Crate askrypt

Crate askrypt 

Source
Expand description

§Askrypt - Secure Password Manager Library

Askrypt is a library for creating and managing encrypted password vaults using a question-and-answer based authentication system.

§Overview

The library implements a multi-layered encryption scheme where:

  • The first answer encrypts additional questions
  • Remaining answers encrypt the master key
  • The master key encrypts your actual secret data

§Quick Start Example

use askrypt::{AskryptFile, SecretEntry};

// Define your security questions
let questions = vec![
    "What is your mother's maiden name?".to_string(),
    "What was your first pet's name?".to_string(),
    "What city were you born in?".to_string(),
];

// Provide answers
let answers = vec![
    "Smith".to_string(),
    "Fluffy".to_string(),
    "New York".to_string(),
];

// Create secret entries to store
let secrets = vec![
    SecretEntry {
        name: "Gmail".to_string(),
        user_name: "user2".to_string(),
        secret: "my_super_secret_password".to_string(),
        url: "https://gmail.com".to_string(),
        notes: "Personal email account".to_string(),
        entry_type: "password".to_string(),
        tags: vec!["email".to_string(), "personal".to_string()],
        created: 1704067200,
        modified: 1704067200,
    }
];

// Create the encrypted file
let askrypt_file = AskryptFile::create(
    questions,
    answers.clone(),
    secrets.clone(),
    Some(5000),
).unwrap();

// Save to disk
askrypt_file.save_to_file("my_vault.askrypt").unwrap();

// Later, load and decrypt
let loaded = AskryptFile::load_from_file("my_vault.askrypt").unwrap();
let question_data = loaded.get_questions_data("Smith".into()).unwrap();
let decrypted_secrets = loaded.decrypt(&question_data, answers[1..].into()).unwrap();

assert_eq!(decrypted_secrets, secrets);

Structs§

AskryptFile
Main Askrypt file structure in JSON format
KdfParams
Represents KDF parameters for the first level (key derivation function, iterations, and salt)
MasterData
Represents the encrypted master key and IV
QuestionsData
Represents the encrypted questions and second-level KDF parameters
SecretEntry
Represents a user’s secret entry (password, note, etc.)

Functions§

calc_pbkdf2
Calculate PBKDF2 key derivation from secret and salt
decode_base64
Decode base64 string to bytes
decrypt_from_base64
Decrypt base64-encoded encrypted data
decrypt_with_aes
Decrypt a message using AES-256-CBC with a custom IV
encode_base64
Encode bytes to base64 string
encrypt_to_base64
Encrypt data to base64-encoded string
encrypt_with_aes
Encrypt a message using AES-256-CBC with a custom IV
generate_salt
Generate a random salt of specified length
normalize_answer
Normalize an answer by removing all whitespace and converting to lowercase
sha256
Hash a str using SHA256 + salt