Expand description
The purpose of this module is to afford the user that already has public key infrastructure on their hosts 1 the ability to perform authentication with TLS certificates (more specifically using rustls) using those pre-distributed public keys alone. The Public keys are hence deemed pre-shared.
This module hence helps with the creation of rustls Client and Server verifiers which expect the certificate they verify to be a self-signed certificate, signed by an expected public key in the form of an X509 SubjectPublicKeyInfo element.
In certgen, We also offer a trait Certifiable
(and convenience implementation) that closes the loop: it can convert a key pair into a valid self-signed certificate,
and a public key of the same format into some X509 SubjectPublicKeyInfo.
i.e. each host knows the public keys of all the other hosts ↩
Re-exports
pub use rustls;
Modules
Structs
The self-referencing struct.
Traits
A trait that offers the key conversions necessary for generating and verifying self-signed certificates matching an expected key