271acbb315
- Bump boring/boring-sys from v4 to v5 (zero API breaks) - Merge fips/fips-only into a single fips feature that both enables FIPS-validated BoringSSL and restricts algorithms to SP 800-52r2 - Tighten FIPS KX groups to P-256 and P-384 only (aligned with boring's fips202205 compliance policy) - Remove ECDSA_P521_SHA512 from FIPS signature verification set - Simplify fips feature to forward boring/fips only (drop redundant boring-sys/fips) - Add fips-precompiled as deprecated alias matching boring's naming - Change default features to empty (TLS 1.2 now requires explicit tls12 feature opt-in) - Gate TLS 1.2 code paths properly so the crate compiles and passes tests with default (TLS 1.3 only) features - Update README to reflect current state: boring v5, feature docs, FIPS mode documentation, workspace structure
27 lines
805 B
TOML
27 lines
805 B
TOML
[workspace]
|
|
members = [
|
|
# things that should probably be in boring crate
|
|
"boring-additions",
|
|
# the main library and tests
|
|
"boring-rustls-provider",
|
|
# things that should probably be in boring-sys crate
|
|
"boring-sys-additions",
|
|
# tests and example code
|
|
"examples",
|
|
]
|
|
default-members = [
|
|
"examples",
|
|
"boring-rustls-provider",
|
|
]
|
|
|
|
resolver = "2"
|
|
|
|
[workspace.dependencies]
|
|
boring = { version = "5", default-features = false }
|
|
boring-sys = { version = "5", default-features = false }
|
|
rustls = { version = "0.23", default-features = false }
|
|
rustls-pemfile = { version = "2" }
|
|
rustls-pki-types = { version = "1" }
|
|
tokio-rustls = { version = "0.26", default-features = false }
|
|
webpki = { package = "rustls-webpki", version = "0.103", default-features = false }
|
|
webpki-roots = { version = "1.0" }
|