Expand description

The purpose of this module is to afford the user that already has public key infrastructure on their hosts 1 the ability to perform authentication with TLS certificates (more specifically using rustls) using those pre-distributed public keys alone. The Public keys are hence deemed pre-shared.

This module hence helps with the creation of rustls Client and Server verifiers which expect the certificate they verify to be a self-signed certificate, signed by an expected public key in the form of an X509 SubjectPublicKeyInfo element.

In certgen, We also offer a trait Certifiable (and convenience implementation) that closes the loop: it can convert a key pair into a valid self-signed certificate, and a public key of the same format into some X509 SubjectPublicKeyInfo.


  1. i.e. each host knows the public keys of all the other hosts 

Re-exports

pub use rustls;

Modules

Structs

The self-referencing struct.

Traits

A trait that offers the key conversions necessary for generating and verifying self-signed certificates matching an expected key