secure_gate/lib.rs
1// src/lib.rs
2//! # secure-gate: Zero-cost secure wrappers for secrets
3//!
4//! Provides safe, ergonomic handling of sensitive data in memory with zero runtime overhead.
5//!
6//! - **Fixed<T>**: Stack-allocated for fixed-size secrets (e.g., keys, nonces)
7//! - **Dynamic<T>**: Heap-allocated for dynamic secrets (e.g., passwords, vectors)
8//! - **Zeroizing variants**: Automatic memory wiping on drop (with `zeroize` feature)
9//! - **Macros**: `fixed_alias!`, `dynamic_alias!`, `secure!`, `secure_zeroizing!` for beautiful syntax
10//!
11//! # Features
12//!
13//! - `zeroize`: Enables auto-wiping on drop
14//! - `serde`: Optional serialization support
15//! - Works in `no_std` + `alloc` environments
16//!
17//! # Quick Start
18//!
19//! ```
20//! use secure_gate::{Dynamic, Fixed, fixed_alias, dynamic_alias};
21//!
22//! fixed_alias!(Aes256Key, 32);
23//! dynamic_alias!(Password, String);
24//!
25//! let key: Aes256Key = [42u8; 32].into();
26//! let pw: Password = "hunter2".into();
27//!
28//! assert_eq!(key.expose_secret()[0], 42);
29//! assert_eq!(pw.expose_secret(), "hunter2");
30//! ```
31//!
32//! See individual modules for details.
33
34#![cfg_attr(not(feature = "zeroize"), forbid(unsafe_code))]
35extern crate alloc;
36
37// Core modules
38mod dynamic;
39mod fixed;
40mod macros;
41
42// Feature-gated modules
43#[cfg(feature = "zeroize")]
44mod zeroize;
45
46#[cfg(feature = "serde")]
47mod serde;
48
49// Public API
50pub use dynamic::Dynamic;
51pub use fixed::Fixed;
52
53// Zeroize integration (opt-in)
54#[cfg(feature = "zeroize")]
55pub use zeroize::{DynamicZeroizing, FixedZeroizing};
56
57// Re-export Zeroizing cleanly — no privacy conflict
58#[cfg(feature = "zeroize")]
59pub type Zeroizing<T> = ::zeroize::Zeroizing<T>;
60
61// Re-export the trait and marker directly from the zeroize crate
62#[cfg(feature = "zeroize")]
63pub use ::zeroize::{Zeroize, ZeroizeOnDrop};