18af877ef0
All checks were successful
CI / lint (push) Successful in 1m35s
CI / test-python (push) Successful in 1m46s
CI / test-zig (push) Successful in 1m37s
CI / test-wasm (push) Successful in 1m52s
CI / test (push) Successful in 14m22s
CI / miri (push) Successful in 13m57s
CI / build (push) Successful in 1m6s
CI / fuzz-regression (push) Successful in 9m4s
CI / publish-python (push) Successful in 1m46s
CI / publish (push) Successful in 1m52s
CI / publish-wasm (push) Successful in 1m55s
Signed-off-by: Kamal Tufekcic <kamal@lo.sh>
72 lines
2.6 KiB
TOML
72 lines
2.6 KiB
TOML
[workspace]
|
|
resolver = "3"
|
|
members = [
|
|
"soliton",
|
|
"soliton_capi",
|
|
"soliton_py",
|
|
"soliton_wasm",
|
|
"soliton_cli",
|
|
]
|
|
|
|
default-members = [
|
|
"soliton",
|
|
"soliton_capi",
|
|
]
|
|
|
|
[workspace.package]
|
|
version = "0.1.1"
|
|
edition = "2024"
|
|
rust-version = "1.85"
|
|
license = "AGPL-3.0-only"
|
|
repository = "https://git.lo.sh/lo/libsoliton"
|
|
homepage = "https://lo.sh"
|
|
authors = ["LO Contributors"]
|
|
description = "Cryptographic library for the LO protocol"
|
|
categories = ["cryptography"]
|
|
keywords = ["post-quantum", "hybrid-encryption", "x-wing", "ed25519", "double-ratchet"]
|
|
|
|
[workspace.dependencies]
|
|
libsoliton = { path = "soliton", version = "0.1.1" }
|
|
zeroize = { version = "=1.8.2", features = ["derive"] }
|
|
thiserror = "=2.0.18"
|
|
subtle = "=2.6.1"
|
|
# ChaCha20-Poly1305 key is a flat 256-bit value (no expanded key schedule like
|
|
# AES). The cipher is constructed per-operation from a 32-byte key reference
|
|
# and does not store persistent key material — zeroization of the key is
|
|
# handled by the caller (Zeroizing<[u8; 32]> wrappers in ratchet/storage).
|
|
#
|
|
# chacha20poly1305 enables chacha20/zeroize but not poly1305/zeroize.
|
|
# The poly1305 entry below activates zeroization of the Poly1305 universal
|
|
# hash state (the r,s key and accumulator) after each AEAD operation.
|
|
chacha20poly1305 = { version = "=0.10.1", default-features = false, features = ["alloc"] }
|
|
poly1305 = { version = "=0.8.0", features = ["zeroize"] }
|
|
|
|
# All panics must abort — libsoliton_capi exposes extern "C" functions,
|
|
# and unwinding across FFI boundaries is UB. panic=abort converts all
|
|
# panics (including keygen/sign assert_eq! guards) into well-defined
|
|
# process aborts.
|
|
#
|
|
# NOTE: Cargo overrides panic=abort to panic=unwind for the test profile
|
|
# (required by the standard test harness for #[should_panic]). CAPI code
|
|
# under test can therefore unwind across FFI boundaries — this is
|
|
# technically UB but only affects test builds, not production.
|
|
[profile.release]
|
|
panic = "abort"
|
|
lto = true
|
|
codegen-units = 1
|
|
overflow-checks = true
|
|
|
|
[profile.dev]
|
|
panic = "abort"
|
|
overflow-checks = true
|
|
|
|
# Bench profile inherits release optimizations. debug-assertions = true is
|
|
# required because dev-dependencies activate the `test-utils` feature
|
|
# (needed for integration tests), and `test-utils` has a compile_error guard
|
|
# that fires under `all(feature = "test-utils", not(debug_assertions))`. The
|
|
# bench target does not use any test-utils APIs — the flag only disarms the
|
|
# compile_error. The crypto benchmarks are dominated by KEM / AEAD operations
|
|
# for which the overhead of debug assertions is negligible.
|
|
[profile.bench]
|
|
inherits = "release"
|
|
debug-assertions = true
|