Crate self_encryption [−] [src]

A file content self encryptor

This library will provide convergent encryption on file based data and produce a DataMap type and several chunks of data. Each chunk is max 1Mb in size and has a name. This name is the Sha512 of the content, this allows the chunks to be confirmed. If size and hash checks are utilised, a high degree of certainty in the validity of the data can be expected.

Project github page

Use

To use this lib you must implement a trait with two functions, these are to allow get_chunk and put_chunk from storage. This must be set up by implementing the Storage trait (see below);

The trait can allow chunks to be stored in a key value store, disk, vector (as per example below), or a network based DHT.

Examples

This is a simple setup for a memory based chunk store. A working implementation can be found in the test crate of this project.

extern crate self_encryption;
use std::sync::{Arc, Mutex};

struct Entry {
    name: Vec<u8>,
    data: Vec<u8>
}

struct SimpleStorage {
    entries: Arc<Mutex<Vec<Entry>>>
}

impl SimpleStorage {
    fn new() -> SimpleStorage {
        SimpleStorage { entries: Arc::new(Mutex::new(Vec::new())) }
    }
}

impl self_encryption::Storage for SimpleStorage {
    fn get(&self, name: &[u8]) -> Vec<u8> {
        let lock = self.entries.lock().unwrap();
        for entry in lock.iter() {
            if entry.name == name {
                return entry.data.to_vec();
            }
        }
        vec![]
    }

    fn put(&self, name: Vec<u8>, data: Vec<u8>) {
        let mut lock = self.entries.lock().unwrap();
        lock.push(Entry {
            name: name,
            data: data,
        })
    }
}

Use of this setup would be to implement a self encryptor e.g. let mut se = SelfEncryptor::new(my_storage, datamap::DataMap::None);

Then call write (and read after write)…etc… on the encryptor. The close() method will return a DataMap. This can be passed to create a new encryptor to access the content let data_map = se.close();

This is then used to open the data content in future sessions; e.g. let mut self_encryptor = SelfEncryptor::new(my_storage, data_map); where the data_map is the object returned from the close() call of previous use of this file content via the self_encryptor. Storage of the DataMap is out with the scope of this library and must be implemented by the user.

Structs

ChunkDetails	Struct holds pre and post encryption hashes as well as original chunk size.
SelfEncryptor	This is the encryption object and all file handling should be done using this object as the low level mechanism to read and write content. This library has no knowledge of file metadata. This is a library to ensure content is secured.
Sequencer	Optionally create a sequence of bytes via a vector or memory map.

Enums

DataMap

Holds the information that is required to recover the content of the encrypted file. Depending on the file size, such info can be held as a vector of ChunkDetails, or as raw data.

Constants

MAX_CHUNK_SIZE	MAX_CHUNK_SIZE defined as 1MB.
MAX_MEMORY_MAP_SIZE	MAX_MEMORY_MAP_SIZE defined as 1GB.
MIN_CHUNK_SIZE	MIN_CHUNK_SIZE defined as 1KB.

Traits

Storage

Storage traits of SelfEncryptor. Data stored in Storage is encrypted, name is the SHA512 hash of content. Storage can be in-memory HashMap or disk based