sqep/
lib.rs

1//! SQEP Core Library
2//!
3//! - **Default build:** exposes **SQEP Lite** (MIT licensed).
4//! - **`plus` feature:** adds **SQEP Plus**, Hybrid (KEM+HKDF+AEAD),
5//!   and optional Firewall helpers.
6//!
7//! Example (Lite):
8//! ```no_run
9//! use sqep::prelude::*;
10//! let cipher = ZeroshieldCipher::new();
11//! ```
12//!
13//! Example (Plus + Hybrid):
14//! ```no_run
15//! # #[cfg(feature = "plus")] {
16//! use sqep::prelude::*;
17//! use sqep::{Kem, KemImpl};
18//!
19//! let sqep = SQEPPlus::new();
20//!
21//! let kp = KemImpl::keypair();
22//! let aad = b"route=vpn;tenant=elevitax";
23//! let (blob, _meta) = sqep.encrypt_plus_hybrid(&kp.pk, b"secret payload", aad);
24//!
25//! let recv = SQEPPlus::new();
26//! let pt = recv.decrypt_plus_hybrid(&kp.sk, &blob, aad).unwrap();
27//!
28//! assert_eq!(&pt, b"secret payload");
29//! # }
30//! ```
31
32#![forbid(unsafe_code)]
33#![deny(rust_2018_idioms)]
34#![cfg_attr(docsrs, feature(doc_cfg))]
35
36/// License utilities (always available)
37pub mod license;
38pub use license::{verify_v2, LicCheck, LicenseV2};
39
40/// Post-quantum KEM interface & default stub implementation
41pub mod kem;
42pub use kem::{
43    Kem, KemCiphertext, KemImpl, KemKeypair, KemSharedSecret, KEM_ID_STUB, SS_LEN,
44};
45
46/// SQEP Lite (default when `plus` is NOT enabled)
47#[cfg(not(feature = "plus"))]
48pub mod lite;
49#[cfg(not(feature = "plus"))]
50pub use lite::ZeroshieldCipher;
51
52/// SQEP Plus (hidden unless `--features plus`)
53#[cfg(feature = "plus")]
54#[cfg_attr(docsrs, doc(cfg(feature = "plus")))]
55pub mod plus;
56#[cfg(feature = "plus")]
57pub use plus::SQEPPlus;
58
59/// Optional Firewall helpers (Plus only)
60#[cfg(feature = "plus")]
61#[cfg_attr(docsrs, doc(cfg(feature = "plus")))]
62pub mod firewall;
63#[cfg(feature = "plus")]
64pub use firewall::{
65    export_protected_payload, protect_data, FirewallMeta, ProtectedPayload, Sensitivity,
66};
67
68/// Common imports for quick-start
69pub mod prelude {
70    #[cfg(not(feature = "plus"))]
71    pub use crate::lite::ZeroshieldCipher;
72
73    #[cfg(feature = "plus")]
74    pub use crate::plus::SQEPPlus;
75
76    pub use crate::license::{verify_v2, LicCheck, LicenseV2};
77    pub use crate::kem::{
78        Kem, KemCiphertext, KemImpl, KemKeypair, KemSharedSecret, KEM_ID_STUB, SS_LEN,
79    };
80}
81