Module security

Expand description

Security utilities for enclave / confidential computing environments.

Provides constant-time hex encoding, memory guarding, pluggable RNG, and secure comparison primitives for use in TEE (SGX, Nitro, TDX, SEV) environments.

Structs§

GuardedMemory: A guarded memory region that zeroizes on drop.

Traits§

EnclaveContext: Enclave attestation context for remote verification.

Functions§

ct_hex_decode: Constant-time hex decoding for secret material.
ct_hex_encode: Constant-time hex encoding for secret material.
rotate_key: Atomically rotate a key: generates a new key and zeroizes the old one.
rotate_key_with_seed: Rotate a key using a specific seed (deterministic rotation).
secure_random: Fill a buffer with cryptographically secure random bytes.
secure_zero: Securely zeroize a mutable byte slice using volatile writes.

Module security

Module security Copy item path

Structs§

Traits§

Functions§

Module security