secured 0.4.0

A lightweight, easy-to-use Rust package for file encryption and decryption, suitable for both CLI and library integration in Rust applications.
Documentation

secured

Secured is a versatile Rust package that provides robust encryption and decryption capabilities. It can be seamlessly integrated as a library in other Rust applications or used as a standalone command-line interface (CLI) tool.

[!WARNING] This crate is under development and APIs are rapidly changing (including this README!). Make sure to lock to a specific crate version to avoid updates.

Features

  • Encryption and Decryption: Easily encrypt and decrypt files with password, using the ChaCha20 and Poly1305 algorithms combined.
  • Cli & Library: Use as a standalone CLI tool or integrate as a library in your Rust applications.

Installation

To use secured as a CLI tool or integrate it into your Rust project, ensure you have Rust installed, then:

As a CLI tool

cargo install secured

As a Library

cargo add secured

Usage

As a CLI Tool

Secured is straightforward to use from the command line. Here are the basic commands:

  1. Encryption

    secured encrypt <FILE> [PASSWORD]

    Encrypts the specified <FILE>. An optional [PASSWORD] can be passed directly to the command.

  2. Decryption

    secured decrypt <FILE> [PASSWORD]

    Decrypts the specified <FILE>. An optional [PASSWORD] can be passed directly to the command. Obviously, the password must be the same used during encryption.

As a Library

To use Secured as a library in your Rust application, simply import the package and utilize its encryption and decryption functions as per your requirements.

use secured::enclave::Enclave;
use secured::cipher::Key;

fn main() {
   // Key generation (32bytes for the key, 16 bytes for salt)
   let key = Key::<32, 16>::new(b"my password", 900_000); // 900K rounds

   // Leave some readable metadata (but signed!)
   let metadata = b"some metadata".to_vec();

   // Using Enclave for data encapsulation (&str metadata, 8-byte nonce)
   let enclave =
      Enclave::from_plain_bytes(metadata, key.pubk, b"Some bytes to encrypt".to_vec())
         .unwrap();

   // Get encrypted bytes (ciphertext)
   println!("Encrypted bytes: {:?}", enclave.encrypted_bytes);

   // Decrypt Enclave
   let decrypted_bytes = enclave.decrypt(key.pubk).unwrap();

   assert_eq!(decrypted_bytes, b"Some bytes to encrypt");
}

See package documentation for more information

Contributing

Contributions are welcome! Feel free to open issues or submit pull requests.

License

Secured is distributed under the MIT License. See LICENSE for more information.