Module dryoc::classic::crypto_secretstream_xchacha20poly1305

Secret stream functions

Implements authenticated encrypted streams as per https://libsodium.gitbook.io/doc/secret-key_cryptography/secretstream.

This API is compatible with libsodium’s implementation.

Classic API example

use dryoc::classic::crypto_secretstream_xchacha20poly1305::*;
use dryoc::constants::{
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES,
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL,
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE,
};
let message1 = b"Arbitrary data to encrypt";
let message2 = b"split into";
let message3 = b"three messages";

// Generate a key
let mut key = Key::default();
crypto_secretstream_xchacha20poly1305_keygen(&mut key);

// Create stream push state
let mut state = State::new();
let mut header = Header::default();
crypto_secretstream_xchacha20poly1305_init_push(&mut state, &mut header, &key);

let (mut c1, mut c2, mut c3) = (
    vec![0u8; message1.len() + CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES],
    vec![0u8; message2.len() + CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES],
    vec![0u8; message3.len() + CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES],
);
// Encrypt a series of messages
crypto_secretstream_xchacha20poly1305_push(
    &mut state,
    &mut c1,
    message1,
    None,
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE,
)
.expect("Encrypt failed");
crypto_secretstream_xchacha20poly1305_push(
    &mut state,
    &mut c2,
    message2,
    None,
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE,
)
.expect("Encrypt failed");
crypto_secretstream_xchacha20poly1305_push(
    &mut state,
    &mut c3,
    message3,
    None,
    CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL,
)
.expect("Encrypt failed");

// Create stream pull state, using the same key as above with a new state.
let mut state = State::new();
crypto_secretstream_xchacha20poly1305_init_pull(&mut state, &header, &key);

let (mut m1, mut m2, mut m3) = (
    vec![0u8; message1.len()],
    vec![0u8; message2.len()],
    vec![0u8; message3.len()],
);
let (mut tag1, mut tag2, mut tag3) = (0u8, 0u8, 0u8);

// Decrypt the stream of messages
crypto_secretstream_xchacha20poly1305_pull(&mut state, &mut m1, &mut tag1, &c1, None)
    .expect("Decrypt failed");
crypto_secretstream_xchacha20poly1305_pull(&mut state, &mut m2, &mut tag2, &c2, None)
    .expect("Decrypt failed");
crypto_secretstream_xchacha20poly1305_pull(&mut state, &mut m3, &mut tag3, &c3, None)
    .expect("Decrypt failed");

assert_eq!(message1, m1.as_slice());
assert_eq!(message2, m2.as_slice());
assert_eq!(message3, m3.as_slice());

assert_eq!(tag1, CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE);
assert_eq!(tag2, CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_MESSAGE);
assert_eq!(tag3, CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_TAG_FINAL);

Structs

State

Stream state data

Functions

crypto_secretstream_xchacha20poly1305_init_pull	Initializes a pull stream from header into state using key and returns a stream header. The stream header can be generated using crypto_secretstream_xchacha20poly1305_init_push.
crypto_secretstream_xchacha20poly1305_init_push	Initializes a push stream into state using key and returns a stream header. The stream header can be used to initialize a pull stream using the same key (i.e., using crypto_secretstream_xchacha20poly1305_init_pull).
crypto_secretstream_xchacha20poly1305_keygen	Generates a random stream key using crate::rng::copy_randombytes.
crypto_secretstream_xchacha20poly1305_pull	Decrypts ciphertext from the stream for state with optional additional_data, placing the result into message (which must be manually resized) and tag. Returns the length of the message.
crypto_secretstream_xchacha20poly1305_push	Encrypts message from the stream for state, with tag and optional associated_data, placing the result into ciphertext.
crypto_secretstream_xchacha20poly1305_rekey	Manually rekeys a stream.

Type Definitions

Header	Container for stream header data
Key	A secret for authenticated secret streams.
Nonce	A nonce for authenticated secret streams.