crabgraph 0.3.3

A safe, ergonomic, high-performance cryptographic library for Rust built on audited primitives
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292

//! Example: Streaming Encryption for Large Files
//!
//! This example demonstrates how to use CrabGraph's streaming AEAD encryption
//! to encrypt and decrypt large files chunk-by-chunk, avoiding loading the
//! entire file into memory.
//!
//! The streaming encryption uses the STREAM construction (RFC: Online Authenticated-Encryption)
//! which provides nonce-reuse resistance and independent authentication per chunk.

use crabgraph::{
    aead::stream::{
        Aes256GcmStreamDecryptor, Aes256GcmStreamEncryptor, ChaCha20Poly1305StreamDecryptor,
        ChaCha20Poly1305StreamEncryptor,
    },
    rand::secure_bytes,
    CrabResult,
};

/// Example 1: Basic streaming encryption with AES-256-GCM
fn basic_aes_gcm_streaming() -> CrabResult<()> {
    println!("=== Example 1: Basic AES-256-GCM Streaming ===\n");

    // Generate a 32-byte key for AES-256-GCM
    let key = secure_bytes(32)?;
    println!("Generated 32-byte key");

    // Create stream encryptor (auto-generates 7-byte nonce)
    let mut encryptor = Aes256GcmStreamEncryptor::new(&key)?;
    let nonce = encryptor.nonce().to_vec(); // Save nonce for decryption
    println!("Created encryptor with nonce: {} bytes", nonce.len());

    // Encrypt multiple chunks
    let chunks = vec![
        b"First chunk of data...".to_vec(),
        b"Second chunk of data...".to_vec(),
        b"Third chunk of data...".to_vec(),
        b"Final chunk!".to_vec(),
    ];

    println!("\nEncrypting {} chunks:", chunks.len());
    let mut encrypted_chunks = Vec::new();

    // Encrypt all but the last chunk with encrypt_next()
    for (i, chunk) in chunks[..chunks.len() - 1].iter().enumerate() {
        let encrypted = encryptor.encrypt_next(chunk)?;
        println!("  Chunk {}: {} bytes -> {} bytes", i + 1, chunk.len(), encrypted.len());
        encrypted_chunks.push(encrypted);
    }

    // Encrypt the last chunk with encrypt_last() (consumes encryptor)
    let last_chunk = &chunks[chunks.len() - 1];
    let encrypted_last = encryptor.encrypt_last(last_chunk)?;
    println!(
        "  Chunk {} (final): {} bytes -> {} bytes",
        chunks.len(),
        last_chunk.len(),
        encrypted_last.len()
    );
    encrypted_chunks.push(encrypted_last);

    // Decrypt using saved nonce
    println!("\nDecrypting {} chunks:", encrypted_chunks.len());
    let mut decryptor = Aes256GcmStreamDecryptor::from_nonce(&key, &nonce)?;

    let mut decrypted_chunks = Vec::new();

    // Decrypt all but the last chunk with decrypt_next()
    for (i, encrypted) in encrypted_chunks[..encrypted_chunks.len() - 1].iter().enumerate() {
        let decrypted = decryptor.decrypt_next(encrypted)?;
        println!("  Chunk {}: {} bytes -> {} bytes", i + 1, encrypted.len(), decrypted.len());
        decrypted_chunks.push(decrypted);
    }

    // Decrypt the last chunk with decrypt_last() (consumes decryptor)
    let last_encrypted = &encrypted_chunks[encrypted_chunks.len() - 1];
    let decrypted_last = decryptor.decrypt_last(last_encrypted)?;
    println!(
        "  Chunk {} (final): {} bytes -> {} bytes",
        encrypted_chunks.len(),
        last_encrypted.len(),
        decrypted_last.len()
    );
    decrypted_chunks.push(decrypted_last);

    // Verify roundtrip
    assert_eq!(decrypted_chunks, chunks);
    println!("\n✓ Roundtrip successful! All chunks match.");

