secure_gate/
lib.rs

1// Allow unsafe_code when encoding or zeroize is enabled (encoding needs it for hex validation)
2#![cfg_attr(
3    not(any(
4        feature = "zeroize",
5        any(feature = "encoding-hex", feature = "encoding-base64")
6    )),
7    forbid(unsafe_code)
8)]
9#![doc = include_str!("../README.md")]
10
11extern crate alloc;
12
13/// Dynamic secret wrapper types - always available with zero dependencies.
14/// These provide fundamental secure storage abstractions for dynamic data.
15mod dynamic;
16
17/// Fixed-size secret wrapper types - always available with zero dependencies.
18/// These provide fundamental secure storage abstractions for fixed-size data.
19mod fixed;
20
21/// Centralized error types - always available.
22mod error;
23
24/// Re-export of the [`Dynamic`] type.
25pub use dynamic::Dynamic;
26/// Re-export of the [`Fixed`] type.
27pub use fixed::Fixed;
28
29/// Re-export of the [`CloneSafe`] trait.
30#[cfg(feature = "zeroize")]
31pub use cloneable::CloneSafe;
32
33/// Cloneable secret types (requires the `zeroize` feature).
34/// Provides wrappers that can be safely duplicated while maintaining security guarantees.
35#[cfg(feature = "zeroize")]
36pub mod cloneable;
37/// Re-exports of cloneable secret types: [`CloneableArray`], [`CloneableString`], [`CloneableVec`].
38#[cfg(feature = "zeroize")]
39pub use cloneable::{CloneableArray, CloneableString, CloneableVec};
40
41/// Type alias macros (always available).
42/// Convenient macros for creating custom secret wrapper types.
43mod macros;
44
45/// Available macros (exported globally for convenience):
46/// - `dynamic_alias!`: Create type aliases for heap-allocated secrets (`Dynamic<T>`).
47/// - `dynamic_generic_alias!`: Create generic heap-allocated secret aliases.
48/// - `fixed_alias!`: Create type aliases for fixed-size secrets (`Fixed<[u8; N]>`).
49/// - `fixed_generic_alias!`: Create generic fixed-size secret aliases.
50/// - `fixed_alias_random!`: Create type aliases for random-only fixed-size secrets (`FixedRandom<N>`, requires `rand` feature).
51/// Cryptographically secure random generation (requires the `rand` feature).
52/// Provides RNG-backed secret generation with freshness guarantees.
53#[cfg(feature = "rand")]
54pub mod random;
55
56/// Constant-time equality comparison (requires the `ct-eq` feature).
57/// Prevents timing attacks when comparing sensitive data.
58/// Provides the ConstantTimeEq trait for secure comparisons.
59#[cfg(feature = "ct-eq")]
60pub mod ct_eq;
61
62/// Encoding utilities for secrets (various encoding features available).
63/// Secure encoding/decoding with validation and zeroization.
64pub mod encoding;
65
66/// Re-exports for convenient access to feature-gated types.
67#[cfg(feature = "rand")]
68pub use random::{DynamicRandom, FixedRandom};
69
70/// Re-export of [`HexString`] for convenience when using hex encoding.
71#[cfg(feature = "encoding-hex")]
72pub use encoding::hex::HexString;
73
74/// Re-export of [`Base64String`] for convenience when using base64 encoding.
75#[cfg(feature = "encoding-base64")]
76pub use encoding::base64::Base64String;
77
78/// Re-export of [`Bech32String`] for convenience when using bech32 encoding.
79#[cfg(feature = "encoding-bech32")]
80pub use encoding::bech32::Bech32String;
81
82/// Re-export of [`Bech32EncodingError`] for convenience when using bech32 encoding.
83#[cfg(feature = "encoding-bech32")]
84pub use error::Bech32EncodingError;
85
86/// Re-export of [`SecureEncodingExt`] trait for convenient encoding extensions.
87#[cfg(any(
88    feature = "encoding-hex",
89    feature = "encoding-base64",
90    feature = "encoding-bech32"
91))]
92pub use crate::encoding::extensions::SecureEncodingExt;
93
94/// Re-export of the [`FromSliceError`] type.
95pub use error::FromSliceError;