Expand description
TLS support for encrypted and authenticated connections.
This module provides certificate generation and TLS configuration for:
- Master↔rcpd connections (rcpd is server, master verifies fingerprint)
- Source↔Destination connections (mutual TLS with client certificates)
Structs§
- Certified
Key - A certified key pair (certificate + private key) with its fingerprint.
Functions§
- compute_
fingerprint - Computes SHA-256 fingerprint of a DER-encoded certificate.
- create_
client_ config - Creates a TLS client config that verifies the server’s certificate fingerprint.
- create_
client_ config_ with_ cert - Creates a TLS client config with a client certificate.
- create_
server_ config - Creates a TLS server config for rcpd (no client authentication required).
- create_
server_ config_ with_ client_ auth - Creates a TLS server config with client certificate verification.
- fingerprint_
from_ hex - Parses a fingerprint from hex string.
- fingerprint_
to_ hex - Converts a fingerprint to lowercase hex string (64 characters).
- generate_
self_ signed_ cert - Generates an ephemeral self-signed certificate using Ed25519.
Type Aliases§
- Fingerprint
- A certificate fingerprint (SHA-256 of DER-encoded certificate).