[−][src]Struct devolutions_crypto::DcDataBlob
Data structure containing cryptographic information. It is made to be used as a black box
for misuse resistance. It implements TryFrom<&[u8]
and Into<Vec<u8>>
to be serialized
and parsed into raw bytes for use with other language and to send over a channel.
If the channel does not support raw byte, the data can be encoded easily using base64.
Methods
impl DcDataBlob
[src]
pub fn encrypt(
data: &[u8],
key: &[u8],
version: Option<u16>
) -> Result<DcDataBlob, DevoCryptoError>
[src]
data: &[u8],
key: &[u8],
version: Option<u16>
) -> Result<DcDataBlob, DevoCryptoError>
Creates an encrypted data blob from cleartext data and a key.
Arguments
data
- Data to encrypt.key
- Key to use. Can be of arbitrary size.version
- Version of the library to encrypt with. Use 0 for default.
Returns
Returns a DcDataBlob
containing the encrypted data.
Example
use devolutions_crypto::DcDataBlob; let data = b"somesecretdata"; let key = b"somesecretkey"; let encrypted_data = DcDataBlob::encrypt(data, key, None).unwrap();
pub fn decrypt(&self, key: &[u8]) -> Result<Vec<u8>, DevoCryptoError>
[src]
Decrypt the data blob using a key.
Arguments
key
- Key to use. Can be of arbitrary size.
Returns
Returns the decrypted data.
Example
use devolutions_crypto::DcDataBlob; let data = b"somesecretdata"; let key = b"somesecretkey"; let encrypted_data = DcDataBlob::encrypt(data, key, None).unwrap(); let decrypted_data = encrypted_data.decrypt(key).unwrap(); assert_eq!(data.to_vec(), decrypted_data);
pub fn hash_password(
password: &[u8],
iterations: u32
) -> Result<DcDataBlob, DevoCryptoError>
[src]
password: &[u8],
iterations: u32
) -> Result<DcDataBlob, DevoCryptoError>
Creates a data blob containing a password hash.
Arguments
password
- The password to hash.iterations
- The number of iterations of the password hash. A higher number is slower but harder to brute-force. The recommended is 10000, but the number can be set by the user.
Returns
Returns a DcDataBlob
containing the hashed password.
Example
use devolutions_crypto::DcDataBlob; let password = b"somesuperstrongpa$$w0rd!"; let hashed_password = DcDataBlob::hash_password(password, 10000);
pub fn verify_password(&self, password: &[u8]) -> Result<bool, DevoCryptoError>
[src]
Verify if the blob matches with the specified password. Should execute in constant time.
Arguments
password
- Password to verify.
Returns
Returns true if the password matches and false if it doesn't.
Example
use devolutions_crypto::DcDataBlob; let password = b"somesuperstrongpa$$w0rd!"; let hashed_password = DcDataBlob::hash_password(password, 10000).unwrap(); assert!(hashed_password.verify_password(b"somesuperstrongpa$$w0rd!").unwrap()); assert!(!hashed_password.verify_password(b"someweakpa$$w0rd!").unwrap());
pub fn generate_key_exchange(
) -> Result<(DcDataBlob, DcDataBlob), DevoCryptoError>
[src]
) -> Result<(DcDataBlob, DcDataBlob), DevoCryptoError>
Generates a key pair to use in a key exchange. See mix_key_exchange
for a complete usage.
Returns
Returns, in order, the private key and the public key in a DcDataBlob
.
Example
use devolutions_crypto::DcDataBlob; let (private, public) = DcDataBlob::generate_key_exchange().unwrap();
pub fn mix_key_exchange(
self,
public: DcDataBlob
) -> Result<Vec<u8>, DevoCryptoError>
[src]
self,
public: DcDataBlob
) -> Result<Vec<u8>, DevoCryptoError>
Mix a private key with another client public key to get a shared secret.
Arguments
self
- The user's private key obtained throughgenerate_key_exchange
.public
- The peer public key.
Returns
Returns a shared secret in the form of a Vec<u8>
, which can then be used
as an encryption key between the two peers.
Example
use std::convert::TryFrom as _; use devolutions_crypto::DcDataBlob; // This happens on Bob's side. let (bob_priv, bob_pub) = DcDataBlob::generate_key_exchange().unwrap(); let bob_serialized_pub: Vec<u8> = bob_pub.into(); send_key_to_alice(&bob_serialized_pub); // This happens on Alice's side. let (alice_priv, alice_pub) = DcDataBlob::generate_key_exchange().unwrap(); let alice_serialized_pub: Vec<u8> = alice_pub.into(); send_key_to_bob(&alice_serialized_pub); // Bob can now generate the shared secret. let alice_received_serialized_pub = receive_key_from_alice(); let alice_received_pub = DcDataBlob::try_from(alice_received_serialized_pub.as_slice()).unwrap(); let bob_shared = bob_priv.mix_key_exchange(alice_received_pub).unwrap(); // Alice can now generate the shared secret let bob_received_serialized_pub = receive_key_from_bob(); let bob_received_pub = DcDataBlob::try_from(bob_received_serialized_pub.as_slice()).unwrap(); let alice_shared = alice_priv.mix_key_exchange(bob_received_pub).unwrap(); // They now have a shared secret! assert_eq!(bob_shared, alice_shared);
Trait Implementations
impl From<DcDataBlob> for Vec<u8>
[src]
fn from(blob: DcDataBlob) -> Vec<u8>
[src]
Serialize the structure into a Vec<u8>
, for storage, transmission or use in another language.
impl<'_> TryFrom<&'_ [u8]> for DcDataBlob
[src]
type Error = DevoCryptoError
The type returned in the event of a conversion error.
fn try_from(data: &[u8]) -> Result<DcDataBlob, DevoCryptoError>
[src]
Parses the data. Can return an Error of the data is invalid or unrecognized.
Auto Trait Implementations
impl Send for DcDataBlob
impl Sync for DcDataBlob
impl Unpin for DcDataBlob
impl UnwindSafe for DcDataBlob
impl RefUnwindSafe for DcDataBlob
Blanket Implementations
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = !
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,