "UPPERCASE")]
18pub enum HashAlgorithm {
19    /// SHA-256 (default)
20    #[default]
21    Sha256,
22    /// SHA-512
23    Sha512,
24    /// BLAKE3 (high performance)
25    Blake3,
26}
27
28/// Signature algorithm selection
29#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, Default)]
30#[serde(rename_all = "UPPERCASE")]
31pub enum SignatureAlgorithm {
32    /// RSA-PSS 2048 (legacy; disabled in software signer path)
33    RsaPss2048,
34    /// RSA-PSS 4096 (legacy; disabled in software signer path)
35    RsaPss4096,
36    /// Ed25519
37    #[default]
38    Ed25519,
39    /// ECDSA P-256
40    EcdsaP256,
41    /// ECDSA P-384
42    EcdsaP384,
43}
44
45/// Key metadata
46#[derive(Debug, Clone, Serialize, Deserialize)]
47pub struct KeyMetadata {
48    /// Key ID
49    pub key_id: String,
50    /// Algorithm
51    pub algorithm: SignatureAlgorithm,
52    /// Created at
53    pub created_at: i64,
54    /// Key type
55    pub key_type: KeyType,
56    /// HSM slot (if applicable)
57    pub hsm_slot: Option<String>,
58}
59
60/// Key type
61#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
62#[serde(rename_all = "snake_case")]
63pub enum KeyType {
64    /// Signing key
65    Signing,
66    /// Verification key
67    Verification,
68    /// Encryption key
69    Encryption,
70    /// HSM-backed key
71    HsmBacked,
72}
73
74/// Cryptographic service error
75#[derive(Debug, thiserror::Error)]
76pub enum CryptoError {
77    #[error("Hash error: {0}")]
78    HashError(String),
79
80    #[error("Signature error: {0}")]
81    SignatureError(String),
82
83    #[error("Key error: {0}")]
84    KeyError(String),
85
86    #[error("HSM error: {0}")]
87    HsmError(String),
88
89    #[error("Verification failed")]
90    VerificationFailed,
91
92    #[error("Invalid key")]
93    InvalidKey,
94}
95
96impl serde::Serialize for CryptoError {
97    fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
98    where
99        S: serde::Serializer,
100    {
101        serializer.serialize_str(&self.to_string())
102    }
103}
104
105pub type Result<T> = std::result::Result<T, CryptoError>;
106
107#[cfg(test)]
108mod tests {
109    use super::*;
110
111    #[test]
112    fn test_default_hash_algorithm() {
113        let algo: HashAlgorithm = serde_json::from_str("\"SHA256\"").unwrap();
114        assert_eq!(algo, HashAlgorithm::Sha256);
115    }
116
117    #[test]
118    fn test_default_signature_algorithm() {
119        let algo: SignatureAlgorithm = serde_json::from_str("\"ED25519\"").unwrap();
120        assert_eq!(algo, SignatureAlgorithm::Ed25519);
121    }
122}
crypto_core/lib.rs

crypto_core/
lib.rs
