[−][src]Crate saltlick
A library for encrypting and decrypting file streams using libsodium.
This library provides a Rust implementation of the saltlick binary file format, which is itself a format for encrypting and decrypting files using strong elliptic curve cryptography. See the saltlick spec for details about the motivation and implementation of the file format itself.
Both low-level and high-level APIs are provided. The low-level API requires
manually pushing chunks of data into an encrypter and receiving ciphertext,
or pulling plaintext from a decrypter that is fed chunks of ciphertext. The
current high-level API implements Rust's Read
and Write
traits to
provide a simple to use way to read and write files.
Usage
First, add this to your Cargo.toml:
[dependencies]
saltlick = "0.1"
Next:
use std::error::Error; use std::fs::File; use std::io::{self, Cursor, Read, Write}; use saltlick::{DecryptingReader, EncryptingWriter, SaltlickError}; fn main() -> Result<(), Box<dyn Error>> { // Generate a new public/secret keypair let (public, secret) = saltlick::gen_keypair(); // Writing data to a stream let writer = Vec::new(); let mut stream = EncryptingWriter::new(public.clone(), writer); stream.write_all(b"I have a secret for you")?; let ciphertext = stream.finalize()?; // Reading data back from stream let reader = Cursor::new(ciphertext); let mut stream = DecryptingReader::new(public.clone(), secret.clone(), reader); let mut output = String::new(); stream.read_to_string(&mut output)?; assert_eq!("I have a secret for you", output); // Save public and private keys as PEM format let public_pem = public.to_pem(); let secret_pem = secret.to_pem(); Ok(()) }
Generating Keys
In addition to generating keys programmatically, it is possible to generate compliant key files with OpenSSL 1.1.0 or newer:
openssl genpkey -algorithm x25519 > secret.pem
openssl pkey -in secret.key -pubout > public.pem
Modules
crypter | Low-level API for push/pull implementations of crypto format. |
Structs
DecryptingReader | Wraps an underlying reader with decryption using the saltlick format. |
EncryptingWriter | Wraps an underlying writer with encryption using the saltlick format. |
PublicKey | Wrapper over libsodium-provided public key type. |
SecretKey | Wrapper over libsodium-provided secret key type. |
Enums
SaltlickError | Saltlick errors |
Version | Supported Saltlick file format version. |
Constants
PUBLICKEYBYTES | Number of bytes in a |
SECRETKEYBYTES | Number of bytes in a |
Functions
gen_keypair | Create a new saltlick keypair. |