[package] name = "sshcerts" version = "0.13.2" authors = ["Mitchell Grenier "] edition = "2021" license-file = "LICENSE" description = "A library for parsing, verifying, and creating SSH Certificates" repository = "https://github.com/obelisk/sshcerts" homepage = "https://github.com/obelisk/sshcerts" keywords = ["ssh", "yubikey", "certs", "certificates"] categories = ["authentication"] [features] default = ["all"] all = [ "encrypted-keys", "rsa-signing", "x509-support", "yubikey-support", "fido-support-mozilla", ] all-but-fido = [ "encrypted-keys", "rsa-signing", "x509-support", "yubikey-support", ] experimental = [ "encrypted-keys", "rsa-signing", "x509-support", "yubikey-support", "fido-support-mozilla", ] encrypted-keys = ["aes", "bcrypt-pbkdf", "ctr"] wasm_experimental = ["ring/wasm32_unknown_unknown_js"] # Full FIDO support pulls in ctap-hid-fido2 with USB dependencies. Use fido-lite # if you need to work with fido data, without needing to generate it. fido-support = ["ctap-hid-fido2", "fido-lite"] fido-support-mozilla = ["authenticator", "fido-lite"] fido-lite = ["minicbor", "x509-parser"] rsa-signing = ["simple_asn1", "num-bigint"] x509-support = ["der-parser", "x509", "x509-parser"] yubikey-support = ["rcgen", "yubikey", "yubikey-lite"] yubikey-lite = ["x509-support"] [dependencies] base64 = "0.13" chrono = "0.4" ring = "0.17" zeroize = { version = "1", features = ["zeroize_derive"] } # Dependencies for rsa-signing simple_asn1 = { version = "0.5", optional = true } num-bigint = { version = "0.4", optional = true } # Dependencies for yubikey-support yubikey = { version = "0.7", features = ["untested"], optional = true } lexical-core = { version = ">0.7.4", optional = true } rcgen = { version = "0.11", optional = true } x509 = { version = "0.2", optional = true } x509-parser = { version = "0.15", features = ["verify"], optional = true } der-parser = { version = "5", optional = true } # Dependencies for encrypted-keys aes = { version = "0.7", features = ["ctr"], optional = true } bcrypt-pbkdf = { version = "0.6", optional = true } ctr = { version = "0.8", optional = true } # Dependencies for fido-support-* minicbor = { version = "0.13", optional = true } # Dependencies for fido-support-mozilla authenticator = { version = "0.4.0-alpha.24", default-features = false, features = [ "crypto_openssl", ], optional = true } # authenticator = { path = "../authenticator-rs", default-features = false, features = [ # "crypto_openssl", # ], optional = true } # Dependencies for fido-support ctap-hid-fido2 = { version = "3", optional = true } #ctap-hid-fido2 = {git = "https://github.com/gebogebogebo/ctap-hid-fido2", branch="master", optional = true} #ctap-hid-fido2 = {git = "https://github.com/obelisk/ctap-hid-fido2", branch="device_by_path", optional = true} #ctap-hid-fido2 = {path = "../ctap-hid-fido2", optional = true} [dev-dependencies] env_logger = "0.8.2" hex = "0.4.2" clap = "3.0.5" criterion = "0.3" [[bench]] name = "certs_per_second" harness = false required-features = ["yubikey-support"] [[example]] name = "yk-fingerprint" required-features = ["yubikey-support"] [[example]] name = "yk-provision" required-features = ["yubikey-support"] [[example]] name = "sign-cert-with-yubikey" required-features = ["yubikey-support"] [[example]] name = "ssh-pkey-info" required-features = ["encrypted-keys"] [[example]] name = "into-ssh-pubkey" required-features = ["x509-support"] [[example]] name = "new-fido-sshkey" required-features = ["fido-support-mozilla"] [[test]] name = "privkey-encrypted" path = "tests/privkey_encrypted.rs" required-features = ["encrypted-keys"] [[test]] name = "cert-creation-parse-rsa" path = "tests/cert-creation-parse-rsa.rs" required-features = ["encrypted-keys", "rsa-signing"] [[test]] name = "fido-lite" path = "tests/fido-lite.rs" required-features = ["fido-support-mozilla"] [[test]] name = "yubikey-lite" path = "tests/yubikey-lite.rs" required-features = ["yubikey-lite"] [[test]] name = "signature-creation-rsa" path = "tests/signature-creation-rsa.rs" required-features = ["rsa-signing"]