[][src]Crate saltlick

A library for encrypting and decrypting file streams using libsodium.

This library provides a Rust implementation of the saltlick binary file format, which is itself a format for encrypting and decrypting files using strong elliptic curve cryptography. See the saltlick spec for details about the motivation and implementation of the file format itself.

Both low-level and high-level APIs are provided. The low-level API requires manually updating an encrypter with chunks of plaintext and receiving ciphertext, or updating a decrypter with chunks of ciphertext and receiving plaintext. High-level APIs are provided for Rust's Read, BufRead, and Write traits.

Usage

First, add this to your Cargo.toml:

[dependencies]
saltlick = "0.4"

Next:

use saltlick::{
    read::SaltlickDecrypter,
    write::SaltlickEncrypter,
    SaltlickError,
};
use std::{
    error::Error,
    fs::File,
    io::{self, Cursor, Read, Write},
};

fn main() -> Result<(), Box<dyn Error>> {
    // Generate a new public/secret keypair
    let (public, secret) = saltlick::gen_keypair();

    // Writing data to a stream
    let writer = Vec::new();
    let mut stream = SaltlickEncrypter::new(public.clone(), writer);
    stream.write_all(b"I have a secret for you")?;
    let ciphertext = stream.finalize()?;

    // Reading data back from stream
    let reader = Cursor::new(ciphertext);
    let mut stream = SaltlickDecrypter::new(public.clone(), secret.clone(), reader);
    let mut output = String::new();
    stream.read_to_string(&mut output)?;
    assert_eq!("I have a secret for you", output);

    // Save public and private keys as PEM format
    let public_pem = public.to_pem();
    let secret_pem = secret.to_pem();

    Ok(())
}

Generating Keys

In addition to generating keys programmatically, it is possible to generate compliant key files with OpenSSL 1.1.0 or newer:

openssl genpkey -algorithm x25519 > secret.pem
openssl pkey -in secret.pem -pubout > public.pem

Modules

bufread

Wrapper types over BufRead objects.

crypter

Low-level API for saltlick stream operations.

read

Wrapper types over Read objects.

streamfeature="io-async"

Wrapper types over Stream objects.

write

Wrapper types over Write objects.

Structs

PublicKey

Wrapper over libsodium-provided public key type.

SecretKey

Wrapper over libsodium-provided secret key type.

Enums

SaltlickError

Saltlick errors.

SaltlickKeyIoError

Errors when loading keys directly from a file.

Version

Supported Saltlick file format version.

Constants

PUBLICKEYBYTES

Number of bytes in a PublicKey.

SECRETKEYBYTES

Number of bytes in a SecretKey.

Functions

gen_keypair

Create a new saltlick keypair.