chore(tropic01-driver): prepare the crate for a beta crates.io release#13
Merged
Conversation
Make the driver ready for a first beta publication as version 0.0.1. The focus is documentation examples, with a feature gate, the publish metadata, and the README brought to a publishable state around them. Four runnable doc examples are added, all marked no_run because they cannot reach real hardware. A crate-level example opens a secure channel and runs one command, and there are per-item examples on open_session, on the random_into trait method, and on the bootloader update flow. Each builds a stub SpiDevice and SeWait behind hidden setup lines, so the visible code stays focused on the real API. The examples carry placeholder keys with a comment that real key material comes from a TRNG and from provisioning, and they point at read_verified_chip_stpub for a genuine-chip trust decision rather than the unverified read_chip_stpub. The read_chip_stpub documentation itself is hardened to say plainly that it does not attest authenticity. The X.509 chain verification moves behind an attestation feature that stays on by default. It pulls the ecdsa, p384, and p521 curve crates, which are release candidates today, so a consumer that only needs STPUB extraction can drop them with default-features = false and keep a release-candidate-free build. The feature gates verify_cert_chain, parse_verified_stpub, RootAnchor, read_verified_chip_stpub, the ChainError type and its SeError variant, the curve verify helpers, the chain-only DER navigators, the chain tests, and the fuzz seam. parse_stpub stays always available. A build without the feature no longer compiles the curve crates into the tree. The publish metadata is completed. The workspace version drops to 0.0.1 and declares a 1.88 minimum supported Rust, which the let-chain and is_multiple_of uses require. The invalid documentation field is removed so crates.io points at docs.rs by default, and a docs.rs metadata block renders the attestation API. The README gains a beta banner, a quick-start that mirrors the crate example, a note on the release-candidate curve crates, and an updated roadmap. The keyword list drops to the five crates.io allows. cargo publish --dry-run packages and verifies the crate standalone. 407 host tests pass with the feature on and 385 with it off, the four doc examples compile, clippy is clean on host all targets, all features, no default features, the fuzz seam, and thumbv8m, cargo doc is warning free, hermetic coverage holds at 93 percent, and the six fuzz targets stay crash free. The build is confirmed on Rust 1.88.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Make the driver ready for a first beta publication as version 0.0.1. The focus is documentation examples, with a feature gate, the publish metadata, and the README brought to a publishable state around them.
Four runnable doc examples are added, all marked no_run because they cannot reach real hardware. A crate-level example opens a secure channel and runs one command, and there are per-item examples on open_session, on the random_into trait method, and on the bootloader update flow. Each builds a stub SpiDevice and SeWait behind hidden setup lines, so the visible code stays focused on the real API. The examples carry placeholder keys with a comment that real key material comes from a TRNG and from provisioning, and they point at read_verified_chip_stpub for a genuine-chip trust decision rather than the unverified read_chip_stpub. The read_chip_stpub documentation itself is hardened to say plainly that it does not attest authenticity.
The X.509 chain verification moves behind an attestation feature that stays on by default. It pulls the ecdsa, p384, and p521 curve crates, which are release candidates today, so a consumer that only needs STPUB extraction can drop them with default-features = false and keep a release-candidate-free build. The feature gates verify_cert_chain, parse_verified_stpub, RootAnchor, read_verified_chip_stpub, the ChainError type and its SeError variant, the curve verify helpers, the chain-only DER navigators, the chain tests, and the fuzz seam. parse_stpub stays always available. A build without the feature no longer compiles the curve crates into the tree.
The publish metadata is completed. The workspace version drops to 0.0.1 and declares a 1.88 minimum supported Rust, which the let-chain and is_multiple_of uses require. The invalid documentation field is removed so crates.io points at docs.rs by default, and a docs.rs metadata block renders the attestation API. The README gains a beta banner, a quick-start that mirrors the crate example, a note on the release-candidate curve crates, and an updated roadmap. The keyword list drops to the five crates.io allows.
cargo publish --dry-run packages and verifies the crate standalone. 407 host tests pass with the feature on and 385 with it off, the four doc examples compile, clippy is clean on host all targets, all features, no default features, the fuzz seam, and thumbv8m, cargo doc is warning free, hermetic coverage holds at 93 percent, and the six fuzz targets stay crash free. The build is confirmed on Rust 1.88.