secured 0.4.0

A lightweight, easy-to-use Rust package for file encryption and decryption, suitable for both CLI and library integration in Rust applications.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

# secured

Secured is a versatile Rust package that provides robust encryption and decryption capabilities. It can be seamlessly integrated as a library in other Rust applications or used as a standalone command-line interface (CLI) tool.

> [!WARNING]
> This crate is under development and APIs are rapidly changing (including this README!). Make sure to lock to a specific crate version to avoid updates.

## Features

- **Encryption and Decryption**: Easily encrypt and decrypt files with password, using [the `ChaCha20` and `Poly1305` algorithms combined](cipher/README.md).
- **Cli & Library**: Use as a standalone CLI tool or integrate as a library in your Rust applications.

## Installation

To use **secured** as a CLI tool or integrate it into your Rust project, ensure you have Rust installed, then:

### As a CLI tool

```sh
cargo install secured
```

### As a Library

```sh
cargo add secured
```

## Usage

### As a CLI Tool

Secured is straightforward to use from the command line. Here are the basic commands:

1. **Encryption**

   ```sh
   secured encrypt <FILE> [PASSWORD]
   ```

   Encrypts the specified `<FILE>`. An optional `[PASSWORD]` can be passed directly to the command.

2. **Decryption**
   ```sh
   secured decrypt <FILE> [PASSWORD]
   ```
   Decrypts the specified `<FILE>`. An optional `[PASSWORD]` can be passed directly to the command. Obviously, the password must be the same used during encryption.

### As a Library

To use Secured as a library in your Rust application, simply import the package and utilize its encryption and decryption functions as per your requirements.

```rust
use secured::enclave::Enclave;
use secured::cipher::Key;

fn main() {
   // Key generation (32bytes for the key, 16 bytes for salt)
   let key = Key::<32, 16>::new(b"my password", 900_000); // 900K rounds

   // Leave some readable metadata (but signed!)
   let metadata = b"some metadata".to_vec();

   // Using Enclave for data encapsulation (&str metadata, 8-byte nonce)
   let enclave =
      Enclave::from_plain_bytes(metadata, key.pubk, b"Some bytes to encrypt".to_vec())
         .unwrap();

   // Get encrypted bytes (ciphertext)
   println!("Encrypted bytes: {:?}", enclave.encrypted_bytes);

   // Decrypt Enclave
   let decrypted_bytes = enclave.decrypt(key.pubk).unwrap();

   assert_eq!(decrypted_bytes, b"Some bytes to encrypt");
}
```

See [package documentation](https://docs.rs/secured/0.3.0/) for more information

## Contributing

Contributions are welcome! Feel free to open issues or submit pull requests.

## License

Secured is distributed under the MIT License. See `LICENSE` for more information.