    Ok(())
}

/// Example 2: Streaming encryption with ChaCha20-Poly1305
fn chacha20poly1305_streaming() -> CrabResult<()> {
    println!("\n=== Example 2: ChaCha20-Poly1305 Streaming ===\n");

    // Generate a 32-byte key for ChaCha20-Poly1305
    let key = secure_bytes(32)?;
    println!("Generated 32-byte key");

    // Create stream encryptor
    let mut encryptor = ChaCha20Poly1305StreamEncryptor::new(&key)?;
    let nonce = encryptor.nonce().to_vec();
    println!("Created ChaCha20-Poly1305 encryptor");

    // Simulate large file by encrypting multiple chunks
    let data = b"This is a simulated large file that we're processing chunk by chunk.";
    let chunk_size = 20; // Small chunk size for demonstration

    println!("\nEncrypting data in {}-byte chunks:", chunk_size);
    let mut encrypted_chunks = Vec::new();
    let chunks: Vec<&[u8]> = data.chunks(chunk_size).collect();

    // Encrypt all but the last chunk
    for (i, chunk) in chunks[..chunks.len() - 1].iter().enumerate() {
        let encrypted = encryptor.encrypt_next(chunk)?;
        println!("  Chunk {}: {} bytes", i + 1, chunk.len());
        encrypted_chunks.push(encrypted);
    }

    // Encrypt the last chunk (consumes encryptor)
    let last_chunk = chunks[chunks.len() - 1];
    let encrypted_last = encryptor.encrypt_last(last_chunk)?;
    println!("  Chunk {} (final): {} bytes", chunks.len(), last_chunk.len());
    encrypted_chunks.push(encrypted_last);

    // Decrypt
    println!("\nDecrypting {} chunks:", encrypted_chunks.len());
    let mut decryptor = ChaCha20Poly1305StreamDecryptor::from_nonce(&key, &nonce)?;

    let mut decrypted_data = Vec::new();

    // Decrypt all but the last chunk
    for (i, encrypted) in encrypted_chunks[..encrypted_chunks.len() - 1].iter().enumerate() {
        let decrypted = decryptor.decrypt_next(encrypted)?;
        println!("  Chunk {}: {} bytes", i + 1, encrypted.len());
        decrypted_data.extend_from_slice(&decrypted);
    }

    // Decrypt the last chunk (consumes decryptor)
    let last_encrypted = &encrypted_chunks[encrypted_chunks.len() - 1];
    let decrypted_last = decryptor.decrypt_last(last_encrypted)?;
    println!("  Chunk {} (final): {} bytes", encrypted_chunks.len(), last_encrypted.len());
    decrypted_data.extend_from_slice(&decrypted_last);

    // Verify roundtrip
    assert_eq!(decrypted_data, data);
    println!("\n✓ Roundtrip successful! Original data restored.");

    Ok(())
}

/// Example 3: Simulating file encryption with metadata
fn file_encryption_simulation() -> CrabResult<()> {
    println!("\n=== Example 3: File Encryption Simulation ===\n");

    // Generate key
    let key = secure_bytes(32)?;

    // Create encryptor
    let mut encryptor = Aes256GcmStreamEncryptor::new(&key)?;
    let nonce = encryptor.nonce().to_vec();

    // Simulate file metadata
    let filename = "secret_document.txt";
    let file_data = b"This is the content of the secret document.\n\
                      It contains multiple lines of sensitive information.\n\
                      We're encrypting it chunk by chunk for efficiency.";

    println!("Encrypting file: {}", filename);
    println!("File size: {} bytes", file_data.len());
    println!("Nonce: {} bytes", nonce.len());

    // In a real application, you would:
    // 1. Save the nonce to a header or separate file
    // 2. Stream chunks from disk instead of loading entire file

    const CHUNK_SIZE: usize = 64 * 1024; // 64 KB (default)

    println!("\nProcessing in {}-byte chunks:", CHUNK_SIZE);
    let mut encrypted_chunks = Vec::new();
    let chunks: Vec<&[u8]> = file_data.chunks(CHUNK_SIZE).collect();

