[][src]Crate age

Library for encrypting and decryping age messages

age is a simple, secure, and modern encryption tool with small explicit keys, no config options, and UNIX-style composability.

The age specification is available in a Google Doc here: A simple file encryption tool & format.

Caution: all crate versions prior to 1.0 are beta releases for testing purposes only.

Examples

Key-based encryption

use std::io::{Read, Write};

let key = age::SecretKey::generate();
let pubkey = key.to_public();

let plaintext = b"Hello world!";

// Encrypt the plaintext to a ciphertext...
let encrypted = {
    let encryptor = age::Encryptor::Keys(vec![pubkey]);

    let mut encrypted = vec![];
    let mut writer = encryptor.wrap_output(&mut encrypted, age::Format::Binary)?;
    writer.write_all(plaintext)?;
    writer.finish()?;

    encrypted
};

// ... and decrypt the obtained ciphertext to the plaintext again.
let decrypted = {
    let decryptor = age::Decryptor::with_identities(vec![key.into()]);

    let mut decrypted = vec![];
    let mut reader = decryptor.trial_decrypt(&encrypted[..])?;
    reader.read_to_end(&mut decrypted);

    decrypted
};

assert_eq!(decrypted, plaintext);

Passphrase-based encryption

use secrecy::Secret;
use std::io::{Read, Write};

let plaintext = b"Hello world!";
let passphrase = "this is not a good passphrase";

// Encrypt the plaintext to a ciphertext using the passphrase...
let encrypted = {
    let encryptor = age::Encryptor::Passphrase(Secret::new(passphrase.to_owned()));

    let mut encrypted = vec![];
    let mut writer = encryptor.wrap_output(&mut encrypted, age::Format::Binary)?;
    writer.write_all(plaintext)?;
    writer.finish()?;

    encrypted
};

// ... and decrypt the ciphertext to the plaintext again using the same passphrase.
let decrypted = {
    let decryptor = age::Decryptor::with_passphrase(Secret::new(passphrase.to_owned()));

    let mut decrypted = vec![];
    let mut reader = decryptor.trial_decrypt(&encrypted[..])?;
    reader.read_to_end(&mut decrypted);

    decrypted
};

assert_eq!(decrypted, plaintext);

Re-exports

pub use keys::SecretKey;

Modules

keys

Key structs and serialization.

Structs

StreamReader

Provides access to a decrypted age message.

Enums

Decryptor

Handles the various types of age decryption.

Encryptor

Handles the various types of age encryption.

Error

The various errors that can be returned during the decryption process.

Format

Format of output

Traits

Callbacks

Callbacks that might be triggered during decryption.