trustless_protocol/lib.rs
1//! Protocol types, codec, handler trait, and client for the Trustless key provider protocol.
2//!
3//! This crate implements the communication protocol between the Trustless proxy and
4//! key provider processes. Key providers hold TLS private keys and perform signing
5//! operations on behalf of the proxy, communicating over stdin/stdout with
6//! length-delimited JSON messages.
7//!
8//! # For key provider implementors
9//!
10//! Implement the [`handler::Handler`] trait and call [`handler::run`] to start
11//! the event loop. See `trustless-provider-filesystem` for a complete example.
12//!
13//! # For proxy internals
14//!
15//! Use [`client::ProviderClient`] to communicate with a spawned provider process.
16
17/// Base64-serializable byte types for use with [`secrecy::SecretBox`].
18pub mod base64;
19/// Async client for communicating with a key provider process.
20pub mod client;
21/// Length-delimited codec for framing and serializing messages.
22pub mod codec;
23/// Error types for protocol operations.
24pub mod error;
25/// Handler trait and event loop for implementing key providers.
26pub mod handler;
27/// Protocol message types (requests, responses, parameters, results).
28pub mod message;
29/// Signature scheme name parsing and algorithm mapping.
30pub mod scheme;
31
32/// Shared helpers for key provider implementations (cert loading, SAN extraction, signing).
33///
34/// Gated behind the `provider-helpers` feature flag.
35#[cfg(feature = "provider-helpers")]
36pub mod provider_helpers;