erix/lib-aes
1
0
Fork 0
generated from erix/meta
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lib-aes provides internal no_std AES-256 primitives for filesystem crypto work
9 commits 2 branches 0 tags 93 KiB
  • Rust 100%
Find a file
Exact
Erik Inkinen f701b9b6b8
All checks were successful
CI / markdown (push) Successful in 3s
Details
CI / test (push) Successful in 13s
Details
Rewrite CI with standard crate workflow
2026-05-22 15:51:17 +03:00
.github Rewrite CI with standard crate workflow 2026-05-22 15:51:17 +03:00
src Avoid unstable usize multiple checks 2026-05-11 13:52:09 +03:00
.editorconfig Initial commit 2026-04-30 11:54:06 +02:00
.gitignore Initial commit 2026-04-30 11:54:06 +02:00
.markdownlint-cli2.yaml Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
ARCHITECTURE.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
Cargo.toml Add no_std AES primitives 2026-04-30 18:09:59 +03:00
CODE_OF_CONDUCT.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
CONTRIBUTING.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
LICENSE Initial commit 2026-04-30 11:54:06 +02:00
README.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
ROADMAP.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00
rustfmt.toml Initial commit 2026-04-30 11:54:06 +02:00
SECURITY.md Tighten CI markdown policy 2026-05-22 15:10:08 +03:00

README.md

lib-aes

lib-aes provides internal no_std AES-256 primitives for filesystem crypto work. It currently includes AES-256 block encryption/decryption, full-block AES-XTS sectors, full-block AES-CBC helpers, and CBC ciphertext stealing for fscrypt filename tails.

EriX is a clean-room, capability-based microkernel operating system written entirely in Rust.

Technical requirements are tracked in the EriX requirements, conventions, and project documentation.

See:

  • docs for design documents, specifications, and development plans.
  • Related architecture repositories for kernel, services, libraries, drivers, and integration tooling.

Purpose of This Repository

This repository implements the EriX AES library. Its purpose in EriX is to provide reusable AES primitives and contracts to EriX components.

Functionally, it exposes the AES APIs, validation tests, and documentation used by dependent repositories. The repository keeps the implementation, interface contracts, tests, and documentation for that behavior in one reviewable ownership boundary.

The maintained responsibilities are:

  • expose the lib-aes crate API for AES behavior used by dependent components
  • keep data formats, constants, and validation helpers documented and tested
  • preserve clean-room, no-external-crate implementation boundaries
  • maintain compatibility expectations for downstream repositories

Clean-Room Policy

EriX follows a strict clean-room philosophy:

  • No external source code may be copied.
  • No external Rust crates are allowed.
  • No code generation tools that embed third-party code.
  • All code must be authored within the project.

Violations will result in rejection of the contribution.

License

All EriX repositories are licensed under the ISC License.

Development Model

EriX development is modular, deterministic, reproducible, authority-explicit, security-first, and self-hosting oriented.

This repository follows the project roadmap and the validation rules documented in its own roadmap.

Validation

cargo fmt --all -- --check
RUSTFLAGS="-D warnings" cargo clippy --all-targets --all-features -- -D warnings
RUSTFLAGS="-D warnings" cargo test --all-targets --all-features

Governance Principles

lib-aes governance is scoped to reusable AES contracts shared by dependent repositories.

The scoped governance rules are:

  • It must expose narrow, documented APIs rather than component-specific policy.
  • It keeps wire formats, constants, parsers, and validation helpers deterministic and testable.
  • It preserves clean-room implementation boundaries and does not introduce external crate dependencies.
  • Breaking API or format changes require coordinated updates in every dependent repository.

Library Boundaries

  • lib-aes carries no runtime authority by itself; authority is held by callers that use the library.
  • The crate must not hide ambient I/O, allocation policy, or service discovery behind helper APIs.

Contact

Development occurs in EriX organization and discussions happen in issues and design documents.

No decisions are considered valid without documented rationale.

Maintainers can be reached via email: admin@erikinkinen.fi.