secure_network/
lib.rs

1#![forbid(unsafe_code)]
2#![deny(missing_docs)]
3//! `secure_network` — TLS configuration validation, certificate pinning, and cleartext detection
4//! for OWASP MASVS-NETWORK-1 and MASVS-NETWORK-2.
5//!
6//! All types are pure Rust policy objects and validators — they do not perform TLS handshakes.
7//! The consuming application provides raw certificate chains and TLS parameters; this crate
8//! provides the validation logic.
9
10pub mod cert_pin;
11pub mod cleartext;
12pub mod error;
13pub mod mtls;
14pub mod tls_policy;
15
16pub use cert_pin::{CertPinResult, CertPinValidator, PinSet};
17pub use cleartext::{CleartextDetector, CleartextResult};
18pub use error::NetworkSecurityError;
19pub use mtls::{
20    MtlsClientIdentity, MtlsClientIdentityStatus, MtlsRevocationLookup, NoMtlsRevocations,
21};
22pub use tls_policy::{CipherSuite, TlsPolicy, TlsValidationResult, TlsVersion};
secure_network/lib.rs

secure_network/
lib.rs
