Replace AcceptAnyServerCertVerifier (a security hole for X.509) with verifier selection by PeerEntry presence (ADR-034 §3, OQ-29): - build_client_auth presents the Ed25519 key as an RFC 7250 raw public key client cert (replaces with_no_client_auth), activating the PeerEntry fingerprint -> peer_id resolution path on quinn. - select_server_verifier: Some(fingerprint) -> FingerprintPinVerifier (fingerprint match for known peers); None -> WebPkiServerVerifier (CA verification for public X.509 endpoints). None + Ed25519 raw key fails closed at handshake (no CA to fall back to). - FingerprintPinVerifier matches ed25519:<hex> (raw key extraction) and SHA256:<hex> (DER hash); verifies handshake signatures via verify_tls13_signature_with_raw_key / verify_tls12/13_signature. - Extract shared fingerprint logic into alknet_core::fingerprint (pub module) reused by endpoint (server-side) and call_client (client-side). - remote_identity: None is load-bearing (not defaulted to placeholder). - Integration tests updated to pin the self-signed server cert fingerprint (the known-peer path).
18 lines
660 B
Rust
18 lines
660 B
Rust
//! alknet-core: Core library for ALPN-based protocol dispatch.
|
|
//!
|
|
//! Every handler crate depends on this crate. It provides the
|
|
//! [`ProtocolHandler`][crate::types::ProtocolHandler] trait, the
|
|
//! [`Connection`][crate::types::Connection] wrapper, auth primitives,
|
|
//! hot-reloadable configuration, and the [`AlknetEndpoint`][crate::endpoint::AlknetEndpoint]
|
|
//! that dispatches incoming QUIC connections by ALPN string.
|
|
|
|
pub mod auth;
|
|
pub mod config;
|
|
pub mod endpoint;
|
|
pub mod fingerprint;
|
|
pub mod store;
|
|
pub mod types;
|
|
|
|
pub use auth::{IdentityProvider, IdentityStore};
|
|
pub use store::{CredentialStore, EncryptedData, InMemoryCredentialStore, StoreError};
|