typhoon/certificate/mod.rs
1//! Certificate I/O helpers: generate, persist, and load TYPHOON key material.
2//!
3//! # Binary file format
4//!
5//! Every file produced by this module begins with a 10-byte header:
6//!
7//! | Offset | Size | Value | Description |
8//! |--------|------|------------|-------------|
9//! | 0 | 7 | `TYPHOON` | Magic bytes |
10//! | 7 | 1 | `S` or `C` | Record type: server key pair or client certificate |
11//! | 8 | 1 | `F` or `U` | Cipher mode: fast (`F`) or full (`U`) |
12//! | 9 | 1 | `1` | Format version (currently always 1) |
13//!
14//! The payload following the header depends on record type and cipher mode; see
15//! [`ServerKeyPair::save`] and [`ClientCertificate::save`] for exact field tables.
16
17#[cfg(all(test, feature = "server"))]
18#[path = "../../tests/certificate/mod.rs"]
19mod tests;
20
21mod client;
22#[cfg(feature = "server")]
23mod server;
24mod utils;
25
26use cfg_if::cfg_if;
27pub use client::ClientCertificate;
28cfg_if! {
29 if #[cfg(feature = "server")] {
30 pub use server::ServerKeyPair;
31 pub(crate) use server::ServerSecret;
32 }
33}
34pub(crate) use utils::ObfuscationBufferContainer;
35pub use utils::{CertificateError, ED25519_BYTES, EPK_BYTES, ESK_BYTES, X25519_BYTES};