Expand description
Encryption engine for pages export.
Implements envelope encryption with:
- Argon2id key derivation for passwords
- HKDF-SHA256 for recovery secrets
- AES-256-GCM authenticated encryption
- Streaming encryption for large files
- Multiple key slots (like LUKS)
Structs§
- Argon2
Params - Argon2 parameters for config.json
- Decryption
Engine - Decryption engine
- Encryption
Config - Full config.json structure
- Encryption
Engine - Encryption engine for pages export
- KeySlot
- Key slot in config.json
- Payload
Meta - Payload metadata in config.json
- Secret
Key - Secret key material that zeros on drop
Enums§
- KdfAlgorithm
- KDF algorithm identifier
- Slot
Type - Key slot type
Constants§
- DEFAULT_
CHUNK_ SIZE - Default chunk size for streaming encryption (8 MiB)
- MAX_
CHUNK_ SIZE - Maximum chunk size (32 MiB)
Functions§
- load_
config - Load encryption config from directory