Skip to main content

arcanum_agile/
lib.rs

1//! # Arcanum Cryptographic Agility
2//!
3//! Framework for managing algorithm selection, versioning, and migration.
4//!
5//! ## Algorithm Registry
6//!
7//! Central registry of all supported algorithms with metadata:
8//!
9//! - Security level classification
10//! - Deprecation status and timeline
11//! - Performance characteristics
12//! - Compliance mappings (FIPS, SOC2, etc.)
13//!
14//! ## Versioned Containers
15//!
16//! Self-describing encrypted containers:
17//!
18//! - Algorithm identification in header
19//! - Forward-compatible parsing
20//! - Automatic migration recommendations
21//!
22//! ## Policy Engine
23//!
24//! Declarative algorithm restrictions:
25//!
26//! - Minimum security levels
27//! - Required post-quantum support
28//! - Compliance profiles (FIPS 140-3, etc.)
29//!
30//! ## Example
31//!
32//! ```ignore
33//! use arcanum_agile::prelude::*;
34//!
35//! // Look up algorithm metadata
36//! let algo = AlgorithmRegistry::get(AlgorithmId::Aes256Gcm)?;
37//! assert_eq!(algo.security_level(), SecurityLevel::Bits256);
38//! assert!(!algo.is_deprecated());
39//!
40//! // Create versioned container
41//! let container = AgileCiphertext::encrypt(
42//!     AlgorithmId::Aes256Gcm,
43//!     &key,
44//!     &plaintext,
45//! )?;
46//!
47//! // Check migration status
48//! if let Some(recommendation) = container.migration_recommendation() {
49//!     println!("Recommend migrating to {:?}", recommendation.target);
50//! }
51//!
52//! // Enforce policy
53//! let policy = Policy::fips_140_3();
54//! assert!(policy.allows(AlgorithmId::Aes256Gcm));
55//! assert!(!policy.allows(AlgorithmId::ChaCha20Poly1305)); // Not FIPS
56//! ```
57//!
58//! ## Migration Support
59//!
60//! - Automatic re-encryption with newer algorithms
61//! - Batch migration pipelines
62//! - Progress tracking and rollback
63
64#![deny(unsafe_code)]
65#![warn(missing_docs, rust_2018_idioms)]
66#![allow(clippy::op_ref)]
67
68#[cfg(feature = "registry")]
69pub mod registry;
70
71#[cfg(feature = "containers")]
72pub mod containers;
73
74#[cfg(feature = "policy")]
75pub mod policy;
76
77#[cfg(feature = "migration")]
78pub mod migration;
79
80mod errors;
81
82pub use errors::AgileError;
83
84#[cfg(feature = "registry")]
85pub use registry::{AlgorithmId, AlgorithmInfo, AlgorithmRegistry, SecurityLevel};
86
87#[cfg(feature = "containers")]
88pub use containers::{AgileCiphertext, ContainerHeader};
89
90#[cfg(feature = "policy")]
91pub use policy::{ComplianceProfile, Policy, PolicyBuilder};
92
93/// Prelude for convenient imports.
94pub mod prelude {
95    pub use crate::errors::AgileError;
96
97    #[cfg(feature = "registry")]
98    pub use crate::registry::{AlgorithmId, AlgorithmInfo, AlgorithmRegistry, SecurityLevel};
99
100    #[cfg(feature = "containers")]
101    pub use crate::containers::{AgileCiphertext, ContainerHeader};
102
103    #[cfg(feature = "policy")]
104    pub use crate::policy::{ComplianceProfile, Policy};
105}