erix/lib-fs-crypto
1
0
Fork 0
generated from erix/meta
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lib-fs-crypto contains internal no_std helpers for filesystem encryption and verity plumbing
13 commits 2 branches 0 tags 154 KiB
  • Rust 100%
Find a file
Exact
Erik Inkinen 2d2b461707
All checks were successful
CI / markdown (push) Successful in 3s
Details
CI / test (push) Successful in 11s
Details
Rewrite CI with standard crate workflow
2026-05-22 15:51:17 +03:00
.github Rewrite CI with standard crate workflow 2026-05-22 15:51:17 +03:00
src Parse fsverity signature records 2026-05-18 22:07:13 +03:00
.editorconfig Initial commit 2026-04-30 11:54:19 +02:00
.gitignore Initial commit 2026-04-30 11:54:19 +02:00
.markdownlint-cli2.yaml Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
ARCHITECTURE.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
Cargo.toml Add filesystem crypto helpers 2026-04-30 18:09:59 +03:00
CODE_OF_CONDUCT.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
CONTRIBUTING.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
LICENSE Initial commit 2026-04-30 11:54:19 +02:00
README.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
ROADMAP.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00
rustfmt.toml Initial commit 2026-04-30 11:54:19 +02:00
SECURITY.md Tighten CI markdown policy 2026-05-22 15:10:21 +03:00

README.md

lib-fs-crypto

lib-fs-crypto contains internal no_std helpers for filesystem encryption and verity plumbing. The current slice provides Linux fscrypt v1/v2 on-disk context parsing, deterministic fscrypt-v2-style key derivation and key identifier checks, content encryption/decryption over full AES-XTS blocks, padded AES-CTS filename encryption helpers, Linux fsverity descriptor, signature-record, and Merkle helpers, salt-aware SHA-256 fsverity block hashing, and constant-time fsverity trusted-root membership checks. It also exposes Linux fscrypt mode and policy constants used by e2fsd to reject unsupported v1 access, AES-128, Adiantum, AES-256-HCTR2, direct-key, IV_INO_LBLK, and non-default data-unit policies before any runtime key lookup.

EriX is a clean-room, capability-based microkernel operating system written entirely in Rust.

Technical requirements are tracked in the EriX requirements, conventions, and project documentation.

See:

  • docs for design documents, specifications, and development plans.
  • Related architecture repositories for kernel, services, libraries, drivers, and integration tooling.

Purpose of This Repository

This repository implements the EriX filesystem crypto library. Its purpose in EriX is to provide reusable filesystem crypto primitives and contracts to EriX components.

Functionally, it exposes the filesystem crypto APIs, validation tests, and documentation used by dependent repositories. The repository keeps the implementation, interface contracts, tests, and documentation for that behavior in one reviewable ownership boundary.

The maintained responsibilities are:

  • expose the lib-fs-crypto crate API for filesystem crypto behavior used by dependent components
  • keep data formats, constants, and validation helpers documented and tested
  • preserve clean-room, no-external-crate implementation boundaries
  • maintain compatibility expectations for downstream repositories
  • expose no runtime key storage or lookup authority; callers such as e2fsd must obtain key material through their own explicit authority

Clean-Room Policy

EriX follows a strict clean-room philosophy:

  • No external source code may be copied.
  • No external Rust crates are allowed.
  • No code generation tools that embed third-party code.
  • All code must be authored within the project.

Violations will result in rejection of the contribution.

License

All EriX repositories are licensed under the ISC License.

Development Model

EriX development is modular, deterministic, reproducible, authority-explicit, security-first, and self-hosting oriented.

This repository follows the project roadmap and the validation rules documented in its own roadmap.

Validation

cargo fmt --all -- --check
RUSTFLAGS="-D warnings" cargo clippy --all-targets --all-features -- -D warnings
RUSTFLAGS="-D warnings" cargo test --all-targets --all-features

Governance Principles

lib-fs-crypto governance is scoped to reusable filesystem crypto contracts shared by dependent repositories.

The scoped governance rules are:

  • It must expose narrow, documented APIs rather than component-specific policy.
  • It keeps wire formats, constants, parsers, and validation helpers deterministic and testable.
  • It preserves clean-room implementation boundaries and does not introduce external crate dependencies.
  • Breaking API or format changes require coordinated updates in every dependent repository.

Library Boundaries

  • lib-fs-crypto carries no runtime authority by itself; authority is held by callers that use the library.
  • The crate must not hide ambient I/O, allocation policy, or service discovery behind helper APIs.

Contact

Development occurs in EriX organization and discussions happen in issues and design documents.

No decisions are considered valid without documented rationale.

Maintainers can be reached via email: admin@erikinkinen.fi.