    // Encrypt all but the last chunk
    for (i, chunk) in chunks[..chunks.len() - 1].iter().enumerate() {
        let encrypted = encryptor.encrypt_next(chunk)?;
        println!("  Chunk {}: {} bytes", i + 1, chunk.len());
        encrypted_chunks.push(encrypted);
    }

    // Encrypt the last chunk (consumes encryptor)
    let last_chunk = chunks[chunks.len() - 1];
    let encrypted_last = encryptor.encrypt_last(last_chunk)?;
    println!("  Final chunk: {} bytes", last_chunk.len());
    encrypted_chunks.push(encrypted_last);

    let total_encrypted_size: usize = encrypted_chunks.iter().map(|c| c.len()).sum();
    println!("\nTotal encrypted size: {} bytes", total_encrypted_size);
    println!(
        "Overhead: {} bytes ({}%)",
        total_encrypted_size as i32 - file_data.len() as i32,
        ((total_encrypted_size as f64 / file_data.len() as f64 - 1.0) * 100.0) as i32
    );

    // Decrypt
    println!("\nDecrypting file...");
    let mut decryptor = Aes256GcmStreamDecryptor::from_nonce(&key, &nonce)?;

    let mut decrypted_data = Vec::new();

    // Decrypt all but the last chunk
    for encrypted in encrypted_chunks[..encrypted_chunks.len() - 1].iter() {
        let decrypted = decryptor.decrypt_next(encrypted)?;
        decrypted_data.extend_from_slice(&decrypted);
    }

    // Decrypt the last chunk (consumes decryptor)
    let last_encrypted = &encrypted_chunks[encrypted_chunks.len() - 1];
    let decrypted_last = decryptor.decrypt_last(last_encrypted)?;
    decrypted_data.extend_from_slice(&decrypted_last);

    // Verify
    assert_eq!(decrypted_data, file_data);
    println!("✓ File decrypted successfully! Content matches original.");

    Ok(())
}

/// Example 4: Error handling - tampering detection
fn tampering_detection() -> CrabResult<()> {
    println!("\n=== Example 4: Tampering Detection ===\n");

    let key = secure_bytes(32)?;

    // Encrypt data
    let mut encryptor = Aes256GcmStreamEncryptor::new(&key)?;
    let nonce = encryptor.nonce().to_vec();

    let chunk1 = b"Original data chunk 1";
    let chunk2 = b"Original data chunk 2";

    let encrypted1 = encryptor.encrypt_next(chunk1)?;
    let mut encrypted2 = encryptor.encrypt_last(chunk2)?;

    println!("Encrypted 2 chunks");

    // Tamper with the second chunk
    println!("\nTampering with encrypted data...");
    if !encrypted2.is_empty() {
        encrypted2[0] ^= 0xFF; // Flip bits
    }

    // Try to decrypt
    println!("Attempting to decrypt tampered data:");
    let mut decryptor = Aes256GcmStreamDecryptor::from_nonce(&key, &nonce)?;

    // First chunk should decrypt fine
    let decrypted1 = decryptor.decrypt_next(&encrypted1)?;
    assert_eq!(decrypted1, chunk1);
    println!("  Chunk 1: ✓ Decrypted successfully");

    // Second chunk should fail authentication
    match decryptor.decrypt_last(&encrypted2) {
        Ok(_) => {
            println!("  Chunk 2: ✗ ERROR - Tampered data was accepted!");
            panic!("Security failure: tampered data accepted");
        }
        Err(e) => {
            println!("  Chunk 2: ✓ Tampering detected!");
            println!("           Error: {}", e);
        }
    }

    println!("\n✓ Authentication working correctly!");

    Ok(())
}

fn main() -> CrabResult<()> {
    println!("CrabGraph Streaming Encryption Examples\n");
    println!("========================================\n");

    // Run all examples
    basic_aes_gcm_streaming()?;
    chacha20poly1305_streaming()?;
    file_encryption_simulation()?;
    tampering_detection()?;

    println!("\n========================================");
    println!("All examples completed successfully! ✓");

    Ok(())
}